[moodle.git] / login / index.php

<?php

// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

/**
 * Main login page.
 *
 * @package    core
 * @subpackage auth
 * @copyright  1999 onwards Martin Dougiamas  http://dougiamas.com
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */

require('../config.php');

redirect_if_major_upgrade_required();

$testsession = optional_param('testsession', 0, PARAM_INT); // test session works properly
$cancel      = optional_param('cancel', 0, PARAM_BOOL);      // redirect to frontpage, needed for loginhttps

if ($cancel) {
    redirect(new moodle_url('/'));
}

//HTTPS is required in this page when $CFG->loginhttps enabled
$PAGE->https_required();

$context = get_context_instance(CONTEXT_SYSTEM);
$PAGE->set_url("$CFG->httpswwwroot/login/index.php");
$PAGE->set_context($context);
$PAGE->set_pagelayout('login');

/// Initialize variables
$errormsg = '';
$errorcode = 0;

// login page requested session test
if ($testsession) {
    if ($testsession == $USER->id) {
        if (isset($SESSION->wantsurl)) {
            $urltogo = $SESSION->wantsurl;
        } else {
            $urltogo = $CFG->wwwroot.'/';
        }
        unset($SESSION->wantsurl);
        redirect($urltogo);
    } else {
        // TODO: try to find out what is the exact reason why sessions do not work
        $errormsg = get_string("cookiesnotenabled");
        $errorcode = 1;
    }
}

/// Check for timed out sessions
if (!empty($SESSION->has_timed_out)) {
    $session_has_timed_out = true;
    unset($SESSION->has_timed_out);
} else {
    $session_has_timed_out = false;
}

/// auth plugins may override these - SSO anyone?
$frm  = false;
$user = false;

$authsequence = get_enabled_auth_plugins(true); // auths, in sequence
foreach($authsequence as $authname) {
    $authplugin = get_auth_plugin($authname);
    $authplugin->loginpage_hook();
}


/// Define variables used in page
$site = get_site();

$loginsite = get_string("loginsite");
$PAGE->navbar->add($loginsite);

if ($user !== false or $frm !== false or $errormsg !== '') {
    // some auth plugin already supplied full user, fake form data or prevented user login with error message

} else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) {
    // Handles the case of another Moodle site linking into a page on this site
    //TODO: move weblink into own auth plugin
    include($CFG->dirroot.'/login/weblinkauth.php');
    if (function_exists('weblink_auth')) {
        $user = weblink_auth($SESSION->wantsurl);
    }
    if ($user) {
        $frm->username = $user->username;
    } else {
        $frm = data_submitted();
    }

} else {
    $frm = data_submitted();
}

/// Check if the user has actually submitted login data to us

if ($frm and isset($frm->username)) {                             // Login WITH cookies

    $frm->username = trim(moodle_strtolower($frm->username));

    if (is_enabled_auth('none') ) {
        if ($frm->username !== clean_param($frm->username, PARAM_USERNAME)) {
            $errormsg = get_string('username').': '.get_string("invalidusername");
            $errorcode = 2;
            $user = null;
        }
    }

    if ($user) {
        //user already supplied by aut plugin prelogin hook
    } else if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
        $user = false;    /// Can't log in as guest if guest button is disabled
        $frm = false;
    } else {
        if (empty($errormsg)) {
            $user = authenticate_user_login($frm->username, $frm->password);
        }
    }

    // Intercept 'restored' users to provide them with info & reset password
    if (!$user and $frm and is_restored_user($frm->username)) {
        $PAGE->set_title(get_string('restoredaccount'));
        $PAGE->set_heading($site->fullname);
        echo $OUTPUT->header();
        echo $OUTPUT->heading(get_string('restoredaccount'));
        echo $OUTPUT->box(get_string('restoredaccountinfo'), 'generalbox boxaligncenter');
        require_once('restored_password_form.php'); // Use our "supplanter" login_forgot_password_form. MDL-20846
        $form = new login_forgot_password_form('forgot_password.php', array('username' => $frm->username));
        $form->display();
        echo $OUTPUT->footer();
        die;
    }

    update_login_count();

    if ($user) {

        // language setup
        if (isguestuser($user)) {
            // no predefined language for guests - use existing session or default site lang
            unset($user->lang);

