Skip to content

Commit

Permalink
MDL-46447 core_rate: made sure non-ajax files don't return JSON data
Browse files Browse the repository at this point in the history
  • Loading branch information
andyjdavis authored and marinaglancy committed Aug 4, 2014
1 parent 91a4788 commit 27dbf26
Showing 1 changed file with 3 additions and 8 deletions.
11 changes: 3 additions & 8 deletions rating/rate.php
Original file line number Diff line number Diff line change
Expand Up @@ -47,22 +47,17 @@
$PAGE->set_url('/rating/rate.php', array('contextid' => $context->id));

if (!confirm_sesskey() || !has_capability('moodle/rating:rate', $context)) {
echo $OUTPUT->header();
echo get_string('ratepermissiondenied', 'rating');
echo $OUTPUT->footer();
die();
print_error('ratepermissiondenied', 'rating');
}

$rm = new rating_manager();

// Check the module rating permissions.
// Doing this check here rather than within rating_manager::get_ratings() so we can return a json error response.
// Doing this check here rather than within rating_manager::get_ratings() so we can choose how to handle the error.
$pluginpermissionsarray = $rm->get_plugin_permissions_array($context->id, $component, $ratingarea);

if (!$pluginpermissionsarray['rate']) {
$result->error = get_string('ratepermissiondenied', 'rating');
echo json_encode($result);
die();
print_error('ratepermissiondenied', 'rating');
} else {
$params = array(
'context' => $context,
Expand Down

0 comments on commit 27dbf26

Please sign in to comment.