Commit Graph

164 Commits

Author SHA1 Message Date
martinlanghoff 1ff64b7f60 If wwwroot is unset, log something before dying 2005-10-18 03:28:20 +00:00
mjollnir_ 70f6f8b708 Much better namespace collision fix to apacheloguser thing 2005-09-29 23:39:52 +00:00
mjollnir_ 98f052303f Fixing up the log apache user patch from the otherday - problem with variable scope 2005-09-29 21:53:48 +00:00
mjollnir_ 73ec9fb26e Logging apache user now takes into account loginas 2005-09-27 05:24:43 +00:00
skodak 184e03b294 new session timeout handling 2005-09-23 18:28:15 +00:00
skodak d16b5bb763 new handling of session timeouts - part 1 2005-09-09 15:12:42 +00:00
skodak 17e941b48a reverting previous patch - see http://moodle.org/mod/forum/discuss.php?d=26970 2005-09-09 11:08:41 +00:00
patrickslee fe18e430f7 Finally the *correct* fix for the looping problem. Thanks to Penny 2005-09-07 04:22:03 +00:00
stronk7 9c87a260b6 HTTPSPAGEREQUIRED and CFG->httpswwwroot added to
support 100% SSL pages.
2005-07-14 20:09:10 +00:00
moodler 1ae1e84ec5 Allow Altavista in as guest too 2005-07-14 04:16:04 +00:00
moodler e80ca6fb8d Allow Babelfish in to translate 2005-07-13 16:40:48 +00:00
skodak f497c755aa compatibility hack for Moodle Cron, cookies not deleted, but set to "deleted" 2005-07-06 08:40:52 +00:00
stronk7 f4d8478a9d Now $CFG->allowobjectembed is working properly. Admins
will ignore this setting. Bug 3608.
(http://moodle.org/bugs/bug.php?op=show&bugid=3608)
2005-06-25 15:39:12 +00:00
defacer 9b1e8d728a Adding a little more checking to the session switching trap code.
I 've come across a problem where:

1. You have an "old" (say 1.3.5?) Moodle installation.
2. You are logged in as admin.
3. You suddenly switch to using a 1.5+ codebase with
   the SAME database, WITHOUT LOGGING OUT FIRST.

In this situation, I was presented with a deadlock. I could not do
anything because "my session had expired", and I could not even
log OUT to clear my session. In fact it was just reloading the
"session expired page" all the time.

If it weren't for debug = On which causes a notice in these
circumstances, it would be fracking difficult to understand what
was going on.

With this small addition, you can at least visit your login page
and log in anew, so problem fixed.

I believe this was talked about in the forums lately? Not sure.
2005-06-13 02:50:46 +00:00
moodler 377c6fa437 Default theme during setup is standardwhite, not standard 2005-06-09 12:53:14 +00:00
martinlanghoff cdbba24134 First cut of field locks support. functional but missing strings and support for LDAP/DB modules.
- Extended set_config()
- Implemented get_config() which takes over $CFG loading in setup.php
- admin/auth.php has special handling if post vars starting in pluginconfig_
- admin/auth.php print_auth_lock_options() prints a form fragment -- being called from most plugins now
- user/edit.php follows the new convention when locking down fields, both javascript UI and on POST.
2005-05-31 05:36:41 +00:00
moodler 27437410f4 file survey.php was added on branch MOODLE_15_STABLE on 2006-03-10 07:27:54 +0000 2005-04-05 20:54:43 +00:00
stronk7 2c76ad371b This was causing some disruption in tests because "SET CHARSET" changes
conection charset to default DB charset and not to the specified 'utf8'.
2006-01-13 14:26:53 +00:00
moodler d3f9f1f85d Moving some functions to setuplib.php so they are first 2006-01-05 07:08:10 +00:00
moodler 6aaa17c7cc Merging language-pack-related updates from Eloy's MOODLE_16_UTF8 branch.
Do not use that branch any more!!
2006-01-04 08:23:42 +00:00
skodak 16303ee905 fixed session fixation prevention that was broken after cookieless patch SC#205 2005-12-28 19:05:46 +00:00
dhawes 735b85670a correct malformed phpdoc function comments, rearranged phpdoc comments associated with wrong globals, and removed some tab characters 2005-12-13 02:21:02 +00:00
toyomoyo fd78420b78 patch for cookieless sessions 2005-12-05 02:24:45 +00:00
skodak 578dcc4019 add GLOBALS overwrite protection and improved magic_quotes_gpc hack SC#191, SC#184, SC#92; merged together with Jon's last patch from MOODLE_15_STABLE
also removed the broken unregister_globals() function
2005-11-14 22:53:44 +00:00
martinlanghoff a670108e0f Merged from MOODLE_15_STABLE - If wwwroot is unset, log something before dying 2005-10-18 03:31:13 +00:00
mjollnir_ 2b287cacba Merged from MOODLE_15_STABLE : Much better namespace collision fix to apacheloguser thing 2005-09-29 23:40:14 +00:00
mjollnir_ 72194b0aa3 Merged from MOODLE_15_STABLE: Fixing up the log apache user patch from the otherday - problem with variable scope 2005-09-29 21:54:03 +00:00
mjollnir_ 96e19e7b67 Merged from MOODLE_15_STABLE: Logging apache user now takes into account loginas 2005-09-27 05:25:23 +00:00
skodak 1c6932d825 new session timeout handling + gecko fix in moodlelib.php - merged from MOODLE_15_STABLE 2005-09-23 18:38:50 +00:00
skodak 4dfa092564 new handling of session timeouts - part 1; merged from MOODLE_15_STABLE 2005-09-09 15:14:48 +00:00
skodak 9259cb73bc reverting previous patch - see http://moodle.org/mod/forum/discuss.php?d=26970 2005-09-09 12:07:13 +00:00
patrickslee dd875f1aa2 Finally the *correct* fix for the looping problem. Thanks to Penny (Merged from MOODLE_15_STABLE) 2005-09-07 04:23:37 +00:00
ikawhero 2b0b32d8fe Return control to original script after including a custom script. Allows
more flexibility to add code to a page. If the original is to be completely
replaced, the custom script must explicitly exit.
Credit to Eloy.
2005-07-15 15:36:40 +00:00
stronk7 9d0dd812ac HTTPSPAGEREQUIRED and CFG->httpswwwroot added to
support 100% SSL pages.

