mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-03-14 12:40:01 +01:00
Code Issues Projects Releases Wiki Activity

(MDL-8973) Fix OOP model of new multi auth plugins + some other auth related fixes, fixed change_password, ldap updates, etc.; TODO: fix docs

Browse Source
This commit is contained in:
skodak 2007-03-22 12:27:52 +00:00
parent 6a5e9a8506
commit 6bc1e5d577
37 changed files with 658 additions and 432 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
admin/auth.php
View File

@ -147,7 +147,7 @@ $registrationauths[''] = $txt->disable;
foreach ($authsenabled as $auth) {
$authplugin = get_auth_plugin($auth);
$displayauths[$auth] = get_string("auth_{$auth}title", 'auth');
if (method_exists($authplugin, 'user_signup')) {
if ($authplugin->can_signup()) {
$registrationauths[$auth] = get_string("auth_{$auth}title", 'auth');
}
}
@ -158,7 +158,7 @@ foreach ($authsavailable as $auth) {
}
$authplugin = get_auth_plugin($auth);
$displayauths[$auth] = get_string("auth_{$auth}title", 'auth');
if (method_exists($authplugin, 'user_signup')) {
if ($authplugin->can_signup()) {
$registrationauths[$auth] = get_string("auth_{$auth}title", 'auth');
}
}

4
admin/auth_config.php
View File

@ -19,9 +19,7 @@ if ($frm = data_submitted()) {
error(get_string('confirmsesskeybad', 'error'));
}
if (method_exists($authplugin, 'validate_form')) {
$authplugin->validate_form($frm, $err);
}
$authplugin->validate_form($frm, $err);
if (count($err) == 0) {

33
auth/authlib.php
View File

@ -1,33 +0,0 @@
<?php
/**
* @author Martin Dougiamas
* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
* @package moodle multiauth
*
* Multiple plugin authentication
* Support library
*
* 2006-08-28 File created, AUTH return values defined.
*/
/**
* Returned when the login was successful.
*/
define('AUTH_OK', 0);
/**
* Returned when the login was unsuccessful.
*/
define('AUTH_FAIL', 1);
/**
* Returned when the login was denied (a reason for AUTH_FAIL).
*/
define('AUTH_DENIED', 2);
/**
* Returned when some error occurred (a reason for AUTH_FAIL).
*/
define('AUTH_ERROR', 4);
?>

21
auth/cas/auth.php
View File

@ -15,20 +15,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* CAS authentication plugin.
*/
class auth_plugin_cas {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_cas extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_cas() {
$this->authtype = 'cas';
$this->config = get_config('auth/cas');
}
@ -222,6 +220,17 @@ class auth_plugin_cas {
return !empty($this->config->changepasswordurl);
}
function prelogin_hook() {
// Load alternative login screens if necessary
// TODO: fix the cas login screen
return;
if(!empty($CFG->cas_enabled)) {
require($CFG->dirroot.'/auth/cas/login.php');
}
}
/**
* Prints a form for configuring this authentication plugin.
*

11
auth/db/auth.php
View File

@ -16,20 +16,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* External database authentication plugin.
*/
class auth_plugin_db {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_db extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_db() {
$this->authtype = 'db';
$this->config = get_config('auth/db');
if (empty($this->config->extencoding)) {
$this->config->extencoding = 'utf-8';
@ -572,7 +570,6 @@ class auth_plugin_db {
$this->config->changepasswordurl = '';
set_config('changepasswordurl', '', 'auth/db');
}
return true;
}
/**

24
auth/email/auth.php
View File

@ -16,21 +16,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* Email authentication plugin.
*/
class auth_plugin_email {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_email extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_email() {
$this->authtype = 'email';
$this->config = get_config('auth/email');
}
@ -65,6 +62,10 @@ class auth_plugin_email {
return update_internal_user_password($user, $newpassword);
}
function can_signup() {
return true;
}
/**
* Sign up a new user ready for confirmation.
* Password is passed in plaintext.
@ -72,7 +73,7 @@ class auth_plugin_email {
* @param object $user new user object (with system magic quotes)
* @param boolean $notify print notice with link and terminate
*/
function user_signup($user, $notify = true) {
function user_signup($user, $notify=true) {
$user->password = hash_internal_user_password($user->password);
if (! ($user->id = insert_record('user', $user)) ) {
@ -92,6 +93,15 @@ class auth_plugin_email {
}
}
/**
* Returns true if plugin allows confirming of new users.
*
* @return bool
*/
function can_confirm() {
return true;
}
/**
* Confirm the new user as registered.
*

47
auth/fc/auth.php
View File

@ -15,22 +15,20 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
require_once 'fcFPP.php';
/**
* FirstClass authentication plugin.
*/
class auth_plugin_fc {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_fc extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_fc() {
$this->authtype = 'fc';
$this->config = get_config('auth/fc');
}
@ -116,14 +114,9 @@ class auth_plugin_fc {
* Get users group membership from the FirstClass server user and check if
* user is member of one of the groups of creators.
*/
function iscreator($username = 0) {
global $USER;
function iscreator($username) {
if (! $this->config->creators) {
return false;
}
if (! $username) {
$username = $USER->username;
return null;
}
$fcgroups = array();
@ -143,7 +136,9 @@ class auth_plugin_fc {
$creators = explode(";", $this->config->creators);
foreach($creators as $creator) {
If (in_array($creator, $fcgroups)) return true;
if (in_array($creator, $fcgroups)) {
return true;
}
}
return false;
@ -168,6 +163,30 @@ class auth_plugin_fc {
return false;
}
/**
* Sync roles for this user
*
* @param $user object user object (without system magic quotes)
*/
function sync_roles($user) {
$iscreator = $this->iscreator($user->username);
if ($iscreator === null) {
return; //nothing to sync - creators not configured
}
if ($roles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) {
$creatorrole = array_shift($roles); // We can only use one, let's use the first one
$systemcontext = get_context_instance(CONTEXT_SYSTEM);
if ($iscreator) { // Following calls will not create duplicates
role_assign($creatorrole->id, $user->id, 0, $systemcontext->id, 0, 0, 0, 'fc');
} else {
//unassign only if previously assigned by this plugin!
role_unassign($creatorrole->id, $user->id, 0, $systemcontext->id, 'fc');
}
}
}
/**
* Prints a form for configuring this authentication plugin.
*

