/**
* Handles authentication by setting up a session for a user if they are logged
* in.
*
* This function combined with the Session class is smart - if the user is not
* logged in then they do not get a session, which prevents simple curl hits
* or search engine crawls to a page from getting sessions they won't use.
*
* Once the user has a session, they keep it even if the log out, so it can
* be reused. The session does expire, but the expiry time is typically a week
* or more.
*
* If the user is not authenticated for this page, then this function will
* exit, printing the login page. Therefore, after including init.php, you can
* be sure that the user is logged in, or has a valid guest key. However, no
* testing is done to make sure the user has the required permissions to see
* the page.
*
*/
function auth_setup()
{
global $SESSION, $USER;
// If the system is not installed, let the user through in the hope that
// they can fix this little problem :)
if (!get_config('installed')) {
$USER->logout();
return;
}
// Lock the site until core upgrades are done
require get_config('libroot') . 'version.php';
$siteclosed = $config->version > get_config('version');
$disablelogin = $config->disablelogin;
if (!$siteclosed && get_config('forcelocalupgrades')) {
require get_config('docroot') . 'local/version.php';
$siteclosed = $config->version > get_config('localversion');
}
$cfgsiteclosed = get_config('siteclosed');
if ($siteclosed && !$cfgsiteclosed || !$siteclosed && $cfgsiteclosed) {
// If the admin closed the site manually, open it automatically
// when an upgrade is successful.
if ($cfgsiteclosed && get_config('siteclosedbyadmin')) {
set_config('siteclosedbyadmin', false);
}
set_config('siteclosed', $siteclosed);
set_config('disablelogin', $disablelogin);
}
// Check the time that the session is set to log out. If the user does
// not have a session, this time will be 0.
$sessionlogouttime = $USER->get('logout_time');
// Need to doublecheck that the User's sessionid still has a match the usr_session table
// It can disappear if the current user has hacked the real user's account and the real user has
// reset the password clearing the session from usr_session.
$sessionexists = get_record('usr_session', 'usr', $USER->id, 'session', $USER->get('sessionid'));
$parentuser = $USER->get('parentuser');
if ($sessionlogouttime && isset($_GET['logout']) || $sessionexists === false && $USER->get('sessionid') != '' && empty($parentuser)) {
// Call the authinstance' logout hook
$authinstance = $SESSION->get('authinstance');
if ($authinstance) {
$authobj = AuthFactory::create($authinstance);
$authobj->logout();
} else {
log_debug("Strange: user " . $USER->get('username') . " had no authinstance set in their session");
}
if (function_exists('local_logout')) {
local_logout();
}
$USER->logout();
$SESSION->add_ok_msg(get_string('loggedoutok'));
redirect();
}
if ($sessionlogouttime > time()) {
// The session is still active, so continue it.
// Make sure that if a user's admin status has changed, they're kicked
// out of the admin section
if (in_admin_section()) {
// Reload site admin/staff permissions
$realuser = get_record('usr', 'id', $USER->id, null, null, null, null, 'admin,staff');
if (!$USER->get('admin') && $realuser->admin) {
// The user has been made into an admin
$USER->admin = 1;
} else {
if ($USER->get('admin') && !$realuser->admin) {
// The user's admin rights have been taken away
$USER->admin = 0;
}
}
if (!$USER->get('staff') && $realuser->staff) {
$USER->staff = 1;
} else {
if ($USER->get('staff') && !$realuser->staff) {
$USER->staff = 0;
}
}
// Reload institutional admin/staff permissions
$USER->reset_institutions();
auth_check_admin_section();
}
$USER->renew();
auth_check_required_fields();
} else {
if ($sessionlogouttime > 0) {
// The session timed out
$authinstance = $SESSION->get('authinstance');
if ($authinstance) {
$authobj = AuthFactory::create($authinstance);
$mnetuser = 0;
if ($SESSION->get('mnetuser') && $authobj->parent) {
// We wish to remember that the user is an MNET user - even though
// they're using the local login form
$mnetuser = $USER->get('id');
}
$authobj->logout();
$USER->logout();
if ($mnetuser != 0) {
$SESSION->set('mnetuser', $mnetuser);
$SESSION->set('authinstance', $authinstance);
}
} else {
log_debug("Strange: user " . $USER->get('username') . " had no authinstance set in their session");
}
if (defined('JSON')) {
json_reply('global', get_string('sessiontimedoutreload'), 1);
}
if (defined('IFRAME')) {
header('Content-type: text/html');
print_auth_frame();
exit;
}
// If the page the user is viewing is public, inform them that they can
// log in again
if (defined('PUBLIC')) {
// @todo this links to ?login - later it should do magic to make
// sure that whatever GET string is made it includes the old data
// correctly
$loginurl = $_SERVER['REQUEST_URI'];
$loginurl .= false === strpos($loginurl, '?') ? '?' : '&';
$loginurl .= 'login';
$SESSION->add_info_msg(get_string('sessiontimedoutpublic', 'mahara', hsc($loginurl)), false);
return;
}
auth_draw_login_page(get_string('sessiontimedout'));
} else {
// There is no session, so we check to see if one needs to be started.
