projects / moodle.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
lib MDL-19236 Added boilerplates and copyrights
[moodle.git] / lib / setup.php
CommitLineData
da8759cb 1<?php
2/**
3 * setup.php - Sets up sessions, connects to databases and so on
4 *
75249234 5 * Normally this is only called by the main config.php file
6 * Normally this file does not need to be edited.
da8759cb 7 * @author Martin Dougiamas
8 * @version $Id$
9 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
10 * @package moodlecore
11 */
12
da8759cb 13/**
e1d1b796 14 * Holds the core settings that affect how Moodle works. Some of its fields
15 * are set in config.php, and the rest are loaded from the config table.
16 *
17 * Some typical settings in the $CFG global:
18 * - $CFG->wwwroot - Path to moodle index directory in url format.
19 * - $CFG->dataroot - Path to moodle index directory on server's filesystem.
20 * - $CFG->libdir - Path to moodle's library folder on server's filesystem.
21 *
22 * @global object $CFG
23 */
24global $CFG;
25
26/**
27 * Database connection. Used for all access to the database.
28 * @global moodle_database $DB
29 */
30global $DB;
31
32/**
33 * Moodle's wrapper round PHP's $_SESSION.
34 *
35 * @global object $SESSION
36 */
37global $SESSION;
38
39/**
40 * Holds the user table record for the current user. Will be the 'guest'
41 * user record for people who are not logged in.
42 *
43 * $USER is stored in the session.
da8759cb 44 *
735b8567 45 * Items found in the user record:
da8759cb 46 * - $USER->emailstop - Does the user want email sent to them?
47 * - $USER->email - The user's email address.
48 * - $USER->id - The unique integer identified of this user in the 'user' table.
49 * - $USER->email - The user's email address.
50 * - $USER->firstname - The user's first name.
51 * - $USER->lastname - The user's last name.
52 * - $USER->username - The user's login username.
53 * - $USER->secret - The user's ?.
54 * - $USER->lang - The user's language choice.
55 *
e1d1b796 56 * @global object $USER
da8759cb 57 */
674fb525 58global $USER;
e1d1b796 59
c13a5e71 60/**
61 * A central store of information about the current page we are
62 * generating in response to the user's request.
63 *
64 * @global moodle_page $PAGE
65 */
66global $PAGE;
67
da8759cb 68/**
e1d1b796 69 * The current course. An alias for $PAGE->course.
70 * @global object $COURSE
da8759cb 71 */
72global $COURSE;
e1d1b796 73
da8759cb 74/**
75 * $THEME is a global that defines the site theme.
76 *
77 * Items found in the theme record:
78 * - $THEME->cellheading - Cell colors.
79 * - $THEME->cellheading2 - Alternate cell colors.
80 *
e1d1b796 81 * @global object $THEME
da8759cb 82 */
83global $THEME;
f9903ed0 84
9d0dd812 85/**
e1d1b796 86 * Shared memory cache.
87 * @global object $MCACHE
88 */
89global $MCACHE;
90
91/**
92 * A global to define if the page being displayed must run under HTTPS.
6800d78e 93 *
e1d1b796 94 * Its primary goal is to allow 100% HTTPS pages when $CFG->loginhttps is enabled. Default to false.
95 * Its enabled only by the httpsrequired() function and used in some pages to update some URLs
9d0dd812 96*/
97global $HTTPSPAGEREQUIRED;
98
11e7b506 99/** Full script path including all params, slash arguments, scheme and host.*/
100global $FULLME;
e1d1b796 101
11e7b506 102/** Script path including query string and slash arguments without host. */
103global $ME;
e1d1b796 104
11e7b506 105/** $FULLME without slasharguments and query string.*/
106global $FULLSCRIPT;
e1d1b796 107
108/** Relative moodle script path '/course/view.php' */
11e7b506 109global $SCRIPT;
9d0dd812 110
36ec6afe 111 if (!isset($CFG->wwwroot)) {
a670108e 112 trigger_error('Fatal: $CFG->wwwroot is not configured! Exiting.');
36ec6afe 113 die;
114 }
75249234 115
a91b910e 116/// Detect CLI scripts - CLI scripts are executed from command line, do not have session and we do not want HTML in output
117 if (!defined('CLI_SCRIPT')) { // CLI_SCRIPT might be defined in 'fake' CLI scripts like admin/cron.php
118 if (isset($_SERVER['REMOTE_ADDR'])) {
119 define('CLI_SCRIPT', false);
120 } else {
121 define('CLI_SCRIPT', true);
122 }
123 }
124
133b5929 125/// sometimes default PHP settings are borked on shared hosting servers, I wonder why they have to do that??
