From c088d6039d03d0cc5595fcf445bed37ca127189f Mon Sep 17 00:00:00 2001 From: skodak Date: Wed, 6 Dec 2006 20:17:58 +0000 Subject: [PATCH] MDL-7821 wrong use of cm in data mod and added proper require_login() --- mod/data/comment.php | 8 +++++--- mod/data/edit.php | 2 +- mod/data/field.php | 4 ++-- mod/data/lib.php | 19 ++++--------------- mod/data/preset.php | 6 +++--- mod/data/tabs.php | 1 - mod/data/templates.php | 5 +++-- 7 files changed, 18 insertions(+), 27 deletions(-) diff --git a/mod/data/comment.php b/mod/data/comment.php index eafcf2e2e5..8b359ad0a5 100755 --- a/mod/data/comment.php +++ b/mod/data/comment.php @@ -24,10 +24,12 @@ if (! $course = get_record('course', 'id', $data->course)) { error('Course is misconfigured'); } + if (! $cm = get_coursemodule_from_instance('data', $data->id, $course->id)) { + error('Course Module ID was incorrect'); + } - require_login($course->id); + require_login($course->id, false, $cm); - $cm = data_get_cm($data); $context = get_context_instance(CONTEXT_MODULE, $cm->id); if ($commentid) { @@ -111,7 +113,7 @@ default: //print all listing, and add comment form print_header(); - data_print_comments($data, $record, $search, $template, $sort, $page, $rid, $order, $group); + data_print_comments($data, $record, $page); print_footer(); break; diff --git a/mod/data/edit.php b/mod/data/edit.php index a863de4aaf..83895d07ea 100755 --- a/mod/data/edit.php +++ b/mod/data/edit.php @@ -56,7 +56,7 @@ } } - require_course_login($course, false, $cm); + require_login($course->id, false, $cm); if (!isloggedin() or isguest()) { redirect('view.php?d='.$data->id); diff --git a/mod/data/field.php b/mod/data/field.php index dda2bf2abc..bbfedcd2f5 100755 --- a/mod/data/field.php +++ b/mod/data/field.php @@ -41,7 +41,7 @@ if ($id) { - if (! $cm = get_record('course_modules', 'id', $id)) { + if (! $cm = get_coursemodule_from_id('data', $id)) { error('Course Module ID was incorrect'); } if (! $course = get_record('course', 'id', $cm->course)) { @@ -63,7 +63,7 @@ } } - require_course_login($course, true, $cm); + require_login($course->id, true, $cm); $context = get_context_instance(CONTEXT_MODULE, $cm->id); require_capability('mod/data:managetemplates', $context); diff --git a/mod/data/lib.php b/mod/data/lib.php index f19da82ed7..8a0d2a0ea4 100755 --- a/mod/data/lib.php +++ b/mod/data/lib.php @@ -546,7 +546,7 @@ function data_numentries($data){ function data_add_record($data, $groupid=0){ global $USER; - $cm = data_get_cm($data); + $cm = get_coursemodule_from_instance('data', $data->id); $context = get_context_instance(CONTEXT_MODULE, $cm->id); $record->userid = $USER->id; @@ -811,7 +811,7 @@ function data_get_coursemodule_info($coursemodule) { function data_print_template($template, $records, $data, $search='',$page=0, $return=false) { global $CFG; - $cm = data_get_cm($data); + $cm = get_coursemodule_from_instance('data', $data->id); $context = get_context_instance(CONTEXT_MODULE, $cm->id); static $fields = NULL; @@ -963,7 +963,7 @@ function data_print_preference_form($data, $perpage, $search, $sort='', $order=' function data_print_ratings($data, $record) { global $USER; - $cm = data_get_cm($data); + $cm = get_coursemodule_from_instance('data', $data->id); $context = get_context_instance(CONTEXT_MODULE, $cm->id); $ratingsmenuused = false; @@ -1136,7 +1136,7 @@ function data_print_comment($data, $comment, $page=0) { global $USER, $CFG; - $cm = data_get_cm($data); + $cm = get_coursemodule_from_instance('data', $data->id); $context = get_context_instance(CONTEXT_MODULE, $cm->id); $stredit = get_string('edit'); @@ -1225,17 +1225,6 @@ function data_convert_arrays_to_strings(&$fieldinput) { } } -// returns the $cm given $data -function data_get_cm($data) { - global $CFG, $course; - $datamod = get_record('modules', 'name', 'data'); - $SQL = "select * from {$CFG->prefix}course_modules - where course = $course->id and - module = $datamod->id and - instance = $data->id"; - return get_record_sql($SQL); -} - /** * Converts a database (module instance) to use the Roles System diff --git a/mod/data/preset.php b/mod/data/preset.php index 1ebc1651ff..eec50c0eb1 100644 --- a/mod/data/preset.php +++ b/mod/data/preset.php @@ -19,8 +19,8 @@ $shortname = optional_param('shortname', '', PARAM_FILE); // directory the pres $file = optional_param('file', '', PARAM_FILE); // uploaded file if ($id) { - if (! $cm = get_record('course_modules', 'id', $id)) { - error('Course Module ID Incorrect'); + if (! $cm = get_coursemodule_from_id('data', $id)) { + error('Course Module ID was incorrect'); } if (! $course = get_record('course', 'id', $cm->course)) { error('Course is misconfigured'); @@ -46,7 +46,7 @@ if (!$context = get_context_instance(CONTEXT_MODULE, $cm->id)) { error('Could not find context'); } -require_login($course->id); +require_login($course->id, false, $cm); require_capability('mod/data:managetemplates', $context); diff --git a/mod/data/tabs.php b/mod/data/tabs.php index ea1ace0824..38b67f2f4b 100755 --- a/mod/data/tabs.php +++ b/mod/data/tabs.php @@ -29,7 +29,6 @@ error('You cannot call this script in that way'); } - $cm = data_get_cm($data); $context = get_context_instance(CONTEXT_MODULE, $cm->id); $inactive = NULL; diff --git a/mod/data/templates.php b/mod/data/templates.php index bc4cfe3d27..11e24e4583 100755 --- a/mod/data/templates.php +++ b/mod/data/templates.php @@ -33,7 +33,7 @@ $mode = optional_param('mode', 'singletemplate', PARAM_ALPHA); if ($id) { - if (! $cm = get_record('course_modules', 'id', $id)) { + if (! $cm = get_coursemodule_from_id('data', $id)) { error('Course Module ID was incorrect'); } if (! $course = get_record('course', 'id', $cm->course)) { @@ -55,7 +55,8 @@ } } - require_course_login($course, true, $cm); + require_login($course->id, false, $cm); + $context = get_context_instance(CONTEXT_MODULE, $cm->id); require_capability('mod/data:managetemplates', $context); -- 2.39.5