moodle/admin/auth.php

<?php

/**
 * Allows admin to edit all auth plugin settings.
 *
 * JH: copied and Hax0rd from admin/enrol.php and admin/filters.php
 *
 */

require_once('../config.php');
require_once($CFG->libdir.'/adminlib.php');
require_once($CFG->libdir.'/tablelib.php');

require_login();
require_capability('moodle/site:config', context_system::instance());

$returnurl = new moodle_url('/admin/settings.php', array('section'=>'manageauths'));

$PAGE->set_url($returnurl);

$action = optional_param('action', '', PARAM_ALPHANUMEXT);
$auth   = optional_param('auth', '', PARAM_PLUGIN);

get_enabled_auth_plugins(true); // fix the list of enabled auths
if (empty($CFG->auth)) {
    $authsenabled = array();
} else {
    $authsenabled = explode(',', $CFG->auth);
}

if (!empty($auth) and !exists_auth_plugin($auth)) {
    print_error('pluginnotinstalled', 'auth', $returnurl, $auth);
}

////////////////////////////////////////////////////////////////////////////////
// process actions

if (!confirm_sesskey()) {
    redirect($returnurl);
}

switch ($action) {
    case 'disable':
        // remove from enabled list
        $key = array_search($auth, $authsenabled);
        if ($key !== false) {
            unset($authsenabled[$key]);
            set_config('auth', implode(',', $authsenabled));
        }

        if ($auth == $CFG->registerauth) {
            set_config('registerauth', '');
        }
        \core\session\manager::gc(); // Remove stale sessions.
        core_plugin_manager::reset_caches();
        break;

    case 'enable':
        // add to enabled list
        if (!in_array($auth, $authsenabled)) {
            $authsenabled[] = $auth;
            $authsenabled = array_unique($authsenabled);
            set_config('auth', implode(',', $authsenabled));
        }
        \core\session\manager::gc(); // Remove stale sessions.
        core_plugin_manager::reset_caches();
        break;

    case 'down':
        $key = array_search($auth, $authsenabled);
        // check auth plugin is valid
        if ($key === false) {
            print_error('pluginnotenabled', 'auth', $returnurl, $auth);
        }
        // move down the list
        if ($key < (count($authsenabled) - 1)) {
            $fsave = $authsenabled[$key];
            $authsenabled[$key] = $authsenabled[$key + 1];
            $authsenabled[$key + 1] = $fsave;
            set_config('auth', implode(',', $authsenabled));
        }
        break;

    case 'up':
        $key = array_search($auth, $authsenabled);
        // check auth is valid
        if ($key === false) {
            print_error('pluginnotenabled', 'auth', $returnurl, $auth);
        }
        // move up the list
        if ($key >= 1) {
            $fsave = $authsenabled[$key];
            $authsenabled[$key] = $authsenabled[$key - 1];
            $authsenabled[$key - 1] = $fsave;
            set_config('auth', implode(',', $authsenabled));
        }
        break;

    default:
        break;
}

redirect($returnurl);
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`<?php`

			`/**`
			`* Allows admin to edit all auth plugin settings.`
			`*`
			`* JH: copied and Hax0rd from admin/enrol.php and admin/filters.php`
			`*`
			`*/`

MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`require_once('../config.php');`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`require_once($CFG->libdir.'/adminlib.php');`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`require_once($CFG->libdir.'/tablelib.php');`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00
MDL-11561 admin tree improvements and bugfixing 2007-12-19 17:35:20 +00:00			`require_login();`
MDL-34455 Libraries: Replaced deprecated get_context_instance() 2012-07-23 14:33:02 +08:00			`require_capability('moodle/site:config', context_system::instance());`
MDL-11561 admin tree improvements and bugfixing 2007-12-19 17:35:20 +00:00
MDL-24127 fixed incorrect $url variable names 2010-09-07 19:47:08 +00:00			`$returnurl = new moodle_url('/admin/settings.php', array('section'=>'manageauths'));`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00
admin MDL-19787 Added PAGE->set_url calls and removed $Id tags 2009-10-15 02:19:51 +00:00			`$PAGE->set_url($returnurl);`

