login/index.php

   1 <?php // $Id$
   2
   3
   4     require_once("../config.php");
   5
   6     // check if major upgrade needed - also present in /index.php
   7     if ((int)$CFG->version < 2006101100) { //1.7 or older
   8         @require_logout();
   9         redirect("$CFG->wwwroot/$CFG->admin/");
  10     }
  11
  12     $loginguest  = optional_param('loginguest', 0, PARAM_BOOL); // determines whether visitors are logged in as guest automatically
  13     $testcookies = optional_param('testcookies', 0, PARAM_BOOL); // request cookie test
  14
  15     //initialize variables
  16     $errormsg = '';
  17     $errorcode = 0;
  18
  19 /// Check for timed out sessions
  20     if (!empty($SESSION->has_timed_out)) {
  21         $session_has_timed_out = true;
  22         $SESSION->has_timed_out = false;
  23     } else {
  24         $session_has_timed_out = false;
  25     }
  26
  27 /// Check if the guest user exists.  If not, create one.
  28     if (! record_exists('user', 'username', 'guest', 'mnethostid', $CFG->mnet_localhost_id)) {
  29         if (! $guest = create_guest_record()) {
  30             notify('Could not create guest user record !!!');
  31         }
  32     }
  33
  34 // setup and verify auth settings
  35
  36 if (!isset($CFG->registerauth)) {
  37     set_config('registerauth', '');
  38 }
  39
  40 if (!isset($CFG->auth_instructions)) {
  41     set_config('auth_instructions', '');
  42 }
  43
  44 // auth plugins may override these - SSO anyone?
  45 $frm  = false;
  46 $user = false;
  47
  48 $authsequence = get_enabled_auth_plugins(true); // auths, in sequence
  49 foreach($authsequence as $authname) {
  50     $authplugin = get_auth_plugin($authname);
  51     $authplugin->loginpage_hook();
  52 }
  53
  54 //HTTPS is potentially required in this page
  55 httpsrequired();
  56
  57 /// Define variables used in page
  58     if (!$site = get_site()) {
  59         error("No site found!");
  60     }
  61
  62     if (empty($CFG->langmenu)) {
  63         $langmenu = "";
  64     } else {
  65         $currlang = current_language();
  66         $langs    = get_list_of_languages();
  67         $langlabel = get_accesshide(get_string('language'));
  68         $langmenu = popup_form ("$CFG->httpswwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true, 'self', $langlabel);
  69     }
  70
  71     $loginsite = get_string("loginsite");
  72     $navlinks = array(array('name' => $loginsite, 'link' => null, 'type' => 'misc'));
  73     $navigation = build_navigation($navlinks);
  74
  75     if ($user !== false or $frm !== false) {
  76         // some auth plugin already supplied these
  77
  78     } else if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) {
  79         /// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
  80         $frm->username = 'guest';
  81         $frm->password = 'guest';
  82
  83     } else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) {
  84         // Handles the case of another Moodle site linking into a page on this site
  85         //TODO: move weblink into own auth plugin
  86         include($CFG->dirroot.'/login/weblinkauth.php');
  87         if (function_exists('weblink_auth')) {
  88             $user = weblink_auth($SESSION->wantsurl);
  89         }
  90         if ($user) {
  91             $frm->username = $user->username;
  92         } else {
  93             $frm = data_submitted();
  94         }
  95
  96     } else {
  97         $frm = data_submitted();
  98     }
  99
 100 /// Check if the user has actually submitted login data to us
 101
 102     if (empty($CFG->usesid) and $testcookies and (get_moodle_cookie() == '')) {    // Login without cookie when test requested
 103
 104         $errormsg = get_string("cookiesnotenabled");
 105         $errorcode = 1;
 106
 107     } else if ($frm) {                             // Login WITH cookies
 108
 109         $frm->username = trim(moodle_strtolower($frm->username));
 110
 111         if (is_enabled_auth('none') && empty($CFG->extendedusernamechars)) {
 112             $string = eregi_replace("[^(-\.[:alnum:])]", "", $frm->username);
 113             if (strcmp($frm->username, $string)) {
 114                 $errormsg = get_string('username').': '.get_string("alphanumerical");
 115                 $errorcode = 2;
 116
 117                 $user = null;
 118             }
 119         }
 120
 121         if ($user) {
 122             //user already supplied by aut plugin prelogin hook
 123         } else if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
 124             $user = false;    /// Can't log in as guest if guest button is disabled
 125             $frm = false;
 126         } else {
 127             if (empty($errormsg)) {
 128                 $user = authenticate_user_login($frm->username, $frm->password);
 129             }
 130         }
 131         update_login_count();
 132
 133         if ($user) {
 134
 135             // language setup
 136             if ($user->username == 'guest') {
 137                 // no predefined language for guests - use existing session or default site lang
 138                 unset($user->lang);
 139
 140             } else if (!empty($user->lang)) {
 141                 // unset previous session language - use user preference instead
 142                 unset($SESSION->lang);
 143             }
 144
 145             if (empty($user->confirmed)) {       // This account was never confirmed
 146                 print_header(get_string("mustconfirm"), get_string("mustconfirm") );
 147                 print_heading(get_string("mustconfirm"));
 148                 print_simple_box(get_string("emailconfirmsent", "", $user->email), "center");
 149                 print_footer();
 150                 die;
 151             }
 152
 153             if ($frm->password == 'changeme') {
 154                 //force the change
 155                 set_user_preference('auth_forcepasswordchange', true, $user->id);
 156             }
 157
 158         /// Let's get them all set up.
