コード例 #1
0
/**
 * Like {@link get_script_path()} but returns a URI relative to WWWROOT
 * @see get_script_path()
 * @return string
 */
function get_relative_script_path()
{
    $maharadir = get_mahara_install_subdirectory();
    // $maharadir always has a trailing '/'
    return substr(get_script_path(), strlen($maharadir) - 1);
}
コード例 #2
0
ファイル: web.php プロジェクト: Br3nda/mahara
/**
 * Like {@link me()} but returns a full URL
 * @see me()
 * @return string
 */
function get_full_script_path()
{
    global $CFG;
    if (!empty($CFG->wwwroot)) {
        $url = parse_url($CFG->wwwroot);
    }
    if (!empty($url['host'])) {
        $hostname = $url['host'];
    } else {
        if (!empty($_SERVER['SERVER_NAME'])) {
            $hostname = $_SERVER['SERVER_NAME'];
        } else {
            if (!empty($_ENV['SERVER_NAME'])) {
                $hostname = $_ENV['SERVER_NAME'];
            } else {
                if (!empty($_SERVER['HTTP_HOST'])) {
                    $hostname = $_SERVER['HTTP_HOST'];
                } else {
                    if (!empty($_ENV['HTTP_HOST'])) {
                        $hostname = $_ENV['HTTP_HOST'];
                    } else {
                        log_warn('Warning: could not find the name of this server!');
                        return false;
                    }
                }
            }
        }
    }
    if (!empty($url['port'])) {
        $hostname .= ':' . $url['port'];
    } else {
        if (!empty($_SERVER['SERVER_PORT'])) {
            if ($_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443) {
                $hostname .= ':' . $_SERVER['SERVER_PORT'];
            }
        }
    }
    if (isset($_SERVER['HTTPS'])) {
        $protocol = $_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://';
    } else {
        if (isset($_SERVER['SERVER_PORT'])) {
            # Apache2 does not export $_SERVER['HTTPS']
            $protocol = $_SERVER['SERVER_PORT'] == '443' ? 'https://' : 'http://';
        } else {
            $protocol = 'http://';
        }
    }
    $url_prefix = $protocol . $hostname;
    return $url_prefix . get_script_path();
}
コード例 #3
0
ファイル: mahara.php プロジェクト: kienv/mahara
function perf_to_log($info = null)
{
    if (!get_config('perftolog')) {
        return true;
    }
    if (empty($info)) {
        $info = get_performance_info();
    }
    $logstring = 'PERF: ' . strip_querystring(get_script_path()) . ': ';
    $logstring .= ' memory_total: ' . $info['memory_total'] . 'B (' . display_size($info['memory_total']) . ') memory_growth: ' . $info['memory_growth'] . 'B (' . display_size($info['memory_growth']) . ')';
    $logstring .= ' time: ' . $info['realtime'] . 's';
    $logstring .= ' includecount: ' . $info['includecount'];
    $logstring .= ' dbqueries: ' . $info['dbreads'] . ' reads, ' . $info['dbwrites'] . ' writes, ' . $info['dbcached'] . ' cached';
    $logstring .= ' ticks: ' . $info['ticks'] . ' user: '******'utime'] . ' sys: ' . $info['stime'] . ' cuser: '******'cutime'] . ' csys: ' . $info['cstime'];
    $logstring .= ' serverload: ' . $info['serverload'];
    log_debug($logstring);
}
コード例 #4
0
/**
 * Called when the login form is submitted. Validates the user and password, and
 * if they are valid, starts a new session for the user.
 *
 * @param object $form   The Pieform form object
 * @param array  $values The submitted values
 * @access private
 */
function login_submit(Pieform $form, $values)
{
    global $SESSION, $USER;
    $username = $values['login_username'];
    $password = $values['login_password'];
    $authenticated = false;
    $oldlastlogin = 0;
    try {
        $authenticated = $USER->login($username, $password);
        if (empty($authenticated)) {
            $SESSION->add_error_msg(get_string('loginfailed'));
            return;
        }
    } catch (AuthUnknownUserException $e) {
        // If the user doesn't exist, check for institutions that
        // want to create users automatically.
