MDL-34656 prevent login form from being shown inside iframe - also prevent wantsurl from being set to loadsco.php which isn't a valid page for initial load.

2025-04-22 08:55:15 +02:00 · 2012-08-01 09:27:37 +12:00 · 2012-08-01 09:27:37 +12:00 · 299aedfaf7
commit 299aedfaf7
parent 470d47f512
1 changed files with 10 additions and 1 deletions
--- a/mod/scorm/loadSCO.php
+++ b/mod/scorm/loadSCO.php
@ -49,7 +49,16 @@ if (!empty($id)) {

 $PAGE->set_url('/mod/scorm/loadSCO.php', array('scoid'=>$scoid, 'id'=>$cm->id));

-require_login($course, false, $cm);
+if (!isloggedin()) { // Prevent login page from being shown in iframe.
+    // Using simple html instead of exceptions here as shown inside iframe/object.
+    echo html_writer::start_tag('html');
+    echo html_writer::tag('head', '');
+    echo html_writer::tag('body', get_string('loggedinnot'));
+    echo html_writer::end_tag('html');
+    exit;
+}
+
+require_login($course, false, $cm, false); // Call require_login anyway to set up globals correctly.

 //check if scorm closed
 $timenow = time();