ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilStartUpGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 use Psr\Http\Message\ServerRequestInterface;
5 
15 class ilStartUpGUI
16 {
17  const ACCOUNT_MIGRATION_MIGRATE = 1;
18  const ACCOUNT_MIGRATION_NEW = 2;
19 
21  protected $ctrl;
22  protected $lng;
23  protected $logger;
24 
26  protected $mainTemplate;
27 
29  protected $user;
30 
32  protected $termsOfServiceEvaluation;
33 
35  protected $httpRequest;
36 
44  public function __construct(
45  \ilObjUser $user = null,
46  \ilTermsOfServiceDocumentEvaluation $termsOfServiceEvaluation = null,
47  \ilTemplate $mainTemplate = null,
48  ServerRequestInterface $httpRequest = null
49  ) {
50  global $DIC;
51 
52  if ($user === null) {
53  $user = $DIC->user();
54  }
55  $this->user = $user;
56 
57  if ($termsOfServiceEvaluation === null) {
58  $termsOfServiceEvaluation = $DIC['tos.document.evaluator'];
59  }
60  $this->termsOfServiceEvaluation = $termsOfServiceEvaluation;
61 
62  if ($mainTemplate === null) {
63  $mainTemplate = $DIC->ui()->mainTemplate();
64  }
65  $this->mainTemplate = $mainTemplate;
66 
67  if ($httpRequest === null) {
68  $httpRequest = $DIC->http()->request();
69  }
70  $this->httpRequest = $httpRequest;
71 
72  $this->ctrl = $DIC->ctrl();
73  $this->lng = $DIC->language();
74  $this->lng->loadLanguageModule('auth');
75  $this->logger = ilLoggerFactory::getLogger('init');
76 
77  $this->ctrl->saveParameter($this, array("rep_ref_id", "lang", "target", "client_id"));
78 
79  $this->user->setLanguage($this->lng->getLangKey());
80  }
81 
86  public function executeCommand()
87  {
88  $cmd = $this->ctrl->getCmd("processIndexPHP", array('processIndexPHP','showLoginPage'));
89  $next_class = $this->ctrl->getNextClass($this);
90 
91  switch ($next_class) {
92  case 'ilLoginPageGUI':
93  break;
94 
95  case "ilaccountregistrationgui":
96  require_once("Services/Registration/classes/class.ilAccountRegistrationGUI.php");
97  return $this->ctrl->forwardCommand(new ilAccountRegistrationGUI());
98 
99  case "ilpasswordassistancegui":
100  require_once("Services/Init/classes/class.ilPasswordAssistanceGUI.php");
101  return $this->ctrl->forwardCommand(new ilPasswordAssistanceGUI());
102 
103  default:
104  if (method_exists($this, $cmd)) {
105  return $this->$cmd();
106  }
107  }
108  }
109 
114  public function getLogger()
115  {
116  return $this->logger;
117  }
118 
123  public function jumpToRegistration()
124  {
125  $this->ctrl->setCmdClass("ilaccountregistrationgui");
126  $this->ctrl->setCmd("");
127  $this->executeCommand();
128  }
129 
134  public function jumpToPasswordAssistance()
135  {
136  $this->ctrl->setCmdClass("ilpasswordassistancegui");
137  $this->ctrl->setCmd("");
138  $this->executeCommand();
139  }
140 
144  protected function showLoginPageOrStartupPage()
145  {
146 
150  $auth_session = $GLOBALS['DIC']['ilAuthSession'];
151  $ilAppEventHandler = $GLOBALS['DIC']['ilAppEventHandler'];
152 
153  $force_login = false;
154  if (
155  !is_array($_REQUEST['cmd']) &&
156  strcmp($_REQUEST['cmd'], 'force_login') === 0
157  ) {
158  $force_login = true;
159  }
160 
161  if ($force_login) {
162  $this->logger->debug('Force login');
163  if ($auth_session->isValid()) {
164  $this->logger->debug('Valid session -> logout current user');
165  ilSession::setClosingContext(ilSession::SESSION_CLOSE_USER);
166  $auth_session->logout();
167 
168  $ilAppEventHandler->raise(
169  'Services/Authentication',
170  'afterLogout',
171  array(
172  'username' => $this->user->getLogin()
173  )
174  );
175  }
176  $this->logger->debug('Show login page');
177  return $this->showLoginPage();
178  }
179 
183  if ($auth_session->isValid()) {
184  $this->logger->debug('Valid session -> redirect to starting page');
185  return ilInitialisation::redirectToStartingPage();
186  }
187  $this->logger->debug('No valid session -> show login');
188  $this->showLoginPage();
189  }
190 
191 
196  protected function showLoginPage(ilPropertyFormGUI $form = null)
197  {
198  global $tpl, $ilSetting;
199 
200  $this->getLogger()->debug('Showing login page');
201 
202  $extUid = '';
203  if (isset($_GET['ext_uid']) && is_string($_GET['ext_uid'])) {
204  $extUid = $_GET['ext_uid'];
205  }
206  $soapPw = '';
207  if (isset($_GET['soap_pw']) && is_string($_GET['soap_pw'])) {
208  $soapPw = $_GET['soap_pw'];
209  }
210 
211  require_once 'Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentialsSoap.php';
212  $credentials = new ilAuthFrontendCredentialsSoap($GLOBALS['DIC']->http()->request(), $this->ctrl, $ilSetting);
213  $credentials->setUsername(ilUtil::stripSlashes($extUid));
214  $credentials->setPassword(ilUtil::stripSlashes($soapPw));
215  $credentials->tryAuthenticationOnLoginPage();
216 
217  // try apache auth
218  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentialsApache.php';
219  $frontend = new ilAuthFrontendCredentialsApache($this->httpRequest, $this->ctrl);
220  $frontend->tryAuthenticationOnLoginPage();
221 
222  // Instantiate login template
223  self::initStartUpTemplate("tpl.login.html");
224 
225  $page_editor_html = $this->getLoginPageEditorHTML();
226  $page_editor_html = $this->showOpenIdConnectLoginForm($page_editor_html);
227  $page_editor_html = $this->showLoginInformation($page_editor_html);
228  $page_editor_html = $this->showLoginForm($page_editor_html, $form);
229  $page_editor_html = $this->showCASLoginForm($page_editor_html);
230  $page_editor_html = $this->showShibbolethLoginForm($page_editor_html);
231  $page_editor_html = $this->showSamlLoginForm($page_editor_html);
232  $page_editor_html = $this->showRegistrationLinks($page_editor_html);
233  $page_editor_html = $this->showTermsOfServiceLink($page_editor_html);
234 
235  $page_editor_html = $this->purgePlaceholders($page_editor_html);
236 
237  // not controlled by login page editor
238  $tpl->setVariable("PAGETITLE", "- " . $this->lng->txt("startpage"));
239  $tpl->setVariable("ILIAS_RELEASE", $ilSetting->get("ilias_version"));
240 
241  // check expired session and send message
242  if ($GLOBALS['DIC']['ilAuthSession']->isExpired()) {
243  ilUtil::sendFailure($GLOBALS['lng']->txt('auth_err_expired'));
244  }
245 
246 
247  if (strlen($page_editor_html)) {
248  $tpl->setVariable('LPE', $page_editor_html);
249  }
250 
251  $tpl->fillWindowTitle();
252  $tpl->fillCssFiles();
253  $tpl->fillJavaScriptFiles();
254  $tpl->show("DEFAULT", false);
255  }
256 
263  protected function showLogin()
264  {
265  global $ilSetting, $ilAuth, $tpl, $ilias, $lng;
266 
267  $this->getLogger()->warning('Using deprecated startup method');
268  $this->getLogger()->logStack(ilLogLevel::WARNING);
269 
270  $status = $ilAuth->getStatus();
271  if ($status == "" && isset($_GET["auth_stat"])) {
272  $status = $_GET["auth_stat"];
273  }
274 
275  if ($ilAuth->getAuth() && !$status) {
276  // deprecated?
277  if ($_GET["rep_ref_id"] != "") {
278  $_GET["ref_id"] = $_GET["rep_ref_id"];
279  }
280  include_once './Services/Init/classes/class.ilInitialisation.php';
281  ilInitialisation::redirectToStartingPage();
282  return;
283  }
284 
285  // check for session cookies enabled
286  if (!isset($_COOKIE['iltest'])) {
287  if (empty($_GET['cookies'])) {
288  $additional_params = '';
289  ilUtil::setCookie("iltest", "cookie", false);
290  ilUtil::redirect("login.php?target=" . $_GET["target"] . "&soap_pw=" . $_GET["soap_pw"] .
291  "&ext_uid=" . $_GET["ext_uid"] . "&cookies=nocookies&client_id=" .
292  rawurlencode(CLIENT_ID) . "&lang=" . $lng->getLangKey() . $additional_params);
293  } else {
294  $_COOKIE['iltest'] = "";
295  }
296  } else {
297  unset($_GET['cookies']);
298  }
299 
300  if ($ilSetting->get("shib_active") && $ilSetting->get("shib_hos_type")) {
301  require_once "./Services/AuthShibboleth/classes/class.ilShibbolethWAYF.php";
302  // Check if we user selects Home Organization
303  $WAYF = new ShibWAYF();
304  }
305 
306  if (isset($WAYF) && $WAYF->is_selection()) {
307  if ($WAYF->is_valid_selection()) {
308  // Set cookie
309  $WAYF->setSAMLCookie();
310 
311  // Redirect
312  $WAYF->redirect();
313  }
314  }
315 
316  $failure = $success = null;
317 
318  // :TODO: handle internally?
319  if (isset($_GET['reg_confirmation_msg']) && strlen(trim($_GET['reg_confirmation_msg']))) {
320  $lng->loadLanguageModule('registration');
321  if ($_GET['reg_confirmation_msg'] == 'reg_account_confirmation_successful') {
322  $success = $lng->txt(trim($_GET['reg_confirmation_msg']));
323  } else {
324  $failure = $lng->txt(trim($_GET['reg_confirmation_msg']));
325  }
326  } elseif (isset($_GET['reached_session_limit']) && $_GET['reached_session_limit']) {
327  $failure = $lng->txt("reached_session_limit");
328  } elseif (isset($_GET['accdel']) && $_GET['accdel']) {
329  $lng->loadLanguageModule('user');
330  $failure = $lng->txt("user_account_deleted_confirmation");
331  }
332 
333  if (!empty($status)) {
334  switch ($status) {
335  case AUTH_IDLED:
336  // lang variable err_idled not existing
337  // $tpl->setVariable(TXT_MSG_LOGIN_FAILED, $lng->txt("err_idled"));
338  // fallthrough
339 
340  case AUTH_EXPIRED:
341  $failure = $lng->txt("err_session_expired");
342  break;
343 
344  case AUTH_CAS_NO_ILIAS_USER:
345  $failure = $lng->txt("err_auth_cas_no_ilias_user");
346  break;
347 
348  case AUTH_SOAP_NO_ILIAS_USER:
349  $failure = $lng->txt("err_auth_soap_no_ilias_user");
350  break;
351 
352  case AUTH_LDAP_NO_ILIAS_USER:
353  $failure = $lng->txt("err_auth_ldap_no_ilias_user");
354  break;
355 
356  case AUTH_RADIUS_NO_ILIAS_USER:
357  $failure = $lng->txt("err_auth_radius_no_ilias_user");
358  break;
359 
360  case AUTH_MODE_INACTIVE:
361  $failure = $lng->txt("err_auth_mode_inactive");
362  break;
363 
364  case AUTH_APACHE_FAILED:
365  $failure = $lng->txt("err_auth_apache_failed");
366  break;
367  case AUTH_SAML_FAILED:
368  $lng->loadLanguageModule('auth');
369  $failure = $lng->txt("err_auth_saml_failed");
370  break;
371  case AUTH_CAPTCHA_INVALID:
372  $lng->loadLanguageModule('cptch');
373  ilSession::setClosingContext(ilSession::SESSION_CLOSE_CAPTCHA);
374  $ilAuth->logout();
375  session_destroy();
376  $failure = $lng->txt("cptch_wrong_input");
377  break;
378 
379  // special cases: extended user validation failed
380  // ilAuth was successful, so we have to logout here
381 
382  case AUTH_USER_WRONG_IP:
383  ilSession::setClosingContext(ilSession::SESSION_CLOSE_IP);
384  $ilAuth->logout();
385  session_destroy();
386 
387  $failure = sprintf($lng->txt('wrong_ip_detected'), $_SERVER['REMOTE_ADDR']);
388  break;
389 
390  case AUTH_USER_SIMULTANEOUS_LOGIN:
391  ilSession::setClosingContext(ilSession::SESSION_CLOSE_SIMUL);
392  $ilAuth->logout();
393  session_destroy();
394 
395  $failure = $lng->txt("simultaneous_login_detected");
396  break;
397 
398  case AUTH_USER_TIME_LIMIT_EXCEEDED:
399  ilSession::setClosingContext(ilSession::SESSION_CLOSE_TIME);
400  $username = $ilAuth->getExceededUserName(); // #16327
401  $ilAuth->logout();
402 
403  // user could reactivate by code?