10
auth/imap/auth.php
View File

@ -16,20 +16,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* IMAP authentication plugin.
*/
class auth_plugin_imap {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_imap extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_imap() {
$this->authtype = 'imap';
$this->config = get_config('auth/imap');
}

56
auth/ldap/auth.php
View File

@ -16,20 +16,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* LDAP authentication plugin.
*/
class auth_plugin_ldap {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_ldap extends auth_plugin_base {
/**
* Constructor with initialisation.
*/
function auth_plugin_ldap() {
$this->authtype = 'ldap';
$this->config = get_config('auth/ldap');
if (empty($this->config->ldapencoding)) {
$this->config->ldapencoding = 'utf-8';
@ -274,7 +272,7 @@ class auth_plugin_ldap {
* If userpassword does not expire it should return 0. If password is already expired
* it should return negative value.
*
* @param mixed $username username
* @param mixed $username username (with system magic quotes)
* @return integer
*/
function password_expire($username) {
@ -584,7 +582,7 @@ class auth_plugin_ldap {
if ($this->iscreator($user->username)) {
role_assign($creatorrole->id, $user->id, 0, $sitecontext->id, 0, 0, 0, 'ldap');
} else {
role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id);
role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id, 'ldap');
}
}
@ -783,26 +781,18 @@ class auth_plugin_ldap {
/**
* Returns true if user should be coursecreator.
*
* @param mixed $username username (with system magic quotes)
* @param mixed $username username (without system magic quotes)
* @return boolean result
*/
function iscreator($username = false) {
global $USER;
function iscreator($username) {
if (empty($this->config->creators) or empty($this->config->memberattribute)) {
return false;
}
if ($username === false) {
$username = $USER->username;
} else {
$username = stripslashes($username);
return null;
}
$textlib = textlib_get_instance();
$extusername = $textlib->convert($username, 'utf-8', $this->config->ldapencoding);
return $this->ldap_isgroupmember($extusername, $this->config->creators);
return (boolean)$this->ldap_isgroupmember($extusername, $this->config->creators);
}
/**
@ -824,7 +814,7 @@ class auth_plugin_ldap {
return false;
}
if (isset($olduser->auth) and $olduser->auth == 'ldap') {
if (isset($olduser->auth) and $olduser->auth != 'ldap') {
return true; // just change auth and skip update
}
@ -1512,6 +1502,30 @@ class auth_plugin_ldap {
}
}
/**
* Sync roles for this user
*
* @param $user object user object (without system magic quotes)
*/
function sync_roles($user) {
$iscreator = $this->iscreator($user->username);
if ($iscreator === null) {
return; //nothing to sync - creators not configured
}
if ($roles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) {
$creatorrole = array_shift($roles); // We can only use one, let's use the first one
$systemcontext = get_context_instance(CONTEXT_SYSTEM);
if ($iscreator) { // Following calls will not create duplicates
role_assign($creatorrole->id, $user->id, 0, $systemcontext->id, 0, 0, 0, 'ldap');
} else {
//unassign only if previously assigned by this plugin!
role_unassign($creatorrole->id, $user->id, 0, $systemcontext->id, 'ldap');
}
}
}
/**
* Prints a form for configuring this authentication plugin.
*

13
auth/manual/auth.php
View File

@ -15,23 +15,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* Manual authentication plugin.
*/
class auth_plugin_manual
{
/**
* The configuration details for the plugin.
*/
var $config;
var $canchangepassword = true;
var $isinternal = true;
class auth_plugin_manual extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_manual() {
$this->authtype = 'manual';
$this->config = get_config('auth/manual');
}

21
auth/mnet/auth.php
View File

@ -16,21 +16,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* Moodle Network authentication plugin.
*/
class auth_plugin_mnet
{
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_mnet extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_mnet() {
$this->authtype = 'mnet';
$this->config = get_config('auth/mnet');
}
@ -1336,6 +1333,16 @@ class auth_plugin_mnet
}
return $accessctrl == 'allow';
}
function prelogout_hook() {
global $USER, $CFG, $redirect;
if (!empty($USER->mnethostid) and $USER->mnethostid != $CFG->mnet_localhost_id) {
$host = get_record('mnet_host', 'id', $USER->mnethostid);
$redirect = $host->wwwroot.'/';
}
}
}
?>

10
auth/nntp/auth.php
View File

@ -16,20 +16,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* NNTP authentication plugin.
*/
class auth_plugin_nntp {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_nntp extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_nntp() {
$this->authtype = 'nntp';
$this->config = get_config('auth/nntp');
}

5
auth/nologin/auth.php
View File

@ -16,16 +16,19 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* Plugin for no authentication.
*/
class auth_plugin_nologin {
class auth_plugin_nologin extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_nologin() {
$this->authtype = 'nologin';
}
/**

13
auth/none/auth.php
View File

@ -16,23 +16,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* Plugin for no authentication.
*/
class auth_plugin_none {
/**
* The configuration details for the plugin.
*/
var $config;
var $canchangepassword = true;
var $isinternal = true;
class auth_plugin_none extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_none() {
$this->authtype = 'none';
$this->config = get_config('auth/none');
}

10
auth/pam/auth.php
View File

@ -30,15 +30,12 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* PAM authentication plugin.
*/
class auth_plugin_pam {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_pam extends auth_plugin_base {
/**
* Store error messages from pam authentication attempts.
@ -49,6 +46,7 @@ class auth_plugin_pam {
* Constructor.
*/
function auth_plugin_pam() {
$this->authtype = 'pam';
$this->config = get_config('auth/pam');
$this->errormessage = '';
}

10
auth/pop3/auth.php
View File

@ -16,20 +16,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* POP3 authentication plugin.
*/
class auth_plugin_pop3 {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_pop3 extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_pop3() {
$this->authtype = 'pop3';
$this->config = get_config('auth/pop3');
}

10
auth/radius/auth.php
View File

@ -17,20 +17,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* RADIUS authentication plugin.
*/
class auth_plugin_radius {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_radius extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_radius() {
$this->authtype = 'radius';
$this->config = get_config('auth/radius');
}

