Permalink
Browse files

MDL-34656 prevent login form from being shown inside iframe - also pr…

…event wantsurl from being set to loadsco.php which isn't a valid page for initial load.
  • Loading branch information...
1 parent 7abe8c3 commit 8dc49e14c4b19006a106b32bb2493cc61ddb0d3f @danmarsden danmarsden committed with stronk7 Jul 31, 2012
Showing with 10 additions and 1 deletion.
  1. +10 −1 mod/scorm/loadSCO.php
View
@@ -49,7 +49,16 @@
$PAGE->set_url('/mod/scorm/loadSCO.php', array('scoid'=>$scoid, 'id'=>$cm->id));
-require_login($course, false, $cm);
+if (!isloggedin()) { // Prevent login page from being shown in iframe.
+ // Using simple html instead of exceptions here as shown inside iframe/object.
+ echo html_writer::start_tag('html');
+ echo html_writer::tag('head', '');
+ echo html_writer::tag('body', get_string('loggedinnot'));
+ echo html_writer::end_tag('html');
+ exit;
+}
+
+require_login($course, false, $cm, false); // Call require_login anyway to set up globals correctly.
//check if scorm closed
$timenow = time();

0 comments on commit 8dc49e1

Please sign in to comment.