// Access rights: anonymous users can't do anything useful here. api_block_anonymous_users(); $user_can_view_page = false; //For students if (api_get_setting('allow_students_to_browse_courses') == 'false') { $user_can_view_page = false; } else { $user_can_view_page = true; } //For teachers/admins if (api_is_platform_admin() || api_is_course_admin() || api_is_allowed_to_create_course()) { $user_can_view_page = true; } // filter actions $actions = array('sortmycourses', 'createcoursecategory', 'subscribe', 'deletecoursecategory', 'display_courses', 'display_random_courses', 'subscribe_user_with_password', 'display_sessions'); $action = CoursesAndSessionsCatalog::is(CATALOG_SESSIONS) ? 'display_sessions' : 'display_random_courses'; if (isset($_GET['action']) && in_array($_GET['action'], $actions)) { $action = Security::remove_XSS($_GET['action']); } else { // Nothing to do } $nameTools = getCourseCatalogNameTools($action); if (empty($nameTools)) { $nameTools = get_lang('CourseManagement'); } else { if (!in_array($action, array('sortmycourses', 'createcoursecategory', 'display_random_courses', 'display_courses', 'subscribe'))) { $interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'auth/courses.php', 'name' => get_lang('CourseManagement')); } if ($action == 'createcoursecategory') { $interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'auth/courses.php?action=sortmycourses', 'name' => get_lang('SortMyCourses')); }
$courses_controller->subscribe_user(isset($_POST['subscribe_user_with_password']) ? $_POST['subscribe_user_with_password'] : '', isset($_POST['search_term']) ? $_POST['search_term'] : '', isset($_POST['category_code']) ? $_POST['category_code'] : ''); break; case 'createcoursecategory': $courses_controller->categories_list($action); break; case 'deletecoursecategory': $courses_controller->courses_list($action); break; case 'sortmycourses': $courses_controller->courses_list($action); break; case 'subscribe': if (!$user_can_view_page) { api_not_allowed(true); } if (!CoursesAndSessionsCatalog::is(CATALOG_SESSIONS)) { $courses_controller->courses_categories($action, $categoryCode, null, null, null, $limit); } else { header('Location: ' . api_get_self()); } break; case 'display_random_courses': if (!$user_can_view_page) { api_not_allowed(true); } $courses_controller->courses_categories($action); break; case 'display_courses': if (!$user_can_view_page) { api_not_allowed(true); }