From aeb2bcace447ed9af3cb35ea3cc94e196e65dd24 Mon Sep 17 00:00:00 2001
From: moodler <moodler>
Date: Wed, 23 Mar 2005 09:55:52 +0000
Subject: [PATCH] Removed old files

---
 auth/cas/caslogin.php  |   93 ---
 auth/cas/commonlib.php | 1376 ----------------------------------------
 2 files changed, 1469 deletions(-)
 delete mode 100644 auth/cas/caslogin.php
 delete mode 100644 auth/cas/commonlib.php

diff --git a/auth/cas/caslogin.php b/auth/cas/caslogin.php
deleted file mode 100644
index fb141aa6e79..00000000000
--- a/auth/cas/caslogin.php
+++ /dev/null
@@ -1,93 +0,0 @@
-<?PHP
-/**
- * @author Romuald Lorthioir
- * CAS for login module
- * 10.03.2004 Creation
- */
-    require_once($CFG->dirroot.'/config.php');
-    include_once($CFG->dirroot.'/lib/cas/CAS.php');
-    $cas_validate=false;
-
-/**
- * authenticates user against CAS from screen login
- * the user doesn't have a CAS Ticket yet.
- *
- * Returns an object user if the username and password work
- * and nothing if they don't
- *
- * @param string  $username
- * @param string  $password
- *
-*/
-function cas_authenticate_user_login ($username, $password) {
-
-   global $CFG;
-   $cas_validate=true;
-
-   phpCAS::client($CFG->cas_version,$CFG->cas_hostname,(Integer)$CFG->cas_port,$CFG->cas_baseuri);
-   phpCAS::setLang($CFG->cas_language);
-   if (!phpCAS::isAuthenticated()){
-      phpCAS::authenticateIfNeeded();
-   }
-   if ($CFG->cas_create_user=="0"){
-      if (get_user_info_from_db("username", phpCAS::getUser())){
-         $user = authenticate_user_login(phpCAS::getUser(), 'cas');
-      }else{
-         //login as guest if CAS but not Moodle and not automatic creation
-         if ($CFG->guestloginbutton){
-             $user = authenticate_user_login('guest', 'guest');
-         }else{
-             $user = authenticate_user_login(phpCAS::getUser(), 'cas');
-         }
-      }
-   }else{
-      $user = authenticate_user_login(phpCAS::getUser(), 'cas');
-   }
-   return $user;
-}
-
-/**
- * authenticates user against CAS when first call of Moodle
- * if already in CAS (cookie with the CAS ticket), don't have to log again (SSO)
- *
- * Returns an object user if the username and password work
- * and nothing if they don't
- *
- * @param object $user
- *
-*/
-function cas_automatic_authenticate ($user="") {
-   global $CFG;
-   if (!$cas_validate){
-        $cas_validate=true;
-        phpCAS::client($CFG->cas_version,$CFG->cas_hostname,(Integer)$CFG->cas_port,$CFG->cas_baseuri);
-        phpCAS::setLang($CFG->cas_language);
-        if (!phpCAS::isAuthenticated() && !$CFG->guestloginbutton){
-           phpCAS::authenticateIfNeeded();
-        }
-        if (phpCAS::isAuthenticated()){
-           if ($CFG->cas_create_user=="0"){
-              if (get_user_info_from_db("username", phpCAS::getUser())){
-                 $user = authenticate_user_login(phpCAS::getUser(), 'cas');
-              }else{
-                 //login as guest if CAS but not Moodle and not automatic creation
-                 if ($CFG->guestloginbutton){
-                     $user = authenticate_user_login('guest', 'guest');
-                 }else{
-                     $user = authenticate_user_login(phpCAS::getUser(), 'cas');
-                 }
-              }
-           }else{
-              $user = authenticate_user_login(phpCAS::getUser(), 'cas');
-           }
-           return $user;
-        }else{
-           return;
-        }
-
-   }else{
-      return $user;
-   }
-}
-
-?>
\ No newline at end of file
diff --git a/auth/cas/commonlib.php b/auth/cas/commonlib.php
deleted file mode 100644
index 0ae833522ef..00000000000
--- a/auth/cas/commonlib.php
+++ /dev/null
@@ -1,1376 +0,0 @@
-<?PHP  
-
-/**
- * reads userinformation from ldap and return it in array()
- *
- * Read user information from external database and returns it as array().
- * Function should return all information available. If you are saving
- * this information to moodle user-table you should honor syncronization flags
- *
- * @param string $username username
- * @return array
- */
-function auth_get_userinfo($username){
-    global $CFG;
-    $ldapconnection=auth_ldap_connect();
-    $config = (array)$CFG;
-    $attrmap = auth_ldap_attributes();
-   
-    $result = array();
-    $search_attribs = array();
-  
-    foreach ($attrmap as $key=>$values) {
-        if (!is_array($values)) {
-            $values = array($values);
-        }
-        foreach ($values as $value) {
-            if (!in_array($value, $search_attribs)) {
-                array_push($search_attribs, $value);
-            }    
-        }
-    }
-
-    $user_dn = auth_ldap_find_userdn($ldapconnection, $username);
-
-    if (empty($CFG->ldap_objectclass)) {        // Can't send empty filter
-        $CFG->ldap_objectclass="objectClass=*";
-    }
-  
-    $user_info_result = ldap_read($ldapconnection,$user_dn,$CFG->ldap_objectclass, $search_attribs);
-
-    if ($user_info_result) {
-        $user_entry = ldap_get_entries($ldapconnection, $user_info_result);
-        foreach ($attrmap as $key=>$values){
-            if (!is_array($values)) {
-                $values = array($values);
-            }
-            foreach ($values as $value) {
-                if(isset($user_entry[0][strtolower($value)][0])){
-                    $result[$key]=addslashes(stripslashes(utf8_decode($user_entry[0][strtolower($value)][0])));
-                }
-            }
-        }
-    }
-
-    @ldap_close($ldapconnection);
-    
-    return $result;
-}
-
-/**
- * reads userinformation from ldap and return it in an object
- *
- * @param string $username username
- * @return array
- */
-function auth_get_userinfo_asobj($username){
-    $user_array = truncate_userinfo(auth_get_userinfo($username));
-    $user = new object;
-    foreach($user_array as $key=>$value){
-        $user->{$key} = $value;
-    }
-    return $user;
-}
-
-/**
- * returns all usernames from external database
- *
- * auth_get_userlist returns all usernames from external database
- *
- * @return array 
- */
-function auth_get_userlist () {
-    global $CFG;
-    auth_ldap_init();
-    return auth_ldap_get_userlist("($CFG->ldap_user_attribute=*)");
