$GLOBALS['dbConn'] = mysql_connect($GLOBALS['dbhost'], $GLOBALS['dbuname'], $GLOBALS['dbpass']);
if (!$GLOBALS['dbConn']) {
die("Can't connect to db. Check configurations");
}
if (!mysql_select_db($dbname, $GLOBALS['dbConn'])) {
die("Database not found. Check configurations");
}
@sql_query("SET NAMES '" . $GLOBALS['db_conn_names'] . "'", $GLOBALS['dbConn']);
@sql_query("SET CHARACTER SET '" . $GLOBALS['db_conn_char_set'] . "'", $GLOBALS['dbConn']);
// load lms setting ------------------------------------------------------------------
session_name("docebo_session");
session_start();
// load regional setting --------------------------------------------------------------
// load current user from session -----------------------------------------------------
require_once _base_ . '/lib/lib.user.php';
$GLOBALS['current_user'] =& DoceboUser::createDoceboUserFromSession('public_area');
//require_once(_i18n_.'/lib.lang.php');
require_once _base_ . '/lib/lib.template.php';
require_once _base_ . '/lib/lib.utils.php';
// security check --------------------------------------------------------------------
chkInput($_GET);
chkInput($_POST);
chkInput($_COOKIE);
$GLOBALS['operation_result'] = '';
function aout($string)
{
$GLOBALS['operation_result'] .= $string;
}
// here all the specific code ==========================================================
// =====================================================================================
// close database connection
$lifetime = Get::sett('rest_auth_lifetime', 1);
if ($recalc_token == $token && $time + $lifetime >= time()) {
//login
$user_manager =& $GLOBALS['current_user']->getAclManager();
if (!$login_user_use_idst) {
$username = '******' . $login_user;
$user_info = $user_manager->getUser(false, $username);
} else {
// use idst instead of username
$user_info = $user_manager->getUser($login_user);
if (!empty($user_info)) {
$username = $user_info[ACL_INFO_USERID];
}
}
if ($user_info != false) {
$du = new DoceboUser($username, 'public_area');
Lang::set($du->preference->getLanguage());
$du->setLastEnter(date("Y-m-d H:i:s"));
$_SESSION['user_enter_mark'] = time();
$du->loadUserSectionST();
$du->SaveInSession();
$GLOBALS['current_user'] = $du;
$id_course = Get::req('id_course', DOTY_INT, 0);
$next_action = Get::req('act', DOTY_STRING, 'none');
$id_item = Get::req('id_item', DOTY_INT, '');
$chapter = Get::req('chapter', DOTY_MIXED, false);
if ($id_course) {
// if we have a id_course setted we will log the user into the course,
// if no specific action are required we will redirect the user into the first page
// otherwise we will continue to another option
require_once _lms_ . '/lib/lib.course.php';
/**
* static public function for load user from login e password
* @param string $login login of the user
* @param string $password password of the user in clear text
* @param string $prefix optional prefix for session publiciables
* @return mixed DoceboUser instance of logged in user if success in login
* FALSE otherwise
**/
public static function &createDoceboUserFromLogin($login, $password, $prefix = 'base', $new_lang = false)
{
if ($login == '') {
$false_public = FALSE;
return $false_public;
}
$user_manager = new DoceboACLManager();
$user_info = $user_manager->getUser(false, $login);
// first login
$ret_value = false;
if ($user_info === false) {
return $ret_value;
}
if ($user_info[ACL_INFO_VALID] != '1') {
return $ret_value;
}
if (Get::sett('ldap_used') == 'on') {
if ($password == '') {
$false_public = FALSE;
return $false_public;
}
//connect to ldap server
if (!($ldap_conn = @ldap_connect(Get::sett('ldap_server'), Get::sett('ldap_port', '389')))) {
die("Could not connect to ldap server");
}
//bind on server
$ldap_user = ereg_replace('\\$user', $login, Get::sett('ldap_user_string'));
if (!@ldap_bind($ldap_conn, $ldap_user, $password)) {
ldap_close($ldap_conn);
// Edited by Claudio Redaelli
if (Get::sett('ldap_alternate_check') == 'on') {
if ($user_info[ACL_INFO_PASS] != $user_manager->encrypt($password)) {
return $ret_value;
}
} else {
$false_public = FALSE;
return $false_public;
}
// End edit
}
ldap_close($ldap_conn);
} elseif ($user_info[ACL_INFO_PASS] != $user_manager->encrypt($password)) {
return $ret_value;
