-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtoggleaccess.php
37 lines (27 loc) · 1.28 KB
/
toggleaccess.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<?php
require_once "../config.php";
use \Tsugi\Core\LTIX;
// Retrieve the launch data if present
$LAUNCH = LTIX::requireData();
$p = $CFG->dbprefix;
if ( $USER->instructor ) {
if (isset($_GET["course"]) && isset($_GET["email"])) {
$course = $_GET["course"];
$email = $_GET["email"];
$canEdit = isset($_GET["access"]) && (strcmp($_GET["access"], "edit") == 0) ? 1 : 0;
$updateQry = $PDOX->prepare("UPDATE {$p}course_planner_share SET can_edit = :can_edit WHERE course_id = :course_id AND user_email = :user_email");
$updateQry->execute(array(":can_edit" => $canEdit, ":course_id" => $course, ":user_email" => $email));
if ($canEdit == 1) {
$_SESSION["success"] = $email . " can now edit this course plan.";
} else {
$_SESSION["success"] = $email . "'s access has been set to read-only for this course plan.";
}
$back = isset($_GET["back"]) && $_GET["back"] == 'edit' ? "edit" : "index";
header("Location: " . addSession("share.php?course=".$course."&back=".$back));
} else {
$_SESSION["error"] = "Unable to remove sharing for course plan. Invalid id or email.";
header("Location: " . addSession("index.php"));
}
} else {
die("This tool is for instructors only.");
}