From: skodak <skodak>
Date: Fri, 2 Jan 2009 20:32:05 +0000 (+0000)
Subject: MDL-17754 next round of session related refactoring
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=b7b64ff2e0b4adddd4b457c64a7fcea7daa592c0;p=moodle.git

MDL-17754 next round of session related refactoring
---

diff --git a/admin/generator.php b/admin/generator.php
index cb87a60732..0a2f1dfc2f 100755
--- a/admin/generator.php
+++ b/admin/generator.php
@@ -1141,7 +1141,7 @@ class generator_cli extends generator {
                 echo "Invalid username or password!{$this->eolchar}";
                 die();
             }
-            $USER = complete_user_login($user);
+            complete_user_login($user);
             $systemcontext = get_context_instance(CONTEXT_SYSTEM);
             if (!has_capability('moodle/site:doanything', $systemcontext)) {
                 echo "You do not have administration privileges on this Moodle site. "
diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php
index 35cda41623..3616ee4eed 100644
--- a/auth/ldap/auth.php
+++ b/auth/ldap/auth.php
@@ -1835,7 +1835,7 @@ class auth_plugin_ldap extends auth_plugin_base {
         if ($user) {
             add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID,
                        $user->id, 0, $user->id);
-            $USER = complete_user_login($user);
+            complete_user_login($user);
 
             // Cleanup the key to prevent reuse...
             // and to allow re-logins with normal credentials
diff --git a/course/enrol.php b/course/enrol.php
index 7c4651b376..6d2e79c257 100644
--- a/course/enrol.php
+++ b/course/enrol.php
@@ -28,7 +28,7 @@
     }
 
 /// do not use when in course login as
-    if (is_loggedinas() and $USER->loginascontext->contextlevel == CONTEXT_COURSE) {
+    if (session_is_loggedinas() and $USER->loginascontext->contextlevel == CONTEXT_COURSE) {
         print_error('loginasnoenrol', '', $CFG->wwwroot.'/course/view.php?id='.$USER->loginascontext->instanceid);
     }
 
diff --git a/course/loginas.php b/course/loginas.php
index 30e2a9a655..5404f5bca6 100644
--- a/course/loginas.php
+++ b/course/loginas.php
@@ -7,7 +7,7 @@
 /// Reset user back to their real self if needed
     $return = optional_param('return', 0, PARAM_BOOL);   // return to the page we came from
 
-    if (is_loggedinas()) {
+    if (session_is_loggedinas()) {
         if (!confirm_sesskey()) {
             print_error('confirmsesskeybad');
         }
diff --git a/lib/accesslib.php b/lib/accesslib.php
index c713496993..84d2b9e756 100755
--- a/lib/accesslib.php
+++ b/lib/accesslib.php
@@ -1769,10 +1769,16 @@ function load_temp_role($context, $roleid, $accessdata) {
 /**
  * Check all the login enrolment information for the given user object
  * by querying the enrolment plugins
+ * @return void
  */
 function check_enrolment_plugins(&$user) {
     global $CFG;
 
+    if (empty($user->id) or isguestuser($user)) {
+        // shortcut - there is no enrolment work for guests and not-logged-in users
+        return;
+    }
+
     static $inprogress;  // To prevent this function being called more than once in an invocation
 
     if (!empty($inprogress[$user->id])) {
diff --git a/lib/datalib.php b/lib/datalib.php
index 8b6af272bc..161ad0ab79 100644
--- a/lib/datalib.php
+++ b/lib/datalib.php
@@ -1897,7 +1897,7 @@ function add_to_log($courseid, $module, $action, $url='', $info='', $cm=0, $user
     if ($user) {
         $userid = $user;
     } else {
-        if (is_loggedinas()) {  // Don't log
+        if (session_is_loggedinas()) {  // Don't log
             return;
         }
         $userid = empty($USER->id) ? '0' : $USER->id;
@@ -1972,7 +1972,7 @@ function add_to_log($courseid, $module, $action, $url='', $info='', $cm=0, $user
 function user_accesstime_log($courseid=0) {
     global $USER, $CFG, $DB;
 
