foreach ($authsenabled as $auth) {
$authplugin = get_auth_plugin($auth);
$displayauths[$auth] = get_string("auth_{$auth}title", 'auth');
- if (method_exists($authplugin, 'user_signup')) {
+ if ($authplugin->can_signup()) {
$registrationauths[$auth] = get_string("auth_{$auth}title", 'auth');
}
}
}
$authplugin = get_auth_plugin($auth);
$displayauths[$auth] = get_string("auth_{$auth}title", 'auth');
- if (method_exists($authplugin, 'user_signup')) {
+ if ($authplugin->can_signup()) {
$registrationauths[$auth] = get_string("auth_{$auth}title", 'auth');
}
}
error(get_string('confirmsesskeybad', 'error'));
}
- if (method_exists($authplugin, 'validate_form')) {
- $authplugin->validate_form($frm, $err);
- }
+ $authplugin->validate_form($frm, $err);
if (count($err) == 0) {
+++ /dev/null
-<?php
-/**
- * @author Martin Dougiamas
- * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
- * @package moodle multiauth
- *
- * Multiple plugin authentication
- * Support library
- *
- * 2006-08-28 File created, AUTH return values defined.
- */
-
-/**
- * Returned when the login was successful.
- */
-define('AUTH_OK', 0);
-
-/**
- * Returned when the login was unsuccessful.
- */
-define('AUTH_FAIL', 1);
-
-/**
- * Returned when the login was denied (a reason for AUTH_FAIL).
- */
-define('AUTH_DENIED', 2);
-
-/**
- * Returned when some error occurred (a reason for AUTH_FAIL).
- */
-define('AUTH_ERROR', 4);
-
-?>
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* CAS authentication plugin.
*/
-class auth_plugin_cas {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_cas extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_cas() {
+ $this->authtype = 'cas';
$this->config = get_config('auth/cas');
}
return !empty($this->config->changepasswordurl);
}
+ function prelogin_hook() {
+ // Load alternative login screens if necessary
+ // TODO: fix the cas login screen
+ return;
+
+ if(!empty($CFG->cas_enabled)) {
+ require($CFG->dirroot.'/auth/cas/login.php');
+ }
+ }
+
+
/**
* Prints a form for configuring this authentication plugin.
*
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* External database authentication plugin.
*/
-class auth_plugin_db {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_db extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_db() {
+ $this->authtype = 'db';
$this->config = get_config('auth/db');
if (empty($this->config->extencoding)) {
$this->config->extencoding = 'utf-8';
$this->config->changepasswordurl = '';
set_config('changepasswordurl', '', 'auth/db');
}
- return true;
}
/**
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
/**
* Email authentication plugin.
*/
-class auth_plugin_email {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_email extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_email() {
+ $this->authtype = 'email';
$this->config = get_config('auth/email');
}
return update_internal_user_password($user, $newpassword);
}
+ function can_signup() {
+ return true;
+ }
+
/**
* Sign up a new user ready for confirmation.
* Password is passed in plaintext.
* @param object $user new user object (with system magic quotes)
* @param boolean $notify print notice with link and terminate
*/
- function user_signup($user, $notify = true) {
+ function user_signup($user, $notify=true) {
$user->password = hash_internal_user_password($user->password);
if (! ($user->id = insert_record('user', $user)) ) {
}
}
+ /**
+ * Returns true if plugin allows confirming of new users.
+ *
+ * @return bool
+ */
+ function can_confirm() {
+ return true;
+ }
+
/**
* Confirm the new user as registered.
*
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
require_once 'fcFPP.php';
/**
* FirstClass authentication plugin.
*/
-class auth_plugin_fc {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_fc extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_fc() {
+ $this->authtype = 'fc';
$this->config = get_config('auth/fc');
}
* Get users group membership from the FirstClass server user and check if
* user is member of one of the groups of creators.