404  if ($ilSetting->get('user_reactivate_code')) {
405  return $this->showCodeForm($username);
406  }
407 
408  session_destroy();
409 
410  $failure = $lng->txt("time_limit_reached");
411  break;
412 
413  case AUTH_USER_INACTIVE:
414  ilSession::setClosingContext(ilSession::SESSION_CLOSE_INACTIVE);
415  $ilAuth->logout();
416  session_destroy();
417 
418  $failure = $lng->txt("err_inactive");
419  break;
420 
421  // special cases end
422 
423 
424  case AUTH_WRONG_LOGIN:
425  default:
426  $add = "";
427  $auth_error = $ilias->getAuthError();
428  if (is_object($auth_error)) {
429  $add = "<br>" . $auth_error->getMessage();
430  }
431  $failure = $lng->txt("err_wrong_login") . $add;
432  break;
433  }
434  }
435 
436  if (isset($_GET['cu']) && $_GET['cu']) {
437  $lng->loadLanguageModule("auth");
438  $success = $lng->txt("auth_account_code_used");
439  }
440 
441 
442  // --- render
443 
444  // Instantiate login template
445  self::initStartUpTemplate("tpl.login.html");
446 
447  // we need the template for this
448  if ($failure) {
449  ilUtil::sendFailure($failure);
450  } elseif ($success) {
451  ilUtil::sendSuccess($success);
452  }
453 
454  // Draw single page editor elements
455  $page_editor_html = $this->getLoginPageEditorHTML();
456  $page_editor_html = $this->showLoginInformation($page_editor_html);
457  $page_editor_html = $this->showLoginForm($page_editor_html);
458  $page_editor_html = $this->showCASLoginForm($page_editor_html);
459  $page_editor_html = $this->showShibbolethLoginForm($page_editor_html);
460  $page_editor_html = $this->showSamlLoginForm($page_editor_html);
461  $page_editor_html = $this->showRegistrationLinks($page_editor_html);
462  $page_editor_html = $this->showTermsOfServiceLink($page_editor_html);
463  $page_editor_html = $this->purgePlaceholders($page_editor_html);
464 
465  // not controlled by login page editor
466  $tpl->setVariable("PAGETITLE", "- " . $lng->txt("startpage"));
467  $tpl->setVariable("ILIAS_RELEASE", $ilSetting->get("ilias_version"));
468 
469  $tpl->setVariable("PHP_SELF", $_SERVER['PHP_SELF']);
470 
471  // browser does not accept cookies
472  if (isset($_GET['cookies']) && $_GET['cookies'] == 'nocookies') {
473  ilUtil::sendFailure($lng->txt("err_no_cookies"));
474  }
475 
476  if (strlen($page_editor_html)) {
477  $tpl->setVariable('LPE', $page_editor_html);
478  }
479 
480  $tpl->fillWindowTitle();
481  $tpl->fillCssFiles();
482  $tpl->fillJavaScriptFiles();
483 
484  $tpl->show("DEFAULT", false);
485  }
486 
487  protected function showCodeForm($a_username = null, $a_form = null)
488  {
489  global $tpl, $lng;
490 
491  self::initStartUpTemplate("tpl.login_reactivate_code.html");
492 
493  ilUtil::sendFailure($lng->txt("time_limit_reached"));
494 
495  if (!$a_form) {
496  $a_form = $this->initCodeForm($a_username);
497  }
498 
499  $tpl->setVariable("FORM", $a_form->getHTML());
500  $tpl->show("DEFAULT", false);
501  }
502 
503  protected function initCodeForm($a_username)
504  {
505  global $lng, $ilCtrl;
506 
507  $lng->loadLanguageModule("auth");
508 
509  include_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
510 
511  $form = new ilPropertyFormGUI();
512  $form->setFormAction($ilCtrl->getFormAction($this, 'showcodeform'));
513  $form->setTitle($lng->txt('auth_account_code_title'));
514 
515  $count = new ilTextInputGUI($lng->txt('auth_account_code'), 'code');
516  $count->setRequired(true);
517  $count->setInfo($lng->txt('auth_account_code_info'));
518  $form->addItem($count);
519 
520  // #11658
521  $uname = new ilHiddenInputGUI("uname");
522  $uname->setValue($a_username);
523  $form->addItem($uname);
524 
525  $form->addCommandButton('processCode', $lng->txt('send'));
526 
527  return $form;
528  }
529 
537  protected function processCode()
538  {
539  global $lng, $ilAuth, $ilCtrl;
540 
541  $uname = $_POST["uname"];
542 
543  $form = $this->initCodeForm($uname);
544  if ($uname && $form->checkInput()) {
545  $code = $form->getInput("code");
546 
547  include_once "Services/User/classes/class.ilAccountCode.php";
548  if (ilAccountCode::isUnusedCode($code)) {
549  $valid_until = ilAccountCode::getCodeValidUntil($code);
550 
551  if (!$user_id = ilObjUser::_lookupId($uname)) {
552  $this->showLogin();
553  return false;
554  }
555 
556  $invalid_code = false;
557  $user = new ilObjUser($user_id);
558 
559  if ($valid_until === "0") {
560  $user->setTimeLimitUnlimited(true);
561  } else {
562  if (is_numeric($valid_until)) {
563  $valid_until = strtotime("+" . $valid_until . "days");
564  } else {
565  $valid_until = explode("-", $valid_until);
566  $valid_until = mktime(
567  23,
568  59,
569  59,
570  $valid_until[1],
571  $valid_until[2],
572  $valid_until[0]
573  );
574  if ($valid_until < time()) {
575  $invalid_code = true;
576  }
577  }
578 
579  if (!$invalid_code) {
580  $user->setTimeLimitUnlimited(false);
581  $user->setTimeLimitUntil($valid_until);
582  }
583  }
584 
585  if (!$invalid_code) {
586  $user->setActive(true);
587 
588  ilAccountCode::useCode($code);
589 
590  // apply registration code role assignments
591  ilAccountCode::applyRoleAssignments($user, $code);
592 
593  // apply registration code time limits
594  ilAccountCode::applyAccessLimits($user, $code);
595 
596  $user->update();
597 
598  $ilCtrl->setParameter($this, "cu", 1);
599  $GLOBALS['DIC']->language()->loadLanguageModule('auth');
600  ilUtil::sendSuccess($GLOBALS['DIC']->language()->txt('auth_activation_code_success'), true);
601  $ilCtrl->redirect($this, "showLoginPage");
602  }
603  }
604 
605  $lng->loadLanguageModule("user");
606  $field = $form->getItemByPostVar("code");
607  $field->setAlert($lng->txt("user_account_code_not_valid"));
608  }
609 
610  $form->setValuesByPost();
611  $this->showCodeForm($uname, $form);
612  }
613 
614 
619  protected function initStandardLoginForm()
620  {
621  include_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
622  $form = new ilPropertyFormGUI();
623  $form->setFormAction($this->ctrl->getFormAction($this, ''));
624  $form->setName("formlogin");
625  $form->setShowTopButtons(false);
626  $form->setTitle($this->lng->txt("login_to_ilias"));
627 
628  include_once './Services/Authentication/classes/class.ilAuthModeDetermination.php';
629  $det = ilAuthModeDetermination::_getInstance();
630 
631  if (ilAuthUtils::_hasMultipleAuthenticationMethods() and $det->isManualSelection()) {
632  $visible_auth_methods = array();
633  $radg = new ilRadioGroupInputGUI($this->lng->txt("auth_selection"), "auth_mode");
634  foreach (ilAuthUtils::_getMultipleAuthModeOptions($this->lng) as $key => $option) {
635  if (isset($option['hide_in_ui']) && $option['hide_in_ui']) {
636  continue;
637  }
638 
639  $op1 = new ilRadioOption($option['txt'], $key);
640  $radg->addOption($op1);
641  if (isset($option['checked'])) {
642  $radg->setValue($key);
643  }
644  $visible_auth_methods[] = $op1;
645  }
646 
647  if (count($visible_auth_methods) == 1) {
648  $first_auth_method = current($visible_auth_methods);
649  $hidden_auth_method = new ilHiddenInputGUI("auth_mode");
650  $hidden_auth_method->setValue($first_auth_method->getValue());
651  $form->addItem($hidden_auth_method);
652  } else {
653  $form->addItem($radg);
654  }
655  }
656 
657  $ti = new ilTextInputGUI($this->lng->txt("username"), "username");
658  $ti->setSize(20);
659  $ti->setRequired(true);
660  $form->addItem($ti);
661 
662  $pi = new ilPasswordInputGUI($this->lng->txt("password"), "password");
663  $pi->setUseStripSlashes(false);
664  $pi->setRetype(false);
665  $pi->setSkipSyntaxCheck(true);
666  $pi->setSize(20);
667  $pi->setDisableHtmlAutoComplete(false);
668  $pi->setRequired(true);
669  $form->addItem($pi);
670 
671  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
672  if (ilCaptchaUtil::isActiveForLogin()) {
673  require_once 'Services/Captcha/classes/class.ilCaptchaInputGUI.php';
674  $captcha = new ilCaptchaInputGUI($this->lng->txt('captcha_code'), 'captcha_code');
675  $captcha->setRequired(true);
676  $form->addItem($captcha);
677  }
678 
679  $form->addCommandButton("doStandardAuthentication", $this->lng->txt("log_in"));
680 
681  return $form;
682  }
683 
687  protected function doShibbolethAuthentication()
688  {
689  $this->getLogger()->debug('Trying shibboleth authentication');
690 
691  include_once './Services/AuthShibboleth/classes/class.ilAuthFrontendCredentialsShibboleth.php';
692  $credentials = new ilAuthFrontendCredentialsShibboleth();
693  $credentials->initFromRequest();
694 
695  include_once './Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
696  $provider_factory = new ilAuthProviderFactory();
697  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_SHIBBOLETH);
698 
699  include_once './Services/Authentication/classes/class.ilAuthStatus.php';
700  $status = ilAuthStatus::getInstance();
701 
702  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
703  $frontend_factory = new ilAuthFrontendFactory();
704  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
705  $frontend = $frontend_factory->getFrontend(
706  $GLOBALS['DIC']['ilAuthSession'],
707  $status,
708  $credentials,
709  array($provider)
710  );
711 
712  $frontend->authenticate();
713 
714  switch ($status->getStatus()) {
715  case ilAuthStatus::STATUS_AUTHENTICATED:
716  ilLoggerFactory::getLogger('auth')->debug('Authentication successful; Redirecting to starting page.');
717  include_once './Services/Init/classes/class.ilInitialisation.php';
718  ilInitialisation::redirectToStartingPage();
719  return;
720 
721  case ilAuthStatus::STATUS_ACCOUNT_MIGRATION_REQUIRED:
722  return $GLOBALS['ilCtrl']->redirect($this, 'showAccountMigration');
723 
724  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
725  ilUtil::sendFailure($status->getTranslatedReason(), true);
726  $GLOBALS['ilCtrl']->redirect($this, 'showLoginPage');
727  return false;
728  }
729 
730  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
731  $this->showLoginPage();
732  return false;
733  }
734 
738  protected function doCasAuthentication()
739  {
740  global $DIC;
741 
742  $this->getLogger()->debug('Trying cas authentication');
743 
744  include_once './Services/CAS/classes/class.ilAuthFrontendCredentialsCAS.php';
745  $credentials = new ilAuthFrontendCredentialsCAS();
746 
747  include_once './Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
748  $provider_factory = new ilAuthProviderFactory();
749  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_CAS);
750 
751  include_once './Services/Authentication/classes/class.ilAuthStatus.php';
752  $status = ilAuthStatus::getInstance();
753 
754  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
755  $frontend_factory = new ilAuthFrontendFactory();
756  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
757  $frontend = $frontend_factory->getFrontend(
758  $GLOBALS['DIC']['ilAuthSession'],
759  $status,
760  $credentials,
761  array($provider)
762  );
763 
764  $frontend->authenticate();
765  switch ($status->getStatus()) {
766  case ilAuthStatus::STATUS_AUTHENTICATED:
767  $this->getLogger()->debug('Authentication successful.');
768  ilInitialisation::redirectToStartingPage();
769  break;
770 
771  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
772  default:
773  ilUtil::sendFailure($DIC->language()->txt($status->getReason()));
774  $this->showLoginPage();
775  return false;
776  }
777  }
778 
782  protected function doLTIAuthentication()
783  {
784  $this->getLogger()->debug('Trying lti authentication');
785 
786  $credentials = new ilAuthFrontendCredentialsLTI();
787  $credentials->initFromRequest();
788 
789  $provider_factory = new ilAuthProviderFactory();
790  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_PROVIDER_LTI);
791 
792  $status = ilAuthStatus::getInstance();
793 
794  $frontend_factory = new ilAuthFrontendFactory();
795  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
796  $frontend = $frontend_factory->getFrontend(
797  $GLOBALS['DIC']['ilAuthSession'],
798  $status,
799  $credentials,
800  array($provider)
801  );
802 
803  $frontend->authenticate();
804 
805  switch ($status->getStatus()) {
806  case ilAuthStatus::STATUS_AUTHENTICATED:
807  ilLoggerFactory::getLogger('auth')->debug('Authentication successful; Redirecting to starting page.');
808  ilInitialisation::redirectToStartingPage();
809  return;
810 
811  case ilAuthStatus::STATUS_ACCOUNT_MIGRATION_REQUIRED:
812  return $GLOBALS['ilCtrl']->redirect($this, 'showAccountMigration');
813 
814  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
815  ilUtil::sendFailure($GLOBALS['lng']->txt($status->getReason()), true);
816  $GLOBALS['ilCtrl']->redirect($this, 'showLoginPage');
817  return false;
818  }
819 
820  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
821  $this->showLoginPage();
822  return false;
823  }
824 
825 
829  protected function doApacheAuthentication()
830  {
831  $this->getLogger()->debug('Trying apache authentication');
832 
833  $credentials = new \ilAuthFrontendCredentialsApache($this->httpRequest, $this->ctrl);
834  $credentials->initFromRequest();
835 
836  $provider_factory = new \ilAuthProviderFactory();
837  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_APACHE);
838 
839  $status = \ilAuthStatus::getInstance();
840 
841  $frontend_factory = new \ilAuthFrontendFactory();
842  $frontend_factory->setContext(\ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
843  $frontend = $frontend_factory->getFrontend(
844  $GLOBALS['DIC']['ilAuthSession'],
845  $status,
846  $credentials,
847  array($provider)
848  );
849 
850  $frontend->authenticate();
851 
852  switch ($status->getStatus()) {
853  case \ilAuthStatus::STATUS_AUTHENTICATED:
854  if ($credentials->hasValidTargetUrl()) {
855  \ilLoggerFactory::getLogger('auth')->debug(sprintf(
856  'Authentication successful. Redirecting to starting page: %s',
857  $credentials->getTargetUrl()
858  ));
859  $this->ctrl->redirectToURL($credentials->getTargetUrl());
860  } else {
861  \ilLoggerFactory::getLogger('auth')->debug(
862  'Authentication successful, but no valid target URL given. Redirecting to default starting page.'