126 @ini_set('precision', 14); // needed for upgrades and gradebook
127
128
a91b910e 129/// The current directory in PHP version 4.3.0 and above isn't necessarily the
130/// directory of the script when run from the command line. The require_once()
131/// would fail, so we'll have to chdir()
132 if (!isset($_SERVER['REMOTE_ADDR']) && isset($_SERVER['argv'][0])) {
133 chdir(dirname($_SERVER['argv'][0]));
134 }
135
136
220a90c5 137/// store settings from config.php in array in $CFG - we can use it later to detect problems and overrides
138 $CFG->config_php_settings = (array)$CFG;
139
9d0dd812 140/// Set httpswwwroot default value (this variable will replace $CFG->wwwroot
141/// inside some URLs used in HTTPSPAGEREQUIRED pages.
d3f9f1f8 142 $CFG->httpswwwroot = $CFG->wwwroot;
143
144 $CFG->libdir = $CFG->dirroot .'/lib';
145
146 require_once($CFG->libdir .'/setuplib.php'); // Functions that MUST be loaded first
9d0dd812 147
6800d78e
FM		 148/// Time to start counting
149 init_performance_info();
150
b8cea9b2 151
74944b73 152/// If there are any errors in the standard libraries we want to know!
346b1a24 153 error_reporting(E_ALL);
f9903ed0 154
d7196099 155/// Just say no to link prefetching (Moz prefetching, Google Web Accelerator, others)
0a194c4c 156/// http://www.google.com/webmasters/faq.html#prefetchblock
d7196099 157 if (!empty($_SERVER['HTTP_X_moz']) && $_SERVER['HTTP_X_moz'] === 'prefetch'){
6800d78e 158 header($_SERVER['SERVER_PROTOCOL'] . ' 404 Prefetch Forbidden');
d7196099 159 trigger_error('Prefetch request forbidden.');
160 exit;
161 }
162
dae73c05 163/// Define admin directory
dae73c05 164 if (!isset($CFG->admin)) { // Just in case it isn't defined in config.php
1040ea85 165 $CFG->admin = 'admin'; // This is relative to the wwwroot and dirroot
dae73c05 166 }
167
f33e1ed4 168 if (!isset($CFG->prefix)) { // Just in case it isn't defined in config.php
169 $CFG->prefix = '';
170 }
a8a71844 171
75249234 172/// Load up standard libraries
6aaa17c7 173 require_once($CFG->libdir .'/textlib.class.php'); // Functions to handle multibyte strings
93d4a373 174 require_once($CFG->libdir .'/filterlib.php'); // Functions for filtering test as it is output
175 require_once($CFG->libdir .'/ajax/ajaxlib.php'); // Functions for managing our use of JavaScript and YUI
da8759cb 176 require_once($CFG->libdir .'/weblib.php'); // Functions for producing HTML
8aff8482 177 require_once($CFG->libdir .'/dmllib.php'); // Database access
7e13be08 178 require_once($CFG->libdir .'/datalib.php'); // Legacy lib with a big-mix of functions.
