/**
  * Init user / authentification (level 2)
  */
 protected static function initUser()
 {
     global $ilias, $ilAuth, $ilUser;
     if (ilContext::usesHTTP()) {
         // allow login by submitting user data
         // in query string when DEVMODE is enabled
         if (DEVMODE && isset($_GET['username']) && strlen($_GET['username']) && isset($_GET['password']) && strlen($_GET['password'])) {
             $_POST['username'] = $_GET['username'];
             $_POST['password'] = $_GET['password'];
         }
     }
     // $ilAuth
     require_once "Auth/Auth.php";
     require_once "./Services/AuthShibboleth/classes/class.ilShibboleth.php";
     include_once "./Services/Authentication/classes/class.ilAuthUtils.php";
     ilAuthUtils::_initAuth();
     $ilias->auth = $ilAuth;
     // $ilUser
     self::initGlobal("ilUser", "ilObjUser", "./Services/User/classes/class.ilObjUser.php");
     $ilias->account =& $ilUser;
     self::initAccessHandling();
     // force login
     if (isset($_GET["cmd"]) && $_GET["cmd"] == "force_login") {
         $ilAuth->logout();
         // we need to do this for the session statistics
         // could we use session_destroy() instead?
         // [this is done after every $ilAuth->logout() call elsewhere]
         ilSession::_destroy(session_id(), ilSession::SESSION_CLOSE_LOGIN);
         // :TODO: keep session because of cart content?
         if (!isset($_GET['forceShoppingCartRedirect'])) {
             $_SESSION = array();
         } else {
             ilSession::set("AccountId", "");
         }
     }
 }
Ejemplo n.º 2
0
 function initIlias($context = "web")
 {
     global $ilDB, $ilUser, $ilLog, $ilErr, $ilClientIniFile, $ilIliasIniFile, $ilSetting, $ilias, $https, $ilObjDataCache, $ilLog, $objDefinition, $lng, $ilCtrl, $ilBrowser, $ilHelp, $ilTabs, $ilMainMenu, $rbacsystem, $ilNavigationHistory;
     // remove unsafe characters
     $this->removeUnsafeCharacters();
     // error reporting
     // remove notices from error reporting
     if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
         error_reporting(ini_get("error_reporting") & ~E_NOTICE & ~E_DEPRECATED);
     } else {
         error_reporting(ini_get('error_reporting') & ~E_NOTICE);
     }
     // include common code files
     $this->requireCommonIncludes();
     global $ilBench;
     // set error handler (to do: check preconditions for error handler to work)
     $ilBench->start("Core", "HeaderInclude_GetErrorHandler");
     $ilErr = new ilErrorHandling();
     $GLOBALS['ilErr'] =& $ilErr;
     $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK, array($ilErr, 'errorHandler'));
     $ilBench->stop("Core", "HeaderInclude_GetErrorHandler");
     // prepare file access to work with safe mode (has been done in class ilias before)
     umask(0117);
     // set cookie params
     $this->setCookieParams();
     // $ilIliasIniFile initialisation
     $this->initIliasIniFile();
     // CLIENT_ID determination
     $this->determineClient();
     // $ilAppEventHandler initialisation
     $this->initEventHandling();
     // $ilClientIniFile initialisation
     $this->initClientIniFile();
     // removed redirection madness the service should respond with SERVICE UNAVAILABLE
     // $ilDB initialisation
     $this->initDatabase();
     // init plugin admin class
     include_once "Services/Component/classes/class.ilPluginAdmin.php";
     $ilPluginAdmin = new ilPluginAdmin();
     $GLOBALS['ilPluginAdmin'] = $ilPluginAdmin;
     // set session handler
     $this->setSessionHandler();
     // $ilSetting initialisation
     $this->initSettings();
     // $ilLog initialisation
     $this->initLog();
     // $https initialisation