26
auth/shibboleth/auth.php
View File

@ -24,20 +24,18 @@ if (!defined('MOODLE_INTERNAL')) {
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
require_once($CFG->libdir.'/authlib.php');
/**
* Shibboleth authentication plugin.
*/
class auth_plugin_shibboleth {
/**
* The configuration details for the plugin.
*/
var $config;
class auth_plugin_shibboleth extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_shibboleth() {
$this->authtype = 'shibboleth';
$this->config = get_config('auth/shibboleth');
}
@ -148,6 +146,22 @@ class auth_plugin_shibboleth {
return false;
}
function prelogin_hook() {
global $SESSION, $CFG;
//TODO: fix the code
return;
// See http://moodle.org/mod/forum/discuss.php?d=39918#187611
// if ($CFG->auth == 'shibboleth') {
// if (!empty($SESSION->shibboleth_checked) ) { // Just come from there
// unset($SESSION->shibboleth_checked);
// } else if (empty($_POST)) { // No incoming data, so redirect
// redirect($CFG->wwwroot.'/auth/shibboleth/index.php');
// }
// }
}
/**
* Prints a form for configuring this authentication plugin.
*

2
blocks/login/block_login.php
View File

@ -29,7 +29,7 @@ class block_login extends block_base {
if (!empty($CFG->registerauth)) {
$authplugin = get_auth_plugin($CFG->registerauth);
if (method_exists($authplugin, 'user_signup')) {
if ($authplugin->can_signup()) {
$signup = $wwwroot . '/login/signup.php';
}
}

1
lang/en_utf8/auth.php
View File

@ -304,6 +304,7 @@ $string['changepassword'] = 'Change password URL';
$string['changepasswordhelp'] = 'Here you can specify a location at which your users can recover or change their username/password if they\'ve forgotten it. This will be provided to users as a button on the login page and their user page. if you leave this blank the button will not be printed.';
$string['chooseauthmethod'] = 'Choose an authentication method';
$string['createpasswordifneeded'] = 'Create password if needed';
$string['errorpasswordupdate'] = 'Error updating password, password not changed';
$string['infilefield'] = 'Field required in file';
$string['forcechangepassword'] = 'Force change password';
$string['forcechangepassword_help'] = 'Force users to change password on their next login to Moodle.';

6
lib/accesslib.php
View File

@ -2194,9 +2194,10 @@ function role_assign($roleid, $userid, $groupid, $contextid, $timestart=0, $time
* @param $userid
* @param $groupid
* @param $contextid
* @param $enrol unassign only if enrolment type matches, NULL means anything
* @return boolean - success or failure
*/
function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0) {
function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0, $enrol=NULL) {
global $USER, $CFG;
@ -2209,6 +2210,9 @@ function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0) {
$select[] = $arg.' = '.$$arg;
}
}
if (!empty($enrol)) {
$select[] = "enrol='$enrol'";
}
if ($select) {
if ($ras = get_records_select('role_assignments', implode(' AND ', $select))) {

281
lib/authlib.php Normal file
View File

@ -0,0 +1,281 @@
<?php
/**
* @author Martin Dougiamas
* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
* @package moodle multiauth
*
* Multiple plugin authentication
* Support library
*
* 2006-08-28 File created, AUTH return values defined.
*/
/**
* Returned when the login was successful.
*/
define('AUTH_OK', 0);
/**
* Returned when the login was unsuccessful.
*/
define('AUTH_FAIL', 1);
/**
* Returned when the login was denied (a reason for AUTH_FAIL).
*/
define('AUTH_DENIED', 2);
/**
* Returned when some error occurred (a reason for AUTH_FAIL).
*/
define('AUTH_ERROR', 4);
/**
* Authentication - error codes for user confirm
*/
define('AUTH_CONFIRM_FAIL', 0);
define('AUTH_CONFIRM_OK', 1);
define('AUTH_CONFIRM_ALREADY', 2);
define('AUTH_CONFIRM_ERROR', 3);
/**
* Abstract authentication plugin.
*/
class auth_plugin_base {
/**
* The configuration details for the plugin.
*/
var $config;
/**
* Authentication plugin type - the same as db field.
*/
var $authtype;
/**
* Returns true if the username and password work and false if they are
* wrong or don't exist.
*
* @param string $username The username (with system magic quotes)
* @param string $password The password (with system magic quotes)
*
* @return bool Authentication success or failure.
*/
function user_login($username, $password) {
error('Abstract user_login() method must be overriden.');
}
/**
* Returns true if this authentication plugin can change the user's
* password.
*
* @return bool
*/
function can_change_password() {
//override if needed
return false;
}
/**
* Returns the URL for changing the user's pw, or empty if the default can
* be used.
*
* @return string
*/
function change_password_url() {
//override if needed
return '';
}
/**
* Returns true if this authentication plugin is 'internal'.
*
* @return bool
*/
function is_internal() {
//override if needed
return true;
}
/**
* Change a user's password
*
* @param object $user User table object (with system magic quotes)
* @param string $newpassword Plaintext password (with system magic quotes)
*
* @return bool True on success
*/
function user_update_password($user, $newpassword) {
//override if needed
return true;
}
/**
* Called when the user record is updated.
* Modifies user in external database. It takes olduser (before changes) and newuser (after changes)
* conpares information saved modified information to external db.
*
* @param mixed $olduser Userobject before modifications (without system magic quotes)
* @param mixed $newuser Userobject new modified userobject (without system magic quotes)
* @return boolean true if updated or update ignored; false if error
*
*/
function user_update($olduser, $newuser) {
//override if needed
return true;
}
/**
* Returns true if plugin allows resetting of internal password.
*
* @return bool
*/
function can_reset_password() {
//override if needed
return false;
}
/**
* Returns true if plugin allows resetting of internal password.
*
* @return bool
*/
function can_signup() {
//override if needed
return false;
}
/**
* Sign up a new user ready for confirmation.
* Password is passed in plaintext.
*
* @param object $user new user object (with system magic quotes)
* @param boolean $notify print notice with link and terminate
*/
function user_signup($user, $notify=true) {
//override when can signup
error('user_signup method must be overriden if signup enabled');
}
/**
* Returns true if plugin allows confirming of new users.
*
* @return bool
*/
function can_confirm() {
//override if needed
return false;
}
/**
* Confirm the new user as registered.
*
* @param string $username (with system magic quotes)
* @param string $confirmsecret (with system magic quotes)
*/
function user_confirm($username, $confirmsecret) {
//override when can confirm
error('user_confirm method must be overriden if confirm enabled');
}
/**
* Checks if user exists in external db
*
* @param string $username (with system magic quotes)
*/
function user_exists() {
//override if needed
return false;
}
/**
* Activates (enables) user in external db so user can login using username/password from external db
*
* @param mixed $username username (with system magic quotes)
* @return boolen result
*/
function user_activate($username) {
//override if needed
return true;
}
/**
* return number of days to user password expires
*
* If userpassword does not expire it should return 0. If password is already expired
* it should return negative value.
*
* @param mixed $username username (with system magic quotes)
* @return integer
*/
function password_expire($username) {
return 0;
}
/**
* Sync roles for this user - usually creator
*
* @param $user object user object (without system magic quotes)
*/
function sync_roles($user) {
//override if needed
}
/**
* Read user information from external database and returns it as array().
* Function should return all information available. If you are saving
* this information to moodle user-table you should honor syncronization flags
*
* @param string $username username (with system magic quotes)
*
* @return mixed array with no magic quotes or false on error
*/
function get_userinfo($username) {
//override if needed
return array();
}
/**
* A chance to validate form data, and last chance to
* do stuff before it is inserted in config_plugin
*/
function validate_form(&$form, &$err) {
//override if needed
}
/**
* Prelogin actions.
*/
function prelogin_hook() {
//override if needed
}
/**
* Post authentication hook.
*/
function user_authenticated_hook($user, $username, $password) {
/// TODO: review following code - looks hackish :-( mnet should obsole this, right?
/// Log in to a second system if necessary
global $CFG;
if (!empty($CFG->sso)) {
include_once($CFG->dirroot .'/sso/'. $CFG->sso .'/lib.php');
if (function_exists('sso_user_login')) {
if (!sso_user_login($username, $password)) { // Perform the signon process
notify('Second sign-on failed');
}
}
}
}
/**
* Prelogout actions.
*/
function prelogout_hook() {
//override if needed
}
}
?>

