Esempi di codice in PHP per api_can_login_as

Esempio n. 1

0

Mostra file

File: user_list.php Progetto: KRCM13/chamilo-lms

/**
*	Make sure this function is protected because it does NOT check password!
*
*	This function defines globals.
*   @param  int     $userId
 *
*   @return bool    False on failure, redirection on success
*	@author Evie Embrechts
*   @author Yannick Warnier <*****@*****.**>
*/
function loginUser($userId)
{
    $userId = intval($userId);
    $userInfo = api_get_user_info($userId);
    // Check if the user is allowed to 'login_as'
    $canLoginAs = api_can_login_as($userId);
    if (!$canLoginAs || empty($userInfo)) {
        return false;
    }
    $firstname = $userInfo['firstname'];
    $lastname = $userInfo['lastname'];
    if (api_is_western_name_order()) {
        $message = sprintf(get_lang('AttemptingToLoginAs'), $firstname, $lastname, $userId);
    } else {
        $message = sprintf(get_lang('AttemptingToLoginAs'), $lastname, $firstname, $userId);
    }
    if ($userId) {
        // Logout the current user
        LoginDelete(api_get_user_id());
        Session::erase('_user');
        Session::erase('is_platformAdmin');
        Session::erase('is_allowedCreateCourse');
        Session::erase('_uid');
        // Cleaning session variables
        $_user['firstName'] = $userInfo['firstname'];
        $_user['lastName'] = $userInfo['lastname'];
        $_user['mail'] = $userInfo['email'];
        //$_user['lastLogin'] = $user_data['login_date'];
        $_user['official_code'] = $userInfo['official_code'];
        $_user['picture_uri'] = $userInfo['picture_uri'];
        $_user['user_id'] = $userId;
        $_user['id'] = $userId;
        $_user['status'] = $userInfo['status'];
        // Filling session variables with new data
        Session::write('_uid', $userId);
        Session::write('_user', $userInfo);
        Session::write('is_platformAdmin', (bool) UserManager::is_admin($userId));
        Session::write('is_allowedCreateCourse', (bool) ($userInfo['status'] == 1));
        // will be useful later to know if the user is actually an admin or not (example reporting)
        Session::write('login_as', true);
        $target_url = api_get_path(WEB_PATH) . "user_portal.php";
        $message .= '<br />' . sprintf(get_lang('LoginSuccessfulGoToX'), '<a href="' . $target_url . '">' . $target_url . '</a>');
        Display::display_header(get_lang('UserList'));
        Display::display_normal_message($message, false);
        Display::display_footer();
        exit;
    }
}

