course/loginas.php

   1 <?php // $Id$
   2       // Allows a teacher/admin to login as another user (in stealth mode)
   3
   4     require_once("../config.php");
   5     require_once("lib.php");
   6
   7 /// Reset user back to their real self if needed
   8     $return   = optional_param('return', 0, PARAM_BOOL);   // return to the page we came from
   9
  10     if (!empty($USER->realuser)) {
  11         $USER = get_complete_user_data('id', $USER->realuser);
  12         load_all_capabilities();   // load all this user's normal capabilities
  13
  14         if (isset($SESSION->oldcurrentgroup)) {      // Restore previous "current group" cache.
  15             $SESSION->currentgroup = $SESSION->oldcurrentgroup;
  16             unset($SESSION->oldcurrentgroup);
  17         }
  18         if (isset($SESSION->oldtimeaccess)) {        // Restore previous timeaccess settings
  19             $USER->timeaccess = $SESSION->oldtimeaccess;
  20             unset($SESSION->oldtimeaccess);
  21         }
  22
  23         if ($return and isset($_SERVER["HTTP_REFERER"])) { // That's all we wanted to do, so let's go back
  24             redirect($_SERVER["HTTP_REFERER"]);
  25         } else {
  26             redirect($CFG->wwwroot);
  27         }
  28     }
  29
  30
  31 ///-------------------------------------
  32 /// We are trying to log in as this user in the first place
  33
  34     $id       = required_param('id', PARAM_INT);           // course id
  35     $userid   = required_param('user', PARAM_INT);         // login as this user
  36
  37     if (!$site = get_site()) {
  38         error("Site isn't defined!");
  39     }
  40
  41     if (! $course = get_record("course", "id", $id)) {
  42         error("Course ID was incorrect");
  43     }
  44
  45 /// User must be logged in
  46
  47     if ($course->id == SITEID) {
  48         require_login();
  49         $context = get_context_instance(CONTEXT_SYSTEM, SITEID);
  50     } else {
  51         require_login($course->id);
  52         $context = get_context_instance(CONTEXT_COURSE, $course->id);
  53         if (!has_capability('moodle/course:view', $context, $userid, false)) {
  54             error('This user is not in this course!');
  55         }
  56         if (has_capability('moodle/site:doanything', $context, $userid, false)) {
  57             print_error('nologinas');
  58         }
  59     }
  60
  61 /// User must have permissions
  62
  63     require_capability('moodle/user:loginas', $context);
  64
  65
  66 /// Remember current timeaccess settings for later
  67
  68     if (isset($USER->timeaccess)) {
  69         $SESSION->oldtimeaccess = $USER->timeaccess;
  70     }
  71
  72 /// Login as this user and return to course home page.
  73
  74     $oldfullname = fullname($USER, true);
  75     $olduserid   = $USER->id;
  76
  77     $USER = get_complete_user_data('id', $userid);    // Create the new USER object with all details
  78     $USER->realuser = $olduserid;
  79
  80     load_user_capability('', $context); // load this user's capabilities for this context only
  81
  82     if (isset($SESSION->currentgroup)) {    // Remember current cache setting for later
  83         $SESSION->oldcurrentgroup = $SESSION->currentgroup;
  84         unset($SESSION->currentgroup);
  85     }
  86
  87     $newfullname = fullname($USER, true);
  88
  89     add_to_log($course->id, "course", "loginas", "../user/view.php?id=$course->id&amp;user=$userid", "$oldfullname -> $newfullname");
  90
  91     $strloginas    = get_string('loginas');
  92     $strloggedinas = get_string('loggedinas', '', $newfullname);
  93
  94     print_header_simple($strloggedinas, '', $strloggedinas, '', '', true, '&nbsp;', navmenu($course));
  95     notice($strloggedinas, "$CFG->wwwroot/course/view.php?id=$course->id");
  96
  97
  98 ?>