chamilo-lms/index.php

<?php
/* For licensing terms, see /license.txt */

use ChamiloSession as Session;

/**
 * @package chamilo.main
 */
define('CHAMILO_HOMEPAGE', true);
define('CHAMILO_LOAD_WYSIWYG', false);

/* Flag forcing the 'current course' reset, as we're not inside a course anymore. */
// Maybe we should change this into an api function? an example: CourseManager::unset();
$cidReset = true;
require_once 'main/inc/global.inc.php';

$allow = api_get_configuration_value('plugin_redirection_enabled');
if ($allow) {
    RedirectionPlugin::redirectUser(api_get_user_id());
}

// The section (for the tabs).
$this_section = SECTION_CAMPUS;

$header_title = null;
if (!api_is_anonymous()) {
    $header_title = ' ';
}

$controller = new IndexManager($header_title);

//Actions
$loginFailed = isset($_GET['loginFailed']) ? true : isset($loginFailed);

if (!empty($_GET['logout'])) {
    $redirect = !empty($_GET['no_redirect']) ? false : true;
    // pass $logoutInfo defined in local.inc.php
    $controller->logout($redirect, $logoutInfo);
}

/**
 * Registers in the track_e_default table (view in important activities in admin
 * interface) a possible attempted break in, sending auth data through get.
 *
 * @todo This piece of code should probably move to local.inc.php where the
 * actual login / logout procedure is handled.
 * The real use of this code block should be seriously considered as well.
 * This form should just use a security token and get done with it.
 */
if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) {
    $i = api_get_anonymous_id();
    Event::addEvent(
        LOG_ATTEMPTED_FORCED_LOGIN,
        'tried_hacking_get',
        $_SERVER['REMOTE_ADDR'].(empty($_POST['login']) ? '' : '/'.$_POST['login']),
        null,
        $i
    );
    echo 'Attempted breakin - sysadmins notified.';
    session_destroy();
    die();
}

// Delete session item necessary to check for legal terms
if (api_get_setting('allow_terms_conditions') === 'true') {
    Session::erase('term_and_condition');
}
//If we are not logged in and customapages activated
if (!api_user_is_login() && CustomPages::enabled()) {
    if (Request::get('loggedout')) {
        CustomPages::display(CustomPages::LOGGED_OUT);
    } else {
        CustomPages::display(CustomPages::INDEX_UNLOGGED);
    }
}

/**
 * @todo This piece of code should probably move to local.inc.php where the
 * actual login procedure is handled.
 * @todo Check if this code is used. I think this code is never executed because
 * after clicking the submit button the code does the stuff
 * in local.inc.php and then redirects to index.php or user_portal.php depending
 * on api_get_setting('page_after_login').
 */
if (!empty($_POST['submitAuth'])) {
    // The user has been already authenticated, we are now to find the last login of the user.
    if (isset($_user['user_id'])) {
        $track_login_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN);
        $sql = "SELECT UNIX_TIMESTAMP(login_date)
                FROM $track_login_table
                WHERE login_user_id = '".$_user['user_id']."'
                ORDER BY login_date DESC LIMIT 1";
        $result_last_login = Database::query($sql);
        if (!$result_last_login) {
            if (Database::num_rows($result_last_login) > 0) {
                $user_last_login_datetime = Database::fetch_array($result_last_login);
                $user_last_login_datetime = $user_last_login_datetime[0];
                Session::write('user_last_login_datetime', $user_last_login_datetime);
            }
        }
    }
} else {
    // Only if login form was not sent because if the form is sent the user was already on the page.
    Event::open();
}

if (!api_is_anonymous()) {
    $url = api_get_configuration_value('redirect_index_to_url_for_logged_users');
    if (!empty($url)) {
        header("Location: $url");
        exit;
    }
}

if (api_get_setting('display_categories_on_homepage') === 'true') {
    $controller->tpl->assign('course_category_block', $controller->return_courses_in_categories());
}
$controller->set_login_form();

//@todo move this inside the IndexManager
if (!api_is_anonymous()) {
    $controller->tpl->assign('profile_block', $controller->return_profile_block());
    $controller->tpl->assign('user_image_block', $controller->return_user_image_block());
    $controller->tpl->assign('course_block', $controller->return_course_block());
}
$hotCourses = '';
$announcements_block = '';