-}
-/**
- * checks if user exists on external db
- */
-function auth_user_exists ($username) {
-   global $CFG; 
-   auth_ldap_init();
-   //returns true if given usernname exist on ldap
-   $users = auth_ldap_get_userlist("($CFG->ldap_user_attribute=$username)");
-   return count($users); 
-}
-
-/**
- * creates new user on external database
- *
- * auth_user_create() creates new user on external database
- * By using information in userobject
- * Use auth_user_exists to prevent dublicate usernames
- *
- * @param mixed $userobject  Moodle userobject
- * @param mixed $plainpass   Plaintext password
- */
-function auth_user_create ($userobject,$plainpass) {
-    global $CFG;
-    $ldapconnection = auth_ldap_connect();
-    $attrmap = auth_ldap_attributes();
-    
-    $newuser = array();
-     
-    foreach ($attrmap as $key=>$values){
-        if (!is_array($values)) {
-            $values = array($values);
-        }
-        foreach ($values as $value) {
-            if(!empty($userobject->$key) ){
-                $newuser[$value]=utf8_encode($userobject->$key);
-            }
-        }
-    }
-    
-    //Following sets all mandatory and other forced attribute values
-    //User should be creted as login disabled untill email confirmation is processed
-    //Feel free to add your user type and send patches to paca@sci.fi to add them 
-    //Moodle distribution
-
-    switch ($CFG->ldap_user_type)  {
-        case 'edir':
-    $newuser['objectClass']= array("inetOrgPerson","organizationalPerson","person","top");
-    $newuser['uniqueId']= $userobject->username;
-    $newuser['logindisabled']="TRUE";
-    $newuser['userpassword']=$plainpass;
-        default:
-           error('auth: ldap auth_user_create() does not support selected usertype (..yet)');
-    }
-        
-    $uadd = ldap_add($ldapconnection, $CFG->ldap_user_attribute."=$userobject->username,".$CFG->ldap_create_context, $newuser);
-
-    ldap_close($ldapconnection);
-    return $uadd;
-    
-}
-
-/*/
- * 
- * auth_get_users() returns userobjects from external database
- *
- * Function returns users from external databe as Moodle userobjects
- * If filter is not present it should return ALL users in external database
- * 
- * @param mixed $filter substring of username
- * @returns array of userobjects 
- */
-function auth_get_users($filter='*', $dontlistcreated=false) {
-    global $CFG;
-
-    $ldapconnection = auth_ldap_connect();
-    $fresult = array();
-
-    if ($filter=="*") {
-       $filter = "(&(".$CFG->ldap_user_attribute."=*)(".$CFG->ldap_objectclass."))";
-    }
-
-    $contexts = explode(";",$CFG->ldap_contexts);
- 
-    if (!empty($CFG->ldap_create_context) and empty($dontlistcreated)){
-          array_push($contexts, $CFG->ldap_create_context);
-    }
-
-    $attrmap = auth_ldap_attributes();
-   
-    $search_attribs = array();
-  
-    foreach ($attrmap as $key=>$values) {
-        if (!is_array($values)) {
-            $values = array($values);
-        }
-        foreach ($values as $value) {
-            if (!in_array($value, $search_attribs)) {
-                array_push($search_attribs, $value);
-            }   
-        } 
-    }
-
-
-    foreach ($contexts as $context) {
-        
-        $context = trim($context);
-        if (empty($context)) {
-            continue;
-        }
-
-        if ($CFG->ldap_search_sub) {
-            //use ldap_search to find first user from subtree
-            $ldap_result = ldap_search($ldapconnection, $context,
-                                       $filter,
-                                       $search_attribs);
-        } else {
-            //search only in this context
-            $ldap_result = ldap_list($ldapconnection, $context,
-                                     $filter,
-                                     $search_attribs);
-        }
-
-        $users = auth_ldap_get_entries($ldapconnection, $ldap_result);
-
-        //add found users to list
-        foreach ($users as $ldapuser=>$attribs) {
-            $user = new object();
-            foreach ($attrmap as $key=>$value){
-                if(isset($users[$ldapuser][$value][0])){
-                    $user->$key=$users[$ldapuser][$value][0];
-                }
-            }    
-            //quick way to get around binarystrings
-            $user->guid=bin2hex($user->guid);
-            //add authentication source stamp 
-            $user->auth= AUTH_METHOD;
-            $fresult[$user->username]=$user;
-
-        }
-    }
-   
-    return $fresult;
-}
-
-/**
- * return number of days to user password expires
- *
- * If userpassword does not expire it should return 0. If password is already expired
- * it should return negative value.
- *
- * @param mixed $username username
- * @return integer
- */
-function auth_password_expire($username) {
-    global $CFG ;
-    $result = false;
-    
-    $ldapconnection = auth_ldap_connect();
-    $user_dn = auth_ldap_find_userdn($ldapconnection, $username);
-    $search_attribs = array($CFG->ldap_expireattr);
-    $sr = ldap_read($ldapconnection, $user_dn, 'objectclass=*', $search_attribs);
-    if ($sr)  {
-        $info=auth_ldap_get_entries($ldapconnection, $sr);
-        if ( empty($info[0][strtolower($CFG->ldap_expireattr)][0])) {
-            //error_log("ldap: no expiration value".$info[0][$CFG->ldap_expireattr]);
-            // no expiration attribute, password does not expire
-            $result = 0;
-        } else {
-            $now = time();
-            $expiretime = auth_ldap_expirationtime2unix($info[0][strtolower($CFG->ldap_expireattr)][0]);
-            if ($expiretime > $now) {
-                $result = ceil(($expiretime - $now) / DAYSECS);
-            } else {
-                $result = floor(($expiretime - $now) / DAYSECS);
-            }    
-        }
-    } else {    
-        error_log("ldap: auth_password_expire did't find expiration time!.");
-    }    
-
-    //error_log("ldap: auth_password_expire user $user_dn expires in $result days!");
-    return $result;
-}
-
-/**
- * syncronizes user fron external db to moodle user table
- *
- * Sync shouid be done by using idnumber attribute, not username.
