@ -174,79 +174,79 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
if (isset($_user['user_id'])) {
unset($_user['user_id']);
}
//$_SESSION['info_current_user'][1] is user name
//$_SESSION['info_current_user'][2] is current password encrypted
//$_SESSION['update_term_and_condition'][1] is current user id, of user in session
if (api_get_setting('allow_terms_conditions')=='true') {
if (isset($_POST['login']) & & isset($_POST['password']) & & isset($_SESSION['update_term_and_condition'][1])) {
$user_id=$_SESSION['update_term_and_condition'][1]; // user id
// update the terms & conditions
//verify type of terms and conditions
$info_legal = explode(':',$_POST['legal_info']);
$legal_type=LegalManager::get_type_of_terms_and_conditions($info_legal[0],$info_legal[1]);
//is necessary verify check
if ($legal_type==1) {
if ((isset($_POST['legal_accept']) & & $_POST['legal_accept']=='1')) {
//$_SESSION['info_current_user'][1] is user name
//$_SESSION['info_current_user'][2] is current password encrypted
//$_SESSION['update_term_and_condition'][1] is current user id, of user in session
if (api_get_setting('allow_terms_conditions')=='true') {
if (isset($_POST['login']) & & isset($_POST['password']) & & isset($_SESSION['update_term_and_condition'][1])) {
$user_id=$_SESSION['update_term_and_condition'][1]; // user id
// update the terms & conditions
//verify type of terms and conditions
$info_legal = explode(':',$_POST['legal_info']);
$legal_type=LegalManager::get_type_of_terms_and_conditions($info_legal[0],$info_legal[1]);
//is necessary verify check
if ($legal_type==1) {
if ((isset($_POST['legal_accept']) & & $_POST['legal_accept']=='1')) {
$legal_option=true;
} else {
$legal_option=false;
}
}
//no is check option
if ($legal_type==0) {
$legal_option=true;
} else {
$legal_option=false;
}
}
//no is check option
if ($legal_type==0) {
$legal_option=true;
}
if (isset($_POST['legal_accept_type']) & & $legal_option===true) {
$cond_array = explode(':',$_POST['legal_accept_type']);
if (!empty($cond_array[0]) & & !empty($cond_array[1])){
$time = time();
$condition_to_save = intval($cond_array[0]).':'.intval($cond_array[1]).':'.$time;
UserManager::update_extra_field_value($user_id,'legal_accept',$condition_to_save);
if (isset($_POST['legal_accept_type']) & & $legal_option===true) {
$cond_array = explode(':',$_POST['legal_accept_type']);
if (!empty($cond_array[0]) & & !empty($cond_array[1])){
$time = time();
$condition_to_save = intval($cond_array[0]).':'.intval($cond_array[1]).':'.$time;
UserManager::update_extra_field_value($user_id,'legal_accept',$condition_to_save);
}
}
}
}
}
if ((isset($_POST['login']) & & isset($_POST['password']))) {
// $login & & $password are given to log in
if ((isset($_POST['login']) & & isset($_POST['password']))) {
// $login & & $password are given to log in
$login = $_POST['login'];
$password = $_POST['password'];
//lookup the user in the main database
//lookup the user in the main database
$user_table = Database::get_main_table(TABLE_MAIN_USER);
$sql = "SELECT user_id, username, password, auth_source, active, expiration_date
FROM $user_table
WHERE username = '".trim(addslashes($login))."'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$uData = Database::fetch_array($result);
if ($uData['auth_source'] == PLATFORM_AUTH_SOURCE) {
//the authentification of this user is managed by Chamilo itself
$password = trim(stripslashes($password));
// determine if the password needs to be encrypted before checking
// $userPasswordCrypted is set in an external configuration file
/*if ($userPasswordCrypted) {
$password = md5($password);
} */
if (api_get_setting('allow_terms_conditions')=='true') {
$sql = "SELECT user_id, username, password, auth_source, active, expiration_date
FROM $user_table
WHERE username = '".trim(addslashes($login))."'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$uData = Database::fetch_array($result);
if ($uData['auth_source'] == PLATFORM_AUTH_SOURCE) {
//the authentification of this user is managed by Chamilo itself