// Build login form. If the form is submitted it will be handled here,
// and set $USER for us (this will happen when users hit a page and
// specify login data immediately
require_once 'pieforms/pieform.php';
$form = new Pieform(auth_get_login_form());
$SESSION->loginform = $form;
if ($USER->is_logged_in()) {
return;
}
// Check if the page is public or the site is configured to be public.
if (defined('PUBLIC') && !isset($_GET['login'])) {
if ($lang = param_alphanumext('lang', null)) {
$SESSION->set('lang', $lang);
}
return;
}
// No session and a json request
if (defined('JSON')) {
json_reply('global', get_string('nosessionreload'), 1);
}
auth_draw_login_page(null, $form);
exit;
}
}
}
/**
* Builds a data structure representing the menu for Mahara.
*
* @return array
*/
function main_nav()
{
global $USER;
$language = current_language();
$cachemenu = false;
// Get the first institution
$institution = $USER->get_primary_institution();
$menutype = '';
if (in_admin_section()) {
global $USER, $SESSION;
if ($USER->get('admin')) {
$menutype = 'admin_nav';
if (!($cachemenu = get_config_institution($institution, $menutype . '_' . $language))) {
$menu = admin_nav();
}
} else {
if ($USER->is_institutional_admin()) {
$menutype = 'instadmin_nav';
if (!($cachemenu = get_config_institution($institution, $menutype . '_' . $language))) {
$menu = institutional_admin_nav();
}
} else {
if ($USER->get('staff')) {
$menutype = 'staff_nav';
if (!($cachemenu = get_config_institution($institution, $menutype . '_' . $language))) {
$menu = staff_nav();
}
} else {
$menutype = 'inststaff_nav';
if (!($cachemenu = get_config_institution($institution, $menutype . '_' . $language))) {
$menu = institutional_staff_nav();
}
}
}
}
} else {
// Build the menu structure for the site
$menutype = 'standard_nav';
if (!($cachemenu = get_config_institution($institution, $menutype . '_' . $language))) {
$menu = mahara_standard_nav();
}
}
if ($cachemenu) {
$menu = json_decode($cachemenu, true);
} else {
$menu = array_filter($menu, create_function('$a', 'return empty($a["ignore"]);'));
// enable plugins to augment the menu structure
foreach (array('artefact', 'interaction', 'module', 'auth') as $plugintype) {
if ($plugins = plugins_installed($plugintype)) {
foreach ($plugins as &$plugin) {
if (safe_require_plugin($plugintype, $plugin->name)) {
$plugin_menu = call_static_method(generate_class_name($plugintype, $plugin->name), 'menu_items');
$menu = array_merge($menu, $plugin_menu);
}
}
}
}
set_config_institution($institution, $menutype . '_' . $language, json_encode($menu));
}
// local_main_nav_update allows sites to customise the menu by munging the $menu array.
