Merge branch 'MDL-56739-master' of git://github.com/jleyva/moodle

admin/tool/mobile/launch.php

@@ -31,6 +31,7 @@ require_once($CFG->libdir . '/externallib.php');
 $serviceshortname  = required_param('service',  PARAM_ALPHANUMEXT);
 $passport          = required_param('passport',  PARAM_RAW);    // Passport send from the app to validate the response URL.
 $urlscheme         = optional_param('urlscheme', 'moodlemobile', PARAM_NOTAGS); // The URL scheme the app supports.
+$confirmed         = optional_param('confirmed', false, PARAM_BOOL);  // If we are being redirected after user confirmation.
 
 // Check web services enabled.
 if (!$CFG->enablewebservices) {
@@ -39,7 +40,8 @@ if (!$CFG->enablewebservices) {
 
 // Check if the plugin is properly configured.
 $typeoflogin = get_config('tool_mobile', 'typeoflogin');
-if ($typeoflogin != tool_mobile\api::LOGIN_VIA_BROWSER and
+if (empty($SESSION->justloggedin) and
+        $typeoflogin != tool_mobile\api::LOGIN_VIA_BROWSER and
         $typeoflogin != tool_mobile\api::LOGIN_VIA_EMBEDDED_BROWSER) {
     throw new moodle_exception('pluginnotenabledorconfigured', 'tool_mobile');
 }
@@ -87,11 +89,24 @@ if (!empty($forcedurlscheme)) {
 $location = "$urlscheme://token=$apptoken";
 
 // For iOS 10 onwards, we have to simulate a user click.
-if (core_useragent::is_ios()) {
-    $PAGE->set_context(null);
+// If we come from the confirmation page, we should display a nicer page.
+$isios = core_useragent::is_ios();
+if ($confirmed or $isios) {
+    $PAGE->set_context(context_system::instance());
+    $PAGE->set_heading($COURSE->fullname);
     $PAGE->set_url('/local/mobile/launch.php', array('service' => $serviceshortname, 'passport' => $passport, 'urlscheme' => $urlscheme));
 
     echo $OUTPUT->header();
+    if ($confirmed) {
+        $confirmedstr = get_string('confirmed');
+        $PAGE->navbar->add($confirmedstr);
+        $PAGE->set_title($confirmedstr);
+        echo $OUTPUT->notification($confirmedstr, \core\output\notification::NOTIFY_SUCCESS);
+        echo $OUTPUT->box_start('generalbox centerpara boxwidthnormal boxaligncenter');
+        echo $OUTPUT->single_button(new moodle_url('/course/'), get_string('courses'));
+        echo $OUTPUT->box_end();
+    }
+
     $notice = get_string('clickheretolaunchtheapp', 'tool_mobile');
     echo html_writer::link($location, $notice, array('id' => 'launchapp'));
     echo html_writer::script(

auth/email/auth.php

@@ -95,6 +95,24 @@ class auth_plugin_email extends auth_plugin_base {
      * @param boolean $notify print notice with link and terminate
      */
     function user_signup($user, $notify=true) {
+        // Standard signup, without custom confirmatinurl.
+        return $this->user_signup_with_confirmation($user, $notify);
+    }
+
+    /**
+     * Sign up a new user ready for confirmation.
+     *
+     * Password is passed in plaintext.
+     * A custom confirmationurl could be used.
+     *
+     * @param object $user new user object
+     * @param boolean $notify print notice with link and terminate
+     * @param string $confirmationurl user confirmation URL
+     * @return boolean true if everything well ok and $notify is set to true
+     * @throws moodle_exception
+     * @since Moodle 3.2
+     */
+    public function user_signup_with_confirmation($user, $notify=true, $confirmationurl = null) {
         global $CFG, $DB;
         require_once($CFG->dirroot.'/user/profile/lib.php');
         require_once($CFG->dirroot.'/user/lib.php');
@@ -115,8 +133,8 @@ class auth_plugin_email extends auth_plugin_base {
         // Trigger event.
         \core\event\user_created::create_from_userid($user->id)->trigger();
 
-        if (! send_confirmation_email($user)) {
-            print_error('auth_emailnoemail','auth_email');
+        if (! send_confirmation_email($user, $confirmationurl)) {
+            print_error('auth_emailnoemail', 'auth_email');
         }
 
         if ($notify) {

auth/email/classes/external.php

@@ -202,7 +202,8 @@ class auth_email_external extends external_api {
                             'value' => new external_value(PARAM_RAW, 'Custom field value, can be an encoded json if required')
                         )
                     ), 'User custom fields (also known as user profile fields)', VALUE_DEFAULT, array()
-                )
+                ),
+                'redirect' => new external_value(PARAM_URL, 'Redirect the user to this url after confirmation.', VALUE_DEFAULT, ''),
             )
         );
     }
@@ -220,13 +221,15 @@ class auth_email_external extends external_api {
      * @param  string $recaptchachallengehash recaptcha challenge hash
      * @param  string $recaptcharesponse      recaptcha response
      * @param  array  $customprofilefields    user custom fields (also known as user profile fields)
+     * @param  string $redirect               Url to redirect the user after confirmation
      * @return array settings and possible warnings
      * @since Moodle 3.2
      * @throws moodle_exception
      * @throws invalid_parameter_exception
      */
     public static function signup_user($username, $password, $firstname, $lastname, $email, $city = '', $country = '',
-                                        $recaptchachallengehash = '', $recaptcharesponse = '', $customprofilefields = array()) {
+                                        $recaptchachallengehash = '', $recaptcharesponse = '', $customprofilefields = array(),
+                                        $redirect = '') {
         global $CFG, $PAGE;
 