}
unset($_SESSION[$prefix . "_idst"]);
$du = new DoceboUser($login, $prefix);
$_SESSION['last_enter'] = $user_info[ACL_INFO_LASTENTER];
$du->setLastEnter(date("Y-m-d H:i:s"));
$_SESSION['user_enter_mark'] = time();
// language policy
if (!$new_lang && isset($_SESSION['forced_lang'])) {
$new_lang = Lang::get();
}
if ($new_lang != false) {
$du->preference->setLanguage($new_lang);
} else {
if (!Get::cfg('demo_mode', false)) {
Lang::set($du->preference->getLanguage());
}
}
if (function_exists('session_regenerate_id')) {
session_regenerate_id();
}
return $du;
}
function socialConnectLogin($uid = false, $network_code = false)
{
require_once _base_ . '/lib/lib.usermanager.php';
$res = '';
$lang = DoceboLanguage::createInstance('login');
$user_manager = new UserManager();
if (!empty($uid) && !empty($network_code)) {
session_regenerate_id();
$_SESSION['connect_social']['uid'] = $uid;
$_SESSION['connect_social']['network_code'] = $network_code;
}
$can_connect = false;
if (isset($_SESSION['connect_social']) && isset($_SESSION['connect_social']['uid']) && !empty($_SESSION['connect_social']['uid'])) {
// read data from session, in case we are on the second step (login attempt)
$uid = $_SESSION['connect_social']['uid'];
$network_code = $_SESSION['connect_social']['network_code'];
$can_connect = true;
}
// check form submission:
if (isset($_POST['undo'])) {
// go back to index
Util::jump_to('index.php');
} else {
if (isset($_POST['login']) && !$can_connect) {
// we don't have the social uid to be connected with user account..
Util::jump_to('index.php?modname=login&op=social_connect_login&err=2');
} else {
if (isset($_POST['login'])) {
// login and connect account
$user = DoceboUser::createDoceboUserFromLogin(Get::pReq('login_userid', DOTY_STRING), Get::pReq('login_pwd', DOTY_STRING), 'public_area');
if ($user) {
DoceboUser::setupUser($user);
$social = new Social();
$social->connectAccount($network_code, $uid);
unset($_SESSION['connect_social']);
Util::jump_to('index.php?r=lms/elearning/show');
} else {
Util::jump_to('index.php?modname=login&op=social_connect_login&err=1');
}
}
}
}
switch (Get::gReq('err', DOTY_INT, 0)) {
case 1:
$res .= UIFeedback::error(Lang::t('_NOACCESS', 'login'), true);
break;
case 2:
$res .= UIFeedback::error(Lang::t('_NO_SOCIAL_ACCOUNT_TO_CONNECT', 'login') . ' <a href="index.php">' . Lang::t('_TRY_AGAIN', 'login') . '</a>', true);
break;
}
$GLOBALS['page']->add(getTitleArea($lang->def('_LOGIN'), 'login') . '<div class="std_block">' . getBackUi('index.php', $lang->def('_BACK')), 'content');
if ($can_connect) {
$res .= Get::img('social/' . $network_code . '-24.png') . ' ';
$res .= str_replace('[network_code]', Lang::t($network_code, 'social'), Lang::t('_YOU_ARE_CONNECTING_SOCIAL_ACCOUNT', 'social')) . " <b>" . $uid . "</b>";
}
$res .= Form::openForm('scl_form', 'index.php?modname=login&op=social_connect_login') . Form::openElementSpace() . Form::getTextfield(Lang::t('_USERNAME', 'login'), 'login_userid', 'login_userid', 255) . Form::getPassword(Lang::t('_PASSWORD', 'login'), 'login_pwd', 'login_pwd', 255) . Form::closeElementSpace() . Form::openButtonSpace() . Form::getButton('login', 'login', Lang::t('_LOGIN', 'login')) . Form::getButton('undo', 'undo', Lang::t('_UNDO', 'login')) . Form::closeButtonSpace() . Form::closeForm();
$GLOBALS['page']->add($res, 'content');
// std_block
$GLOBALS['page']->add('</div>', 'content');
// std_block
}
function deleteFile($id_file)
{
require_once _base_ . '/lib/lib.upload.php';
require_once _base_ . '/lib/lib.user.php';
$user_data = new DoceboUser();
$file_info = $this->getFileInfo($id_file);
sl_open_fileoperations();
sl_unlink($this->getFilePath() . $file_info[MYFILE_FILE_NAME]);
sl_close_fileoperations();
$query = "\r\n\t\tDELETE FROM " . $this->getFilesTable() . "\r\n\t\tWHERE owner = '" . $this->id_user . "' AND id_file = '" . $id_file . "'";
if (!$this->_query($query)) {
return false;
}
$result = $user_data->updateUserUsedSpace($this->id_user);
return true;
}
$openid->required = array('contact/email', 'namePerson/first', 'namePerson/last');
header('Location: ' . str_replace('&', '&', $openid->authUrl()));
} elseif ($_GET['openid_mode'] == 'cancel') {
Util::jump_to('index.php?access_fail=3');