- * You need to pass firstsync parameter to function to fill in
- * idnumbers if they dont exists in moodle user table.
- * 
- * Syncing users removes (disables) users that dont exists anymore in external db.
- * Creates new users and updates coursecreator status of users. 
- * 
- * @param mixed $firstsync  Optional: set to true to fill idnumber fields if not filled yet
- */
-function auth_sync_users ($bulk_insert_records = 1000, $do_updates=1) {
-//Syncronizes userdb with ldap
-//This will add, rename 
-/// OPTIONAL PARAMETERS
-/// $bulk_insert_records = 1 // will insert $bulkinsert_records per insert statement
-///                         valid only with $unsafe. increase to a couple thousand for
-///                         blinding fast inserts -- but test it: you may hit mysqld's 
-///                         max_allowed_packet limit.
-/// $do_updates = 1 // will do pull in data updates from ldap if relevant
-
-
-    global $CFG ;
-
-    // configure a temp table 
-    print "Configuring temp table\n";    
-    if(strtolower($CFG->dbtype) === 'mysql'){
-        // help old mysql versions cope with large temp tables
-        execute_sql('SET SQL_BIG_TABLES=1', false); 
-        execute_sql('CREATE TEMPORARY TABLE ' . $CFG->prefix .'extuser (idnumber VARCHAR(12), PRIMARY KEY (idnumber)) TYPE=MyISAM',false); 
-    } elseif (strtolower($CFG->dbtype) === 'postgres7'){
-        $bulk_insert_records = 1; // no support for multiple sets of values
-        execute_sql('CREATE TEMPORARY TABLE '.$CFG->prefix.'extuser (idnumber VARCHAR(12), PRIMARY KEY (idnumber))',false); 
-    }
-
-        
-    print "connecting to ldap\n";
-    $ldapconnection = auth_ldap_connect();
-
-    ////
-    //// get user's list from ldap to sql in a scalable fashion
-    ////
-    // prepare some data we'll need
-    if (! empty($CFG->ldap_objectclass)) {
-        $CFG->ldap_objectclass="objectClass=*";
-    }
-
-    $filter = "(&(".$CFG->ldap_user_attribute."=*)(".$CFG->ldap_objectclass."))";
-
-    $contexts = explode(";",$CFG->ldap_contexts);
- 
-    if (!empty($CFG->ldap_create_context)){
-          array_push($contexts, $CFG->ldap_create_context);
-    }
-
-    $fresult = array();
-    $count = 0;
-    foreach ($contexts as $context) {
-        $context = trim($context);
-        if (empty($context)) {
-            continue;
-        }
-        begin_sql();
-        if ($CFG->ldap_search_sub) {
-            //use ldap_search to find first user from subtree
-            $ldap_result = ldap_search($ldapconnection, $context,
-                                       $filter,
-                                       array($CFG->ldap_user_attribute));
-        } else {
-            //search only in this context
-            $ldap_result = ldap_list($ldapconnection, $context,
-                                     $filter,
-                                     array($CFG->ldap_user_attribute));
-        }
-
-        $entry = ldap_first_entry($ldapconnection, $ldap_result);
-        do {
-            $value = ldap_get_values_len($ldapconnection, $entry,$CFG->ldap_user_attribute);
-            $value = $value[0];
-            $count++;
-            array_push($fresult, $value);
-            if(count($fresult) >= $bulk_insert_records){
-                auth_ldap_bulk_insert($fresult);
-                //print var_dump($fresult);
-                $fresult=array();
-            }         
-        }
-        while ($entry = ldap_next_entry($ldapconnection, $entry));
-        
-        // insert any remaining users and release mem
-        if(count($fresult)){
-            auth_ldap_bulk_insert($fresult);
-            $fresult=array();
-        }
-        commit_sql();
-    }
-    // free mem
-    $ldap_results = 0;
-
-    /// preserve our user database
-    /// if the temp table is empty, it probably means that something went wrong, exit
-    /// so as to avoid mass deletion of users; which is hard to undo
-    $count = get_record_sql('SELECT COUNT(idnumber) AS count, 1 FROM ' . $CFG->prefix .'extuser');
-    $count = $count->{'count'};
-    if($count < 1){
-        print "Did not get any users from LDAP -- error? -- exiting\n";
-        exit;
-    }
-
-    ////
-    //// User removal
-    ////
-    // find users in DB that aren't in ldap -- to be removed!
-    // this is still not as scalable
-    $sql = 'SELECT u.id, u.username 
-            FROM ' . $CFG->prefix .'user u LEFT JOIN ' . $CFG->prefix .'extuser e 
-                    ON u.idnumber = e.idnumber 
-            WHERE u.auth=\''. AUTH_METHOD .'\' AND u.deleted=\'0\' AND e.idnumber IS NULL';
-    //print($sql);            
-    $remove_users = get_records_sql($sql); 
-
-    if (!empty($remove_users)){
-        print "User entries to remove: ". count($remove_users) . "\n";
-
-        begin_sql();
-        foreach ($remove_users as $user) {
-            //following is copy pasted from admin/user.php
-            //maybe this should moved to function in lib/datalib.php
-            unset($updateuser);
-            $updateuser->id = $user->id;
-            $updateuser->deleted = "1";
-            //$updateuser->username = "$user->username".time();  // Remember it just in case
-            //$updateuser->email = "";               // Clear this field to free it up
-            $updateuser->timemodified = time();
-            if (update_record("user", $updateuser)) {
-                unenrol_student($user->id);  // From all courses
-                remove_teacher($user->id);   // From all courses
-                remove_admin($user->id);
-                notify(get_string("deletedactivity", "", fullname($user, true)) );
-            } else {
-                notify(get_string("deletednot", "", fullname($user, true)));
-            }
-            //copy pasted part ends
-        }     
-        commit_sql();
-    } 
-    $remove_users = 0; // free mem!   