5
lib/db/mysql.php
View File

@ -826,14 +826,15 @@ function main_upgrade($oldversion=0) {
if ($oldversion < 2004082600) {
//update auth-fields for external users
include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
// following code would not work in 1.8
/* include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
if (function_exists('auth_get_userlist')) {
$externalusers = auth_get_userlist();
if (!empty($externalusers)){
$externalusers = '\''. implode('\',\'',$externalusers).'\'';
execute_sql("UPDATE {$CFG->prefix}user SET auth = '$CFG->auth' WHERE username IN ($externalusers)");
}
}
}*/
}
if ($oldversion < 2004082900) { // Make sure guest is "manual" too.

5
lib/db/postgres7.php
View File

@ -559,14 +559,15 @@ function main_upgrade($oldversion=0) {
if ($oldversion < 2004082600) {
//update auth-fields for external users
include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
// following code would not work in 1.8
/* include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
if (function_exists('auth_get_userlist')) {
$externalusers = auth_get_userlist();
if (!empty($externalusers)){
$externalusers = '\''. implode('\',\'',$externalusers).'\'';
execute_sql("UPDATE {$CFG->prefix}user SET auth = '$CFG->auth' WHERE username IN ($externalusers)");
}
}
}*/
}
if ($oldversion < 2004082900) { // Make sure guest is "manual" too.

72
lib/moodlelib.php
View File

@ -261,14 +261,6 @@ define ('BLOG_COURSE_LEVEL', 3);
define ('BLOG_SITE_LEVEL', 4);
define ('BLOG_GLOBAL_LEVEL', 5);
/**
* Authentication - error codes for user confirm
*/
define('AUTH_CONFIRM_FAIL', 0);
define('AUTH_CONFIRM_OK', 1);
define('AUTH_CONFIRM_ALREADY', 2);
define('AUTH_CONFIRM_ERROR', 3);
/// PARAMETER HANDLING ////////////////////////////////////////////////////
@ -1673,7 +1665,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null) {
if (get_user_preferences('auth_forcepasswordchange') && empty($USER->realuser)) {
if ($userauth->can_change_password()) {
$SESSION->wantsurl = $FULLME;
if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
if ($userauth->change_password_url()) {
//use plugin custom url
redirect($userauth->change_password_url());
} else {
@ -2462,12 +2454,10 @@ function create_user_record($username, $password, $auth='') {
$authplugin = get_auth_plugin($auth);
if (method_exists($authplugin, 'get_userinfo')) {
if ($newinfo = $authplugin->get_userinfo($username)) {
$newinfo = truncate_userinfo($newinfo);
foreach ($newinfo as $key => $value){
$newuser->$key = addslashes($value);
}
if ($newinfo = $authplugin->get_userinfo($username)) {
$newinfo = truncate_userinfo($newinfo);
foreach ($newinfo as $key => $value){
$newuser->$key = addslashes($value);
}
}
@ -2511,24 +2501,23 @@ function create_user_record($username, $password, $auth='') {
* @return user A {@link $USER} object
*/
function update_user_record($username, $authplugin) {
if (method_exists($authplugin, 'get_userinfo')) {
$username = trim(moodle_strtolower($username)); /// just in case check text case
$username = trim(moodle_strtolower($username)); /// just in case check text case
$oldinfo = get_record('user', 'username', $username, '','','','', 'username, auth');
$userauth = get_auth_plugin($oldinfo->auth);
$oldinfo = get_record('user', 'username', $username, '','','','', 'username, auth');
$userauth = get_auth_plugin($oldinfo->auth);
if ($newinfo = $authplugin->get_userinfo($username)) {
$newinfo = truncate_userinfo($newinfo);
foreach ($newinfo as $key => $value){
$confkey = 'field_updatelocal_' . $key;
if (!empty($userauth->config->$confkey) and $userauth->config->$confkey === 'onlogin') {
$value = addslashes(stripslashes($value)); // Just in case
set_field('user', $key, $value, 'username', $username)
or error_log("Error updating $key for $username");
}
if ($newinfo = $userauth->get_userinfo($username)) {
$newinfo = truncate_userinfo($newinfo);
foreach ($newinfo as $key => $value){
$confkey = 'field_updatelocal_' . $key;
if (!empty($userauth->config->$confkey) and $userauth->config->$confkey === 'onlogin') {
$value = addslashes(stripslashes($value)); // Just in case
set_field('user', $key, $value, 'username', $username)
or error_log("Error updating $key for $username");
}
}
}
return get_complete_user_data('username', $username);
}
@ -2649,29 +2638,10 @@ function authenticate_user_login($username, $password) {
// if user not found, create him
$user = create_user_record($username, $password, $auth);
}
// fix for MDL-6928
if (method_exists($authplugin, 'iscreator')) {
$sitecontext = get_context_instance(CONTEXT_SYSTEM);
if ($creatorroles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) {
$creatorrole = array_shift($creatorroles); // We can only use one, let's use the first one
// Check if the user is a creator
if ($authplugin->iscreator($username)) { // Following calls will not create duplicates
role_assign($creatorrole->id, $user->id, 0, $sitecontext->id, 0, 0, 0, $auth);
} else {
role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id);
}
}
}
/// Log in to a second system if necessary
if (!empty($CFG->sso)) {
include_once($CFG->dirroot .'/sso/'. $CFG->sso .'/lib.php');
if (function_exists('sso_user_login')) {
if (!sso_user_login($username, $password)) { // Perform the signon process
notify('Second sign-on failed');
}
}
}
$authplugin->sync_roles($user);
$authplugin->user_authenticated_hook($user, $username, $password);
return $user;
@ -3631,7 +3601,7 @@ function send_password_change_info($user) {
$data->admin = fullname($from).' ('. $from->email .')';
$userauth = get_auth_plugin($user->auth);
if ($userauth->can_change_password() and method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
if ($userauth->can_change_password() and $userauth->change_password_url()) {
// we have some external url for password cahnging
$data->link .= $userauth->change_password_url();