$password = trim(stripslashes($password));
// determine if the password needs to be encrypted before checking
// $userPasswordCrypted is set in an external configuration file
/*if ($userPasswordCrypted) {
$password = md5($password);
} */
if (api_get_setting('allow_terms_conditions')=='true') {
if (isset($_POST['password']) & & isset($_SESSION['info_current_user'][2]) & & $_POST['password']==$_SESSION['info_current_user'][2]) {
$password=$_POST['password'];
} else {
$password = api_get_encrypted_password($password);
}
} else {
$password = api_get_encrypted_password($password);
}
} else {
$password = api_get_encrypted_password($password);
}
if (api_get_setting('allow_terms_conditions')=='true') {
if ($password == $uData['password'] AND (trim($login) == $uData['username'])) {
$temp_user_id = $uData['user_id'];
@ -260,22 +260,22 @@ if (api_get_setting('allow_terms_conditions')=='true') {
unset($_SESSION['update_term_and_condition']);
unset($_SESSION['info_current_user']);
}
}
}
// Check the user's password
if ($password == $uData['password'] AND (trim($login) == $uData['username'])) {
// Check if the account is active (not locked)
if ($uData['active']=='1') {
// Check if the expiration date has not been reached
if ($uData['expiration_date']>date('Y-m-d H:i:s') OR $uData['expiration_date']=='0000-00-00 00:00:00') {
global $_configuration;
if ($_configuration['multiple_access_urls'] == true) {
// Check the user's password
if ($password == $uData['password'] AND (trim($login) == $uData['username'])) {
// Check if the account is active (not locked)
if ($uData['active']=='1') {
// Check if the expiration date has not been reached
if ($uData['expiration_date']>date('Y-m-d H:i:s') OR $uData['expiration_date']=='0000-00-00 00:00:00') {
global $_configuration;
if ($_configuration['multiple_access_urls'] == true) {
$admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
//Check if user is an admin
//Check if user is an admin
$sql = "SELECT user_id FROM $admin_table
WHERE user_id = '".trim(addslashes($uData['user_id']))."' LIMIT 1";
$result = Database::query($sql);
@ -316,265 +316,260 @@ if (api_get_setting('allow_terms_conditions')=='true') {
api_session_register('_user');
event_login();
}
} else {
$_user['user_id'] = $uData['user_id'];
} else {
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
}
} else {
}
} else {
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_expired');
exit;
}
} else {
}
} else {
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
// login failed: username or password incorrect
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=user_password_incorrect');
exit;
}
if (isset($uData['creator_id']) & & $_user['user_id'] != $uData['creator_id']) {
//first login for a not self registred
//e.g. registered by a teacher
//do nothing (code may be added later)
}
} elseif (!empty($extAuthSource[$uData['auth_source']]['login']) & & file_exists($extAuthSource[$uData['auth_source']]['login'])) {
/*
* Process external authentication
* on the basis of the given login name
*/
$loginFailed = true; // Default initialisation. It could
// change after the external authentication
$key = $uData['auth_source']; //'ldap','shibboleth'...
/* >>>>>>>> External authentication modules < < < < < < < < < */
}
} else {
// login failed: username or password incorrect
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=user_password_incorrect');
exit;
}
if (isset($uData['creator_id']) & & $_user['user_id'] != $uData['creator_id']) {
//first login for a not self registred
//e.g. registered by a teacher
//do nothing (code may be added later)
}
} elseif (!empty($extAuthSource[$uData['auth_source']]['login']) & & file_exists($extAuthSource[$uData['auth_source']]['login'])) {
/*
* Process external authentication
* on the basis of the given login name
*/
$loginFailed = true; // Default initialisation. It could
// change after the external authentication
$key = $uData['auth_source']; //'ldap','shibboleth'...