*/
- function iscreator($username = 0) {
- global $USER;
-
+ function iscreator($username) {
if (! $this->config->creators) {
- return false;
- }
- if (! $username) {
- $username = $USER->username;
+ return null;
}
$fcgroups = array();
$creators = explode(";", $this->config->creators);
foreach($creators as $creator) {
- If (in_array($creator, $fcgroups)) return true;
+ if (in_array($creator, $fcgroups)) {
+ return true;
+ }
}
return false;
return false;
}
+ /**
+ * Sync roles for this user
+ *
+ * @param $user object user object (without system magic quotes)
+ */
+ function sync_roles($user) {
+ $iscreator = $this->iscreator($user->username);
+ if ($iscreator === null) {
+ return; //nothing to sync - creators not configured
+ }
+
+ if ($roles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) {
+ $creatorrole = array_shift($roles); // We can only use one, let's use the first one
+ $systemcontext = get_context_instance(CONTEXT_SYSTEM);
+
+ if ($iscreator) { // Following calls will not create duplicates
+ role_assign($creatorrole->id, $user->id, 0, $systemcontext->id, 0, 0, 0, 'fc');
+ } else {
+ //unassign only if previously assigned by this plugin!
+ role_unassign($creatorrole->id, $user->id, 0, $systemcontext->id, 'fc');
+ }
+ }
+ }
+
/**
* Prints a form for configuring this authentication plugin.
*
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* IMAP authentication plugin.
*/
-class auth_plugin_imap {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_imap extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_imap() {
+ $this->authtype = 'imap';
$this->config = get_config('auth/imap');
}
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* LDAP authentication plugin.
*/
-class auth_plugin_ldap {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_ldap extends auth_plugin_base {
/**
* Constructor with initialisation.
*/
function auth_plugin_ldap() {
+ $this->authtype = 'ldap';
$this->config = get_config('auth/ldap');
if (empty($this->config->ldapencoding)) {
$this->config->ldapencoding = 'utf-8';
* If userpassword does not expire it should return 0. If password is already expired
* it should return negative value.
*
- * @param mixed $username username
+ * @param mixed $username username (with system magic quotes)
* @return integer
*/
function password_expire($username) {
if ($this->iscreator($user->username)) {
role_assign($creatorrole->id, $user->id, 0, $sitecontext->id, 0, 0, 0, 'ldap');
} else {
- role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id);
+ role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id, 'ldap');
}
}
/**
* Returns true if user should be coursecreator.
*
- * @param mixed $username username (with system magic quotes)
+ * @param mixed $username username (without system magic quotes)
* @return boolean result
*/
- function iscreator($username = false) {
- global $USER;
-
+ function iscreator($username) {
if (empty($this->config->creators) or empty($this->config->memberattribute)) {
- return false;
- }
-
- if ($username === false) {
- $username = $USER->username;
- } else {
- $username = stripslashes($username);
+ return null;
}
$textlib = textlib_get_instance();
$extusername = $textlib->convert($username, 'utf-8', $this->config->ldapencoding);
- return $this->ldap_isgroupmember($extusername, $this->config->creators);
+ return (boolean)$this->ldap_isgroupmember($extusername, $this->config->creators);
}
/**
return false;
}
- if (isset($olduser->auth) and $olduser->auth == 'ldap') {
+ if (isset($olduser->auth) and $olduser->auth != 'ldap') {
return true; // just change auth and skip update
}
}
}
+ /**
+ * Sync roles for this user
+ *
+ * @param $user object user object (without system magic quotes)
+ */
+ function sync_roles($user) {
+ $iscreator = $this->iscreator($user->username);
+ if ($iscreator === null) {
+ return; //nothing to sync - creators not configured
+ }
+
+ if ($roles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) {
+ $creatorrole = array_shift($roles); // We can only use one, let's use the first one
+ $systemcontext = get_context_instance(CONTEXT_SYSTEM);
+
+ if ($iscreator) { // Following calls will not create duplicates
+ role_assign($creatorrole->id, $user->id, 0, $systemcontext->id, 0, 0, 0, 'ldap');
+ } else {
+ //unassign only if previously assigned by this plugin!
+ role_unassign($creatorrole->id, $user->id, 0, $systemcontext->id, 'ldap');
+ }
+ }
+ }
+
/**
* Prints a form for configuring this authentication plugin.
*
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* Manual authentication plugin.
*/
-class auth_plugin_manual
-{
- /**
- * The configuration details for the plugin.
- */
- var $config;
-
- var $canchangepassword = true;
- var $isinternal = true;
+class auth_plugin_manual extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_manual() {
+ $this->authtype = 'manual';
$this->config = get_config('auth/manual');
}
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* Moodle Network authentication plugin.
