|
|
|
|
@ -1,178 +1,56 @@ |
|
|
|
|
<?php |
|
|
|
|
/* For licensing terms, see /license.txt */ |
|
|
|
|
|
|
|
|
|
use ChamiloSession as Session; |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @package chamilo.main |
|
|
|
|
*/ |
|
|
|
|
|
|
|
|
|
define('CHAMILO_HOMEPAGE', true); |
|
|
|
|
define('CHAMILO_LOAD_WYSIWYG', false); |
|
|
|
|
|
|
|
|
|
/* Flag forcing the 'current course' reset, as we're not inside a course anymore. */ |
|
|
|
|
// Maybe we should change this into an api function? an example: CourseManager::unset(); |
|
|
|
|
$cidReset = true; |
|
|
|
|
|
|
|
|
|
require_once 'main/inc/global.inc.php'; |
|
|
|
|
//require_once 'main/auth/external_login/facebook.inc.php'; |
|
|
|
|
|
|
|
|
|
// The section (for the tabs). |
|
|
|
|
$this_section = SECTION_CAMPUS; |
|
|
|
|
|
|
|
|
|
$header_title = null; |
|
|
|
|
if (!api_is_anonymous()) { |
|
|
|
|
$header_title = ' '; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$controller = new IndexManager($header_title); |
|
|
|
|
|
|
|
|
|
//Actions |
|
|
|
|
$loginFailed = isset($_GET['loginFailed']) ? true : isset($loginFailed); |
|
|
|
|
|
|
|
|
|
if (!empty($_GET['logout'])) { |
|
|
|
|
$redirect = !empty($_GET['no_redirect']) ? false : true; |
|
|
|
|
// pass $logoutInfo defined in local.inc.php |
|
|
|
|
$controller->logout($redirect, $logoutInfo); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* Registers in the track_e_default table (view in important activities in admin |
|
|
|
|
* interface) a possible attempted break in, sending auth data through get. |
|
|
|
|
* @todo This piece of code should probably move to local.inc.php where the |
|
|
|
|
* actual login / logout procedure is handled. |
|
|
|
|
* The real use of this code block should be seriously considered as well. |
|
|
|
|
* This form should just use a security token and get done with it. |
|
|
|
|
*/ |
|
|
|
|
if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) { |
|
|
|
|
$i = api_get_anonymous_id(); |
|
|
|
|
Event::addEvent( |
|
|
|
|
LOG_ATTEMPTED_FORCED_LOGIN, |
|
|
|
|
'tried_hacking_get', |
|
|
|
|
$_SERVER['REMOTE_ADDR'].(empty($_POST['login']) ? '' : '/'.$_POST['login']), |
|
|
|
|
null, |
|
|
|
|
$i |
|
|
|
|
); |
|
|
|
|
echo 'Attempted breakin - sysadmins notified.'; |
|
|
|
|
session_destroy(); |
|
|
|
|
die(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// Delete session item necessary to check for legal terms |
|
|
|
|
if (api_get_setting('allow_terms_conditions') === 'true') { |
|
|
|
|
Session::erase('term_and_condition'); |
|
|
|
|
} |
|
|
|
|
//If we are not logged in and customapages activated |
|
|
|
|
if (!api_get_user_id() && CustomPages::enabled()) { |
|
|
|
|
if (Request::get('loggedout')) { |
|
|
|
|
CustomPages::display(CustomPages::LOGGED_OUT); |
|
|
|
|
} else { |
|
|
|
|
CustomPages::display(CustomPages::INDEX_UNLOGGED); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @todo This piece of code should probably move to local.inc.php where the |
|
|
|
|
* actual login procedure is handled. |
|
|
|
|
* @todo Check if this code is used. I think this code is never executed because |
|
|
|
|
* after clicking the submit button the code does the stuff |
|
|
|
|
* in local.inc.php and then redirects to index.php or user_portal.php depending |
|
|
|
|
* on api_get_setting('page_after_login'). |
|
|
|
|
* Config the plugin |
|
|
|
|
* @author Enrique Alcaraz Lopez |
|
|
|
|
* @package chamilo.plugin.redirection |
|
|
|
|
*/ |
|
|
|
|
if (!empty($_POST['submitAuth'])) { |
|
|
|
|
// The user has been already authenticated, we are now to find the last login of the user. |
|
|
|
|
if (isset($_user['user_id'])) { |
|
|
|
|
$track_login_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN); |
|
|
|
|
$sql = "SELECT UNIX_TIMESTAMP(login_date) |
|
|
|
|
FROM $track_login_table |
|
|
|
|
WHERE login_user_id = '".$_user['user_id']."' |
|
|
|
|
ORDER BY login_date DESC LIMIT 1"; |
|
|
|
|
$result_last_login = Database::query($sql); |
|
|
|
|
if (!$result_last_login) { |
|
|
|
|
if (Database::num_rows($result_last_login) > 0) { |
|
|
|
|
$user_last_login_datetime = Database::fetch_array($result_last_login); |
|
|
|
|
$user_last_login_datetime = $user_last_login_datetime[0]; |
|
|
|
|
Session::write('user_last_login_datetime', $user_last_login_datetime); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} else { |
|
|
|
|
// Only if login form was not sent because if the form is sent the user was already on the page. |
|
|
|
|
Event::event_open(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (api_get_setting('display_categories_on_homepage') === 'true') { |
|
|
|
|
$controller->tpl->assign('course_category_block', $controller->return_courses_in_categories()); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$controller->set_login_form(); |
|
|
|
|
|
|
|
|
|
//@todo move this inside the IndexManager |