} else {
$openid = new LightOpenID();
$_GET['openid_return_to'] = $_REQUEST['openid_return_to'];
// to avoid having & instead of &
if ($openid->validate()) {
$user_data = $social->getGoogleUserInfo();
if (!empty($user_data['email'])) {
if (Docebo::user()->isAnonymous()) {
// sign in the user
$user = DoceboUser::createDoceboUserFromField('google_id', $user_data['email'], 'public_area');
if ($user) {
DoceboUser::setupUser($user);
Util::jump_to('index.php?r=lms/elearning/show');
} else {
//Util::jump_to('index.php?access_fail=2');
socialConnectLogin($user_data['email'], 'google');
return;
}
} else {
// user is already logged in, so connect the account with user
$social->connectAccount('google', $user_data['email']);
Util::jump_to('index.php?r=lms/elearning/show');
die;
}
print_r($user_data);
} else {
Util::jump_to('index.php?access_fail=2');
default:
if (Get::sett('common_admin_session') == 'on') {
$sn = "docebo_session";
$user_session = 'public_area';
} else {
$sn = "docebo_core";
$user_session = 'admin_area';
}
break;
}
session_name($sn);
session_start();
// load regional setting
// load current user from session
require_once _base_ . '/lib/lib.user.php';
$GLOBALS['current_user'] =& DoceboUser::createDoceboUserFromSession($user_session);
// Utils and so on
require_once $GLOBALS['where_framework'] . '/lib/lib.php';
// load standard language module and put it global
$glang =& DoceboLanguage::createInstance('standard', 'framework');
$glang->setGlobal();
require_once _base_ . '/lib/lib.platform.php';
// create instance of StdPageWriter
StdPageWriter::createInstance();
require_once $GLOBALS['where_framework'] . '/lib/lib.preoperation.php';
$GLOBALS["template_path"] = $path_to_root . '/' . getPathTemplate('scs') . 'tools/htmlwachat/';
$GLOBALS["img_path"] = $path_to_root . '/' . getPathTemplate('scs') . 'tools/htmlwachat/';
$GLOBALS['page']->add('<link href="' . $GLOBALS["template_path"] . 'style_chat.css" rel="stylesheet" type="text/css" />' . "\n", 'page_head');
$out =& $GLOBALS["page"];
$out->setWorkingZone("content");
$lang =& DoceboLanguage::createInstance('htmlframechat', 'scs');
} else {
$_SESSION['logged_in'] = true;
$GLOBALS['r'] = 'adm/dashboard/show';
$GLOBALS['modname'] = '';
//loading related ST
$GLOBALS['current_user']->loadUserSectionST();
$GLOBALS['current_user']->SaveInSession();
// perform other platforms login operation
require_once _base_ . '/lib/lib.platform.php';
$pm =& PlatformManager::createInstance();
$pm->doCommonOperations("login");
}
}
break;
case "logout":
$_SESSION = array();
session_destroy();
// Recreate Anonymous user
$GLOBALS['current_user'] =& DoceboUser::createDoceboUserFromSession(Get::sett('common_admin_session') == 'on' ? "public_area" : "admin_area");
$GLOBALS['op'] = 'login';
$GLOBALS['modname'] = 'login';
$GLOBALS['logout'] = true;
$pm =& PlatformManager::createInstance();
$pm->doCommonOperations("logout");
Util::jump_to(Get::rel_path('base') . '/index.php?modname=login&op=login');
break;
}
if (isset($_GET['close_over'])) {
$_SESSION['menu_over']['p_sel'] = '';
$_SESSION['menu_over']['main_sel'] = 0;
}
/**
* - create the user representative object, load anonymoous data if needed or load the info of the
* user logged into the session (also manage the user login here ? will be usefull for kerberos
* and similar approach)
* - load user personal data (language, date/time setting, template preference)
* - load user system data (role)
* @return array
*/
private static function user()
{
self::log("Load user from session '" . self::$session_name . "'");
// load current user from session
require_once _base_ . '/lib/lib.user.php';
$GLOBALS['current_user'] =& DoceboUser::createDoceboUserFromSession('public_area');
// ip coerency check
self::log("Ip coerency check.");
if (Get::sett('session_ip_control', 'on') == 'on') {
if (Docebo::user()->isLoggedIn() && Docebo::user()->getLogIp() != $_SERVER['REMOTE_ADDR']) {
Util::jump_to('../index.php?msg=104');
//Util::fatal("logip: ".Docebo::user()->getLogIp()."<br/>"."addr: ".$_SERVER['REMOTE_ADDR']."<br/>".'Ip incoherent!');
//unlog the user
die;
}
}
// Generate a session signature or regenerate it if needed
self::log("Generating session signature");
Util::generateSignature();
}