Merged from MOODLE_15_STABLE
2005-07-14 20:11:29 +00:00
moodler 18259d4fd3 Adding the capability to replace existing scripts with customised versions.
See config-dist.php for more info.

Will add an admin interface for this later.

Shane.
2005-07-14 15:35:23 +00:00
moodler 33674080d6 Merged altavista from stable 2005-07-14 04:18:59 +00:00
skodak 53a6c4cfd8 compatibility hack for Moodle Cron, cookies not deleted, but set to "deleted"; merged from MOODLE_15_STABLE 2005-07-06 08:43:19 +00:00
stronk7 5982740d30 Now $CFG->allowobjectembed is working properly. Admins
will ignore this setting. Bug 3608.
(http://moodle.org/bugs/bug.php?op=show&bugid=3608)

Merged from MOODLE_15_STABLE
2005-06-25 15:42:44 +00:00
defacer 34137668b5 Adding a little more checking to the session switching trap code.
I 've come across a problem where:

1. You have an "old" (say 1.3.5?) Moodle installation.
2. You are logged in as admin.
3. You suddenly switch to using a 1.5+ codebase with
   the SAME database, WITHOUT LOGGING OUT FIRST.

In this situation, I was presented with a deadlock. I could not do
anything because "my session had expired", and I could not even
log OUT to clear my session. In fact it was just reloading the
"session expired page" all the time.

If it weren't for debug = On which causes a notice in these
circumstances, it would be fracking difficult to understand what
was going on.

With this small addition, you can at least visit your login page
and log in anew, so problem fixed.

I believe this was talked about in the forums lately? Not sure.


(Also merging Martin's theme standard -> standardwhite change)
2005-06-13 02:56:37 +00:00
thepurpleblob 373da1d463 Added $CFG->disableglobalshack option for testing 'register_globals' free code
Also kills require_variable() and optional_variable() if true
(effectively kills Moodle dead - if true - at the moment!)
2005-06-10 08:55:26 +00:00
martinlanghoff a40803130b Per-auth-backend field locks support. Merged from MOODLE_15_STABLE
* Extended set_config()
 * Implemented get_config() which takes over $CFG loading in setup.php
 * admin/auth.php has special handling if post vars starting in pluginconfig_
 * admin/auth.php print_auth_lock_options() prints a form fragment -- being called from most plugins now
 *  user/edit.php follows the new convention when locking down fields, both javascript UI and on POST.
 * admin/auth: More solid checking for auth GET/POST var.
 * admin/auth: print_auth_lock_options() now handles user field mapping options for LDAP and similar modules
 * admin/auth: user mapping options have moved to config_plugins table
 * auth/ldap module has migrated to using new field mapping vars -- simplified config.html a lot
 * auth settings migration to config_plugins
2005-06-02 05:39:41 +00:00
martinlanghoff 5c5c16bb98 Apache log integration -- updated with more options to control what is logged as username. Implemented by Patrick Li. 2005-05-17 04:03:48 +00:00
martinlanghoff a559eee64e Apache log intergration. In apache conf file one can use ${MOODULEUSER}n in LogFormat to get the current logged in username in moodle. Implemented by Patrick Li. 2005-05-16 02:51:05 +00:00
moodler 0a194c4c03 Google say they want 404 for prefetch requests 2005-05-07 08:20:34 +00:00
martinlanghoff d719609931 Merged from MOODLE_14_STABLE - Block link prefetching from Mozilla and Google Web Accelerator. 2005-05-07 03:07:08 +00:00
moodler 29e91ef724 Embedding the session checking a little better 2005-04-23 15:02:00 +00:00
martinlanghoff d6ead3a251 Polish and fixes for language cache -- addresses bug 2891 2005-04-20 07:29:28 +00:00
skodak 00de82df28 Session test to detect user switching, error counter is displayed in healthcenter - please test, test, test; TODO - move string from setup.php to language file 2005-04-18 20:13:36 +00:00
moodler 7c12949d10 Rationalised get_user_info_from_db() and sundry other small bits into
a single function called: get_complete_user_data()

This is to help shibboleth but will also help when this function
needs to be extended in future.
2005-04-17 12:08:46 +00:00
martinlanghoff 66552670ba Improved performance info reporting and logging. Removed duplicate calls. 2005-04-06 07:36:10 +00:00