     require_once 'classes/class.ilHTTPS.php';
     $https = new ilHTTPS();
     $GLOBALS['https'] =& $https;
     $https->enableSecureCookies();
     $https->checkPort();
     if ($this->returnBeforeAuth()) {
         return;
     }
     $ilCtrl = new ilCtrl2();
     $GLOBALS['ilCtrl'] =& $ilCtrl;
     // $ilAuth initialisation
     include_once "Services/Authentication/classes/class.ilAuthUtils.php";
     ilAuthUtils::_initAuth();
     global $ilAuth;
     $this->includePhp5Compliance();
     // Do not accept external session ids
     if (!ilSession::_exists(session_id())) {
         // $_GET["PHPSESSID"] = "";
         session_regenerate_id();
     }
     // $ilias initialisation
     global $ilias, $ilBench;
     $ilBench->start("Core", "HeaderInclude_GetILIASObject");
     $ilias = new ILIAS();
     $GLOBALS['ilias'] =& $ilias;
     $ilBench->stop("Core", "HeaderInclude_GetILIASObject");
     // $ilObjDataCache initialisation
     $ilObjDataCache = new ilObjectDataCache();
     $GLOBALS['ilObjDataCache'] =& $ilObjDataCache;
     // workaround: load old post variables if error handler 'message' was called
     if (isset($_SESSION["message"]) && $_SESSION["message"]) {
         $_POST = $_SESSION["post_vars"];
     }
     // put debugging functions here
     require_once "include/inc.debug.php";
     // $objDefinition initialisation
     $ilBench->start("Core", "HeaderInclude_getObjectDefinitions");
     $objDefinition = new ilObjectDefinition();
     $GLOBALS['objDefinition'] =& $objDefinition;
     // $objDefinition->startParsing();
     $ilBench->stop("Core", "HeaderInclude_getObjectDefinitions");
     // init tree
     $tree = new ilTree(ROOT_FOLDER_ID);
     $GLOBALS['tree'] =& $tree;
     // $ilAccess and $rbac... initialisation
     $this->initAccessHandling();
     // authenticate & start session
     PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, array($ilErr, "errorHandler"));
     $ilBench->start("Core", "HeaderInclude_Authentication");
     //var_dump($_SESSION);
     ////require_once('Log.php');
     ////$ilAuth->logger = Log::singleton('error_log',PEAR_LOG_TYPE_SYSTEM,'TEST');
     ////$ilAuth->enableLogging = true;
     if (!defined("IL_PHPUNIT_TEST")) {
         $oldSid = session_id();
         $ilAuth->start();
         $newSid = session_id();
         include_once 'Services/Payment/classes/class.ilPaymentShoppingCart.php';
         ilPaymentShoppingCart::_migrateShoppingCart($oldSid, $newSid);
     }
     //var_dump($_SESSION);
     $ilias->setAuthError($ilErr->getLastError());
     $ilBench->stop("Core", "HeaderInclude_Authentication");
     // workaround: force login
     if (!empty($_GET["cmd"]) && $_GET["cmd"] == "force_login" || $this->script == "login.php") {
         $ilAuth->logout();
         if (!isset($_GET['forceShoppingCartRedirect'])) {
             $_SESSION = array();
         }
         $_SESSION["AccountId"] = "";
         $ilAuth->start();
         $ilias->setAuthError($ilErr->getLastError());
     }
     // check correct setup
     if (!$ilias->getSetting("setup_ok")) {
         die("Setup is not completed. Please run setup routine again.");
     }
     // $ilUser initialisation (1)
     $ilBench->start("Core", "HeaderInclude_getCurrentUser");
     $ilUser = new ilObjUser();
     $ilias->account =& $ilUser;
     $GLOBALS['ilUser'] =& $ilUser;
     $ilBench->stop("Core", "HeaderInclude_getCurrentUser");
     // $ilCtrl initialisation
     //$ilCtrl = new ilCtrl();
     // determin current script and up-path to main directory
     // (sets $this->script and $this->updir)
     $this->determineScriptAndUpDir();
     // $styleDefinition initialisation and style handling for login and co.