863  );
864  \ilInitialisation::redirectToStartingPage();
865  }
866  break;
867 
868  case \ilAuthStatus::STATUS_ACCOUNT_MIGRATION_REQUIRED:
869  $this->ctrl->redirect($this, 'showAccountMigration');
870  break;
871 
872  case \ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
873  \ilUtil::sendFailure($status->getTranslatedReason(), true);
874  $this->ctrl->redirectToURL(\ilUtil::appendUrlParameterString(
875  $this->ctrl->getLinkTarget($this, 'showLoginPage', '', false, false),
876  'passed_sso=1'
877  ));
878  break;
879  }
880 
881  \ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
882  $this->showLoginPage();
883  return false;
884  }
885 
889  protected function doStandardAuthentication()
890  {
891  $form = $this->initStandardLoginForm();
892  if ($form->checkInput()) {
893  $this->getLogger()->debug('Trying to authenticate user.');
894 
895  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentials.php';
896  $credentials = new ilAuthFrontendCredentials();
897  $credentials->setUsername($form->getInput('username'));
898  $credentials->setPassword($form->getInput('password'));
899  $credentials->setCaptchaCode($form->getInput('captcha_code'));
900 
901  // set chosen auth mode
902  include_once './Services/Authentication/classes/class.ilAuthModeDetermination.php';
903  $det = ilAuthModeDetermination::_getInstance();
904  if (ilAuthUtils::_hasMultipleAuthenticationMethods() and $det->isManualSelection()) {
905  $credentials->setAuthMode($form->getInput('auth_mode'));
906  }
907 
908  include_once './Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
909  $provider_factory = new ilAuthProviderFactory();
910  $providers = $provider_factory->getProviders($credentials);
911 
912  include_once './Services/Authentication/classes/class.ilAuthStatus.php';
913  $status = ilAuthStatus::getInstance();
914 
915  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
916  $frontend_factory = new ilAuthFrontendFactory();
917  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
918  $frontend = $frontend_factory->getFrontend(
919  $GLOBALS['DIC']['ilAuthSession'],
920  $status,
921  $credentials,
922  $providers
923  );
924 
925  $frontend->authenticate();
926 
927  switch ($status->getStatus()) {
928  case ilAuthStatus::STATUS_AUTHENTICATED:
929  ilLoggerFactory::getLogger('auth')->debug('Authentication successful; Redirecting to starting page.');
930  include_once './Services/Init/classes/class.ilInitialisation.php';
931  ilInitialisation::redirectToStartingPage();
932  return;
933 
934  case ilAuthStatus::STATUS_CODE_ACTIVATION_REQUIRED:
935  return $this->showCodeForm(ilObjUser::_lookupLogin($status->getAuthenticatedUserId()));
936 
937  case ilAuthStatus::STATUS_ACCOUNT_MIGRATION_REQUIRED:
938  return $GLOBALS['ilCtrl']->redirect($this, 'showAccountMigration');
939 
940  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
941  ilUtil::sendFailure($status->getTranslatedReason());
942  return $this->showLoginPage($form);
943  }
944  }
945  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
946  $this->showLoginPage($form);
947  return false;
948  }
949 
950 
951 
952 
953 
959  protected function showLoginForm($page_editor_html, ilPropertyFormGUI $form = null)
960  {
961  global $ilSetting,$lng,$tpl;
962 
963  // @todo move this to auth utils.
964  // login via ILIAS (this also includes radius and ldap)
965  // If local authentication is enabled for shibboleth users, we
966  // display the login form for ILIAS here.
967  if (($ilSetting->get("auth_mode") != AUTH_SHIBBOLETH ||
968  $ilSetting->get("shib_auth_allow_local")) &&
969  $ilSetting->get("auth_mode") != AUTH_CAS) {
970  if (!$form instanceof ilPropertyFormGUI) {
971  $form = $this->initStandardLoginForm();
972  }
973 
974  return $this->substituteLoginPageElements(
975  $tpl,
976  $page_editor_html,
977  $form->getHTML(),
978  '[list-login-form]',
979  'LOGIN_FORM'
980  );
981  }
982  return $page_editor_html;
983  }
984 
990  protected function showLoginInformation($page_editor_html)
991  {
992  global $lng,$tpl;
993 
994  if (strlen($page_editor_html)) {
995  // page editor active return
996  return $page_editor_html;
997  }
998 
999  $loginSettings = new ilSetting("login_settings");
1000  $information = $loginSettings->get("login_message_" . $lng->getLangKey());
1001 
1002  if (strlen(trim($information))) {
1003  $tpl->setVariable("TXT_LOGIN_INFORMATION", $information);
1004  }
1005  return $page_editor_html;
1006  }
1007 
1014  protected function showCASLoginForm($page_editor_html)
1015  {
1016  global $ilSetting, $lng;
1017 
1018 
1019  // cas login link
1020  if ($ilSetting->get("cas_active")) {
1021  $tpl = new ilTemplate('tpl.login_form_cas.html', true, true, 'Services/Init');
1022  $tpl->setVariable("TXT_CAS_LOGIN", $lng->txt("login_to_ilias_via_cas"));
1023  $tpl->setVariable("TXT_CAS_LOGIN_BUTTON", ilUtil::getImagePath("cas_login_button.png"));
1024  $tpl->setVariable("TXT_CAS_LOGIN_INSTRUCTIONS", $ilSetting->get("cas_login_instructions"));
1025  $this->ctrl->setParameter($this, "forceCASLogin", "1");
1026  $tpl->setVariable("TARGET_CAS_LOGIN", $this->ctrl->getLinkTarget($this, "doCasAuthentication"));
1027  $this->ctrl->setParameter($this, "forceCASLogin", "");
1028 
1029  return $this->substituteLoginPageElements(
1030  $GLOBALS['tpl'],
1031  $page_editor_html,
1032  $tpl->get(),
1033  '[list-cas-login-form]',
1034  'CAS_LOGIN_FORM'
1035  );
1036  }
1037  return $page_editor_html;
1038  }
1039 
1045  protected function showShibbolethLoginForm($page_editor_html)
1046  {
1047  global $ilSetting, $lng;
1048 
1049  // Refactoring with ilFormPropertyGUI
1050  // [...]
1051 
1052  // shibboleth login link
1053  if ($ilSetting->get("shib_active")) {
1054  $tpl = new ilTemplate('tpl.login_form_shibboleth.html', true, true, 'Services/Init');
1055 
1056  $tpl->setVariable('SHIB_FORMACTION', './shib_login.php'); // Bugfix http://ilias.de/mantis/view.php?id=10662 {$tpl->setVariable('SHIB_FORMACTION', $this->ctrl->getFormAction($this));}
1057 
1058  if ($ilSetting->get("shib_hos_type") == 'external_wayf') {
1059  $tpl->setCurrentBlock("shibboleth_login");
1060  $tpl->setVariable("TXT_SHIB_LOGIN", $lng->txt("login_to_ilias_via_shibboleth"));
1061  $tpl->setVariable("IL_TARGET", $_GET["target"]);
1062  $tpl->setVariable("TXT_SHIB_FEDERATION_NAME", $ilSetting->get("shib_federation_name"));
1063  $tpl->setVariable("TXT_SHIB_LOGIN_BUTTON", $ilSetting->get("shib_login_button"));
1064  $tpl->setVariable("TXT_SHIB_LOGIN_INSTRUCTIONS", sprintf($lng->txt("shib_general_login_instructions"), $ilSetting->get("shib_federation_name")) . ' <a href="mailto:' . $ilSetting->get("admin_email") . '">ILIAS ' . $lng->txt("administrator") . '</a>.');
1065  $tpl->setVariable("TXT_SHIB_CUSTOM_LOGIN_INSTRUCTIONS", $ilSetting->get("shib_login_instructions"));
1066  $tpl->parseCurrentBlock();
1067  } elseif ($ilSetting->get("shib_hos_type") == 'embedded_wayf') {
1068  $tpl->setCurrentBlock("shibboleth_custom_login");
1069  $customInstructions = stripslashes($ilSetting->get("shib_login_instructions"));
1070  $tpl->setVariable("TXT_SHIB_CUSTOM_LOGIN_INSTRUCTIONS", $customInstructions);
1071  $tpl->parseCurrentBlock();
1072  } else {
1073  $tpl->setCurrentBlock("shibboleth_wayf_login");
1074  $tpl->setVariable("TXT_SHIB_LOGIN", $lng->txt("login_to_ilias_via_shibboleth"));
1075  $tpl->setVariable("TXT_SHIB_FEDERATION_NAME", $ilSetting->get("shib_federation_name"));
1076  $tpl->setVariable("TXT_SELECT_HOME_ORGANIZATION", sprintf($lng->txt("shib_select_home_organization"), $ilSetting->get("shib_federation_name")));
1077  $tpl->setVariable("TXT_CONTINUE", $lng->txt("btn_next"));
1078  $tpl->setVariable("TXT_SHIB_HOME_ORGANIZATION", $lng->txt("shib_home_organization"));
1079  $tpl->setVariable("TXT_SHIB_LOGIN_INSTRUCTIONS", $lng->txt("shib_general_wayf_login_instructions") . ' <a href="mailto:' . $ilSetting->get("admin_email") . '">ILIAS ' . $lng->txt("administrator") . '</a>.');
1080  $tpl->setVariable("TXT_SHIB_CUSTOM_LOGIN_INSTRUCTIONS", $ilSetting->get("shib_login_instructions"));
1081 
1082  require_once "./Services/AuthShibboleth/classes/class.ilShibbolethWAYF.php";
1083  $WAYF = new ShibWAYF();
1084 
1085  $tpl->setVariable("TXT_SHIB_INVALID_SELECTION", $WAYF->showNotice());
1086  $tpl->setVariable("SHIB_IDP_LIST", $WAYF->generateSelection());
1087  $tpl->setVariable("ILW_TARGET", $_GET["target"]);
1088  $tpl->parseCurrentBlock();
1089  }
1090 
1091  return $this->substituteLoginPageElements($GLOBALS['tpl'], $page_editor_html, $tpl->get(), '[list-shibboleth-login-form]', 'SHIB_LOGIN_FORM');
1092  }
1093 
1094  return $page_editor_html;
1095  }
1096 
1097 
1107  protected function substituteLoginPageElements($tpl, $page_editor_html, $element_html, $placeholder, $fallback_tplvar)
1108  {
1109  if (!strlen($page_editor_html)) {
1110  $tpl->setVariable($fallback_tplvar, $element_html);
1111  return $page_editor_html;
1112  }
1113  // Try to replace placeholders
1114  if (!stristr($page_editor_html, $placeholder)) {
1115  $tpl->setVariable($fallback_tplvar, $element_html);
1116  return $page_editor_html;
1117  }
1118  return str_replace($placeholder, $element_html, $page_editor_html);
1119  }
1120 
1125  protected function getLoginPageEditorHTML()
1126  {
1127  global $lng, $tpl;
1128 
1129  include_once './Services/Authentication/classes/class.ilAuthLoginPageEditorSettings.php';
1130  $lpe = ilAuthLoginPageEditorSettings::getInstance();
1131  $active_lang = $lpe->getIliasEditorLanguage($lng->getLangKey());
1132 
1133  if (!$active_lang) {
1134  return '';
1135  }
1136 
1137  // if page does not exist, return nothing
1138  include_once './Services/COPage/classes/class.ilPageUtil.php';
1139  if (!ilPageUtil::_existsAndNotEmpty('auth', ilLanguage::lookupId($active_lang))) {
1140  return '';
1141  }
1142 
1143  include_once './Services/Authentication/classes/class.ilLoginPage.php';
1144  include_once './Services/Authentication/classes/class.ilLoginPageGUI.php';
1145 
1146  include_once("./Services/Style/Content/classes/class.ilObjStyleSheet.php");
1147  $tpl->setVariable("LOCATION_CONTENT_STYLESHEET", ilObjStyleSheet::getContentStylePath(0));
1148  $tpl->setCurrentBlock("SyntaxStyle");
1149  $tpl->setVariable("LOCATION_SYNTAX_STYLESHEET", ilObjStyleSheet::getSyntaxStylePath());
1150  $tpl->parseCurrentBlock();
1151 
1152  // get page object
1153  $page_gui = new ilLoginPageGUI(ilLanguage::lookupId($active_lang));
1154 
1155  include_once("./Services/Style/Content/classes/class.ilObjStyleSheet.php");
1156  $page_gui->setStyleId(0, 'auth');
1157 
1158  $page_gui->setPresentationTitle("");
1159  $page_gui->setTemplateOutput(false);
1160  $page_gui->setHeader("");
1161  $ret = $page_gui->showPage();
1162 
1163  return $ret;
1164  }
1165 
1174  protected function showRegistrationLinks($page_editor_html)
1175  {
1176  global $lng, $ilSetting, $ilIliasIniFile, $ilAccess;
1177 
1178  $rtpl = new ilTemplate('tpl.login_registration_links.html', true, true, 'Services/Init');
1179 
1180  // allow new registrations?