/* >>>>>>>> External authentication modules < < < < < < < < < */
// see configuration.php to define these
include_once($extAuthSource[$key]['login']);
/* >>>>>>>> External authentication modules < < < < < < < < < */
} else // no standard Chamilo login - try external authentification
{
//huh... nothing to do... we shouldn't get here
error_log('Chamilo Authentication file '. $extAuthSource[$uData['auth_source']]['login']. ' could not be found - this might prevent your system from doing the corresponding authentication process',0);
}
if (!empty($_SESSION['request_uri'])) {
$req = $_SESSION['request_uri'];
unset($_SESSION['request_uri']);
header('location: '.$req);
} else {
if (isset($param)) {
header('location: '.api_get_path(WEB_PATH).api_get_setting('page_after_login').$param);
} else {
// here is the main redirect of a *normal* login page in Dokeos
header('location: '.api_get_path(WEB_PATH).api_get_setting('page_after_login'));
}
}
} else {
// login failed, Database::num_rows($result) < = 0
$loginFailed = true; // Default initialisation. It could
// change after the external authentication
/*
* In this section:
* there is no entry for the $login user in the Dokeos
* database. This also means there is no auth_source for the user.
* We let all external procedures attempt to add him/her
* to the system.
*
* Process external login on the basis
* of the authentication source list
* provided by the configuration settings.
* If the login succeeds, for going further,
* Dokeos needs the $_user['user_id'] variable to be
* set and registered in the session. It's the
* responsability of the external login script
* to provide this $_user['user_id'].
*/
if (isset($extAuthSource) & & is_array($extAuthSource)) {
foreach($extAuthSource as $thisAuthSource) {
if (!empty($thisAuthSource['newUser']) & & file_exists($thisAuthSource['newUser'])) {
include_once($thisAuthSource['newUser']);
} else {
error_log('Dokeos Authentication file '. $thisAuthSource['newUser']. ' could not be found - this might prevent your system from using the authentication process in the user creation process',0);
}
}
} //end if is_array($extAuthSource)
} //end else login failed
} elseif(api_get_setting('sso_authentication')==='true' & & !in_array('webservices', explode('/', $_SERVER['REQUEST_URI']))) {
/**
* TODO:
* - Implement user interface for api_get_setting('sso_authentication')
* } elseif (api_get_setting('sso_authentication')=='true') {
* - Work on a better validation for webservices paths. Current is very poor and exit
* - $master variable should be recovered from chamilo settings.
*/
$master = array(
'domain' => api_get_setting('sso_authentication_domain'), // 'localhost/project/drupal5',
'auth_uri' => api_get_setting('sso_authentication_auth_uri'), // '/?q=user',
'deauth_uri' => api_get_setting('sso_authentication_unauth_uri'), // '/?q=logout',
'protocol' => api_get_setting('sso_authentication_protocol') // 'http://',
);
$referer = $master['protocol'] . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
if (isset($_SESSION['_user']['user_id'])) {
if ($logout) {
// Library needed by index.php
include_once api_get_path(LIBRARY_PATH) . 'online.inc.php';
include_once (api_get_path(LIBRARY_PATH).'course.lib.php');
// Prevent index.php to redirect
global $logout_no_redirect;
$logout_no_redirect = TRUE;
// Make custom redirect after logout
online_logout();
header('Location: '. $master['protocol'] . $master['domain'] . $master['deauth_uri']);
exit;
}
} elseif(!$logout) {
$master_url = $master['domain'] . $master['auth_uri'];
// Handle cookie comming from Master Server
if (!isset($_GET['sso_referer']) & & !isset($_GET['loginFailed'])) {
// Target to redirect after success SSO
$target = api_get_path(WEB_PATH);
// Redirect to master server
header('Location: ' . $master['protocol'] . $master_url . '& sso_referer=' . urlencode($referer) . '& sso_target=' . urlencode($target));