|
|
|
|
if (!api_is_anonymous()) { |
|
|
|
|
$controller->tpl->assign('profile_block', $controller->return_profile_block()); |
|
|
|
|
$controller->tpl->assign('user_image_block', $controller->return_user_image_block()); |
|
|
|
|
|
|
|
|
|
if (api_is_platform_admin()) { |
|
|
|
|
$controller->tpl->assign('course_block', $controller->return_course_block()); |
|
|
|
|
} else { |
|
|
|
|
$controller->tpl->assign('teacher_block', $controller->return_teacher_link()); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$hot_courses = ''; |
|
|
|
|
$announcements_block = ''; |
|
|
|
|
|
|
|
|
|
// Display the Site Use Cookie Warning Validation |
|
|
|
|
$useCookieValidation = api_get_setting('cookie_warning'); |
|
|
|
|
if ($useCookieValidation === 'true') { |
|
|
|
|
if (isset($_POST['acceptCookies'])) { |
|
|
|
|
api_set_site_use_cookie_warning_cookie(); |
|
|
|
|
} elseif (!api_site_use_cookie_warning_cookie_exist()) { |
|
|
|
|
if (Template::isToolBarDisplayedForUser()) { |
|
|
|
|
$controller->tpl->assign('toolBarDisplayed', true); |
|
|
|
|
} else { |
|
|
|
|
$controller->tpl->assign('toolBarDisplayed', false); |
|
|
|
|
require_once __DIR__.'/config.php'; |
|
|
|
|
$redirecciones = PluginRedirection::get(); |
|
|
|
|
|
|
|
|
|
if (isset($_REQUEST["id"])) { |
|
|
|
|
PluginRedirection::delete($_REQUEST["id"]); |
|
|
|
|
header("Location: index.php"); |
|
|
|
|
exit(); |
|
|
|
|
} elseif (isset($_POST["submit_button"])) { |
|
|
|
|
PluginRedirection::insert($_POST["user_id"], $_POST["url"]); |
|
|
|
|
header("Location: index.php"); |
|
|
|
|
exit(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
?> |
|
|
|
|
|
|
|
|
|
<form action="./index.php" method="post"> |
|
|
|
|
<div class="table-responsive well"> |
|
|
|
|
<table class="table table-condensed"> |
|
|
|
|
<thead> |
|
|
|
|
<td><input type="text" class="form-control" placeholder="User_id" name="user_id" /></td> |
|
|
|
|
<td><input type="text" class="form-control" placeholder="url" name="url" /></td> |
|
|
|
|
<td><input type='submit' value='Agregar' name="submit_button" class='btn btn-primary' /></td> |
|
|
|
|
</thead> |
|
|
|
|
</table> |
|
|
|
|
|
|
|
|
|
</div> |
|
|
|
|
</form> |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<div class="table-responsive"> |
|
|
|
|
<table class="table table-bordered table-condensed"> |
|
|
|
|
<tr> |
|
|
|
|
<th>Usuario</th> |
|
|
|
|
<th>Url</th> |
|
|
|
|
<th></th> |
|
|
|
|
</tr> |
|
|
|
|
<?php |
|
|
|
|
foreach ($redirecciones as $redi) { |
|
|
|
|
echo '<tr>'; |
|
|
|
|
echo '<td>' . $redi["user_id"] . '</td>'; |
|
|
|
|
echo '<td>' . $redi["url"] . '</td>'; |
|
|
|
|
echo '<td><a href="index.php?id=' . $redi["id"] . '">Borrar</a></td>'; |
|
|
|
|
echo '</tr>'; |
|
|
|
|
} |
|
|
|
|
$controller->tpl->assign('displayCookieUsageWarning', true); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// When loading a chamilo page do not include the hot courses and news |
|
|
|
|
|
|
|
|
|
if (!isset($_REQUEST['include'])) { |
|
|
|
|
if (api_get_setting('show_hot_courses') == 'true') { |
|
|
|
|
$hot_courses = $controller->return_hot_courses(); |
|
|
|
|
} |
|
|
|
|
$announcements_block = $controller->return_announcements(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$controller->tpl->assign('hot_courses', $hot_courses); |
|
|
|
|
$controller->tpl->assign('announcements_block', $announcements_block); |
|
|
|
|
$controller->tpl->assign('home_page_block', $controller->return_home_page()); |
|
|
|
|
$controller->tpl->assign('navigation_course_links', $controller->return_navigation_links()); |
|
|
|
|
$controller->tpl->assign('notice_block', $controller->return_notice()); |
|
|
|
|
//$controller->tpl->assign('main_navigation_block', $controller->return_navigation_links()); |
|
|
|
|
$controller->tpl->assign('help_block', $controller->return_help()); |
|
|
|
|
|
|
|
|
|
if (api_is_platform_admin() || api_is_drh()) { |
|
|
|
|
$controller->tpl->assign('skills_block', $controller->returnSkillLinks()); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (api_is_anonymous()) { |
|
|
|
|
$controller->tpl->setLoginBodyClass(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// direct login to course |
|
|
|
|
if (isset($_GET['firstpage'])) { |
|
|
|
|
api_set_firstpage_parameter($_GET['firstpage']); |
|
|
|
|
// if we are already logged, go directly to course |
|
|
|
|
if (api_user_is_login()) { |
|
|
|
|
echo "<script>self.location.href='index.php?firstpage=".Security::remove_XSS($_GET['firstpage'])."'</script>"; |
|
|
|
|
} |
|
|
|
|
} else { |
|
|
|
|
api_delete_firstpage_parameter(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$controller->setGradeBookDependencyBar(api_get_user_id()); |
|
|
|
|
|
|
|
|
|
$controller->tpl->display_two_col_template(); |
|
|
|
|
?> |
|
|
|
|
</table> |
|
|
|
|
</div> |
Enrique Alcaraz
8 years ago
committed by