mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-17 21:49:15 +01:00
Code Issues Projects Releases Wiki Activity

MDL-15402: fixes for tabs.php - now display tab repository only for the current user, + add some context security

Browse Source
This commit is contained in:
jerome 2008-09-08 02:10:30 +00:00
parent 4cd7c8b025
commit 6c91ce49ff
3 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lang/en_utf8/repository.php
View File

@ -76,3 +76,4 @@ $string['typenotvisible'] = 'Type not visible';
$string['updown'] = 'Display order';
$string['upload'] = 'Upload this file';
$string['uploading'] = 'Uploading...';
$string['wrongcontext'] = 'You cannot access to this context';

3
repository/manage_instances.php
View File

@ -45,6 +45,9 @@ else {
//is the user looking at its own repository instances
if ($USER->id != $context->instanceid){
print_error('notyourinstances', 'repository');
}
if ($context->contextlevel != CONTEXT_USER){
print_error('wrongcontext', 'repository');
}
$user = $USER;
}

8
user/tabs.php
View File

@ -249,14 +249,12 @@
}
// Repository Tab
if (!empty($user) and $user->id == $USER->id) {
if (!empty($user) and $user->id == $USER->id) {
require_once($CFG->dirroot . '/repository/lib.php');
//$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
$usercontext = get_context_instance(CONTEXT_USER,$user->id);
//if (repository_get_instances($usercontext, $USER->id)) {
if (!empty($usercontext) && $usercontext->contextlevel == CONTEXT_USER) {
$toprow[] = new tabobject('repositories', $CFG->wwwroot .'/repository/manage_instances.php?contextid='.$usercontext->id, get_string('repositories', 'repository'));
//}
}
}