Differences Between: [Versions 310 and 403] [Versions 311 and 403] [Versions 39 and 403] [Versions 400 and 403]
1 <?php 2 // Allows a teacher/admin to login as another user (in stealth mode). 3 4 require_once('../config.php'); 5 require_once ('lib.php'); 6 7 $id = optional_param('id', SITEID, PARAM_INT); // course id 8 $redirect = optional_param('redirect', 0, PARAM_BOOL); 9 10 $url = new moodle_url('/course/loginas.php', array('id'=>$id)); 11 $PAGE->set_url($url); 12 13 // Reset user back to their real self if needed, for security reasons you need to log out and log in again. 14 if (\core\session\manager::is_loggedinas()) { 15 require_sesskey(); 16 require_logout(); 17 18 // We can not set wanted URL here because the session is closed. 19 redirect(new moodle_url($url, array('redirect'=>1))); 20 } 21 22 if ($redirect) { 23 if ($id and $id != SITEID) { 24 $SESSION->wantsurl = "$CFG->wwwroot/course/view.php?id=".$id; 25 } else { 26 $SESSION->wantsurl = "$CFG->wwwroot/"; 27 } 28 29 redirect(get_login_url()); 30 } 31 32 // Try log in as this user. 33 $userid = required_param('user', PARAM_INT); 34 35 require_sesskey(); 36 $course = $DB->get_record('course', array('id'=>$id), '*', MUST_EXIST); 37 38 // User must be logged in. 39 40 $systemcontext = context_system::instance(); 41 $coursecontext = context_course::instance($course->id); 42 43 require_login(); 44 45 if (has_capability('moodle/user:loginas', $systemcontext)) { 46 if (is_siteadmin($userid)) { 47 throw new \moodle_exception('nologinas'); 48 } 49 $context = $systemcontext; 50 $PAGE->set_context($context); 51 } else { 52 require_login($course); 53 require_capability('moodle/user:loginas', $coursecontext); 54 if (is_siteadmin($userid)) { 55 throw new \moodle_exception('nologinas'); 56 } 57 if (!is_enrolled($coursecontext, $userid)) { 58 throw new \moodle_exception('usernotincourse'); 59 } 60 $context = $coursecontext; 61 62 // Check if course has SEPARATEGROUPS and user is part of that group. 63 if (groups_get_course_groupmode($course) == SEPARATEGROUPS && 64 !has_capability('moodle/site:accessallgroups', $context)) { 65 $samegroup = false; 66 if ($groups = groups_get_all_groups($course->id, $USER->id)) { 67 foreach ($groups as $group) { 68 if (groups_is_member($group->id, $userid)) { 69 $samegroup = true; 70 break; 71 } 72 } 73 } 74 if (!$samegroup) { 75 throw new \moodle_exception('nologinas'); 76 } 77 } 78 } 79 80 // Login as this user and return to course home page. 81 \core\session\manager::loginas($userid, $context); 82 // Add a notification to let the logged in as user know that all content will be force cleaned 83 // while in this session. 84 \core\notification::info(get_string('sessionforceclean', 'core')); 85 $newfullname = fullname($USER, true); 86 87 $strloginas = get_string('loginas'); 88 $strloggedinas = get_string('loggedinas', '', $newfullname); 89 90 $PAGE->set_title($strloggedinas); 91 $PAGE->set_heading($course->fullname); 92 $PAGE->navbar->add($strloggedinas); 93 notice($strloggedinas, "$CFG->wwwroot/course/view.php?id=$course->id");
title
Description
Body
title
Description
Body
title
Description
Body
title
Body