3 require_once("../config.php");
5 $loginguest = optional_param('loginguest', false); // determines whether visitors are logged in as guest automatically
7 /// Check if the guest user exists. If not, create one.
8 if (! record_exists("user", "username", "guest")) {
9 $guest->auth
= "manual";
10 $guest->username
= "guest";
11 $guest->password
= md5("guest");
12 $guest->firstname
= addslashes(get_string("guestuser"));
13 $guest->lastname
= " ";
14 $guest->email
= "root@localhost";
15 $guest->description
= addslashes(get_string("guestuserinfo"));
16 $guest->confirmed
= 1;
17 $guest->lang
= $CFG->lang
;
18 $guest->timemodified
= time();
20 if (! $guest->id
= insert_record("user", $guest)) {
21 notify("Could not create guest user record !!!");
25 /// Load alternative login screens if necessary
27 if ($CFG->auth
== 'cas' && !empty($CFG->cas_enabled
)) {
28 require($CFG->dirroot
.'/auth/cas/login.php');
31 if ($CFG->auth
== 'shibboleth') {
32 if (!empty($SESSION->shibboleth_checked
) ) { // Just come from there
33 unset($SESSION->shibboleth_checked
);
34 } else if (empty($_POST)) { // No incoming data, so redirect
35 redirect($CFG->wwwroot
.'/auth/shibboleth/index.php');
41 /// Define variables used in page
42 if (!$site = get_site()) {
43 error("No site found!");
46 if (empty($CFG->langmenu
)) {
49 $currlang = current_language();
50 $langs = get_list_of_languages();
51 if (empty($CFG->loginhttps
)) {
52 $wwwroot = $CFG->wwwroot
;
54 $wwwroot = str_replace('http','https',$CFG->wwwroot
);
56 $langmenu = popup_form ("$wwwroot/login/index.php?lang=", $langs, "chooselang", $currlang, "", "", "", true);
59 $loginsite = get_string("loginsite");
61 $loginurl = (!empty($CFG->alternateloginurl
)) ?
$CFG->alternateloginurl
: '';
67 if ((!empty($SESSION->wantsurl
) and strstr($SESSION->wantsurl
,'username=guest')) or $loginguest) {
68 /// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
69 $frm->username
= 'guest';
70 $frm->password
= 'guest';
71 } else if (!empty($SESSION->wantsurl
) && file_exists($CFG->dirroot
.'/login/weblinkauth.php')) {
72 // Handles the case of another Moodle site linking into a page on this site
73 include($CFG->dirroot
.'/login/weblinkauth.php');
74 if (function_exists(weblink_auth
)) {
75 $user = weblink_auth($SESSION->wantsurl
);
78 $frm->username
= $user->username
;
80 $frm = data_submitted($loginurl);
83 $frm = data_submitted($loginurl);
86 /// Check if the user has actually submitted login data to us
88 if ($frm and (get_moodle_cookie() == '') and ($frm->username
!='guest') and !$user) { // Login without cookie
90 $errormsg = get_string("cookiesnotenabled");
92 } else if ($frm) { // Login WITH cookies
94 $frm->username
= trim(moodle_strtolower($frm->username
));
96 if (($frm->username
== 'guest') and empty($CFG->guestloginbutton
)) {
97 $user = false; /// Can't log in as guest if guest button is disabled
100 $user = authenticate_user_login($frm->username
, $frm->password
);
102 update_login_count();
106 if (empty($user->confirmed
)) { // This account was never confirmed
107 print_header(get_string("mustconfirm"), get_string("mustconfirm") );
108 print_heading(get_string("mustconfirm"));
109 print_simple_box(get_string("emailconfirmsent", "", $user->email
), "center");
114 // Let's get them all set up.
117 add_to_log(SITEID
, 'user', 'login', "view.php?id=$USER->id&course=".SITEID
, $USER->id
, 0, $USER->id
);
120 update_user_login_times();
121 set_moodle_cookie($USER->username
);
122 set_login_session_preferences();
125 //Select password change url
126 if (is_internal_auth() ||
$CFG->{'auth_'.$USER->auth
.'_stdchangepassword'}){
127 $passwordchangeurl=$CFG->wwwroot
.'/login/change_password.php';
128 } elseif($CFG->changepassword
) {
129 $passwordchangeurl=$CFG->changepassword
;
132 // check whether the user should be changing password
133 if (get_user_preferences('auth_forcepasswordchange', false) ||
$frm->password
== 'changeme'){
134 if (isset($passwordchangeurl)) {
135 redirect($passwordchangeurl);
137 error("You cannot proceed without changing your password.
138 However there is no available page for changing it.
139 Please contact your Moodle Administrator.");
144 if (user_not_fully_set_up($USER)) {
145 $urltogo = $CFG->wwwroot
.'/user/edit.php?id='.$USER->id
.'&course='.SITEID
;
146 // We don't delete $SESSION->wantsurl yet, so we get there later
148 } else if (isset($SESSION->wantsurl
) and (strpos($SESSION->wantsurl
, $CFG->wwwroot
) === 0)) {
149 $urltogo = $SESSION->wantsurl
; /// Because it's an address in this site
150 unset($SESSION->wantsurl
);
153 $urltogo = $CFG->wwwroot
.'/'; /// Go to the standard home page
154 unset($SESSION->wantsurl
); /// Just in case
157 // check if user password has expired
158 // Currently supported only for ldap-authentication module
159 if (isset($CFG->ldap_expiration
) && $CFG->ldap_expiration
== 1 ) {
160 if (function_exists('auth_password_expire')){
161 $days2expire = auth_password_expire($USER->username
);
162 if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth
.'_expiration_warning'})) {
163 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
164 notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
167 } elseif (intval($days2expire) < 0 ) {
168 print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
169 notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
183 $errormsg = get_string("invalidlogin");
188 /// We need to show a login form
190 /// First, let's remember where the user was trying to get to before they got here
192 if (empty($SESSION->wantsurl
)) {
193 $SESSION->wantsurl
= array_key_exists('HTTP_REFERER',$_SERVER) ?
$_SERVER["HTTP_REFERER"] : $CFG->wwwroot
;
196 if (!empty($loginurl)) { // We don't want the standard forms, go elsewhere
201 /// Generate the login page with forms
203 if (empty($errormsg)) {
207 if (get_moodle_cookie() == '') {
208 set_moodle_cookie('nobody'); // To help search for cookies
211 if (empty($frm->username
)) {
212 $frm->username
= get_moodle_cookie() === 'nobody' ?
'' : get_moodle_cookie();
216 if (!empty($frm->username
)) {
217 $focus = "login.password";
219 $focus = "login.username";
222 if ($CFG->auth
== "email" or $CFG->auth
== "none" or chop($CFG->auth_instructions
) <> "" ) {
223 $show_instructions = true;
225 $show_instructions = false;
228 print_header("$site->fullname: $loginsite", $site->fullname
, $loginsite, $focus,
229 '', true, '<div class="langmenu" align="right">'.$langmenu.'</div>');
231 include("index_form.html");