| [ Index ] |
PHP Cross Reference of Moodle 1.9.3 [Build 15-Oct-2008] |
[Summary view] [Print] [Text view]
1 <?php // $Id: index.php,v 1.129.2.3 2008/05/18 21:26:57 iarenaza Exp $ 2 3 4 require_once("../config.php"); 5 6 // check if major upgrade needed - also present in /index.php 7 if ((int)$CFG->version < 2006101100) { //1.7 or older 8 @require_logout(); 9 redirect("$CFG->wwwroot/$CFG->admin/"); 10 } 11 12 $loginguest = optional_param('loginguest', 0, PARAM_BOOL); // determines whether visitors are logged in as guest automatically 13 $testcookies = optional_param('testcookies', 0, PARAM_BOOL); // request cookie test 14 15 //initialize variables 16 $errormsg = ''; 17 $errorcode = 0; 18 19 /// Check for timed out sessions 20 if (!empty($SESSION->has_timed_out)) { 21 $session_has_timed_out = true; 22 $SESSION->has_timed_out = false; 23 } else { 24 $session_has_timed_out = false; 25 } 26 27 /// Check if the guest user exists. If not, create one. 28 if (! record_exists('user', 'username', 'guest', 'mnethostid', $CFG->mnet_localhost_id)) { 29 if (! $guest = create_guest_record()) { 30 notify('Could not create guest user record !!!'); 31 } 32 } 33 34 // setup and verify auth settings 35 36 if (!isset($CFG->registerauth)) { 37 set_config('registerauth', ''); 38 } 39 40 if (!isset($CFG->auth_instructions)) { 41 set_config('auth_instructions', ''); 42 } 43 44 // auth plugins may override these - SSO anyone? 45 $frm = false; 46 $user = false; 47 48 $authsequence = get_enabled_auth_plugins(true); // auths, in sequence 49 foreach($authsequence as $authname) { 50 $authplugin = get_auth_plugin($authname); 51 $authplugin->loginpage_hook(); 52 } 53 54 //HTTPS is potentially required in this page 55 httpsrequired(); 56 57 /// Define variables used in page 58 if (!$site = get_site()) { 59 error("No site found!"); 60 } 61 62 if (empty($CFG->langmenu)) { 63 $langmenu = ""; 64 } else { 65 $currlang = current_language(); 66 $langs = get_list_of_languages(); 67 $langlabel = get_accesshide(get_string('language')); 68 $langmenu = popup_form ("$CFG->httpswwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true, 'self', $langlabel); 69 } 70 71 $loginsite = get_string("loginsite"); 72 $navlinks = array(array('name' => $loginsite, 'link' => null, 'type' => 'misc')); 73 $navigation = build_navigation($navlinks); 74 75 if ($user !== false or $frm !== false) { 76 // some auth plugin already supplied these 77 78 } else if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) { 79 /// Log in as guest automatically (idea from Zbigniew Fiedorowicz) 80 $frm->username = 'guest'; 81 $frm->password = 'guest'; 82 83 } else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) { 84 // Handles the case of another Moodle site linking into a page on this site 85 //TODO: move weblink into own auth plugin 86 include($CFG->dirroot.'/login/weblinkauth.php'); 87 if (function_exists(weblink_auth)) { 88 $user = weblink_auth($SESSION->wantsurl); 89 } 90 if ($user) { 91 $frm->username = $user->username; 92 } else { 93 $frm = data_submitted(); 94 } 95 96 } else { 97 $frm = data_submitted(); 98 } 99 100 /// Check if the user has actually submitted login data to us 101 102 if (empty($CFG->usesid) and $testcookies and (get_moodle_cookie() == '')) { // Login without cookie when test requested 103 104 $errormsg = get_string("cookiesnotenabled"); 105 $errorcode = 1; 106 107 } else if ($frm) { // Login WITH cookies 108 109 $frm->username = trim(moodle_strtolower($frm->username)); 110 111 if (is_enabled_auth('none') && empty($CFG->extendedusernamechars)) { 112 $string = eregi_replace("[^(-\.[:alnum:])]", "", $frm->username); 113 if (strcmp($frm->username, $string)) { 114 $errormsg = get_string('username').': '.get_string("alphanumerical"); 115 $errorcode = 2; 116 117 $user = null; 118 } 119 } 120 121 if ($user) { 122 //user already supplied by aut plugin prelogin hook 123 } else if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) { 124 $user = false; /// Can't log in as guest if guest button is disabled 125 $frm = false; 126 } else { 127 if (empty($errormsg)) { 128 $user = authenticate_user_login($frm->username, $frm->password); 129 } 130 } 131 update_login_count(); 132 133 if ($user) { 134 135 // language setup 136 if ($user->username == 'guest') { 137 // no predefined language for guests - use existing session or default site lang 138 unset($user->lang); 139 140 } else if (!empty($user->lang)) { 141 // unset previous session language - use user preference instead 142 unset($SESSION->lang); 143 } 144 145 if (empty($user->confirmed)) { // This account was never confirmed 146 print_header(get_string("mustconfirm"), get_string("mustconfirm") ); 147 print_heading(get_string("mustconfirm")); 148 print_simple_box(get_string("emailconfirmsent", "", $user->email), "center"); 149 print_footer(); 150 die; 151 } 152 153 if ($frm->password == 'changeme') { 154 //force the change 155 set_user_preference('auth_forcepasswordchange', true, $user->id); 156 } 157 158 /// Let's get them all set up. 159 add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID, 160 $user->id, 0, $user->id); 161 $USER = complete_user_login($user); 162 163 /// Prepare redirection 164 if (user_not_fully_set_up($USER)) { 165 $urltogo = $CFG->wwwroot.'