// Display the Site Use Cookie Warning Validation
$useCookieValidation = api_get_setting('cookie_warning');

if ($useCookieValidation === 'true') {
    if (isset($_POST['acceptCookies'])) {
        api_set_site_use_cookie_warning_cookie();
    } elseif (!api_site_use_cookie_warning_cookie_exist()) {
        if (Template::isToolBarDisplayedForUser()) {
            $controller->tpl->assign('toolBarDisplayed', true);
        } else {
            $controller->tpl->assign('toolBarDisplayed', false);
        }
        $controller->tpl->assign('displayCookieUsageWarning', true);
    }
}

if (!isset($_REQUEST['include'])) {
    if (api_get_setting('show_hot_courses') == 'true') {
        $hotCourses = $controller->return_hot_courses();
    }
    $announcements_block = $controller->return_announcements();
}
if (api_get_configuration_value('show_hot_sessions') === true) {
    $hotSessions = SessionManager::getHotSessions();
    $controller->tpl->assign('hot_sessions', $hotSessions);
}
$controller->tpl->assign('hot_courses', $hotCourses);
$controller->tpl->assign('announcements_block', $announcements_block);
if ($includeFile) {
    // If we are including a static page, then home_welcome is empty
    $controller->tpl->assign('home_welcome', '');
    $controller->tpl->assign('home_include', $controller->return_home_page($includeFile));
} else {
    // If we are including the real homepage, then home_include is empty
    $controller->tpl->assign('home_welcome', $controller->return_home_page(false));
    $controller->tpl->assign('home_include', '');
}
$controller->tpl->assign('navigation_links', $controller->return_navigation_links());
$controller->tpl->assign('notice_block', $controller->return_notice());
//$controller->tpl->assign('main_navigation_block', $controller->return_navigation_links());
$controller->tpl->assign('help_block', $controller->return_help());
// Ofaj
$controller->tpl->assign('total_users', UserManager::getCountActiveUsers());
$controller->tpl->assign('total_courses', CourseManager::getCountOpenCourses());
$controller->tpl->assign('total_exercises', CourseManager::getCountExercisesFromOpenCourse());

if (api_is_platform_admin() || api_is_drh()) {
    $controller->tpl->assign('skills_block', $controller->returnSkillLinks());
}
if (api_is_anonymous()) {
    $controller->tpl->setLoginBodyClass();
}
// direct login to course
if (isset($_GET['firstpage'])) {
    api_set_firstpage_parameter($_GET['firstpage']);
    // if we are already logged, go directly to course
    if (api_user_is_login()) {
        echo "<script>self.location.href='index.php?firstpage=".Security::remove_XSS($_GET['firstpage'])."'</script>";
    }
} else {
    api_delete_firstpage_parameter();
}
$controller->setGradeBookDependencyBar(api_get_user_id());
$controller->tpl->display_two_col_template();
Feature #347 - Cleaning the root index.php file. 16 years ago			`<?php`
			`/* For licensing terms, see /license.txt */`
[svn r16652] testing svn 17 years ago
Format code 9 years ago			`use ChamiloSession as Session;`

[svn r9834] desactivate upgrade button (not yet tested) 19 years ago			`/**`
Feature #2099 - Cleaning the file index.php. 15 years ago			`* @package chamilo.main`
Feature #306 - Cleaning the top-directory php source files. 16 years ago			`*/`
More cleaning in the main page adding home icon 15 years ago			`define('CHAMILO_HOMEPAGE', true);`
undo change CHAMILO_LOAD_WYSIWYG 10 years ago			`define('CHAMILO_LOAD_WYSIWYG', false);`
[svn r10548] refactoring a lot of @todos have been added and these should really be done to obtain cleaner code. 19 years ago
Feature #2099 - Cleaning the file index.php. 15 years ago			`/* Flag forcing the 'current course' reset, as we're not inside a course anymore. */`
Class Coursemanager not found -> should have been CourseManager with capital M see #4806 14 years ago			`// Maybe we should change this into an api function? an example: CourseManager::unset();`
[svn r10671] use the current interface language 19 years ago			`$cidReset = true;`
Feature #306 - Cleaning the top-directory php source files. 16 years ago			`require_once 'main/inc/global.inc.php';`
Move code into a function, changed redirect plugin behaviour BT#13691 - Now always redirect from /index.php to the user's URL if selected. 8 years ago
			`$allow = api_get_configuration_value('plugin_redirection_enabled');`
			`if ($allow) {`
			`RedirectionPlugin::redirectUser(api_get_user_id());`
			`}`
Feature #306 - Cleaning the top-directory php source files. 16 years ago
Feature #2099 - Cleaning the file index.php. 15 years ago			`// The section (for the tabs).`
[svn r10677] initialize $this_section after the constants are loaded from main_api.lib.php 19 years ago			`$this_section = SECTION_CAMPUS;`
Feature #306 - Cleaning the top-directory php source files. 16 years ago
Fixing fatal error when loging out + index.php and index-smarty.php are the same now 14 years ago			`$header_title = null;`
			`if (!api_is_anonymous()) {`
Format code 9 years ago			`$header_title = ' ';`
Fixing fatal error when loging out + index.php and index-smarty.php are the same now 14 years ago			`}`