// as there is no internal way to know if the local_main_nav array has changed we keep it outside the cached menu
if (function_exists('local_main_nav_update')) {
local_main_nav_update($menu);
}
$menu_structure = find_menu_children($menu, '');
return $menu_structure;
}
/**
* Builds a data structure representing the menu for Mahara.
*/
function main_nav()
{
if (in_admin_section()) {
global $USER, $SESSION;
if ($USER->get('admin')) {
$menu = admin_nav();
} else {
if ($USER->is_institutional_admin()) {
$menu = institutional_admin_nav();
} else {
if ($USER->get('staff')) {
$menu = staff_nav();
} else {
$menu = institutional_staff_nav();
}
}
}
} else {
// Build the menu structure for the site
// The keys of each entry are as follows:
// path: Where the link sits in the menu. E.g. 'myporfolio/myplugin'
// url: The URL to the page, relative to wwwroot. E.g. 'artefact/myplugin/'
// title: Translated text to use for the text of the link. E.g. get_string('myplugin', 'artefact.myplugin')
// weight: Where in the menu the item should be inserted. Larger number are to the right.
$menu = mahara_standard_nav();
}
$menu = array_filter($menu, create_function('$a', 'return empty($a["ignore"]);'));
if ($plugins = plugins_installed('artefact')) {
foreach ($plugins as &$plugin) {
if (safe_require_plugin('artefact', $plugin->name)) {
$plugin_menu = call_static_method(generate_class_name('artefact', $plugin->name), 'menu_items');
$menu = array_merge($menu, $plugin_menu);
}
}
}
if ($plugins = plugins_installed('interaction')) {
foreach ($plugins as &$plugin) {
if (safe_require_plugin('interaction', $plugin->name)) {
$plugin_menu = call_static_method(generate_class_name('interaction', $plugin->name), 'menu_items');
$menu = array_merge($menu, $plugin_menu);
}
}
}
// local_main_nav_update allows sites to customise the menu by munging the $menu array.
if (function_exists('local_main_nav_update')) {
local_main_nav_update($menu);
}
$menu_structure = find_menu_children($menu, '');
return $menu_structure;
}
function general_account_prefs_form_elements($prefs)
{
global $USER;
require_once 'license.php';
$elements = array();
$elements['friendscontrol'] = array('type' => 'radio', 'defaultvalue' => $prefs->friendscontrol, 'title' => get_string('friendsdescr', 'account'), 'class' => 'mrs mls', 'options' => array('nobody' => get_string('friendsnobody', 'account'), 'auth' => get_string('friendsauth', 'account'), 'auto' => get_string('friendsauto', 'account')), 'help' => true);
$elements['wysiwyg'] = array('type' => 'switchbox', 'defaultvalue' => get_config('wysiwyg') ? get_config('wysiwyg') == 'enable' : $prefs->wysiwyg, 'title' => get_string('wysiwygdescr', 'account'), 'help' => true, 'disabled' => get_config('wysiwyg'));
if (get_config('licensemetadata')) {
$elements['licensedefault'] = license_form_el_basic(null);
$elements['licensedefault']['title'] = get_string('licensedefault', 'account');
if ($USER->get('institutions')) {
$elements['licensedefault']['options'][LICENSE_INSTITUTION_DEFAULT] = get_string('licensedefaultinherit', 'account');
}
$elements['licensedefault']['description'] = get_string('licensedefaultdescription', 'account');
if (isset($prefs->licensedefault)) {
$elements['licensedefault']['defaultvalue'] = $prefs->licensedefault;
}
}
$elements['maildisabled'] = array('type' => 'switchbox', 'defaultvalue' => $prefs->maildisabled, 'title' => get_string('disableemail', 'account'), 'help' => true);
$elements['messages'] = array('type' => 'radio', 'defaultvalue' => $prefs->messages, 'title' => get_string('messagesdescr', 'account'), 'options' => array('nobody' => get_string('messagesnobody', 'account'), 'friends' => get_string('messagesfriends', 'account'), 'allow' => get_string('messagesallow', 'account')), 'help' => true);
$languages = get_languages();
// Determine default language.