MDL-32942 libraries: Replaced deprecated PARAM_ACTION and PARAM_FORMAT with PARAM_ALPHANUMEXT 2012-05-11 13:42:27 +08:00			`$action = optional_param('action', '', PARAM_ALPHANUMEXT);`
MDL-29401 introduce new frankenstyle PARAM types New PARAM_COMPONENT, PARAM_AREA and PARAM_PLUGIN + fixing of hopefully all current incorrect parameter types. This should help with diagnosing of incorrectly named 3rd party plugins too. 2011-09-24 15:07:27 +02:00			`$auth = optional_param('auth', '', PARAM_PLUGIN);`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00
MDL-9053 - adding new function get_enabled_auth_plugins() - this should make the code simpler and the bug should be gone forever; merged from MOODLE_18_STABLE 2007-03-27 20:26:05 +00:00			`get_enabled_auth_plugins(true); // fix the list of enabled auths`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`if (empty($CFG->auth)) {`
			`$authsenabled = array();`
			`} else {`
			`$authsenabled = explode(',', $CFG->auth);`
			`}`
Change password url is now one-per-auth-method rather than just one for the whole site. Password change help field also added (one per auth too). This is to support improved lost password handling (ie, multiple authentication) 2005-09-22 15:12:31 +00:00
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`if (!empty($auth) and !exists_auth_plugin($auth)) {`
MDL-24127 fixed incorrect $url variable names 2010-09-07 19:47:08 +00:00			`print_error('pluginnotinstalled', 'auth', $returnurl, $auth);`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`}`
A significant new system for authentication configuration that exposes the wide array of authentication possibilities. Authentication now has it's own page separate from other variables. Most of this work was done by Petri Asikainen <paca@sci.fi>, who started these changes off. I've done some cleanups and additions which is why I'm checking it in. It's all working pretty well at the moment but could use some testing. Thanks, Petri! :-) 2002-11-19 08:51:33 +00:00
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`////////////////////////////////////////////////////////////////////////////////`
			`// process actions`
MDL-8050 1.2 Remove all target="_top" 2007-01-03 19:24:48 +00:00
MDL-11561 admin tree improvements and bugfixing 2007-12-19 17:35:20 +00:00			`if (!confirm_sesskey()) {`
			`redirect($returnurl);`
			`}`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00
			`switch ($action) {`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`case 'disable':`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`// remove from enabled list`
			`$key = array_search($auth, $authsenabled);`
			`if ($key !== false) {`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`unset($authsenabled[$key]);`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`set_config('auth', implode(',', $authsenabled));`
			`}`