        } else if (!empty($user->lang)) {
            // unset previous session language - use user preference instead
            unset($SESSION->lang);
        }

        if (empty($user->confirmed)) {       // This account was never confirmed
            $PAGE->set_title(get_string("mustconfirm"));
            $PAGE->set_heading($site->fullname);
            echo $OUTPUT->header();
            echo $OUTPUT->heading(get_string("mustconfirm"));
            echo $OUTPUT->box(get_string("emailconfirmsent", "", $user->email), "generalbox boxaligncenter");
            echo $OUTPUT->footer();
            die;
        }

    /// Let's get them all set up.
        add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID,
                   $user->id, 0, $user->id);
        complete_user_login($user);

        // sets the username cookie
        if (!empty($CFG->nolastloggedin)) {
            // do not store last logged in user in cookie
            // auth plugins can temporarily override this from loginpage_hook()
            // do not save $CFG->nolastloggedin in database!

        } else if (empty($CFG->rememberusername) or ($CFG->rememberusername == 2 and empty($frm->rememberusername))) {
            // no permanent cookies, delete old one if exists
            set_moodle_cookie('');

        } else {
            set_moodle_cookie($USER->username);
        }

    /// Prepare redirection
        if (user_not_fully_set_up($USER)) {
            $urltogo = $CFG->wwwroot.'/user/edit.php';
            // We don't delete $SESSION->wantsurl yet, so we get there later

        } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0 or strpos($SESSION->wantsurl, str_replace('http://', 'https://', $CFG->wwwroot)) === 0)) {
            $urltogo = $SESSION->wantsurl;    /// Because it's an address in this site
            unset($SESSION->wantsurl);

        } else {
            // no wantsurl stored or external - go to homepage
            $urltogo = $CFG->wwwroot.'/';
            unset($SESSION->wantsurl);
        }

    /// Go to my-moodle page instead of site homepage if defaulthomepage set to homepage_my
        if (!empty($CFG->defaulthomepage) && $CFG->defaulthomepage == HOMEPAGE_MY && !is_siteadmin() && !isguestuser()) {
            if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
                $urltogo = $CFG->wwwroot.'/my/';
            }
        }


    /// check if user password has expired
    /// Currently supported only for ldap-authentication module
        $userauth = get_auth_plugin($USER->auth);
        if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
            if ($userauth->can_change_password()) {
                $passwordchangeurl = $userauth->change_password_url();
                if (!$passwordchangeurl) {
                    $passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
                }
            } else {
                $passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
            }
            $days2expire = $userauth->password_expire($USER->username);
            $PAGE->set_title("$site->fullname: $loginsite");
            $PAGE->set_heading("$site->fullname");
            if (intval($days2expire) > 0 && intval($days2expire) < intval($userauth->config->expiration_warning)) {
                echo $OUTPUT->header();
                echo $OUTPUT->confirm(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
                echo $OUTPUT->footer();
                exit;
            } elseif (intval($days2expire) < 0 ) {
                echo $OUTPUT->header();
                echo $OUTPUT->confirm(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
                echo $OUTPUT->footer();
                exit;
            }
        }

        reset_login_count();

        // test the session actually works by redirecting to self
        $SESSION->wantsurl = $urltogo;
        redirect(new moodle_url(get_login_url(), array('testsession'=>$USER->id)));

    } else {
        if (empty($errormsg)) {
            $errormsg = get_string("invalidlogin");
            $errorcode = 3;
        }
    }
}

/// Detect problems with timedout sessions
if ($session_has_timed_out and !data_submitted()) {
    $errormsg = get_string('sessionerroruser', 'error');
    $errorcode = 4;
}

/// First, let's remember where the user was trying to get to before they got here

if (empty($SESSION->wantsurl)) {
    $SESSION->wantsurl = (array_key_exists('HTTP_REFERER',$_SERVER) &&
                          $_SERVER["HTTP_REFERER"] != $CFG->wwwroot &&
                          $_SERVER["HTTP_REFERER"] != $CFG->wwwroot.'/' &&
                          $_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/' &&
                          $_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/index.php')
        ? $_SERVER["HTTP_REFERER"] : NULL;
}

/// Redirect to alternative login URL if needed
if (!empty($CFG->alternateloginurl)) {
    $loginurl = $CFG->alternateloginurl;

    if (strpos($SESSION->wantsurl, $loginurl) === 0) {
        //we do not want to return to alternate url
        $SESSION->wantsurl = NULL;
    }

    if ($errorcode) {
        if (strpos($loginurl, '?') === false) {
            $loginurl .= '?';
        } else {
            $loginurl .= '&';
        }
        $loginurl .= 'errorcode='.$errorcode;
    }

    redirect($loginurl);
}

// make sure we really are on the https page when https login required
$PAGE->verify_https_required();

