Fix typo.
[moodle.git] / login / index.php
CommitLineData
9a58f7cb 1<?php // $Id$
b0e3a925 2
3 require_once("../config.php");
a718d872 4
2cc14e87 5 $loginguest = optional_param('loginguest', 0, PARAM_BOOL); // determines whether visitors are logged in as guest automatically
6 $testcookies = optional_param('testcookies', 0, PARAM_BOOL); // request cookie test
f9903ed0 7
3e5c8474 8 //initialize variables
9 $errormsg = '';
10
1c6932d8 11/// Check for timed out sessions
12 if (!empty($SESSION->has_timed_out)) {
13 $session_has_timed_out = true;
14 $SESSION->has_timed_out = false;
15 } else {
16 $session_has_timed_out = false;
17 }
18
90b84141 19 //HTTPS is potentially required in this page
20 httpsrequired();
21
a718d872 22/// Check if the guest user exists. If not, create one.
a9b07c52 23 if (! record_exists("user", "username", "guest")) {
4e11ad4f 24 $guest->auth = "manual";
a9b07c52 25 $guest->username = "guest";
df193157 26 $guest->password = hash_internal_user_password("guest");
b95c3ab8 27 $guest->firstname = addslashes(get_string("guestuser"));
cf38360f 28 $guest->lastname = " ";
a9b07c52 29 $guest->email = "root@localhost";
b95c3ab8 30 $guest->description = addslashes(get_string("guestuserinfo"));
a9b07c52 31 $guest->confirmed = 1;
ad6c33dc 32 $guest->lang = $CFG->lang;
a9b07c52 33 $guest->timemodified= time();
34
35 if (! $guest->id = insert_record("user", $guest)) {
36 notify("Could not create guest user record !!!");
37 }
38 }
da79d75d 39
a718d872 40/// Load alternative login screens if necessary
41
da79d75d 42 if ($CFG->auth == 'cas' && !empty($CFG->cas_enabled)) {
43 require($CFG->dirroot.'/auth/cas/login.php');
44 }
a718d872 45
16bac723 46// See http://moodle.org/mod/forum/discuss.php?d=39918#187611
47// if ($CFG->auth == 'shibboleth') {
48// if (!empty($SESSION->shibboleth_checked) ) { // Just come from there
49// unset($SESSION->shibboleth_checked);
50// } else if (empty($_POST)) { // No incoming data, so redirect
51// redirect($CFG->wwwroot.'/auth/shibboleth/index.php');
52// }
53// }
089b19f6 54
a718d872 55
56
57/// Define variables used in page
089b19f6 58 if (!$site = get_site()) {
59 error("No site found!");
60 }
61
62 if (empty($CFG->langmenu)) {
63 $langmenu = "";
64 } else {
65 $currlang = current_language();
66 $langs = get_list_of_languages();
90b84141 67 $langmenu = popup_form ("$CFG->httpswwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
089b19f6 68 }
69
70 $loginsite = get_string("loginsite");
71
d9969553 72 $loginurl = (!empty($CFG->alternateloginurl)) ? $CFG->alternateloginurl : '';
a9b07c52 73
d00377f5 74 $frm = false;
0e8a3f25 75 $user = false;
a718d872 76
77
e06f15ae 78 if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) {
d00377f5 79 /// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
e06f15ae 80 $frm->username = 'guest';
81 $frm->password = 'guest';
82 } else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) {
83 // Handles the case of another Moodle site linking into a page on this site
