Closed (fixed)
Project:
CCK Scorm Field
Version:
6.x-1.0-beta13
Component:
Code
Priority:
Normal
Category:
Feature request
Assigned:
Reporter:
Created:
27 Nov 2010 at 22:48 UTC
Updated:
24 Jan 2011 at 14:30 UTC
I'm testing this module for my e-learning website. The link to the player on a node (with pop-up display selected) can be distributed and anyone can access the course player through this link - not good for me as the website may be selling e-courses.
Probably, the link can be encrypted in some way so that only authorized users can access it through the node only.
Comments
Comment #1
dirk.westrup commentedWe will check this. The link should only be accessible to authorized persons. Perhaps we will implement both, so that administrators can choose if the scorm content can be accessed by all or only by authorized persons.
Comment #2
pgerling commentedComment #3
pgerling commentedWith beta13, only user who are logged in and have got the permission "use scorm" are allowed to view scorm content. This is done by inserting php source into the .htm/html file of the scorm content. You have to add ".htm/.html" to the files your webserver processes as php.
Comment #4
vegardjo commentedThis isn't working, first of all as the two places 'use scorm' is called (line 2984 and 2987 in SCORM.module) are commented out, and also I don't see the code which should insert php in the htm/html files. Could it be that the changes were not committed?
Anyways, dare I say that this strikes me as a bit risky and not very Drupal-y approach to solving the problem? :)
Many people would not want html files parsed as php, and I also imagine changing / setting the $base_url in settings.php could cause conflicts..?
The core issue here seems to be that the files directory by default is public, but you can set this to private in /admin/settings/file-system. With the correct settings here you would not be able to download the files unless Drupal grants you access to it. Also, you could enable the "content permissions" module bundled with CCK which gives you "view" and "edit" permissions per field type you have..
Comment #5
pgerling commentedIt seems like CVS still does not like me - I messed up the last commit. I added a checkbox to the settings to allow site administrators to choose if they want to use this feature or not - if someone does not want to use this "non Drupal-y approach" it wont be any problem to disable it.