removed styles_fonts.css and styles_layout.css from $THEME->sheets.
[moodle.git] / login / index.php
CommitLineData
9a58f7cb 1<?php // $Id$
b0e3a925 2
3 require_once("../config.php");
a718d872 4
e9f7ee0e 5 $loginguest = optional_param('loginguest', false); // determines whether visitors are logged in as guest automatically
f9903ed0 6
1c6932d8 7/// Check for timed out sessions
8 if (!empty($SESSION->has_timed_out)) {
9 $session_has_timed_out = true;
10 $SESSION->has_timed_out = false;
11 } else {
12 $session_has_timed_out = false;
13 }
14
90b84141 15 //HTTPS is potentially required in this page
16 httpsrequired();
17
a718d872 18/// Check if the guest user exists. If not, create one.
a9b07c52 19 if (! record_exists("user", "username", "guest")) {
4e11ad4f 20 $guest->auth = "manual";
a9b07c52 21 $guest->username = "guest";
22 $guest->password = md5("guest");
b95c3ab8 23 $guest->firstname = addslashes(get_string("guestuser"));
cf38360f 24 $guest->lastname = " ";
a9b07c52 25 $guest->email = "root@localhost";
b95c3ab8 26 $guest->description = addslashes(get_string("guestuserinfo"));
a9b07c52 27 $guest->confirmed = 1;
ad6c33dc 28 $guest->lang = $CFG->lang;
a9b07c52 29 $guest->timemodified= time();
30
31 if (! $guest->id = insert_record("user", $guest)) {
32 notify("Could not create guest user record !!!");
33 }
34 }
da79d75d 35
a718d872 36/// Load alternative login screens if necessary
37
da79d75d 38 if ($CFG->auth == 'cas' && !empty($CFG->cas_enabled)) {
39 require($CFG->dirroot.'/auth/cas/login.php');
40 }
a718d872 41
42 if ($CFG->auth == 'shibboleth') {
e9f7ee0e 43 if (!empty($SESSION->shibboleth_checked) ) { // Just come from there
a718d872 44 unset($SESSION->shibboleth_checked);
e9f7ee0e 45 } else if (empty($_POST)) { // No incoming data, so redirect
565809c6 46 redirect($CFG->wwwroot.'/auth/shibboleth/index.php');
a718d872 47 }
48 }
089b19f6 49
a718d872 50
51
52/// Define variables used in page
089b19f6 53 if (!$site = get_site()) {
54 error("No site found!");
55 }
56
57 if (empty($CFG->langmenu)) {
58 $langmenu = "";
59 } else {
60 $currlang = current_language();
61 $langs = get_list_of_languages();
90b84141 62 $langmenu = popup_form ("$CFG->httpswwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
089b19f6 63 }
64
65 $loginsite = get_string("loginsite");
66
d9969553 67 $loginurl = (!empty($CFG->alternateloginurl)) ? $CFG->alternateloginurl : '';
a9b07c52 68
d00377f5 69 $frm = false;
0e8a3f25 70 $user = false;
a718d872 71
72
e06f15ae 73 if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) {
d00377f5 74 /// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
e06f15ae 75 $frm->username = 'guest';
76 $frm->password = 'guest';
77 } else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) {
78 // Handles the case of another Moodle site linking into a page on this site
79 include($CFG->dirroot.'/login/weblinkauth.php');
0e8a3f25 80 if (function_exists(weblink_auth)) {
81 $user = weblink_auth($SESSION->wantsurl);
82 }
83 if ($user) {
84 $frm->username = $user->username;
85 } else {
d9969553 86 $frm = data_submitted($loginurl);
0e8a3f25 87 }
d00377f5 88 } else {
d9969553 89 $frm = data_submitted($loginurl);
d00377f5 90 }
a9b07c52 91
a718d872 92/// Check if the user has actually submitted login data to us
93
fd78420b 94 if (empty($CFG->usesid) and $frm and (get_moodle_cookie() == '') and ($frm->username!='guest') and !$user and empty($CFG->alternateloginurl)) { // Login without cookie
792197b0 95
96 $errormsg = get_string("cookiesnotenabled");
97
fd78420b 98 } else if ($frm) { // Login WITH cookies
792197b0 99
1e22bc9c 100 $frm->username = trim(moodle_strtolower($frm->username));
cf5560fb 101
05b18caf 102 if ($CFG->auth == 'none' && empty($CFG->extendedusernamechars)) {
103 $string = eregi_replace("[^(-\.[:alnum:])]", "", $frm->username);
104 if (strcmp($frm->username, $string)) {
105 $errormsg = get_string('username').': '.get_string("alphanumerical");
106 $user = null;
107 }
108 }
109
cf5560fb 110 if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
111 $user = false; /// Can't log in as guest if guest button is disabled
112 $frm = false;
0e8a3f25 113 } else if (!$user) {
05b18caf 114 if (empty($errormsg)) {
115 $user = authenticate_user_login($frm->username, $frm->password);
116 }
cf5560fb 117 }
bee00f48 118 update_login_count();
f9903ed0 119
120 if ($user) {
a718d872 121
122 if (empty($user->confirmed)) { // This account was never confirmed
fa0626c6 123 print_header(get_string("mustconfirm"), get_string("mustconfirm") );
6bebcf8d 124 print_heading(get_string("mustconfirm"));
125 print_simple_box(get_string("emailconfirmsent", "", $user->email), "center");
8553b700 126 print_footer();
f9903ed0 127 die;
128 }
c21c671d 129
a718d872 130 // Let's get them all set up.