/// Generate the login page with forms

if (empty($frm->username) && $authsequence[0] != 'shibboleth') {  // See bug 5184
    if (!empty($_GET["username"])) {
        $frm->username = $_GET["username"];
    } else {
        $frm->username = get_moodle_cookie();
    }

    $frm->password = "";
}

if (!empty($frm->username)) {
    $focus = "password";
} else {
    $focus = "username";
}

if (!empty($CFG->registerauth) or is_enabled_auth('none') or !empty($CFG->auth_instructions)) {
    $show_instructions = true;
} else {
    $show_instructions = false;
}

$potentialidps = array();
foreach($authsequence as $authname) {
    $authplugin = get_auth_plugin($authname);
    $potentialidps = array_merge($potentialidps, $authplugin->loginpage_idp_list($SESSION->wantsurl));
}

$PAGE->set_title("$site->fullname: $loginsite");
$PAGE->set_heading("$site->fullname");

echo $OUTPUT->header();

if (isloggedin() and !isguestuser()) {
    // prevent logging when already logged in, we do not want them to relogin by accident because sesskey would be changed
    echo $OUTPUT->box_start();
    $logout = new single_button(new moodle_url($CFG->httpswwwroot.'/login/logout.php', array('sesskey'=>sesskey(),'loginpage'=>1)), get_string('logout'), 'post');
    $continue = new single_button(new moodle_url($CFG->httpswwwroot.'/login/index.php', array('cancel'=>1)), get_string('cancel'), 'get');
    echo $OUTPUT->confirm(get_string('alreadyloggedin', 'error', fullname($USER)), $logout, $continue);
    echo $OUTPUT->box_end();
} else {
    include("index_form.html");
}