 159             add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID,
 160                        $user->id, 0, $user->id);
 161             $USER = complete_user_login($user);
 162
 163         /// Prepare redirection
 164             if (user_not_fully_set_up($USER)) {
 165                 $urltogo = $CFG->wwwroot.'/user/edit.php';
 166                 // We don't delete $SESSION->wantsurl yet, so we get there later
 167
 168             } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) {
 169                 $urltogo = $SESSION->wantsurl;    /// Because it's an address in this site
 170                 unset($SESSION->wantsurl);
 171
 172             } else {
 173                 // no wantsurl stored or external - go to homepage
 174                 $urltogo = $CFG->wwwroot.'/';
 175                 unset($SESSION->wantsurl);
 176             }
 177
 178         /// Go to my-moodle page instead of homepage if mymoodleredirect enabled
 179             if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM)) and !empty($CFG->mymoodleredirect) and !isguest()) {
 180                 if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
 181                     $urltogo = $CFG->wwwroot.'/my/';
 182                 }
 183             }
 184
 185
 186         /// check if user password has expired
 187         /// Currently supported only for ldap-authentication module
 188             $userauth = get_auth_plugin($USER->auth);
 189             if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
 190                 if ($userauth->can_change_password()) {
 191                     $passwordchangeurl = $userauth->change_password_url();
 192                     if(!$passwordchangeurl) {
 193                         $passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
 194                     }
 195                 } else {
 196                     $passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
 197                 }
 198                 $days2expire = $userauth->password_expire($USER->username);
 199                 if (intval($days2expire) > 0 && intval($days2expire) < intval($userauth->config->expiration_warning)) {
 200                     print_header("$site->fullname: $loginsite", "$site->fullname", $navigation, '', '', true, "<div class=\"langmenu\">$langmenu</div>");
 201                     notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
 202                     print_footer();
 203                     exit;
 204                 } elseif (intval($days2expire) < 0 ) {
 205                     print_header("$site->fullname: $loginsite", "$site->fullname", $navigation, '', '', true, "<div class=\"langmenu\">$langmenu</div>");
 206                     notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
 207                     print_footer();
 208                     exit;
 209                 }
 210             }
 211
 212             reset_login_count();
 213
 214             redirect($urltogo);
 215
 216             exit;
 217
 218         } else {
 219             if (empty($errormsg)) {
 220                 $errormsg = get_string("invalidlogin");
 221                 $errorcode = 3;
 222             }
 223
 224             // TODO: if the user failed to authenticate, check if the username corresponds to a remote mnet user
 225             if ( !empty($CFG->mnet_dispatcher_mode)
 226                  && $CFG->mnet_dispatcher_mode === 'strict'
 227                  && is_enabled_auth('mnet')) {
 228                 $errormsg .= get_string('loginlinkmnetuser', 'mnet', "mnet_email.php?u=$frm->username");
 229             }
 230         }
 231     }
 232
 233 /// Detect problems with timedout sessions
 234     if ($session_has_timed_out and !data_submitted()) {
 235         $errormsg = get_string('sessionerroruser', 'error');
 236         $errorcode = 4;
 237     }
 238
 239 /// First, let's remember where the user was trying to get to before they got here
 240
 241     if (empty($SESSION->wantsurl)) {
 242         $SESSION->wantsurl = (array_key_exists('HTTP_REFERER',$_SERVER) &&
 243                               $_SERVER["HTTP_REFERER"] != $CFG->wwwroot &&
 244                               $_SERVER["HTTP_REFERER"] != $CFG->wwwroot.'/' &&
 245                               $_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/' &&
 246                               $_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/index.php')
 247             ? $_SERVER["HTTP_REFERER"] : NULL;
 248     }
 249
 250 /// Redirect to alternative login URL if needed
 251     if (!empty($CFG->alternateloginurl)) {
 252         $loginurl = $CFG->alternateloginurl;
 253
 254         if (strpos($SESSION->wantsurl, $loginurl) === 0) {
 255             //we do not want to return to alternate url
 256             $SESSION->wantsurl = NULL;
 257         }
 258
 259         if ($errorcode) {
 260             if (strpos($loginurl, '?') === false) {
 261                 $loginurl .= '?';
 262             } else {
 263                 $loginurl .= '&';
 264             }
 265             $loginurl .= 'errorcode='.$errorcode;
 266         }
 267
 268         redirect($loginurl);
 269     }
 270
 271
 272 /// Generate the login page with forms
 273
 274     if (get_moodle_cookie() == '') {
 275         set_moodle_cookie('nobody');   // To help search for cookies
 276     }
 277
 278     if (empty($frm->username) && $authsequence[0] != 'shibboleth') {  // See bug 5184
 279         if (!empty($_GET["username"])) {
 280             $frm->username = $_GET["username"];
 281         } else {
 282             $frm->username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();
 283         }
 284
 285         $frm->password = "";
 286     }
 287
 288     if (!empty($frm->username)) {
 289         $focus = "password";
 290     } else {
 291         $focus = "username";
 292     }
 293
 294     if (!empty($CFG->registerauth) or is_enabled_auth('none') or !empty($CFG->auth_instructions)) {
 295         $show_instructions = true;
 296     } else {
 297         $show_instructions = false;
 298     }
 299
 300     print_header("$site->fullname: $loginsite", $site->fullname, $navigation, $focus,
 301                  '', true, '<div class="langmenu">'.$langmenu.'</div>');
 302
 303     include("index_form.html");
 304
 305     print_footer();
 306
 307
 308 ?>