c4d0753b 179 require_once($CFG->libdir .'/accesslib.php'); // Access control functions
180 require_once($CFG->libdir .'/deprecatedlib.php'); // Deprecated functions included for backward compatibility
da8759cb 181 require_once($CFG->libdir .'/moodlelib.php'); // Other general-purpose functions
93d4a373 182 require_once($CFG->libdir .'/blocklib.php'); // Library for controlling blocks
0856223c 183 require_once($CFG->libdir .'/eventslib.php'); // Events functions
13534ef7 184 require_once($CFG->libdir .'/grouplib.php'); // Groups functions
6800d78e 185 require_once($CFG->libdir .'/sessionlib.php'); // All session and cookie related stuff
5ca3c838 186 require_once($CFG->libdir .'/editorlib.php'); // All text editor related functions and classes
a4c371ec 187
7fc1a27d 188 //point pear include path to moodles lib/pear so that includes and requires will search there for files before anywhere else
189 //the problem is that we need specific version of quickforms and hacked excel files :-(
190 ini_set('include_path', $CFG->libdir.'/pear' . PATH_SEPARATOR . ini_get('include_path'));
647a1a82 191 //point zend include path to moodles lib/zend so that includes and requires will search there for files before anywhere else
192 ini_set('include_path', $CFG->libdir.'/zend' . PATH_SEPARATOR . ini_get('include_path'));
a4c371ec 193
251387d0 194/// set handler for uncought exceptions - equivalent to print_error() call
195 set_exception_handler('default_exception_handler');
196
fbf2c91e 197/// make sure PHP is not severly misconfigured
198 setup_validate_php_configuration();
199
f33e1ed4 200/// Connect to the database
201 setup_DB();
202
203/// Increase memory limits if possible
204 raise_memory_limit('96M'); // We should never NEED this much but just in case...
205
aa893d6b 206/// Disable errors for now - needed for installation when debug enabled in config.php
207 if (isset($CFG->debug)) {
208 $originalconfigdebug = $CFG->debug;
209 unset($CFG->debug);
210 } else {
211 $originalconfigdebug = -1;
212 }
213
74944b73 214/// Load up any configuration from the config table
c23b0ea1 215 try {
216 $CFG = get_config();
217 } catch (dml_read_exception $e) {
218 // most probably empty db, going to install soon
219 }
f9903ed0 220
a78bee28 221/// Verify upgrade is not running unless we are in a script that needs to execute in any case
222 if (!defined('NO_UPGRADE_CHECK') and isset($CFG->upgraderunning)) {
775f811a 223 if ($CFG->upgraderunning < time()) {
224 unset_config('upgraderunning');
225 } else {
226 print_error('upgraderunning');
227 }
228 }
229
ceff9307 230/// Turn on SQL logging if required
231 if (!empty($CFG->logsql)) {
f33e1ed4 232 $DB->set_logging(true);
ceff9307 233 }
1e3e716f 234
aa893d6b 235/// Prevent warnings from roles when upgrading with debug on
236 if (isset($CFG->debug)) {
237 $originaldatabasedebug = $CFG->debug;
238 unset($CFG->debug);
239 } else {
240 $originaldatabasedebug = -1;
6fbf8d8f 241 }
4fd7ccc0 242
243
cf8133c4 244/// For now, only needed under apache (and probably unstable in other contexts)
cf1348ca 245 if (function_exists('register_shutdown_function')) {
cf8133c4 246 register_shutdown_function('moodle_request_shutdown');
247 }
248
bac6d28a 249/// Defining the site
c23b0ea1 250 try {
251 $SITE = get_site();
252 } catch (dml_read_exception $e) {
253 $SITE = null;
254 }
255
256 if ($SITE) {
475e9de8 257 /**
258 * If $SITE global from {@link get_site()} is set then SITEID to $SITE->id, otherwise set to 1.
259 */
260 define('SITEID', $SITE->id);
508b76d9 261 /// And the 'default' course
262 $COURSE = clone($SITE); // For now. This will usually get reset later in require_login() etc.
475e9de8 263 } else {
264 /**
265 * @ignore
266 */
267 define('SITEID', 1);
508b76d9 268 /// And the 'default' course
269 $COURSE = new object; // no site created yet
270 $COURSE->id = 1;
475e9de8 271 }
475e9de8 272
7d0c81b3 273 // define SYSCONTEXTID in config.php if you want to save some queries (after install or upgrade!)