-    if (!isloggedin() or is_loggedinas()) {
+    if (!isloggedin() or session_is_loggedinas()) {
         // no access tracking
         return;
     }
diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 57fa363597..8cca170673 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -1920,7 +1920,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null, $setwantsu
     }
 
 /// loginas as redirection if needed
-    if ($COURSE->id != SITEID and is_loggedinas()) {
+    if ($COURSE->id != SITEID and session_is_loggedinas()) {
         if ($USER->loginascontext->contextlevel == CONTEXT_COURSE) {
             if ($USER->loginascontext->instanceid != $COURSE->id) {
                 print_error('loginasonecourse', '', $CFG->wwwroot.'/course/view.php?id='.$USER->loginascontext->instanceid);
@@ -1929,7 +1929,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null, $setwantsu
     }
 
 /// check whether the user should be changing password (but only if it is REALLY them)
-    if (get_user_preferences('auth_forcepasswordchange') && !is_loggedinas()) {
+    if (get_user_preferences('auth_forcepasswordchange') && !session_is_loggedinas()) {
         $userauth = get_auth_plugin($USER->auth);
         if ($userauth->can_change_password()) {
             $SESSION->wantsurl = $FULLME;
@@ -2107,8 +2107,8 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null, $setwantsu
     /// For non-guests, check if they have course view access
 
         } else if (has_capability('moodle/course:view', $COURSE->context)) {
-            if (is_loggedinas()) {   // Make sure the REAL person can also access this course
-                $realuser = get_real_user();
+            if (session_is_loggedinas()) {   // Make sure the REAL person can also access this course
+                $realuser = session_get_realuser();
                 if (!has_capability('moodle/course:view', $COURSE->context, $realuser->id)) {
                     print_header_simple();
                     notice(get_string('studentnotallowed', '', fullname($USER, true)), $CFG->wwwroot .'/');
@@ -2154,7 +2154,7 @@ function require_logout() {
         }
     }
 
-    get_session()->terminate();
+    session_get_instance()->terminate();
 }
 
 /**
@@ -3143,17 +3143,15 @@ function authenticate_user_login($username, $password) {
  * NOTE:
  * - It will NOT log anything -- up to the caller to decide what to log.
  *
- *
- *
  * @uses $CFG, $USER
  * @param string $user obj
- * @return user|flase A {@link $USER} object or false if error
+ * @return object A {@link $USER} object - BC only, do not use
  */
 function complete_user_login($user) {
     global $CFG, $USER, $SESSION;
 
-    $USER = $user; // this is required because we need to access preferences here!
-    check_user_preferences_loaded();
+    // check enrolments, load caps and setup $USER object
+    session_set_user($user);
 
     update_user_login_times();
     if (empty($CFG->nolastloggedin)) {
@@ -3166,12 +3164,6 @@ function complete_user_login($user) {
     }
     set_login_session_preferences();
 
-    // Call enrolment plugins
-    check_enrolment_plugins($user);
-
-    /// This is what lets the user do anything on the site :-)
-    load_all_capabilities();
-
     /// Select password change url
     $userauth = get_auth_plugin($USER->auth);
 
diff --git a/lib/sessionlib.php b/lib/sessionlib.php
index 299226ecf1..fe0c4488bc 100644
--- a/lib/sessionlib.php
+++ b/lib/sessionlib.php
@@ -4,7 +4,7 @@
  * Factory method returning moodle_session object.
  * @return moodle_session
  */
-function get_session() {
+function session_get_instance() {
     static $session = null;
 
     if (is_null($session)) {
@@ -18,7 +18,7 @@ function get_session() {
  * Class handling all session and cookies related stuff.
  */
 class moodle_session {
-    function __construct() {
+    public function __construct() {
         global $CFG;
         $this->prepare_cookies();
         $this->init_session_storage();
@@ -44,12 +44,55 @@ class moodle_session {
             }
         }
 