Adding document lite page + some fixes in the index and userporta.php 14 years ago			`$controller = new IndexManager($header_title);`
Now, index.php and userportal.php are using the smarty template 14 years ago
			`//Actions`
			`$loginFailed = isset($_GET['loginFailed']) ? true : isset($loginFailed);`
[svn r22368] logic changes-improvements in new features of "terms and conditions" - (partial FS#4320) 17 years ago
[svn r16923] Added general option to prevent course creation 17 years ago			`if (!empty($_GET['logout'])) {`
Additional fix to prevent useless redirection in SSO for Drupal - refs BT#10145 10 years ago			`$redirect = !empty($_GET['no_redirect']) ? false : true;`
Fix time recording issue where a user logging out from the portal directly from a course did not trigger a logout time update for the track_e_course_access table - refs BT#12939 8 years ago			`// pass $logoutInfo defined in local.inc.php`
			`$controller->logout($redirect, $logoutInfo);`
[svn r9834] desactivate upgrade button (not yet tested) 19 years ago			`}`
Feature #306 - Cleaning the top-directory php source files. 16 years ago
[svn r10548] refactoring a lot of @todos have been added and these should really be done to obtain cleaner code. 19 years ago			`/**`
Added registration for new event 13 years ago			`* Registers in the track_e_default table (view in important activities in admin`
			`* interface) a possible attempted break in, sending auth data through get.`
Applied fixes from FlintCI 8 years ago			`*`
Minor - format code. 9 years ago			`* @todo This piece of code should probably move to local.inc.php where the`
			`* actual login / logout procedure is handled.`
			`* The real use of this code block should be seriously considered as well.`
			`* This form should just use a security token and get done with it.`
[svn r10548] refactoring a lot of @todos have been added and these should really be done to obtain cleaner code. 19 years ago			`*/`
[svn r16923] Added general option to prevent course creation 17 years ago			`if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) {`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`$i = api_get_anonymous_id();`
Update Event::addEvent() and corresponding calls to use course ID instead of course code ~ refs #7202 11 years ago			`Event::addEvent(`
			`LOG_ATTEMPTED_FORCED_LOGIN,`
			`'tried_hacking_get',`
Scrutinizer Auto-Fixes This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com 9 years ago			`$_SERVER['REMOTE_ADDR'].(empty($_POST['login']) ? '' : '/'.$_POST['login']),`
Update Event::addEvent() and corresponding calls to use course ID instead of course code ~ refs #7202 11 years ago			`null,`
			`$i`
			`);`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`echo 'Attempted breakin - sysadmins notified.';`
			`session_destroy();`
			`die();`
[svn r9834] desactivate upgrade button (not yet tested) 19 years ago			`}`
Feature #306 - Cleaning the top-directory php source files. 16 years ago
Minor - Code style and NOTICE avoidance - refs CT#7909 10 years ago			`// Delete session item necessary to check for legal terms`
Format code 9 years ago			`if (api_get_setting('allow_terms_conditions') === 'true') {`
Remove gradebook param already added in api_get_cidreq 10 years ago			`Session::erase('term_and_condition');`
[svn r22368] logic changes-improvements in new features of "terms and conditions" - (partial FS#4320) 17 years ago			`}`
Generic custompages 14 years ago			`//If we are not logged in and customapages activated`
Fix show custom when user is not logged - refs BT#14059 8 years ago			`if (!api_user_is_login() && CustomPages::enabled()) {`
Adding teacher's name in hot courses and catalog of courses + adding an admin setting to turn off/on the hot courses see # 14 years ago			`if (Request::get('loggedout')) {`
When loading a chamilo page do not include the hot courses and news see #4808 14 years ago			`CustomPages::display(CustomPages::LOGGED_OUT);`
Adding teacher's name in hot courses and catalog of courses + adding an admin setting to turn off/on the hot courses see # 14 years ago			`} else {`
When loading a chamilo page do not include the hot courses and news see #4808 14 years ago			`CustomPages::display(CustomPages::INDEX_UNLOGGED);`
			`}`
Generic custompages 14 years ago			`}`

