main/survey/fillsurvey.php 1 location
|
@@ 67-72 (lines=6) @@
|
| 64 |
|
$resultAnonymous = Database::query($sql); |
| 65 |
|
$rowAnonymous = Database::fetch_array($resultAnonymous, 'ASSOC'); |
| 66 |
|
// If is anonymous and is not allowed to take the survey to anonymous users, forbid access: |
| 67 |
|
if (!isset($rowAnonymous['anonymous']) || |
| 68 |
|
($rowAnonymous['anonymous'] == 0 && api_is_anonymous()) || |
| 69 |
|
count($rowAnonymous) == 0 |
| 70 |
|
) { |
| 71 |
|
api_not_allowed(true); |
| 72 |
|
} |
| 73 |
|
// If is anonymous and it is allowed to take the survey as anonymous, mark survey as anonymous. |
| 74 |
|
} |
| 75 |
|
|
main/admin/user_list.php 1 location
|
@@ 142-147 (lines=6) @@
|
| 139 |
|
|
| 140 |
|
if ($action == 'login_as') { |
| 141 |
|
$check = Security::check_token('get'); |
| 142 |
|
if (isset($_GET['user_id']) && $check) { |
| 143 |
|
$result = loginUser($_GET['user_id']); |
| 144 |
|
if ($result == false) { |
| 145 |
|
api_not_allowed(true); |
| 146 |
|
} |
| 147 |
|
} |
| 148 |
|
Security::clear_token(); |
| 149 |
|
} |
| 150 |
|
|
main/inc/lib/api.lib.php 1 location
|
@@ 1286-1289 (lines=4) @@
|
| 1283 |
|
function api_block_anonymous_users($printHeaders = true) |
| 1284 |
|
{ |
| 1285 |
|
$user = api_get_user_info(); |
| 1286 |
|
if (!(isset($user['user_id']) && $user['user_id']) || api_is_anonymous($user['user_id'], true)) { |
| 1287 |
|
api_not_allowed($printHeaders); |
| 1288 |
|
return false; |
| 1289 |
|
} |
| 1290 |
|
|
| 1291 |
|
return true; |
| 1292 |
|
} |
chamilo /
chamilo-lms
