Merging fix for bug 2264 & improvements from MOODLE_14_STABLE
[moodle.git] / login / index.php
CommitLineData
9a58f7cb 1<?php // $Id$
b0e3a925 2
3 require_once("../config.php");
fe657136 4 optional_variable($loginguest, false); // determines whether visitors are logged in as guest automatically
f9903ed0 5
a9b07c52 6 // Check if the guest user exists. If not, create one.
7 if (! record_exists("user", "username", "guest")) {
4e11ad4f 8 $guest->auth = "manual";
a9b07c52 9 $guest->username = "guest";
10 $guest->password = md5("guest");
b95c3ab8 11 $guest->firstname = addslashes(get_string("guestuser"));
cf38360f 12 $guest->lastname = " ";
a9b07c52 13 $guest->email = "root@localhost";
b95c3ab8 14 $guest->description = addslashes(get_string("guestuserinfo"));
a9b07c52 15 $guest->confirmed = 1;
ad6c33dc 16 $guest->lang = $CFG->lang;
a9b07c52 17 $guest->timemodified= time();
18
19 if (! $guest->id = insert_record("user", $guest)) {
20 notify("Could not create guest user record !!!");
21 }
22 }
089b19f6 23
24 //Define variables used in page
25 if (!$site = get_site()) {
26 error("No site found!");
27 }
28
29 if (empty($CFG->langmenu)) {
30 $langmenu = "";
31 } else {
32 $currlang = current_language();
33 $langs = get_list_of_languages();
34 if (empty($CFG->loginhttps)) {
35 $wwwroot = $CFG->wwwroot;
36 } else {
37 $wwwroot = str_replace('http','https',$CFG->wwwroot);
38 }
39 $langmenu = popup_form ("$wwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
40 }
41
42 $loginsite = get_string("loginsite");
43
a9b07c52 44
d00377f5 45 $frm = false;
fe657136 46 if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,"username=guest")) or $loginguest) {
d00377f5 47 /// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
48 $frm->username = "guest";
49 $frm->password = "guest";
50 } else {
51 $frm = data_submitted();
52 }
a9b07c52 53
792197b0 54 if ($frm and (get_moodle_cookie() == '')) { // Login without cookie
55
56 $errormsg = get_string("cookiesnotenabled");
57
30b88cb7 58 } else if ($frm) { // Login WITH cookies
792197b0 59
1e22bc9c 60 $frm->username = trim(moodle_strtolower($frm->username));
cf5560fb 61
62 if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
63 $user = false; /// Can't log in as guest if guest button is disabled
64 $frm = false;
65 } else {
66 $user = authenticate_user_login($frm->username, $frm->password);
67 }
bee00f48 68 update_login_count();
f9903ed0 69
70 if ($user) {
71 if (! $user->confirmed ) { // they never confirmed via email
fa0626c6 72 print_header(get_string("mustconfirm"), get_string("mustconfirm") );
6bebcf8d 73 print_heading(get_string("mustconfirm"));
74 print_simple_box(get_string("emailconfirmsent", "", $user->email), "center");
8553b700 75 print_footer();
f9903ed0 76 die;
77 }
c21c671d 78
f9903ed0 79 $USER = $user;
dfa1fbac 80 if (!empty($USER->description)) {
1a33f699 81 $USER->description = true; // No need to cart all of it around
dfa1fbac 82 }
f9903ed0 83 $USER->loggedin = true;
1a33f699 84 $USER->site = $CFG->wwwroot; // for added security, store the site in the session
85 set_user_sesskey(); // for added security, used to check script parameters
86
fcf8e836 87 if ($USER->username == "guest") {
801e1f0a 88 $USER->lang = $CFG->lang; // Guest language always same as site
89 $USER->firstname = get_string("guestuser"); // Name always in current language
4f3d1a63 90 $USER->lastname = " ";
910d1731 91 }
f9903ed0 92
f9903ed0 93 if (!update_user_login_times()) {
94 error("Wierd error: could not update login records");
95 }
8223d271 96
bee00f48 97 set_moodle_cookie($USER->username);
f9903ed0 98
9698bf15 99 $wantsurl = $SESSION->wantsurl;
100
101 unset($SESSION->wantsurl);
28e30091 102 unset($SESSION->lang);
553201b5 103 $SESSION->justloggedin = true;
28e30091 104
089b19f6 105 //Select password change url
106 if (is_internal_auth() || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){
107 $passwordchangeurl=$CFG->wwwroot.'/login/change_password.php';
108 } elseif($CFG->changepassword) {
109 $passwordchangeurl=$CFG->changepassword;
110 }
111
112
d35757eb 113 // check whether the user should be changing password
7692b114 114 if (get_user_preferences('auth_forcepasswordchange', false)){
089b19f6 115 if (isset($passwordchangeurl)) {
116 redirect($passwordchangeurl);
d35757eb 117 } else {
118 error("You cannot proceed without changing your password.
