26
27
/// Check if the guest user exists. If not, create one.
27
if (! record_exists('user', 'username', 'guest')) {
28
if (! record_exists('user', 'username', 'guest', 'mnethostid', $CFG->mnet_localhost_id)) {
28
29
if (! $guest = create_guest_record()) {
29
30
notify('Could not create guest user record !!!');
64
65
$currlang = current_language();
65
66
$langs = get_list_of_languages();
66
$langlabel = '<span class="accesshide">'.get_string('language').':</span>';
67
$langlabel = get_accesshide(get_string('language'));
67
68
$langmenu = popup_form ("$CFG->httpswwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true, 'self', $langlabel);
70
71
$loginsite = get_string("loginsite");
72
$loginurl = (!empty($CFG->alternateloginurl)) ? $CFG->alternateloginurl : '';
72
$navlinks = array(array('name' => $loginsite, 'link' => null, 'type' => 'misc'));
73
$navigation = build_navigation($navlinks);
75
75
if ($user !== false or $frm !== false) {
76
76
// some auth plugin already supplied these
142
145
if (empty($user->confirmed)) { // This account was never confirmed
143
print_header(get_string("mustconfirm"), get_string("mustconfirm") );
146
print_header(get_string("mustconfirm"), get_string("mustconfirm") );
144
147
print_heading(get_string("mustconfirm"));
145
148
print_simple_box(get_string("emailconfirmsent", "", $user->email), "center");
150
// Let's get them all set up.
153
add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID, $USER->id, 0, $USER->id);
156
update_user_login_times();
157
if (empty($CFG->nolastloggedin)) {
158
set_moodle_cookie($USER->username);
160
// do not store last logged in user in cookie
161
// auth plugins can temporarily override this from loginpage_hook()
162
// do not save $CFG->nolastloggedin in database!
163
set_moodle_cookie('nobody');
165
set_login_session_preferences();
167
/// This is what lets the user do anything on the site :-)
168
load_all_capabilities();
170
//Select password change url
171
$userauth = get_auth_plugin($USER->auth);
172
if ($userauth->can_change_password()) {
173
if ($userauth->change_password_url()) {
174
$passwordchangeurl = $userauth->change_password_url();
176
$passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
179
$passwordchangeurl = '';
182
// check whether the user should be changing password
183
if (get_user_preferences('auth_forcepasswordchange', false) || $frm->password == 'changeme'){
184
if ($passwordchangeurl != '') {
185
redirect($passwordchangeurl);
187
error(get_strin('nopasswordchangeforced', 'auth'));
192
/// Prepare redirection
153
if ($frm->password == 'changeme') {
155
set_user_preference('auth_forcepasswordchange', true, $user->id);
158
/// Let's get them all set up.
159
add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID,
160
$user->id, 0, $user->id);
161
$USER = complete_user_login($user);
163
/// Prepare redirection
193
164
if (user_not_fully_set_up($USER)) {
194
165
$urltogo = $CFG->wwwroot.'/user/edit.php';
195
166
// We don't delete $SESSION->wantsurl yet, so we get there later
204
175
unset($SESSION->wantsurl);
207
/// Go to my-moodle page instead of homepage if mymoodleredirect enabled
178
/// Go to my-moodle page instead of homepage if mymoodleredirect enabled
208
179
if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM)) and !empty($CFG->mymoodleredirect) and !isguest()) {
209
180
if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
210
181
$urltogo = $CFG->wwwroot.'/my/';
215
// check if user password has expired
216
// Currently supported only for ldap-authentication module
186
/// check if user password has expired
187
/// Currently supported only for ldap-authentication module
188
$userauth = get_auth_plugin($USER->auth);
217
189
if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
218
$days2expire = $userauth->password_expire($USER->username);
219
if (intval($days2expire) > 0 && intval($days2expire) < intval($userauth->config->expiration_warning)) {
