/**
* This function checks that the current user is logged in and has the
* required privileges
*
* This function checks that the current user is logged in, and optionally
* whether they are allowed to be in a particular course and view a particular
* course module.
* If they are not logged in, then it redirects them to the site login unless
* $autologinguest is set and {@link $CFG}->autologinguests is set to 1 in which
* case they are automatically logged in as guests.
* If $courseid is given and the user is not enrolled in that course then the
* user is redirected to the course enrolment page.
* If $cm is given and the coursemodule is hidden and the user is not a teacher
* in the course then the user is redirected to the course home page.
*
* @uses $CFG
* @uses $SESSION
* @uses $USER
* @uses $FULLME
* @uses SITEID
* @uses $COURSE
* @param mixed $courseorid id of the course or course object
* @param bool $autologinguest
* @param object $cm course module object
* @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
* true. Used to avoid (=false) some scripts (file.php...) to set that variable,
* in order to keep redirects working properly. MDL-14495
*/
function require_login($courseorid = 0, $autologinguest = true, $cm = null, $setwantsurltome = true)
{
global $CFG, $SESSION, $USER, $COURSE, $FULLME;
/// setup global $COURSE, themes, language and locale
course_setup($courseorid);
/// If the user is not even logged in yet then make sure they are
if (!isloggedin()) {
//NOTE: $USER->site check was obsoleted by session test cookie,
// $USER->confirmed test is in login/index.php
if ($setwantsurltome) {
$SESSION->wantsurl = $FULLME;
}
if (!empty($_SERVER['HTTP_REFERER'])) {
$SESSION->fromurl = $_SERVER['HTTP_REFERER'];
}
if ($autologinguest and !empty($CFG->guestloginbutton) and !empty($CFG->autologinguests) and ($COURSE->id == SITEID or $COURSE->guest)) {
$loginguest = '?loginguest=true';
} else {
$loginguest = '';
}
if (empty($CFG->loginhttps) or $loginguest) {
//do not require https for guest logins
redirect($CFG->wwwroot . '/login/index.php' . $loginguest);
} else {
$wwwroot = str_replace('http:', 'https:', $CFG->wwwroot);
redirect($wwwroot . '/login/index.php');
}
exit;
}
/// loginas as redirection if needed
if ($COURSE->id != SITEID and !empty($USER->realuser)) {
if ($USER->loginascontext->contextlevel == CONTEXT_COURSE) {
if ($USER->loginascontext->instanceid != $COURSE->id) {
print_error('loginasonecourse', '', $CFG->wwwroot . '/course/view.php?id=' . $USER->loginascontext->instanceid);
}
}
}
/// check whether the user should be changing password (but only if it is REALLY them)
if (get_user_preferences('auth_forcepasswordchange') && empty($USER->realuser)) {
$userauth = get_auth_plugin($USER->auth);
if ($userauth->can_change_password()) {
$SESSION->wantsurl = $FULLME;
if ($changeurl = $userauth->change_password_url()) {
//use plugin custom url
redirect($changeurl);
} else {
//use moodle internal method
if (empty($CFG->loginhttps)) {
redirect($CFG->wwwroot . '/login/change_password.php');
} else {
$wwwroot = str_replace('http:', 'https:', $CFG->wwwroot);
redirect($wwwroot . '/login/change_password.php');
}
}
} else {
print_error('nopasswordchangeforced', 'auth');
}
}
/// Check that the user account is properly set up
if (user_not_fully_set_up($USER)) {
$SESSION->wantsurl = $FULLME;
redirect($CFG->wwwroot . '/user/edit.php?id=' . $USER->id . '&course=' . SITEID);
}
/// Make sure current IP matches the one for this session (if required)
if (!empty($CFG->tracksessionip)) {
if ($USER->sessionIP != md5(getremoteaddr())) {
print_error('sessionipnomatch', 'error');
}
}
/// Make sure the USER has a sesskey set up. Used for checking script parameters.
sesskey();
// Check that the user has agreed to a site policy if there is one
if (!empty($CFG->sitepolicy)) {
if (!$USER->policyagreed) {
$SESSION->wantsurl = $FULLME;
redirect($CFG->wwwroot . '/user/policy.php');
}
}
// Fetch the system context, we are going to use it a lot.
