@ -30,7 +30,7 @@ $pageparams = new mod_attendance_sessions_page_params();
// Check that the required parameters are present.
$id = required_param('sessid', PARAM_INT);
$password = optional_param('studentpassword ', '', PARAM_TEXT);
$qrpass = optional_param('qrpass ', '', PARAM_TEXT);
$attforsession = $DB->get_record('attendance_sessions', array('id' => $id), '*', MUST_EXIST);
$attendance = $DB->get_record('attendance', array('id' => $attforsession->attendanceid), '*', MUST_EXIST);
@ -56,8 +56,14 @@ if (!empty($attforsession->subnet) && !address_in_subnet(getremoteaddr(), $attfo
$pageparams->sessionid = $id;
$att = new mod_attendance_structure($attendance, $cm, $course, $PAGE->context, $pageparams);
// Require that a session key is passed to this page.
// require_sesskey();
if (empty($attforsession->includeqrcode)) {
$qrpass = ''; // Override qrpass if set, as it is not allowed.
}
if (empty($qrpass)) {
// Sesskey is required on this page when QR code not in use.
require_sesskey();
}
// Check to see if autoassignstatus is in use and no password required.
if ($attforsession->autoassignstatus & & empty($attforsession->studentpassword)) {
@ -79,22 +85,20 @@ if ($attforsession->autoassignstatus && empty($attforsession->studentpassword))
}
}
// Create the form.
$mform = new mod_attendance_student_attendance_form(null,
array('course' => $course, 'cm' => $cm, 'modcontext' => $PAGE->context, 'session' => $attforsession, 'attendance' => $att));
if ($password !== '') {
$fromform = $mform->get_data();
// Check to see if autoassignstatus is in use and if qrcode is being used.
if (!empty($qrpass) & & !empty($attforsession->autoassignstatus)) {
$fromform = new stdClass();
// Check if password required and if set correctly.
if (!empty($attforsession->studentpassword) & &
$attforsession->studentpassword !== $password ) {
$attforsession->studentpassword !== $qr pass) {
$url = new moodle_url('/mod/attendance/attendance.php', array('sessid' => $id, 'sesskey' => sesskey()));
redirect($url, get_string('incorrectpassword', 'mod_attendance'), null, \core\output\notification::NOTIFY_ERROR);
}
// Set the password and session id in the form, because they are saved in the attendance log.
$fromform->studentpassword = $password ;
$fromform->studentpassword = $qr pass;
$fromform->sessid = $attforsession->id;
$fromform->status = attendance_session_get_highest_status($att, $attforsession);
@ -114,14 +118,20 @@ if ($password !== '') {
print_error('attendance_already_submitted', 'mod_attendance', $url);
}
}
} else {
$PAGE->set_url($att->url_sessions());
}
if ($mform->is_cancelled()) {
$PAGE->set_url($att->url_sessions());
// Create the form.
$mform = new mod_attendance_student_attendance_form(null,
array('course' => $course, 'cm' => $cm, 'modcontext' => $PAGE->context, 'session' => $attforsession,
'attendance' => $att, 'password' => $qrpass));
if ($mform->is_cancelled()) {
// The user cancelled the form, so redirect them to the view page.
$url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id));
redirect($url);
} else if ($fromform = $mform->get_data()) {
} else if ($fromform = $mform->get_data()) {
// Check if password required and if set correctly.
if (!empty($attforsession->studentpassword) & &
$attforsession->studentpassword !== $fromform->studentpassword) {
@ -151,15 +161,14 @@ if ($password !== '') {
// The form did not validate correctly so we will set it to display the data they submitted.
$mform->set_data($fromform);
}
}
$PAGE->set_title($course->shortname. ": ".$att->name);
$PAGE->set_heading($course->fullname);
$PAGE->set_cacheable(true);
$PAGE->navbar->add($att->name);
$PAGE->set_title($course->shortname. ": ".$att->name);
$PAGE->set_heading($course->fullname);
$PAGE->set_cacheable(true);
$PAGE->navbar->add($att->name);
$output = $PAGE->get_renderer('mod_attendance');
echo $output->header();
$mform->display();
echo $output->footer();
}
$output = $PAGE->get_renderer('mod_attendance');
echo $output->header();
$mform->display();
echo $output->footer();