MDL-28158 add optional "Remember username" checkbox in login forms

2025-01-18 05:58:34 +01:00 · 2011-07-10 13:22:55 +02:00 · 2011-07-10 13:22:55 +02:00 · 0342fc3609
commit 0342fc3609
parent f6f6138379
9 changed files with 44 additions and 19 deletions
--- a/admin/index.php
+++ b/admin/index.php
@ -355,7 +355,7 @@ if (during_initial_install()) {
        }
        // login user and let him set password and admin details
        $adminuser->newadminuser = 1;
-        complete_user_login($adminuser, false);
+        complete_user_login($adminuser);
        redirect("$CFG->wwwroot/user/editadvanced.php?id=$adminuser->id"); // Edit thyself

    } else {
--- a/admin/settings/security.php
+++ b/admin/settings/security.php
@ -71,6 +71,7 @@ if ($hassiteconfig) { // speedup for non-admins, add all caps used on this page
    $temp->add(new admin_setting_configcheckbox('groupenrolmentkeypolicy', get_string('groupenrolmentkeypolicy', 'admin'), get_string('groupenrolmentkeypolicy_desc', 'admin'), 1));
    $temp->add(new admin_setting_configcheckbox('disableuserimages', get_string('disableuserimages', 'admin'), get_string('configdisableuserimages', 'admin'), 0));
    $temp->add(new admin_setting_configcheckbox('emailchangeconfirmation', get_string('emailchangeconfirmation', 'admin'), get_string('configemailchangeconfirmation', 'admin'), 1));
+    $temp->add(new admin_setting_configselect('rememberusername', get_string('rememberusername','admin'), get_string('rememberusername_desc','admin'), 2, array(1=>get_string('yes'), 0=>get_string('no'), 2=>get_string('optional'))));
    $ADMIN->add('security', $temp);


--- a/auth/shibboleth/index.php
+++ b/auth/shibboleth/index.php
@ -47,7 +47,6 @@
            update_user_login_times();

            // Don't show previous shibboleth username on login page
-            set_moodle_cookie('');

            set_login_session_preferences();

--- a/blocks/login/block_login.php
+++ b/blocks/login/block_login.php
@ -50,6 +50,12 @@ class block_login extends block_base {
            $this->content->text .= '<div class="c1 fld password"><label for="login_password">'.get_string('password').'</label>';
            $this->content->text .= '<input type="password" name="password" id="login_password" value="" /></div>';

+            if (isset($CFG->rememberusername) and $CFG->rememberusername == 2) {
+                $checked = $username ? 'checked="checked"' : '';
+                $this->content->text .= '<div class="c1 rememberusername"><input type="checkbox" name="rememberusername" id="rememberusername" value="1" '.$checked.'/>';
+                $this->content->text .= ' <label for="rememberusername">'.get_string('rememberusername', 'admin').'</label></div>';
+            }
+
            $this->content->text .= '<div class="c1 btn"><input type="submit" value="'.get_string('login').'" /></div>';

            $this->content->text .= "</form>\n";
--- a/lang/en/admin.php
+++ b/lang/en/admin.php
@ -875,6 +875,8 @@ $string['recaptchapublickey'] = 'ReCAPTCHA public key';
 $string['registration'] = 'Registration';
 $string['releasenoteslink'] = 'For information about this version of Moodle, please see the online <a target="_blank" href="{$a}">Release Notes</a>';
 $string['remotelangnotavailable'] = 'Because Moodle can not connect to download.moodle.org, we are unable to do language pack installation automatically. Please download the appropriate zip file(s) from http://download.moodle.org, copy them to your {$a} directory and unzip them manually.';
+$string['rememberusername'] = 'Remember username';
+$string['rememberusername_desc'] = 'Enable if you want to store permanent cookies with usernames during user login. Permanent cookies may be considered a privacy issue if used without consent.';
 $string['renameerrors'] = 'Rename errors';
 $string['requiredentrieschanged'] = '<strong>IMPORTANT - PLEASE READ<br/>(This warning message will only be displayed during this upgrade)</strong><br/>Due to a bug fix, the behaviour of database activities using the \'Required entries\' and \'Required entries before viewing settings\' settings will change. A more detailed explanation of the changes can be read on <a href="http://moodle.org/mod/forum/discuss.php?d=110928" target="_blank">the database module forum</a>. The expected behavior of these settings can also be read on <a href="http://docs.moodle.org/en/Adding/editing_a_database#Required_entries" target="_blank">Moodle Docs</a>.
 <br/><br/>This change affects the following databases in your system: (Please save this list now, and after the upgrade, check that these activities still work the way that the teacher intends.)<br/><strong>{$a->text}</strong><br/>';
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@ -2375,7 +2375,7 @@ function require_login($courseorid = NULL, $autologinguest = true, $cm = NULL, $
                exit; // never reached
            }
            $lang = isset($SESSION->lang) ? $SESSION->lang : $CFG->lang;
-            complete_user_login($guest, false);
+            complete_user_login($guest);
            $USER->autologinguest = true;
            $SESSION->lang = $lang;
        } else {
@ -3623,12 +3623,12 @@ function authenticate_user_login($username, $password) {
 *
 * NOTE:
 * - It will NOT log anything -- up to the caller to decide what to log.
+ * - this function does not set any cookies any more!
 *
 * @param object $user
- * @param bool $setcookie
 * @return object A {@link $USER} object - BC only, do not use
 */
-function complete_user_login($user, $setcookie=true) {
+function complete_user_login($user) {
    global $CFG, $USER;

