From abf45bedf06297312774db4ad8143d720e0af827 Mon Sep 17 00:00:00 2001
From: stronk7 <stronk7>
Date: Fri, 8 Oct 2004 16:52:20 +0000
Subject: [PATCH] course/category.php is using sesskey

Merged from MOODLE_14_STABLE
---
 course/category.php | 25 +++++++++++++++----------
 course/index.php    |  4 ++--
 lib/weblib.php      |  3 ++-
 3 files changed, 19 insertions(+), 13 deletions(-)

diff --git a/course/category.php b/course/category.php
index 831d876c35878..060d45f513089 100644
--- a/course/category.php
+++ b/course/category.php
@@ -23,7 +23,7 @@
     }
 
     if (iscreator()) {
-        if (isset($_GET['edit'])) {
+        if (isset($_GET['edit']) and confirm_sesskey()) {
             if ($edit == "on") {
                 $USER->categoryediting = true;
             } else if ($edit == "off") {
@@ -47,7 +47,7 @@
 
     if (isadmin()) {
         /// Rename the category if requested
-        if (!empty($_POST['rename'])) {
+        if (!empty($_POST['rename']) and confirm_sesskey()) {
             $category->name = $_POST['rename'];
             if (! set_field("course_categories", "name", $category->name, "id", $category->id)) {
                 notify("An error occurred while renaming the category");
@@ -56,7 +56,7 @@
 
         /// Resort the category if requested
 
-        if (!empty($_GET['resort'])) {
+        if (!empty($_GET['resort']) and confirm_sesskey()) {
             if ($courses = get_courses($category->id, "fullname ASC")) {
                 $count = 0;
                 foreach ($courses as $course) {
@@ -114,7 +114,7 @@
 
     /// Move a specified course to a new category 
 
-        if (isset($moveto) and $data = data_submitted()) {   // Some courses are being moved
+        if (isset($moveto) and $data = data_submitted() and confirm_sesskey()) {   // Some courses are being moved
 
             if (! $destcategory = get_record("course_categories", "id", $data->moveto)) {
                 error("Error finding the category");
@@ -122,9 +122,11 @@
 
             unset($data->moveto);
             unset($data->id);
+            unset($data->sesskey);
 
             if ($data) {
                 foreach ($data as $code => $junk) {
+ 
                     $courseid = substr($code, 1);
 
                     if (! $course  = get_record("course", "id", $courseid)) {
@@ -143,7 +145,7 @@
 
     /// Hide or show a course 
     
-        if (isset($hide) or isset($show)) {
+        if ((isset($hide) or isset($show)) and confirm_sesskey()) {
             if (isset($hide)) {
                 $course = get_record("course", "id", $hide);
                 $visible = 0;
@@ -161,7 +163,7 @@
 
     /// Move a course up or down
 
-        if (isset($moveup) or isset($movedown)) {
+        if ((isset($moveup) or isset($movedown)) and confirm_sesskey()) {
 
             $movecourse = NULL;
             $swapcourse = NULL;
@@ -274,6 +276,7 @@
         }
 
         echo '<form name="movecourses" action="category.php" method="post">';
+        echo "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\">";
         echo '<table align="center" border="0" cellspacing="2" cellpadding="4" class="generalbox"><tr>';
         echo "<th>$strcourses</th>";
         if ($creatorediting) {
@@ -311,11 +314,11 @@
                          '<img src="'.$pixpath.'/t/delete.gif" height="11" width="11" border="0" alt="" /></a> ';
                     if (!empty($acourse->visible)) {
                         echo '<a title="'.$strhide.'" href="category.php?id='.$category->id.
-                             '&amp;hide='.$acourse->id.'">'.
+                             '&amp;hide='.$acourse->id.'&amp;sesskey='.$USER->sesskey.'">'.
                              '<img src="'.$pixpath.'/t/hide.gif" height="11" width="11" border="0" alt="" /></a> ';
                     } else {
                         echo '<a title="'.$strshow.'" href="category.php?id='.$category->id.
-                             '&amp;show='.$acourse->id.'">'.
+                             '&amp;show='.$acourse->id.'&amp;sesskey='.$USER->sesskey.'">'.
                              '<img src="'.$pixpath.'/t/show.gif" height="11" width="11" border="0" alt="" /></a> ';
                     }
     
