Merge branch 'wip-MDL-37983-master' of git://github.com/abgreeve/moodle
[moodle.git] / login / index.php
CommitLineData
8570cff0 1<?php
2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18/**
c30949a9 19 * Main login page.
8570cff0 20 *
c30949a9
PS
21 * @package core
22 * @subpackage auth
23 * @copyright 1999 onwards Martin Dougiamas http://dougiamas.com
24 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
8570cff0 25 */
26
c30949a9 27require('../config.php');
8570cff0 28
29redirect_if_major_upgrade_required();
30
8a8f1c7c 31$testsession = optional_param('testsession', 0, PARAM_INT); // test session works properly
3354eb8c
PS
32$cancel = optional_param('cancel', 0, PARAM_BOOL); // redirect to frontpage, needed for loginhttps
33
34if ($cancel) {
35 redirect(new moodle_url('/'));
36}
8570cff0 37
17c70aa0
PS
38//HTTPS is required in this page when $CFG->loginhttps enabled
39$PAGE->https_required();
c30949a9 40
a689cd1d 41$context = context_system::instance();
c30949a9
PS
42$PAGE->set_url("$CFG->httpswwwroot/login/index.php");
43$PAGE->set_context($context);
191b267b 44$PAGE->set_pagelayout('login');
d529807a 45
f716d0dd 46/// Initialize variables
8570cff0 47$errormsg = '';
48$errorcode = 0;
3e5c8474 49
8a8f1c7c
PS
50// login page requested session test
51if ($testsession) {
52 if ($testsession == $USER->id) {
53 if (isset($SESSION->wantsurl)) {
54 $urltogo = $SESSION->wantsurl;
55 } else {
56 $urltogo = $CFG->wwwroot.'/';
57 }
58 unset($SESSION->wantsurl);
59 redirect($urltogo);
60 } else {
61 // TODO: try to find out what is the exact reason why sessions do not work
62 $errormsg = get_string("cookiesnotenabled");
63 $errorcode = 1;
64 }
65}
66
1c6932d8 67/// Check for timed out sessions
8570cff0 68if (!empty($SESSION->has_timed_out)) {
69 $session_has_timed_out = true;
70 unset($SESSION->has_timed_out);
71} else {
72 $session_has_timed_out = false;
73}
1c6932d8 74
099f393f 75/// auth plugins may override these - SSO anyone?
8570cff0 76$frm = false;
77$user = false;
6bc1e5d5 78
8570cff0 79$authsequence = get_enabled_auth_plugins(true); // auths, in sequence
80foreach($authsequence as $authname) {
81 $authplugin = get_auth_plugin($authname);
82 $authplugin->loginpage_hook();
83}
6bc1e5d5 84
244a32c6 85
a718d872 86/// Define variables used in page
3f77c158 87$site = get_site();
8570cff0 88
8570cff0 89$loginsite = get_string("loginsite");
90$PAGE->navbar->add($loginsite);
91
f23a1761
PS
92if ($user !== false or $frm !== false or $errormsg !== '') {
93 // some auth plugin already supplied full user, fake form data or prevented user login with error message
8570cff0 94
8570cff0 95} else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) {
96 // Handles the case of another Moodle site linking into a page on this site
97 //TODO: move weblink into own auth plugin
98 include($CFG->dirroot.'/login/weblinkauth.php');
99 if (function_exists('weblink_auth')) {
100 $user = weblink_auth($SESSION->wantsurl);
089b19f6 101 }
8570cff0 102 if ($user) {
103 $frm->username = $user->username;
d00377f5 104 } else {
294ce987 105 $frm = data_submitted();
d00377f5 106 }
a9b07c52 107
8570cff0 108} else {
109 $frm = data_submitted();
110}
111
a718d872 112/// Check if the user has actually submitted login data to us
113
8a8f1c7c 114if ($frm and isset($frm->username)) { // Login WITH cookies
792197b0 115
6f3451e5 116 $frm->username = trim(textlib::strtolower($frm->username));
cf5560fb 117
79604225 118 if (is_enabled_auth('none') ) {
6b8ad965 119 if ($frm->username !== clean_param($frm->username, PARAM_USERNAME)) {
50256f9c 120 $errormsg = get_string('username').': '.get_string("invalidusername");
8570cff0 121 $errorcode = 2;
8570cff0 122 $user = null;
05b18caf 123 }
8570cff0 124 }
05b18caf 125
8570cff0 126 if ($user) {
127 //user already supplied by aut plugin prelogin hook
128 } else if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
129 $user = false; /// Can't log in as guest if guest button is disabled
130 $frm = false;
131 } else {
132 if (empty($errormsg)) {
133 $user = authenticate_user_login($frm->username, $frm->password);
cf5560fb 134 }
8570cff0 135 }
e58269e4
EL
136
137 // Intercept 'restored' users to provide them with info & reset password
138 if (!$user and $frm and is_restored_user($frm->username)) {
