MDL-34656 prevent login form from being shown inside iframe - also prevent wantsurl...

author Dan Marsden <dan@danmarsden.com>

Tue, 31 Jul 2012 21:27:37 +0000 (09:27 +1200)

committer Eloy Lafuente (stronk7) <stronk7@moodle.org>

Wed, 8 Aug 2012 00:00:23 +0000 (02:00 +0200)
author Dan Marsden <dan@danmarsden.com>
Tue, 31 Jul 2012 21:27:37 +0000 (09:27 +1200)
committer Eloy Lafuente (stronk7) <stronk7@moodle.org>
Wed, 8 Aug 2012 00:00:23 +0000 (02:00 +0200)
diff --git a/mod/scorm/loadSCO.php b/mod/scorm/loadSCO.php

index 29f4972..bae1224 100644 (file)
--- a/mod/scorm/loadSCO.php
+++ b/mod/scorm/loadSCO.php
@@ -49,7 +49,16 @@ if (!empty($id)) {
  
  $PAGE->set_url('/mod/scorm/loadSCO.php', array('scoid'=>$scoid, 'id'=>$cm->id));
  
-require_login($course, false, $cm);
+if (!isloggedin()) { // Prevent login page from being shown in iframe.
+    // Using simple html instead of exceptions here as shown inside iframe/object.
+    echo html_writer::start_tag('html');
+    echo html_writer::tag('head', '');
+    echo html_writer::tag('body', get_string('loggedinnot'));
+    echo html_writer::end_tag('html');
+    exit;
+}
+
+require_login($course, false, $cm, false); // Call require_login anyway to set up globals correctly.
  
  //check if scorm closed
  $timenow = time();
author	Dan Marsden <dan@danmarsden.com>
	Tue, 31 Jul 2012 21:27:37 +0000 (09:27 +1200)
committer	Eloy Lafuente (stronk7) <stronk7@moodle.org>
	Wed, 8 Aug 2012 00:00:23 +0000 (02:00 +0200)