43
login/change_password.php
View File

@ -3,28 +3,20 @@
require_once('../config.php');
require_once('change_password_form.php');
$id = optional_param('id', SITEID, PARAM_INT);
$id = optional_param('id', SITEID, PARAM_INT); // current course
//HTTPS is potentially required in this page
httpsrequired();
$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
$systemcontext = get_context_instance(CONTEXT_SYSTEM);
if (!$course = get_record('course', 'id', $id)) {
error('No such course!');
}
if (is_mnet_remote_user($USER)) {
$message = get_string('usercannotchangepassword', 'mnet');
if ($idprovider = get_record('mnet_host', 'id', $USER->mnethostid)) {
$message .= get_string('userchangepasswordlink', 'mnet', $idprovider);
}
error($message);
}
// require proper login; guest can not change password
// TODO: add change password capability so that we can prevent participants to change password
if (empty($USER->id) or isguestuser() or has_capability('moodle/legacy:guest', $sitecontext, $USER->id, false)) {
// TODO: add change password capability so that we can prevent participants from changing password
if (empty($USER->id) or isguestuser() or has_capability('moodle/legacy:guest', $systemcontext, $USER->id, false)) {
if (empty($SESSION->wantsurl)) {
$SESSION->wantsurl = $CFG->httpswwwroot.'/login/change_password.php';
}
@ -36,6 +28,14 @@
error('Can not use this script when "Logged in as"!');
}
if (is_mnet_remote_user($USER)) {
$message = get_string('usercannotchangepassword', 'mnet');
if ($idprovider = get_record('mnet_host', 'id', $USER->mnethostid)) {
$message .= get_string('userchangepasswordlink', 'mnet', $idprovider);
}
error($message);
}
// load the appropriate auth plugin
$userauth = get_auth_plugin($USER->auth);
@ -43,35 +43,28 @@
error(get_string('nopasswordchange', 'auth'));
}
if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
if ($userauth->change_password_url()) {
// this internal scrip not used
redirect($userauth->change_password_url());
}
$mform = new login_change_password_form();
$mform->set_data(array('id'=>$course->id, 'username'=>$USER->username));
$mform->set_data(array('id'=>$course->id));
if ($mform->is_cancelled()) {
redirect($CFG->wwwroot.'/user/view.php?id='.$USER->id.'&amp;course='.$course->id);
} else if ($data = $mform->get_data()) {
if (!has_capability('moodle/user:update', $sitecontext)) {
//ignore submitted username - the same is done in form validation
$data->username = $USER->username;
}
if ($data->username == $USER->username) {
$user =& $USER;
} else {
$user = get_complete_user_data('username', $data->username);
if (!$userauth->user_update_password(addslashes_recursive($USER), $data->newpassword1)) {
error(get_string('errorpasswordupdate', 'auth'));
}
// register success changing password
unset_user_preference('auth_forcepasswordchange', $user->id);
unset_user_preference('auth_forcepasswordchange', $USER->id);
$strpasswordchanged = get_string('passwordchanged');
add_to_log($course->id, 'user', 'change password', "view.php?id=$user->id&amp;course=$course->id", "$user->id");
add_to_log($course->id, 'user', 'change password', "view.php?id=$USER->id&amp;course=$course->id", "$USER->id");
$fullname = fullname($USER, true);

