<?php // intranet_login.php// performs login using the tickets table from th

1. <?php
2. // intranet_login.php
3. // performs login using the tickets table from the intranet db
4.  
5.  
6. function intranet_login($courseid=0, $autologinguest=true, $cm=null) {
7. global $CFG, $SESSION, $USER, $FULLME, $MoodleSession;
8.  
9. if (isset($_GET['JSessionId']))
10. $ticketID = $_GET['JSessionId'];
11. if (!isset($ticketID) && isset($_GET['JSESSIONID']))
12. $ticketID = $_GET['JSESSIONID'];
13.  
14. if (!isset($ticketID))
15. return;
16.  
17. $username = getUsernameFromTicket($ticketID);
18. $user = authenticate_user_login($username, '');
19.  
20. if (isset($ticketID) && !$user) {
21. echo "<h3>Error: No se ha establecido una sesion con su usuario. Puede que la sesión haya caducado.</h3>";
22. exit;
23. }
24.  
25. $SESSION->wantsurl = $FULLME;
26. if (!empty($_SERVER['HTTP_REFERER'])) {
27. $SESSION->fromurl = $_SERVER['HTTP_REFERER'];
28. }
29. $USER = NULL;
30.  
31. update_login_count();
32.  
33. if ($user) {
34.  
35. if (empty($user->confirmed)) { // This account was never confirmed
36. print_header(get_string("mustconfirm"), get_string("mustconfirm") );
37. print_heading(get_string("mustconfirm"));
38. print_simple_box(get_string("emailconfirmsent", "", $user->email), "center");
39. print_footer();
40. die;
41. }
42.  
43. // Let's get them all set up.
44. $USER = $user;
45.  
46. add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID, $USER->id, 0, $USER->id);
47.  
48.  
49. update_user_login_times();
50. set_moodle_cookie($USER->username);
51. set_login_session_preferences();
52.  
53.  
54. //Select password change url
55. if (is_internal_auth($USER->auth) || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){
56. $passwordchangeurl=$CFG->wwwroot.'/login/change_password.php';
57. } elseif($CFG->changepassword) {
58. $passwordchangeurl=$CFG->changepassword;
59. }
60.  
61. // check whether the user should be changing password
62. if (get_user_preferences('auth_forcepasswordchange', false) || $frm->password == 'changeme'){
63. if (isset($passwordchangeurl)) {
64. redirect($passwordchangeurl);
65. } else {
66. error("You cannot proceed without changing your password.
67. However there is no available page for changing it.
68. Please contact your Moodle Administrator.");
69. }
70. }
71.  
72.  
73. if (user_not_fully_set_up($USER)) {
74. $urltogo = $CFG->wwwroot.'/user/edit.php?id='.$USER->id.'&course='.SITEID;
75. // We don't delete $SESSION->wantsurl yet, so we get there later
76.  
77. } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) {
78. $urltogo = $SESSION->wantsurl; /// Because it's an address in this site
79. unset($SESSION->wantsurl);
80.  
81. } else {
82. $urltogo = $CFG->wwwroot.'/'; /// Go to the standard home page
83. unset($SESSION->wantsurl); /// Just in case
84. }
85.  
86. // check if user password has expired
87. // Currently supported only for ldap-authentication module
88. if (isset($CFG->ldap_expiration) && $CFG->ldap_expiration == 1 ) {
89. if (function_exists('auth_password_expire')){
90. $days2expire = auth_password_expire($USER->username);
91. if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) {
92. print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
93. notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
94. print_footer();
95. exit;
96. } elseif (intval($days2expire) < 0 ) {
97. print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
98. notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
99. print_footer();
100. exit;
101. }
102. }
103. }
104. reset_login_count();
105. }
106.  
107. // check whether the user should be changing password
108. // reload_user_preferences(); // Why is this necessary? Seems wasteful. - MD
109. if (!empty($USER->preference['auth_forcepasswordchange'])){
110. if (is_internal_auth() || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){
111. $SESSION->wantsurl = $FULLME;
112. redirect($CFG->wwwroot .'/login/change_password.php');
113. } elseif($CFG->changepassword) {
114. redirect($CFG->changepassword);
115. } else {
116. error('You cannot proceed without changing your password.
117. However there is no available page for changing it.
118. Please contact your Moodle Administrator.');
119. }
120. }
121. // Check that the user account is properly set up
122. if (user_not_fully_set_up($USER)) {
123. $SESSION->wantsurl = $FULLME;
124. redirect($CFG->wwwroot .'/user/edit.php?id='. $USER->id .'&course='. SITEID);
125. }
126.  
127. // Make sure current IP matches the one for this session (if required)
128. if (!empty($CFG->tracksessionip)) {
129. if ($USER->sessionIP != md5(getremoteaddr())) {
130. error(get_string('sessionipnomatch', 'error'));
131. }
132. }
133.  
134. // Make sure the USER has a sesskey set up. Used for checking script parameters.
135. sesskey();
136.  