-
-    ////
-    //// User Updates
-    //// (time-consuming, optional)
-    ////
-    if ($do_updates) {
-        // narrow down what fields we need to update
-        $all_keys = array_keys(get_object_vars($CFG));
-        $updatekeys = array();
-        foreach ($all_keys as $key) {
-            if (preg_match('/^auth_user_(.+)_updatelocal$/',$key, $match)) {
-                if ($CFG->{$match[0]}) { // if it has a true value
-                    array_push($updatekeys, $match[1]); // the actual key name
-                }
-            }
-        }
-        // print_r($all_keys); print_r($updatekeys);
-        unset($all_keys); unset($key);
-        
-    }
-    if ( $do_updates && !(empty($updatekeys)) ) { // run updates only if relevant
-        $users = get_records_sql('SELECT u.username, u.id FROM ' . $CFG->prefix . 'user  AS u WHERE u.deleted=0 and u.auth=\''. AUTH_METHOD .'\'' );
-        if (!empty($users)) {
-            print "User entries to update: ". count($users). "\n";
-            
-            
-
-            begin_sql();
-            $xcount=0; $maxxcount=100;
-            foreach ($users as $user) { 
-                echo "updating user $user->username \n";
-                auth_ldap_update_user_record($user->username, $updatekeys);
-                // update course creators
-                if ( !empty($CFG->ldap_creators) && !empty($CFG->ldap_memberattribute) ) {
-                    if (auth_iscreator($user->username)) {
-                        if (! record_exists("user_coursecreators", "userid", $user->id)) {
-                            $creator = insert_record("user_coursecreators",$user->id);
-                            if (! $creator) {
-                                error("Cannot add user to course creators.");
-                        }
-                      }
-                    } else {
-                         if ( record_exists("user_coursecreators", "userid", $user->id)) {
-                              $creator = delete_records("user_coursecreators", "userid", $user->id);
-                              if (! $creator) {
-                                  error("Cannot remove user from course creators.");
-                              }
-                         }
-                    }
-                }
-                if ($xcount++ > $maxxcount) {
-                  commit_sql();
-                  begin_sql(); 
-                  $xcount=0;
-                }
-            }
-            commit_sql();
-            $users = 0; // free mem
-        }
-    } // end do updates
-    
-    ////
-    //// User Additions
-    ////
-    // find users missing in DB that are in LDAP
-    // note that get_records_sql wants at least 2 fields returned,
-    // and gives me a nifty object I don't want.
-    $sql = 'SELECT e.idnumber,1 
-            FROM ' . $CFG->prefix .'extuser e  LEFT JOIN ' . $CFG->prefix .'user u
-                    ON e.idnumber = u.idnumber 
-            WHERE  u.id IS NULL OR (u.id IS NOT NULL AND u.deleted=1)';
-    $add_users = get_records_sql($sql); // get rid of the fat        
-    
-    if(!empty($add_users)){
-        print "User entries to add: ". count($add_users). "\n";
-        begin_sql();
-        foreach($add_users as $user){
-            $user = auth_get_userinfo_asobj($user->idnumber);
-            //print $user->username . "\n";
-            
-            // prep a few params
-            $user->modified  = time();
-            $user->confirmed = 1;
-            $user->auth      = AUTH_METHOD;
-            
-            // insert it
-            $old_debug=$CFG->debug; 
-            $CFG->debug=10;
-            
-            // maybe the user has been deleted before
-            if ($old_user = get_record('user', 'idnumber', $user->idnumber, 'deleted', 1)) {
-                $user->id = $old_user->id;
-                set_field('user', 'deleted', 0, 'idnumber', $user->idnumber);
-                echo "Revived user $user->username with idnumber $user->idnumber id $user->id\n";
-            } elseif ($id=insert_record ('user',$user)) { // it is truly a new user
-                echo "inserted user $user->username with idnumber $user->idnumber id $id\n";
-                $user->id = $id;
-            } else {
-                echo "error inserting user $user->username with idnumber $user->idnumber \n";
-            }
-            $CFG->debug=$old_debug;
-            $userobj = auth_ldap_update_user_record($user->username);
-            if(isset($CFG->{'auth_ldap_forcechangepassword'}) && $CFG->{'auth_ldap_forcechangepassword'}){
-                set_user_preference('auth_forcepasswordchange', 1, $userobj);
-            }
-            
-            // update course creators
-            if ( !empty($CFG->ldap_creators) && !empty($CFG->ldap_memberattribute) ) {
-                if (auth_iscreator($user->username)) {
-                    if (! record_exists("user_coursecreators", "userid", $user->id)) {
-                        $creator = insert_record("user_coursecreators",$user->id);
-                        if (! $creator) {
-                            error("Cannot add user to course creators.");
-                    }
-                  }
-                } else {
-                     if ( record_exists("user_coursecreators", "userid", $user->id)) {
-                          $creator = delete_records("user_coursecreators", "userid", $$user->id);
-                          if (! $creator) {
-                              error("Cannot remove user from course creators.");
-                          }
-                     }
-                }
-            }
-        }
-        commit_sql();
-        $add_users = 0; // free mem
-    }
-    return true;
-}
-
-function auth_ldap_update_user_record($username, $updatekeys=false) {
-/// will update a local user record from an external source. 
-/// is a lighter version of the one in moodlelib -- won't do 
-/// expensive ops such as enrolment
-///
-/// If you don't pass $updatekeys, there is a performance hit and 
-/// values removed from LDAP won't be removed from moodle. 
-
-    global $CFG;
-
-    //just in case check text case
-    $username = trim(moodle_strtolower($username));
-    
-    // get the current user record
-    $user = get_record('user', 'username', $username);
-    if (empty($user)) { // trouble
-        error_log("Cannot update non-existent user: $username");
-        die;
-    }
-
-    if (function_exists('auth_get_userinfo')) {
-        if ($newinfo = auth_get_userinfo($username)) {
-            $newinfo = truncate_userinfo($newinfo);
-            
-            if (empty($updatekeys)) { // all keys? this does not support removing values
-                $updatekeys = array_keys($newinfo);
-            }
-            
-            foreach ($updatekeys as $key){
-                unset($value);
-                if (isset($newinfo[$key])) {
-                    $value = $newinfo[$key];
-                    $value = addslashes(stripslashes($value)); // Just in case
-                } else {
-                    $value = '';
-                }
-                if(isset($CFG->{'auth_user_' . $key. '_updatelocal'}) 
-                   &&    $CFG->{'auth_user_' . $key. '_updatelocal'}){
-                       if ($user->{$key} != $value) { // only update if it's changed
-                           set_field('user', $key, $value, 'username', $username);
-                       }
-                }
-            }
-        }
-    }
-    return get_record_select("user", "username = '$username' AND deleted <> '1'");
-}
-
-function auth_ldap_bulk_insert($users){
-// bulk insert in SQL's temp table
-// $users is an array of usernames
-    global $CFG;
-    
-    // bulk insert -- superfast with $bulk_insert_records
-    $sql = 'INSERT INTO '.$CFG->prefix.'extuser (idnumber) VALUES ';
-    // make those values safe
-    array_map('addslashes', $users);
-    // join and quote the whole lot
-    $sql = $sql . '(\'' . join('\'),(\'', $users) . '\')';
-    print "+ " . count($users) . " users\n";
-    execute_sql($sql, false); 
-
-}
-
-
-/*
- * auth_user_activate activates user in external db.