*/
-class auth_plugin_mnet
-{
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_mnet extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_mnet() {
+ $this->authtype = 'mnet';
$this->config = get_config('auth/mnet');
}
}
return $accessctrl == 'allow';
}
+
+ function prelogout_hook() {
+ global $USER, $CFG, $redirect;
+
+ if (!empty($USER->mnethostid) and $USER->mnethostid != $CFG->mnet_localhost_id) {
+ $host = get_record('mnet_host', 'id', $USER->mnethostid);
+ $redirect = $host->wwwroot.'/';
+ }
+ }
+
}
?>
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* NNTP authentication plugin.
*/
-class auth_plugin_nntp {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_nntp extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_nntp() {
+ $this->authtype = 'nntp';
$this->config = get_config('auth/nntp');
}
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* Plugin for no authentication.
*/
-class auth_plugin_nologin {
+class auth_plugin_nologin extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_nologin() {
+ $this->authtype = 'nologin';
}
/**
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* Plugin for no authentication.
*/
-class auth_plugin_none {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
-
- var $canchangepassword = true;
- var $isinternal = true;
+class auth_plugin_none extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_none() {
+ $this->authtype = 'none';
$this->config = get_config('auth/none');
}
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* PAM authentication plugin.
*/
-class auth_plugin_pam {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_pam extends auth_plugin_base {
/**
* Store error messages from pam authentication attempts.
* Constructor.
*/
function auth_plugin_pam() {
+ $this->authtype = 'pam';
$this->config = get_config('auth/pam');
$this->errormessage = '';
}
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* POP3 authentication plugin.
*/
-class auth_plugin_pop3 {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_pop3 extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_pop3() {
+ $this->authtype = 'pop3';
$this->config = get_config('auth/pop3');
}
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* RADIUS authentication plugin.
*/
-class auth_plugin_radius {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_radius extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_radius() {
+ $this->authtype = 'radius';
$this->config = get_config('auth/radius');
}
die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
+require_once($CFG->libdir.'/authlib.php');
+
/**
* Shibboleth authentication plugin.
*/
-class auth_plugin_shibboleth {
-
- /**
- * The configuration details for the plugin.
- */
- var $config;
+class auth_plugin_shibboleth extends auth_plugin_base {
/**
* Constructor.
*/
function auth_plugin_shibboleth() {
+ $this->authtype = 'shibboleth';
$this->config = get_config('auth/shibboleth');
}
return false;
}
+ function prelogin_hook() {
+ global $SESSION, $CFG;
+
+ //TODO: fix the code
+ return;
+
+ // See http://moodle.org/mod/forum/discuss.php?d=39918#187611
+ // if ($CFG->auth == 'shibboleth') {
+ // if (!empty($SESSION->shibboleth_checked) ) { // Just come from there
+ // unset($SESSION->shibboleth_checked);
+ // } else if (empty($_POST)) { // No incoming data, so redirect
+ // redirect($CFG->wwwroot.'/auth/shibboleth/index.php');
+ // }
+ // }
+ }
+
/**
* Prints a form for configuring this authentication plugin.
*
if (!empty($CFG->registerauth)) {
$authplugin = get_auth_plugin($CFG->registerauth);
- if (method_exists($authplugin, 'user_signup')) {
+ if ($authplugin->can_signup()) {
$signup = $wwwroot . '/login/signup.php';
}
}
$string['changepasswordhelp'] = 'Here you can specify a location at which your users can recover or change their username/password if they\'ve forgotten it. This will be provided to users as a button on the login page and their user page. if you leave this blank the button will not be printed.';
$string['chooseauthmethod'] = 'Choose an authentication method';
$string['createpasswordifneeded'] = 'Create password if needed';
+$string['errorpasswordupdate'] = 'Error updating password, password not changed';
$string['infilefield'] = 'Field required in file';
$string['forcechangepassword'] = 'Force change password';
$string['forcechangepassword_help'] = 'Force users to change password on their next login to Moodle.';
* @param $userid
* @param $groupid
* @param $contextid
+ * @param $enrol unassign only if enrolment type matches, NULL means anything
* @return boolean - success or failure
*/
-function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0) {
+function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0, $enrol=NULL) {
global $USER, $CFG;
$select[] = $arg.' = '.$$arg;
}
}
+ if (!empty($enrol)) {
+ $select[] = "enrol='$enrol'";
+ }
if ($select) {
if ($ras = get_records_select('role_assignments', implode(' AND ', $select))) {
--- /dev/null
+<?php
+/**
+ * @author Martin Dougiamas
+ * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+ * @package moodle multiauth
+ *
+ * Multiple plugin authentication
+ * Support library
+ *
+ * 2006-08-28 File created, AUTH return values defined.