-        if (!isset($_SESSION['USER']->id)) {
-            $_SESSION['USER']->id = 0; // to enable proper function of $CFG->notloggedinroleid hack
+        $this->check_user_initialised();
+    }
+
+    /**
+     * Initialise $USER object, handles google access.
+     *
+     * @return void
+     */
+    protected function check_user_initialised() {
+        if (isset($_SESSION['USER']->id)) {
+            // already set up $USER
+            return;
+        }
+
+        $user = null;
+
+        if (!empty($CFG->opentogoogle) and !NO_MOODLE_COOKIES) {
+            if (!empty($_SERVER['HTTP_USER_AGENT'])) {
+                // allow web spiders in as guest users
+                if (strpos($_SERVER['HTTP_USER_AGENT'], 'Googlebot') !== false ) {
+                    $user = guest_user();
+                } else if (strpos($_SERVER['HTTP_USER_AGENT'], 'google.com') !== false ) { // Google
+                    $user = guest_user();
+                } else if (strpos($_SERVER['HTTP_USER_AGENT'], 'Yahoo! Slurp') !== false ) {  // Yahoo
+                    $user = guest_user();
+                } else if (strpos($_SERVER['HTTP_USER_AGENT'], '[ZSEBOT]') !== false ) {  // Zoomspider
+                    $user = guest_user();
+                } else if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSNBOT') !== false ) {  // MSN Search
+                    $user = guest_user();
+                }
+            }
+            if (!$user and !empty($_SERVER['HTTP_REFERER'])) {
+                // automaticaly log in users coming from search engine results
+                if (strpos($_SERVER['HTTP_REFERER'], 'google') !== false ) {
+                    $user = guest_user();
+                } else if (strpos($_SERVER['HTTP_REFERER'], 'altavista') !== false ) {
+                    $user = guest_user();
+                }
+            }
+        }
+
+        if (!$user) {
+            $user = new object();
+            $user->id = 0; // to enable proper function of $CFG->notloggedinroleid hack
             if (isset($CFG->mnet_localhost_id)) {
-                $_SESSION['USER']->mnethostid = $CFG->mnet_localhost_id;
+                $user->mnethostid = $CFG->mnet_localhost_id;
             }
         }
+        session_set_user($user);
     }
 
     /**
@@ -83,7 +126,7 @@ class moodle_session {
     /**
      * Prepare cookies and varions system settings
      */
-    private function prepare_cookies() {
+    protected function prepare_cookies() {
         global $CFG, $nomoodlecookie;
 
         if (!defined('NO_MOODLE_COOKIES')) {
@@ -121,6 +164,7 @@ class moodle_session {
             unset(${'MoodleSession'.$CFG->sessioncookie});
             unset($_GET['MoodleSession'.$CFG->sessioncookie]);
             unset($_POST['MoodleSession'.$CFG->sessioncookie]);
+            unset($_REQUEST['MoodleSession'.$CFG->sessioncookie]);
         }
         //compatibility hack for Moodle Cron, cookies not deleted, but set to "deleted" - should not be needed with NO_MOODLE_COOKIES in cron.php now
         if (!empty($_COOKIE['MoodleSession'.$CFG->sessioncookie]) && $_COOKIE['MoodleSession'.$CFG->sessioncookie] == "deleted") {
@@ -131,7 +175,7 @@ class moodle_session {
     /**
      * Inits session storage.
      */
-    private function init_session_storage() {
+    protected function init_session_storage() {
         global $CFG;
 
     /// Set up session handling
@@ -253,11 +297,24 @@ function get_moodle_cookie() {
     }
 }
 
+/**
+ * Setup $USER object - called during login, loginas, etc.
+ * Preloads capabilities and checks enrolment plugins
+ *
+ * @param object $user full user record object
+ * @return void
+ */
+function session_set_user($user) {
+    $_SESSION['USER'] = $user;
+    check_enrolment_plugins($_SESSION['USER']);
+    load_all_capabilities();
+}
+
 /**
  * Is current $USER logged-in-as somebody else?
  * @return bool
  */
-function is_loggedinas() {
+function session_is_loggedinas() {
     return !empty($_SESSION['USER']->realuser);
 }
 
@@ -265,8 +322,8 @@ function is_loggedinas() {
  * Returns the $USER object ignoring current login-as session
  * @return object user object
  */
-function get_real_user() {
-    if (is_loggedinas()) {
+function session_get_realuser() {
+    if (session_is_loggedinas()) {
         return $_SESSION['REALUSER'];
     } else {
         return $_SESSION['USER'];
@@ -280,7 +337,7 @@ function get_real_user() {
  * @return void
  */
 function session_loginas($userid, $context) {
-    if (is_loggedinas()) {
+    if (session_is_loggedinas()) {
         return;
     }
 