1181  include_once 'Services/Registration/classes/class.ilRegistrationSettings.php';
1182  if (ilRegistrationSettings::_lookupRegistrationType() != IL_REG_DISABLED) {
1183  $rtpl->setCurrentBlock("new_registration");
1184  $rtpl->setVariable("REGISTER", $lng->txt("registration"));
1185  $rtpl->setVariable(
1186  "CMD_REGISTER",
1187  $this->ctrl->getLinkTargetByClass("ilaccountregistrationgui", "")
1188  );
1189  $rtpl->parseCurrentBlock();
1190  }
1191  // allow password assistance? Surpress option if Authmode is not local database
1192  if ($ilSetting->get("password_assistance")) {
1193  $rtpl->setCurrentBlock("password_assistance");
1194  $rtpl->setVariable("FORGOT_PASSWORD", $lng->txt("forgot_password"));
1195  $rtpl->setVariable("FORGOT_USERNAME", $lng->txt("forgot_username"));
1196  $rtpl->setVariable(
1197  "CMD_FORGOT_PASSWORD",
1198  $this->ctrl->getLinkTargetByClass("ilpasswordassistancegui", "")
1199  );
1200  $rtpl->setVariable(
1201  "CMD_FORGOT_USERNAME",
1202  $this->ctrl->getLinkTargetByClass("ilpasswordassistancegui", "showUsernameAssistanceForm")
1203  );
1204  $rtpl->setVariable("LANG_ID", $lng->getLangKey());
1205  $rtpl->parseCurrentBlock();
1206  }
1207 
1208  if (ilPublicSectionSettings::getInstance()->isEnabledForDomain($_SERVER['SERVER_NAME']) &&
1209  $ilAccess->checkAccessOfUser(ANONYMOUS_USER_ID, "read", "", ROOT_FOLDER_ID)) {
1210  $rtpl->setCurrentBlock("homelink");
1211  $rtpl->setVariable("CLIENT_ID", "?client_id=" . $_COOKIE["ilClientId"] . "&lang=" . $lng->getLangKey());
1212  $rtpl->setVariable("TXT_HOME", $lng->txt("home"));
1213  $rtpl->parseCurrentBlock();
1214  }
1215 
1216  if ($ilIliasIniFile->readVariable("clients", "list")) {
1217  $rtpl->setCurrentBlock("client_list");
1218  $rtpl->setVariable("TXT_CLIENT_LIST", $lng->txt("to_client_list"));
1219  $rtpl->setVariable("CMD_CLIENT_LIST", $this->ctrl->getLinkTarget($this, "showClientList"));
1220  $rtpl->parseCurrentBlock();
1221  }
1222 
1223  return $this->substituteLoginPageElements(
1224  $GLOBALS['tpl'],
1225  $page_editor_html,
1226  $rtpl->get(),
1227  '[list-registration-link]',
1228  'REG_PWD_CLIENT_LINKS'
1229  );
1230  }
1231 
1237  protected function showTermsOfServiceLink(string $page_editor_html) : string
1238  {
1239  if (!$this->user->getId()) {
1240  $this->user->setId(ANONYMOUS_USER_ID);
1241  }
1242 
1243  if (\ilTermsOfServiceHelper::isEnabled() && $this->termsOfServiceEvaluation->hasDocument()) {
1244  $utpl = new ilTemplate('tpl.login_terms_of_service_link.html', true, true, 'Services/Init');
1245  $utpl->setVariable('TXT_TERMS_OF_SERVICE', $this->lng->txt('usr_agreement'));
1246  $utpl->setVariable('LINK_TERMS_OF_SERVICE', $this->ctrl->getLinkTarget($this, 'showTermsOfService'));
1247 
1248  return $this->substituteLoginPageElements(
1249  $GLOBALS['tpl'],
1250  $page_editor_html,
1251  $utpl->get(),
1252  '[list-user-agreement]',
1253  'USER_AGREEMENT'
1254  );
1255  }
1256 
1257  return $this->substituteLoginPageElements(
1258  $GLOBALS['tpl'],
1259  $page_editor_html,
1260  '',
1261  '[list-user-agreement]',
1262  'USER_AGREEMENT'
1263  );
1264  }
1265 
1271  protected function purgePlaceholders($page_editor_html)
1272  {
1273  return str_replace(
1274  array(
1275  '[list-language-selection] ',
1276  '[list-registration-link]',
1277  '[list-user-agreement]',
1278  '[list-login-form]',
1279  '[list-cas-login-form]',
1280  '[list-shibboleth-login-form]'
1281  ),
1282  array('','','','','','',''),
1283  $page_editor_html
1284  );
1285  }
1286 
1291  public function showAccountMigration($a_message = '')
1292  {
1297  global $tpl, $lng;
1298 
1299  $lng->loadLanguageModule('auth');
1300  self::initStartUpTemplate('tpl.login_account_migration.html');
1301 
1302  include_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
1303  $form = new ilPropertyFormGUI();
1304  $form->setFormAction($this->ctrl->getFormAction($this, 'migrateAccount'));
1305 
1306  $form->setTitle($lng->txt('auth_account_migration'));
1307  $form->addCommandButton('migrateAccount', $lng->txt('save'));
1308  $form->addCommandButton('showLogin', $lng->txt('cancel'));
1309 
1310  $rad = new ilRadioGroupInputGUI($lng->txt('auth_account_migration_name'), 'account_migration');
1311  $rad->setValue(1);
1312 
1313  $keep = new ilRadioOption(
1314  $lng->txt('auth_account_migration_keep'),
1315  static::ACCOUNT_MIGRATION_MIGRATE,
1316  $lng->txt('auth_info_migrate')
1317  );
1318  $user = new ilTextInputGUI($lng->txt('login'), 'mig_username');
1319  $user->setRequired(true);
1320  $user->setValue(ilUtil::prepareFormOutput($_POST['mig_username']));
1321  $user->setSize(32);
1322  $user->setMaxLength(128);
1323  $keep->addSubItem($user);
1324 
1325  $pass = new ilPasswordInputGUI($lng->txt('password'), 'mig_password');
1326  $pass->setRetype(false);
1327  $pass->setRequired(true);
1328  $pass->setValue(ilUtil::prepareFormOutput($_POST['mig_password']));
1329  $pass->setSize(12);
1330  $pass->setMaxLength(128);
1331  $keep->addSubItem($pass);
1332  $rad->addOption($keep);
1333 
1334  $new = new ilRadioOption(
1335  $lng->txt('auth_account_migration_new'),
1336  static::ACCOUNT_MIGRATION_NEW,
1337  $lng->txt('auth_info_add')
1338  );
1339  $rad->addOption($new);
1340 
1341  $form->addItem($rad);
1342 
1343  $tpl->setVariable('MIG_FORM', $form->getHTML());
1344 
1345  if (strlen($a_message)) {
1346  ilUtil::sendFailure($a_message);
1347  }
1348 
1349  $tpl->show('DEFAULT');
1350  }
1351 
1356  protected function migrateAccount()
1357  {
1358  if (!isset($_POST['account_migration'])) {
1359  $this->showAccountMigration(
1360  $GLOBALS['DIC']->language()->txt('err_choose_migration_type')
1361  );
1362  return false;
1363  }
1364 
1365  if (
1366  ($_POST['account_migration'] == self::ACCOUNT_MIGRATION_MIGRATE) &&
1367  (!strlen($_POST['mig_username']) || !strlen($_POST['mig_password']))
1368  ) {
1369  $this->showAccountMigration(
1370  $GLOBALS['DIC']->language()->txt('err_wrong_login')
1371  );
1372  return false;
1373  }
1374 
1375  if ((int) $_POST['account_migration'] == self::ACCOUNT_MIGRATION_MIGRATE) {
1376  return $this->doMigration();
1377  }
1378  if ((int) $_POST['account_migration'] == static::ACCOUNT_MIGRATION_NEW) {
1379  return $this->doMigrationNewAccount();
1380  }
1381  }
1382 
1386  protected function doMigrationNewAccount()
1387  {
1388  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontend.php';
1389 
1390  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentials.php';
1391  $credentials = new ilAuthFrontendCredentials();
1392  $credentials->setUsername(ilSession::get(ilAuthFrontend::MIG_EXTERNAL_ACCOUNT));
1393 
1394  include_once './Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
1395  $provider_factory = new ilAuthProviderFactory();
1396  $provider = $provider_factory->getProviderByAuthMode($credentials, ilSession::get(ilAuthFrontend::MIG_TRIGGER_AUTHMODE));
1397 
1398  $this->logger->debug('Using provider: ' . get_class($provider) . ' for further processing.');
1399 
1400  include_once './Services/Authentication/classes/class.ilAuthStatus.php';
1401  $status = ilAuthStatus::getInstance();
1402 
1403  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
1404  $frontend_factory = new ilAuthFrontendFactory();
1405  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
1406  $frontend = $frontend_factory->getFrontend(
1407  $GLOBALS['DIC']['ilAuthSession'],
1408  $status,
1409  $credentials,
1410  array($provider)
1411  );
1412 
1413  if ($frontend->migrateAccountNew()) {
1414  include_once './Services/Init/classes/class.ilInitialisation.php';
1415  ilInitialisation::redirectToStartingPage();
1416  }
1417 
1418  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
1419  $this->ctrl->redirect($this, 'showAccountMigration');
1420  }
1421 
1422 
1423 
1424 
1428  protected function doMigration()
1429  {
1430  include_once './Services/Authentication/classes/class.ilAuthFactory.php';
1431 
1432  $this->logger->debug('Starting account migration for user: ' . (string) ilSession::get('mig_ext_account'));
1433 
1434  // try database authentication
1435  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentials.php';
1436  $credentials = new ilAuthFrontendCredentials();
1437  $credentials->setUsername((string) $_POST['mig_username']);
1438  $credentials->setPassword((string) $_POST['mig_password']);
1439 
1440  include_once './Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
1441  $provider_factory = new ilAuthProviderFactory();
1442  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_LOCAL);
1443 
1444  include_once './Services/Authentication/classes/class.ilAuthStatus.php';
1445  $status = ilAuthStatus::getInstance();
1446 
1447  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
1448  $frontend_factory = new ilAuthFrontendFactory();
1449  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
1450  $frontend = $frontend_factory->getFrontend(
1451  $GLOBALS['DIC']['ilAuthSession'],
1452  $status,
1453  $credentials,
1454  array($provider)
1455  );
1456 
1457  $frontend->authenticate();
1458 
1459  switch ($status->getStatus()) {
1460  case ilAuthStatus::STATUS_AUTHENTICATED:
1461  $this->getLogger()->debug('Account migration: authentication successful for ' . (string) $_POST['mig_username']);
1462 
1463  $provider = $provider_factory->getProviderByAuthMode(
1464  $credentials,
1465  ilSession::get(ilAuthFrontend::MIG_TRIGGER_AUTHMODE)
1466  );
1467  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
1468  $frontend = $frontend_factory->getFrontend(
1469  $GLOBALS['DIC']['ilAuthSession'],
1470  $status,
1471  $credentials,
1472  array($provider)
1473  );
1474  if (
1475  $frontend->migrateAccount($GLOBALS['DIC']['ilAuthSession'])
1476  ) {
1477  include_once './Services/Init/classes/class.ilInitialisation.php';
1478  ilInitialisation::redirectToStartingPage();
1479  } else {
1480  ilUtil::sendFailure($this->lng->txt('err_wrong_login'), true);
1481  $this->ctrl->redirect($this, 'showAccountMigration');
1482  }
1483  break;
1484 
1485  default:
1486  $this->getLogger()->info('Account migration failed for user ' . (string) $_POST['mig_username']);
1487  $this->showAccountMigration($GLOBALS['lng']->txt('err_wrong_login'));
1488  return false;
1489  }
1490  }
1491 
1492 
1493 
1497  public function showLogout()
1498  {
1499  global $DIC;
1500 
1501 
1502  $tpl = $DIC->ui()->mainTemplate();
1503  $ilSetting = $DIC->settings();
1504  $lng = $DIC->language();
1505  $ilIliasIniFile = $DIC['ilIliasIniFile'];
1506  $ilAppEventHandler = $DIC['ilAppEventHandler'];
1507 
1508  $ilAppEventHandler->raise(
1509  'Services/Authentication',
1510  'beforeLogout',
1511  [
1512  'user_id' => $this->user->getId()
1513  ]
1514  );
1515 
1516  ilSession::setClosingContext(ilSession::SESSION_CLOSE_USER);
1517  $GLOBALS['DIC']['ilAuthSession']->logout();
1518 
1519  $GLOBALS['ilAppEventHandler']->raise(
1520  'Services/Authentication',
1521  'afterLogout',
1522  array(
1523  'username' => $this->user->getLogin()
1524  )
1525  );
1526 
1527  // reset cookie
1528  $client_id = $_COOKIE["ilClientId"];
1529  ilUtil::setCookie("ilClientId", "");
1530 
1531  if ((int) $this->user->getAuthMode(true) == AUTH_SAML && ilSession::get('used_external_auth')) {
1532  ilUtil::redirect('saml.php?action=logout&logout_url=' . urlencode(ILIAS_HTTP_PATH . '/login.php'));
1533  }
1534 
1535  //instantiate logout template
1536  self::initStartUpTemplate("tpl.logout.html");
1537 
1538  if (ilPublicSectionSettings::getInstance()->isEnabledForDomain($_SERVER['SERVER_NAME'])) {
1539  $tpl->setCurrentBlock("homelink");
1540  $tpl->setVariable("CLIENT_ID", "?client_id=" . $client_id . "&lang=" . $lng->getLangKey());
1541  $tpl->setVariable("TXT_HOME", $lng->txt("home"));
1542  $tpl->parseCurrentBlock();
1543  }
1544 
1545  if ($ilIliasIniFile->readVariable("clients", "list")) {
1546  $tpl->setCurrentBlock("client_list");
1547  $tpl->setVariable("TXT_CLIENT_LIST", $lng->txt("to_client_list"));
1548  $this->ctrl->setParameter($this, "client_id", $client_id);
1549  $tpl->setVariable(
1550  "CMD_CLIENT_LIST",
1551  $this->ctrl->getLinkTarget($this, "showClientList")
1552  );
1553  $tpl->parseCurrentBlock();
1554  $this->ctrl->setParameter($this, "client_id", "");
1555  }
1556 
1557  $tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("logout"));