274 if (!defined('SYSCONTEXTID')) {
0ecff22d 275 get_system_context();
6dd34e93 276 }
475e9de8 277
aa893d6b 278/// Set error reporting back to normal
279 if ($originaldatabasedebug == -1) {
7eb0b60a 280 $CFG->debug = DEBUG_MINIMAL;
aa893d6b 281 } else {
282 $CFG->debug = $originaldatabasedebug;
283 }
284 if ($originalconfigdebug !== -1) {
6800d78e 285 $CFG->debug = $originalconfigdebug;
aa893d6b 286 }
287 unset($originalconfigdebug);
288 unset($originaldatabasedebug);
289 error_reporting($CFG->debug);
290
25338300 291
b3732604 292/// find out if PHP cofigured to display warnings
293 if (ini_get_bool('display_errors')) {
294 define('WARN_DISPLAY_ERRORS_ENABLED', true);
295 }
25338300 296/// If we want to display Moodle errors, then try and set PHP errors to match
6349a3ba 297 if (!isset($CFG->debugdisplay)) {
298 //keep it as is during installation
299 } else if (empty($CFG->debugdisplay)) {
25338300 300 @ini_set('display_errors', '0');
301 @ini_set('log_errors', '1');
302 } else {
303 @ini_set('display_errors', '1');
304 }
8f64ba04 305// Even when users want to see errors in the output,
306// some parts of Moodle cannot display them at all.
307// (Once we are XHTML strict compliant, debugdisplay
308// _must_ go away).
309 if (defined('MOODLE_SANE_OUTPUT')) {
310 @ini_set('display_errors', '0');
311 @ini_set('log_errors', '1');
312 }
25338300 313
7b9be84b 314/// Create the $PAGE global.
315 if (!empty($CFG->moodlepageclass)) {
316 $classname = $CFG->moodlepageclass;
317 } else {
318 $classname = 'moodle_page';
319 }
320 $PAGE = new $classname();
321 unset($classname);
322
f9955801 323/// detect unsupported upgrade jump as soon as possible - do not change anything, do not use system functions
2728a623 324 if (!empty($CFG->version) and $CFG->version < 2007101509) {
6d5a22b2 325 print_error('upgraderequires19', 'error');
f9955801 326 die;
327 }
328
419e1d93 329/// Shared-Memory cache init -- will set $MCACHE
330/// $MCACHE is a global object that offers at least add(), set() and delete()
331/// with similar semantics to the memcached PHP API http://php.net/memcache
392e7363 332/// Ensure we define rcache - so we can later check for it
333/// with a really fast and unambiguous $CFG->rcache === false
bb931a61 334 if (!empty($CFG->cachetype)) {
b1df0eb2 335 if (empty($CFG->rcache)) {
392e7363 336 $CFG->rcache = false;
337 } else {
338 $CFG->rcache = true;
339 }
340
341 // do not try to initialize if cache disabled
342 if (!$CFG->rcache) {
343 $CFG->cachetype = '';
344 }
345
bb931a61 346 if ($CFG->cachetype === 'memcached' && !empty($CFG->memcachedhosts)) {
347 if (!init_memcached()) {
348 debugging("Error initialising memcached");
0a2925be 349 $CFG->cachetype = '';
350 $CFG->rcache = false;
bb931a61 351 }
392e7363 352 } else if ($CFG->cachetype === 'eaccelerator') {
bb931a61 353 if (!init_eaccelerator()) {
354 debugging("Error initialising eaccelerator cache");
0a2925be 355 $CFG->cachetype = '';
6800d78e 356 $CFG->rcache = false;
bb931a61 357 }
358 }
392e7363 359
bb931a61 360 } else { // just make sure it is defined
361 $CFG->cachetype = '';
392e7363 362 $CFG->rcache = false;
2142d492 363 }
aa893d6b 364
0182c65c 365/// Set a default enrolment configuration (see bug 1598)
366 if (!isset($CFG->enrol)) {
a51e2a7f 367 $CFG->enrol = 'manual';
0182c65c 368 }
369
ed8365d9 370/// Set default enabled enrolment plugins
371 if (!isset($CFG->enrol_plugins_enabled)) {
372 $CFG->enrol_plugins_enabled = 'manual';
373 }
374
2e6d4273 375/// File permissions on created directories in the $CFG->dataroot
376
377 if (empty($CFG->directorypermissions)) {
378 $CFG->directorypermissions = 0777; // Must be octal (that's why it's here)
379 }
380
820743c5 381/// Calculate and set $CFG->ostype to be used everywhere. Possible values are:
382/// - WINDOWS: for any Windows flavour.