137. // Check that the user has agreed to a site policy if there is one
138. if (!empty($CFG->sitepolicy)) {
139. if (!$USER->policyagreed) {
140. $SESSION->wantsurl = $FULLME;
141. redirect($CFG->wwwroot .'/user/policy.php');
142. }
143. }
144.  
145. // If the site is currently under maintenance, then print a message
146. if (!isadmin()) {
147. if (file_exists($CFG->dataroot.'/'.SITEID.'/maintenance.html')) {
148. print_maintenance_message();
149. exit;
150. }
151. }
152.  
153. // Next, check if the user can be in a particular course
154. if ($courseid) {
155. if ($courseid == SITEID) { // Anyone can be in the site course
156. if (isset($cm) and !$cm->visible and !isteacher(SITEID)) { // Not allowed to see module, send to course page
157. redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
158. }
159. return;
160. }
161. if (!empty($USER->student[$courseid]) or !empty($USER->teacher[$courseid]) or !empty($USER->admin)) {
162. if (isset($USER->realuser)) { // Make sure the REAL person can also access this course
163. if (!isteacher($courseid, $USER->realuser)) {
164. print_header();
165. notice(get_string('studentnotallowed', '', fullname($USER, true)), $CFG->wwwroot .'/');
166. }
167. }
168. if (isset($cm) and !$cm->visible and !isteacher($courseid)) { // Not allowed to see module, send to course page
169. redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
170. }
171. return; // user is a member of this course.
172. }
173. if (! $course = get_record('course', 'id', $courseid)) {
174. error('That course doesn\'t exist');
175. }
176. if (!$course->visible) {
177. print_header();
178. notice(get_string('coursehidden'), $CFG->wwwroot .'/');
179. }
180. if ($USER->username == 'guest') {
181. switch ($course->guest) {
182. case 0: // Guests not allowed
183. print_header();
184. notice(get_string('guestsnotallowed', '', $course->fullname), "$CFG->wwwroot/login/index.php");
185. break;
186. case 1: // Guests allowed
187. if (isset($cm) and !$cm->visible) { // Not allowed to see module, send to course page
188. redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
189. }
190. return;
191. case 2: // Guests allowed with key (drop through)
192. break;
193. }
194. }
195.  
196. //User is not enrolled in the course, wants to access course content
197. //as a guest, and course setting allow unlimited guest access
198. //Code cribbed from course/loginas.php
199. if (strstr($FULLME,"username=guest") && ($course->guest==1)) {
200. $realuser = $USER->id;
201. $realname = fullname($USER, true);
202. $USER = guest_user();
203. $USER->loggedin = true;
204. $USER->site = $CFG->wwwroot;
205. $USER->realuser = $realuser;
206. $USER->sessionIP = md5(getremoteaddr()); // Store the current IP in the session
207. if (isset($SESSION->currentgroup)) { // Remember current cache setting for later
208. $SESSION->oldcurrentgroup = $SESSION->currentgroup;
209. unset($SESSION->currentgroup);
210. }
211. $guest_name = fullname($USER, true);
212. add_to_log($course->id, "course", "loginas", "../user/view.php?id=$course->id&$USER->id$", "$realname -> $guest_name");
213. if (isset($cm) and !$cm->visible) { // Not allowed to see module, send to course page
214. redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
215. }
216. return;
217. }
218.  
219. // Currently not enrolled in the course, so see if they want to enrol
220. $SESSION->wantsurl = $FULLME;
221. redirect($CFG->wwwroot .'/course/enrol.php?id='. $courseid);
222. die;
223. }
224. }
225.  
226. function getUsernameFromTicket($ticketID) {
227. // Returns username retrieved from the tickets table
228. // for a given ticketID
229. // Code taken from external db auth method
230.  
231. global $CFG;
232.  
233. $prefix = $CFG->prefix.''; // Remember it. The '' is to prevent PHP5 reference.. see bug 3223
234.  
235. // Connect to the external database
236. $authdb = &ADONewConnection('oci8'); // $CFG->auth_dbtype
237. $authdb->Connect($CFG->auth_dbhost,$CFG->auth_dbuser,$CFG->auth_dbpass,$CFG->auth_dbname);
238.  
239. $rs = $authdb->Execute("SELECT username," .
240. " to_char(fecha+0.028,'YYYY/MM/DD HH24:MI:SS'), to_char(SYSDATE,'YYYY/MM/DD HH24:MI:SS')" .
241. " FROM $CFG->auth_dbtable WHERE ticket = '$ticketID'");
242.  
243.  
244.  
245.  
246. $authdb->Close();
247.  
248. $CFG->prefix = $prefix;
249.  
250. if (!$rs) {
251. notify("Could not connect to the specified authentication database...");
252. return null;
253. }
254.  
255. $fecha = strtotime($rs->fields[1]);
256. $ahora = strtotime($rs->fields[2]);
257.  
258. if ($ahora > $fecha) {
259. return null;
260. }
261.  
262. if ($rs->RecordCount()) {
263. return $rs->fields[0];
264. } else {
265. return null;
266. }
267. }
268. ?>