@@ -290,12 +347,10 @@ function session_loginas($userid, $context) {
 
     /// Create the new $USER object with all details and reload needed capabilitites
     $_SESSION['REALUSER'] = $_SESSION['USER'];
-    $_SESSION['USER'] = get_complete_user_data('id', $userid);
-    $_SESSION['USER']->realuser       = $_SESSION['REALUSER']->id;
-    $_SESSION['USER']->loginascontext = $context;
-
-    check_enrolment_plugins($_SESSION['USER']);
-    load_all_capabilities();
+    $user = get_complete_user_data('id', $userid);
+    $user->realuser       = $_SESSION['REALUSER']->id;
+    $user->loginascontext = $context;
+    session_set_user($user);
 }
 
 /**
@@ -303,7 +358,7 @@ function session_loginas($userid, $context) {
  * @return void
  */
 function session_unloginas() {
-    if (!is_loggedinas()) {
+    if (!session_is_loggedinas()) {
         return;
     }
 
diff --git a/lib/setup.php b/lib/setup.php
index 0a2dfe67df..672b9e766f 100644
--- a/lib/setup.php
+++ b/lib/setup.php
@@ -387,7 +387,7 @@ global $HTTPSPAGEREQUIRED;
     }
 
 /// start session and prepare global $SESSION, $USER
-    get_session();
+    session_get_instance();
     $SESSION = &$_SESSION['SESSION'];
     $USER    = &$_SESSION['USER'];
 
@@ -450,34 +450,6 @@ global $HTTPSPAGEREQUIRED;
     // set default locale and themes - might be changed again later from require_login()
     course_setup();
 
-    if (!empty($CFG->opentogoogle)) {
-        if (!NO_MOODLE_COOKIES and empty($USER->id)) {  // Ignore anyone logged in, or scripts without cookies
-            if (!empty($_SERVER['HTTP_USER_AGENT'])) {
-                if (strpos($_SERVER['HTTP_USER_AGENT'], 'Googlebot') !== false ) {
-                    $USER = guest_user();
-                } else if (strpos($_SERVER['HTTP_USER_AGENT'], 'google.com') !== false ) { // Google
-                    $USER = guest_user();
-                } else if (strpos($_SERVER['HTTP_USER_AGENT'], 'Yahoo! Slurp') !== false ) {  // Yahoo
-                    $USER = guest_user();
-                } else if (strpos($_SERVER['HTTP_USER_AGENT'], '[ZSEBOT]') !== false ) {  // Zoomspider
-                    $USER = guest_user();
-                } else if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSNBOT') !== false ) {  // MSN Search
-                    $USER = guest_user();
-                }
-            }
-            if (empty($USER) && !empty($_SERVER['HTTP_REFERER'])) {
-                if (strpos($_SERVER['HTTP_REFERER'], 'google') !== false ) {
-                    $USER = guest_user();
-                } else if (strpos($_SERVER['HTTP_REFERER'], 'altavista') !== false ) {
-                    $USER = guest_user();
-                }
-            }
-            if (!empty($USER->id)) {
-                load_all_capabilities();
-            }
-        }
-    }
-
     if ($CFG->theme == 'standard' or $CFG->theme == 'standardwhite') {    // Temporary measure to help with XHTML validation
         if (isset($_SERVER['HTTP_USER_AGENT']) and empty($USER->id)) {      // Allow W3CValidator in as user called w3cvalidator (or guest)
             if ((strpos($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator') !== false) or
@@ -504,8 +476,8 @@ global $HTTPSPAGEREQUIRED;
             $apachelog_name = clean_filename($USER->firstname . " " .
                                              $USER->lastname);
         }
-        if (is_loggedinas()) {
-            $realuser = get_real_user();
+        if (session_is_loggedinas()) {
+            $realuser = session_get_realuser();
             $apachelog_username = clean_filename($realuser->username." as ".$apachelog_username);
             $apachelog_name = clean_filename($realuser->firstname." ".$realuser->lastname ." as ".$apachelog_name);
             $apachelog_userid = clean_filename($realuser->id." as ".$apachelog_userid);
diff --git a/lib/weblib.php b/lib/weblib.php
index 408a5f1203..39c5eb2847 100644
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -3497,8 +3497,8 @@ function user_login_string($course=NULL, $user=NULL) {
         $course = $SITE;
     }
 