- *
- * Activates (enables) user in external db so user can login to external db
- *
- * @param mixed $username    username
- * @return boolen result
- */
-function auth_user_activate ($username) {
-    global $CFG;
-
-    $ldapconnection = auth_ldap_connect();
-    
-    $userdn = auth_ldap_find_userdn($ldapconnection, $username);
-    switch ($CFG->ldap_user_type)  {
-         case 'edir':
-    $newinfo['loginDisabled']="FALSE";
-         default;
-            error ('auth: ldap auth_user_activate() does not support selected usertype (..yet)');    
-    }    
-    $result = ldap_modify($ldapconnection, $userdn, $newinfo);
-    ldap_close($ldapconnection);
-    return $result;
-}
-
-/*
- * auth_user_disables disables user in external db.
- *
- * Disables user in external db so user can't login to external db
- *
- * @param mixed $username    username
- * @return boolean result
- */
-function auth_user_disable ($username) {
-    global $CFG;
-
-    $ldapconnection = auth_ldap_connect();
-
-    $userdn = auth_ldap_find_userdn($ldapconnection, $username);
-    switch ($CFG->ldap_user_type)  {
-        case 'edir':
-    $newinfo['loginDisabled']="TRUE";
-        default:
-            error ('auth: ldap auth_user_disable() does not support selected usertype (..yet)');    
-    }    
-    $result = ldap_modify($ldapconnection, $userdn, $newinfo);
-    ldap_close($ldapconnection);
-    return $result;
-}
-
-/*
- * auth_iscreator returns true if user should be coursecreator
- *
- * auth_iscreator returns true if user should be coursecreator
- *
- * @param mixed $username    username
- * @return boolean result
- */
-function auth_iscreator($username=0) {
-///if user is member of creator group return true
-    global $USER , $CFG; 
-    auth_ldap_init();
-
-    if (! $username) {
-        $username=$USER->username;
-    }
-   
-    if ((! $CFG->ldap_creators) OR (! $CFG->ldap_memberattribute)) {
-        return null;
-    } 
-
-    return auth_ldap_isgroupmember($username, $CFG->ldap_creators);
- 
-}
-
-/* 
- * auth_user_update saves userinformation from moodle to external db
- *
- * Called when the user record is updated.
- * Modifies user in external database. It takes olduser (before changes) and newuser (after changes) 
- * conpares information saved modified information to external db.
- *
- * @param mixed $olduser     Userobject before modifications
- * @param mixed $newuser     Userobject new modified userobject
- * @return boolean result
- *
- */
-function auth_user_update($olduser, $newuser) {
-
-    global $USER , $CFG;
-    
-    $ldapconnection = auth_ldap_connect();
-    
-    $result = array();
-    $search_attribs = array();
-
-    $attrmap = auth_ldap_attributes();  
-    foreach ($attrmap as $key=>$values) {
-        if (!is_array($values)) {
-            $values = array($values);
-        }
-        foreach ($values as $value) {
-            if (!in_array($value, $search_attribs)) {
-                array_push($search_attribs, $value);
-            }
-        }    
-    }
-
-    $user_dn = auth_ldap_find_userdn($ldapconnection, $olduser->username);
-
-    $user_info_result = ldap_read($ldapconnection,$user_dn,$CFG->ldap_objectclass, $search_attribs);
-
-    if ($user_info_result){
-
-        $user_entry = auth_ldap_get_entries($ldapconnection, $user_info_result);
-        //error_log(var_export($user_entry) . 'fpp' );
-        
-        foreach ($attrmap as $key=>$ldapkeys){
-            if (isset($CFG->{'auth_user_'. $key.'_updateremote'}) && $CFG->{'auth_user_'. $key.'_updateremote'}){
-
-                // for ldap values that could be in more than one 
-                // ldap key, we will do our best to match 
-                // where they came from
-                $ambiguous = true;
-                $changed   = false;
-                if (!is_array($ldapkeys)) {
-                    $ldapkeys = $array($ldapkeys);
-                }
-                if (count($ldapkeys) < 2) {
-                    $ambiguous = false;
-                }
-                 
-                foreach ($ldapkeys as $ldapkey) {
-                    if (!$ambiguous) {
-                        // skip update if the values already match
-                        if( !($newuser->$key === $user_entry[0][strtolower($ldapkey)][0]) ){
-                            ldap_modify($ldapconnection, $user_dn, array($ldapkey => $newuser->$key));
-                        } else { 
-                    error_log("Skip updating field $key for entry $user_dn: it seems to be already same on LDAP. " . 
-                                      "  old moodle value: '" . $olduser->$key . 
-                                      "' new value '" . $newuser->$key . 
-                                      "' current value in ldap entry " . $user_entry[0][strtolower($ldapkey)][0]);
-                        }
-                    } else { // ambiguous
-                        // check the old values match
-                        //error_log("keys $key $ldapkey");
-                        //error_log("olduser " . $olduser->$key);
-                        //error_log("ldapuser " . $user_entry[0][strtolower($ldapkey)][0]);
-                        if (   !empty($olduser->$key) 
-                            && !empty($user_entry[0][strtolower($ldapkey)][0]) 
-                            && $olduser->$key === $user_entry[0][strtolower($ldapkey)][0] ) {
-                            // we found which value to update!
-                            error_log("Matched: ". $olduser->$key . " === " . $user_entry[0][strtolower($ldapkey)][0]);
-                            if(ldap_modify($ldapconnection, $user_dn, array($ldapkey => $newuser->$key))){
-                                $changed=true;
-                                last;
-                            } else {
-                                error ('Error updating LDAP record. Error code: ' 
-                                  . ldap_errno($ldapconnection) . '; Error string : '
-                                  . ldap_err2str(ldap_errno($ldapconnection))); 
-                            }
-                        }
-                    }
-                }
-                
-                if ($ambiguous AND !$changed) {
-                    error_log("Failed to update LDAP with ambiguous field $key". 
