|
|
|
@ -1,183 +1,5 @@ |
|
|
|
|
<?php |
|
|
|
|
/* For licensing terms, see /license.txt */ |
|
|
|
|
echo 'Chamilo is not well configured. Change your apache/nginx vhost to point to the /public folder'; |
|
|
|
|
|
|
|
|
|
header('Location: public/index.php'); |
|
|
|
|
exit; |
|
|
|
|
|
|
|
|
|
use ChamiloSession as Session; |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @package chamilo.main |
|
|
|
|
*/ |
|
|
|
|
define('CHAMILO_HOMEPAGE', true); |
|
|
|
|
define('CHAMILO_LOAD_WYSIWYG', false); |
|
|
|
|
|
|
|
|
|
/* Flag forcing the 'current course' reset, as we're not inside a course anymore. */ |
|
|
|
|
// Maybe we should change this into an api function? an example: CourseManager::unset(); |
|
|
|
|
$cidReset = true; |
|
|
|
|
require_once 'main/inc/global.inc.php'; |
|
|
|
|
|
|
|
|
|
// The section (for the tabs). |
|
|
|
|
$this_section = SECTION_CAMPUS; //rewritten below if including HTML file |
|
|
|
|
$includeFile = !empty($_GET['include']); |
|
|
|
|
if ($includeFile) { |
|
|
|
|
$this_section = SECTION_INCLUDE; |
|
|
|
|
} elseif (api_get_configuration_value('plugin_redirection_enabled')) { |
|
|
|
|
RedirectionPlugin::redirectUser(api_get_user_id()); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$header_title = null; |
|
|
|
|
if (!api_is_anonymous()) { |
|
|
|
|
$header_title = ' '; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$controller = new IndexManager($header_title); |
|
|
|
|
//Actions |
|
|
|
|
$loginFailed = isset($_GET['loginFailed']) ? true : isset($loginFailed); |
|
|
|
|
if (!empty($_GET['logout'])) { |
|
|
|
|
$redirect = !empty($_GET['no_redirect']) ? false : true; |
|
|
|
|
// pass f defined in local.inc.php |
|
|
|
|
$controller->logout($redirect, $logoutInfo); |
|
|
|
|
} |
|
|
|
|
/** |
|
|
|
|
* Registers in the track_e_default table (view in important activities in admin |
|
|
|
|
* interface) a possible attempted break in, sending auth data through get. |
|
|
|
|
* |
|
|
|
|
* @todo This piece of code should probably move to local.inc.php where the |
|
|
|
|
* actual login / logout procedure is handled. |
|
|
|
|
* The real use of this code block should be seriously considered as well. |
|
|
|
|
* This form should just use a security token and get done with it. |
|
|
|
|
*/ |
|
|
|
|
if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) { |
|
|
|
|
$i = api_get_anonymous_id(); |
|
|
|
|
Event::addEvent( |
|
|
|
|
LOG_ATTEMPTED_FORCED_LOGIN, |
|
|
|
|
'tried_hacking_get', |
|
|
|
|
$_SERVER['REMOTE_ADDR'].(empty($_POST['login']) ? '' : '/'.$_POST['login']), |
|
|
|
|
null, |
|
|
|
|
$i |
|
|
|
|
); |
|
|
|
|
echo 'Attempted breakin - sysadmins notified.'; |
|
|
|
|
session_destroy(); |
|
|
|
|
die(); |
|
|
|
|
} |
|
|
|
|
// Delete session item necessary to check for legal terms |
|
|
|
|
if (api_get_setting('allow_terms_conditions') === 'true') { |
|
|
|
|
Session::erase('term_and_condition'); |
|
|
|
|
} |
|
|
|
|
//If we are not logged in and customapages activated |
|
|
|
|
if (!api_get_user_id() && CustomPages::enabled()) { |
|
|
|
|
if (Request::get('loggedout')) { |
|
|
|
|
CustomPages::display(CustomPages::LOGGED_OUT); |
|
|
|
|
} else { |
|
|
|
|
CustomPages::display(CustomPages::INDEX_UNLOGGED); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
/** |
|
|
|
|
* @todo This piece of code should probably move to local.inc.php where the |
|
|
|
|
* actual login procedure is handled. |
|
|
|
|
* @todo Check if this code is used. I think this code is never executed because |
|
|
|
|
* after clicking the submit button the code does the stuff |
|
|
|
|
* in local.inc.php and then redirects to index.php or user_portal.php depending |
|
|
|
|
* on api_get_setting('page_after_login'). |
|
|
|
|
*/ |
|
|
|
|
if (!empty($_POST['submitAuth'])) { |
|
|
|
|
// The user has been already authenticated, we are now to find the last login of the user. |
|
|
|
|
if (isset($_user['user_id'])) { |
|
|
|
|
$track_login_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN); |
|
|
|
|
$sql = "SELECT UNIX_TIMESTAMP(login_date) |
|
|
|
|
FROM $track_login_table |
|
|
|
|
WHERE login_user_id = '".$_user['user_id']."' |
|
|
|
|
ORDER BY login_date DESC LIMIT 1"; |
|
|
|
|
$result_last_login = Database::query($sql); |
|
|
|
|
if (!$result_last_login) { |
|
|
|
|