[svn r10548] refactoring a lot of @todos have been added and these should really be done to obtain cleaner code. 19 years ago			`/**`
Minor - format code. 9 years ago			`* @todo This piece of code should probably move to local.inc.php where the`
			`* actual login procedure is handled.`
			`* @todo Check if this code is used. I think this code is never executed because`
			`* after clicking the submit button the code does the stuff`
			`* in local.inc.php and then redirects to index.php or user_portal.php depending`
			`* on api_get_setting('page_after_login').`
[svn r10548] refactoring a lot of @todos have been added and these should really be done to obtain cleaner code. 19 years ago			`*/`
Feature #306 - Cleaning the top-directory php source files. 16 years ago			`if (!empty($_POST['submitAuth'])) {`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`// The user has been already authenticated, we are now to find the last login of the user.`
Minor - format code 9 years ago			`if (isset($_user['user_id'])) {`
Replace Database :: get_main_table with Database::get_main_table 9 years ago			`$track_login_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN);`
Format code 9 years ago			`$sql = "SELECT UNIX_TIMESTAMP(login_date)`
			`FROM $track_login_table`
			`WHERE login_user_id = '".$_user['user_id']."'`
			`ORDER BY login_date DESC LIMIT 1";`
			`$result_last_login = Database::query($sql);`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`if (!$result_last_login) {`
			`if (Database::num_rows($result_last_login) > 0) {`
			`$user_last_login_datetime = Database::fetch_array($result_last_login);`
			`$user_last_login_datetime = $user_last_login_datetime[0];`
Format code 9 years ago			`Session::write('user_last_login_datetime', $user_last_login_datetime);`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`}`
			`}`
			`}`
Minor - format code. 11 years ago			`} else {`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`// Only if login form was not sent because if the form is sent the user was already on the page.`
Minor - format code - Add @deprecated for unused functions, - Change function name 8 years ago			`Event::open();`
[svn r9834] desactivate upgrade button (not yet tested) 19 years ago			`}`
Feature #2099 - Preparing some files for modifications. 15 years ago
Redirect index to url for logged in users see BT#14457 $_configuration['redirect_index_to_url_for_logged_users'] = 'user_portal.php'; 7 years ago			`if (!api_is_anonymous()) {`
			`$url = api_get_configuration_value('redirect_index_to_url_for_logged_users');`
			`if (!empty($url)) {`
			`header("Location: $url");`
			`exit;`
			`}`
			`}`

Format code 9 years ago			`if (api_get_setting('display_categories_on_homepage') === 'true') {`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`$controller->tpl->assign('course_category_block', $controller->return_courses_in_categories());`
Now, index.php and userportal.php are using the smarty template 14 years ago			`}`
Ask for login after direct link to a course - ref #6768 12 years ago			`$controller->set_login_form();`
[svn r9834] desactivate upgrade button (not yet tested) 19 years ago
Now, index.php and userportal.php are using the smarty template 14 years ago			`//@todo move this inside the IndexManager`
Hiding blocks for anonymous 14 years ago			`if (!api_is_anonymous()) {`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`$controller->tpl->assign('profile_block', $controller->return_profile_block());`
Minor - format code. 12 years ago			`$controller->tpl->assign('user_image_block', $controller->return_user_image_block());`
removing the block with repeated links return_teacher_link 8 years ago			`$controller->tpl->assign('course_block', $controller->return_course_block());`
Hiding blocks for anonymous 14 years ago			`}`
add hots sessions - sessions_current.tpl 8 years ago			`$hotCourses = '';`
Minor - format code 9 years ago			`$announcements_block = '';`
Adds cookie warning message see #7478 A configuration option is required in configuration.php: chamilo_use_cookie_warning_validation 11 years ago
			`// Display the Site Use Cookie Warning Validation`
Update and adjust code to match new database current settings - refs #7538 11 years ago			`$useCookieValidation = api_get_setting('cookie_warning');`
add hots sessions - sessions_current.tpl 8 years ago
Update and adjust code to match new database current settings - refs #7538 11 years ago			`if ($useCookieValidation === 'true') {`
Adds cookie warning message see #7478 A configuration option is required in configuration.php: chamilo_use_cookie_warning_validation 11 years ago			`if (isset($_POST['acceptCookies'])) {`
			`api_set_site_use_cookie_warning_cookie();`
Minor - format code 9 years ago			`} elseif (!api_site_use_cookie_warning_cookie_exist()) {`
Adds cookie warning message see #7478 A configuration option is required in configuration.php: chamilo_use_cookie_warning_validation 11 years ago			`if (Template::isToolBarDisplayedForUser()) {`
			`$controller->tpl->assign('toolBarDisplayed', true);`
			`} else {`
			`$controller->tpl->assign('toolBarDisplayed', false);`
			`}`
			`$controller->tpl->assign('displayCookieUsageWarning', true);`
			`}`
			`}`