119 However there is no available page for changing it.
120 Please contact your Moodle Administrator.");
121 }
122 }
123
089b19f6 124
bcdcbccc 125 add_to_log(SITEID, "user", "login", "view.php?id=$user->id&course=".SITEID, $user->id, 0, $user->id);
089b19f6 126
808a3baa 127 if (user_not_fully_set_up($USER)) {
089b19f6 128 $urltogo = $CFG->wwwroot.'/user/edit.php?id='.$USER->id.'&amp;course='.SITEID;
808a3baa 129
9698bf15 130 } else if (strpos($wantsurl, $CFG->wwwroot) === 0) { /// Matches site address
089b19f6 131 $urltogo = $wantsurl;
808a3baa 132
bee00f48 133 } else {
089b19f6 134 $urltogo = $CFG->wwwroot.'/'; /// Go to the standard home page
bee00f48 135 }
089b19f6 136
137 // check if user password has expired
138 // Currently supported only for ldap-authentication module
139 if (isset($CFG->ldap_expiration) && $CFG->ldap_expiration == 1 ) {
140 if (function_exists('auth_password_expire')){
141 $days2expire = auth_password_expire($USER->username);
142 if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) {
143 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
144 notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
145 print_footer();
146 exit;
147 } elseif (intval($days2expire) < 0 ) {
148 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
149 notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
150 print_footer();
151 exit;
152 }
153 }
154 }
155
bee00f48 156 reset_login_count();
f9903ed0 157
bcdcbccc 158 redirect($urltogo);
159
f9903ed0 160 die;
161
162 } else {
fa0626c6 163 $errormsg = get_string("invalidlogin");
f9903ed0 164 }
165 }
8223d271 166
f9903ed0 167
9c9f7d77 168 if (empty($errormsg)) {
169 $errormsg = "";
170 }
171
f9903ed0 172 if (empty($SESSION->wantsurl)) {
ed90bc47 173 $SESSION->wantsurl = array_key_exists('HTTP_REFERER',$_SERVER) ? $_SERVER["HTTP_REFERER"] : $CFG->wwwroot;
f9903ed0 174 }
792197b0 175
176 if (get_moodle_cookie() == '') {
177 set_moodle_cookie('nobody'); // To help search for cookies
178 }
f9903ed0 179
9c9f7d77 180 if (empty($frm->username)) {
792197b0 181 $frm->username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();
9c9f7d77 182 $frm->password = "";
183 }
f9903ed0 184
9c9f7d77 185 if (!empty($frm->username)) {
a46b14ef 186 $focus = "login.password";
f9903ed0 187 } else {
a46b14ef 188 $focus = "login.username";
f9903ed0 189 }
35a48c9a 190
5f2c35db 191 if ($CFG->auth == "email" or $CFG->auth == "none" or chop($CFG->auth_instructions) <> "" ) {
35a48c9a 192 $show_instructions = true;
193 } else {
194 $show_instructions = false;
195 }
f9903ed0 196
9a58f7cb 197 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
f9903ed0 198 include("index_form.html");
8553b700 199 print_footer();
f9903ed0 200
201 exit;
202
203 // No footer on this page
204
f9903ed0 205?>