Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // intranet_login.php
- // performs login using the tickets table from the intranet db
- function intranet_login($courseid=0, $autologinguest=true, $cm=null) {
- global $CFG, $SESSION, $USER, $FULLME, $MoodleSession;
- if (isset($_GET['JSessionId']))
- $ticketID = $_GET['JSessionId'];
- if (!isset($ticketID) && isset($_GET['JSESSIONID']))
- $ticketID = $_GET['JSESSIONID'];
- if (!isset($ticketID))
- return;
- $username = getUsernameFromTicket($ticketID);
- $user = authenticate_user_login($username, '');
- if (isset($ticketID) && !$user) {
- echo "<h3>Error: No se ha establecido una sesion con su usuario. Puede que la sesión haya caducado.</h3>";
- exit;
- }
- $SESSION->wantsurl = $FULLME;
- if (!empty($_SERVER['HTTP_REFERER'])) {
- $SESSION->fromurl = $_SERVER['HTTP_REFERER'];
- }
- $USER = NULL;
- update_login_count();
- if ($user) {
- if (empty($user->confirmed)) { // This account was never confirmed
- print_header(get_string("mustconfirm"), get_string("mustconfirm") );
- print_heading(get_string("mustconfirm"));
- print_simple_box(get_string("emailconfirmsent", "", $user->email), "center");
- print_footer();
- die;
- }
- // Let's get them all set up.
- $USER = $user;
- add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID, $USER->id, 0, $USER->id);
- update_user_login_times();
- set_moodle_cookie($USER->username);
- set_login_session_preferences();
- //Select password change url
- if (is_internal_auth($USER->auth) || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){
- $passwordchangeurl=$CFG->wwwroot.'/login/change_password.php';
- } elseif($CFG->changepassword) {
- $passwordchangeurl=$CFG->changepassword;
- }
- // check whether the user should be changing password
- if (get_user_preferences('auth_forcepasswordchange', false) || $frm->password == 'changeme'){
- if (isset($passwordchangeurl)) {
- redirect($passwordchangeurl);
- } else {
- error("You cannot proceed without changing your password.
- However there is no available page for changing it.
- Please contact your Moodle Administrator.");
- }
- }
- if (user_not_fully_set_up($USER)) {
- $urltogo = $CFG->wwwroot.'/user/edit.php?id='.$USER->id.'&course='.SITEID;
- // We don't delete $SESSION->wantsurl yet, so we get there later
- } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) {
- $urltogo = $SESSION->wantsurl; /// Because it's an address in this site
- unset($SESSION->wantsurl);
- } else {
- $urltogo = $CFG->wwwroot.'/'; /// Go to the standard home page
- unset($SESSION->wantsurl); /// Just in case
- }
- // check if user password has expired
- // Currently supported only for ldap-authentication module
- if (isset($CFG->ldap_expiration) && $CFG->ldap_expiration == 1 ) {
- if (function_exists('auth_password_expire')){
- $days2expire = auth_password_expire($USER->username);
- if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) {
- print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
- notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
- print_footer();
- exit;
- } elseif (intval($days2expire) < 0 ) {
- print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
- notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
- print_footer();
- exit;
- }
- }
- }
- reset_login_count();
- }
- // check whether the user should be changing password
- // reload_user_preferences(); // Why is this necessary? Seems wasteful. - MD
- if (!empty($USER->preference['auth_forcepasswordchange'])){
- if (is_internal_auth() || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){
- $SESSION->wantsurl = $FULLME;
- redirect($CFG->wwwroot .'/login/change_password.php');
- } elseif($CFG->changepassword) {
- redirect($CFG->changepassword);
- } else {
- error('You cannot proceed without changing your password.
- However there is no available page for changing it.
- Please contact your Moodle Administrator.');
- }
- }
- // Check that the user account is properly set up
- if (user_not_fully_set_up($USER)) {
- $SESSION->wantsurl = $FULLME;
- redirect($CFG->wwwroot .'/user/edit.php?id='. $USER->id .'&course='. SITEID);
- }
- // Make sure current IP matches the one for this session (if required)
- if (!empty($CFG->tracksessionip)) {
- if ($USER->sessionIP != md5(getremoteaddr())) {
- error(get_string('sessionipnomatch', 'error'));
- }
- }
- // Make sure the USER has a sesskey set up. Used for checking script parameters.
