3

This is referring to original post with same topic (Moodle Accept Login from external site) by other user back in 2013, also a similar one (Logging into Moodle via external site) in 2014. However, I cannot add comment nor reply to these posts, and my Moodle version is different (3.3.2), that is why I am starting a new thread. Hopefully someone can give me a hand.

Looks like it is quite a common task when we already have existing site and adding Moodle at later stage for its LMS functions. Moodle is in a folder one level lower then web root, so there is no cross-domain problem.

The post in 2013 saying he managed to solve this by copying the cookies from header using PECL, however tried PECL but not working on my server, therefore I Googled the CURL way. Owing to my poor PHP knowledge, it failed too. If I use a HTML FORM posting to Moodle's login.php, then it works. (so I am sure the URL, username etc are correct)

If you have Moodle.org's account, can also read my question. (https://moodle.org/mod/forum/discuss.php?d=361390)

<?php
$url = 'http://example.com/learning-center/login/index.php';
$fields = array(
    'username' => urlencode($_POST['myUsername']),
    'password' => urlencode($_POST['myPassword']));

//url-ify the data for the POST
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&';         }
rtrim($fields_string, '&');

//open connection
$ch = curl_init();

//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);

//execute post
$result = curl_exec($ch);


//return the transfer as a string
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//enable headers
curl_setopt($ch, CURLOPT_HEADER, 1);
//get only headers
curl_setopt($ch, CURLOPT_NOBODY, 1);

//execute post
$result = curl_exec($ch);

//close connection
curl_close($ch);

//////////////////////////////////////////////////////////////

$headers=array();

$data=explode("\n",$result);

$headers['status']=$data[0];

array_shift($data);

foreach($data as $part){
    $middle=explode(":",$part);
    $headers[trim($middle[0])] = trim($middle[1]);
}

foreach ($data->cookies as $name => $value) {
    setcookie($name, $value, $data->expires, $data->path, 'example.com');
}

?>

And the output was

This page should automatically redirect. If nothing is happening please use the continue link below.
http://example.com/learning-center/login/index.php

Array
(
    [status] => HTTP/1.1 200 OK
    [Date] => Wed, 15 Nov 2017 03
    [Server] => Apache/2.4.6 (CentOS) PHP/5.6.31
    [X-Powered-By] => PHP/5.6.31
    [Set-Cookie] => MoodleSession=bv77hhnn8f0vmbarkc9vujro25; path=/learning-center/
    [Expires] => 
    [Cache-Control] => private, pre-check=0, post-check=0, max-age=0, no-transform
    [Pragma] => no-cache
    [Content-Language] => en
    [Content-Script-Type] => text/javascript
    [Content-Style-Type] => text/css
    [X-UA-Compatible] => IE=edge
    [Accept-Ranges] => none
    [X-Frame-Options] => sameorigin
    [Content-Type] => text/html; charset=utf-8
    [] => 
)

It is incomplete, so do not copy this code and use it in production. From the header it looks like it returns a MoodleSession cookie, however, if I use the browser's Developer tool to manually add that then load a Moodle page, Moodle still asks me to log. If I manually log in Moodle, the cookie it sets is similar.

Does anyone know how?

GaryC
  • 31
  • 3
  • Why not using a form that submits to `yourwebsite.ltd/login/index.php` and you are done. We implemented it and it's working. – mohessaid Dec 04 '17 at 04:28
  • Thanks. I tried but I am afraid there is a differnece. Using a html form that post to Moodle's login/index.php will bring user to Moodle, but we want to let user stays in external site.Furthermore, that way will log in user on Moodle, but not the external site at the same time – GaryC Dec 05 '17 at 05:29
  • Actually, we are using it like that. We have a presentation website of the academy (powered by WordPress). We created a form in it. And then we have a central website or Moodle DB powered by a Moodle instance with custom web services to check the user data and all. When the user login using the external form we will redirect him to the Moodle instance where he has an account if his credentials pass the checking process. Else we will show him error messages. We use it with a simple HTML form and jQuery to handle the behavior of submitting data. – mohessaid Dec 05 '17 at 12:18

0 Answers0