1558  $tpl->setVariable("TXT_LOGOUT_TEXT", $lng->txt("logout_text"));
1559  $tpl->setVariable("TXT_LOGIN", $lng->txt("login_to_ilias"));
1560  $tpl->setVariable("CLIENT_ID", "?client_id=" . $client_id . "&lang=" . $lng->getLangKey());
1561 
1562  $tpl->show();
1563  }
1564 
1568  public function showClientList()
1569  {
1570  global $tpl, $ilIliasIniFile, $lng;
1571 
1572  if (!$ilIliasIniFile->readVariable("clients", "list")) {
1573  $this->processIndexPHP();
1574  return;
1575  }
1576 
1577  // fix #21612
1578  // $tpl = new ilTemplate("tpl.main.html", true, true);
1579  $tpl->setAddFooter(false); // no client yet
1580 
1581  $tpl->setVariable("PAGETITLE", $lng->txt("clientlist_clientlist"));
1582  $tpl->setVariable("LOCATION_STYLESHEET", ilUtil::getStyleSheetLocation());
1583 
1584  // load client list template
1585  self::initStartUpTemplate("tpl.client_list.html");
1586 
1587  // load template for table
1588  $tpl->addBlockfile("CLIENT_LIST", "client_list", "tpl.table.html");
1589 
1590  // load template for table content data
1591  $tpl->addBlockfile("TBL_CONTENT", "tbl_content", "tpl.obj_tbl_rows.html");
1592 
1593  // load table content data
1594  require_once("setup/classes/class.ilClientList.php");
1595  require_once("setup/classes/class.ilClient.php");
1596  require_once("setup/classes/class.ilDBConnections.php");
1597  require_once("./Services/Table/classes/class.ilTableGUI.php");
1598  $this->db_connections = new ilDBConnections();
1599  $clientlist = new ilClientList($this->db_connections);
1600  $list = $clientlist->getClients();
1601 
1602  if (count($list) == 0) {
1603  header("Location: ./setup/setup.php");
1604  exit();
1605  }
1606 
1607  $hasPublicSection = false;
1608  foreach ($list as $key => $client) {
1609  $client->setDSN();
1610  if ($client->checkDatabaseExists(true)) {
1611  $client->connect();
1612  if ($client->ini->readVariable("client", "access") and $client->getSetting("setup_ok")) {
1613  $this->ctrl->setParameter($this, "client_id", $key);
1614  $tmp = array();
1615  $tmp[] = $client->getName();
1616  $tmp[] = "<a href=\"" . "login.php?cmd=force_login&client_id=" . urlencode($key) . "\">" . $lng->txt("clientlist_login_page") . "</a>";
1617 
1618  if ($client->getSetting('pub_section')) {
1619  $hasPublicSection = true;
1620  $tmp[] = "<a href=\"" . "ilias.php?baseClass=ilRepositoryGUI&client_id=" . urlencode($key) . "\">" . $lng->txt("clientlist_start_page") . "</a>";
1621  } else {
1622  $tmp[] = '';
1623  }
1624 
1625  $data[] = $tmp;
1626  }
1627  }
1628  }
1629 
1630  // create table
1631  $tbl = new ilTableGUI();
1632 
1633  // title & header columns
1634  if ($hasPublicSection) {
1635  $tbl->setTitle($lng->txt("clientlist_available_clients"));
1636  $tbl->setHeaderNames(array($lng->txt("clientlist_installation_name"), $lng->txt("clientlist_login"), $lng->txt("clientlist_public_access")));
1637  $tbl->setHeaderVars(array("name","index","login"));
1638  $tbl->setColumnWidth(array("50%","25%","25%"));
1639  } else {
1640  $tbl->setTitle($lng->txt("clientlist_available_clients"));
1641  $tbl->setHeaderNames(array($lng->txt("clientlist_installation_name"), $lng->txt("clientlist_login"), ''));
1642  $tbl->setHeaderVars(array("name","login",''));
1643  $tbl->setColumnWidth(array("70%","25%",'1px'));
1644  }
1645 
1646  // control
1647  $tbl->setOrderColumn($_GET["sort_by"], "name");
1648  $tbl->setOrderDirection($_GET["sort_order"]);
1649  $tbl->setLimit($_GET["limit"]);
1650  $tbl->setOffset($_GET["offset"]);
1651 
1652  // content
1653  $tbl->setData($data);
1654 
1655  $tbl->disable("icon");
1656  $tbl->disable("numinfo");
1657  $tbl->disable("sort");
1658  $tbl->disable("footer");
1659 
1660  // render table
1661  $tbl->render();
1662  $tpl->show("DEFAULT", true, true);
1663  }
1664 
1670  public function showNoCookiesScreen()
1671  {
1672  global $tpl;
1673 
1674  $str = "<p style=\"margin:15px;\">
1675  You need to enable Session Cookies in your Browser to use ILIAS.
1676  <br/>
1677  <br/><b>Firefox</b>
1678  <br/>Tools -> Options -> Privacy -> Cookies
1679  <br/>Enable 'Allow sites to set cookies' and activate option 'Keep
1680  <br/>cookies' auf 'until I close Firefox'
1681  <br/>
1682  <br/><b>Mozilla/Netscape</b>
1683  <br/>Edit -> Preferences -> Privacy&Security -> Cookies
1684  <br/>Go to 'Cookie Lifetime Policy' and check option 'Accept for current
1685  <br/>session only'.
1686  <br/>
1687  <br/><b>Internet Explorer</b>
1688  <br/>Tools -> Internet Options -> Privacy -> Advanced
1689  <br/>- Check 'Override automatic cookie handling'
1690  <br/>- Check 'Always allow session cookies'
1691  </p>";
1692  $tpl->setVariable("CONTENT", $str);
1693  $tpl->show();
1694  }
1695 
1699  protected function getAcceptance()
1700  {
1701  $this->showTermsOfService();
1702  }
1703 
1707  protected function showTermsOfService()
1708  {
1709  $back_to_login = ('getAcceptance' != $this->ctrl->getCmd());
1710 
1711  if (!$this->user->getId()) {
1712  $this->user->setId(ANONYMOUS_USER_ID);
1713  }
1714 
1715  self::initStartUpTemplate('tpl.view_terms_of_service.html', $back_to_login, !$back_to_login);
1716  $this->mainTemplate->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('usr_agreement'));
1717 
1718  $handleDocument = \ilTermsOfServiceHelper::isEnabled() && $this->termsOfServiceEvaluation->hasDocument();
1719  if ($handleDocument) {
1720  $document = $this->termsOfServiceEvaluation->document();
1721  if ('getAcceptance' == $this->ctrl->getCmd()) {
1722  if (isset($_POST['status']) && 'accepted' == $_POST['status']) {
1723  $helper = new \ilTermsOfServiceHelper();
1724 
1725  $helper->trackAcceptance($this->user, $document);
1726 
1727  if (ilSession::get('orig_request_target')) {
1728  $target = ilSession::get('orig_request_target');
1729  ilSession::set('orig_request_target', '');
1730  ilUtil::redirect($target);
1731  } else {
1732  ilUtil::redirect('index.php?target=' . $_GET['target'] . '&client_id=' . CLIENT_ID);
1733  }
1734  }
1735 
1736  $this->mainTemplate->setVariable('FORM_ACTION', $this->ctrl->getFormAction($this, $this->ctrl->getCmd()));
1737  $this->mainTemplate->setVariable('ACCEPT_CHECKBOX', ilUtil::formCheckbox(0, 'status', 'accepted'));
1738  $this->mainTemplate->setVariable('ACCEPT_TERMS_OF_SERVICE', $this->lng->txt('accept_usr_agreement'));
1739  $this->mainTemplate->setVariable('TXT_SUBMIT', $this->lng->txt('submit'));
1740  }
1741 
1742  $this->mainTemplate->setPermanentLink('usr', null, 'agreement');
1743  $this->mainTemplate->setVariable('TERMS_OF_SERVICE_CONTENT', $document->content());
1744  } else {
1745  $this->mainTemplate->setVariable(
1746  'TERMS_OF_SERVICE_CONTENT',
1747  sprintf(
1748  $this->lng->txt('no_agreement_description'),
1749  'mailto:' . ilUtil::prepareFormOutput(ilSystemSupportContacts::getMailToAddress())
1750  )
1751  );
1752  }
1753 
1754  $this->mainTemplate->show();
1755  }
1756 
1760  protected function processIndexPHP()
1761  {
1762  global $ilIliasIniFile, $ilAuth, $ilSetting;
1763 
1764  // In case of an valid session, redirect to starting page
1765  if ($GLOBALS['DIC']['ilAuthSession']->isValid()) {
1766  include_once './Services/Init/classes/class.ilInitialisation.php';
1767  ilInitialisation::redirectToStartingPage();
1768  return;
1769  }
1770 
1771  // no valid session => show client list, if no client info is given
1772  if (
1773  !isset($_GET["client_id"]) &&
1774  ($_GET["cmd"] == "") &&
1775  $ilIliasIniFile->readVariable("clients", "list")) {
1776  return $this->showClientList();
1777  }
1778 
1779  if (ilPublicSectionSettings::getInstance()->isEnabledForDomain($_SERVER['SERVER_NAME'])) {
1780  return ilInitialisation::goToPublicSection();
1781  }
1782 
1783  // otherwise show login page
1784  return $this->showLoginPage();
1785  }
1786 
1787 
1788  public static function _checkGoto($a_target)
1789  {
1790  global $objDefinition, $ilPluginAdmin, $ilUser;
1791 
1792 
1793  if (is_object($ilPluginAdmin)) {
1794  // get user interface plugins
1795  $pl_names = $ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, "UIComponent", "uihk");
1796 
1797  // search
1798  foreach ($pl_names as $pl) {
1799  $ui_plugin = ilPluginAdmin::getPluginObject(IL_COMP_SERVICE, "UIComponent", "uihk", $pl);
1800  $gui_class = $ui_plugin->getUIClassInstance();
1801  $resp = $gui_class->checkGotoHook($a_target);
1802  if ($resp["target"] !== false) {
1803  $a_target = $resp["target"];
1804  break;
1805  }
1806  }
1807  }
1808 
1809  if ($a_target == "") {
1810  return false;
1811  }
1812 
1813  $t_arr = explode("_", $a_target);
1814  $type = $t_arr[0];
1815 
1816  if ($type == "git") {
1817  $type = "glo";
1818  }
1819 
1820  if ($type == "pg" | $type == "st") {
1821  $type = "lm";
1822  }
1823 
1824  $class = $objDefinition->getClassName($type);
1825  if ($class == "") {
1826  return false;
1827  }
1828 
1829  $location = $objDefinition->getLocation($type);
1830  $full_class = "ilObj" . $class . "Access";
1831  include_once($location . "/class." . $full_class . ".php");
1832 
1833  $ret = call_user_func(array($full_class, "_checkGoto"), $a_target);
1834 
1835  // if no access and repository object => check for parent course/group
1836  if (!$ret &&
1837  !stristr($a_target, "_wsp") &&
1838  $ilUser->getId() != ANONYMOUS_USER_ID && // #10637
1839  !$objDefinition->isAdministrationObject($type) &&
1840  $objDefinition->isRBACObject($type) &&
1841  $t_arr[1]) {
1842  global $tree, $rbacsystem, $ilAccess;
1843 
1844  // original type "pg" => pg_<page_id>[_<ref_id>]
1845  if ($t_arr[0] == "pg") {
1846  if (isset($t_arr[2])) {
1847  $ref_id = $t_arr[2];
1848  } else {
1849  $lm_id = ilLMObject::_lookupContObjID($t_arr[1]);
1850  $ref_id = ilObject::_getAllReferences($lm_id);
1851  if ($ref_id) {
1852  $ref_id = array_shift($ref_id);
1853  }
1854  }
1855  } else {
1856  $ref_id = $t_arr[1];
1857  }
1858 
1859  include_once "Services/Membership/classes/class.ilParticipants.php";
1860  $block_obj = array();
1861 
1862  // walk path to find parent container
1863  $path = $tree->getPathId($ref_id);
1864  array_pop($path);
1865  foreach ($path as $path_ref_id) {
1866  $redirect_infopage = false;
1867  $add_member_role = false;
1868 
1869  $ptype = ilObject::_lookupType($path_ref_id, true);
1870  $pobj_id = ilObject::_lookupObjId($path_ref_id);
1871 
1872  // core checks: timings/object-specific
1873  if (!$ilAccess->checkAccess(
1874  'read',
1875  '',
1876  $path_ref_id
1877  )) {
1878  // object in path is inaccessible - aborting
1879  return false;
1880  } elseif ($ptype == "crs") {
1881  // check if already participant
1882  include_once "Modules/Course/classes/class.ilCourseParticipant.php";
1883  $participants = new ilCourseParticipant($pobj_id, $ilUser->getId());
1884  if (!$participants->isAssigned()) {
1885  // subscription currently possible?
1886  include_once "Modules/Course/classes/class.ilObjCourse.php";
1887  if (ilObjCourse::_isActivated($pobj_id) &&
1888  ilObjCourse::_registrationEnabled($pobj_id)) {
1889  $block_obj[] = $path_ref_id;
1890  $add_member_role = true;
1891  } else {
1892  $redirect_infopage = true;
1893  }
1894  }
1895  } elseif ($ptype == "grp") {
1896  // check if already participant
1897  include_once "Modules/Group/classes/class.ilGroupParticipants.php";
1898  if (!ilGroupParticipants::_isParticipant($path_ref_id, $ilUser->getId())) {
1899  // subscription currently possible?
1900  include_once "Modules/Group/classes/class.ilObjGroup.php";
1901  $group_obj = new ilObjGroup($path_ref_id);
1902  if ($group_obj->isRegistrationEnabled()) {
1903  $block_obj[] = $path_ref_id;
1904  $add_member_role = true;
1905  } else {
1906  $redirect_infopage = true;
1907  }
1908  }
1909  }
1910 
1911  // add members roles for all "blocking" objects
1912  if ($add_member_role) {
1913  // cannot join? goto will never work, so redirect to current object
1914  $rbacsystem->resetPACache($ilUser->getId(), $path_ref_id);
1915  if (!$rbacsystem->checkAccess("join", $path_ref_id)) {
1916  $redirect_infopage = true;
1917  } else {
1918  $rbacsystem->addTemporaryRole(
1919  $ilUser->getId(),
1920  ilParticipants::getDefaultMemberRole($path_ref_id)
1921  );
1922  }
1923  }
1924 
1925  // redirect to infopage of 1st blocking object in path
1926  if ($redirect_infopage) {
1927  if ($rbacsystem->checkAccess("visible", $path_ref_id)) {
1928  ilUtil::redirect("ilias.php?baseClass=ilRepositoryGUI" .