-                              "  old moodle value: '" . $olduser->$key . 
-                              "' new value '" . $newuser->$key );
-                }
-            }
-        }
-        
-
-    } else {
-        error_log("ERROR:No user found in LDAP");
-        @ldap_close($ldapconnection);
-        return false;
-    }
-
-    @ldap_close($ldapconnection);
-    
-    return true;
-
-}
-
-/*
- * changes userpassword in external db
- *
- * called when the user password is updated.
- * changes userpassword in external db
- *
- * @param mixed $username    Username
- * @param mixed $newpassword Plaintext password
- * @param mixed $oldpassword Plaintext old password to bind ldap with
- * @return boolean result
- *
- */
-function auth_user_update_password($username, $newpassword) {
-/// called when the user password is updated -- it assumes it is called by an admin
-/// or that you've otherwise checked the user's credentials
-/// IMPORTANT: $newpassword must be cleartext, not crypted/md5'ed
-
-    global $CFG, $USER;
-    $result = false;
-     
-    $ldapconnection = auth_ldap_connect();
-
-    $user_dn = auth_ldap_find_userdn($ldapconnection, $username);
-    
-    if(!$user_dn){
-        error_log('LDAP Error in auth_user_update_password(). No DN for: ' . $username); 
-        return false;
-    }
-
-    switch ($CFG->ldap_user_type) {
-        case 'edir':
-            //Change password
-    $result = ldap_modify($ldapconnection, $user_dn, array('userPassword' => $newpassword));
-            if(!$result){
-                error_log('LDAP Error in auth_user_update_password(). Error code: '
-                          . ldap_errno($ldapconnection) . '; Error string : '
-                          . ldap_err2str(ldap_errno($ldapconnection)));
-            }
-            //Update password expiration time, grace logins count
-            $search_attribs = array($CFG->ldap_expireattr, 'passwordExpirationInterval','loginGraceLimit' );
-            $sr = ldap_read($ldapconnection, $user_dn, 'objectclass=*', $search_attribs);
-            if ($sr)  {
-                $info=auth_ldap_get_entries($ldapconnection, $sr);
-                $newattrs = array();
-                if (!empty($info[0][$CFG->ldap_expireattr][0])) {
-                    //Set expiration time only if passwordExpirationInterval is defined
-                    if (!empty($info[0]['passwordExpirationInterval'][0])) {
-                       $expirationtime = time() + $info[0]['passwordExpirationInterval'][0]; 
-                       $ldapexpirationtime = auth_ldap_unix2expirationtime($expirationtime);
-                       $newattrs['passwordExpirationTime'] = $ldapexpirationtime;
-                    }    
-
-                    //set gracelogin count
-                    if (!empty($info[0]['loginGraceLimit'][0])) {
-                       $newattrs['loginGraceRemaining']= $info[0]['loginGraceLimit'][0]; 
-                    }
-    
-                    //Store attribute changes to ldap
-                    $result = ldap_modify($ldapconnection, $user_dn, $newattrs);
-                    if(!$result){
-                       error_log('LDAP Error in auth_user_update_password() when modifying expirationtime and/or gracelogins. Error code: '
-                                 . ldap_errno($ldapconnection) . '; Error string : '
-                                 . ldap_err2str(ldap_errno($ldapconnection)));
-                    }
-                }
-            } else {
-                error_log('LDAP Error in auth_user_update_password() when reading password expiration time. Error code: '
-                          . ldap_errno($ldapconnection) . '; Error string : '
-                          . ldap_err2str(ldap_errno($ldapconnection)));
-            }    
-            break;
-        default:
-            $usedconnection = &$ldapconnection;
-            // send ldap the password in cleartext, it will md5 it itself
-            $result = ldap_modify($ldapconnection, $user_dn, array('userPassword' => $newpassword));
-    if(!$result){
-        error_log('LDAP Error in auth_user_update_password(). Error code: ' 
-                  . ldap_errno($ldapconnection) . '; Error string : '
-                  . ldap_err2str(ldap_errno($ldapconnection)));
-    }
-    
-    }
-
-        
-    @ldap_close($ldapconnection);
-
-    return $result;
-}
-
-//PRIVATE FUNCTIONS starts
-//private functions are named as auth_ldap*
-
-/**
- * returns predefined usertypes
- *
- * @return array of predefined usertypes
- */
-
-function auth_ldap_suppported_usertypes (){
-// returns array of supported usertypes (schemas)
-// If you like to add our own please name and describe it here
-// And then add case clauses in relevant places in functions
-// iauth_ldap_init, auth_user_create, auth_check_expire, auth_check_grace
-    $types['edir']='Novell Edirectory';
-    $types['rfc2307']='posixAccount (rfc2307)';
-    $types['rfc2307bis']='posixAccount (rfc2307bis)';
-    $types['samba']='sambaSamAccount (v.3.0.7)';
-    $types['ad']='MS ActiveDirectory'; 
-    return $types;
-}    
-
-   
-/**
- * initializes needed variables for ldap-module
- *
- * Uses names defined in auth_ldap_supported_usertypes.
- * $default is first defined as:
- * $default['pseudoname'] = array(
- *                      'typename1' => 'value',
- *                      'typename2' => 'value'
- *                      ....
- *                      );
- *
- * @return array of default values
- */
-
-function auth_ldap_getdefaults(){
-    $default['ldap_objectclass'] = array(
-                        'edir' => 'User',
-                        'rfc2703' => 'posixAccount',
-                        'rfc2703bis' => 'posixAccount',
-                        'samba' => 'sambaSamAccount',
-                        'ad' => 'user',
-                        'default' => '*'
-                        );
-    $default['ldap_user_attribute'] = array(
-                        'edir' => 'cn',
-                        'rfc2307' => 'uid',
-                        'rfc2307bis' => 'uid',
-                        'samba' => 'uid',
-                        'ad' => 'cn',
-                        'default' => 'cn'
-                        );
-    $default['ldap_memberattribute'] = array(
-                        'edir' => 'member',
-                        'rfc2307' => 'member',
-                        'rfc2307bis' => 'member',
-                        'samba' => 'member',
-                        'ad' => 'member', //is this right?