139 $PAGE->set_title(get_string('restoredaccount'));
140 $PAGE->set_heading($site->fullname);
141 echo $OUTPUT->header();
142 echo $OUTPUT->heading(get_string('restoredaccount'));
143 echo $OUTPUT->box(get_string('restoredaccountinfo'), 'generalbox boxaligncenter');
144 require_once('restored_password_form.php'); // Use our "supplanter" login_forgot_password_form. MDL-20846
145 $form = new login_forgot_password_form('forgot_password.php', array('username' => $frm->username));
146 $form->display();
147 echo $OUTPUT->footer();
148 die;
149 }
150
8570cff0 151 if ($user) {
a718d872 152
8570cff0 153 // language setup
b3df1764 154 if (isguestuser($user)) {
8570cff0 155 // no predefined language for guests - use existing session or default site lang
156 unset($user->lang);
18ceee5c 157
8570cff0 158 } else if (!empty($user->lang)) {
159 // unset previous session language - use user preference instead
160 unset($SESSION->lang);
161 }
18ceee5c 162
8570cff0 163 if (empty($user->confirmed)) { // This account was never confirmed
164 $PAGE->set_title(get_string("mustconfirm"));
e58269e4 165 $PAGE->set_heading($site->fullname);
8570cff0 166 echo $OUTPUT->header();
167 echo $OUTPUT->heading(get_string("mustconfirm"));
168 echo $OUTPUT->box(get_string("emailconfirmsent", "", $user->email), "generalbox boxaligncenter");
169 echo $OUTPUT->footer();
170 die;
171 }
c21c671d 172
8570cff0 173 /// Let's get them all set up.
174 add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID,
175 $user->id, 0, $user->id);
0342fc36
PS
176 complete_user_login($user);
177
178 // sets the username cookie
179 if (!empty($CFG->nolastloggedin)) {
180 // do not store last logged in user in cookie
181 // auth plugins can temporarily override this from loginpage_hook()
182 // do not save $CFG->nolastloggedin in database!
183
184 } else if (empty($CFG->rememberusername) or ($CFG->rememberusername == 2 and empty($frm->rememberusername))) {
185 // no permanent cookies, delete old one if exists
186 set_moodle_cookie('');
187
188 } else {
189 set_moodle_cookie($USER->username);
190 }
e06f15ae 191
8570cff0 192 /// Prepare redirection
193 if (user_not_fully_set_up($USER)) {
194 $urltogo = $CFG->wwwroot.'/user/edit.php';
195 // We don't delete $SESSION->wantsurl yet, so we get there later
808a3baa 196
b792a64a 197 } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0 or strpos($SESSION->wantsurl, str_replace('http://', 'https://', $CFG->wwwroot)) === 0)) {
8570cff0 198 $urltogo = $SESSION->wantsurl; /// Because it's an address in this site
199 unset($SESSION->wantsurl);
808a3baa 200
8570cff0 201 } else {
202 // no wantsurl stored or external - go to homepage
203 $urltogo = $CFG->wwwroot.'/';
204 unset($SESSION->wantsurl);
03ee0c39 205 }
1f48cd28 206
03ee0c39
AG
207 // If the url to go to is the same as the site page, check for default homepage.
208 if ($urltogo == ($CFG->wwwroot . '/')) {
5a3f67af
AG
209 $home_page = get_home_page();
210 // Go to my-moodle page instead of site homepage if defaulthomepage set to homepage_my
211 if ($home_page == HOMEPAGE_MY && !is_siteadmin() && !isguestuser()) {
212 if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
213 $urltogo = $CFG->wwwroot.'/my/';
214 }
bee00f48 215 }
8570cff0 216 }
089b19f6 217
8570cff0 218 /// check if user password has expired
219 /// Currently supported only for ldap-authentication module
220 $userauth = get_auth_plugin($USER->auth);
221 if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
222 if ($userauth->can_change_password()) {
223 $passwordchangeurl = $userauth->change_password_url();
99f9f85f 224 if (!$passwordchangeurl) {
e6d4c2f8 225 $passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
226 }
8570cff0 227 } else {
228 $passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
229 }
230 $days2expire = $userauth->password_expire($USER->username);
231 $PAGE->set_title("$site->fullname: $loginsite");
232 $PAGE->set_heading("$site->fullname");
8570cff0 233 if (intval($days2expire) > 0 && intval($days2expire) < intval($userauth->config->expiration_warning)) {
234 echo $OUTPUT->header();
235 echo $OUTPUT->confirm(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
236 echo $OUTPUT->footer();
237 exit;
238 } elseif (intval($days2expire) < 0 ) {
239 echo $OUTPUT->header();