        try {
            // Reset the LiveUser object, since we are attempting to create a
            // new user
            $SESSION->destroy_session();
            $USER = new LiveUser();
            $authinstances = get_records_sql_array('
                SELECT a.id, a.instancename, a.priority, a.authname, a.institution, i.suspended, i.displayname
                FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name
                ORDER BY a.institution, a.priority, a.instancename', null);
            if ($authinstances == false) {
                throw new AuthUnknownUserException("\"{$username}\" is not known");
            }
            $USER->username = $username;
            reset($authinstances);
            while ((list(, $authinstance) = each($authinstances)) && false == $authenticated) {
                $auth = AuthFactory::create($authinstance->id);
                if (!$auth->can_auto_create_users()) {
                    continue;
                }
                // catch semi-fatal auth errors, but allow next auth instance to be
                // tried
                try {
                    if ($auth->authenticate_user_account($USER, $password)) {
                        $authenticated = true;
                    } else {
                        continue;
                    }
                } catch (AuthInstanceException $e) {
                    continue;
                }
                // Check now to see if the institution has its maximum quota of users
                require_once 'institution.php';
                $institution = new Institution($authinstance->institution);
                if ($institution->isFull()) {
                    throw new AuthUnknownUserException('Institution has too many users');
                }
                $USER->authinstance = $authinstance->id;
                $userdata = $auth->get_user_info($username);
                if (empty($userdata)) {
                    throw new AuthUnknownUserException("\"{$username}\" is not known");
                }
                // Check for a suspended institution
                if ($authinstance->suspended) {
                    $sitename = get_config('sitename');
                    throw new AccessTotallyDeniedException(get_string('accesstotallydenied_institutionsuspended', 'mahara', $authinstance->displayname, $sitename));
                }
                // We have the data - create the user
                $USER->lastlogin = db_format_timestamp(time());
                if (isset($userdata->firstname)) {
                    $USER->firstname = $userdata->firstname;
                }
                if (isset($userdata->lastname)) {
                    $USER->lastname = $userdata->lastname;
                }
                if (isset($userdata->email)) {
                    $USER->email = $userdata->email;
                } else {
                    // The user will be asked to populate this when they log in.
                    $USER->email = null;
                }
                try {
                    // If this authinstance is a parent auth for some xmlrpc authinstance, pass it along to create_user
                    // so that this username also gets recorded as the username for sso from the remote sites.
                    $remoteauth = count_records('auth_instance_config', 'field', 'parent', 'value', $authinstance->id) ? $authinstance : null;
                    create_user($USER, array(), $institution, $remoteauth);
                    $USER->reanimate($USER->id, $authinstance->id);
                } catch (Exception $e) {
                    db_rollback();
                    throw $e;
                }
            }
            if (!$authenticated) {
                $SESSION->add_error_msg(get_string('loginfailed'));
                return;
            }
        } catch (AuthUnknownUserException $e) {
            // We weren't able to authenticate the user for some reason that
            // probably isn't their fault (e.g. ldap extension not available
            // when using ldap authentication)
            log_info($e->getMessage());
            $SESSION->add_error_msg(get_string('loginfailed'));
            return;
        }
    }
    // Only admins in the admin section!
    if (!$USER->get('admin') && (defined('ADMIN') || defined('INSTITUTIONALADMIN') && !$USER->is_institutional_admin())) {
        $SESSION->add_error_msg(get_string('accessforbiddentoadminsection'));
        redirect();
    }
    // Check if the user's account has been deleted
    if ($USER->deleted) {
        $USER->logout();
        die_info(get_string('accountdeleted'));
    }
    // Check if the user's account has expired
    if ($USER->expiry > 0 && time() > $USER->expiry) {
        $USER->logout();
        die_info(get_string('accountexpired'));
    }
    // Check if the user's account has become inactive
    $inactivetime = get_config('defaultaccountinactiveexpire');
    if ($inactivetime && $oldlastlogin > 0 && $oldlastlogin + $inactivetime < time()) {
        $USER->logout();
        die_info(get_string('accountinactive'));
    }
    // Check if the user's account has been suspended
    if ($USER->suspendedcusr) {
        $suspendedctime = strftime(get_string('strftimedaydate'), $USER->suspendedctime);
        $suspendedreason = $USER->suspendedreason;
        $USER->logout();
        die_info(get_string('accountsuspended', 'mahara', $suspendedctime, $suspendedreason));
    }
    // User is allowed to log in
    //$USER->login($userdata);
    auth_check_required_fields();
    if (get_config('httpswwwroot') && !defined('JSON')) {
        // If we are using HTTPS for logins we need to go back to
        // non-HTTPS URLs. Otherwise, Javascript (and possibly CSS)
        // breaks. Don't use get_full_script_path(), as it doesn't
        // work if someone sets httpswwwroot to something like
        // 'https://x.y.z.w:443/...'  (unlikely, but
        // possible). get_full_script_path() doesn't gives us the
        // ':443' part and things break horribly.
        $parts = parse_url(get_config('httpswwwroot'));
        $httpsrequest = rtrim($parts['path'], '/');
        redirect(hsc(substr(get_script_path(), strlen($httpsrequest))));
    }
}