From: stronk7 Date: Sun, 18 May 2003 17:15:05 +0000 (+0000) Subject: added check login, check admin and check site to every page. X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=c563a9a0d19794402fb17d1cb92e8aebab908527;p=moodle.git added check login, check admin and check site to every page. If not, it was possible to execute them...!! --- diff --git a/backup/backup_check.html b/backup/backup_check.html index 2c61f34234..b08cb9b451 100644 --- a/backup/backup_check.html +++ b/backup/backup_check.html @@ -1,6 +1,19 @@ wwwroot/login/index.php"); + } + + //Check site + if (!$site = get_site()) { + error("Site not found!"); + } + //Checks for the required files/functions to backup every mod //And check if there is data about it $count = 0; diff --git a/backup/backup_execute.html b/backup/backup_execute.html index 9e0bc14156..dc9e1323c5 100644 --- a/backup/backup_execute.html +++ b/backup/backup_execute.html @@ -1,6 +1,19 @@ wwwroot/login/index.php"); + } + + //Check site + if (!$site = get_site()) { + error("Site not found!"); + } + //Checks for the required files/functions to backup every mod //And check if there is data about it $count = 0; diff --git a/backup/backup_form.html b/backup/backup_form.html index 7996fdb00a..3ac9c7a6e4 100644 --- a/backup/backup_form.html +++ b/backup/backup_form.html @@ -1,6 +1,19 @@ wwwroot/login/index.php"); + } + + //Check site + if (!$site = get_site()) { + error("Site not found!"); + } + //Checks for the required files/functions to backup every mod //And check if there is data about it $count = 0; diff --git a/backup/restore.php b/backup/restore.php index 9b562d3464..5c0e9fe58f 100644 --- a/backup/restore.php +++ b/backup/restore.php @@ -65,8 +65,8 @@ //Call the form, depending the step we are if (!$launch) { include_once("restore_precheck.html"); - } else if ($launch == "check") { - include_once("backup_check.html"); + } else if ($launch == "form") { + include_once("restore_form.html"); } else if ($launch == "execute") { include_once("backup_execute.html"); } diff --git a/backup/restore_precheck.html b/backup/restore_precheck.html index b16a000e33..35e4e8f96e 100644 --- a/backup/restore_precheck.html +++ b/backup/restore_precheck.html @@ -9,6 +9,19 @@ error ("File not specified"); } + //Check login + require_login(); + + //Check admin + if (!isadmin()) { + error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); + } + + //Check site + if (!$site = get_site()) { + error("Site not found!"); + } + //Prepend dataroot to variable to have the absolute path $file = $CFG->dataroot."/".$file; @@ -93,7 +106,25 @@ } } + //Save course header and info into php session + if ($status) { + $SESSION->info = $info; + $SESSION->course_header = $course_header; + } + + //Finally, a little form to continue + //with some hidden fields + if ($status) { + echo "
"; + $hidden["backup_unique_code"] = $backup_unique_code; + $hidden["launch"] = "form"; + $hidden["file"] = $file; + print_single_button("restore.php", $hidden, get_string("continue"),"post"); + echo "
"; + } + if (!$status) { error ("An error has ocurred"); } + ?>