Verification link should only verify for specified certificate

Also populated navigation bar.
This commit is contained in:
Mark Nelson 2017-05-30 11:59:06 +08:00
parent d35cd7890d
commit 5c64d11446

View file

@ -27,11 +27,17 @@ require_once('../../config.php');
$contextid = required_param('contextid', PARAM_INT);
$code = optional_param('code', '', PARAM_ALPHANUM); // The code for the certificate we are verifying.
$context = context::instance_by_id($contextid);
$cm = get_coursemodule_from_id('customcert', $context->instanceid, 0, false, MUST_EXIST);
$course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST);
$customcert = $DB->get_record('customcert', array('id' => $cm->instance), '*', MUST_EXIST);
// Need to be logged in.
require_login();
require_login($course, false, $cm);
// Ok, now check the user has the ability to verify certificates.
require_capability('mod/customcert:verifycertificate', context::instance_by_id($contextid));
require_capability('mod/customcert:verifycertificate', $context);
// Set up the page.
$pageurl = new moodle_url('/mod/customcert/verify_certificate.php', array('contextid' => $contextid));
@ -40,7 +46,7 @@ if ($code) {
}
$PAGE->set_url($pageurl);
$PAGE->set_context(context_system::instance());
$PAGE->set_context($context);
$PAGE->set_title(get_string('verifycertificate', 'customcert'));
// The form we are using to verify these codes.
@ -62,9 +68,10 @@ if ($form->get_data()) {
JOIN {user} u
ON ci.userid = u.id
WHERE ci.code = :code
AND c.id = :customcertid
AND u.deleted = 0";
// It is possible (though unlikely) that there is the same code for issued certificates.
if ($issues = $DB->get_records_sql($sql, array('code' => $code))) {
if ($issues = $DB->get_records_sql($sql, array('code' => $code, 'customcertid' => $customcert->id))) {
$result->success = true;
$result->issues = $issues;
} else {