Esempio n. 2

0

Mostra file

File: user_list.php Progetto: annickvdp/Chamilo1.9.10

/**
*	Make sure this function is protected because it does NOT check password!
*
*	This function defines globals.
*   @param  int     User ID
*   @return bool    False on failure, redirection on success
*	@author Evie Embrechts
*   @author Yannick Warnier <*****@*****.**>
*/
function login_user($user_id)
{
    $user_id = intval($user_id);
    $user_info = api_get_user_info($user_id);
    // Check if the user is allowed to 'login_as'
    $can_login_as = api_can_login_as($user_id);
    if (!$can_login_as) {
        return false;
    }
    //Load $_user to be sure we clean it before logging in
    global $uidReset, $loginFailed, $_user;
    $main_user_table = Database::get_main_table(TABLE_MAIN_USER);
    $main_admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
    $track_e_login_table = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN);
    unset($_user['user_id']);
    // uid not in session ? prevent any hacking
    $firstname = $user_info['firstname'];
    $lastname = $user_info['lastname'];
    $user_id = $user_info['user_id'];
    //$message = "Attempting to login as ".api_get_person_name($firstname, $lastname)." (id ".$user_id.")";
    if (api_is_western_name_order()) {
        $message = sprintf(get_lang('AttemptingToLoginAs'), $firstname, $lastname, $user_id);
    } else {
        $message = sprintf(get_lang('AttemptingToLoginAs'), $lastname, $firstname, $user_id);
    }
    $loginFailed = false;
    $uidReset = false;
    if ($user_id) {
        // a uid is given (log in succeeded)
        $sql_query = "SELECT user.*, a.user_id is_admin,\n\t\t\tUNIX_TIMESTAMP(login.login_date) login_date\n\t\t\tFROM {$main_user_table}\n\t\t\tLEFT JOIN {$main_admin_table} a\n\t\t\tON user.user_id = a.user_id\n\t\t\tLEFT JOIN {$track_e_login_table} login\n\t\t\tON user.user_id = login.login_user_id\n\t\t\tWHERE user.user_id = '" . $user_id . "'\n\t\t\tORDER BY login.login_date DESC LIMIT 1";
        $sql_result = Database::query($sql_query);
        if (Database::num_rows($sql_result) > 0) {
            // Extracting the user data
            $user_data = Database::fetch_array($sql_result);
            //Delog the current user
            LoginDelete($_SESSION["_user"]["user_id"]);
            // Cleaning session variables
            unset($_SESSION['_user']);
            unset($_SESSION['is_platformAdmin']);
            unset($_SESSION['is_allowedCreateCourse']);
            unset($_SESSION['_uid']);
            $_user['firstName'] = $user_data['firstname'];
            $_user['lastName'] = $user_data['lastname'];
            $_user['mail'] = $user_data['email'];
            $_user['lastLogin'] = $user_data['login_date'];
            $_user['official_code'] = $user_data['official_code'];
            $_user['picture_uri'] = $user_data['picture_uri'];
            $_user['user_id'] = $user_data['user_id'];
            $_user['status'] = $user_data['status'];
            $is_platformAdmin = (bool) (!is_null($user_data['is_admin']));
            $is_allowedCreateCourse = (bool) ($user_data['status'] == 1);
            // Filling session variables with new data
            $_SESSION['_uid'] = $user_id;
            $_SESSION['_user'] = $_user;
            $_SESSION['is_platformAdmin'] = $is_platformAdmin;
            $_SESSION['is_allowedCreateCourse'] = $is_allowedCreateCourse;
            $_SESSION['login_as'] = true;
            // will be useful later to know if the user is actually an admin or not (example reporting)s
            $target_url = api_get_path(WEB_PATH) . "user_portal.php";
            $message .= '<br />' . sprintf(get_lang('LoginSuccessfulGoToX'), '<a href="' . $target_url . '">' . $target_url . '</a>');
            Display::display_header(get_lang('UserList'));
            Display::display_normal_message($message, false);
            Display::display_footer();
            exit;
        } else {
            exit("<br />WARNING UNDEFINED UID !! ");
        }
    }
}