exit;
} elseif (isset($_GET['sso_cookie'])) {
if (isset($_GET['sso_referer']) ? $_GET['sso_referer'] === $master['protocol']. $master_url : FALSE) {
$sso = unserialize(base64_decode($_GET['sso_cookie']));
//lookup the user in the main database
$user_table = Database::get_main_table(TABLE_MAIN_USER);
$sql = "SELECT user_id, username, password, auth_source, active, expiration_date
FROM $user_table
WHERE username = '".trim(addslashes($sso['username']))."'";
$result = Database::query($sql);
if (Database::num_rows($result) > 0) {
$uData = Database::fetch_array($result);
//Check the user's password
if ($uData['auth_source'] == PLATFORM_AUTH_SOURCE) {
// Make sure password is encrypted with md5
if (!$userPasswordCrypted) {
$uData['password'] = md5($uData['password']);
}
//the authentification of this user is managed by Dokeos itself// check the user's password
// password hash comes into a sha1
if ($sso['secret'] === sha1($uData['password']) & & ($sso['username'] == $uData['username'])) {
//Check if the account is active (not locked)
if ($uData['active']=='1') {
// check if the expiration date has not been reached
if ($uData['expiration_date']>date('Y-m-d H:i:s') OR $uData['expiration_date']=='0000-00-00 00:00:00') {
global $_configuration;
if ($_configuration['multiple_access_urls'] == true) {
$admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
//Check if user is an admin
$sql = "SELECT user_id FROM $admin_table
WHERE user_id = '".trim(addslashes($uData['user_id']))."' LIMIT 1";
$result = Database::query($sql);
$my_user_is_admin = false;
if (Database::num_rows($result) > 0) {
$my_user_is_admin = true;
}
if ($my_user_is_admin === false) {
//check the access_url configuration setting if the user is registered in the access_url_rel_user table
//getting the current access_url_id of the platform
$current_access_url_id = api_get_current_access_url_id();
// my user is subscribed in these sites => $my_url_list
$my_url_list = api_get_access_url_from_user($uData['user_id']);
if (is_array($my_url_list) & & count($my_url_list)>0 ) {
if (in_array($current_access_url_id, $my_url_list)) {
// the user has permission to enter at this site
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
include_once($extAuthSource[$key]['login']);
/* >>>>>>>> External authentication modules < < < < < < < < < */
} else { // no standard Chamilo login - try external authentification
//huh... nothing to do... we shouldn't get here
error_log('Chamilo Authentication file '. $extAuthSource[$uData['auth_source']]['login']. ' could not be found - this might prevent your system from doing the corresponding authentication process',0);
}
if (!empty($_SESSION['request_uri'])) {
$req = $_SESSION['request_uri'];
unset($_SESSION['request_uri']);
header('location: '.$req);
} else {
if (isset($param)) {
header('location: '.api_get_path(WEB_PATH).api_get_setting('page_after_login').$param);
} else {
// here is the main redirect of a *normal* login page in Chamilo
header('location: '.api_get_path(WEB_PATH).api_get_setting('page_after_login'));
}
}
} else {
// login failed, Database::num_rows($result) < = 0
$loginFailed = true; // Default initialisation. It could
// change after the external authentication
/*
* In this section:
* there is no entry for the $login user in the Chamilo
* database. This also means there is no auth_source for the user.
* We let all external procedures attempt to add him/her
* to the system.
*
* Process external login on the basis
* of the authentication source list
* provided by the configuration settings.
* If the login succeeds, for going further,
* Chamilo needs the $_user['user_id'] variable to be
* set and registered in the session. It's the
* responsability of the external login script
* to provide this $_user['user_id'].
