logout($redirect); } /** * Registers in the track_e_default table (view in important activities in admin * interface) a possible attempted break in, sending auth data through get. * @todo This piece of code should probably move to local.inc.php where the actual login / logout procedure is handled. The real use of this code block should be seriously considered as well. This form should just use a security token and get done with it. */ if (isset($_GET['submitAuth']) && $_GET['submitAuth'] == 1) { $i = api_get_anonymous_id(); Event::addEvent( LOG_ATTEMPTED_FORCED_LOGIN, 'tried_hacking_get', $_SERVER['REMOTE_ADDR'].(empty($_POST['login'])?'':'/'.$_POST['login']), null, $i ); echo 'Attempted breakin - sysadmins notified.'; session_destroy(); die(); } // Delete session item necessary to check for legal terms if (api_get_setting('allow_terms_conditions') === 'true') { Session::erase('term_and_condition'); } //If we are not logged in and customapages activated if (!api_get_user_id() && CustomPages::enabled()) { if (Request::get('loggedout')) { CustomPages::display(CustomPages::LOGGED_OUT); } else { CustomPages::display(CustomPages::INDEX_UNLOGGED); } } /** * @todo This piece of code should probably move to local.inc.php where the actual login procedure is handled. * @todo Check if this code is used. I think this code is never executed because after clicking the submit button * the code does the stuff in local.inc.php and then redirects to index.php or user_portal.php depending * on api_get_setting('page_after_login'). */ if (!empty($_POST['submitAuth'])) { // The user has been already authenticated, we are now to find the last login of the user. if (isset ($_user['user_id'])) { $track_login_table = Database :: get_main_table(TABLE_STATISTIC_TRACK_E_LOGIN); $sql = "SELECT UNIX_TIMESTAMP(login_date) FROM $track_login_table WHERE login_user_id = '".$_user['user_id']."' ORDER BY login_date DESC LIMIT 1"; $result_last_login = Database::query($sql); if (!$result_last_login) { if (Database::num_rows($result_last_login) > 0) { $user_last_login_datetime = Database::fetch_array($result_last_login); $user_last_login_datetime = $user_last_login_datetime[0]; Session::write('user_last_login_datetime', $user_last_login_datetime); } } } } else { // Only if login form was not sent because if the form is sent the user was already on the page. Event::event_open(); } if (api_get_setting('display_categories_on_homepage') === 'true') { $controller->tpl->assign('course_category_block', $controller->return_courses_in_categories()); } $controller->set_login_form(); //@todo move this inside the IndexManager if (!api_is_anonymous()) { $controller->tpl->assign('profile_block', $controller->return_profile_block()); $controller->tpl->assign('user_image_block', $controller->return_user_image_block()); if (api_is_platform_admin()) { $controller->tpl->assign('course_block', $controller->return_course_block()); } else { $controller->tpl->assign('teacher_block', $controller->return_teacher_link()); } } $hot_courses = ''; $announcements_block = ''; // Display the Site Use Cookie Warning Validation $useCookieValidation = api_get_setting('cookie_warning'); if ($useCookieValidation === 'true') { if (isset($_POST['acceptCookies'])) { api_set_site_use_cookie_warning_cookie(); } else if (!api_site_use_cookie_warning_cookie_exist()) { if (Template::isToolBarDisplayedForUser()) { $controller->tpl->assign('toolBarDisplayed', true); } else { $controller->tpl->assign('toolBarDisplayed', false); } $controller->tpl->assign('displayCookieUsageWarning', true); } } // When loading a chamilo page do not include the hot courses and news if (!isset($_REQUEST['include'])) { if (api_get_setting('show_hot_courses') == 'true') { $hot_courses = $controller->return_hot_courses(); } $announcements_block = $controller->return_announcements(); } $controller->tpl->assign('hot_courses', $hot_courses); $controller->tpl->assign('announcements_block', $announcements_block); $controller->tpl->assign('home_page_block', $controller->return_home_page()); $controller->tpl->assign('navigation_course_links', $controller->return_navigation_links()); $controller->tpl->assign('notice_block', $controller->return_notice()); //$controller->tpl->assign('main_navigation_block', $controller->return_navigation_links()); $controller->tpl->assign('help_block', $controller->return_help()); if (api_is_platform_admin() || api_is_drh()) { $controller->tpl->assign('skills_block', $controller->return_skills_links()); } if (api_is_anonymous()) { $controller->tpl->setLoginBodyClass(); } // direct login to course if (isset($_GET['firstpage'])) { api_set_firstpage_parameter($_GET['firstpage']); // if we are already logged, go directly to course if (api_user_is_login()) { echo ""; } } else { api_delete_firstpage_parameter(); } $controller->tpl->display_two_col_template();