383/// - UNIX: for the rest
384/// Also, $CFG->os can continue being used if more specialization is required
323edd4b 385 if (stristr(PHP_OS, 'win') && !stristr(PHP_OS, 'darwin')) {
386 $CFG->ostype = 'WINDOWS';
387 } else {
388 $CFG->ostype = 'UNIX';
389 }
390 $CFG->os = PHP_OS;
820743c5 391
d21a5865 392/// Set up default frame target string, based on $CFG->framename
393 $CFG->frametarget = frametarget();
394
d6ead3a2 395/// Setup cache dir for Smarty and others
396 if (!file_exists($CFG->dataroot .'/cache')) {
397 make_upload_directory('cache');
398 }
399
de7e4ac9 400/// Configure ampersands in URLs
de7e4ac9 401 @ini_set('arg_separator.output', '&amp;');
402
e7aa5a88 403/// Work around for a PHP bug see MDL-11237
6800d78e 404 @ini_set('pcre.backtrack_limit', 20971520); // 20 MB
e7aa5a88 405
74944b73 406/// Location of standard files
da8759cb 407 $CFG->wordlist = $CFG->libdir .'/wordlist.txt';
408 $CFG->javascript = $CFG->libdir .'/javascript.php';
1040ea85 409 $CFG->moddata = 'moddata';
f9903ed0 410
294ce987 411/// A hack to get around magic_quotes_gpc being turned on
412/// It is strongly recommended to disable "magic_quotes_gpc"!
413 if (ini_get_bool('magic_quotes_gpc')) {
414 function stripslashes_deep($value) {
75249234 415 $value = is_array($value) ?
294ce987 416 array_map('stripslashes_deep', $value) :
417 stripslashes($value);
75249234 418 return $value;
24cc8ec9 419 }
294ce987 420 $_POST = array_map('stripslashes_deep', $_POST);
421 $_GET = array_map('stripslashes_deep', $_GET);
422 $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
423 $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
578dcc40 424 if (!empty($_SERVER['REQUEST_URI'])) {
294ce987 425 $_SERVER['REQUEST_URI'] = stripslashes($_SERVER['REQUEST_URI']);
578dcc40 426 }
427 if (!empty($_SERVER['QUERY_STRING'])) {
294ce987 428 $_SERVER['QUERY_STRING'] = stripslashes($_SERVER['QUERY_STRING']);
578dcc40 429 }
430 if (!empty($_SERVER['HTTP_REFERER'])) {
294ce987 431 $_SERVER['HTTP_REFERER'] = stripslashes($_SERVER['HTTP_REFERER']);
578dcc40 432 }
433 if (!empty($_SERVER['PATH_INFO'])) {
294ce987 434 $_SERVER['PATH_INFO'] = stripslashes($_SERVER['PATH_INFO']);
578dcc40 435 }
436 if (!empty($_SERVER['PHP_SELF'])) {
294ce987 437 $_SERVER['PHP_SELF'] = stripslashes($_SERVER['PHP_SELF']);
578dcc40 438 }
439 if (!empty($_SERVER['PATH_TRANSLATED'])) {
294ce987 440 $_SERVER['PATH_TRANSLATED'] = stripslashes($_SERVER['PATH_TRANSLATED']);
b62dff99 441 }
f98cfb53 442 }
443
444/// neutralise nasty chars in PHP_SELF
445 if (isset($_SERVER['PHP_SELF'])) {
446 $phppos = strpos($_SERVER['PHP_SELF'], '.php');
447 if ($phppos !== false) {
448 $_SERVER['PHP_SELF'] = substr($_SERVER['PHP_SELF'], 0, $phppos+4);
578dcc40 449 }
f98cfb53 450 unset($phppos);
aa6af0f8 451 }
7a302afc 452
9bda43e6 453/// initialise ME's
11e7b506 454 initialise_fullme();
f9903ed0 455
9bda43e6 456/// start session and prepare global $SESSION, $USER
457 session_get_instance();
458 $SESSION = &$_SESSION['SESSION'];
459 $USER = &$_SESSION['USER'];
460
18b9d664 461/// Load up theme variables (colours etc)
86cc3e75 462
463 if (!isset($CFG->themedir)) {
a44091bf 464 $CFG->themedir = $CFG->dirroot.'/theme';
465 $CFG->themewww = $CFG->wwwroot.'/theme';
86cc3e75 466 }
