diff --git a/public/main/admin/course_list.php b/public/main/admin/course_list.php
index 2b22ec3500d..f2881cb4c7c 100644
--- a/public/main/admin/course_list.php
+++ b/public/main/admin/course_list.php
@@ -240,25 +240,24 @@ function get_course_data(
),
$path.'course_copy/create_backup.php?'.api_get_cidreq_params($courseId)
);
- $actions[] = Display::url(
- Display::getMdiIcon(
- ActionIcon::DELETE,
- 'ch-tool-icon',
- null,
- ICON_SIZE_SMALL,
- get_lang('Delete')
- ),
- $path.'admin/course_list.php?'
- .http_build_query([
- 'delete_course' => $course['col0'],
- 'sec_token' => Security::getTokenFromSession(),
- ]),
- [
- 'onclick' => "javascript: if (!confirm('"
- .addslashes(api_htmlentities(get_lang('Please confirm your choice'), \ENT_QUOTES))
- ."')) return false;",
- ]
- );
+ // Delete course action
+ $actions[] = '
+ ';
$em = Database::getManager();
/** @var CatalogueCourseRelAccessUrlRelUsergroupRepository $repo */
@@ -270,24 +269,23 @@ function get_course_data(
]);
$isInCatalogue = null !== $record;
- $catalogueUrl = api_get_self().'?toggle_catalogue='.$course['id'].'&sec_token='.Security::getTokenFromSession();
- $actions[] = Display::url(
- Display::getMdiIcon(
- $isInCatalogue ? StateIcon::CATALOGUE_OFF : StateIcon::CATALOGUE_ON,
- 'ch-tool-icon',
- null,
- ICON_SIZE_SMALL,
- $isInCatalogue ? get_lang('Remove from catalogue') : get_lang('Add to catalogue'),
- [
- 'class' => $isInCatalogue ? 'text-warning' : 'text-muted',
- ]
- ),
- $catalogueUrl,
- [
- 'title' => $isInCatalogue ? get_lang('Remove from catalogue') : get_lang('Add to catalogue'),
- ]
- );
+ $actions[] = '
+ ';
$courseItem = [
$course['col0'],
@@ -356,7 +354,7 @@ function get_course_visibility_icon(int $visibility): string
};
}
-if (isset($_POST['action']) && Security::check_token('get')) {
+if (isset($_POST['action']) && Security::check_token('post')) {
// Delete selected courses
if ('delete_courses' == $_POST['action']) {
if (!empty($_POST['course'])) {
@@ -369,43 +367,49 @@ function get_course_visibility_icon(int $visibility): string
Display::addFlash(Display::return_message(get_lang('Deleted')));
}
- api_location(api_get_self());
}
-}
-if (isset($_GET['toggle_catalogue']) && Security::check_token('get')) {
- $courseId = (int) $_GET['toggle_catalogue'];
- $accessUrlId = api_get_current_access_url_id();
- $em = Database::getManager();
- $repo = $em->getRepository(CatalogueCourseRelAccessUrlRelUsergroup::class);
- $course = api_get_course_entity($courseId);
- $accessUrl = $em->getRepository(AccessUrl::class)->find($accessUrlId);
+ if ('delete_course' == $_POST['action']) {
+ $result = CourseManager::delete_course($_POST['course_code']);
+ if ($result) {
+ Display::addFlash(Display::return_message(get_lang('Deleted')));
+ }
+ }
- if ($course && $accessUrl) {
- $record = $repo->findOneBy([
- 'course' => $course,
- 'accessUrl' => $accessUrl,
- 'usergroup' => null,
- ]);
+ // Toggle catalogue
+ if ('toggle_catalogue' == $_POST['action']) {
+ $courseId = (int) $_POST['course_id'];
+ $accessUrlId = api_get_current_access_url_id();
+ $em = Database::getManager();
+ $repo = $em->getRepository(CatalogueCourseRelAccessUrlRelUsergroup::class);
+ $course = api_get_course_entity($courseId);