240 echo $OUTPUT->confirm(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
241 echo $OUTPUT->footer();
242 exit;
089b19f6 243 }
8570cff0 244 }
089b19f6 245
8a8f1c7c
PS
246 // test the session actually works by redirecting to self
247 $SESSION->wantsurl = $urltogo;
248 redirect(new moodle_url(get_login_url(), array('testsession'=>$USER->id)));
f3d3f3e8 249
8570cff0 250 } else {
251 if (empty($errormsg)) {
252 $errormsg = get_string("invalidlogin");
253 $errorcode = 3;
254 }
f9903ed0 255 }
8570cff0 256}
8223d271 257
4acffa49 258/// Detect problems with timedout sessions
8570cff0 259if ($session_has_timed_out and !data_submitted()) {
260 $errormsg = get_string('sessionerroruser', 'error');
261 $errorcode = 4;
262}
d9969553 263
264/// First, let's remember where the user was trying to get to before they got here
9c9f7d77 265
8570cff0 266if (empty($SESSION->wantsurl)) {
267 $SESSION->wantsurl = (array_key_exists('HTTP_REFERER',$_SERVER) &&
268 $_SERVER["HTTP_REFERER"] != $CFG->wwwroot &&
269 $_SERVER["HTTP_REFERER"] != $CFG->wwwroot.'/' &&
270 $_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/' &&
271 $_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/index.php')
272 ? $_SERVER["HTTP_REFERER"] : NULL;
273}
792197b0 274
4acffa49 275/// Redirect to alternative login URL if needed
8570cff0 276if (!empty($CFG->alternateloginurl)) {
277 $loginurl = $CFG->alternateloginurl;
4acffa49 278
8570cff0 279 if (strpos($SESSION->wantsurl, $loginurl) === 0) {
280 //we do not want to return to alternate url
281 $SESSION->wantsurl = NULL;
792197b0 282 }
f3d3f3e8 283
8570cff0 284 if ($errorcode) {
285 if (strpos($loginurl, '?') === false) {
286 $loginurl .= '?';
450dcc60 287 } else {
8570cff0 288 $loginurl .= '&';
450dcc60 289 }
8570cff0 290 $loginurl .= 'errorcode='.$errorcode;
9c9f7d77 291 }
f3d3f3e8 292
8570cff0 293 redirect($loginurl);
294}
3fe6b721 295
17c70aa0
PS
296// make sure we really are on the https page when https login required
297$PAGE->verify_https_required();
5b2ae584 298
8570cff0 299/// Generate the login page with forms
d9969553 300
b85b25eb
PS
301if (!isset($frm) or !is_object($frm)) {
302 $frm = new stdClass();
303}
304
8570cff0 305if (empty($frm->username) && $authsequence[0] != 'shibboleth') { // See bug 5184
306 if (!empty($_GET["username"])) {
78fcdb5f 307 $frm->username = clean_param($_GET["username"], PARAM_RAW); // we do not want data from _POST here
8570cff0 308 } else {
0342fc36 309 $frm->username = get_moodle_cookie();
8570cff0 310 }
f9903ed0 311
8570cff0 312 $frm->password = "";
313}
314
315if (!empty($frm->username)) {
316 $focus = "password";
317} else {
318 $focus = "username";
319}
320
321if (!empty($CFG->registerauth) or is_enabled_auth('none') or !empty($CFG->auth_instructions)) {
322 $show_instructions = true;
323} else {
324 $show_instructions = false;
325}
326
b257d7c4
PL
327$potentialidps = array();
328foreach($authsequence as $authname) {
329 $authplugin = get_auth_plugin($authname);
330 $potentialidps = array_merge($potentialidps, $authplugin->loginpage_idp_list($SESSION->wantsurl));
331}
332
8570cff0 333$PAGE->set_title("$site->fullname: $loginsite");
334$PAGE->set_heading("$site->fullname");
8570cff0 335
336echo $OUTPUT->header();
e81fb5ef
PS
337
338if (isloggedin() and !isguestuser()) {
339 // prevent logging when already logged in, we do not want them to relogin by accident because sesskey would be changed
340 echo $OUTPUT->box_start();
3354eb8c
PS
341 $logout = new single_button(new moodle_url($CFG->httpswwwroot.'/login/logout.php', array('sesskey'=>sesskey(),'loginpage'=>1)), get_string('logout'), 'post');
342 $continue = new single_button(new moodle_url($CFG->httpswwwroot.'/login/index.php', array('cancel'=>1)), get_string('cancel'), 'get');
e81fb5ef
PS
343 echo $OUTPUT->confirm(get_string('alreadyloggedin', 'error', fullname($USER)), $logout, $continue);
344 echo $OUTPUT->box_end();
345} else {
346 include("index_form.html");
c316c394
RW
347 if ($errormsg) {
348 $PAGE->requires->js_init_call('M.util.focus_login_error', null, true);
349 } else if (!empty($CFG->loginpageautofocus)) {
2d16dad0
PS
350 //focus username or password
351 $PAGE->requires->js_init_call('M.util.focus_login_form', null, true);
352 }
e81fb5ef
PS
353}
354
6c3ef410 355echo $OUTPUT->footer();