category editing MDL-21671 fixed deprecated function call, check capability when...
authorDongsheng Cai <dongsheng@moodle.com>
Mon, 20 Dec 2010 09:11:42 +0000 (17:11 +0800)
committerEloy Lafuente (stronk7) <stronk7@moodle.org>
Mon, 20 Dec 2010 18:03:14 +0000 (19:03 +0100)
course/editcategory.php
course/editcategory_form.php

index 5233d32..3cff561 100644 (file)
@@ -77,6 +77,8 @@ if ($mform->is_cancelled()) {
         // Update an existing category.
         $newcategory->id = $category->id;
         if ($newcategory->parent != $category->parent) {
+            // check category manage capability if parent changed
+            require_capability('moodle/category:manage', get_category_or_system_context((int)$newcategory->parent));
             $parent_cat = $DB->get_record('course_categories', array('id' => $newcategory->parent));
             move_category($newcategory, $parent_cat);
         }
index b8f1917..6318146 100644 (file)
@@ -8,7 +8,7 @@ class editcategory_form extends moodleform {
 
     // form definition
     function definition() {
-        global $CFG;
+        global $CFG, $DB;
         $mform =& $this->_form;
         $category = $this->_customdata['category'];
         $editoroptions = $this->_customdata['editoroptions'];
@@ -23,7 +23,7 @@ class editcategory_form extends moodleform {
             // Editing an existing category.
             make_categories_list($options, $parents, 'moodle/category:manage', $category->id);
             if (empty($options[$category->parent])) {
-                $options[$category->parent] = get_field('course_categories', 'name', 'id', $category->parent);
+                $options[$category->parent] = $DB->get_field('course_categories', 'name', array('id'=>$category->parent));
             }
             $strsubmit = get_string('savechanges');
         } else {