@@ -328,7 +331,7 @@
             
                     if ($up) {
                         echo '<a title="'.$strmoveup.'" href="category.php?id='.$category->id.
-                             '&amp;moveup='.$acourse->id.'">'.
+                             '&amp;moveup='.$acourse->id.'&amp;sesskey='.$USER->sesskey.'">'.
                              '<img src="'.$pixpath.'/t/up.gif" height="11" width="11" border="0" alt="" /></a> ';
                     } else {
                         echo '<img src="'.$CFG->wwwroot.'/pix/spacer.gif" height="11" width="11" border="0" alt="" /></a> ';
@@ -336,7 +339,7 @@
         
                     if ($down) {
                         echo '<a title="'.$strmovedown.'" href="category.php?id='.$category->id.
-                             '&amp;movedown='.$acourse->id.'">'.
+                             '&amp;movedown='.$acourse->id.'&amp;sesskey='.$USER->sesskey.'">'.
                              '<img src="'.$pixpath.'/t/down.gif" height="11" width="11" border="0" alt="" /></a> ';
                     } else {
                         echo '<img src="'.$CFG->wwwroot.'/pix/spacer.gif" height="11" width="11" border="0" alt="" /></a> ';
@@ -397,6 +400,7 @@
         unset($options);
         $options["id"] = $category->id;
         $options["resort"] = "name";
+        $options["sesskey"] = $USER->sesskey;
         print_single_button("category.php", $options, get_string("resortcoursesbyname"), "get");
     }
 
@@ -411,6 +415,7 @@
         $strrename= get_string("rename");
         echo '<form name="renameform" action="category.php" method="post">';
         echo '<input type="hidden" name="id" value="'.$category->id.'" />';
+        echo '<input type="hidden" name="sesskey" value="'.$USER->sesskey.'" />';
         echo '<input type="text" size="30" name="rename" value="'.s($category->name).'" alt="'.$strrename.'" />';
         echo '<input type="submit" value="'.$strrename.'" />';
         echo "</form>";
diff --git a/course/index.php b/course/index.php
index e1e9815d589d4..b4c8b5c9833b3 100644
--- a/course/index.php
+++ b/course/index.php
@@ -299,7 +299,7 @@
 function print_category_edit($category, $displaylist, $parentslist, $depth=-1, $up=false, $down=false) {
 /// Recursive function to print all the categories ready for editing
 
-    global $THEME, $CFG;
+    global $THEME, $CFG, $USER;
 
     static $str = '';
     static $pixpath = '';
@@ -328,7 +328,7 @@ function print_category_edit($category, $displaylist, $parentslist, $depth=-1, $
             echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
         }
         $linkcss = $category->visible ? "" : " class=\"dimmed\" ";
-        echo "<a $linkcss title=\"$str->edit\" href=\"category.php?id=$category->id&amp;edit=on\">$category->name</a>";
+        echo "<a $linkcss title=\"$str->edit\" href=\"category.php?id=$category->id&amp;edit=on&amp;sesskey=$USER->sesskey\">$category->name</a>";
         echo "</p>";
         echo "</td>";
 
diff --git a/lib/weblib.php b/lib/weblib.php
index 5904173eee175..f70be0fb070c1 100644
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -1,4 +1,4 @@
-<?php
+<?php // $Id$
 
 ///////////////////////////////////////////////////////////////////////////
 //                                                                       //
@@ -2476,6 +2476,7 @@ function update_category_button($categoryid) {
         return "<form target=\"$CFG->framename\" method=\"get\" action=\"$CFG->wwwroot/course/category.php\">".
                "<input type=\"hidden\" name=\"id\" value=\"$categoryid\" />".
                "<input type=\"hidden\" name=\"edit\" value=\"$edit\" />".
+               "<input type=\"hidden\" name=\"sesskey\" value=\"$USER->sesskey\" />".
                "<input type=\"submit\" value=\"$string\" /></form>";
     }
 }