Esempio n. 3

0

Mostra file

File: myStudents.php Progetto: omaoibrahim/chamilo-lms

 echo '<div class="actions">';
 echo '<a href="javascript: window.history.go(-1);" ">' . Display::return_icon('back.png', get_lang('Back'), '', ICON_SIZE_MEDIUM) . '</a>';
 echo '<a href="javascript: void(0);" onclick="javascript: window.print();">' . Display::return_icon('printer.png', get_lang('Print'), '', ICON_SIZE_MEDIUM) . '</a>';
 echo '<a href="' . api_get_self() . '?' . Security::remove_XSS($_SERVER['QUERY_STRING']) . '&export=csv">' . Display::return_icon('export_csv.png', get_lang('ExportAsCSV'), '', ICON_SIZE_MEDIUM) . '</a> ';
 echo '<a href="' . api_get_self() . '?' . Security::remove_XSS($_SERVER['QUERY_STRING']) . '&export=xls">' . Display::return_icon('export_excel.png', get_lang('ExportAsXLS'), '', ICON_SIZE_MEDIUM) . '</a> ';
 if (!empty($user_info['email'])) {
     $send_mail = '<a href="mailto:' . $user_info['email'] . '">' . Display::return_icon('mail_send.png', get_lang('SendMail'), '', ICON_SIZE_MEDIUM) . '</a>';
 } else {
     $send_mail = Display::return_icon('mail_send_na.png', get_lang('SendMail'), '', ICON_SIZE_MEDIUM);
 }
 echo $send_mail;
 if (!empty($student_id) && !empty($_GET['course'])) {
     // Only show link to connection details if course and student were defined in the URL
     echo '<a href="access_details.php?student=' . $student_id . '&course=' . Security::remove_XSS($_GET['course']) . '&origin=' . $origin . '&cidReq=' . Security::remove_XSS($_GET['course']) . '&id_session=' . $sessionId . '">' . Display::return_icon('statistics.png', get_lang('AccessDetails'), '', ICON_SIZE_MEDIUM) . '</a>';
 }
 if (api_can_login_as($student_id)) {
     echo '<a href="' . api_get_path(WEB_CODE_PATH) . 'admin/user_list.php?action=login_as&user_id=' . $student_id . '&sec_token=' . $token . '">' . Display::return_icon('login_as.png', get_lang('LoginAs'), null, ICON_SIZE_MEDIUM) . '</a>';
 }
 if ($alloAssignSkill) {
     echo Display::url(Display::return_icon('skill-badges.png', get_lang('AssignSkill'), null, ICON_SIZE_MEDIUM), api_get_path(WEB_CODE_PATH) . 'badge/assign.php?' . http_build_query(['user' => $student_id]));
 }
 echo '</div>';
 // is the user online ?
 if (UserManager::user_is_online($_GET['student'])) {
     $online = get_lang('Yes');
 } else {
     $online = get_lang('No');
 }
 // get average of score and average of progress by student
 $avg_student_progress = $avg_student_score = 0;
 $course_code = isset($_GET['course']) ? Security::remove_XSS($_GET['course']) : null;

Esempio n. 4

0

Mostra file

File: course.php Progetto: jloguercio/chamilo-lms

         $title = get_lang('YourCourseList');
         $courses = CourseManager::get_courses_followed_by_drh(api_get_user_id());
     }
 } else {
     $session_name = api_get_session_name($sessionId);
     $title = api_htmlentities($session_name, ENT_QUOTES, $charset) . ' : ' . get_lang('CourseListInSession');
     $courses = Tracking::get_courses_list_from_session($sessionId);
 }
 $a_courses = array_keys($courses);
 if (!api_is_session_admin()) {
     $menu_items[] = Display::url(Display::return_icon('stats.png', get_lang('MyStats'), '', ICON_SIZE_MEDIUM), api_get_path(WEB_CODE_PATH) . "auth/my_progress.php");
     $menu_items[] = Display::url(Display::return_icon('user.png', get_lang('Students'), array(), ICON_SIZE_MEDIUM), "index.php?view=drh_students&amp;display=yourstudents");
     $menu_items[] = Display::url(Display::return_icon('teacher.png', get_lang('Trainers'), array(), ICON_SIZE_MEDIUM), 'teachers.php');
     $menu_items[] = Display::url(Display::return_icon('course_na.png', get_lang('Courses'), array(), ICON_SIZE_MEDIUM), '#');
     $menu_items[] = Display::url(Display::return_icon('session.png', get_lang('Sessions'), array(), ICON_SIZE_MEDIUM), 'session.php');
     if (api_can_login_as($user_id)) {
         $link = '<a href="' . api_get_path(WEB_CODE_PATH) . 'admin/user_list.php?action=login_as&amp;user_id=' . $user_id . '&amp;sec_token=' . Security::get_existing_token() . '">' . Display::return_icon('login_as.png', get_lang('LoginAs'), null, ICON_SIZE_MEDIUM) . '</a>&nbsp;&nbsp;';
         $menu_items[] = $link;
     }
 }
 $actionsLeft = $actionsRight = '';
 $nb_menu_items = count($menu_items);
 if ($nb_menu_items > 1) {
     foreach ($menu_items as $key => $item) {
         $actionsLeft .= $item;
     }
 }
 if (count($a_courses) > 0) {
     $actionsRight .= Display::url(Display::return_icon('printer.png', get_lang('Print'), array(), 32), 'javascript: void(0);', array('onclick' => 'javascript: window.print();'));
 }
 $toolbar = Display::toolbarAction('toolbar-course', $content = array(0 => $actionsLeft, 1 => $actionsRight));

Esempi in PHP per api_can_login_as