1929  "&ref_id=" . $path_ref_id . "&cmd=infoScreen");
1930  } else {
1931  return false;
1932  }
1933  }
1934  }
1935 
1936 
1937  // check if access will be possible with all (possible) member roles added
1938  $rbacsystem->resetPACache($ilUser->getId(), $ref_id);
1939  if ($rbacsystem->checkAccess("read", $ref_id) && sizeof($block_obj)) { // #12128
1940  // this won't work with lm-pages (see above)
1941  // include_once "Services/Link/classes/class.ilLink.php";
1942  // $_SESSION["pending_goto"] = ilLink::_getStaticLink($ref_id, $type);
1943 
1944  // keep original target
1945  $_SESSION["pending_goto"] = "goto.php?target=" . $a_target;
1946 
1947  // redirect to 1st non-member object in path
1948  ilUtil::redirect("ilias.php?baseClass=ilRepositoryGUI" .
1949  "&ref_id=" . array_shift($block_obj));
1950  }
1951  }
1952 
1953  return $ret;
1954  }
1955 
1956  public function confirmRegistration()
1957  {
1958  ilUtil::setCookie('iltest', 'cookie', false);
1959 
1960  if (!isset($_GET['rh']) || !strlen(trim($_GET['rh']))) {
1961  $this->ctrl->redirectToURL('./login.php?cmd=force_login&reg_confirmation_msg=reg_confirmation_hash_not_passed');
1962  }
1963 
1964  try {
1965  $oRegSettings = new ilRegistrationSettings();
1966 
1967  $usr_id = ilObjUser::_verifyRegistrationHash(trim($_GET['rh']));
1969  $user = ilObjectFactory::getInstanceByObjId($usr_id);
1970  $user->setActive(true);
1971  $password = '';
1972  if ($oRegSettings->passwordGenerationEnabled()) {
1973  $passwords = ilUtil::generatePasswords(1);
1974  $password = $passwords[0];
1975  $user->setPasswd($password, IL_PASSWD_PLAIN);
1976  $user->setLastPasswordChangeTS(time());
1977  }
1978  $user->update();
1979 
1980  $target = $user->getPref('reg_target');
1981  if (strlen($target) > 0) {
1982  // Used for ilAccountMail in ilAccountRegistrationMail, which relies on this super global ...
1983  $_GET['target'] = $target;
1984  }
1985 
1986  $accountMail = new ilAccountRegistrationMail(
1987  $oRegSettings,
1988  $this->lng,
1989  ilLoggerFactory::getLogger('user')
1990  );
1991  $accountMail->withEmailConfirmationRegistrationMode()->send($user, $password);
1992 
1993  $this->ctrl->redirectToURL(sprintf(
1994  './login.php?cmd=force_login&reg_confirmation_msg=reg_account_confirmation_successful&lang=%s',
1995  $user->getLanguage()
1996  ));
1997  } catch (ilRegConfirmationLinkExpiredException $exception) {
1998  $soap_client = new ilSoapClient();
1999  $soap_client->setResponseTimeout(1);
2000  $soap_client->enableWSDL(true);
2001  $soap_client->init();
2002 
2003  $this->logger->info('Triggered soap call (background process) for deletion of inactive user objects with expired confirmation hash values (dual opt in) ...');
2004 
2005  $soap_client->call(
2006  'deleteExpiredDualOptInUserObjects',
2007  [
2008  $_COOKIE[session_name()] . '::' . $_COOKIE['ilClientId'],
2009  $exception->getCode() // user id
2010  ]
2011  );
2012 
2013  $this->ctrl->redirectToURL(sprintf(
2014  './login.php?cmd=force_login&reg_confirmation_msg=%s',
2015  $exception->getMessage()
2016  ));
2017  } catch (ilRegistrationHashNotFoundException $exception) {
2018  $this->ctrl->redirectToURL(sprintf(
2019  './login.php?cmd=force_login&reg_confirmation_msg=%s',
2020  $exception->getMessage()
2021  ));
2022  }
2023  }
2024 
2031  public static function initStartUpTemplate($a_tmpl, $a_show_back = false, $a_show_logout = false)
2032  {
2040  global $tpl, $lng, $ilCtrl, $ilSetting, $ilAccess;
2041 
2042  // #13574 - basic.js is included with ilTemplate, so jQuery is needed, too
2043  include_once("./Services/jQuery/classes/class.iljQueryUtil.php");
2044  iljQueryUtil::initjQuery();
2045 
2046  // framework is needed for language selection
2047  include_once("./Services/UICore/classes/class.ilUIFramework.php");
2048  ilUIFramework::init();
2049 
2050  $tpl->addBlockfile('CONTENT', 'content', 'tpl.startup_screen.html', 'Services/Init');
2051  $tpl->setVariable('HEADER_ICON', ilUtil::getImagePath('HeaderIcon.svg'));
2052  $tpl->setVariable("HEADER_ICON_RESPONSIVE", ilUtil::getImagePath("HeaderIconResponsive.svg"));
2053  $tpl->setVariable("LOGO_TITLE", $lng->txt("logo"));
2054 
2055  if ($a_show_back) {
2056  // #13400
2057  $param = 'client_id=' . $_COOKIE['ilClientId'] . '&lang=' . $lng->getLangKey();
2058 
2059  $tpl->setCurrentBlock('link_item_bl');
2060  $tpl->setVariable('LINK_TXT', $lng->txt('login_to_ilias'));
2061  $tpl->setVariable('LINK_URL', 'login.php?cmd=force_login&' . $param);
2062  $tpl->parseCurrentBlock();
2063 
2064  include_once './Services/Init/classes/class.ilPublicSectionSettings.php';
2065  if (ilPublicSectionSettings::getInstance()->isEnabledForDomain($_SERVER['SERVER_NAME']) &&
2066  $ilAccess->checkAccessOfUser(ANONYMOUS_USER_ID, 'read', '', ROOT_FOLDER_ID)) {
2067  $tpl->setVariable('LINK_URL', 'index.php?' . $param);
2068  $tpl->setVariable('LINK_TXT', $lng->txt('home'));
2069  $tpl->parseCurrentBlock();
2070  }
2071  } elseif ($a_show_logout) {
2072  $tpl->setCurrentBlock('link_item_bl');
2073  $tpl->setVariable('LINK_TXT', $lng->txt('logout'));
2074  $tpl->setVariable('LINK_URL', ILIAS_HTTP_PATH . '/logout.php');
2075  $tpl->parseCurrentBlock();
2076  }
2077 
2078  if (is_array($a_tmpl)) {
2079  $template_file = $a_tmpl[0];
2080  $template_dir = $a_tmpl[1];
2081  } else {
2082  $template_file = $a_tmpl;
2083  $template_dir = 'Services/Init';
2084  }
2085 
2086  //Header Title
2087  include_once("./Modules/SystemFolder/classes/class.ilObjSystemFolder.php");
2088  $header_top_title = ilObjSystemFolder::_getHeaderTitle();
2089  if (trim($header_top_title) != "" && $tpl->blockExists("header_top_title")) {
2090  $tpl->setCurrentBlock("header_top_title");
2091  $tpl->setVariable("TXT_HEADER_TITLE", $header_top_title);
2092  $tpl->parseCurrentBlock();
2093  }
2094 
2095  // language selection
2096  $selection = self::getLanguageSelection();
2097  if ($selection) {
2098  $tpl->setCurrentBlock("lang_select");
2099  $tpl->setVariable("TXT_LANGSELECT", $lng->txt("language"));
2100  $tpl->setVariable("LANG_SELECT", $selection);
2101  $tpl->parseCurrentBlock();
2102  }
2103 
2104  $tpl->addBlockFile('STARTUP_CONTENT', 'startup_content', $template_file, $template_dir);
2105  }
2106 
2111  protected static function getLanguageSelection()
2112  {
2113  include_once("./Services/MainMenu/classes/class.ilMainMenuGUI.php");
2114  return ilMainMenuGUI::getLanguageSelection(true);
2115  }
2116 
2121  protected function showSamlLoginForm($page_editor_html)
2122  {
2123  require_once 'Services/Saml/classes/class.ilSamlIdp.php';
2124  require_once 'Services/Saml/classes/class.ilSamlSettings.php';
2125 
2126  if (count(ilSamlIdp::getActiveIdpList()) > 0 && ilSamlSettings::getInstance()->isDisplayedOnLoginPage()) {
2127  $tpl = new ilTemplate('tpl.login_form_saml.html', true, true, 'Services/Saml');
2128 
2129  $return = '';
2130  if (isset($_GET['target'])) {
2131  $return = '?returnTo=' . urlencode(ilUtil::stripSlashes($_GET['target']));
2132  }
2133 
2134  $tpl->setVariable('SAML_SCRIPT_URL', './saml.php' . $return);
2135  $tpl->setVariable('TXT_LOGIN', $GLOBALS['DIC']->language()->txt('saml_log_in'));
2136  $tpl->setVariable('LOGIN_TO_ILIAS_VIA_SAML', $GLOBALS['DIC']->language()->txt('login_to_ilias_via_saml'));
2137  $tpl->setVariable('TXT_SAML_LOGIN_TXT', $GLOBALS['DIC']->language()->txt('saml_login_form_txt'));
2138  $tpl->setVariable('TXT_SAML_LOGIN_INFO_TXT', $GLOBALS['DIC']->language()->txt('saml_login_form_info_txt'));
2139 
2140  return $this->substituteLoginPageElements(
2141  $GLOBALS['tpl'],
2142  $page_editor_html,
2143  $tpl->get(),
2144  '[list-saml-login-form]',
2145  'SAML_LOGIN_FORM'
2146  );
2147  }
2148 
2149  return $page_editor_html;
2150  }
2151 
2156  protected function showOpenIdConnectLoginForm($page_editor_html)
2157  {
2158  global $DIC;
2159 
2160  $lang = $DIC->language();
2161 
2162  $oidc_settings = ilOpenIdConnectSettings::getInstance();
2163  if ($oidc_settings->getActive()) {
2164  $tpl = new ilTemplate('tpl.login_element.html', true, true, 'Services/OpenIdConnect');
2165 
2166  $lang->loadLanguageModule('auth');
2167  $tpl->setVariable('TXT_OIDCONNECT_HEADER', $lang->txt('auth_oidc_login_element_info'));
2168 
2169  $target = empty($_GET['target']) ? '' : ('?target=' . (string) $_GET['target']);
2170  switch ($oidc_settings->getLoginElementType()) {
2171  case ilOpenIdConnectSettings::LOGIN_ELEMENT_TYPE_TXT:
2172 
2173 
2174  $tpl->setVariable('SCRIPT_OIDCONNECT_T', ILIAS_HTTP_PATH . '/openidconnect.php' . $target);
2175  $tpl->setVariable('TXT_OIDC', $oidc_settings->getLoginElemenText());
2176  break;
2177 
2178  case ilOpenIdConnectSettings::LOGIN_ELEMENT_TYPE_IMG:
2179  $tpl->setVariable('SCRIPT_OIDCONNECT_I', ILIAS_HTTP_PATH . '/openidconnect.php' . $target);
2180  $tpl->setVariable('IMG_SOURCE', $oidc_settings->getImageFilePath());
2181  break;
2182  }
2183 
2184  return $this->substituteLoginPageElements(
2185  $DIC->ui()->mainTemplate(),
2186  $page_editor_html,
2187  $tpl->get(),
2188  '[list-openid-connect-login]',
2189  'OPEN_ID_CONNECT_LOGIN_FORM'
2190  );
2191  }
2192 
2193  return $page_editor_html;
2194  }
2195 
2199  protected function doOpenIdConnectAuthentication()
2200  {
2201  global $DIC;
2202 
2203  $this->getLogger()->debug('Trying openid connect authentication');
2204 
2205  $credentials = new ilAuthFrontendCredentialsOpenIdConnect();
2206  $credentials->initFromRequest();
2207 
2208  $provider_factory = new ilAuthProviderFactory();
2209  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_OPENID_CONNECT);
2210 
2211  $status = ilAuthStatus::getInstance();
2212 
2213  $frontend_factory = new ilAuthFrontendFactory();
2214  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
2215  $frontend = $frontend_factory->getFrontend(
2216  $GLOBALS['DIC']['ilAuthSession'],
2217  $status,
2218  $credentials,
2219  array($provider)
2220  );
2221 
2222  $frontend->authenticate();
2223 
2224  switch ($status->getStatus()) {
2225  case ilAuthStatus::STATUS_AUTHENTICATED:
2226  ilLoggerFactory::getLogger('auth')->debug('Authentication successful; Redirecting to starting page.');
2227  include_once './Services/Init/classes/class.ilInitialisation.php';
2228  ilInitialisation::redirectToStartingPage();
2229  return;
2230 
2231  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
2232  ilUtil::sendFailure($status->getTranslatedReason(), true);
2233  $GLOBALS['ilCtrl']->redirect($this, 'showLoginPage');
2234  return false;
2235  }
2236 
2237  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
2238  $this->showLoginPage();
2239  return false;
2240  }
2241 
2242 
2246  protected function doSamlAuthentication()
2247  {
2248  global $DIC;
2249 
2250  $this->getLogger()->debug('Trying saml authentication');
2251 
2252  $request = $DIC->http()->request();
2253  $params = $request->getQueryParams();
2254 
2255  require_once 'Services/Saml/classes/class.ilSamlAuthFactory.php';
2256  $factory = new ilSamlAuthFactory();
2257  $auth = $factory->auth();
2258 
2259  if (isset($params['action']) && $params['action'] == 'logout') {
2260  $auth->logout(isset($params['logout_url']) ? $params['logout_url'] : '');
2261  }
2262 
2263  if (isset($params['target']) && !isset($params['returnTo'])) {
2264  $params['returnTo'] = $params['target'];
2265  }
2266  if (isset($params['returnTo'])) {
2267  $auth->storeParam('target', $params['returnTo']);
2268  }
2269 
2270  ilLoggerFactory::getLogger('auth')->debug('Started SAML authentication request');
2271 
2272  if (!$auth->isAuthenticated()) {
2273  ilLoggerFactory::getLogger('auth')->debug('User is not authenticated, yet');
2274  if (!isset($_GET['idpentityid']) || !isset($_GET['saml_idp_id'])) {
2275  $activeIdps = ilSamlIdp::getActiveIdpList();
2276  if (1 == count($activeIdps)) {
2277  $idp = current($activeIdps);
2278  $_GET['idpentityid'] = $idp->getEntityId();
2279  $_GET['saml_idp_id'] = $idp->getIdpId();
2280 
2281  ilLoggerFactory::getLogger('auth')->debug(sprintf(
2282  'Found exactly one active IDP with id %s: %s',
2283  $idp->getIdpId(),
2284  $idp->getEntityId()
2285  ));
2286  } elseif (0 == count($activeIdps)) {
2287  ilLoggerFactory::getLogger('auth')->debug('Did not find any active IDP, skipp authentication process');
2288  $GLOBALS['DIC']->ctrl()->redirect($this, 'showLoginPage');
2289  } else {
2290  ilLoggerFactory::getLogger('auth')->debug('Found multiple active IPDs, presenting IDP selection...');
2291  $this->showSamlIdpSelection($auth, $activeIdps);
2292  return;
2293  }
2294  }
2295 
2296  $auth->storeParam('idpId', (int) $_GET['saml_idp_id']);
2297  ilLoggerFactory::getLogger('auth')->debug(sprintf(
2298  'Stored relevant IDP id in session: %s',
2299  (string) $auth->getParam('idpId')
2300  ));
2301  }
2302 
2303  // re-init
2304  $auth = $factory->auth();
2305 
2306  ilLoggerFactory::getLogger('auth')->debug('Checking SAML authentication status...');
2307 
2308  $auth->protectResource();
2309 
2310  ilLoggerFactory::getLogger('auth')->debug(
2311  'SAML authentication successful, continuing with ILIAS internal authentication process...'