$instlang = get_user_institution_language($USER->id, $instlanginstname);
if (!empty($instlang) && $instlang != 'default') {
$sitedefaultlabel = get_string('defaultlangforinstitution', 'admin', get_config_institution($instlanginstname, 'displayname')) . ' (' . $languages[$instlang] . ')';
} else {
$sitedefaultlabel = get_string('sitedefault', 'admin') . ' (' . $languages[get_config('lang')] . ')';
}
$elements['lang'] = array('type' => 'select', 'defaultvalue' => $prefs->lang, 'title' => get_string('language', 'account'), 'options' => array_merge(array('default' => $sitedefaultlabel), $languages), 'help' => true, 'ignore' => count($languages) < 2);
$sitethemes = array();
// Get all available standard site themes
if (get_config('sitethemeprefs') && !in_admin_section()) {
// get_user_accessible_themes() returns 'sitedefault' to mean fall back to the site or
// institution theme. This won't work for account prefs, where 'sitedefault' is just
// a theme that doesn't exist. So change the 'sitedefault' key to '', and the empty
// preference will be interpreted as "No theme selected".
$sitethemes = array_reverse(get_user_accessible_themes());
unset($sitethemes['sitedefault']);
$sitethemes = array_reverse($sitethemes);
}
// Get all user's institution themes
$institutionthemes = array();
if ($institutions = $USER->get('institutions')) {
$allthemes = get_all_theme_objects();
foreach ($institutions as $i) {
if (empty($i->theme)) {
$institutionthemes['sitedefault' . '/' . $i->institution] = $i->displayname . ' - ' . get_string('sitedefault', 'admin');
} else {
$institutionthemes[$i->theme . '/' . $i->institution] = $i->displayname . ' - ' . $allthemes[$i->theme]->displayname;
}
}
}
$themes = array_merge($sitethemes, $institutionthemes);
natcasesort($themes);
$currenttheme = $USER->get_themedata();
if (!isset($currenttheme->basename)) {
$defaulttheme = 'sitedefault';
} else {
$defaulttheme = $currenttheme->basename;
}
if (isset($currenttheme->institutionname)) {
$defaulttheme = $defaulttheme . '/' . $currenttheme->institutionname;
}
if (!array_key_exists($defaulttheme, $themes)) {
reset($themes);
$defaulttheme = key($themes);
}
$elements['theme'] = array('type' => 'select', 'defaultvalue' => $defaulttheme, 'title' => get_string('theme'), 'options' => $themes, 'ignore' => count($themes) < 2, 'help' => true);
$elements['addremovecolumns'] = array('type' => 'switchbox', 'defaultvalue' => $prefs->addremovecolumns, 'title' => get_string('showviewcolumns', 'account'), 'help' => 'true');
// TODO: add a way for plugins (like blog!) to have account preferences
$elements['multipleblogs'] = array('type' => 'switchbox', 'title' => get_string('enablemultipleblogs1', 'account'), 'description' => get_string('enablemultipleblogsdescription1', 'account'), 'defaultvalue' => $prefs->multipleblogs);
if (get_config('showtagssideblock')) {
$elements['tagssideblockmaxtags'] = array('type' => 'text', 'size' => 4, 'title' => get_string('tagssideblockmaxtags', 'account'), 'description' => get_string('tagssideblockmaxtagsdescription', 'account'), 'defaultvalue' => isset($prefs->tagssideblockmaxtags) ? $prefs->tagssideblockmaxtags : get_config('tagssideblockmaxtags'), 'rules' => array('integer' => true, 'minvalue' => 0, 'maxvalue' => 1000));
}
$elements['groupsideblockmaxgroups'] = array('type' => 'text', 'size' => 4, 'title' => get_string('limitto1', 'blocktype.mygroups'), 'description' => get_string('limittodescsideblock1', 'blocktype.mygroups'), 'defaultvalue' => isset($prefs->groupsideblockmaxgroups) ? $prefs->groupsideblockmaxgroups : '', 'rules' => array('regex' => '/^[0-9]*$/', 'minvalue' => 0, 'maxvalue' => 1000));