*/
if (isset($extAuthSource) & & is_array($extAuthSource)) {
foreach($extAuthSource as $thisAuthSource) {
if (!empty($thisAuthSource['newUser']) & & file_exists($thisAuthSource['newUser'])) {
include_once($thisAuthSource['newUser']);
} else {
error_log('Chamilo Authentication file '. $thisAuthSource['newUser']. ' could not be found - this might prevent your system from using the authentication process in the user creation process',0);
}
}
} //end if is_array($extAuthSource)
} //end else login failed
} elseif (api_get_setting('sso_authentication')==='true' & & !in_array('webservices', explode('/', $_SERVER['REQUEST_URI']))) {
/**
* TODO:
* - Implement user interface for api_get_setting('sso_authentication')
* } elseif (api_get_setting('sso_authentication')=='true') {
* - Work on a better validation for webservices paths. Current is very poor and exit
* - $master variable should be recovered from chamilo settings.
*/
$master = array(
'domain' => api_get_setting('sso_authentication_domain'), // 'localhost/project/drupal5',
'auth_uri' => api_get_setting('sso_authentication_auth_uri'), // '/?q=user',
'deauth_uri' => api_get_setting('sso_authentication_unauth_uri'), // '/?q=logout',
'protocol' => api_get_setting('sso_authentication_protocol') // 'http://',
);
$referer = $master['protocol'] . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
if (isset($_SESSION['_user']['user_id'])) {
if ($logout) {
// Library needed by index.php
include_once api_get_path(LIBRARY_PATH) . 'online.inc.php';
include_once (api_get_path(LIBRARY_PATH).'course.lib.php');
// Prevent index.php to redirect
global $logout_no_redirect;
$logout_no_redirect = TRUE;
// Make custom redirect after logout
online_logout();
header('Location: '. $master['protocol'] . $master['domain'] . $master['deauth_uri']);
exit;
}
} elseif(!$logout) {
$master_url = $master['domain'] . $master['auth_uri'];
// Handle cookie comming from Master Server
if (!isset($_GET['sso_referer']) & & !isset($_GET['loginFailed'])) {
// Target to redirect after success SSO
$target = api_get_path(WEB_PATH);
// Redirect to master server
header('Location: ' . $master['protocol'] . $master_url . '& sso_referer=' . urlencode($referer) . '& sso_target=' . urlencode($target));
exit;
} elseif (isset($_GET['sso_cookie'])) {
if (isset($_GET['sso_referer']) ? $_GET['sso_referer'] === $master['protocol']. $master_url : FALSE) {
$sso = unserialize(base64_decode($_GET['sso_cookie']));
//lookup the user in the main database
$user_table = Database::get_main_table(TABLE_MAIN_USER);
$sql = "SELECT user_id, username, password, auth_source, active, expiration_date
FROM $user_table
WHERE username = '".trim(addslashes($sso['username']))."'";
$result = Database::query($sql);
// Redirect to homepage
$sso_target = isset($sso['target']) ? $sso['target'] : api_get_path(WEB_PATH) .'.index.php';
header('Location: '. $sso_target);
} else {
// user does not have permission for this site
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
} else {
// there is no URL in the multiple urls list for this user
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
} else {
//User is an admin, he can login wherever he wants
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
}
} else {
//single URL access
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
// Redirect to homepage
$sso_target = isset($sso['target']) ? $sso['target'] : api_get_path(WEB_PATH) .'.index.php';
header('Location: '. $sso_target);
}
} else {
// user account expired
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_expired');
exit;
}
} else {
//user not active
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
//sha1 of password is wrong
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
//auth_source is wrong
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
//no user by that login
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
//request comes from unknown source
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
}
}
} elseif (api_get_setting('openid_authentication')=='true') {
if (Database::num_rows($result) > 0) {
$uData = Database::fetch_array($result);
//Check the user's password
if ($uData['auth_source'] == PLATFORM_AUTH_SOURCE) {
// Make sure password is encrypted with md5
if (!$userPasswordCrypted) {
$uData['password'] = md5($uData['password']);
}
//the authentification of this user is managed by Chamilo itself// check the user's password