+ $accessUrl = $em->getRepository(AccessUrl::class)->find($accessUrlId);
+
+ if ($course && $accessUrl) {
+ $record = $repo->findOneBy([
+ 'course' => $course,
+ 'accessUrl' => $accessUrl,
+ 'usergroup' => null,
+ ]);
+
+ if ($record) {
+ $em->remove($record);
+ Display::addFlash(Display::return_message(get_lang('Removed from catalogue')));
+ } else {
+ $newRel = new CatalogueCourseRelAccessUrlRelUsergroup();
+ $newRel->setCourse($course);
+ $newRel->setAccessUrl($accessUrl);
+ $newRel->setUsergroup(null);
+
+ $em->persist($newRel);
+ Display::addFlash(Display::return_message(get_lang('Added to catalogue'), 'success'));
+ }
- if ($record) {
- $em->remove($record);
- Display::addFlash(Display::return_message(get_lang('Removed from catalogue')));
- } else {
- $newRel = new CatalogueCourseRelAccessUrlRelUsergroup();
- $newRel->setCourse($course);
- $newRel->setAccessUrl($accessUrl);
- $newRel->setUsergroup(null);
-
- $em->persist($newRel);
- Display::addFlash(Display::return_message(get_lang('Added to catalogue'), 'success'));
+ $em->flush();
}
-
- $em->flush();
}
-
- api_location(api_get_self());
}
+
$content = '';
$message = '';
$actions = '';
@@ -463,15 +467,6 @@ function get_course_visibility_icon(int $visibility): string
$content .= $form->returnForm();
} else {
$tool_name = get_lang('Course list');
- if (isset($_GET['delete_course']) && Security::check_token('get')) {
- $result = CourseManager::delete_course($_GET['delete_course']);
- if ($result) {
- Display::addFlash(Display::return_message(get_lang('Deleted')));
- }
-
- api_location(api_get_self());
- }
-
if (isset($_GET['new_course_id'])) {
$courseId = (int) $_GET['new_course_id'];
$course = api_get_course_entity($courseId);
diff --git a/public/main/course_info/delete_course.php b/public/main/course_info/delete_course.php
index 0f14d5606cd..6e0560a6b22 100644
--- a/public/main/course_info/delete_course.php
+++ b/public/main/course_info/delete_course.php
@@ -27,13 +27,20 @@
$type_info_message = 'warning';
if (isset($_GET['delete']) && 'yes' === $_GET['delete'] && $_GET['course_code'] && !empty($_GET['course_code'])) {
if ($current_course_code == $_GET['course_code']) {
- CourseManager::delete_course($_course['sysCode']);
- // DELETE CONFIRMATION MESSAGE
- Session::erase('_cid');
- Session::erase('_real_cid');
- $message = ''.get_lang('Course title').' : '.$current_course_name.'
';
- $message .= ''.get_lang('Course code').' : '.$current_course_code.'
';
- $message .= get_lang('has been deleted');
+ if (!CourseManager::delete_course($_course['sysCode'])) {
+ // DELETE ERROR MESSAGE
+ $message = ''.get_lang('Course title').' : '.$current_course_name.'
';
+ $message .= ''.get_lang('Course code').' : '.$current_course_code.'
';
+ $message .= ''.get_lang('An error occurred while trying to delete the course').'
';
+ $type_info_message = 'error';
+ } else {
+ // DELETE CONFIRMATION MESSAGE
+ Session::erase('_cid');
+ Session::erase('_real_cid');
+ $message = ''.get_lang('Course title').' : '.$current_course_name.'
';
+ $message .= ''.get_lang('Course code').' : '.$current_course_code.'
';
+ $message .= get_lang('has been deleted');
+ }
$message .= '
'.get_lang('Back to Home Page.').'';
} else {
/* message if code course is incorrect */