/user/edit.php'; 166 // We don't delete $SESSION->wantsurl yet, so we get there later 167 168 } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) { 169 $urltogo = $SESSION->wantsurl; /// Because it's an address in this site 170 unset($SESSION->wantsurl); 171 172 } else { 173 // no wantsurl stored or external - go to homepage 174 $urltogo = $CFG->wwwroot.'/'; 175 unset($SESSION->wantsurl); 176 } 177 178 /// Go to my-moodle page instead of homepage if mymoodleredirect enabled 179 if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM)) and !empty($CFG->mymoodleredirect) and !isguest()) { 180 if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') { 181 $urltogo = $CFG->wwwroot.'/my/'; 182 } 183 } 184 185 186 /// check if user password has expired 187 /// Currently supported only for ldap-authentication module 188 $userauth = get_auth_plugin($USER->auth); 189 if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) { 190 if ($userauth->can_change_password()) { 191 $passwordchangeurl = $userauth->change_password_url(); 192 } else { 193 $passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php'; 194 } 195 $days2expire = $userauth->password_expire($USER->username); 196 if (intval($days2expire) > 0 && intval($days2expire) < intval($userauth->config->expiration_warning)) { 197 print_header("$site->fullname: $loginsite", "$site->fullname", $navigation, '', '', true, "<div class=\"langmenu\">$langmenu</div>"); 198 notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo); 199 print_footer(); 200 exit; 201 } elseif (intval($days2expire) < 0 ) { 202 print_header("$site->fullname: $loginsite", "$site->fullname", $navigation, '', '', true, "<div class=\"langmenu\">$langmenu</div>"); 203 notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo); 204 print_footer(); 205 exit; 206 } 207 } 208 209 reset_login_count(); 210 211 redirect($urltogo); 212 213 exit; 214 215 } else { 216 if (empty($errormsg)) { 217 $errormsg = get_string("invalidlogin"); 218 $errorcode = 3; 219 } 220 221 // TODO: if the user failed to authenticate, check if the username corresponds to a remote mnet user 222 if ( !empty($CFG->mnet_dispatcher_mode) 223 && $CFG->mnet_dispatcher_mode === 'strict' 224 && is_enabled_auth('mnet')) { 225 $errormsg .= get_string('loginlinkmnetuser', 'mnet', "mnet_email.php?u=$frm->username"); 226 } 227 } 228 } 229 230 /// Detect problems with timedout sessions 231 if ($session_has_timed_out and !data_submitted()) { 232 $errormsg = get_string('sessionerroruser', 'error'); 233 $errorcode = 4; 234 } 235 236 /// First, let's remember where the user was trying to get to before they got here 237 238 if (empty($SESSION->wantsurl)) { 239 $SESSION->wantsurl = (array_key_exists('HTTP_REFERER',$_SERVER) && 240 $_SERVER["HTTP_REFERER"] != $CFG->wwwroot && 241 $_SERVER["HTTP_REFERER"] != $CFG->wwwroot.'/' && 242 $_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/' && 243 $_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/index.php') 244 ? $_SERVER["HTTP_REFERER"] : NULL; 245 } 246 247 /// Redirect to alternative login URL if needed 248 if (!empty($CFG->alternateloginurl)) { 249 $loginurl = $CFG->alternateloginurl; 250 251 if (strpos($SESSION->wantsurl, $loginurl) === 0) { 252 //we do not want to return to alternate url 253 $SESSION->wantsurl = NULL; 254 } 255 256 if ($errorcode) { 257 if (strpos($loginurl, '?') === false) { 258 $loginurl .= '?'; 259 } else { 260 $loginurl .= '&'; 261 } 262 $loginurl .= 'errorcode='.$errorcode; 263 } 264 265 redirect($loginurl); 266 } 267 268 269 /// Generate the login page with forms 270 271 if (get_moodle_cookie() == '') { 272 set_moodle_cookie('nobody'); // To help search for cookies 273 } 274 275 if (empty($frm->username) && $authsequence[0] != 'shibboleth') { // See bug 5184 276 $frm->username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie(); 277 $frm->password = ""; 278 } 279 280 if (!empty($frm->username)) { 281 $focus = "password"; 282 } else { 283 $focus = "username"; 284 } 285 286 if (!empty($CFG->registerauth) or is_enabled_auth('none') or !empty($CFG->auth_instructions)) { 287 $show_instructions = true; 288 } else { 289 $show_instructions = false; 290 } 291 292 print_header("$site->fullname: $loginsite", $site->fullname, $navigation, $focus, 293 '', true, '<div class="langmenu">'.$langmenu.'</div>'); 294 295 include ("index_form.html"); 296 297 print_footer(); 298 299 300 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Jan 14 11:33:29 2009 | Cross-referenced by PHPXref 0.7 |