// config.php - allows admin to edit all configuration variables
include("../config.php");
-
+ require_once("$CFG->dirroot/auth/$CFG->auth/lib.php"); //just to make sure that authentication functions are loaded
require_login();
if (!$site = get_site()) {
$guestoptions[0] = get_string("hide");
$guestoptions[1] = get_string("show");
+ $createoptions[0] = get_string("no");
+ $createoptions[1] = get_string("yes");
+
$stradministration = get_string("administration");
$strauthentication = get_string("authentication");
$strauthenticationoptions = get_string("authenticationoptions","auth");
echo "</td>";
echo "<td>";
print_string("showguestlogin","auth");
- echo "</td></tr></table>";
-
+ echo "</td></tr>";
+
+ if (function_exists('auth_user_create')){
+ echo "<tr valign=\"top\">";
+ echo "<td align=right nowrap><p>";
+ print_string("auth_user_create", "auth");
+ echo ":</p></td>";
+ echo "<td>";
+ choose_from_menu($createoptions, "auth_user_create", $config->auth_user_create, "");
+ echo "</td>";
+ echo "<td>";
+ print_string("auth_user_creation","auth");
+ echo "</td></tr>";
+ }
- echo "<CENTER><P><INPUT TYPE=\"submit\" VALUE=\"";
+ echo "<
/table><CENTER><P><INPUT TYPE=\"submit\" VALUE=\"";
print_string("savechanges");
echo "\"></P></CENTER></FORM>";
$starttime = microtime();
- require_once("../config.php");
+ require_once("/usr/local/moodle/config.php");
echo "<PRE>\n";
</TD>
</TR>
-
+<TR VALIGN=TOP BGCOLOR="<?=$THEME->cellheading2 ?>">
+ <TD ALIGN=RIGHT><P>ldap_create_context:</TD>
+ <TD>
+ <INPUT name=ldap_create_context TYPE=text SIZE=30 VALUE="<?=$config->ldap_create_context?>">
+ <? if (isset($err["ldap_create_context"])) formerr($err["ldap_create_context"]); ?>
+ </TD><TD>
+ <? print_string("auth_ldap_create_context","auth") ?>
+ </TD>
+</TR>
<TR>
<TD ALIGN=RIGHT><P><? print_string("firstname") ?>:</TD>
<?PHP // $Id$
//CHANGELOG:
+//20.02.2003 Added support for user creation
//12.10.2002 Reformatted source for consistency
//03.10.2002 First version to CVS
//29.09.2002 Clean up and splitted code to functions v. 0.02
//29.09.2002 LDAP authentication functions v. 0.01
-//Distributed under GPL (c)Petri Asikainen 2002
+//Distributed under GPL (c)Petri Asikainen 2002-2003
function auth_user_login ($username, $password) {
/// reads userinformation from ldap and return it in array()
global $CFG;
- $config = (array)$CFG;
- $fields = array("firstname", "lastname", "email", "phone1", "phone2",
- "department", "address", "city", "country", "description",
- "idnumber", "lang");
-
- $moodleattributes = array();
- foreach ($fields as $field) {
- if ($config["auth_user_$field"]) {
- $moodleattributes[$field] = $config["auth_user_$field"];
- }
- }
-
+ $config = (array)$CFGo;
+ $moodleattributes = auth_ldap_attributes();
+
$ldap_connection=auth_ldap_connect();
$result = array();
$search_attribs = array();
- foreach ($moodleattributes as $key=>$value) {
+ foreach ($attrmap as $key=>$value) {
array_push($search_attribs, $value);
}
if ($user_info_result) {
$user_entry = ldap_get_entries($ldap_connection, $user_info_result);
- foreach ($moodleattributes as $key=>$value){
+ foreach ($attrmap as $key=>$value){
if(isset($user_entry[0][$value][0])){
$result[$key]=$user_entry[0][$value][0];
}
-function auth_get_userlist() {
+function auth_get_userlist($filter="*") {
/// returns all users from ldap servers
global $CFG;
}
$contexts = explode(";",$CFG->ldap_contexts);
+
+ if (!empty($CFG->ldap_create_context)){
+ array_push($contexts, $CFG->ldap_create_context);
+ }
foreach ($contexts as $context) {
if ($CFG->ldap_search_sub) {
//use ldap_search to find first user from subtree
$ldap_result = ldap_search($ldap_connection, $context,
- "(".$CFG->ldap_objectclass.")",
+ "(&(".$CFG->ldap_user_attribute."=".$filter.")(".$CFG->ldap_objectclass."))",
array($CFG->ldap_user_attribute));
} else {
//search only in this context
$ldap_result = ldap_list($ldap_connection, $context,
- "(".$CFG->ldap_objectclass.")",
+ "(&(".$CFG->ldap_user_attribute."=".$filter.")(".$CFG->ldap_objectclass."))",
array($CFG->ldap_user_attribute));
}
return $fresult;
}
+function auth_user_exists ($username) {
+//returns true if given usernname exist on ldap
+ $users = auth_get_userlist($username);
