diff --git a/attendance.php b/attendance.php index b7f5594..2784aa5 100644 --- a/attendance.php +++ b/attendance.php @@ -41,6 +41,8 @@ $course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST) // Require the user is logged in. require_login($course, true, $cm); +$qrpassflag = false; + // If the randomised code is on grab it. if ($attforsession->rotateqrcode == 1) { $cookiename = 'attendance_'.$attforsession->id; @@ -60,8 +62,6 @@ if ($attforsession->rotateqrcode == 1) { ' WHERE attendanceid = ? AND expirytime > ? ORDER BY expirytime ASC LIMIT 2'; $qrpassdatabase = $DB->get_records_sql($sql, ['attendanceid' => $id, time() - $attconfig->rotateqrcodeexpirymargin]); - $qrpassflag = false; - foreach ($qrpassdatabase as $qrpasselement) { if ($qrpass == $qrpasselement->password) { $qrpassflag = true; @@ -98,8 +98,8 @@ if (empty($attforsession->includeqrcode)) { $qrpass = ''; // Override qrpass if set, as it is not allowed. } -// Check to see if autoassignstatus is in use and no password required. -if ($attforsession->autoassignstatus && empty($attforsession->studentpassword)) { +// Check to see if autoassignstatus is in use and no password required or Qrpass given and passed. +if ($attforsession->autoassignstatus && (empty($attforsession->studentpassword)) || $qrpassflag) { $statusid = attendance_session_get_highest_status($att, $attforsession); $url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)); if (empty($statusid)) {