When loading a chamilo page do not include the hot courses and news see #4808 14 years ago			`if (!isset($_REQUEST['include'])) {`
Adding teacher's name in hot courses and catalog of courses + adding an admin setting to turn off/on the hot courses see # 14 years ago			`if (api_get_setting('show_hot_courses') == 'true') {`
add hots sessions - sessions_current.tpl 8 years ago			`$hotCourses = $controller->return_hot_courses();`
Adding teacher's name in hot courses and catalog of courses + adding an admin setting to turn off/on the hot courses see # 14 years ago			`}`
			`$announcements_block = $controller->return_announcements();`
When loading a chamilo page do not include the hot courses and news see #4808 14 years ago			`}`
add hots sessions - sessions_current.tpl 8 years ago			`if (api_get_configuration_value('show_hot_sessions') === true) {`
			`$hotSessions = SessionManager::getHotSessions();`
			`$controller->tpl->assign('hot_sessions', $hotSessions);`
			`}`
			`$controller->tpl->assign('hot_courses', $hotCourses);`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`$controller->tpl->assign('announcements_block', $announcements_block);`
Add template variable home_include when including static HTML page through main menu. Add parameter to return_home_page(). Add SECTION_INCLUDE constant - refs #11338 8 years ago			`if ($includeFile) {`
			`// If we are including a static page, then home_welcome is empty`
			`$controller->tpl->assign('home_welcome', '');`
			`$controller->tpl->assign('home_include', $controller->return_home_page($includeFile));`
			`} else {`
			`// If we are including the real homepage, then home_include is empty`
			`$controller->tpl->assign('home_welcome', $controller->return_home_page(false));`
			`$controller->tpl->assign('home_include', '');`
			`}`
add macros for twig in tpl - refs BT#11338 8 years ago			`$controller->tpl->assign('navigation_links', $controller->return_navigation_links());`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`$controller->tpl->assign('notice_block', $controller->return_notice());`
add icon in menu bar items - refs BT#7683 9 years ago			`//$controller->tpl->assign('main_navigation_block', $controller->return_navigation_links());`
Coding convention and replace some api_get_course_id() with api_get_course_int_id() 12 years ago			`$controller->tpl->assign('help_block', $controller->return_help());`
Restore tpl variables 8 years ago			`// Ofaj`
			`$controller->tpl->assign('total_users', UserManager::getCountActiveUsers());`
			`$controller->tpl->assign('total_courses', CourseManager::getCountOpenCourses());`
			`$controller->tpl->assign('total_exercises', CourseManager::getCountExercisesFromOpenCourse());`
Adding profile block in the index.php for users 15 years ago
Adding first draft of the Skills management; adding skill.lib.php, gradebook.lib.php, adding DB changes (not functional yet) see #1791 14 years ago			`if (api_is_platform_admin() \|\| api_is_drh()) {`
Fix userportal after merge see BT#13094 #2093 8 years ago			`$controller->tpl->assign('skills_block', $controller->returnSkillLinks());`
Ask for login after direct link to a course - ref #6768 12 years ago			`}`
Adding login class. 12 years ago			`if (api_is_anonymous()) {`
			`$controller->tpl->setLoginBodyClass();`
			`}`
Ask for login after direct link to a course - ref #6768 12 years ago			`// direct login to course`
			`if (isset($_GET['firstpage'])) {`
			`api_set_firstpage_parameter($_GET['firstpage']);`
			`// if we are already logged, go directly to course`
			`if (api_user_is_login()) {`
Format code 9 years ago			`echo "<script>self.location.href='index.php?firstpage=".Security::remove_XSS($_GET['firstpage'])."'</script>";`
Ask for login after direct link to a course - ref #6768 12 years ago			`}`
Adding login class. 12 years ago			`} else {`
Ask for login after direct link to a course - ref #6768 12 years ago			`api_delete_firstpage_parameter();`
Adding first draft of the Skills management; adding skill.lib.php, gradebook.lib.php, adding DB changes (not functional yet) see #1791 14 years ago			`}`
Update index.php 8 years ago			`$controller->setGradeBookDependencyBar(api_get_user_id());`
Added registration for new event 13 years ago			`$controller->tpl->display_two_col_template();`