+ return count($users);
+}
+function auth_user_create ($userobject,$plainpass) {
+//create new user to ldap
+//use auth_user_exists to prevent dublicate usernames
+//return true if user is created, false on error
+ global $CFG;
+ $attrmap = auth_ldap_attributes();
+ $ldapconnect = auth_ldap_connect();
+ $ldapbind = auth_ldap_bind($ldapconnect);
+
+ $newuser = array();
+
+ foreach ($attrmap as $key=>$value){
+ if(isset($userobject->$key) ){
+ $newuser[$value]=utf8_encode($userobject->$key);
+ }
+ }
+
+ //Following sets all mandatory and other forced attribute values
+ //this should be moved to config inteface ASAP
+ $newuser['objectClass']= array("inetOrgPerson","organizationalPerson","person","top");
+ $newuser['uniqueId']= $userobject->username;
+ $newuser['logindisabled']="TRUE";
+ $newuser['userpassword']=$plainpass;
+ unset($newuser[country]);
+
+ $uadd = ldap_add($ldapconnect, $CFG->ldap_user_attribute."=$userobject->username,".$CFG->ldap_create_context, $newuser);
+
+ ldap_close($ldapconnect);
+ return $uadd;
+
+}
+
+function auth_user_activate ($username) {
+//activate new ldap-user after email-address is confirmed
+ global $CFG;
+
+ $ldapconnect = auth_ldap_connect();
+ $ldapbind = auth_ldap_bind($ldapconnect);
+
+ $userdn = auth_ldap_find_userdn($ldapconnect, $username);
+
+ $newinfo['loginDisabled']="FALSE";
+
+ $result = ldap_modify($ldapconnect, $userdn, $newinfo);
+ ldap_close($ldapconnect);
+ return $result;
+}
+
+function auth_user_disable ($username) {
+//activate new ldap-user after email-address is confirmed
+ global $CFG;
+
+ $ldapconnect = auth_ldap_connect();
+ $ldapbind = auth_ldap_bind($ldapconnect);
+
+ $userdn = auth_ldap_find_userdn($ldapconnect, $username);
+ $newinfo['loginDisabled']="TRUE";
+
+ $result = ldap_modify($ldapconnect, $userdn, $newinfo);
+ ldap_close($ldapconnect);
+ return $result;
+}
+
+//PRIVATE FUNCTIONS starts
+//private functions are named as auth_ldap*
function auth_ldap_connect(){
/// connects to ldap-server
//get all contexts and look for first matching user
$ldap_contexts = explode(";",$CFG->ldap_contexts);
+
+ if (!empty($CFG->ldap_create_context)){
+ array_push($ldap_contexts, $CFG->ldap_create_context);
+ }
foreach ($ldap_contexts as $context) {
return $ldap_user_dn;
}
+function auth_ldap_attributes (){
+//returns array containg attribute mappings between Moodle and ldap
+ global $CFG;
+
+ $config = (array)$CFG;
+ $fields = array("firstname", "lastname", "email", "phone1", "phone2",
+ "department", "address", "city", "country", "description",
+ "idnumber", "lang");
+
+ $moodleattributes = array();
+ foreach ($fields as $field) {
+ if ($config["auth_user_$field"]) {
+ $moodleattributes[$field] = $config["auth_user_$field"];
+ }
+ }
+ return $moodleattributes;
+}
?>
$string['auth_imaptype'] = "The IMAP server type. IMAP servers can have different types of authentication and negotiation.";
$string['instructions'] = "Instructions";
$string['auth_ldap_bind_dn'] = "If you want to use bind-user to search users, specify it here. Someting like 'cn=ldapuser,ou=public,o=org'";
+$string['auth_ldap_create_context'] = "If you enable user creation with email confirmation, specify context where users are created. This context should be different from other users to prevent security issues. You don't need to add this context to ldap_context-variable, Moodle will search for users from this context automaticly.";
$string['auth_ldap_bind_pw'] = "Password for bind-user.";
$string['auth_ldap_contexts'] = "List of contexts where users are located. Separate different contexts with ';'. For example: 'ou=users,o=org; ou=others,o=org'";
$string['auth_ldap_host_url'] = "Specify LDAP host in URL-form like 'ldap://ldap.myorg.com/' or 'ldaps://ldap.myorg.com/' ";
$string['auth_pop3port'] = "Server port (110 is the most common)";
$string['auth_pop3title'] = "Use a POP3 server";
$string['auth_pop3type'] = "Server type. If your server uses certificate security, choose pop3cert.";
+$string['auth_user_create'] = "Enable user creation";
+$string['auth_user_creation'] = "New (anonymous) users create user account for her/hiself. Account will be created to selected authentication module and confirmed via email. If you enable this , remember to configure also module specific options for user creation.";