+ */
+
+/**
+ * Returned when the login was successful.
+ */
+define('AUTH_OK', 0);
+
+/**
+ * Returned when the login was unsuccessful.
+ */
+define('AUTH_FAIL', 1);
+
+/**
+ * Returned when the login was denied (a reason for AUTH_FAIL).
+ */
+define('AUTH_DENIED', 2);
+
+/**
+ * Returned when some error occurred (a reason for AUTH_FAIL).
+ */
+define('AUTH_ERROR', 4);
+
+/**
+ * Authentication - error codes for user confirm
+ */
+define('AUTH_CONFIRM_FAIL', 0);
+define('AUTH_CONFIRM_OK', 1);
+define('AUTH_CONFIRM_ALREADY', 2);
+define('AUTH_CONFIRM_ERROR', 3);
+
+
+
+/**
+ * Abstract authentication plugin.
+ */
+class auth_plugin_base {
+
+ /**
+ * The configuration details for the plugin.
+ */
+ var $config;
+
+ /**
+ * Authentication plugin type - the same as db field.
+ */
+ var $authtype;
+
+ /**
+ * Returns true if the username and password work and false if they are
+ * wrong or don't exist.
+ *
+ * @param string $username The username (with system magic quotes)
+ * @param string $password The password (with system magic quotes)
+ *
+ * @return bool Authentication success or failure.
+ */
+ function user_login($username, $password) {
+ error('Abstract user_login() method must be overriden.');
+ }
+
+ /**
+ * Returns true if this authentication plugin can change the user's
+ * password.
+ *
+ * @return bool
+ */
+ function can_change_password() {
+ //override if needed
+ return false;
+ }
+
+ /**
+ * Returns the URL for changing the user's pw, or empty if the default can
+ * be used.
+ *
+ * @return string
+ */
+ function change_password_url() {
+ //override if needed
+ return '';
+ }
+
+ /**
+ * Returns true if this authentication plugin is 'internal'.
+ *
+ * @return bool
+ */
+ function is_internal() {
+ //override if needed
+ return true;
+ }
+
+ /**
+ * Change a user's password
+ *
+ * @param object $user User table object (with system magic quotes)
+ * @param string $newpassword Plaintext password (with system magic quotes)
+ *
+ * @return bool True on success
+ */
+ function user_update_password($user, $newpassword) {
+ //override if needed
+ return true;
+ }
+
+ /**
+ * Called when the user record is updated.
+ * Modifies user in external database. It takes olduser (before changes) and newuser (after changes)
+ * conpares information saved modified information to external db.
+ *
+ * @param mixed $olduser Userobject before modifications (without system magic quotes)
+ * @param mixed $newuser Userobject new modified userobject (without system magic quotes)
+ * @return boolean true if updated or update ignored; false if error
+ *
+ */
+ function user_update($olduser, $newuser) {
+ //override if needed
+ return true;
+ }
+
+ /**
+ * Returns true if plugin allows resetting of internal password.
+ *
+ * @return bool
+ */
+ function can_reset_password() {
+ //override if needed
+ return false;
+ }
+
+ /**
+ * Returns true if plugin allows resetting of internal password.
+ *
+ * @return bool
+ */
+ function can_signup() {
+ //override if needed
+ return false;
+ }
+
+ /**
+ * Sign up a new user ready for confirmation.
+ * Password is passed in plaintext.
+ *
+ * @param object $user new user object (with system magic quotes)
+ * @param boolean $notify print notice with link and terminate
+ */
+ function user_signup($user, $notify=true) {
+ //override when can signup
+ error('user_signup method must be overriden if signup enabled');
+ }
+
+ /**
+ * Returns true if plugin allows confirming of new users.
