';
+ }
+
$this->content->text .= '';
$this->content->text .= "\n";
diff --git a/lang/en/admin.php b/lang/en/admin.php
index e967be0f49620..6df4d46627947 100644
--- a/lang/en/admin.php
+++ b/lang/en/admin.php
@@ -875,6 +875,8 @@
$string['registration'] = 'Registration';
$string['releasenoteslink'] = 'For information about this version of Moodle, please see the online Release Notes';
$string['remotelangnotavailable'] = 'Because Moodle can not connect to download.moodle.org, we are unable to do language pack installation automatically. Please download the appropriate zip file(s) from http://download.moodle.org, copy them to your {$a} directory and unzip them manually.';
+$string['rememberusername'] = 'Remember username';
+$string['rememberusername_desc'] = 'Enable if you want to store permanent cookies with usernames during user login. Permanent cookies may be considered a privacy issue if used without consent.';
$string['renameerrors'] = 'Rename errors';
$string['requiredentrieschanged'] = 'IMPORTANT - PLEASE READ (This warning message will only be displayed during this upgrade) Due to a bug fix, the behaviour of database activities using the \'Required entries\' and \'Required entries before viewing settings\' settings will change. A more detailed explanation of the changes can be read on the database module forum. The expected behavior of these settings can also be read on Moodle Docs.
This change affects the following databases in your system: (Please save this list now, and after the upgrade, check that these activities still work the way that the teacher intends.) {$a->text} ';
diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 4eca02dc64681..8a8d41e84e2bb 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -2375,7 +2375,7 @@ function require_login($courseorid = NULL, $autologinguest = true, $cm = NULL, $
exit; // never reached
}
$lang = isset($SESSION->lang) ? $SESSION->lang : $CFG->lang;
- complete_user_login($guest, false);
+ complete_user_login($guest);
$USER->autologinguest = true;
$SESSION->lang = $lang;
} else {
@@ -3623,12 +3623,12 @@ function authenticate_user_login($username, $password) {
*
* NOTE:
* - It will NOT log anything -- up to the caller to decide what to log.
+ * - this function does not set any cookies any more!
*
* @param object $user
- * @param bool $setcookie
* @return object A {@link $USER} object - BC only, do not use
*/
-function complete_user_login($user, $setcookie=true) {
+function complete_user_login($user) {
global $CFG, $USER;
// regenerate session id and delete old session,
@@ -3653,17 +3653,6 @@ function complete_user_login($user, $setcookie=true) {
return $USER;
}
- if ($setcookie) {
- if (empty($CFG->nolastloggedin)) {
- set_moodle_cookie($USER->username);
- } else {
- // do not store last logged in user in cookie
- // auth plugins can temporarily override this from loginpage_hook()
- // do not save $CFG->nolastloggedin in database!
- set_moodle_cookie('');
- }
- }
-
/// Select password change url
$userauth = get_auth_plugin($USER->auth);
diff --git a/lib/sessionlib.php b/lib/sessionlib.php
index f52808249b773..22b8a438c6084 100644
--- a/lib/sessionlib.php
+++ b/lib/sessionlib.php
@@ -819,6 +819,11 @@ function set_moodle_cookie($username) {
return;
}
+ if (empty($CFG->rememberusername)) {
+ // erase current and do not store permanent cookies
+ $username = '';
+ }
+
if ($username === 'guest') {
// keep previous cookie in case of guest account login
return;
@@ -847,6 +852,10 @@ function get_moodle_cookie() {
return '';
}
+ if (empty($CFG->rememberusername)) {
+ return '';
+ }
+
$cookiename = 'MOODLEID_'.$CFG->sessioncookie;
if (empty($_COOKIE[$cookiename])) {
diff --git a/login/index.php b/login/index.php
index b0791ed5bf1e4..52d86a564ec88 100644
--- a/login/index.php
+++ b/login/index.php
@@ -175,7 +175,21 @@
/// Let's get them all set up.
add_to_log(SITEID, 'user', 'login', "view.php?id=$USER->id&course=".SITEID,
$user->id, 0, $user->id);
- complete_user_login($user, true); // sets the username cookie
+ complete_user_login($user);
+
+ // sets the username cookie
+ if (!empty($CFG->nolastloggedin)) {
+ // do not store last logged in user in cookie
+ // auth plugins can temporarily override this from loginpage_hook()
+ // do not save $CFG->nolastloggedin in database!
+
+ } else if (empty($CFG->rememberusername) or ($CFG->rememberusername == 2 and empty($frm->rememberusername))) {
+ // no permanent cookies, delete old one if exists
+ set_moodle_cookie('');
+
+ } else {
+ set_moodle_cookie($USER->username);
+ }
/// Prepare redirection
if (user_not_fully_set_up($USER)) {
@@ -289,7 +303,7 @@
if (!empty($_GET["username"])) {
$frm->username = $_GET["username"];
} else {
- $frm->username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();
+ $frm->username = get_moodle_cookie();
}
$frm->password = "";
diff --git a/login/index_form.html b/login/index_form.html
index cd9f8a4bc5dce..cd78a15e10069 100644
--- a/login/index_form.html
+++ b/login/index_form.html
@@ -42,10 +42,15 @@
" />
-
+ rememberusername) and $CFG->rememberusername == 2) { ?>
+