if (Database::num_rows($result_last_login) > 0) { |
|
|
|
|
$user_last_login_datetime = Database::fetch_array($result_last_login); |
|
|
|
|
$user_last_login_datetime = $user_last_login_datetime[0]; |
|
|
|
|
Session::write('user_last_login_datetime', $user_last_login_datetime); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (!api_is_anonymous()) { |
|
|
|
|
$url = api_get_configuration_value('redirect_index_to_url_for_logged_users'); |
|
|
|
|
if (!empty($url)) { |
|
|
|
|
header("Location: $url"); |
|
|
|
|
exit; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (api_get_setting('display_categories_on_homepage') === 'true') { |
|
|
|
|
$controller->tpl->assign('course_category_block', $controller->return_courses_in_categories()); |
|
|
|
|
} |
|
|
|
|
$controller->set_login_form(); |
|
|
|
|
//@todo move this inside the IndexManager |
|
|
|
|
|
|
|
|
|
if (!api_is_anonymous()) { |
|
|
|
|
$controller->tpl->assign('profile_block', $controller->return_profile_block()); |
|
|
|
|
$controller->tpl->assign('user_image_block', $controller->return_user_image_block()); |
|
|
|
|
$controller->tpl->assign('course_block', $controller->return_course_block()); |
|
|
|
|
} |
|
|
|
|
$hotCourses = ''; |
|
|
|
|
$announcements_block = ''; |
|
|
|
|
|
|
|
|
|
// Display the Site Use Cookie Warning Validation |
|
|
|
|
$useCookieValidation = api_get_setting('cookie_warning'); |
|
|
|
|
|
|
|
|
|
if ($useCookieValidation === 'true') { |
|
|
|
|
if (isset($_POST['acceptCookies'])) { |
|
|
|
|
api_set_site_use_cookie_warning_cookie(); |
|
|
|
|
} elseif (!api_site_use_cookie_warning_cookie_exist()) { |
|
|
|
|
if (Template::isToolBarDisplayedForUser()) { |
|
|
|
|
$controller->tpl->assign('toolBarDisplayed', true); |
|
|
|
|
} else { |
|
|
|
|
$controller->tpl->assign('toolBarDisplayed', false); |
|
|
|
|
} |
|
|
|
|
$controller->tpl->assign('displayCookieUsageWarning', true); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
// When loading a chamilo page do not include the hot courses and news |
|
|
|
|
if (!isset($_REQUEST['include'])) { |
|
|
|
|
if (api_get_setting('show_hot_courses') == 'true') { |
|
|
|
|
$hotCourses = $controller->return_hot_courses(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$announcements_block = $controller->return_announcements(); |
|
|
|
|
} |
|
|
|
|
if (api_get_configuration_value('show_hot_sessions') === true) { |
|
|
|
|
$hotSessions = SessionManager::getHotSessions(); |
|
|
|
|
$controller->tpl->assign('hot_sessions', $hotSessions); |
|
|
|
|
} |
|
|
|
|
$controller->tpl->assign('hot_courses', $hotCourses); |
|
|
|
|
if ($includeFile) { |
|
|
|
|
// If we are including a static page, then home_welcome is empty |
|
|
|
|
$controller->tpl->assign('home_welcome', ''); |
|
|
|
|
$controller->tpl->assign('home_include', $controller->return_home_page($includeFile)); |
|
|
|
|
} else { |
|
|
|
|
// If we are including the real homepage, then home_include is empty |
|
|
|
|
$controller->tpl->assign('home_welcome', $controller->return_home_page(false)); |
|
|
|
|
$controller->tpl->assign('home_include', ''); |
|
|
|
|
} |
|
|
|
|
$controller->tpl->assign('navigation_links', $controller->return_navigation_links()); |
|
|
|
|
$controller->tpl->assign('notice_block', $controller->return_notice()); |
|
|
|
|
//$controller->tpl->assign('main_navigation_block', $controller->return_navigation_links()); |
|
|
|
|
$controller->tpl->assign('help_block', $controller->return_help()); |
|
|
|
|
if (api_is_platform_admin() || api_is_drh()) { |
|
|
|
|
$controller->tpl->assign('skills_block', $controller->returnSkillLinks()); |
|
|
|
|
} |
|
|
|
|
if (api_is_anonymous()) { |
|
|
|
|
$controller->tpl->setLoginBodyClass(); |
|
|
|
|
} |
|
|
|
|
// direct login to course |
|
|
|
|
if (isset($_GET['firstpage'])) { |
|
|
|
|
api_set_firstpage_parameter($_GET['firstpage']); |
|
|
|
|
// if we are already logged, go directly to course |
|
|
|
|
if (api_user_is_login()) { |
|
|
|
|
echo "<script>self.location.href='index.php?firstpage=".Security::remove_XSS($_GET['firstpage'])."'</script>"; |
|
|
|
|
} |
|
|
|
|
} else { |
|
|
|
|
api_delete_firstpage_parameter(); |
|
|
|
|
} |
|
|
|
|
$controller->setGradeBookDependencyBar(api_get_user_id()); |
|
|
|
|
$controller->tpl->display_one_col_template(); |
|
|
|
|