58
login/change_password_form.php
View File

@ -7,29 +7,16 @@ class login_change_password_form extends moodleform {
function definition() {
global $USER;
$mform =& $this->_form;
$mform =& $this->_form;
$mform->addElement('header', '', get_string('changepassword'), '');
$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
// visible elements
if (has_capability('moodle/user:update', $sitecontext)) {
$mform->addElement('text', 'username', get_string('username'));
$mform->addRule('username', get_string('required'), 'required', null, 'client');
$mform->setType('username', PARAM_RAW);
} else {
$mform->addElement('hidden', 'username');
$mform->setType('username', PARAM_RAW);
}
$mform->addElement('static', 'username', get_string('username'));
if (has_capability('moodle/user:update', $sitecontext)) {
$mform->addElement('hidden', 'password');
$mform->setType('username', PARAM_RAW);
} else {
$mform->addElement('password', 'password', get_string('oldpassword'));
$mform->addRule('password', get_string('required'), 'required', null, 'client');
$mform->setType('password', PARAM_RAW);
}
$mform->addElement('password', 'password', get_string('oldpassword'));
$mform->addRule('password', get_string('required'), 'required', null, 'client');
$mform->setType('password', PARAM_RAW);
$mform->addElement('password', 'newpassword1', get_string('newpassword'));
$mform->addRule('newpassword1', get_string('required'), 'required', null, 'client');
@ -55,44 +42,25 @@ class login_change_password_form extends moodleform {
/// perform extra password change validation
function validation($data){
global $USER;
$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
$errors = array();
if (has_capability('moodle/user:update', $sitecontext)) {
if (!$user = get_record('user', 'username', $data['username'])) {
$errors['username'] = get_string('invalidlogin');
return $errors;
}
} else {
update_login_count();
update_login_count();
// ignore submitted username
if (!$user = authenticate_user_login($USER->username, $data['password'])) {
$errors['password'] = get_string('invalidlogin');
return $errors;
}
reset_login_count();
}
// can not change guest user password
if ($user->username == 'guest') {
$errors['username'] = get_string('invalidlogin');
// ignore submitted username
if (!$user = authenticate_user_login($USER->username, $data['password'])) {
$errors['password'] = get_string('invalidlogin');
return $errors;
}
// can not change password of primary admin
$mainadmin = get_admin();
if ($user->id == $mainadmin->id and $USER->id != $mainadmin->id) {
$errors['username'] = get_string('adminprimarynoedit');
return $errors;
}
reset_login_count();
if ($data['newpassword1'] <> $data['newpassword2']) {
$errors['newpassword1'] = get_string('passwordsdiffer');
$errors['newpassword2'] = get_string('passwordsdiffer');
return $errors;
} else if (!has_capability('moodle/user:update', $sitecontext) and ($data['password'] == $data['newpassword1'])){
}
if ($data['password'] == $data['newpassword1']){
$errors['newpassword1'] = get_string('mustchangepassword');
$errors['newpassword2'] = get_string('mustchangepassword');
return $errors;

8
login/confirm.php
View File

@ -12,7 +12,7 @@
}
$authplugin = get_auth_plugin($CFG->registerauth);
if (!method_exists($authplugin, 'user_confirm')) {
if (!$authplugin->can_confirm()) {
error("Sorry, you may not use this page.");
}
@ -42,10 +42,8 @@
} else if ($confirmed == AUTH_CONFIRM_OK) {
// Activate new user if necessary
if (method_exists($authplugin, 'user_activate')) {
if (!$authplugin->user_activate($username)) {
error('Could not activate this user!');
}
if (!$authplugin->user_activate($username)) {
error('Could not activate this user!');
}
// The user has confirmed successfully, let's log them in

2
login/forgot_password.php
View File

@ -98,7 +98,7 @@ if ($mform->is_cancelled()) {
$userauth = get_auth_plugin($user->auth);
if (method_exists($userauth, 'can_reset_password') and $userauth->can_reset_password()) {
if ($userauth->can_reset_password()) {
// reset internal password and notify user
// set 'secret' string

53
login/index.php
View File

@ -23,9 +23,6 @@
$session_has_timed_out = false;
}
//HTTPS is potentially required in this page
httpsrequired();
/// Check if the guest user exists. If not, create one.
if (! record_exists('user', 'username', 'guest')) {
$guest->auth = 'manual';
@ -49,11 +46,6 @@
$authsequence = explode(',', $CFG->auth); // auths, in sequence
// Load alternative login screens if necessary
if ($authsequence[0] == 'cas' and !empty($CFG->cas_enabled)) {
require($CFG->dirroot.'/auth/cas/login.php');
}
if (!isset($CFG->registerauth)) {
set_config('registerauth', '');
}
@ -62,17 +54,19 @@ if (!isset($CFG->auth_instructions)) {
set_config('auth_instructions', '');
}
// See http://moodle.org/mod/forum/discuss.php?d=39918#187611
// if ($CFG->auth == 'shibboleth') {
// if (!empty($SESSION->shibboleth_checked) ) { // Just come from there
// unset($SESSION->shibboleth_checked);
// } else if (empty($_POST)) { // No incoming data, so redirect
// redirect($CFG->wwwroot.'/auth/shibboleth/index.php');
// }
// }
// auth plugins can override these - SSO anyone?
$frm = false;
$user = false;
foreach($authsequence as $authname) {
$authplugin = get_auth_plugin($authname);
$authplugin->prelogin_hook();
}
//HTTPS is potentially required in this page
httpsrequired();
/// Define variables used in page
if (!$site = get_site()) {
error("No site found!");
@ -91,16 +85,18 @@ if (!isset($CFG->auth_instructions)) {
$loginurl = (!empty($CFG->alternateloginurl)) ? $CFG->alternateloginurl : '';
$frm = false;
$user = false;
if ($user !== false or $frm !== false) {
// some auth plugin already supplied these
if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) {
} else if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) {
/// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
$frm->username = 'guest';
$frm->password = 'guest';
} else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) {
// Handles the case of another Moodle site linking into a page on this site
//TODO: move weblink into own auth plugin
include($CFG->dirroot.'/login/weblinkauth.php');
if (function_exists(weblink_auth)) {
$user = weblink_auth($SESSION->wantsurl);
@ -110,6 +106,7 @@ if (!isset($CFG->auth_instructions)) {
} else {
$frm = data_submitted($loginurl);
}
} else {
$frm = data_submitted($loginurl);
}
@ -120,7 +117,7 @@ if (!isset($CFG->auth_instructions)) {
$errormsg = get_string("cookiesnotenabled");
} else if ($frm) { // Login WITH cookies
} else if ($frm) { // Login WITH cookies
$frm->username = trim(moodle_strtolower($frm->username));
@ -132,10 +129,12 @@ if (!isset($CFG->auth_instructions)) {
}
}
if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
if ($user) {
//user already supplied by aut plugin prelogin hook
} else if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
$user = false; /// Can't log in as guest if guest button is disabled
$frm = false;
} else if (!$user) {
} else {
if (empty($errormsg)) {
$user = authenticate_user_login($frm->username, $frm->password);
}
@ -178,7 +177,7 @@ if (!isset($CFG->auth_instructions)) {
//Select password change url
$userauth = get_auth_plugin($USER->auth);
if ($userauth->can_change_password()) {
if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
if ($userauth->change_password_url()) {
$passwordchangeurl = $userauth->change_password_url();
} else {
$passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
@ -213,7 +212,7 @@ if (!isset($CFG->auth_instructions)) {
}
/// Go to my-moodle page instead of homepage if mymoodleredirect enabled
if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM, SITEID)) and !empty($CFG->mymoodleredirect) and !isguest()) {
if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM)) and !empty($CFG->mymoodleredirect) and !isguest()) {
if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
$urltogo = $CFG->wwwroot.'/my/';
}
@ -222,7 +221,7 @@ if (!isset($CFG->auth_instructions)) {
// check if user password has expired
// Currently supported only for ldap-authentication module
if (method_exists($userauth, 'password_expire') and !empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
$days2expire = $userauth->password_expire($USER->username);
if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) {
print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div class=\"langmenu\">$langmenu</div>");