2312  );
2313 
2314  $idpId = (int) $auth->getParam('idpId');
2315 
2316  ilLoggerFactory::getLogger('auth')->debug(sprintf(
2317  'Internal SAML IDP id fetched from session: %s',
2318  (string) $idpId
2319  ));
2320 
2321  if ($idpId < 1) {
2322  ilLoggerFactory::getLogger('auth')->debug(
2323  'No valid internal IDP id found (most probably due to IDP initiated SSO), trying fallback determination...'
2324  );
2325  $authData = $auth->getAuthDataArray();
2326  if (isset($authData['saml:sp:IdP'])) {
2327  $idpId = ilSamlIdp::geIdpIdByEntityId($authData['saml:sp:IdP']);
2328  ilLoggerFactory::getLogger('auth')->debug(sprintf(
2329  'Searching active ILIAS IDP by entity id "%s" results in: %s',
2330  $authData['saml:sp:IdP'],
2331  (string) $idpId
2332  ));
2333  } else {
2334  ilLoggerFactory::getLogger('auth')->debug(
2335  'Could not execute fallback determination, no IDP entity ID found SAML authentication session data'
2336  );
2337  }
2338  }
2339  $_GET['target'] = $auth->popParam('target');
2340 
2341  $_POST['auth_mode'] = AUTH_SAML . '_' . $idpId;
2342 
2343  require_once 'Services/Saml/classes/class.ilAuthFrontendCredentialsSaml.php';
2344  $credentials = new ilAuthFrontendCredentialsSaml($auth);
2345  $credentials->initFromRequest();
2346 
2347  require_once 'Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
2348  $provider_factory = new ilAuthProviderFactory();
2349  $provider = $provider_factory->getProviderByAuthMode($credentials, ilUtil::stripSlashes($_POST['auth_mode']));
2350 
2351  require_once 'Services/Authentication/classes/class.ilAuthStatus.php';
2352  $status = ilAuthStatus::getInstance();
2353 
2354  require_once 'Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
2355  $frontend_factory = new ilAuthFrontendFactory();
2356  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
2357  $frontend = $frontend_factory->getFrontend(
2358  $GLOBALS['DIC']['ilAuthSession'],
2359  $status,
2360  $credentials,
2361  array($provider)
2362  );
2363 
2364  $frontend->authenticate();
2365 
2366  switch ($status->getStatus()) {
2367  case ilAuthStatus::STATUS_AUTHENTICATED:
2368  ilLoggerFactory::getLogger('auth')->debug('Authentication successful; Redirecting to starting page.');
2369  require_once 'Services/Init/classes/class.ilInitialisation.php';
2370  return ilInitialisation::redirectToStartingPage();
2371 
2372  case ilAuthStatus::STATUS_ACCOUNT_MIGRATION_REQUIRED:
2373  return $GLOBALS['DIC']->ctrl()->redirect($this, 'showAccountMigration');
2374 
2375  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
2376  ilUtil::sendFailure($status->getTranslatedReason(), true);
2377  $GLOBALS['DIC']->ctrl()->redirect($this, 'showLoginPage');
2378  return false;
2379  }
2380 
2381  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
2382  $this->showLoginPage();
2383 
2384  return false;
2385  }
2386 
2391  protected function showSamlIdpSelection(\ilSamlAuth $auth, array $idps)
2392  {
2393  global $DIC;
2394 
2395  self::initStartUpTemplate(array('tpl.saml_idp_selection.html', 'Services/Saml'));
2396 
2397  $mainTpl = $DIC->ui()->mainTemplate();
2398  $factory = $DIC->ui()->factory();
2399  $renderer = $DIC->ui()->renderer();
2400 
2401  $DIC->ctrl()->setTargetScript('saml.php');
2402 
2403  $items = [];
2404 
2405  require_once 'Services/Saml/classes/class.ilSamlIdpSelectionTableGUI.php';
2406  $table = new ilSamlIdpSelectionTableGUI($this, 'doSamlAuthentication');
2407 
2408  foreach ($idps as $idp) {
2409  $DIC->ctrl()->setParameter($this, 'saml_idp_id', $idp->getIdpId());
2410  $DIC->ctrl()->setParameter($this, 'idpentityid', urlencode($idp->getEntityId()));
2411 
2412  $items[] = [
2413  'idp_link' => $renderer->render($factory->link()->standard($idp->getEntityId(), $DIC->ctrl()->getLinkTarget($this, 'doSamlAuthentication')))
2414  ];
2415  }
2416 
2417  $table->setData($items);
2418  $mainTpl->setVariable('CONTENT', $table->getHtml());
2419 
2420  $mainTpl->fillWindowTitle();
2421  $mainTpl->fillCssFiles();
2422  $mainTpl->fillJavaScriptFiles();
2423  $mainTpl->show('DEFAULT', false);
2424  }
2425 }
ilStartUpGUI\showLogout
showLogout()
show logout screen
Definition: class.ilStartUpGUI.php:1497
ilObjUser\_lookupLogin
static _lookupLogin($a_user_id)
lookup login
Definition: class.ilObjUser.php:811
ilStartUpGUI\showOpenIdConnectLoginForm
showOpenIdConnectLoginForm($page_editor_html)
Definition: class.ilStartUpGUI.php:2156
ilAccountCode\applyRoleAssignments
static applyRoleAssignments(ilObjUser $user, $code)
Definition: class.ilAccountCode.php:224
ilStartUpGUI\_checkGoto
static _checkGoto($a_target)
Definition: class.ilStartUpGUI.php:1788
ilSamlIdp\geIdpIdByEntityId
static geIdpIdByEntityId($entityId)
Definition: class.ilSamlIdp.php:257
ilUtil\prepareFormOutput
static prepareFormOutput($a_str, $a_strip=false)
prepares string output for html forms public
Definition: class.ilUtil.php:2820
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
AUTH_MODE_INACTIVE
const AUTH_MODE_INACTIVE
Definition: class.ilAuthUtils.php:42
ilStartUpGUI\ACCOUNT_MIGRATION_MIGRATE
const ACCOUNT_MIGRATION_MIGRATE
Definition: class.ilStartUpGUI.php:17
AUTH_USER_INACTIVE
const AUTH_USER_INACTIVE
Definition: class.ilAuthUtils.php:51
$path
$path
Definition: aliased.php:25
$_COOKIE
$_COOKIE['client_id']
Definition: server.php:9
$failure
$failure
Definition: UtfNormalTest.php:79
$list
if(isset($_REQUEST['delete'])) $list
Definition: registry.php:41
IL_PASSWD_PLAIN
const IL_PASSWD_PLAIN
Definition: class.ilObjUser.php:4
ilLoginPageGUI
Login page GUI class.
Definition: class.ilLoginPageGUI.php:19
ilStartUpGUI\initCodeForm
initCodeForm($a_username)
Definition: class.ilStartUpGUI.php:503
ilSession\SESSION_CLOSE_CAPTCHA
const SESSION_CLOSE_CAPTCHA
Definition: class.ilSession.php:51
ilStartUpGUI\showLoginForm
showLoginForm($page_editor_html, ilPropertyFormGUI $form=null)
Show login form ilSetting $ilSetting.
Definition: class.ilStartUpGUI.php:959
ilGroupParticipants\_isParticipant
static _isParticipant($a_ref_id, $a_usr_id)
Static function to check if a user is a participant of the container object.
Definition: class.ilGroupParticipants.php:144
Psr\Http\Message\ServerRequestInterface
Representation of an incoming, server-side HTTP request.
Definition: ServerRequestInterface.php:43
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
ilAccountCode\applyAccessLimits
static applyAccessLimits(ilObjUser $user, $code)
Definition: class.ilAccountCode.php:253
ilStartUpGUI\showCodeForm
showCodeForm($a_username=null, $a_form=null)
Definition: class.ilStartUpGUI.php:487
AUTH_USER_WRONG_IP
const AUTH_USER_WRONG_IP
Definition: class.ilAuthUtils.php:50
ilStartUpGUI\getLoginPageEditorHTML
getLoginPageEditorHTML()
Get HTML of ILIAS login page editor.
Definition: class.ilStartUpGUI.php:1125
ilDBConnections
Administrates DB connections in setup.
Definition: class.ilDBConnections.php:29
ilStartUpGUI\doLTIAuthentication
doLTIAuthentication()
Handle lti requests.
Definition: class.ilStartUpGUI.php:782
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilAuthUtils\_hasMultipleAuthenticationMethods
static _hasMultipleAuthenticationMethods()
Definition: class.ilAuthUtils.php:462
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
$type
$type
Definition: proxy_ylocal.php:10
ilAccountRegistrationGUI
Class ilAccountRegistrationGUI.
Definition: class.ilAccountRegistrationGUI.php:22
ilCaptchaInputGUI
This class represents a captcha input in a property form.
Definition: class.ilCaptchaInputGUI.php:13
$DIC
global $DIC
Definition: saml.php:7
ilUtil\getStyleSheetLocation
static getStyleSheetLocation($mode="output", $a_css_name="", $a_css_location="")
get full style sheet file name (path inclusive) of current user
Definition: class.ilUtil.php:174
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$tbl
$tbl
Definition: example_048.php:81
ilSession\SESSION_CLOSE_INACTIVE
const SESSION_CLOSE_INACTIVE
Definition: class.ilSession.php:50
$tpl
$tpl
Definition: ilias.php:10
$location
$location
Definition: buildRTE.php:44
ilObjCourse\_registrationEnabled
static _registrationEnabled($a_obj_id)
Registration enabled? Method is in Access class, since it is needed by Access/ListGUI.
Definition: class.ilObjCourse.php:767
AUTH_SAML_FAILED
const AUTH_SAML_FAILED
Definition: class.ilAuthUtils.php:40
ilRegConfirmationLinkExpiredException
Class for user related exception handling in ILIAS.
Definition: class.ilRegConfirmationLinkExpiredException.php:33
ilAuthStatus\STATUS_AUTHENTICATION_FAILED
const STATUS_AUTHENTICATION_FAILED
Definition: class.ilAuthStatus.php:19
$code
$code
Definition: example_050.php:99
ilStartUpGUI\showShibbolethLoginForm
showShibbolethLoginForm($page_editor_html)
Show shibboleth login form.
Definition: class.ilStartUpGUI.php:1045
ilStartUpGUI\__construct
__construct(\ilObjUser $user=null, \ilTermsOfServiceDocumentEvaluation $termsOfServiceEvaluation=null, \ilTemplate $mainTemplate=null, ServerRequestInterface $httpRequest=null)
ilStartUpGUI constructor.
Definition: class.ilStartUpGUI.php:44
AUTH_OPENID_CONNECT
const AUTH_OPENID_CONNECT
Definition: class.ilAuthUtils.php:22
AUTH_CAPTCHA_INVALID
const AUTH_CAPTCHA_INVALID
Definition: class.ilAuthUtils.php:54
ilAuthFrontendFactory
Factory for auth frontend classes.
Definition: class.ilAuthFrontendFactory.php:11
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
$factory
$factory
Definition: metadata.php:43
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
ilSession\get
static get($a_var)
Get a value.
Definition: class.ilSession.php:441
AUTH_RADIUS_NO_ILIAS_USER
const AUTH_RADIUS_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:34
ilAccountCode\useCode
static useCode($code)
Definition: class.ilAccountCode.php:188
ilSession\SESSION_CLOSE_TIME
const SESSION_CLOSE_TIME
Definition: class.ilSession.php:47
ilSession\set
static set($a_var, $a_val)
Set a value.