// password hash comes into a sha1
if ($sso['secret'] === sha1($uData['password']) & & ($sso['username'] == $uData['username'])) {
//Check if the account is active (not locked)
if ($uData['active']=='1') {
// check if the expiration date has not been reached
if ($uData['expiration_date']>date('Y-m-d H:i:s') OR $uData['expiration_date']=='0000-00-00 00:00:00') {
global $_configuration;
if ($_configuration['multiple_access_urls'] == true) {
$admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
//Check if user is an admin
$sql = "SELECT user_id FROM $admin_table
WHERE user_id = '".trim(addslashes($uData['user_id']))."' LIMIT 1";
$result = Database::query($sql);
$my_user_is_admin = false;
if (Database::num_rows($result) > 0) {
$my_user_is_admin = true;
}
if ($my_user_is_admin === false) {
//check the access_url configuration setting if the user is registered in the access_url_rel_user table
//getting the current access_url_id of the platform
$current_access_url_id = api_get_current_access_url_id();
// my user is subscribed in these sites => $my_url_list
$my_url_list = api_get_access_url_from_user($uData['user_id']);
if (is_array($my_url_list) & & count($my_url_list)>0 ) {
if (in_array($current_access_url_id, $my_url_list)) {
// the user has permission to enter at this site
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
// Redirect to homepage
$sso_target = isset($sso['target']) ? $sso['target'] : api_get_path(WEB_PATH) .'.index.php';
header('Location: '. $sso_target);
} else {
// user does not have permission for this site
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
} else {
// there is no URL in the multiple urls list for this user
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=access_url_inactive');
exit;
}
} else {
//User is an admin, he can login wherever he wants
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
}
} else {
//Single URL access
$_user['user_id'] = $uData['user_id'];
api_session_register('_user');
event_login();
// Redirect to homepage
$sso_target = isset($sso['target']) ? $sso['target'] : api_get_path(WEB_PATH) .'.index.php';
header('Location: '. $sso_target);
}
} else {
// user account expired
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_expired');
exit;
}
} else {
//user not active
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
//sha1 of password is wrong
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
//auth_source is wrong
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
//no user by that login
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
} else {
//request comes from unknown source
$loginFailed = true;
api_session_unregister('_uid');
header('Location: '.api_get_path(WEB_PATH).'index.php?loginFailed=1&error=account_inactive');
exit;
}
}
}//end logout
} elseif (api_get_setting('openid_authentication')=='true') {
if (!empty($_POST['openid_url'])) {
include('main/auth/openid/login.php');
openid_begin(trim($_POST['openid_url']),api_get_path(WEB_PATH).'index.php');
@ -599,10 +594,10 @@ if (api_get_setting('allow_terms_conditions')=='true') {
if (Database::num_rows($result)>0) {
//$row = Database::fetch_array($res);
$uData = Database::fetch_array($result);
if ($uData['auth_source'] == PLATFORM_AUTH_SOURCE) {
//the authentification of this user is managed by Dokeos itself
//the authentification of this user is managed by Chamilo itself
// check if the account is active (not locked)
if ($uData['active']=='1') {
// check if the expiration date has not been reached
@ -637,17 +632,17 @@ if (api_get_setting('allow_terms_conditions')=='true') {
$loginFailed = true;
}
} else {
$loginFailed = true;
}
}
}
// else {} => continue as anonymous user
$uidReset = true;
// $cidReset = true;
// $gidReset = true;
}
$loginFailed = true;
}
}
}
// else {} => continue as anonymous user
$uidReset = true;
// $cidReset = true;
// $gidReset = true;
} // end else
//Now check for anonymous user mode
if (isset($use_anonymous) & & $use_anonymous == true) {
@ -683,8 +678,7 @@ if ($gidReq && $gidReq != $gid) {
/* USER INIT */
if (isset($uidReset) & & $uidReset) // session data refresh requested
{
if (isset($uidReset) & & $uidReset) { // session data refresh requested
$is_platformAdmin = false; $is_allowedCreateCourse = false;
if (isset($_user['user_id']) & & $_user['user_id']) // a uid is given (log in succeeded)
Julio Montoya
16 years ago