/**
*
* @global bool $is_platformAdmin
* @global bool $is_allowedCreateCourse
* @global object $_user
*/
public static function init_user($user_id, $reset)
{
global $is_platformAdmin;
global $is_allowedCreateCourse;
global $_user;
if (isset($reset) && $reset) {
// session data refresh requested
unset($_SESSION['_user']['uidReset']);
$is_platformAdmin = false;
$is_allowedCreateCourse = false;
$_user['user_id'] = $user_id;
if (isset($_user['user_id']) && $_user['user_id'] && !api_is_anonymous()) {
// a uid is given (log in succeeded)
$user_table = Database::get_main_table(TABLE_MAIN_USER);
$admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
$track_e_login = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN);
$sql = "SELECT user.*, a.user_id is_admin, UNIX_TIMESTAMP(login.login_date) login_date\n FROM {$user_table}\n LEFT JOIN {$admin_table} a\n ON user.user_id = a.user_id\n LEFT JOIN {$track_e_login} login\n ON user.user_id = login.login_user_id\n WHERE user.user_id = '" . $_user['user_id'] . "'\n ORDER BY login.login_date DESC LIMIT 1";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
// Extracting the user data
$uData = Database::fetch_array($result);
$_user['firstName'] = $uData['firstname'];
$_user['lastName'] = $uData['lastname'];
$_user['mail'] = $uData['email'];
$_user['lastLogin'] = $uData['login_date'];
$_user['official_code'] = $uData['official_code'];
$_user['picture_uri'] = $uData['picture_uri'];
$_user['user_id'] = $uData['user_id'];
$_user['language'] = $uData['language'];
$_user['auth_source'] = $uData['auth_source'];
$_user['theme'] = $uData['theme'];
$_user['status'] = $uData['status'];
$is_platformAdmin = (bool) (!is_null($uData['is_admin']));
$is_allowedCreateCourse = (bool) ($uData['status'] == 1 or api_get_setting('drhCourseManagerRights') and $uData['status'] == 4);
ConditionalLogin::check_conditions($uData);
Session::write('_user', $_user);
UserManager::update_extra_field_value($_user['user_id'], 'already_logged_in', 'true');
Session::write('is_platformAdmin', $is_platformAdmin);
Session::write('is_allowedCreateCourse', $is_allowedCreateCourse);
} else {
header('location:' . api_get_path(WEB_PATH));
//exit("WARNING UNDEFINED UID !! ");
}
} else {
// no uid => logout or Anonymous
Session::erase('_user');
Session::erase('_uid');
}
Session::write('is_platformAdmin', $is_platformAdmin);
Session::write('is_allowedCreateCourse', $is_allowedCreateCourse);
} else {
// continue with the previous values
$_user = $_SESSION['_user'];
$is_platformAdmin = $_SESSION['is_platformAdmin'];
$is_allowedCreateCourse = $_SESSION['is_allowedCreateCourse'];
}
}
$url = api_get_path(WEB_PATH) . 'main/auth/conditional_login/complete_phone_number.php';
if (!isset($_SESSION['conditional_login']['uid'])) {
die("Not Authorised");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="fr" xml:lang="fr" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body>
<form id="data_completion" name="data_completion" method="post" action="<?php
echo $url;
?>
">
Téléphone : <input type="text" name="phone_number" />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>
<?php
if (isset($_POST['submit'])) {
$u = api_get_user_info($_SESSION['conditional_login']['uid']);
$u['phone'] = $_POST['phone_number'];
$password = null;
// we don't want to change the password
$updated = UserManager::update_user($u['user_id'], $u['firstname'], $u['lastname'], $u['username'], $password, $u['auth_source'], $u['email'], $u['status'], $u['official_code'], $u['phone'], $u['picture_uri'], $u['expiration_date'], $u['active'], $u['creator_id'], $u['hr_dept_id'], $u['extra'], $u['language'], '');
if ($updated) {
ConditionalLogin::login();
}
}
$is_allowedCreateCourse = false;
if (isset($_user['user_id']) && $_user['user_id'] && !api_is_anonymous()) {
// a uid is given (log in succeeded)
$user_table = Database::get_main_table(TABLE_MAIN_USER);
$admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
$track_e_login = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN);
$sql = "SELECT user.*, a.user_id is_admin, login.login_date\n FROM {$user_table}\n LEFT JOIN {$admin_table} a\n ON user.user_id = a.user_id\n LEFT JOIN {$track_e_login} login\n ON user.user_id = login.login_user_id\n WHERE user.user_id = '" . $_user['user_id'] . "'\n ORDER BY login.login_date DESC LIMIT 1";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
// Extracting the user data
$uData = Database::fetch_array($result);
$_user = api_format_user($uData, false);
$_user['lastLogin'] = api_strtotime($uData['login_date'], 'UTC');
$is_platformAdmin = (bool) (!is_null($uData['is_admin']));
$is_allowedCreateCourse = (bool) ($uData['status'] == COURSEMANAGER or api_get_setting('drhCourseManagerRights') and $uData['status'] == DRH);
ConditionalLogin::check_conditions($uData);
Session::write('_user', $_user);
UserManager::update_extra_field_value($_user['user_id'], 'already_logged_in', 'true');
Session::write('is_platformAdmin', $is_platformAdmin);
Session::write('is_allowedCreateCourse', $is_allowedCreateCourse);
} else {
header('location:' . api_get_path(WEB_PATH));
exit;
}
} else {
// no uid => logout or Anonymous
Session::erase('_user');
Session::erase('_uid');
}
Session::write('is_platformAdmin', $is_platformAdmin);
Session::write('is_allowedCreateCourse', $is_allowedCreateCourse);
