Changed things to be simpler, using new functions in moodlelib.php
[moodle.git] / login / index.php
CommitLineData
9a58f7cb 1<?php // $Id$
b0e3a925 2
3 require_once("../config.php");
fe657136 4 optional_variable($loginguest, false); // determines whether visitors are logged in as guest automatically
f9903ed0 5
a9b07c52 6 // Check if the guest user exists. If not, create one.
7 if (! record_exists("user", "username", "guest")) {
4e11ad4f 8 $guest->auth = "manual";
a9b07c52 9 $guest->username = "guest";
10 $guest->password = md5("guest");
b95c3ab8 11 $guest->firstname = addslashes(get_string("guestuser"));
cf38360f 12 $guest->lastname = " ";
a9b07c52 13 $guest->email = "root@localhost";
b95c3ab8 14 $guest->description = addslashes(get_string("guestuserinfo"));
a9b07c52 15 $guest->confirmed = 1;
ad6c33dc 16 $guest->lang = $CFG->lang;
a9b07c52 17 $guest->timemodified= time();
18
19 if (! $guest->id = insert_record("user", $guest)) {
20 notify("Could not create guest user record !!!");
21 }
22 }
da79d75d 23
24 if ($CFG->auth == 'cas' && !empty($CFG->cas_enabled)) {
25 require($CFG->dirroot.'/auth/cas/login.php');
26 }
089b19f6 27
28 //Define variables used in page
29 if (!$site = get_site()) {
30 error("No site found!");
31 }
32
33 if (empty($CFG->langmenu)) {
34 $langmenu = "";
35 } else {
36 $currlang = current_language();
37 $langs = get_list_of_languages();
38 if (empty($CFG->loginhttps)) {
39 $wwwroot = $CFG->wwwroot;
40 } else {
41 $wwwroot = str_replace('http','https',$CFG->wwwroot);
42 }
43 $langmenu = popup_form ("$wwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
44 }
45
46 $loginsite = get_string("loginsite");
47
d9969553 48 $loginurl = (!empty($CFG->alternateloginurl)) ? $CFG->alternateloginurl : '';
a9b07c52 49
d00377f5 50 $frm = false;
0e8a3f25 51 $user = false;
e06f15ae 52 if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) {
d00377f5 53 /// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
e06f15ae 54 $frm->username = 'guest';
55 $frm->password = 'guest';
56 } else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) {
57 // Handles the case of another Moodle site linking into a page on this site
58 include($CFG->dirroot.'/login/weblinkauth.php');
0e8a3f25 59 if (function_exists(weblink_auth)) {
60 $user = weblink_auth($SESSION->wantsurl);
61 }
62 if ($user) {
63 $frm->username = $user->username;
64 } else {
d9969553 65 $frm = data_submitted($loginurl);
0e8a3f25 66 }
d00377f5 67 } else {
d9969553 68 $frm = data_submitted($loginurl);
d00377f5 69 }
a9b07c52 70
792197b0 71 if ($frm and (get_moodle_cookie() == '')) { // Login without cookie
72
73 $errormsg = get_string("cookiesnotenabled");
74
30b88cb7 75 } else if ($frm) { // Login WITH cookies
792197b0 76
1e22bc9c 77 $frm->username = trim(moodle_strtolower($frm->username));
cf5560fb 78
79 if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
80 $user = false; /// Can't log in as guest if guest button is disabled
81 $frm = false;
0e8a3f25 82 } else if (!$user) {
cf5560fb 83 $user = authenticate_user_login($frm->username, $frm->password);
84 }
bee00f48 85 update_login_count();
f9903ed0 86
87 if ($user) {
88 if (! $user->confirmed ) { // they never confirmed via email
fa0626c6 89 print_header(get_string("mustconfirm"), get_string("mustconfirm") );
6bebcf8d 90 print_heading(get_string("mustconfirm"));
91 print_simple_box(get_string("emailconfirmsent", "", $user->email), "center");
8553b700 92 print_footer();
f9903ed0 93 die;
94 }
c21c671d 95
f9903ed0 96 $USER = $user;
dfa1fbac 97 if (!empty($USER->description)) {
1a33f699 98 $USER->description = true; // No need to cart all of it around
dfa1fbac 99 }
f9903ed0 100 $USER->loggedin = true;
1a33f699 101 $USER->site = $CFG->wwwroot; // for added security, store the site in the session
04280e85 102 sesskey(); // for added security, used to check script parameters
1a33f699 103
fcf8e836 104 if ($USER->username == "guest") {
801e1f0a 105 $USER->lang = $CFG->lang; // Guest language always same as site
106 $USER->firstname = get_string("guestuser"); // Name always in current language
4f3d1a63 107 $USER->lastname = " ";
910d1731 108 }
f9903ed0 109
f9903ed0 110 if (!update_user_login_times()) {
111 error("Wierd error: could not update login records");
112 }
8223d271 113
bee00f48 114 set_moodle_cookie($USER->username);
f9903ed0 115
28e30091 116 unset($SESSION->lang);
e1f96c23 117 unset($SESSION->encoding);
118
553201b5 119 $SESSION->justloggedin = true;
e1f96c23 120 $SESSION->encoding = get_string('thischarset');
28e30091 121
054193be 122 // Restore the calendar filters, if saved
123 if(intval(get_user_preferences('calendar_persistflt', 0))) {
124 include_once($CFG->dirroot.'/calendar/lib.php');
125 calendar_set_filters_status(get_user_preferences('calendar_savedflt', 0xff));
126 }
127
089b19f6 128 //Select password change url
129 if (is_internal_auth() || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){
130 $passwordchangeurl=$CFG->wwwroot.'/login/change_password.php';
131 } elseif($CFG->changepassword) {
132 $passwordchangeurl=$CFG->changepassword;
133 }
134
135
d35757eb 136 // check whether the user should be changing password
7692b114 137 if (get_user_preferences('auth_forcepasswordchange', false)){
089b19f6 138 if (isset($passwordchangeurl)) {
139 redirect($passwordchangeurl);
d35757eb 140 } else {
141 error("You cannot proceed without changing your password.