84 include($CFG->dirroot.'/login/weblinkauth.php');
0e8a3f25 85 if (function_exists(weblink_auth)) {
450a0a7d 86 $user = weblink_auth($SESSION->wantsurl);
0e8a3f25 87 }
88 if ($user) {
450a0a7d 89 $frm->username = $user->username;
0e8a3f25 90 } else {
d9969553 91 $frm = data_submitted($loginurl);
0e8a3f25 92 }
d00377f5 93 } else {
d9969553 94 $frm = data_submitted($loginurl);
d00377f5 95 }
a9b07c52 96
a718d872 97/// Check if the user has actually submitted login data to us
98
2cc14e87 99 if (empty($CFG->usesid) and $testcookies and (get_moodle_cookie() == '')) { // Login without cookie when test requested
792197b0 100
101 $errormsg = get_string("cookiesnotenabled");
102
fd78420b 103 } else if ($frm) { // Login WITH cookies
792197b0 104
1e22bc9c 105 $frm->username = trim(moodle_strtolower($frm->username));
cf5560fb 106
05b18caf 107 if ($CFG->auth == 'none' && empty($CFG->extendedusernamechars)) {
108 $string = eregi_replace("[^(-\.[:alnum:])]", "", $frm->username);
109 if (strcmp($frm->username, $string)) {
110 $errormsg = get_string('username').': '.get_string("alphanumerical");
111 $user = null;
112 }
113 }
114
cf5560fb 115 if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
116 $user = false; /// Can't log in as guest if guest button is disabled
117 $frm = false;
0e8a3f25 118 } else if (!$user) {
05b18caf 119 if (empty($errormsg)) {
120 $user = authenticate_user_login($frm->username, $frm->password);
121 }
cf5560fb 122 }
bee00f48 123 update_login_count();
f9903ed0 124
125 if ($user) {
a718d872 126
127 if (empty($user->confirmed)) { // This account was never confirmed
fa0626c6 128 print_header(get_string("mustconfirm"), get_string("mustconfirm") );
6bebcf8d 129 print_heading(get_string("mustconfirm"));
130 print_simple_box(get_string("emailconfirmsent", "", $user->email), "center");
8553b700 131 print_footer();
f9903ed0 132 die;
133 }
c21c671d 134
a718d872 135 // Let's get them all set up.
f9903ed0 136 $USER = $user;
f9903ed0 137
a718d872 138 add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID, $USER->id, 0, $USER->id);
e1f96c23 139
054193be 140
a718d872 141 update_user_login_times();
142 set_moodle_cookie($USER->username);
143 set_login_session_preferences();
144
145
089b19f6 146 //Select password change url
3f11ce14 147 if (is_internal_auth($USER->auth) || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){
089b19f6 148 $passwordchangeurl=$CFG->wwwroot.'/login/change_password.php';
149 } elseif($CFG->changepassword) {
150 $passwordchangeurl=$CFG->changepassword;
17037270 151 } else {
152 $passwordchangeurl = '';
153 }
089b19f6 154
d35757eb 155 // check whether the user should be changing password
b1ace59a 156 if (get_user_preferences('auth_forcepasswordchange', false) || $frm->password == 'changeme'){
17037270 157 if ($passwordchangeurl != '') {
089b19f6 158 redirect($passwordchangeurl);
d35757eb 159 } else {
160 error("You cannot proceed without changing your password.