17
login/index_form.html
View File

@ -90,16 +90,13 @@ if ($show_instructions) {
</form>
</div>
<?php } else if (!empty($CFG->registerauth)) {
echo format_text($CFG->auth_instructions);
$authplugin = get_auth_plugin($CFG->registerauth);
if (method_exists($authplugin, 'user_create')) { ?>
<div class="signupform">
<form action="signup.php" method="get" id="signup">
<div><input type="submit" value="<?php print_string("startsignup") ?>" /></div>
</form>
</div>
<?php }
} else {
echo format_text($CFG->auth_instructions); ?>
<div class="signupform">
<form action="signup.php" method="get" id="signup">
<div><input type="submit" value="<?php print_string("startsignup") ?>" /></div>
</form>
</div>
<?php } else {
echo format_text($CFG->auth_instructions);
} ?>
</div>

14
login/logout.php
View File

@ -3,11 +3,13 @@
require_once("../config.php");
if (!empty($USER->mnethostid) and $USER->mnethostid != $CFG->mnet_localhost_id) {
$host = get_record('mnet_host', 'id', $USER->mnethostid);
$wwwroot = $host->wwwroot;
} else {
$wwwroot = $CFG->wwwroot;
// can be overriden by auth plugins
$redirect = $CFG->wwwroot.'/';
$authsequence = explode(',', $CFG->auth); // auths, in sequence
foreach($authsequence as $authname) {
$authplugin = get_auth_plugin($authname);
$authplugin->prelogin_hook();
}
$sesskey = optional_param('sesskey', '__notpresent__', PARAM_RAW); // we want not null default to prevent required sesskey warning
@ -21,6 +23,6 @@
require_logout();
redirect("$wwwroot/");
redirect($redirect);
?>

4
login/signup.php
View File

@ -8,7 +8,7 @@
}
$authplugin = get_auth_plugin($CFG->registerauth);
if (!method_exists($authplugin, 'user_signup')) {
if (!$authplugin->can_signup()) {
error("Sorry, you may not use this page.");
}
@ -28,7 +28,7 @@
$user->secret = random_string(15);
$user->auth = $CFG->registerauth;
$authplugin->user_signup($user, $notify=true); // prints notice and link to login/index.php
$authplugin->user_signup($user, true); // prints notice and link to login/index.php
exit; //never reached
}

