MDL-30192 restore - prevent any extra info to be created for deleted users
[moodle.git] / course / loginas.php
blobd189b5786d83a641324e51a8561d461eb7a107e3
1 <?php
2 // Allows a teacher/admin to login as another user (in stealth mode)
4 require_once('../config.php');
5 require_once('lib.php');
7 $id = optional_param('id', SITEID, PARAM_INT); // course id
9 /// Reset user back to their real self if needed, for security reasons you need to log out and log in again
10 if (session_is_loggedinas()) {
11 require_sesskey();
12 require_logout();
14 if ($id and $id != SITEID) {
15 $SESSION->wantsurl = "$CFG->wwwroot/course/view.php?id=".$id;
16 } else {
17 $SESSION->wantsurl = "$CFG->wwwroot/";
20 redirect(get_login_url());
23 ///-------------------------------------
24 /// We are trying to log in as this user in the first place
26 $userid = required_param('user', PARAM_INT); // login as this user
28 $url = new moodle_url('/course/loginas.php', array('user'=>$userid, 'sesskey'=>sesskey()));
29 if ($id !== SITEID) {
30 $url->param('id', $id);
32 $PAGE->set_url($url);
34 require_sesskey();
35 $course = $DB->get_record('course', array('id'=>$id), '*', MUST_EXIST);
37 /// User must be logged in
39 $systemcontext = get_context_instance(CONTEXT_SYSTEM);
40 $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
42 require_login();
44 if (has_capability('moodle/user:loginas', $systemcontext)) {
45 if (is_siteadmin($userid)) {
46 print_error('nologinas');
48 $context = $systemcontext;
49 $PAGE->set_context($context);
50 } else {
51 require_login($course);
52 require_capability('moodle/user:loginas', $coursecontext);
53 if (is_siteadmin($userid)) {
54 print_error('nologinas');
56 if (!is_enrolled($coursecontext, $userid)) {
57 print_error('usernotincourse');
59 $context = $coursecontext;
62 /// Login as this user and return to course home page.
63 $oldfullname = fullname($USER, true);
64 session_loginas($userid, $context);
65 $newfullname = fullname($USER, true);
67 add_to_log($course->id, "course", "loginas", "../user/view.php?id=$course->id&amp;user=$userid", "$oldfullname -> $newfullname");
69 $strloginas = get_string('loginas');
70 $strloggedinas = get_string('loggedinas', '', $newfullname);
72 $PAGE->set_title($strloggedinas);
73 $PAGE->set_heading($course->fullname);
74 $PAGE->navbar->add($strloggedinas);
75 notice($strloggedinas, "$CFG->wwwroot/course/view.php?id=$course->id");