echo $OUTPUT->footer();
Commit	Line	Data
8570cff0	1	<?php
	2
	3	// This file is part of Moodle - http://moodle.org/
	4	//
	5	// Moodle is free software: you can redistribute it and/or modify
	6	// it under the terms of the GNU General Public License as published by
	7	// the Free Software Foundation, either version 3 of the License, or
	8	// (at your option) any later version.
	9	//
	10	// Moodle is distributed in the hope that it will be useful,
	11	// but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	// GNU General Public License for more details.
	14	//
	15	// You should have received a copy of the GNU General Public License
	16	// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
	17
	18	/**
c30949a9	19	* Main login page.
8570cff0	20	*
c30949a9 PS	21	* @package core
	22	* @subpackage auth
	23	* @copyright 1999 onwards Martin Dougiamas http://dougiamas.com
	24	* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
8570cff0	25	*/
8570cff0	26
c30949a9	27	require('../config.php');
8570cff0	28
	29	redirect_if_major_upgrade_required();
	30
8a8f1c7c	31	$testsession = optional_param('testsession', 0, PARAM_INT); // test session works properly
3354eb8c PS	32	$cancel = optional_param('cancel', 0, PARAM_BOOL); // redirect to frontpage, needed for loginhttps
	33
	34	if ($cancel) {
	35	redirect(new moodle_url('/'));
	36	}
8570cff0	37
17c70aa0 PS	38	//HTTPS is required in this page when $CFG->loginhttps enabled
17c70aa0 PS	39	$PAGE->https_required();
c30949a9	40
8570cff0	41	$context = get_context_instance(CONTEXT_SYSTEM);
c30949a9 PS	42	$PAGE->set_url("$CFG->httpswwwroot/login/index.php");
c30949a9 PS	43	$PAGE->set_context($context);
191b267b	44	$PAGE->set_pagelayout('login');
d529807a	45
f716d0dd	46	/// Initialize variables
8570cff0	47	$errormsg = '';
8570cff0	48	$errorcode = 0;
3e5c8474	49
8a8f1c7c PS	50	// login page requested session test
	51	if ($testsession) {
	52	if ($testsession == $USER->id) {
	53	if (isset($SESSION->wantsurl)) {
	54	$urltogo = $SESSION->wantsurl;
	55	} else {
	56	$urltogo = $CFG->wwwroot.'/';
	57	}
	58	unset($SESSION->wantsurl);
	59	redirect($urltogo);
	60	} else {
	61	// TODO: try to find out what is the exact reason why sessions do not work
	62	$errormsg = get_string("cookiesnotenabled");
	63	$errorcode = 1;
	64	}
	65	}
	66
1c6932d8	67	/// Check for timed out sessions
8570cff0	68	if (!empty($SESSION->has_timed_out)) {
	69	$session_has_timed_out = true;
	70	unset($SESSION->has_timed_out);
	71	} else {
	72	$session_has_timed_out = false;
	73	}
1c6932d8	74
099f393f	75	/// auth plugins may override these - SSO anyone?
8570cff0	76	$frm = false;
8570cff0	77	$user = false;
6bc1e5d5	78
8570cff0	79	$authsequence = get_enabled_auth_plugins(true); // auths, in sequence
	80	foreach($authsequence as $authname) {
	81	$authplugin = get_auth_plugin($authname);
	82	$authplugin->loginpage_hook();
	83	}
6bc1e5d5	84
244a32c6	85
a718d872	86	/// Define variables used in page
3f77c158	87	$site = get_site();
8570cff0	88
8570cff0	89	$loginsite = get_string("loginsite");
	90	$PAGE->navbar->add($loginsite);
	91
f23a1761 PS	92	if ($user !== false or $frm !== false or $errormsg !== '') {
f23a1761 PS	93	// some auth plugin already supplied full user, fake form data or prevented user login with error message
8570cff0	94
8570cff0	95	} else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) {
	96	// Handles the case of another Moodle site linking into a page on this site
	97	//TODO: move weblink into own auth plugin
	98	include($CFG->dirroot.'/login/weblinkauth.php');
	99	if (function_exists('weblink_auth')) {
	100	$user = weblink_auth($SESSION->wantsurl);
089b19f6	101	}
8570cff0	102	if ($user) {
8570cff0	103	$frm->username = $user->username;
d00377f5	104	} else {
294ce987	105	$frm = data_submitted();
d00377f5	106	}
a9b07c52	107
8570cff0	108	} else {
	109	$frm = data_submitted();
	110	}
	111
a718d872	112	/// Check if the user has actually submitted login data to us
a718d872	113
8a8f1c7c	114	if ($frm and isset($frm->username)) { // Login WITH cookies
792197b0	115
8570cff0	116	$frm->username = trim(moodle_strtolower($frm->username));
cf5560fb	117
79604225	118	if (is_enabled_auth('none') ) {
6b8ad965	119	if ($frm->username !== clean_param($frm->username, PARAM_USERNAME)) {
50256f9c	120	$errormsg = get_string('username').': '.get_string("invalidusername");
8570cff0	121	$errorcode = 2;
8570cff0	122	$user = null;
05b18caf	123	}
8570cff0	124	}
05b18caf	125