         $warnings = array();
@@ -243,6 +246,7 @@ class auth_email_external extends external_api {
                 'recaptchachallengehash' => $recaptchachallengehash,
                 'recaptcharesponse' => $recaptcharesponse,
                 'customprofilefields' => $customprofilefields,
+                'redirect' => $redirect,
             )
         );
 
@@ -324,7 +328,16 @@ class auth_email_external extends external_api {
             $user = signup_setup_new_user((object) $data);
 
             $authplugin = get_auth_plugin('email');
-            $authplugin->user_signup($user, false);
+
+            // Check if we should redirect the user once the user is confirmed.
+            $confirmationurl = null;
+            if (!empty($params['redirect'])) {
+                // Pass via moodle_url to fix thinks like admin links.
+                $redirect = new moodle_url($params['redirect']);
+
+                $confirmationurl = new moodle_url('/login/confirm.php', array('redirect' => $redirect->out()));
+            }
+            $authplugin->user_signup_with_confirmation($user, false, $confirmationurl);
 
             $result = array(
                 'success' => true,

auth/upgrade.txt

@@ -7,6 +7,8 @@ information provided here is intended especially for developers.
   This can be used to modify the user object before any authentication errors are raised.
 * The block_login now displays the loginpage_idp_list() links as well as main login page.
 * The authentication plugin auth_radius has been moved to https://github.com/moodlehq/moodle-auth_radius
+* New auth_email::user_signup_with_confirmation() method has a new optional parameter $confirmationurl to provide a different
+  confirmation URL.
 
 === 3.0 ===
 

lib/moodlelib.php

@@ -6134,9 +6134,10 @@ function reset_password_and_mail($user) {
  * Send email to specified user with confirmation text and activation link.
  *
  * @param stdClass $user A {@link $USER} object
+ * @param string $confirmationurl user confirmation URL
  * @return bool Returns true if mail was sent OK and false if there was an error.
  */
-function send_confirmation_email($user) {
+function send_confirmation_email($user, $confirmationurl = null) {
     global $CFG;
 
     $site = get_site();
@@ -6151,7 +6152,12 @@ function send_confirmation_email($user) {
 
     $username = urlencode($user->username);
     $username = str_replace('.', '%2E', $username); // Prevent problems with trailing dots.
-    $data->link  = $CFG->wwwroot .'/login/confirm.php?data='. $user->secret .'/'. $username;
+    if (empty($confirmationurl)) {
+        $confirmationurl = '/login/confirm.php';
+    }
+    $confirmationurl = new moodle_url($confirmationurl, array('data' => $user->secret .'/'. $username));
+    $data->link = $confirmationurl->out(false);
+
     $message     = get_string('emailconfirmation', '', $data);
     $messagehtml = text_to_html(get_string('emailconfirmation', '', $data), false, false, true);
 

lib/upgrade.txt

@@ -128,6 +128,7 @@ information provided here is intended especially for developers.
   message_sent::create_from_ids() will show a debugging notice if the \core\message\message being sent is missing
   the courseid property, defaulting to SITEID automatically. In Moodle 3.6 (MDL-55449) courseid will be fully mandatory
   for all messages sent.
+* The send_confirmation_email() function has a new optional parameter $confirmationurl to provide a different confirmation URL.
 
 === 3.1 ===
 

login/confirm.php

@@ -31,6 +31,7 @@ $data = optional_param('data', '', PARAM_RAW);  // Formatted as:  secret/usernam
 
 $p = optional_param('p', '', PARAM_ALPHANUM);   // Old parameter:  secret
 $s = optional_param('s', '', PARAM_RAW);        // Old parameter:  username
+$redirect = optional_param('redirect', '', PARAM_LOCALURL);    // Where to redirect the browser once the user has been confirmed.
 
 $PAGE->set_url('/login/confirm.php');
 $PAGE->set_context(context_system::instance());
@@ -78,10 +79,14 @@ if (!empty($data) || (!empty($p) && !empty($s))) {
 
             \core\session\manager::apply_concurrent_login_limit($user->id, session_id());
 
-            if ( ! empty($SESSION->wantsurl) ) {   // Send them where they were going.
-                $goto = $SESSION->wantsurl;
+            // Check where to go, $redirect has a higher preference.
+            if (empty($redirect) and !empty($SESSION->wantsurl) ) {
+                $redirect = $SESSION->wantsurl;
                 unset($SESSION->wantsurl);
-                redirect($goto);
+            }
+
+            if (!empty($redirect)) {
+                redirect($redirect);
             }
         }