    // regenerate session id and delete old session,
@ -3653,17 +3653,6 @@ function complete_user_login($user, $setcookie=true) {
        return $USER;
    }

-    if ($setcookie) {
-        if (empty($CFG->nolastloggedin)) {
-            set_moodle_cookie($USER->username);
-        } else {
-            // do not store last logged in user in cookie
-            // auth plugins can temporarily override this from loginpage_hook()
-            // do not save $CFG->nolastloggedin in database!
-            set_moodle_cookie('');
-        }
-    }
-
    /// Select password change url
    $userauth = get_auth_plugin($USER->auth);

--- a/lib/sessionlib.php
+++ b/lib/sessionlib.php
@ -819,6 +819,11 @@ function set_moodle_cookie($username) {
        return;
    }

+    if (empty($CFG->rememberusername)) {
+        // erase current and do not store permanent cookies
+        $username = '';
+    }
+
    if ($username === 'guest') {
        // keep previous cookie in case of guest account login
        return;
@ -847,6 +852,10 @@ function get_moodle_cookie() {
        return '';
    }

+    if (empty($CFG->rememberusername)) {
+        return '';
+    }
+
    $cookiename = 'MOODLEID_'.$CFG->sessioncookie;

    if (empty($_COOKIE[$cookiename])) {
--- a/login/index.php
+++ b/login/index.php
@ -175,7 +175,21 @@ if ($frm and isset($frm->username)) {                             // Login WITH
    /// Let's get them all set up.
        add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID,
                   $user->id, 0, $user->id);
-        complete_user_login($user, true); // sets the username cookie
+        complete_user_login($user);
+
+        // sets the username cookie
+        if (!empty($CFG->nolastloggedin)) {
+            // do not store last logged in user in cookie
+            // auth plugins can temporarily override this from loginpage_hook()
+            // do not save $CFG->nolastloggedin in database!
+
+        } else if (empty($CFG->rememberusername) or ($CFG->rememberusername == 2 and empty($frm->rememberusername))) {
+            // no permanent cookies, delete old one if exists
+            set_moodle_cookie('');
+
+        } else {
+            set_moodle_cookie($USER->username);
+        }

    /// Prepare redirection
        if (user_not_fully_set_up($USER)) {
@ -289,7 +303,7 @@ if (empty($frm->username) && $authsequence[0] != 'shibboleth') {  // See bug 518
    if (!empty($_GET["username"])) {
        $frm->username = $_GET["username"];
    } else {
-        $frm->username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();
+        $frm->username = get_moodle_cookie();
    }

    $frm->password = "";
--- a/login/index_form.html
+++ b/login/index_form.html
@ -42,10 +42,15 @@ if ($show_instructions) {
            <div class="form-input">
              <input type="password" name="password" id="password" size="15" value="" />
              <input type="submit" id="loginbtn" value="<?php print_string("login") ?>" />
-              <div class="forgetpass"><a href="forgot_password.php"><?php print_string("forgotten") ?></a></div>
            </div>
            <div class="clearer"><!-- --></div>
+              <?php if (isset($CFG->rememberusername) and $CFG->rememberusername == 2) { ?>
+              <div class="form-label"><input type="checkbox" name="rememberusername" id="rememberusername" value="1" <?php if ($frm->username) {echo 'checked="checked"';} ?> /></div>
+              <div class="form-input"><label for="rememberusername"><?php print_string('rememberusername', 'admin') ?></label></div>
+              <?php } ?>
          </div>
+          <div class="clearer"><!-- --></div>
+          <div class="forgetpass"><a href="forgot_password.php"><?php print_string("forgotten") ?></a></div>
        </form>
      </div>