+$string['auth_usernameexists'] = "Selected username already exists. Please choose new one.";
$string['authenticationoptions'] = "Authentication options";
$string['authinstructions'] = "Here you can provide instructions for your users, so they know which username and password they should be using. The text you enter here will appear on the login page. If you leave this blank then no instructions will be printed.";
$string['changepassword'] = "Change password URL";
$string['city'] = "Kaupunki/Paikkakunta";
$string['closewindow'] = "Sulje tämä ikkuna";
$string['comparelanguage'] = "Vertaa ja muokkaa käännöstä";
-$string['complete'] = "Suorita loppuun";
+$string['complete'] = "Täysi";
$string['configcountry'] = "Jos asetat maan tässä niin valinnasta tulee oletus kaikille käyttäjille. Pakottaaksesi käyttäjät valitsemaan maansa itse , jätä tämä kohta tyhjäksi.";
$string['configdebug'] = "Jos valitset virheenkorjaus tilan päälle PHP:n error_reporting arvo nousee ja enemmän virheilmoituksia tulostuu näytölle. Tästä asetuksesta on hyötyä vain Moodlen kehittäjille.";
$string['configerrorlevel'] = "PHP virheilmoitusten määrä. Normal on yleensä hyvä valinta.";
<?PHP // $Id$
require_once("../config.php");
+ require_once("../auth/$CFG->auth/lib.php");
if ( isset($p) and isset($s) ) { # p = user.secret s = user.username
if (!set_field("user", "firstaccess", time(), "id", $user->id)) {
error("Could not set this user's first access date!");
}
+ if (isset($CFG->auth_user_create) and $CFG->auth_user_create==1 and function_exists('auth_user_activate') ) {
+ if (!auth_user_activate($user->username)) {
+ error("Could not activate this user!");
+ }
+ }
// The user has confirmed successfully, let's log them in
-
+
if (!$USER = get_user_info_from_db("username", $user->username)) {
error("Something serious is wrong with the database");
}
$focus = "form.username";
}
- if ($CFG->auth == "email" or $CFG->auth == "none" or $CFG->auth_instructions) {
+ if ($CFG->auth == "email" or $CFG->auth == "none" or chop($CFG->auth_instructions) <> "" ) {
$show_instructions = true;
} else {
$show_instructions = false;
echo "<BLOCKQUOTE>";\r
echo format_text($CFG->auth_instructions);\r
echo "</BLOCKQUOTE>";\r
+ require_once("../auth/$CFG->auth/lib.php");\r
+ if (isset($CFG->auth_user_create) and $CFG->auth_user_create==1 and function_exists('auth_user_create') ){?>\r
+ <FORM NAME="form4" ACTION="signup.php" METHOD=get>\r
+ <INPUT type="submit" VALUE="<? print_string("startsignup") ?>">\r
+ </FORM>\r
+ </CENTER>\r
+ <?\r
+ }\r
}\r
?>\r
\r
<?PHP // $Id$
- require_once("../config.php");
+ require_once("../config.php");
require_once("../lib/countries.php");
+ require_once("../auth/$CFG->auth/lib.php");
if ($user = data_submitted()) {
validate_form($user, $err);
if (count((array)$err) == 0) {
-
+ $plainpass = $user->password;
$user->password = md5($user->password);
$user->confirmed = 0;
$user->lang = current_language();
$user->firstaccess = time();
$user->secret = random_string(15);
+ if (isset($CFG->auth_user_create) and $CFG->auth_user_create==1 and function_exists('auth_user_create') ){
+ if (! auth_user_exists($user->username)) {
+ if (! auth_user_create($user,$plainpass)) {
+ error("Could not add user to authentication module!");
+ }
+ } else {
+ error("User already exists on authentication database.");
+ }
+ }
if (! ($user->id = insert_record("user", $user)) ) {
error("Could not add your record to the database!");
}
+
+
if (! send_confirmation_email($user)) {
error("Tried to send you an email but failed!");
}
*****************************************************************************/
function validate_form($user, &$err) {
-
+ global $CFG;
if (empty($user->username))
$err->username = get_string("missingusername");
$err->username = get_string("alphanumerical");
}
+ if (isset($CFG->auth_user_create) and $CFG->auth_user_create==1 and function_exists('auth_user_exists') ){
+ if (auth_user_exists($user->username)) {
+ $err->username = get_string("usernameexists");
+ }
+ }
+
if (empty($user->password))
$err->password = get_string("missingpassword");
projects / moodle.git / commitdiff