In order to ensure that when a teacher hides a resource or an activity that...
In order to ensure that when a teacher hides a resource or an activity that students really can't get at it, even if they know the direct links to its pages, I have given an optional third argument $cm to the functions require_login() and require_course_login(). Pages showing information about a particular course module now pass the course module object in this third argument. The login functions will then test if either the course module is visible or the user is a teacher. If neither is the case then the user is redirected to the course homepage after being shown a message "Sorry, this activity is currently hidden". (While I was at it I also turned the autologinguests off for most module pages, except on the index.php pages and the view.php pages for those modules that allow guests)
Showing with 4065 additions and 4109 deletions