8570cff0	126	if ($user) {
	127	//user already supplied by aut plugin prelogin hook
	128	} else if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
	129	$user = false; /// Can't log in as guest if guest button is disabled
	130	$frm = false;
	131	} else {
	132	if (empty($errormsg)) {
	133	$user = authenticate_user_login($frm->username, $frm->password);
cf5560fb	134	}
8570cff0	135	}
e58269e4 EL	136
	137	// Intercept 'restored' users to provide them with info & reset password
	138	if (!$user and $frm and is_restored_user($frm->username)) {
	139	$PAGE->set_title(get_string('restoredaccount'));
	140	$PAGE->set_heading($site->fullname);
	141	echo $OUTPUT->header();
	142	echo $OUTPUT->heading(get_string('restoredaccount'));
	143	echo $OUTPUT->box(get_string('restoredaccountinfo'), 'generalbox boxaligncenter');
	144	require_once('restored_password_form.php'); // Use our "supplanter" login_forgot_password_form. MDL-20846
	145	$form = new login_forgot_password_form('forgot_password.php', array('username' => $frm->username));
	146	$form->display();
	147	echo $OUTPUT->footer();
	148	die;
	149	}
	150
8570cff0	151	update_login_count();
f9903ed0	152
8570cff0	153	if ($user) {
a718d872	154
8570cff0	155	// language setup
b3df1764	156	if (isguestuser($user)) {
8570cff0	157	// no predefined language for guests - use existing session or default site lang
8570cff0	158	unset($user->lang);
18ceee5c	159
8570cff0	160	} else if (!empty($user->lang)) {
	161	// unset previous session language - use user preference instead
	162	unset($SESSION->lang);
	163	}
18ceee5c	164
8570cff0	165	if (empty($user->confirmed)) { // This account was never confirmed
8570cff0	166	$PAGE->set_title(get_string("mustconfirm"));
e58269e4	167	$PAGE->set_heading($site->fullname);
8570cff0	168	echo $OUTPUT->header();
	169	echo $OUTPUT->heading(get_string("mustconfirm"));
	170	echo $OUTPUT->box(get_string("emailconfirmsent", "", $user->email), "generalbox boxaligncenter");
	171	echo $OUTPUT->footer();
	172	die;
	173	}
c21c671d	174
8570cff0	175	/// Let's get them all set up.
	176	add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID,
	177	$user->id, 0, $user->id);
0342fc36 PS	178	complete_user_login($user);
	179
	180	// sets the username cookie
	181	if (!empty($CFG->nolastloggedin)) {
	182	// do not store last logged in user in cookie
	183	// auth plugins can temporarily override this from loginpage_hook()
	184	// do not save $CFG->nolastloggedin in database!
	185
	186	} else if (empty($CFG->rememberusername) or ($CFG->rememberusername == 2 and empty($frm->rememberusername))) {
	187	// no permanent cookies, delete old one if exists
	188	set_moodle_cookie('');
	189
	190	} else {
	191	set_moodle_cookie($USER->username);
	192	}
e06f15ae	193
8570cff0	194	/// Prepare redirection
	195	if (user_not_fully_set_up($USER)) {
	196	$urltogo = $CFG->wwwroot.'/user/edit.php';
	197	// We don't delete $SESSION->wantsurl yet, so we get there later
808a3baa	198
b792a64a	199	} else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0 or strpos($SESSION->wantsurl, str_replace('http://', 'https://', $CFG->wwwroot)) === 0)) {
8570cff0	200	$urltogo = $SESSION->wantsurl; /// Because it's an address in this site
8570cff0	201	unset($SESSION->wantsurl);
808a3baa	202
8570cff0	203	} else {
	204	// no wantsurl stored or external - go to homepage
	205	$urltogo = $CFG->wwwroot.'/';
	206	unset($SESSION->wantsurl);
	207	}
1f48cd28	208
ba2789c1 SH	209	/// Go to my-moodle page instead of site homepage if defaulthomepage set to homepage_my
ba2789c1 SH	210	if (!empty($CFG->defaulthomepage) && $CFG->defaulthomepage == HOMEPAGE_MY && !is_siteadmin() && !isguestuser()) {
8570cff0	211	if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
8570cff0	212	$urltogo = $CFG->wwwroot.'/my/';
bee00f48	213	}
8570cff0	214	}
089b19f6	215
1f48cd28	216
8570cff0	217	/// check if user password has expired
	218	/// Currently supported only for ldap-authentication module
	219	$userauth = get_auth_plugin($USER->auth);
	220	if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
	221	if ($userauth->can_change_password()) {
	222	$passwordchangeurl = $userauth->change_password_url();
99f9f85f	223	if (!$passwordchangeurl) {
e6d4c2f8	224	$passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
e6d4c2f8	225	}
8570cff0	226	} else {
	227	$passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
	228	}
	229	$days2expire = $userauth->password_expire($USER->username);