143
login/signup_form.php
View File

@ -3,114 +3,115 @@
require_once($CFG->libdir.'/formslib.php');
class login_signup_form extends moodleform {
function definition() {
global $USER, $CFG;
function definition() {
global $USER, $CFG;
$mform =& $this->_form;
$mform =& $this->_form;
$mform->addElement('header', '', get_string('createuserandpass'), '');
$mform->addElement('header', '', get_string('createuserandpass'), '');
$mform->addElement('text', 'username', get_string('username'), 'size="12"');
$mform->setType('username', PARAM_NOTAGS);
$mform->addRule('username', get_string('missingusername'), 'required', null, 'client');
$mform->addElement('text', 'username', get_string('username'), 'size="12"');
$mform->setType('username', PARAM_NOTAGS);
$mform->addRule('username', get_string('missingusername'), 'required', null, 'client');
$mform->addElement('password', 'password', get_string('password'), 'size="12"');
$mform->setType('password', PARAM_RAW);
$mform->addRule('password', get_string('missingpassword'), 'required', null, 'client');
$mform->addElement('password', 'password', get_string('password'), 'size="12"');
$mform->setType('password', PARAM_RAW);
$mform->addRule('password', get_string('missingpassword'), 'required', null, 'client');
$mform->addElement('header', '', get_string('supplyinfo'),'');
$mform->addElement('header', '', get_string('supplyinfo'),'');
$mform->addElement('text', 'email', get_string('email'), 'size="25"');
$mform->setType('email', PARAM_NOTAGS);
$mform->addRule('email', get_string('missingemail'), 'required', null, 'client');
$mform->addElement('text', 'email', get_string('email'), 'size="25"');
$mform->setType('email', PARAM_NOTAGS);
$mform->addRule('email', get_string('missingemail'), 'required', null, 'client');
$mform->addElement('text', 'email2', get_string('emailagain'), 'size="25"');
$mform->setType('email2', PARAM_NOTAGS);
$mform->addRule('email2', get_string('missingemail'), 'required', null, 'client');
$mform->addElement('text', 'email2', get_string('emailagain'), 'size="25"');
$mform->setType('email2', PARAM_NOTAGS);
$mform->addRule('email2', get_string('missingemail'), 'required', null, 'client');
$mform->addElement('text', 'firstname', get_string('firstname'), 'size="25"');
$mform->setType('firstname', PARAM_TEXT);
$mform->addRule('firstname', get_string('missingfirstname'), 'required', null, 'client');
$mform->addElement('text', 'firstname', get_string('firstname'), 'size="25"');
$mform->setType('firstname', PARAM_TEXT);
$mform->addRule('firstname', get_string('missingfirstname'), 'required', null, 'client');
$mform->addElement('text', 'lastname', get_string('lastname'), 'size="25"');
$mform->setType('lastname', PARAM_TEXT);
$mform->addRule('lastname', get_string('missinglastname'), 'required', null, 'client');
$mform->addElement('text', 'lastname', get_string('lastname'), 'size="25"');
$mform->setType('lastname', PARAM_TEXT);
$mform->addRule('lastname', get_string('missinglastname'), 'required', null, 'client');
$mform->addElement('text', 'city', get_string('city'), 'size="20"');
$mform->setType('city', PARAM_TEXT);
$mform->addRule('city', get_string('missingcity'), 'required', null, 'client');
$mform->addElement('text', 'city', get_string('city'), 'size="20"');
$mform->setType('city', PARAM_TEXT);
$mform->addRule('city', get_string('missingcity'), 'required', null, 'client');
$country = get_list_of_countries();
$default_country[''] = get_string('selectacountry');
$country = array_merge($default_country, $country);
$mform->addElement('select', 'country', get_string('country'), $country);
$mform->addRule('country', get_string('missingcountry'), 'required', null, 'client');
$country = get_list_of_countries();
$default_country[''] = get_string('selectacountry');
$country = array_merge($default_country, $country);
$mform->addElement('select', 'country', get_string('country'), $country);
$mform->addRule('country', get_string('missingcountry'), 'required', null, 'client');
$mform->setDefault('country', '');
// buttons
$this->add_action_buttons(true, get_string('createaccount'));
}
}
function definition_after_data(){
$mform =& $this->_form;
function definition_after_data(){
$mform =& $this->_form;
$mform->applyFilter('username', 'moodle_strtolower');
$mform->applyFilter('username', 'trim');
}
$mform->applyFilter('username', 'moodle_strtolower');
$mform->applyFilter('username', 'trim');
}
function validation($data) {
global $CFG;
$errors = array();
function validation($data) {
global $CFG;
$errors = array();
$authplugin = get_auth_plugin($CFG->registerauth);
if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) {
$errors['username'] = get_string('usernameexists');
} else {
if (empty($CFG->extendedusernamechars)) {
$string = eregi_replace("[^(-\.[:alnum:])]", '', $data['username']);
if (strcmp($data['username'], $string)) {
$errors['username'] = get_string('alphanumerical');
}
}
}
if (method_exists($authplugin, 'user_exists')){
if ($authplugin->user_exists($user->username)) {
$errors['username'] = get_string('usernameexists');
}
}
if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) {
$errors['username'] = get_string('usernameexists');
} else {
if (empty($CFG->extendedusernamechars)) {
$string = eregi_replace("[^(-\.[:alnum:])]", '', $data['username']);
if (strcmp($data['username'], $string)) {
$errors['username'] = get_string('alphanumerical');
}
}
}
//check if user exists in external db
//TODO: maybe we should check all enabled plugins instead
if ($authplugin->user_exists($user->username)) {
$errors['username'] = get_string('usernameexists');
}
if (! validate_email($data['email'])) {
$errors['email'] = get_string('invalidemail');
if (! validate_email($data['email'])) {
$errors['email'] = get_string('invalidemail');
} else if (record_exists('user', 'email', $data['email'])) {
$errors['email'] = get_string('emailexists').' <a href="forgot_password.php">'.get_string('newpassword').'?</a>';
}
} else if (record_exists('user', 'email', $data['email'])) {
$errors['email'] = get_string('emailexists').' <a href="forgot_password.php">'.get_string('newpassword').'?</a>';
}
if (empty($data['email2'])) {
$errors['email2'] = get_string('missingemail');
} else if ($data['email2'] != $data['email']) {
$errors['email2'] = get_string('invalidemail');
}
if (!isset($errors['email'])) {
if ($err = email_is_not_allowed($data['email'])) {
$errors['email'] = $err;
}
if (!isset($errors['email'])) {
if ($err = email_is_not_allowed($data['email'])) {
$errors['email'] = $err;
}
}
}
if (0 == count($errors)){
return true;
} else {
return $errors;
}
if (0 == count($errors)){
return true;
} else {
return $errors;
}
}
}
}
?>

20
user/edit.php
View File

@ -70,20 +70,18 @@
$usernew->timemodified = time();
if (update_record('user', $usernew)) {
if (method_exists($authplugin, 'user_update')){
// pass a true $userold here
if (! $authplugin->user_update($user, $userform->get_data(false))) {
// auth update failed, rollback for moodle
update_record('user', addslashes_object($user));
error('Failed to update user data on external auth: '.$usernew->auth.
'. See the server logs for more details.');
}
};
} else {
if (!update_record('user', $usernew)) {
error('Error updating user record');
}
// pass a true $userold here
if (! $authplugin->user_update($user, $userform->get_data(false))) {
// auth update failed, rollback for moodle
update_record('user', addslashes_object($user));
error('Failed to update user data on external auth: '.$usernew->auth.
'. See the server logs for more details.');
}
//update preferences
useredit_update_user_preference($usernew);

26
user/editadvanced.php
View File

@ -83,26 +83,20 @@
if (!update_record('user', $usernew)) {
error('Error updating user record');
}
if (method_exists($authplugin, 'user_update')){
// pass a true $userold here
if (! $authplugin->user_update($user, $userform->get_data(false))) {
// auth update failed, rollback for moodle
update_record('user', addslashes_object($user));
error('Failed to update user data on external auth: '.$usernew->auth.
'. See the server logs for more details.');
}
};
// pass a true $userold here
if (! $authplugin->user_update($user, $userform->get_data(false))) {
// auth update failed, rollback for moodle
update_record('user', addslashes_object($user));
error('Failed to update user data on external auth: '.$usernew->auth.
'. See the server logs for more details.');
}
//set new password if specified
if (!empty($usernew->newpassword)) {
if ($authplugin->can_change_password()) {
if (method_exists($authplugin, 'user_update_password')){
if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){
error('Failed to update password on external auth: ' . $usernew->auth .
'. See the server logs for more details.');
}
} else {
error('Your external authentication module is misconfigued!');
if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){
error('Failed to update password on external auth: ' . $usernew->auth .
'. See the server logs for more details.');
}
}
}

2
user/view.php
View File

@ -352,7 +352,7 @@
$passwordchangeurl = false;
if ($userauth->can_change_password()) {
if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
if ($userauth->change_password_url()) {
$passwordchangeurl = $userauth->change_password_url();
} else {
if (empty($CFG->loginhttps)) {