142 However there is no available page for changing it.
143 Please contact your Moodle Administrator.");
144 }
145 }
146
089b19f6 147
bcdcbccc 148 add_to_log(SITEID, "user", "login", "view.php?id=$user->id&course=".SITEID, $user->id, 0, $user->id);
e06f15ae 149
808a3baa 150 if (user_not_fully_set_up($USER)) {
089b19f6 151 $urltogo = $CFG->wwwroot.'/user/edit.php?id='.$USER->id.'&amp;course='.SITEID;
e06f15ae 152 // We don't delete $SESSION->wantsurl yet, so we get there later
808a3baa 153
e06f15ae 154 } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) {
155 $urltogo = $SESSION->wantsurl; /// Because it's an address in this site
156 unset($SESSION->wantsurl);
808a3baa 157
bee00f48 158 } else {
089b19f6 159 $urltogo = $CFG->wwwroot.'/'; /// Go to the standard home page
e06f15ae 160 unset($SESSION->wantsurl); /// Just in case
bee00f48 161 }
089b19f6 162
163 // check if user password has expired
164 // Currently supported only for ldap-authentication module
165 if (isset($CFG->ldap_expiration) && $CFG->ldap_expiration == 1 ) {
166 if (function_exists('auth_password_expire')){
167 $days2expire = auth_password_expire($USER->username);
168 if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) {
169 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
170 notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
171 print_footer();
172 exit;
173 } elseif (intval($days2expire) < 0 ) {
174 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
175 notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
176 print_footer();
177 exit;
178 }
179 }
180 }
181
bee00f48 182 reset_login_count();
f9903ed0 183
bcdcbccc 184 redirect($urltogo);
185
e06f15ae 186 exit;
f9903ed0 187
188 } else {
fa0626c6 189 $errormsg = get_string("invalidlogin");
f9903ed0 190 }
191 }
8223d271 192
f9903ed0 193
d9969553 194/// We need to show a login form
195
196/// First, let's remember where the user was trying to get to before they got here
9c9f7d77 197
f9903ed0 198 if (empty($SESSION->wantsurl)) {
ed90bc47 199 $SESSION->wantsurl = array_key_exists('HTTP_REFERER',$_SERVER) ? $_SERVER["HTTP_REFERER"] : $CFG->wwwroot;
f9903ed0 200 }
792197b0 201
d9969553 202 if (!empty($loginurl)) { // We don't want the standard forms, go elsewhere
203 redirect($loginurl);
204 }
205
206
207/// Generate the login page
208
209 if (empty($errormsg)) {
210 $errormsg = '';
211 }
212
792197b0 213 if (get_moodle_cookie() == '') {
214 set_moodle_cookie('nobody'); // To help search for cookies
215 }
f9903ed0 216
9c9f7d77 217 if (empty($frm->username)) {
792197b0 218 $frm->username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();
9c9f7d77 219 $frm->password = "";
220 }
f9903ed0 221
9c9f7d77 222 if (!empty($frm->username)) {
a46b14ef 223 $focus = "login.password";
f9903ed0 224 } else {
a46b14ef 225 $focus = "login.username";
f9903ed0 226 }
35a48c9a 227
5f2c35db 228 if ($CFG->auth == "email" or $CFG->auth == "none" or chop($CFG->auth_instructions) <> "" ) {
35a48c9a 229 $show_instructions = true;
230 } else {
231 $show_instructions = false;
232 }
5b2ae584 233
d9969553 234 print_header("$site->fullname: $loginsite", $site->fullname, $loginsite, $focus,
235 '', true, '<div class="langmenu" align="right">'.$langmenu.'</div>');
236
f9903ed0 237 include("index_form.html");
238
d9969553 239 print_footer();
f9903ed0 240
f9903ed0 241
f9903ed0 242?>