+ *
+ * @return bool
+ */
+ function can_confirm() {
+ //override if needed
+ return false;
+ }
+
+ /**
+ * Confirm the new user as registered.
+ *
+ * @param string $username (with system magic quotes)
+ * @param string $confirmsecret (with system magic quotes)
+ */
+ function user_confirm($username, $confirmsecret) {
+ //override when can confirm
+ error('user_confirm method must be overriden if confirm enabled');
+ }
+
+ /**
+ * Checks if user exists in external db
+ *
+ * @param string $username (with system magic quotes)
+ */
+ function user_exists() {
+ //override if needed
+ return false;
+ }
+
+ /**
+ * Activates (enables) user in external db so user can login using username/password from external db
+ *
+ * @param mixed $username username (with system magic quotes)
+ * @return boolen result
+ */
+ function user_activate($username) {
+ //override if needed
+ return true;
+ }
+
+ /**
+ * return number of days to user password expires
+ *
+ * If userpassword does not expire it should return 0. If password is already expired
+ * it should return negative value.
+ *
+ * @param mixed $username username (with system magic quotes)
+ * @return integer
+ */
+ function password_expire($username) {
+ return 0;
+ }
+ /**
+ * Sync roles for this user - usually creator
+ *
+ * @param $user object user object (without system magic quotes)
+ */
+ function sync_roles($user) {
+ //override if needed
+ }
+
+ /**
+ * Read user information from external database and returns it as array().
+ * Function should return all information available. If you are saving
+ * this information to moodle user-table you should honor syncronization flags
+ *
+ * @param string $username username (with system magic quotes)
+ *
+ * @return mixed array with no magic quotes or false on error
+ */
+ function get_userinfo($username) {
+ //override if needed
+ return array();
+ }
+
+ /**
+ * A chance to validate form data, and last chance to
+ * do stuff before it is inserted in config_plugin
+ */
+ function validate_form(&$form, &$err) {
+ //override if needed
+ }
+
+ /**
+ * Prelogin actions.
+ */
+ function prelogin_hook() {
+ //override if needed
+ }
+
+ /**
+ * Post authentication hook.
+ */
+ function user_authenticated_hook($user, $username, $password) {
+ /// TODO: review following code - looks hackish :-( mnet should obsole this, right?
+ /// Log in to a second system if necessary
+ global $CFG;
+
+ if (!empty($CFG->sso)) {
+ include_once($CFG->dirroot .'/sso/'. $CFG->sso .'/lib.php');
+ if (function_exists('sso_user_login')) {
+ if (!sso_user_login($username, $password)) { // Perform the signon process
+ notify('Second sign-on failed');
+ }
+ }
+ }
+ }
+
+ /**
+ * Prelogout actions.
+ */
+ function prelogout_hook() {
+ //override if needed
+ }
+}
+
+?>
if ($oldversion < 2004082600) {
//update auth-fields for external users
- include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
+ // following code would not work in 1.8
+/* include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
if (function_exists('auth_get_userlist')) {
$externalusers = auth_get_userlist();
if (!empty($externalusers)){
$externalusers = '\''. implode('\',\'',$externalusers).'\'';
execute_sql("UPDATE {$CFG->prefix}user SET auth = '$CFG->auth' WHERE username IN ($externalusers)");
}
- }
+ }*/
}
if ($oldversion < 2004082900) { // Make sure guest is "manual" too.
if ($oldversion < 2004082600) {
//update auth-fields for external users
- include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
+ // following code would not work in 1.8
+/* include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php");
if (function_exists('auth_get_userlist')) {
$externalusers = auth_get_userlist();
if (!empty($externalusers)){
$externalusers = '\''. implode('\',\'',$externalusers).'\'';
execute_sql("UPDATE {$CFG->prefix}user SET auth = '$CFG->auth' WHERE username IN ($externalusers)");
}
- }
+ }*/
}
if ($oldversion < 2004082900) { // Make sure guest is "manual" too.