     $this->initStyle();
     if (in_array($this->script, array("login.php", "register.php", "view_usr_agreement.php")) || $_GET["baseClass"] == "ilStartUpGUI") {
         $this->handleStyle();
     }
     // init locale
     $this->initLocale();
     // handle ILIAS 2 imported users:
     // check ilias 2 password, if authentication failed
     // only if AUTH_LOCAL
     //echo "A";
     if (AUTH_CURRENT == AUTH_LOCAL && !$ilAuth->getAuth() && $this->script == "login.php" && $_POST["username"] != "") {
         if (ilObjUser::_lookupHasIlias2Password(ilUtil::stripSlashes($_POST["username"]))) {
             if (ilObjUser::_switchToIlias3Password(ilUtil::stripSlashes($_POST["username"]), ilUtil::stripSlashes($_POST["password"]))) {
                 $ilAuth->start();
                 $ilias->setAuthError($ilErr->getLastError());
                 ilUtil::redirect("index.php");
             }
         }
     }
     //
     // SUCCESSFUL AUTHENTICATION
     //
     if ($ilAuth->getStatus() == '' && $ilias->account->isCurrentUserActive() || defined("IL_PHPUNIT_TEST") && DEVMODE) {
         //echo "C"; exit;
         $ilBench->start("Core", "HeaderInclude_getCurrentUserAccountData");
         //var_dump($_SESSION);
         // get user data
         $this->initUserAccount();
         //var_dump($_SESSION);
         // differentiate account security mode
         require_once 'Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
         $security_settings = ilSecuritySettings::_getInstance();
         if ($security_settings->getAccountSecurityMode() == ilSecuritySettings::ACCOUNT_SECURITY_MODE_CUSTOMIZED) {
             // reset counter for failed logins
             ilObjUser::_resetLoginAttempts($ilUser->getId());
         }
         $ilBench->stop("Core", "HeaderInclude_getCurrentUserAccountData");
     } else {
         if (!$ilAuth->getAuth()) {
             require_once 'Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
             // differentiate account security mode
             $security = ilSecuritySettings::_getInstance();
             if ($security->getAccountSecurityMode() == ilSecuritySettings::ACCOUNT_SECURITY_MODE_CUSTOMIZED) {
                 if (isset($_POST['username']) && $_POST['username'] && $ilUser->getId() == 0) {
                     $username = ilUtil::stripSlashes($_POST['username']);
                     $usr_id = ilObjUser::_lookupId($username);
                     if ($usr_id != ANONYMOUS_USER_ID) {
                         ilObjUser::_incrementLoginAttempts($usr_id);
                         $login_attempts = ilObjUser::_getLoginAttempts($usr_id);
                         $max_attempts = $security->getLoginMaxAttempts();
                         if ($login_attempts >= $max_attempts && $usr_id != SYSTEM_USER_ID && $max_attempts > 0) {
                             ilObjUser::_setUserInactive($usr_id);
                         }
                     }
                 }
             }
         }
     }
     //
     // SUCCESSFUL AUTHENTICATED or NON-AUTH-AREA (Login, Registration, ...)
     //
     // $lng initialisation
     $this->initLanguage();
     // store user language in tree
     $GLOBALS['tree']->initLangCode();
     // ### AA 03.10.29 added new LocatorGUI class ###
     // when locator data array does not exist, initialise
     if (!isset($_SESSION["locator_level"])) {
         $_SESSION["locator_data"] = array();
         $_SESSION["locator_level"] = -1;
     }
     // initialise global ilias_locator object
     // ECS Tasks
     include_once 'Services/WebServices/ECS/classes/class.ilECSTaskScheduler.php';
     $scheduler = ilECSTaskScheduler::start();
     $ilBench->stop("Core", "HeaderInclude");
 }