course/loginas.php

   1 <?php
   2 // Allows a teacher/admin to login as another user (in stealth mode)
   3
   4 require_once('../config.php');
   5 require_once('lib.php');
   6
   7 $id       = optional_param('id', SITEID, PARAM_INT);   // course id
   8 $redirect = optional_param('redirect', 0, PARAM_BOOL);
   9
  10 $url = new moodle_url('/course/loginas.php', array('id'=>$id));
  11 $PAGE->set_url($url);
  12
  13 /// Reset user back to their real self if needed, for security reasons you need to log out and log in again
  14 if (session_is_loggedinas()) {
  15     require_sesskey();
  16     require_logout();
  17
  18     // We can not set wanted URL here because the session is closed.
  19     redirect(new moodle_url($url, array('redirect'=>1)));
  20 }
  21
  22 if ($redirect) {
  23     if ($id and $id != SITEID) {
  24         $SESSION->wantsurl = "$CFG->wwwroot/course/view.php?id=".$id;
  25     } else {
  26         $SESSION->wantsurl = "$CFG->wwwroot/";
  27     }
  28
  29     redirect(get_login_url());
  30 }
  31
  32 ///-------------------------------------
  33 /// We are trying to log in as this user in the first place
  34
  35 $userid = required_param('user', PARAM_INT);         // login as this user
  36
  37 require_sesskey();
  38 $course = $DB->get_record('course', array('id'=>$id), '*', MUST_EXIST);
  39
  40 /// User must be logged in
  41
  42 $systemcontext = context_system::instance();
  43 $coursecontext = context_course::instance($course->id);
  44
  45 require_login();
  46
  47 if (has_capability('moodle/user:loginas', $systemcontext)) {
  48     if (is_siteadmin($userid)) {
  49         print_error('nologinas');
  50     }
  51     $context = $systemcontext;
  52     $PAGE->set_context($context);
  53 } else {
  54     require_login($course);
  55     require_capability('moodle/user:loginas', $coursecontext);
  56     if (is_siteadmin($userid)) {
  57         print_error('nologinas');
  58     }
  59     if (!is_enrolled($coursecontext, $userid)) {
  60         print_error('usernotincourse');
  61     }
  62     $context = $coursecontext;
  63 }
  64
  65 /// Login as this user and return to course home page.
  66 $oldfullname = fullname($USER, true);
  67 session_loginas($userid, $context);
  68 $newfullname = fullname($USER, true);
  69
  70 add_to_log($course->id, "course", "loginas", "../user/view.php?id=$course->id&amp;user=$userid", "$oldfullname -> $newfullname");
  71
  72 $strloginas    = get_string('loginas');
  73 $strloggedinas = get_string('loggedinas', '', $newfullname);
  74
  75 $PAGE->set_title($strloggedinas);
  76 $PAGE->set_heading($course->fullname);
  77 $PAGE->navbar->add($strloggedinas);
  78 notice($strloggedinas, "$CFG->wwwroot/course/view.php?id=$course->id");