6800d78e 467 $CFG->httpsthemewww = $CFG->themewww;
86cc3e75 468
18b9d664 469 if (isset($_GET['theme'])) {
32e2b302 470 if ($CFG->allowthemechangeonurl || confirm_sesskey()) {
a44091bf 471 $themename = clean_param($_GET['theme'], PARAM_SAFEDIR);
472 if (($themename != '') and file_exists($CFG->themedir.'/'.$themename)) {
473 $SESSION->theme = $themename;
18b9d664 474 }
a44091bf 475 unset($themename);
18b9d664 476 }
477 }
478
479 if (!isset($CFG->theme)) {
34137668 480 $CFG->theme = 'standardwhite';
18b9d664 481 }
482
75249234 483/// Set language/locale of printed times. If user has chosen a language that
484/// that is different from the site language, then use the locale specified
339bb559 485/// in the language file. Otherwise, if the admin hasn't specified a locale
75249234 486/// then use the one from the default language. Otherwise (and this is the
339bb559 487/// majority of cases), use the stored locale specified by admin.
6800d78e 488 if (isset($_GET['lang']) && ($lang = clean_param($_GET['lang'], PARAM_SAFEDIR))) {
6ec7ca0f 489 if (file_exists($CFG->dataroot .'/lang/'. $lang) or file_exists($CFG->dirroot .'/lang/'. $lang)) {
32c60ce3 490 $SESSION->lang = $lang;
6800d78e 491 } else if (file_exists($CFG->dataroot.'/lang/'.$lang.'_utf8') or
748390cd 492 file_exists($CFG->dirroot .'/lang/'.$lang.'_utf8')) {
493 $SESSION->lang = $lang.'_utf8';
32c60ce3 494 }
3e9b5d5a 495 }
ab036ed9 496
497 setup_lang_from_browser();
498
6ec7ca0f 499 unset($lang);
ab036ed9 500
16ba7351 501 if (empty($CFG->lang)) {
6ec7ca0f 502 if (empty($SESSION->lang)) {
810944af 503 $CFG->lang = 'en_utf8';
6ec7ca0f 504 } else {
505 $CFG->lang = $SESSION->lang;
506 }
16ba7351 507 }
6800d78e 508
c13a5e71 509 // We used to call moodle_setlocale() and theme_setup() here, even though they
510 // would be called again from require_login or $PAGE->set_course. As an experiment
511 // I am going to try removing those calls. With luck it will help us find and
512 // fix a few bugs where scripts do not initialise thigns properly, wihtout causing
513 // too much grief.
1040ea85 514
1b813f5c 515 if (!empty($CFG->guestloginbutton)) {
516 if ($CFG->theme == 'standard' or $CFG->theme == 'standardwhite') { // Temporary measure to help with XHTML validation
517 if (isset($_SERVER['HTTP_USER_AGENT']) and empty($USER->id)) { // Allow W3CValidator in as user called w3cvalidator (or guest)
518 if ((strpos($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator') !== false) or
519 (strpos($_SERVER['HTTP_USER_AGENT'], 'Cynthia') !== false )) {
520 if ($user = get_complete_user_data("username", "w3cvalidator")) {
521 $user->ignoresesskey = true;
522 } else {
523 $user = guest_user();
524 }
525 session_set_user($user);
9610a66e 526 }
527 }
528 }
529 }
530
a559eee6 531/// Apache log intergration. In apache conf file one can use ${MOODULEUSER}n in
532/// LogFormat to get the current logged in username in moodle.
ac0b19ff 533 if ($USER && function_exists('apache_note')
20e9d26f 534 && !empty($CFG->apacheloguser) && isset($USER->username)) {
2b287cac 535 $apachelog_userid = $USER->id;
ac0b19ff 536 $apachelog_username = clean_filename($USER->username);
537 $apachelog_name = '';
538 if (isset($USER->firstname)) {
539 // We can assume both will be set
540 // - even if to empty.