-                        'default' => 'member'
-                        );
-    $default['ldap_memberattribute_isdn'] = array(
-                        'edir' => '1',
-                        'rfs2307' => '0',
-                        'rfs2307bis' => '1',
-                        'samba' => '0', //is this right?
-                        'ad' => '0', //is this right?
-                        'default' => '0'
-                        );
-    $default['ldap_expireattr'] = array (
-                        'edir' => 'passwordExpirationTime',
-                        'rfc2307' => 'shadowExpire',
-                        'rfc2307bis' => 'shadowExpire',
-                        'samba' => '', //No support yet
-                        'ad' => '', //No support yet
-                        'default' => ''
-                        );
-    return $default; 
-}
-
-/**
- * return binaryfields of selected usertype
- *
- *
- * @return array
- */
-
-function auth_ldap_getbinaryfields () {
-    global $CFG;
-    $binaryfields = array (
-                        'edir' => array('guid'),
-                        'rfc2703' => array(),
-                        'rfc2703bis' => array(),
-                        'samba' => array(),
-                        'ad' => array(),
-                        'default' => '*'
-                        );
-    if (!empty($CFG->ldap_user_type)) {
-        return $binaryfields[$CFG->ldap_user_type];   
-    } else {
-        return $binaryfields['default'];
-    }    
-    }
-    
-function auth_ldap_isbinary ($field) {
-    if (!isset($field)) {
-        return null ;
-    }    
-    return array_search($field, auth_ldap_getbinaryfields());
-}    
-
-/**
- * set $CFG-values for ldap_module
- * 
- * Get default configuration values with auth_ldap_getdefaults() 
- * and by using this information $CFG-> values are set
- * If $CFG->value is alredy set current value is honored.
- *
- * 
- */
-function auth_ldap_init () {
-    global $CFG;
- 
-    $default = auth_ldap_getdefaults();
-
-    foreach ($default as $key => $value) {
-        //set defaults if overriding fields not set
-        if(empty($CFG->{$key})) {
-            if (!empty($CFG->ldap_user_type) && !empty($default[$key][$CFG->ldap_user_type])) {
-                $CFG->{$key} = $default[$key][$CFG->ldap_user_type];
-            }else {
-                //use default value if user_type not set
-                if(!empty($default[$key]['default'])){
-                    $CFG->$key = $default[$key]['default'];
-                }else {
-                    unset($CFG->$key);
-                }    
-            }
-        }
-    }   
-    //hack prefix to objectclass
-    if ('objectClass=' != substr($CFG->ldap_objectclass, 0, 12)) {
-       $CFG->ldap_objectclass = 'objectClass='.$CFG->ldap_objectclass;
-    }
-   
-    //all chages go in $CFG , no need to return value
-}
-
-/**
- * take expirationtime and return it as unixseconds
- * 
- * takes expriration timestamp as readed from ldap
- * returns it as unix seconds
- * depends on $CFG->usertype variable
- *
- * @param mixed time   Time stamp readed from ldap as it is.
- * @return timestamp
- */
-
-function auth_ldap_expirationtime2unix ($time) {
-
-    global $CFG;
-    $result = false;
-    switch ($CFG->ldap_user_type) {
-        case 'edir':
-            $yr=substr($time,0,4);
-            $mo=substr($time,4,2);
-            $dt=substr($time,6,2);
-            $hr=substr($time,8,2);
-            $min=substr($time,10,2);
-            $sec=substr($time,12,2);
-            $result = mktime($hr,$min,$sec,$mo,$dt,$yr); 
-            break;
-        case 'posix':
-            $result = $time * DAYSECS ; //The shadowExpire contains the number of DAYS between 01/01/1970 and the actual expiration date
-            break;
-        default:  
-            error('CFG->ldap_user_type not defined or function auth_ldap_expirationtime2unix does not support selected type!');
-}
-    return $result;
-}
-
-/**
- * takes unixtime and return it formated for storing in ldap
- *
- * @param integer unix time stamp
- */
-function auth_ldap_unix2expirationtime ($time) {
-    global $CFG;
-    $result = false;
-    switch ($CFG->ldap_user_type) {
-        case 'edir':
-            $result=date('YmdHis').'Z';  
-            break;
-        case 'posix':
-            $result = $time ; //Already in correct format
-            break;
-        default:  
-            error('CFG->ldap_user_type not defined or function auth_ldap_unixi2expirationtime does not support selected type!');
-    }        
-    return $result;
-
-}
-
-/*
- * checks if user belong to specific group(s)
- *
- * Returns true if user belongs group in grupdns string.
- *
- * @param mixed $username    username
- * @param mixed $groupdns    string of group dn separated by ;
- *
- */
-function auth_ldap_isgroupmember ($username='', $groupdns='') {
-// Takes username and groupdn(s) , separated by ;
-// Returns true if user is member of any given groups
-
-    global $CFG ;
-    $result = false;
-    $ldapconnection = auth_ldap_connect();
-    
-    if (empty($username) OR empty($groupdns)) {
-        return $result;
-        }
-
-    if ($CFG->ldap_memberattribute_isdn) {
-        $username=auth_ldap_find_userdn($ldapconnection, $username);
-    }
-    if (! $username ) {
-        return $result;
-    }
-
-    $groups = explode(";",$groupdns);
-    
-    foreach ($groups as $group){
-        $group = trim($group);
-        if (empty($group)) {
-            continue;
-        }
-        //echo "Checking group $group for member $username\n";
-        $search = @ldap_read($ldapconnection, $group,  '('.$CFG->ldap_memberattribute.'='.$username.')', array($CFG->ldap_memberattribute));
-        if (ldap_count_entries($ldapconnection, $search)) {$info = auth_ldap_get_entries($ldapconnection, $search);
-        
-            if (count($info) > 0 ) {
-                // user is member of group
-                $result = true;
-                break;
-            }
-    }
-}
-
-    return $result;
-
-}
-
-/**
- * connects to ldap server
- *
- * Tries connect to specified ldap servers.
- * Returns connection result or error.
