From bb5b72244a00bc636dafbfd69c91648d8dd29620 Mon Sep 17 00:00:00 2001
From: skodak <skodak>
Date: Fri, 17 Aug 2007 12:49:28 +0000
Subject: [PATCH] MDL-10890 all require_login() in modules reviewed and fixed
 use of $cm

---
 mod/chat/gui_header_js/insert.php | 6 +++++-
 mod/data/import.php               | 2 ++
 mod/data/templates.php            | 2 --
 mod/glossary/editcategories.php   | 2 +-
 mod/glossary/export.php           | 2 +-
 mod/glossary/exportfile.php       | 2 +-
 mod/glossary/import.php           | 2 +-
 mod/hotpot/attempt.php            | 2 +-
 mod/hotpot/report.php             | 2 +-
 mod/hotpot/review.php             | 3 ++-
 mod/hotpot/view.php               | 2 +-
 mod/journal/report.php            | 2 +-
 mod/lams/view.php                 | 2 +-
 mod/lesson/import.php             | 2 +-
 mod/lesson/importppt.php          | 2 +-
 mod/lesson/report.php             | 2 +-
 mod/quiz/comment.php              | 4 ++--
 mod/quiz/report.php               | 2 +-
 mod/survey/download.php           | 2 +-
 mod/survey/report.php             | 2 +-
 20 files changed, 26 insertions(+), 21 deletions(-)

diff --git a/mod/chat/gui_header_js/insert.php b/mod/chat/gui_header_js/insert.php
index 384e410fd3..62f0dc8147 100644
--- a/mod/chat/gui_header_js/insert.php
+++ b/mod/chat/gui_header_js/insert.php
@@ -18,7 +18,11 @@
         error('Could not find the course this belongs to!');
     }
 
-    require_login($course->id);
+    if (!$cm = get_coursemodule_from_instance('chat', $chat->id, $course->id)) {
+        error('Course Module ID was incorrect');
+    }
+    
+    require_login($course->id, false, $cm);
 
     if (isguest()) {
         error('Guest does not have access to chat rooms');
diff --git a/mod/data/import.php b/mod/data/import.php
index eca88aea12..2b5a2fc4c0 100755
--- a/mod/data/import.php
+++ b/mod/data/import.php
@@ -57,6 +57,8 @@
         }
     }
 
+    require_login($course, false, $cm);
+
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     require_capability('mod/data:uploadentries', $context);
 
diff --git a/mod/data/templates.php b/mod/data/templates.php
index fc21c0a9e5..640ff4b6d7 100755
--- a/mod/data/templates.php
+++ b/mod/data/templates.php
@@ -26,8 +26,6 @@
     require_once('lib.php');
     require_once($CFG->libdir.'/blocklib.php');
 
-    require_login();
-
     $id    = optional_param('id', 0, PARAM_INT);  // course module id
     $d     = optional_param('d', 0, PARAM_INT);   // database id
     $mode  = optional_param('mode', 'singletemplate', PARAM_ALPHA);
diff --git a/mod/glossary/editcategories.php b/mod/glossary/editcategories.php
index 6e42ba869a..fad954c5ff 100644
--- a/mod/glossary/editcategories.php
+++ b/mod/glossary/editcategories.php
@@ -39,7 +39,7 @@
         }
     }
 
-    require_login($course->id, false);
+    require_login($course->id, false, $cm);
 
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     require_capability('mod/glossary:managecategories', $context);
diff --git a/mod/glossary/export.php b/mod/glossary/export.php
index 8978492bbe..dee4163739 100644
--- a/mod/glossary/export.php
+++ b/mod/glossary/export.php
@@ -21,7 +21,7 @@
         error("Course module is incorrect");
     }
 
-    require_login($course->id, false);  
+    require_login($course->id, false, $cm);  
     
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     require_capability('mod/glossary:export', $context);
diff --git a/mod/glossary/exportfile.php b/mod/glossary/exportfile.php
index 0854b9ec1d..b88059b5ce 100644
--- a/mod/glossary/exportfile.php
+++ b/mod/glossary/exportfile.php
@@ -23,7 +23,7 @@
         error("Course module is incorrect");
     }
 
-    require_login($course->id, false);
+    require_login($course->id, false, $cm);
     
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     require_capability('mod/glossary:export', $context);
diff --git a/mod/glossary/import.php b/mod/glossary/import.php
index 114d59984e..a93d9bd57b 100644
--- a/mod/glossary/import.php
+++ b/mod/glossary/import.php
@@ -27,7 +27,7 @@
         error("Course module is incorrect");
     }
 
-    require_login($course->id, false);  
+    require_login($course->id, false, $cm);  
     
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     require_capability('mod/glossary:import', $context);
diff --git a/mod/hotpot/attempt.php b/mod/hotpot/attempt.php
index a853ecb39f..50cc54044a 100644
--- a/mod/hotpot/attempt.php
+++ b/mod/hotpot/attempt.php
@@ -22,7 +22,7 @@
     }
 
     // make sure this user is enrolled in this course
-    require_login($course->id);
+    require_login($course, true, $cm);
 
     $next_url = "$CFG->wwwroot/course/view.php?id=$course->id";
     $time = time();
diff --git a/mod/hotpot/report.php b/mod/hotpot/report.php
index 39a602a7cf..681fcfbabc 100644
--- a/mod/hotpot/report.php
+++ b/mod/hotpot/report.php
@@ -38,7 +38,7 @@
     // set homeurl of couse (for error messages)
     $course_homeurl = "$CFG->wwwroot/course/view.php?id=$course->id";
 