f9903ed0 131 $USER = $user;
f9903ed0 132
a718d872 133 add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID, $USER->id, 0, $USER->id);
e1f96c23 134
054193be 135
a718d872 136 update_user_login_times();
137 set_moodle_cookie($USER->username);
138 set_login_session_preferences();
139
140
089b19f6 141 //Select password change url
3f11ce14 142 if (is_internal_auth($USER->auth) || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){
089b19f6 143 $passwordchangeurl=$CFG->wwwroot.'/login/change_password.php';
144 } elseif($CFG->changepassword) {
145 $passwordchangeurl=$CFG->changepassword;
146 }
147
d35757eb 148 // check whether the user should be changing password
b1ace59a 149 if (get_user_preferences('auth_forcepasswordchange', false) || $frm->password == 'changeme'){
089b19f6 150 if (isset($passwordchangeurl)) {
151 redirect($passwordchangeurl);
d35757eb 152 } else {
153 error("You cannot proceed without changing your password.
154 However there is no available page for changing it.
155 Please contact your Moodle Administrator.");
156 }
157 }
158
e06f15ae 159
808a3baa 160 if (user_not_fully_set_up($USER)) {
089b19f6 161 $urltogo = $CFG->wwwroot.'/user/edit.php?id='.$USER->id.'&amp;course='.SITEID;
e06f15ae 162 // We don't delete $SESSION->wantsurl yet, so we get there later
808a3baa 163
e06f15ae 164 } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) {
165 $urltogo = $SESSION->wantsurl; /// Because it's an address in this site
166 unset($SESSION->wantsurl);
808a3baa 167
bee00f48 168 } else {
0d6b9d4f 169 $urltogo = $CFG->wwwroot.'/my'; /// Go to the standard home page
52788321 170 if (isadmin() || empty($CFG->mymoodleredirect) || isguest()) {
171 $urltogo = $CFG->wwwroot; /// not needed by admins or guests or when it's turned off
0d6b9d4f 172 }
e06f15ae 173 unset($SESSION->wantsurl); /// Just in case
bee00f48 174 }
089b19f6 175
176 // check if user password has expired
177 // Currently supported only for ldap-authentication module
178 if (isset($CFG->ldap_expiration) && $CFG->ldap_expiration == 1 ) {
179 if (function_exists('auth_password_expire')){
180 $days2expire = auth_password_expire($USER->username);
181 if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) {
182 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
183 notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
184 print_footer();
185 exit;
186 } elseif (intval($days2expire) < 0 ) {
187 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
188 notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
189 print_footer();
190 exit;
191 }
192 }
193 }
194
bee00f48 195 reset_login_count();
f9903ed0 196
bcdcbccc 197 redirect($urltogo);
198
e06f15ae 199 exit;
f9903ed0 200
201 } else {
05b18caf 202 if (empty($errormsg)) {
203 $errormsg = get_string("invalidlogin");
204 }
f9903ed0 205 }
206 }
8223d271 207
f9903ed0 208
d9969553 209/// We need to show a login form
210
211/// First, let's remember where the user was trying to get to before they got here
9c9f7d77 212
f9903ed0 213 if (empty($SESSION->wantsurl)) {
0d6b9d4f 214 $SESSION->wantsurl = (array_key_exists('HTTP_REFERER',$_SERVER) &&
215 $_SERVER["HTTP_REFERER"] != $CFG->wwwroot &&
216 $_SERVER["HTTP_REFERER"] != $CFG->wwwroot.'/')
217 ? $_SERVER["HTTP_REFERER"] : NULL;
f9903ed0 218 }
792197b0 219
d9969553 220 if (!empty($loginurl)) { // We don't want the standard forms, go elsewhere
221 redirect($loginurl);
222 }
223
224
a718d872 225/// Generate the login page with forms
d9969553 226
227 if (empty($errormsg)) {
228 $errormsg = '';
229 }
1c6932d8 230
231 if ($session_has_timed_out) {
232 $errormsg = get_string('sessionerroruser', 'error');
233 }
d9969553 234
792197b0 235 if (get_moodle_cookie() == '') {
236 set_moodle_cookie('nobody'); // To help search for cookies
237 }
f9903ed0 238
9c9f7d77 239 if (empty($frm->username)) {
792197b0 240 $frm->username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();
9c9f7d77 241 $frm->password = "";
242 }
f9903ed0 243
9c9f7d77 244 if (!empty($frm->username)) {
a46b14ef 245 $focus = "login.password";
f9903ed0 246 } else {
a46b14ef 247 $focus = "login.username";
f9903ed0 248 }
35a48c9a 249
5f2c35db 250 if ($CFG->auth == "email" or $CFG->auth == "none" or chop($CFG->auth_instructions) <> "" ) {
35a48c9a 251 $show_instructions = true;
252 } else {
253 $show_instructions = false;
254 }
5b2ae584 255
d9969553 256 print_header("$site->fullname: $loginsite", $site->fullname, $loginsite, $focus,
257 '', true, '<div class="langmenu" align="right">'.$langmenu.'</div>');
258
f9903ed0 259 include("index_form.html");
260
d9969553 261 print_footer();
f9903ed0 262
f9903ed0 263
f9903ed0 264?>