161 However there is no available page for changing it.
162 Please contact your Moodle Administrator.");
163 }
164 }
165
e06f15ae 166
1f48cd28 167 /// Prepare redirection
808a3baa 168 if (user_not_fully_set_up($USER)) {
089b19f6 169 $urltogo = $CFG->wwwroot.'/user/edit.php?id='.$USER->id.'&amp;course='.SITEID;
e06f15ae 170 // We don't delete $SESSION->wantsurl yet, so we get there later
808a3baa 171
e06f15ae 172 } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) {
173 $urltogo = $SESSION->wantsurl; /// Because it's an address in this site
174 unset($SESSION->wantsurl);
808a3baa 175
bee00f48 176 } else {
1f48cd28 177 // no wantsurl stored or external - go to homepage
b6508d63 178 $urltogo = $CFG->wwwroot.'/';
1f48cd28 179 unset($SESSION->wantsurl);
180 }
181
182 /// Go to my-moodle page instead of homepage if mymoodleredirect enabled
51792df0 183 if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM, SITEID)) and !empty($CFG->mymoodleredirect) and !isguest()) {
1f48cd28 184 if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
185 $urltogo = $CFG->wwwroot.'/my/';
0d6b9d4f 186 }
bee00f48 187 }
089b19f6 188
1f48cd28 189
089b19f6 190 // check if user password has expired
191 // Currently supported only for ldap-authentication module
192 if (isset($CFG->ldap_expiration) && $CFG->ldap_expiration == 1 ) {
193 if (function_exists('auth_password_expire')){
194 $days2expire = auth_password_expire($USER->username);
195 if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) {
196 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
197 notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
198 print_footer();
199 exit;
200 } elseif (intval($days2expire) < 0 ) {
201 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
202 notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
203 print_footer();
204 exit;
205 }
206 }
207 }
208
bee00f48 209 reset_login_count();
fc8db0e7 210 if (!empty($CFG->rolesactive)) {
211 load_user_capability(); // load user's capabilities
8f8ed475 212 load_defaultuser_role(); // All users get this by default
fc8db0e7 213 }
bcdcbccc 214 redirect($urltogo);
215
e06f15ae 216 exit;
f9903ed0 217
218 } else {
05b18caf 219 if (empty($errormsg)) {
220 $errormsg = get_string("invalidlogin");
221 }
f9903ed0 222 }
223 }
8223d271 224
f9903ed0 225
d9969553 226/// We need to show a login form
227
228/// First, let's remember where the user was trying to get to before they got here
9c9f7d77 229
f9903ed0 230 if (empty($SESSION->wantsurl)) {
0d6b9d4f 231 $SESSION->wantsurl = (array_key_exists('HTTP_REFERER',$_SERVER) &&
232 $_SERVER["HTTP_REFERER"] != $CFG->wwwroot &&
3e5c8474 233 $_SERVER["HTTP_REFERER"] != $CFG->wwwroot.'/' &&
234 $_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/' &&
235 $_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/index.php')
0d6b9d4f 236 ? $_SERVER["HTTP_REFERER"] : NULL;
f9903ed0 237 }
792197b0 238
d9969553 239 if (!empty($loginurl)) { // We don't want the standard forms, go elsewhere
240 redirect($loginurl);
241 }
242
243
a718d872 244/// Generate the login page with forms
d9969553 245
1c6932d8 246 if ($session_has_timed_out) {
247 $errormsg = get_string('sessionerroruser', 'error');
248 }
d9969553 249
792197b0 250 if (get_moodle_cookie() == '') {
251 set_moodle_cookie('nobody'); // To help search for cookies
252 }
f9903ed0 253
1925b16d 254 if (empty($frm->username) && $CFG->auth != 'shibboleth') { // See bug 5184
792197b0 255 $frm->username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();
9c9f7d77 256 $frm->password = "";
257 }
f9903ed0 258
9c9f7d77 259 if (!empty($frm->username)) {
a46b14ef 260 $focus = "login.password";
f9903ed0 261 } else {
a46b14ef 262 $focus = "login.username";
f9903ed0 263 }
e64ef4f9 264
265 if (isset($CFG->auth_instructions)) {
266 $CFG->auth_instructions = trim($CFG->auth_instructions);
267 }
268 if ($CFG->auth == "email" or $CFG->auth == "none" or !empty($CFG->auth_instructions)) {
35a48c9a 269 $show_instructions = true;
270 } else {
271 $show_instructions = false;
272 }
5b2ae584 273
d9969553 274 print_header("$site->fullname: $loginsite", $site->fullname, $loginsite, $focus,
275 '', true, '<div class="langmenu" align="right">'.$langmenu.'</div>');
276
f9903ed0 277 include("index_form.html");
278
d9969553 279 print_footer();
f9903ed0 280
f9903ed0 281
f9903ed0 282?>