-    require_login($course->id);
+    require_login($course, true, $cm);
 
     // get report mode
     if (has_capability('mod/hotpot:viewreport',$modulecontext)) {
diff --git a/mod/hotpot/review.php b/mod/hotpot/review.php
index 57bc10d031..314fd3e9d3 100644
--- a/mod/hotpot/review.php
+++ b/mod/hotpot/review.php
@@ -31,9 +31,10 @@
     if (! $attempt = get_record("hotpot_attempts", "id", $attempt)) {
         error("Attempt ID was incorrect");
     }
+
+    require_login($course, true, $cm);
     
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
-    require_login($course->id);
     if (!has_capability('mod/hotpot:viewreport',$context)) {
         if (!$hotpot->review) {
             error(get_string("noreview", "quiz"));
diff --git a/mod/hotpot/view.php b/mod/hotpot/view.php
index 54d2281959..6957eb2bab 100644
--- a/mod/hotpot/view.php
+++ b/mod/hotpot/view.php
@@ -34,7 +34,7 @@
             }
         
         }
-        require_login($course->id);
+        require_login($course, true, $cm);
         $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     }
     // set nextpage (for error messages)
diff --git a/mod/journal/report.php b/mod/journal/report.php
index a7a27eabbb..6462000950 100644
--- a/mod/journal/report.php
+++ b/mod/journal/report.php
@@ -13,7 +13,7 @@
         error("Course module is misconfigured");
     }
 
-    require_login($course->id, false);
+    require_login($course->id, false, $cm);
 
     if (!isteacher($course->id)) {
         error("Only teachers can look at this page");
diff --git a/mod/lams/view.php b/mod/lams/view.php
index 71ec67c2ef..84103ea508 100644
--- a/mod/lams/view.php
+++ b/mod/lams/view.php
@@ -21,7 +21,7 @@ if (! $lams = get_record("lams", "id", $cm->instance)) {
     error("Course module is incorrect");
 }
 
-require_login($course->id);
+require_login($course, true, $cm);
 $context = get_context_instance(CONTEXT_MODULE, $cm->id);
 
 add_to_log($course->id, "lams", "view", "view.php?id=$cm->id", "$lams->id");
diff --git a/mod/lesson/import.php b/mod/lesson/import.php
index 71bfe5345e..be1559a04b 100644
--- a/mod/lesson/import.php
+++ b/mod/lesson/import.php
@@ -28,7 +28,7 @@
     }
 
 
-    require_login($course->id, false);
+    require_login($course->id, false, $cm);
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     require_capability('mod/lesson:edit', $context);
 
diff --git a/mod/lesson/importppt.php b/mod/lesson/importppt.php
index 0589972066..a211f78a68 100644
--- a/mod/lesson/importppt.php
+++ b/mod/lesson/importppt.php
@@ -37,7 +37,7 @@
         error("Course module is incorrect");
     }
 
-    require_login($course->id, false);
+    require_login($course->id, false, $cm);
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     require_capability('mod/lesson:edit', $context);
 
diff --git a/mod/lesson/report.php b/mod/lesson/report.php
index 56d9b3724e..ac4132b06f 100644
--- a/mod/lesson/report.php
+++ b/mod/lesson/report.php
@@ -28,7 +28,7 @@
     }
     
 // make sure people are where they should be
-    require_login($course->id, false);
+    require_login($course->id, false, $cm);
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     require_capability('mod/lesson:manage', $context);
 
diff --git a/mod/quiz/comment.php b/mod/quiz/comment.php
index 1ec2803210..d005fb5555 100644
--- a/mod/quiz/comment.php
+++ b/mod/quiz/comment.php
@@ -28,9 +28,9 @@
         error('Attempt has not closed yet');
     }
 
-    require_login($course->id);
-
     $cm = get_coursemodule_from_instance('quiz', $quiz->id);
+    require_login($course, true, $cm);
+
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     
     require_capability('mod/quiz:grade', $context);
diff --git a/mod/quiz/report.php b/mod/quiz/report.php
index fcb7f7daf2..33f01a3074 100644
--- a/mod/quiz/report.php
+++ b/mod/quiz/report.php
@@ -35,7 +35,7 @@
         }
     }
 
-    require_login($course->id, false);
+    require_login($course, false, $cm);
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     require_capability('mod/quiz:viewreports', $context);
 
diff --git a/mod/survey/download.php b/mod/survey/download.php
index be32352dc7..ac60642e6d 100644
--- a/mod/survey/download.php
+++ b/mod/survey/download.php
@@ -16,7 +16,7 @@
         error("Course is misconfigured");
     }
 
-    require_login($course->id, false);
+    require_login($course->id, false, $cm);
     require_capability('mod/survey:download', get_context_instance(CONTEXT_MODULE, $cm->id)) ;
 
     if (! $survey = get_record("survey", "id", $cm->instance)) {
diff --git a/mod/survey/report.php b/mod/survey/report.php
index 35d5283850..df8ad8c319 100644
--- a/mod/survey/report.php
+++ b/mod/survey/report.php
@@ -23,7 +23,7 @@
         error("Course is misconfigured");
     }
 
-    require_login($course->id, false);
+    require_login($course->id, false, $cm);
     
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
 
-- 
2.39.5