- *
- * @return connection result
- */
-function auth_ldap_connect($binddn='',$bindpwd=''){
-/// connects  and binds to ldap-server
-/// Returns connection result
-
-    global $CFG;
-    auth_ldap_init();
-
-    //Select bind password, With empty values use
-    //ldap_bind_* variables or anonymous bind if ldap_bind_* are empty
-    if ($binddn == '' AND $bindpwd == '') {
-        if (!empty($CFG->ldap_bind_dn)){
-           $binddn = $CFG->ldap_bind_dn;
-        }
-        if (!empty($CFG->ldap_bind_pw)){
-           $bindpwd = $CFG->ldap_bind_pw;
-        }
-    }
-    
-    $urls = explode(";",$CFG->ldap_host_url);
-        
-    foreach ($urls as $server){
-        $url = trim($server);
-        if (empty($url)) {
-            continue;
-        }
-
-        $connresult = ldap_connect($server);
-        //ldap_connect returns ALWAYS true
- 
-        if (!empty($CFG->ldap_version)) {
-            ldap_set_option($connresult, LDAP_OPT_PROTOCOL_VERSION, $CFG->ldap_version);
-        }
-
-        if (!empty($binddn)){
-            //bind with search-user
-            $bindresult=@ldap_bind($connresult, $binddn,$bindpwd);
-    } else {
-        //bind anonymously 
-            $bindresult=@ldap_bind($connresult);
-        }  
-       
-        if (isset($CFG->ldap_opt_deref)) {
-            ldap_set_option($connresult, LDAP_OPT_DEREF, $CFG->ldap_opt_deref);
-    }
-
-        if ($bindresult) {
-            return $connresult;
-        }
-}
-
-    //If any of servers are alive we have already returned connection
-    error("LDAP-module cannot connect any LDAP servers : $CFG->ldap_host_url");
-    return false;
-}
-
-/**
- * retuns dn of username
- *
- * Search specified contexts for username and return user dn
- * like: cn=username,ou=suborg,o=org
- *
- * @param mixed $ldapconnection  $ldapconnection result
- * @param mixed $username username
- *
- */
-
-function auth_ldap_find_userdn ($ldapconnection, $username){
-
-    global $CFG;
-
-    //default return value
-    $ldap_user_dn = FALSE;
-
-    //get all contexts and look for first matching user
-    $ldap_contexts = explode(";",$CFG->ldap_contexts);
-    
-    if (!empty($CFG->ldap_create_context)){
-      array_push($ldap_contexts, $CFG->ldap_create_context);
-    }
-  
-    foreach ($ldap_contexts as $context) {
-
-        $context = trim($context);
-        if (empty($context)) {
-            continue;
-        }
-
-        if ($CFG->ldap_search_sub){
-            //use ldap_search to find first user from subtree
-            $ldap_result = ldap_search($ldapconnection, $context, "(".$CFG->ldap_user_attribute."=".$username.")",array($CFG->ldap_user_attribute));
-
-        } else {
-            //search only in this context
-            $ldap_result = ldap_list($ldapconnection, $context, "(".$CFG->ldap_user_attribute."=".$username.")",array($CFG->ldap_user_attribute));
-        }
- 
-        $entry = ldap_first_entry($ldapconnection,$ldap_result);
-
-        if ($entry){
-            $ldap_user_dn = ldap_get_dn($ldapconnection, $entry);
-            break ;
-        }
-    }
-
-    return $ldap_user_dn;
-}
-
-/**
- * retuns user attribute mappings between moodle and ldap
- *
- * @return array
- */
-
-function auth_ldap_attributes (){
-
-    global $CFG;
-
-    $config = (array)$CFG;
-    $fields = array("firstname", "lastname", "email", "phone1", "phone2", 
-                    "department", "address", "city", "country", "description", 
-                    "idnumber", "lang" );
-
-    $moodleattributes = array();
-    foreach ($fields as $field) {
-        if (!empty($config["auth_user_$field"])) {
-            $moodleattributes[$field] = $config["auth_user_$field"];
-            if (preg_match('/,/',$moodleattributes[$field])) {
-                $moodleattributes[$field] = explode(',', $moodleattributes[$field]); // split ?
-            }
-        }
-    }
-    $moodleattributes['username']=$config["ldap_user_attribute"];
-    return $moodleattributes;
-}
-
-/**
- * return all usernames from ldap
- *
- * @return array
- */
-
-function auth_ldap_get_userlist($filter="*") {
-/// returns all users from ldap servers
-    global $CFG;
-
-    $fresult = array();
-
-    $ldapconnection = auth_ldap_connect();
-
-    if ($filter=="*") {
-       $filter = "(&(".$CFG->ldap_user_attribute."=*)(".$CFG->ldap_objectclass."))";
-    }
-
-    $contexts = explode(";",$CFG->ldap_contexts);
- 
-    if (!empty($CFG->ldap_create_context)){
-          array_push($contexts, $CFG->ldap_create_context);
-    }
-
-    foreach ($contexts as $context) {
-
-        $context = trim($context);
-        if (empty($context)) {
-            continue;
-        }
-
-        if ($CFG->ldap_search_sub) {
-            //use ldap_search to find first user from subtree
-            $ldap_result = ldap_search($ldapconnection, $context,$filter,array($CFG->ldap_user_attribute));
-        } else {
-            //search only in this context
-            $ldap_result = ldap_list($ldapconnection, $context,
-                                     $filter,
-                                     array($CFG->ldap_user_attribute));
-        }
-
-        $users = auth_ldap_get_entries($ldapconnection, $ldap_result);
-
-        //add found users to list
-        for ($i=0;$i<count($users);$i++) {
-            array_push($fresult, ($users[$i][$CFG->ldap_user_attribute][0]) );
-        }
-    }
-   
-    return $fresult;
-}
-
-/**
- * return entries from ldap
- *
- * Returns values like ldap_get_entries but is
- * binary compatible and return all attributes as array
- *
- * @return array ldap-entries
- */
-   
-function auth_ldap_get_entries($conn, $searchresult){
-//Returns values like ldap_get_entries but is
-//binary compatible
-    $i=0;
-    $fresult=array();
-    $entry = ldap_first_entry($conn, $searchresult);
-    do {
-        $attributes = ldap_get_attributes($conn, $entry);
-        for($j=0; $j<$attributes['count']; $j++) {
-            $values = ldap_get_values_len($conn, $entry,$attributes[$j]);
-            if (is_array($values)) {
-            $fresult[$i][$attributes[$j]] = $values;
-            } else {
-                $fresult[$i][$attributes[$j]] = array($values);
-            }
-        }         
-        $i++;               
-    }
-    while ($entry = ldap_next_entry($conn, $entry));
-    //were done
-    return ($fresult);
-}
-
-
-
-
-?>
\ No newline at end of file