$elements['groupsideblocksortby'] = array('type' => 'select', 'defaultvalue' => isset($prefs->groupsideblocksortby) ? $prefs->groupsideblocksortby : 'alphabetical', 'title' => get_string('sortgroups', 'blocktype.mygroups'), 'options' => array('latest' => get_string('latest', 'blocktype.mygroups'), 'earliest' => get_string('earliest', 'blocktype.mygroups'), 'alphabetical' => get_string('alphabetical', 'blocktype.mygroups')));
if (get_config('userscanhiderealnames')) {
$elements['hiderealname'] = array('type' => 'switchbox', 'title' => get_string('hiderealname', 'account'), 'description' => get_string('hiderealnamedescription', 'account'), 'defaultvalue' => $prefs->hiderealname);
}
if (get_config('homepageinfo')) {
$elements['showhomeinfo'] = array('type' => 'switchbox', 'defaultvalue' => $prefs->showhomeinfo, 'title' => get_string('showhomeinfo2', 'account'), 'description' => get_string('showhomeinfodescription1', 'account', hsc(get_config('sitename'))), 'help' => 'true');
}
if (get_config('showprogressbar')) {
$elements['showprogressbar'] = array('type' => 'switchbox', 'defaultvalue' => $prefs->showprogressbar, 'title' => get_string('showprogressbar', 'account'), 'description' => get_string('showprogressbardescription', 'account', hsc(get_config('sitename'))));
}
if (get_config('allowmobileuploads')) {
$defaultvalue = array();
$mobileuploadtoken = isset($prefs->mobileuploadtoken) ? $prefs->mobileuploadtoken : get_config('mobileuploadtoken');
$defaultvalue = explode('|', trim($mobileuploadtoken, '|'));
$elements['mobileuploadtoken'] = array('type' => 'multitext', 'title' => get_string('mobileuploadtoken', 'account'), 'defaultvalue' => $defaultvalue, 'help' => 'true');
}
if (get_config_plugin('artefact', 'file', 'resizeonuploadenable')) {
$elements['resizeonuploaduserdefault'] = array('type' => 'switchbox', 'title' => get_string('resizeonuploaduserdefault1', 'account'), 'description' => get_string('resizeonuploaduserdefaultdescription2', 'account'), 'defaultvalue' => $prefs->resizeonuploaduserdefault);
}
if (get_config('userscandisabledevicedetection')) {
$elements['devicedetection'] = array('type' => 'switchbox', 'title' => get_string('devicedetection', 'account'), 'description' => get_string('devicedetectiondescription', 'account'), 'defaultvalue' => $prefs->devicedetection);
}
return $elements;
}
/**
* Builds a data structure representing the menu for Mahara.
*
* @return array
*/
function main_nav()
{
if (in_admin_section()) {
global $USER, $SESSION;
if ($USER->get('admin')) {
$menu = admin_nav();
} else {
if ($USER->is_institutional_admin()) {
$menu = institutional_admin_nav();
} else {
if ($USER->get('staff')) {
$menu = staff_nav();
} else {
$menu = institutional_staff_nav();
}
}
}
} else {
// Build the menu structure for the site
$menu = mahara_standard_nav();
}
$menu = array_filter($menu, create_function('$a', 'return empty($a["ignore"]);'));
// enable plugins to augment the menu structure
foreach (array('artefact', 'interaction', 'module') as $plugintype) {
if ($plugins = plugins_installed($plugintype)) {
foreach ($plugins as &$plugin) {
if (safe_require_plugin($plugintype, $plugin->name)) {
$plugin_menu = call_static_method(generate_class_name($plugintype, $plugin->name), 'menu_items');
$menu = array_merge($menu, $plugin_menu);
}
}
}
}
// local_main_nav_update allows sites to customise the menu by munging the $menu array.
if (function_exists('local_main_nav_update')) {
local_main_nav_update($menu);
}
$menu_structure = find_menu_children($menu, '');
return $menu_structure;
}