- sesskey();
- // Check that the user has agreed to a site policy if there is one
- if (!empty($CFG->sitepolicy)) {
- if (!$USER->policyagreed) {
- $SESSION->wantsurl = $FULLME;
- redirect($CFG->wwwroot .'/user/policy.php');
- }
- }
- // If the site is currently under maintenance, then print a message
- if (!isadmin()) {
- if (file_exists($CFG->dataroot.'/'.SITEID.'/maintenance.html')) {
- print_maintenance_message();
- exit;
- }
- }
- // Next, check if the user can be in a particular course
- if ($courseid) {
- if ($courseid == SITEID) { // Anyone can be in the site course
- if (isset($cm) and !$cm->visible and !isteacher(SITEID)) { // Not allowed to see module, send to course page
- redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
- }
- return;
- }
- if (!empty($USER->student[$courseid]) or !empty($USER->teacher[$courseid]) or !empty($USER->admin)) {
- if (isset($USER->realuser)) { // Make sure the REAL person can also access this course
- if (!isteacher($courseid, $USER->realuser)) {
- print_header();
- notice(get_string('studentnotallowed', '', fullname($USER, true)), $CFG->wwwroot .'/');
- }
- }
- if (isset($cm) and !$cm->visible and !isteacher($courseid)) { // Not allowed to see module, send to course page
- redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
- }
- return; // user is a member of this course.
- }
- if (! $course = get_record('course', 'id', $courseid)) {
- error('That course doesn\'t exist');
- }
- if (!$course->visible) {
- print_header();
- notice(get_string('coursehidden'), $CFG->wwwroot .'/');
- }
- if ($USER->username == 'guest') {
- switch ($course->guest) {
- case 0: // Guests not allowed
- print_header();
- notice(get_string('guestsnotallowed', '', $course->fullname), "$CFG->wwwroot/login/index.php");
- break;
- case 1: // Guests allowed
- if (isset($cm) and !$cm->visible) { // Not allowed to see module, send to course page
- redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
- }
- return;
- case 2: // Guests allowed with key (drop through)
- break;
- }
- }
- //User is not enrolled in the course, wants to access course content
- //as a guest, and course setting allow unlimited guest access
- //Code cribbed from course/loginas.php
- if (strstr($FULLME,"username=guest") && ($course->guest==1)) {
- $realuser = $USER->id;
- $realname = fullname($USER, true);
- $USER = guest_user();
- $USER->loggedin = true;
- $USER->site = $CFG->wwwroot;
- $USER->realuser = $realuser;
- $USER->sessionIP = md5(getremoteaddr()); // Store the current IP in the session
- if (isset($SESSION->currentgroup)) { // Remember current cache setting for later
- $SESSION->oldcurrentgroup = $SESSION->currentgroup;
- unset($SESSION->currentgroup);
- }
- $guest_name = fullname($USER, true);
- add_to_log($course->id, "course", "loginas", "../user/view.php?id=$course->id&$USER->id$", "$realname -> $guest_name");
- if (isset($cm) and !$cm->visible) { // Not allowed to see module, send to course page
- redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
- }
- return;
- }
- // Currently not enrolled in the course, so see if they want to enrol
- $SESSION->wantsurl = $FULLME;
- redirect($CFG->wwwroot .'/course/enrol.php?id='. $courseid);
- die;
- }
- }
- function getUsernameFromTicket($ticketID) {
- // Returns username retrieved from the tickets table
- // for a given ticketID
- // Code taken from external db auth method
- global $CFG;
- $prefix = $CFG->prefix.''; // Remember it. The '' is to prevent PHP5 reference.. see bug 3223
- // Connect to the external database
- $authdb = &ADONewConnection('oci8'); // $CFG->auth_dbtype
- $authdb->Connect($CFG->auth_dbhost,$CFG->auth_dbuser,$CFG->auth_dbpass,$CFG->auth_dbname);
- $rs = $authdb->Execute("SELECT username," .
- " to_char(fecha+0.028,'YYYY/MM/DD HH24:MI:SS'), to_char(SYSDATE,'YYYY/MM/DD HH24:MI:SS')" .
- " FROM $CFG->auth_dbtable WHERE ticket = '$ticketID'");
- $authdb->Close();
- $CFG->prefix = $prefix;
- if (!$rs) {
- notify("Could not connect to the specified authentication database...");
- return null;
- }
- $fecha = strtotime($rs->fields[1]);
- $ahora = strtotime($rs->fields[2]);
- if ($ahora > $fecha) {
- return null;
- }
- if ($rs->RecordCount()) {
- return $rs->fields[0];
- } else {
- return null;
- }
- }
- ?>
Add Comment
Please, Sign In to add comment