$sysctx = get_context_instance(CONTEXT_SYSTEM);
/// If the site is currently under maintenance, then print a message
if (!has_capability('moodle/site:config', $sysctx)) {
if (file_exists($CFG->dataroot . '/' . SITEID . '/maintenance.html')) {
print_maintenance_message();
exit;
}
}
/// groupmembersonly access control
if (!empty($CFG->enablegroupings) and $cm and $cm->groupmembersonly and !has_capability('moodle/site:accessallgroups', get_context_instance(CONTEXT_MODULE, $cm->id))) {
if (isguestuser() or !groups_has_membership($cm)) {
print_error('groupmembersonlyerror', 'group', $CFG->wwwroot . '/course/view.php?id=' . $cm->course);
}
}
// Fetch the course context, and prefetch its child contexts
if (!isset($COURSE->context)) {
if (!($COURSE->context = get_context_instance(CONTEXT_COURSE, $COURSE->id))) {
print_error('nocontext');
}
}
if (!empty($cm) && !isset($cm->context)) {
if (!($cm->context = get_context_instance(CONTEXT_MODULE, $cm->id))) {
print_error('nocontext');
}
}
if ($COURSE->id == SITEID) {
/// Eliminate hidden site activities straight away
if (!empty($cm) && !$cm->visible && !has_capability('moodle/course:viewhiddenactivities', $cm->context)) {
redirect($CFG->wwwroot, get_string('activityiscurrentlyhidden'));
}
user_accesstime_log($COURSE->id);
/// Access granted, update lastaccess times
return;
} else {
/// Check if the user can be in a particular course
if (empty($USER->access['rsw'][$COURSE->context->path])) {
//
// MDL-13900 - If the course or the parent category are hidden
// and the user hasn't the 'course:viewhiddencourses' capability, prevent access
//
if (!($COURSE->visible && course_parent_visible($COURSE)) && !has_capability('moodle/course:viewhiddencourses', $COURSE->context)) {
print_header_simple();
notice(get_string('coursehidden'), $CFG->wwwroot . '/');
}
}
/// Non-guests who don't currently have access, check if they can be allowed in as a guest
if ($USER->username != 'guest' and !has_capability('moodle/course:view', $COURSE->context)) {
if ($COURSE->guest == 1) {
// Temporarily assign them guest role for this context, if it fails later user is asked to enrol
$USER->access = load_temp_role($COURSE->context, $CFG->guestroleid, $USER->access);
}
}
/// If the user is a guest then treat them according to the course policy about guests
if (has_capability('moodle/legacy:guest', $COURSE->context, NULL, false)) {
if (has_capability('moodle/site:doanything', $sysctx)) {
// administrators must be able to access any course - even if somebody gives them guest access
user_accesstime_log($COURSE->id);
/// Access granted, update lastaccess times
return;
}
switch ($COURSE->guest) {
/// Check course policy about guest access
case 1:
/// Guests always allowed
if (!has_capability('moodle/course:view', $COURSE->context)) {
// Prohibited by capability
print_header_simple();
notice(get_string('guestsnotallowed', '', format_string($COURSE->fullname)), "{$CFG->wwwroot}/login/index.php");
}
if (!empty($cm) and !$cm->visible) {
// Not allowed to see module, send to course page
redirect($CFG->wwwroot . '/course/view.php?id=' . $cm->course, get_string('activityiscurrentlyhidden'));
}
user_accesstime_log($COURSE->id);
/// Access granted, update lastaccess times
return;
// User is allowed to see this course
break;
case 2:
/// Guests allowed with key
if (!empty($USER->enrolkey[$COURSE->id])) {
// Set by enrol/manual/enrol.php
user_accesstime_log($COURSE->id);
/// Access granted, update lastaccess times
return true;
}
// otherwise drop through to logic below (--> enrol.php)
break;
default:
/// Guests not allowed
$strloggedinasguest = get_string('loggedinasguest');
print_header_simple('', '', build_navigation(array(array('name' => $strloggedinasguest, 'link' => null, 'type' => 'misc'))));
if (empty($USER->access['rsw'][$COURSE->context->path])) {
// Normal guest
notice(get_string('guestsnotallowed', '', format_string($COURSE->fullname)), "{$CFG->wwwroot}/login/index.php");
} else {
notify(get_string('guestsnotallowed', '', format_string($COURSE->fullname)));
echo '<div class="notifyproblem">' . switchroles_form($COURSE->id) . '</div>';
print_footer($COURSE);
exit;
}
break;
}
/// For non-guests, check if they have course view access
} else {
if (has_capability('moodle/course:view', $COURSE->context)) {
if (!empty($USER->realuser)) {
// Make sure the REAL person can also access this course
if (!has_capability('moodle/course:view', $COURSE->context, $USER->realuser)) {
print_header_simple();
notice(get_string('studentnotallowed', '', fullname($USER, true)), $CFG->wwwroot . '/');
}
}
/// Make sure they can read this activity too, if specified
if (!empty($cm) && !$cm->visible && !has_capability('moodle/course:viewhiddenactivities', $cm->context)) {
redirect($CFG->wwwroot . '/course/view.php?id=' . $cm->course, get_string('activityiscurrentlyhidden'));
}
user_accesstime_log($COURSE->id);
/// Access granted, update lastaccess times
return;
// User is allowed to see this course
}
}
/// Currently not enrolled in the course, so see if they want to enrol
$SESSION->wantsurl = $FULLME;
redirect($CFG->wwwroot . '/course/enrol.php?id=' . $COURSE->id);
die;
}
}
/**
* Creates course enrol form, checks if form submitted
* and enrols user if necessary. It can also redirect.
*
* @param stdClass $instance
* @return string html text, usually a form in a text box
*/
public function enrol_page_hook(stdClass $instance)
{
global $CFG, $OUTPUT, $SESSION, $USER;
if (empty($instance->password)) {
return null;
}
require_once "{$CFG->dirroot}/enrol/guest/locallib.php";
$form = new enrol_guest_enrol_form(NULL, $instance);
$instanceid = optional_param('instance', 0, PARAM_INT);
if ($instance->id == $instanceid) {
if ($data = $form->get_data()) {
// set up primitive require_login() caching
unset($USER->enrol['enrolled'][$instance->courseid]);
$USER->enrol['tempguest'][$instance->courseid] = time() + 60 * 60 * 8;
// 8 hours access before asking for pw again
// add guest role
$context = get_context_instance(CONTEXT_COURSE, $instance->courseid);
$USER->access = load_temp_role($context, $CFG->guestroleid, $USER->access);
// go to the originally requested page
if (!empty($SESSION->wantsurl)) {
$destination = $SESSION->wantsurl;
unset($SESSION->wantsurl);
} else {
$destination = "{$CFG->wwwroot}/course/view.php?id={$instance->courseid}";
}
redirect($destination);
}
}
ob_start();
$form->display();
$output = ob_get_clean();
return $OUTPUT->box($output, 'generalbox');
}