-    if (is_loggedinas()) {
-        $realuser = get_real_user();
+    if (session_is_loggedinas()) {
+        $realuser = session_get_realuser();
         $fullname = fullname($realuser, true);
         $realuserinfo = " [<a $CFG->frametarget
         href=\"$CFG->wwwroot/course/loginas.php?id=$course->id&amp;return=1&amp;sesskey=".sesskey()."\">$fullname</a>] ";
@@ -4754,7 +4754,7 @@ has_capability('moodle/course:viewhiddenuserfields', $context)) {
     if (has_capability('moodle/role:assign', $context) and get_user_roles($context, $user->id, false)) {  // I can unassing and user has some role
         $output .= '<a href="'. $CFG->wwwroot .'/course/unenrol.php?id='. $course->id .'&amp;user='. $user->id .'">'. $string->unenrol .'</a><br />';
     }
-    if ($USER->id != $user->id && !is_loggedinas() && has_capability('moodle/user:loginas', $context) &&
+    if ($USER->id != $user->id && !session_is_loggedinas() && has_capability('moodle/user:loginas', $context) &&
                                  ! has_capability('moodle/site:doanything', $context, $user->id, false)) {
         $output .= '<a href="'. $CFG->wwwroot .'/course/loginas.php?id='. $course->id .'&amp;user='. $user->id .'&amp;sesskey='. sesskey() .'">'. $string->loginas .'</a><br />';
     }
diff --git a/login/change_password.php b/login/change_password.php
index 26c4440423..e4d895a610 100644
--- a/login/change_password.php
+++ b/login/change_password.php
@@ -30,7 +30,7 @@
     }
 
     // do not allow "Logged in as" users to change any passwords
-    if (is_loggedinas()) {
+    if (session_is_loggedinas()) {
         print_error('cannotcallscript');
     }
 
diff --git a/login/index.php b/login/index.php
index f8a61df48c..fd9c138376 100644
--- a/login/index.php
+++ b/login/index.php
@@ -158,7 +158,7 @@ httpsrequired();
         /// Let's get them all set up.
             add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID,
                        $user->id, 0, $user->id);
-            $USER = complete_user_login($user);
+            complete_user_login($user);
 
         /// Prepare redirection
             if (user_not_fully_set_up($USER)) {
diff --git a/user/view.php b/user/view.php
index f367acddd3..e00bbcb18d 100644
--- a/user/view.php
+++ b/user/view.php
@@ -411,7 +411,7 @@
     if ($passwordchangeurl) {
         $params = array('id'=>$course->id);
 
-        if (is_loggedinas()) {
+        if (session_is_loggedinas()) {
             $passwordchangeurl = ''; // do not use actual change password url - might contain sensitive data
         } else {
             $parts = explode('?', $passwordchangeurl);
@@ -429,7 +429,7 @@
         foreach($params as $key=>$value) {
             echo '<input type="hidden" name="'.$key.'" value="'.s($value).'" />';
         }
-        if (is_loggedinas()) {
+        if (session_is_loggedinas()) {
             // changing of password when "Logged in as" is not allowed
             echo "<input type=\"submit\" value=\"".get_string("changepassword")."\" disabled=\"disabled\" />";
         } else {
@@ -471,7 +471,7 @@
         }
     }
 
-    if (!$user->deleted and $USER->id != $user->id  && !is_loggedinas() && has_capability('moodle/user:loginas', $coursecontext) &&
+    if (!$user->deleted and $USER->id != $user->id  && !session_is_loggedinas() && has_capability('moodle/user:loginas', $coursecontext) &&
                                  ! has_capability('moodle/site:doanything', $coursecontext, $user->id, false)) {
         echo '<form action="'.$CFG->wwwroot.'/course/loginas.php" method="get">';
         echo '<div>';