541 $apachelog_name = clean_filename($USER->firstname . " " .
542 $USER->lastname);
543 }
b7b64ff2 544 if (session_is_loggedinas()) {
545 $realuser = session_get_realuser();
6132768e 546 $apachelog_username = clean_filename($realuser->username." as ".$apachelog_username);
547 $apachelog_name = clean_filename($realuser->firstname." ".$realuser->lastname ." as ".$apachelog_name);
548 $apachelog_userid = clean_filename($realuser->id." as ".$apachelog_userid);
96e19e7b 549 }
5c5c16bb 550 switch ($CFG->apacheloguser) {
551 case 3:
2b287cac 552 $logname = $apachelog_username;
5c5c16bb 553 break;
554 case 2:
2b287cac 555 $logname = $apachelog_name;
5c5c16bb 556 break;
557 case 1:
558 default:
2b287cac 559 $logname = $apachelog_userid;
5c5c16bb 560 break;
561 }
562 apache_note('MOODLEUSER', $logname);
a559eee6 563 }
564
5982740d 565/// Adjust ALLOWED_TAGS
566 adjust_allowed_tags();
567
18259d4f 568/// Use a custom script replacement if one exists
569 if (!empty($CFG->customscripts)) {
570 if (($customscript = custom_script_path()) !== false) {
2b0b32d8 571 require ($customscript);
18259d4f 572 }
573 }
574
5035228f 575 // in the first case, ip in allowed list will be performed first
576 // for example, client IP is 192.168.1.1
577 // 192.168 subnet is an entry in allowed list
d255c6e9 578 // 192.168.1.1 is banned in blocked list
5035228f 579 // This ip will be banned finally
d255c6e9 580 if (!empty($CFG->allowbeforeblock)) { // allowed list processed before blocked list?
581 if (!empty($CFG->allowedip)) {
582 if (!remoteip_in_list($CFG->allowedip)) {
583 die(get_string('ipblocked', 'admin'));
584 }
ab99c8f0 585 }
d255c6e9 586 // need further check, client ip may a part of
587 // allowed subnet, but a IP address are listed
5035228f 588 // in blocked list.
d255c6e9 589 if (!empty($CFG->blockedip)) {
590 if (remoteip_in_list($CFG->blockedip)) {
591 die(get_string('ipblocked', 'admin'));
592 }
5035228f 593 }
d255c6e9 594
5035228f 595 } else {
596 // in this case, IPs in blocked list will be performed first
597 // for example, client IP is 192.168.1.1
598 // 192.168 subnet is an entry in blocked list
d255c6e9 599 // 192.168.1.1 is allowed in allowed list
5035228f 600 // This ip will be allowed finally
d255c6e9 601 if (!empty($CFG->blockedip)) {
602 if (remoteip_in_list($CFG->blockedip)) {
603 // if the allowed ip list is not empty
604 // IPs are not included in the allowed list will be
605 // blocked too
606 if (!empty($CFG->allowedip)) {
607 if (!remoteip_in_list($CFG->allowedip)) {
608 die(get_string('ipblocked', 'admin'));
609 }
610 } else {
611 die(get_string('ipblocked', 'admin'));
612 }
613 }
5035228f 614 }
d255c6e9 615 // if blocked list is null
616 // allowed list should be tested
617 if(!empty($CFG->allowedip)) {
618 if (!remoteip_in_list($CFG->allowedip)) {
619 die(get_string('ipblocked', 'admin'));
620 }
5035228f 621 }
d255c6e9 622
ab99c8f0 623 }
624
810944af 625/// note: we can not block non utf-8 installatrions here, because empty mysql database
626/// might be converted to utf-8 in admin/index.php during installation
d3f9f1f8 627?>
Moodle official production repository