	230	$PAGE->set_title("$site->fullname: $loginsite");
	231	$PAGE->set_heading("$site->fullname");
8570cff0	232	if (intval($days2expire) > 0 && intval($days2expire) < intval($userauth->config->expiration_warning)) {
	233	echo $OUTPUT->header();
	234	echo $OUTPUT->confirm(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
	235	echo $OUTPUT->footer();
	236	exit;
	237	} elseif (intval($days2expire) < 0 ) {
	238	echo $OUTPUT->header();
	239	echo $OUTPUT->confirm(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
	240	echo $OUTPUT->footer();
	241	exit;
089b19f6	242	}
8570cff0	243	}
089b19f6	244
8570cff0	245	reset_login_count();
2f1a4248	246
8a8f1c7c PS	247	// test the session actually works by redirecting to self
	248	$SESSION->wantsurl = $urltogo;
	249	redirect(new moodle_url(get_login_url(), array('testsession'=>$USER->id)));
f3d3f3e8	250
8570cff0	251	} else {
	252	if (empty($errormsg)) {
	253	$errormsg = get_string("invalidlogin");
	254	$errorcode = 3;
	255	}
f9903ed0	256	}
8570cff0	257	}
8223d271	258
4acffa49	259	/// Detect problems with timedout sessions
8570cff0	260	if ($session_has_timed_out and !data_submitted()) {
	261	$errormsg = get_string('sessionerroruser', 'error');
	262	$errorcode = 4;
	263	}
d9969553	264
d9969553	265	/// First, let's remember where the user was trying to get to before they got here
9c9f7d77	266
8570cff0	267	if (empty($SESSION->wantsurl)) {
	268	$SESSION->wantsurl = (array_key_exists('HTTP_REFERER',$_SERVER) &&
	269	$_SERVER["HTTP_REFERER"] != $CFG->wwwroot &&
	270	$_SERVER["HTTP_REFERER"] != $CFG->wwwroot.'/' &&
	271	$_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/' &&
	272	$_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/index.php')
	273	? $_SERVER["HTTP_REFERER"] : NULL;
	274	}
792197b0	275
4acffa49	276	/// Redirect to alternative login URL if needed
8570cff0	277	if (!empty($CFG->alternateloginurl)) {
8570cff0	278	$loginurl = $CFG->alternateloginurl;
4acffa49	279
8570cff0	280	if (strpos($SESSION->wantsurl, $loginurl) === 0) {
	281	//we do not want to return to alternate url
	282	$SESSION->wantsurl = NULL;
792197b0	283	}
f3d3f3e8	284
8570cff0	285	if ($errorcode) {
	286	if (strpos($loginurl, '?') === false) {
	287	$loginurl .= '?';
450dcc60	288	} else {
8570cff0	289	$loginurl .= '&';
450dcc60	290	}
8570cff0	291	$loginurl .= 'errorcode='.$errorcode;
9c9f7d77	292	}
f3d3f3e8	293
8570cff0	294	redirect($loginurl);
8570cff0	295	}
3fe6b721	296
17c70aa0 PS	297	// make sure we really are on the https page when https login required
17c70aa0 PS	298	$PAGE->verify_https_required();
5b2ae584	299
8570cff0	300	/// Generate the login page with forms
d9969553	301
8570cff0	302	if (empty($frm->username) && $authsequence[0] != 'shibboleth') { // See bug 5184
	303	if (!empty($_GET["username"])) {
	304	$frm->username = $_GET["username"];
	305	} else {
0342fc36	306	$frm->username = get_moodle_cookie();
8570cff0	307	}
f9903ed0	308
8570cff0	309	$frm->password = "";
	310	}
	311
	312	if (!empty($frm->username)) {
	313	$focus = "password";
	314	} else {
	315	$focus = "username";
	316	}
	317
	318	if (!empty($CFG->registerauth) or is_enabled_auth('none') or !empty($CFG->auth_instructions)) {
	319	$show_instructions = true;
	320	} else {
	321	$show_instructions = false;
	322	}
	323
b257d7c4 PL	324	$potentialidps = array();
	325	foreach($authsequence as $authname) {
	326	$authplugin = get_auth_plugin($authname);
	327	$potentialidps = array_merge($potentialidps, $authplugin->loginpage_idp_list($SESSION->wantsurl));
	328	}
	329
8570cff0	330	$PAGE->set_title("$site->fullname: $loginsite");
8570cff0	331	$PAGE->set_heading("$site->fullname");
8570cff0	332
8570cff0	333	echo $OUTPUT->header();
e81fb5ef PS	334
	335	if (isloggedin() and !isguestuser()) {
	336	// prevent logging when already logged in, we do not want them to relogin by accident because sesskey would be changed
	337	echo $OUTPUT->box_start();
3354eb8c PS	338	$logout = new single_button(new moodle_url($CFG->httpswwwroot.'/login/logout.php', array('sesskey'=>sesskey(),'loginpage'=>1)), get_string('logout'), 'post');
3354eb8c PS	339	$continue = new single_button(new moodle_url($CFG->httpswwwroot.'/login/index.php', array('cancel'=>1)), get_string('cancel'), 'get');
e81fb5ef PS	340	echo $OUTPUT->confirm(get_string('alreadyloggedin', 'error', fullname($USER)), $logout, $continue);
	341	echo $OUTPUT->box_end();
	342	} else {
	343	include("index_form.html");
	344	}
	345
6c3ef410	346	echo $OUTPUT->footer();