$USER = $user;
$USER->loggedin = true;
- $USER->sesskey = random_string(10); // for added security, used to check script parameters
$USER->sessionIP = md5(getremoteaddr()); // Store the current IP in the session
$USER->site = $CFG->wwwroot;
$USER->admin = true;
$USER->teacher["$site->id"] = true;
$USER->newadminuser = true;
+ set_user_sesskey(); // for added security, used to check script parameters
redirect("$CFG->wwwroot/user/edit.php?id=$user->id&course=$site->id");
exit;
}
if (iscreator()) {
- $this->content->items[] = '<a href="'.$CFG->wwwroot.'/course/index.php?edit=on&sesskey='.$USER->sesskey.'">'.get_string('courses').'</a>';
+ $this->content->items[] = '<a href="'.$CFG->wwwroot.'/course/index.php?edit=on&sesskey='.set_user_sesskey().'">'.get_string('courses').'</a>';
$this->content->icons[] = '<img src="'.$CFG->pixpath.'/i/course.gif" height="16" width="16" alt="" />';
}
/// USER AUTHENTICATION AND LOGIN ////////////////////////////////////////
+// Makes sure that $USER->sesskey exists, if $USER itself exists. It sets a new sesskey
+// if one does not already exist, but does not overwrite existing sesskeys. Returns the
+// sesskey string if $USER exists, or boolean false if not.
+function set_user_sesskey() {
+ global $USER;
+
+ if(!isset($USER)) {
+ return false;
+ }
+
+ if (empty($USER->sesskey)) {
+ $USER->sesskey = random_string(10);
+ }
+
+ return $USER->sesskey;
+}
+
/**
* This function checks that the current user is logged in, and optionally
* whether they are "logged in" or allowed to be in a particular course.
}
// Make sure the USER has a sesskey set up. Used for checking script parameters.
- if (empty($USER->sesskey)) {
- $USER->sesskey = random_string(10);
- }
+ set_user_sesskey();
// Check that the user has agreed to a site policy if there is one
if (!empty($CFG->sitepolicy)) {
$USER = $user;
if (!empty($USER->description)) {
- $USER->description = true; // No need to cart all of it around
+ $USER->description = true; // No need to cart all of it around
}
$USER->loggedin = true;
- $USER->site = $CFG->wwwroot; // for added security, store the site in the session
- $USER->sesskey = random_string(10); // for added security, used to check script parameters
-
+ $USER->site = $CFG->wwwroot; // for added security, store the site in the session
+ set_user_sesskey(); // for added security, used to check script parameters
+
if ($USER->username == "guest") {
$USER->lang = $CFG->lang; // Guest language always same as site
$USER->firstname = get_string("guestuser"); // Name always in current language
projects / moodle.git / commitdiff