			`if ($auth == $CFG->registerauth) {`
			`set_config('registerauth', '');`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`}`
MDL-31501 rework user session architecture List of changes: * New OOP API using PHP namespace \core\session\. * All handlers now update the sessions table consistently. * Experimental DB session support in Oracle. * Full support for session file handler (filesystem locking required). * New option for alternative session directory. * Official memcached session handler support. * Workaround for memcached version with non-functional gc. * Improved security - forced session id regeneration. * Improved compatibility with recent PHP releases. * Fixed borked CSS during install in debug mode. * Switched to file based sessions in new installs. * DB session setting disappears if DB does not support sessions. * DB session setting disappears if session handler specified in config.php. * Fast purging of sessions used in request only. * No legacy distinction - file, database and memcached support the same functionality. * Session handler name included in performance info. * Fixed user_loggedin and user_loggedout event triggering. * Other minor bugfixing and improvements. * Fixed database session segfault if MUC disposed before $DB. Limitations: * Session access time is now updated right after session start. * Support for $CFG->sessionlockloggedinonly was removed. * First request does not update userid in sessions table. * The timeouts may break badly if server hosting forces PHP.ini session settings. * The session GC is a lot slower, we do not rely on external session timeouts. * There cannot be any hooks triggered at the session write time. * File and memcached handlers do not support session lock acquire timeouts. * Some low level PHP session functions can not be used directly in Moodle code. 2013-09-08 08:38:52 +02:00			`\core\session\manager::gc(); // Remove stale sessions.`
MDL-42078 multiple uninstall improvements and cleanup Includes: * update checker refactored to \core\update\ namespace * plugininfo classes refactored to \core\plugininfo\ namespace * plugin_manager renamed to core_plugin_manager * redirect back to original page after plugin uninstall * fixed assign subplugin uninstall * move assign subplugins under the assignment in admin tree * fixed plugininfo for all question related plugin types * auth uninstall support * added missing block dependencies * added theme uninstall * subplugin types are following the plugin on plugin overview page * several performance improvements in plugin manager * new warnigns when plugininfo are outdated or missing * multiple fixes and other improvements 2013-10-04 22:40:44 +02:00			`core_plugin_manager::reset_caches();`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`break;`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`case 'enable':`
			`// add to enabled list`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`if (!in_array($auth, $authsenabled)) {`
			`$authsenabled[] = $auth;`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`$authsenabled = array_unique($authsenabled);`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`set_config('auth', implode(',', $authsenabled));`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`}`
MDL-31501 rework user session architecture List of changes: * New OOP API using PHP namespace \core\session\. * All handlers now update the sessions table consistently. * Experimental DB session support in Oracle. * Full support for session file handler (filesystem locking required). * New option for alternative session directory. * Official memcached session handler support. * Workaround for memcached version with non-functional gc. * Improved security - forced session id regeneration. * Improved compatibility with recent PHP releases. * Fixed borked CSS during install in debug mode. * Switched to file based sessions in new installs. * DB session setting disappears if DB does not support sessions. * DB session setting disappears if session handler specified in config.php. * Fast purging of sessions used in request only. * No legacy distinction - file, database and memcached support the same functionality. * Session handler name included in performance info. * Fixed user_loggedin and user_loggedout event triggering. * Other minor bugfixing and improvements. * Fixed database session segfault if MUC disposed before $DB. Limitations: * Session access time is now updated right after session start. * Support for $CFG->sessionlockloggedinonly was removed. * First request does not update userid in sessions table. * The timeouts may break badly if server hosting forces PHP.ini session settings. * The session GC is a lot slower, we do not rely on external session timeouts. * There cannot be any hooks triggered at the session write time. * File and memcached handlers do not support session lock acquire timeouts. * Some low level PHP session functions can not be used directly in Moodle code. 2013-09-08 08:38:52 +02:00			`\core\session\manager::gc(); // Remove stale sessions.`
MDL-42078 multiple uninstall improvements and cleanup Includes: * update checker refactored to \core\update\ namespace * plugininfo classes refactored to \core\plugininfo\ namespace * plugin_manager renamed to core_plugin_manager * redirect back to original page after plugin uninstall * fixed assign subplugin uninstall * move assign subplugins under the assignment in admin tree * fixed plugininfo for all question related plugin types * auth uninstall support * added missing block dependencies * added theme uninstall * subplugin types are following the plugin on plugin overview page * several performance improvements in plugin manager * new warnigns when plugininfo are outdated or missing * multiple fixes and other improvements 2013-10-04 22:40:44 +02:00			`core_plugin_manager::reset_caches();`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`break;`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`case 'down':`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`$key = array_search($auth, $authsenabled);`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`// check auth plugin is valid`
			`if ($key === false) {`
MDL-24127 fixed incorrect $url variable names 2010-09-07 19:47:08 +00:00			`print_error('pluginnotenabled', 'auth', $returnurl, $auth);`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`}`
			`// move down the list`
			`if ($key < (count($authsenabled) - 1)) {`
			`$fsave = $authsenabled[$key];`
			`$authsenabled[$key] = $authsenabled[$key + 1];`
			`$authsenabled[$key + 1] = $fsave;`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`set_config('auth', implode(',', $authsenabled));`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`}`
			`break;`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`case 'up':`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`$key = array_search($auth, $authsenabled);`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`// check auth is valid`
			`if ($key === false) {`
MDL-24127 fixed incorrect $url variable names 2010-09-07 19:47:08 +00:00			`print_error('pluginnotenabled', 'auth', $returnurl, $auth);`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`}`
			`// move up the list`
			`if ($key >= 1) {`
			`$fsave = $authsenabled[$key];`
			`$authsenabled[$key] = $authsenabled[$key - 1];`
			`$authsenabled[$key - 1] = $fsave;`
MDL-8590 auth cleanup - part 2 2007-02-20 17:09:20 +00:00			`set_config('auth', implode(',', $authsenabled));`
mnet/multienrol: admin area changes, including test for curl extension 2007-01-04 03:19:49 +00:00			`}`
			`break;`

			`default:`
			`break;`
			`}`
Changes to allow admin to control the "forgot password" function and a bug fix for set_config 2002-11-22 08:43:35 +00:00
MDL-24127 fixed incorrect $url variable names 2010-09-07 19:47:08 +00:00			`redirect($returnurl);`
A significant new system for authentication configuration that exposes the wide array of authentication possibilities. Authentication now has it's own page separate from other variables. Most of this work was done by Petri Asikainen <paca@sci.fi>, who started these changes off. I've done some cleanups and additions which is why I'm checking it in. It's all working pretty well at the moment but could use some testing. Thanks, Petri! :-) 2002-11-19 08:51:33 +00:00
MDL-20700 coding style cleanup - cvs keywords removed, closign php tag removed, trailing whitespace cleanup 2009-11-01 10:57:00 +00:00