Browse Source

require login before pass check.

MOODLE_37_STABLE
Dan Marsden 4 years ago
parent
commit
c730f9f701
  1. 8
      attendance.php

8
attendance.php

@ -38,6 +38,9 @@ $attendance = $DB->get_record('attendance', array('id' => $attforsession->attend
$cm = get_coursemodule_from_instance('attendance', $attendance->id, 0, false, MUST_EXIST); $cm = get_coursemodule_from_instance('attendance', $attendance->id, 0, false, MUST_EXIST);
$course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST); $course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST);
// Require the user is logged in.
require_login($course, true, $cm);
// If the randomised code is on grab it. // If the randomised code is on grab it.
if ($attforsession->rotateqrcode == 1) { if ($attforsession->rotateqrcode == 1) {
$cookiename = 'attendance_'.$attforsession->id; $cookiename = 'attendance_'.$attforsession->id;
@ -54,7 +57,7 @@ if ($attforsession->rotateqrcode == 1) {
} else { } else {
// Check password. // Check password.
$sql = 'SELECT * FROM {attendance_rotate_passwords}'. $sql = 'SELECT * FROM {attendance_rotate_passwords}'.
' WHERE attendanceid = ? AND expirytime > ? ORDER BY expirytime ASC LIMIT 2'; ' WHERE attendanceid = ? AND expirytime > ? ORDER BY expirytime ASC LIMIT 2';
$qrpassdatabase = $DB->get_records_sql($sql, ['attendanceid' => $id, time() - $attconfig->rotateqrcodeexpirymargin]); $qrpassdatabase = $DB->get_records_sql($sql, ['attendanceid' => $id, time() - $attconfig->rotateqrcodeexpirymargin]);
$qrpassflag = false; $qrpassflag = false;
@ -75,9 +78,6 @@ if ($attforsession->rotateqrcode == 1) {
} }
} }
// Require the user is logged in.
require_login($course, true, $cm);
list($canmark, $reason) = attendance_can_student_mark($attforsession); list($canmark, $reason) = attendance_can_student_mark($attforsession);
if (!$canmark) { if (!$canmark) {
redirect(new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)), get_string($reason, 'attendance')); redirect(new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)), get_string($reason, 'attendance'));

Loading…
Cancel
Save