Definition: class.ilSession.php:430
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:827
ilInitialisation\goToPublicSection
static goToPublicSection()
go to public section
Definition: class.ilInitialisation.php:782
ilStartUpGUI\migrateAccount
migrateAccount()
Migrate Account.
Definition: class.ilStartUpGUI.php:1356
AUTH_CAS_NO_ILIAS_USER
const AUTH_CAS_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:47
ilUtil\generatePasswords
static generatePasswords($a_number)
Generate a number of passwords.
Definition: class.ilUtil.php:3661
ilLMObject\_lookupContObjID
static _lookupContObjID($a_id)
get learning module / digibook id for lm object
Definition: class.ilLMObject.php:796
ilUIFramework\init
static init($a_tpl=null)
Init.
Definition: class.ilUIFramework.php:42
ilParticipants\getDefaultMemberRole
static getDefaultMemberRole($a_ref_id)
Definition: class.ilParticipants.php:481
ilTableGUI
Class ilTableGUI.
Definition: class.ilTableGUI.php:18
ilStartUpGUI\processIndexPHP
processIndexPHP()
process index.php
Definition: class.ilStartUpGUI.php:1760
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:19
ilStartUpGUI\getAcceptance
getAcceptance()
Get terms of service.
Definition: class.ilStartUpGUI.php:1699
ilTermsOfServiceDocumentEvaluation
Interface ilTermsOfServiceDocumentEvaluation.
Definition: interface.ilTermsOfServiceDocumentEvaluation.php:8
AUTH_USER_TIME_LIMIT_EXCEEDED
const AUTH_USER_TIME_LIMIT_EXCEEDED
Definition: class.ilAuthUtils.php:52
$client
if($_SERVER['argc']< 4) $client
Definition: cron.php:12
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:20
ilStartUpGUI\executeCommand
executeCommand()
execute command
Definition: class.ilStartUpGUI.php:86
ShibWAYF
Class ShibbolethWAYF.
Definition: class.ilShibbolethWAYF.php:34
$auth
$auth
Definition: fileserver.php:48
user
user()
Definition: user.php:4
ilOpenIdConnectSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilOpenIdConnectSettings.php:146
ilObject\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject.php:965
ilStartUpGUI\doShibbolethAuthentication
doShibbolethAuthentication()
Trying shibboleth authentication.
Definition: class.ilStartUpGUI.php:687
ilObjUser\_verifyRegistrationHash
static _verifyRegistrationHash($a_hash)
Verifies a registration hash.
Definition: class.ilObjUser.php:5136
ilAuthFrontendCredentialsLTI
Auth credentials for lti oauth based authentication.
Definition: class.ilAuthFrontendCredentialsLTI.php:15
ilStartUpGUI\getLogger
getLogger()
Get logger.
Definition: class.ilStartUpGUI.php:114
ilStartUpGUI\initStandardLoginForm
initStandardLoginForm()
Initialize the standard.
Definition: class.ilStartUpGUI.php:619
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
ilClientList
client management
Definition: class.ilClientList.php:32
ilStartUpGUI\showLogin
showLogin()
Show login.
Definition: class.ilStartUpGUI.php:263
$authData
$authData
Definition: authenticate.php:40
ilStartUpGUI\showLoginPage
showLoginPage(ilPropertyFormGUI $form=null)
Definition: class.ilStartUpGUI.php:196
AUTH_APACHE_FAILED
const AUTH_APACHE_FAILED
Definition: class.ilAuthUtils.php:39
ilAuthFrontendCredentialsSaml
Class ilAuthFrontendCredentialsSaml.
Definition: class.ilAuthFrontendCredentialsSaml.php:10
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:32
ilStartUpGUI\substituteLoginPageElements
substituteLoginPageElements($tpl, $page_editor_html, $element_html, $placeholder, $fallback_tplvar)
Substitute login page elements.
Definition: class.ilStartUpGUI.php:1107
ilUtil\setCookie
static setCookie($a_cookie_name, $a_cookie_value='', $a_also_set_super_global=true, $a_set_cookie_invalid=false)
Definition: class.ilUtil.php:4631
ilUtil\appendUrlParameterString
static appendUrlParameterString($a_url, $a_par, $xml_style=false)
append URL parameter string ("par1=value1&par2=value2...") to given URL string
Definition: class.ilUtil.php:2135
ilStartUpGUI\showTermsOfService
showTermsOfService()
Show terms of service.
Definition: class.ilStartUpGUI.php:1707
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:36
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilRadioOption\setValue
setValue($a_value)
Set Value.
Definition: class.ilRadioOption.php:91
$success
$success
Definition: Utf8Test.php:86
ilAccountRegistrationMail
Class ilAccountRegistrationMail.
Definition: class.ilAccountRegistrationMail.php:8
ilSystemSupportContacts\getMailToAddress
static getMailToAddress()
Get mailto: email.
Definition: class.ilSystemSupportContacts.php:69
ilPasswordInputGUI\setUseStripSlashes
setUseStripSlashes($a_stat)
En/disable use of stripslashes.
Definition: class.ilPasswordInputGUI.php:238
$form
if(isset($_POST['submit'])) $form
Definition: registry.edit.php:63
ilPageUtil\_existsAndNotEmpty
static _existsAndNotEmpty($a_parent_type, $a_id, $a_lang="-")
checks whether page exists and is not empty (may return true on some empty pages) ...
Definition: class.ilPageUtil.php:15
ilStartUpGUI\doApacheAuthentication
doApacheAuthentication()
Try apache auth.
Definition: class.ilStartUpGUI.php:829
ilRadioOption\addSubItem
addSubItem($a_item)
Add Subitem.
Definition: class.ilRadioOption.php:121
AUTH_SOAP_NO_ILIAS_USER
const AUTH_SOAP_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:32
ilAuthUtils\_getMultipleAuthModeOptions
static _getMultipleAuthModeOptions($lng)
Definition: class.ilAuthUtils.php:498
ilSession\SESSION_CLOSE_USER
const SESSION_CLOSE_USER
Definition: class.ilSession.php:40
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:79
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1107
ilStartUpGUI
StartUp GUI class.
Definition: class.ilStartUpGUI.php:15
ilStartUpGUI\doCasAuthentication
doCasAuthentication()
Try CAS auth.
Definition: class.ilStartUpGUI.php:738
ilTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilTemplate.php:13
ilStartUpGUI\purgePlaceholders
purgePlaceholders($page_editor_html)
Purge page editor html from unused placeholders.
Definition: class.ilStartUpGUI.php:1271
ilStartUpGUI\doMigrationNewAccount
doMigrationNewAccount()
Create new account for migration.
Definition: class.ilStartUpGUI.php:1386
ilTextInputGUI\setSize
setSize($a_size)
Set Size.
Definition: class.ilTextInputGUI.php:139
ilMainMenuGUI\getLanguageSelection
static getLanguageSelection($a_in_topbar=false)
Definition: class.ilMainMenuGUI.php:221
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilStartUpGUI\showRegistrationLinks
showRegistrationLinks($page_editor_html)
Show registration, password forgotten, client slection links ilLanguage $lng ilSetting $ilSetting ...
Definition: class.ilStartUpGUI.php:1174
ilSamlAuth
Interface ilSamlAuth.
Definition: interface.ilSamlAuth.php:7
ilPasswordInputGUI
This class represents a password property in a property form.
Definition: class.ilPasswordInputGUI.php:11
$ilUser
$ilUser
Definition: imgupload.php:18
ilPluginAdmin\getPluginObject
static getPluginObject($a_ctype, $a_cname, $a_slot_id, $a_pname)
Get Plugin Object.
Definition: class.ilPluginAdmin.php:438
ilSamlIdpSelectionTableGUI
Class ilSamlIdpSelectionTableGUI.
Definition: class.ilSamlIdpSelectionTableGUI.php:9
ilStartUpGUI\showClientList
showClientList()
show client list
Definition: class.ilStartUpGUI.php:1568
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
ilStartUpGUI\showSamlIdpSelection
showSamlIdpSelection(\ilSamlAuth $auth, array $idps)
Definition: class.ilStartUpGUI.php:2391
ilObjStyleSheet\getSyntaxStylePath
static getSyntaxStylePath()
get syntax style path
Definition: class.ilObjStyleSheet.php:1851
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
ilObjStyleSheet\getContentStylePath
static getContentStylePath($a_style_id, $add_random=true)
get content style path
Definition: class.ilObjStyleSheet.php:1795
ilStartUpGUI\showSamlLoginForm
showSamlLoginForm($page_editor_html)
Definition: class.ilStartUpGUI.php:2121
ilStartUpGUI\doStandardAuthentication
doStandardAuthentication()
Check form input; authenticate user.
Definition: class.ilStartUpGUI.php:889
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:77
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1275
ilPasswordAssistanceGUI
Password assistance facility for users who have forgotten their password or for users for whom no pas...
Definition: class.ilPasswordAssistanceGUI.php:12
ilAccountCode\getCodeValidUntil
static getCodeValidUntil($code)
Definition: class.ilAccountCode.php:200
AUTH_USER_SIMULTANEOUS_LOGIN
const AUTH_USER_SIMULTANEOUS_LOGIN
Definition: class.ilAuthUtils.php:53
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4497
ilStartUpGUI\doMigration
doMigration()
Do migration of existing ILIAS database user account.
Definition: class.ilStartUpGUI.php:1428
AUTH_LDAP_NO_ILIAS_USER
const AUTH_LDAP_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:33
ilStartUpGUI\showNoCookiesScreen
showNoCookiesScreen()
show help screen, if cookies are disabled
Definition: class.ilStartUpGUI.php:1670
ilSession\SESSION_CLOSE_SIMUL
const SESSION_CLOSE_SIMUL
Definition: class.ilSession.php:49
ilStartUpGUI\getLanguageSelection
static getLanguageSelection()
language selection list
Definition: class.ilStartUpGUI.php:2111
exit
exit
Definition: backend.php:16
ilObjCourse\_isActivated
static _isActivated($a_obj_id)
Is activated.
Definition: class.ilObjCourse.php:755
ilAuthStatus\STATUS_CODE_ACTIVATION_REQUIRED
const STATUS_CODE_ACTIVATION_REQUIRED
Definition: class.ilAuthStatus.php:21
$password
$password
Definition: cron.php:14
$idp
$idp
Definition: prp.php:13
ilSession\setClosingContext
static setClosingContext($a_context)
set closing context (for statistics)
Definition: class.ilSession.php:462
ilAuthStatus\getInstance
static getInstance()
Get status instance.
Definition: class.ilAuthStatus.php:42
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilStartUpGUI\showLoginInformation
showLoginInformation($page_editor_html)
Show login information.
Definition: class.ilStartUpGUI.php:990
$ret
$ret
Definition: parser.php:6
ilLanguage\lookupId
static lookupId($a_lang_key)
Lookup obj_id of language ilDB $ilDB.
Definition: class.ilLanguage.php:399
$lang
for($i=1; $i<=count($kw_cases_sel); $i+=1) $lang
Definition: langwiz.php:349
ilStartUpGUI\showTermsOfServiceLink
showTermsOfServiceLink(string $page_editor_html)
Show terms of service link.
Definition: class.ilStartUpGUI.php:1237
iljQueryUtil\initjQuery
static initjQuery($a_tpl=null)
inits and adds the jQuery JS-File to the global or a passed template
Definition: class.iljQueryUtil.php:26
ilSamlAuthFactory
Class ilSamlAuthFactory.
Definition: class.ilSamlAuthFactory.php:7
ilObjGroup
Class ilObjGroup.
Definition: class.ilObjGroup.php:33
ilAccountCode\isUnusedCode
static isUnusedCode($code)
Definition: class.ilAccountCode.php:170
$ilIliasIniFile
$ilIliasIniFile
Definition: imagemanager.php:34
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
ilAuthLoginPageEditorSettings\getInstance
static getInstance()
Get singelton instance.
Definition: class.ilAuthLoginPageEditorSettings.php:36
$table
if(empty($password)) $table
Definition: pwgen.php:24
$client_id
$client_id
Definition: inc.client_tabs.php:19
ilRegistrationHashNotFoundException
Class for user related exception handling in ILIAS.
Definition: class.ilRegistrationHashNotFoundException.php:33
ilSamlIdp\getActiveIdpList
static getActiveIdpList()
Definition: class.ilSamlIdp.php:271
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3318
$target
$target
Definition: test.php:19
AUTH_PROVIDER_LTI
const AUTH_PROVIDER_LTI
Definition: class.ilAuthUtils.php:30
ilStartUpGUI\showCASLoginForm
showCASLoginForm($page_editor_html)
Show cas login ilSetting $ilSetting.
Definition: class.ilStartUpGUI.php:1014
ilStartUpGUI\doOpenIdConnectAuthentication
doOpenIdConnectAuthentication()
do open id connect authentication
Definition: class.ilStartUpGUI.php:2199
$key
$key
Definition: croninfo.php:18
ilAuthStatus\STATUS_ACCOUNT_MIGRATION_REQUIRED
const STATUS_ACCOUNT_MIGRATION_REQUIRED
Definition: class.ilAuthStatus.php:20
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:185
ilSession\SESSION_CLOSE_IP
const SESSION_CLOSE_IP
Definition: class.ilSession.php:48
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
ilUtil\formCheckbox
static formCheckbox($checked, $varname, $value, $disabled=false)
??? public
Definition: class.ilUtil.php:432
ilStartUpGUI\jumpToPasswordAssistance
jumpToPasswordAssistance()
jump to password assistance
Definition: class.ilStartUpGUI.php:134
ilStartUpGUI\jumpToRegistration
jumpToRegistration()
jump to registration gui
Definition: class.ilStartUpGUI.php:123
ilAuthFrontendCredentialsCAS
Auth frontend credentials for CAS auth.
Definition: class.ilAuthFrontendCredentialsCAS.php:11
$data
$data
Definition: bench.php:6