220
print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div class=\"langmenu\">$langmenu</div>");
221
notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
224
} elseif (intval($days2expire) < 0 ) {
225
print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div class=\"langmenu\">$langmenu</div>");
226
notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
190
if ($userauth->can_change_password()) {
191
$passwordchangeurl = $userauth->change_password_url();
193
$passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
195
$days2expire = $userauth->password_expire($USER->username);
196
if (intval($days2expire) > 0 && intval($days2expire) < intval($userauth->config->expiration_warning)) {
197
print_header("$site->fullname: $loginsite", "$site->fullname", $navigation, '', '', true, "<div class=\"langmenu\">$langmenu</div>");
198
notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
201
} elseif (intval($days2expire) < 0 ) {
202
print_header("$site->fullname: $loginsite", "$site->fullname", $navigation, '', '', true, "<div class=\"langmenu\">$langmenu</div>");
203
notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
232
209
reset_login_count();
234
211
redirect($urltogo);
239
216
if (empty($errormsg)) {
240
217
$errormsg = get_string("invalidlogin");
243
221
// TODO: if the user failed to authenticate, check if the username corresponds to a remote mnet user
244
if ( !empty($CFG->mnet_dispatcher_mode)
222
if ( !empty($CFG->mnet_dispatcher_mode)
245
223
&& $CFG->mnet_dispatcher_mode === 'strict'
246
224
&& is_enabled_auth('mnet')) {
247
225
$errormsg .= get_string('loginlinkmnetuser', 'mnet', "mnet_email.php?u=$frm->username");
253
/// We need to show a login form
230
/// Detect problems with timedout sessions
231
if ($session_has_timed_out and !data_submitted()) {
232
$errormsg = get_string('sessionerroruser', 'error');
255
236
/// First, let's remember where the user was trying to get to before they got here
257
238
if (empty($SESSION->wantsurl)) {
258
$SESSION->wantsurl = (array_key_exists('HTTP_REFERER',$_SERVER) &&
259
$_SERVER["HTTP_REFERER"] != $CFG->wwwroot &&
239
$SESSION->wantsurl = (array_key_exists('HTTP_REFERER',$_SERVER) &&
240
$_SERVER["HTTP_REFERER"] != $CFG->wwwroot &&
260
241
$_SERVER["HTTP_REFERER"] != $CFG->wwwroot.'/' &&
261
242
$_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/' &&
262
243
$_SERVER["HTTP_REFERER"] != $CFG->httpswwwroot.'/login/index.php')
263
244
? $_SERVER["HTTP_REFERER"] : NULL;
266
if (!empty($loginurl)) { // We don't want the standard forms, go elsewhere
247
/// Redirect to alternative login URL if needed
248
if (!empty($CFG->alternateloginurl)) {
249
$loginurl = $CFG->alternateloginurl;
251
if (strpos($SESSION->wantsurl, $loginurl) === 0) {
252
//we do not want to return to alternate url
253
$SESSION->wantsurl = NULL;
257
if (strpos($loginurl, '?') === false) {
262
$loginurl .= 'errorcode='.$errorcode;
267
265
redirect($loginurl);
271
269
/// Generate the login page with forms
273
if ($session_has_timed_out) {
274
$errormsg = get_string('sessionerroruser', 'error');
277
if (get_moodle_cookie() == '') {
271
if (get_moodle_cookie() == '') {
278
272
set_moodle_cookie('nobody'); // To help search for cookies
281
275
if (empty($frm->username) && $authsequence[0] != 'shibboleth') { // See bug 5184
282
276
$frm->username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();
283
277
$frm->password = "";
286
280
if (!empty($frm->username)) {
287
281
$focus = "password";
295
289
$show_instructions = false;
298
print_header("$site->fullname: $loginsite", $site->fullname, $loginsite, $focus,
299
'', true, '<div class="langmenu">'.$langmenu.'</div>');
292
print_header("$site->fullname: $loginsite", $site->fullname, $navigation, $focus,
293
'', true, '<div class="langmenu">'.$langmenu.'</div>');
301
295
include("index_form.html");