define ('BLOG_SITE_LEVEL', 4);
define ('BLOG_GLOBAL_LEVEL', 5);
-/**
- * Authentication - error codes for user confirm
- */
-define('AUTH_CONFIRM_FAIL', 0);
-define('AUTH_CONFIRM_OK', 1);
-define('AUTH_CONFIRM_ALREADY', 2);
-define('AUTH_CONFIRM_ERROR', 3);
-
/// PARAMETER HANDLING ////////////////////////////////////////////////////
if (get_user_preferences('auth_forcepasswordchange') && empty($USER->realuser)) {
if ($userauth->can_change_password()) {
$SESSION->wantsurl = $FULLME;
- if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ if ($userauth->change_password_url()) {
//use plugin custom url
redirect($userauth->change_password_url());
} else {
$authplugin = get_auth_plugin($auth);
- if (method_exists($authplugin, 'get_userinfo')) {
- if ($newinfo = $authplugin->get_userinfo($username)) {
- $newinfo = truncate_userinfo($newinfo);
- foreach ($newinfo as $key => $value){
- $newuser->$key = addslashes($value);
- }
+ if ($newinfo = $authplugin->get_userinfo($username)) {
+ $newinfo = truncate_userinfo($newinfo);
+ foreach ($newinfo as $key => $value){
+ $newuser->$key = addslashes($value);
}
}
* @return user A {@link $USER} object
*/
function update_user_record($username, $authplugin) {
- if (method_exists($authplugin, 'get_userinfo')) {
- $username = trim(moodle_strtolower($username)); /// just in case check text case
-
- $oldinfo = get_record('user', 'username', $username, '','','','', 'username, auth');
- $userauth = get_auth_plugin($oldinfo->auth);
-
- if ($newinfo = $authplugin->get_userinfo($username)) {
- $newinfo = truncate_userinfo($newinfo);
- foreach ($newinfo as $key => $value){
- $confkey = 'field_updatelocal_' . $key;
- if (!empty($userauth->config->$confkey) and $userauth->config->$confkey === 'onlogin') {
- $value = addslashes(stripslashes($value)); // Just in case
- set_field('user', $key, $value, 'username', $username)
- or error_log("Error updating $key for $username");
- }
+ $username = trim(moodle_strtolower($username)); /// just in case check text case
+
+ $oldinfo = get_record('user', 'username', $username, '','','','', 'username, auth');
+ $userauth = get_auth_plugin($oldinfo->auth);
+
+ if ($newinfo = $userauth->get_userinfo($username)) {
+ $newinfo = truncate_userinfo($newinfo);
+ foreach ($newinfo as $key => $value){
+ $confkey = 'field_updatelocal_' . $key;
+ if (!empty($userauth->config->$confkey) and $userauth->config->$confkey === 'onlogin') {
+ $value = addslashes(stripslashes($value)); // Just in case
+ set_field('user', $key, $value, 'username', $username)
+ or error_log("Error updating $key for $username");
}
}
}
+
return get_complete_user_data('username', $username);
}
// if user not found, create him
$user = create_user_record($username, $password, $auth);
}
- // fix for MDL-6928
- if (method_exists($authplugin, 'iscreator')) {
- $sitecontext = get_context_instance(CONTEXT_SYSTEM);
- if ($creatorroles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) {
- $creatorrole = array_shift($creatorroles); // We can only use one, let's use the first one
- // Check if the user is a creator
- if ($authplugin->iscreator($username)) { // Following calls will not create duplicates
- role_assign($creatorrole->id, $user->id, 0, $sitecontext->id, 0, 0, 0, $auth);
- } else {
- role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id);
- }
- }
- }
- /// Log in to a second system if necessary
- if (!empty($CFG->sso)) {
- include_once($CFG->dirroot .'/sso/'. $CFG->sso .'/lib.php');
- if (function_exists('sso_user_login')) {
- if (!sso_user_login($username, $password)) { // Perform the signon process
- notify('Second sign-on failed');
- }
- }
- }
+ $authplugin->sync_roles($user);
+
+ $authplugin->user_authenticated_hook($user, $username, $password);
return $user;
$data->admin = fullname($from).' ('. $from->email .')';
$userauth = get_auth_plugin($user->auth);
- if ($userauth->can_change_password() and method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ if ($userauth->can_change_password() and $userauth->change_password_url()) {
// we have some external url for password cahnging
$data->link .= $userauth->change_password_url();
require_once('../config.php');
require_once('change_password_form.php');
- $id = optional_param('id', SITEID, PARAM_INT);
+ $id = optional_param('id', SITEID, PARAM_INT); // current course
//HTTPS is potentially required in this page
httpsrequired();
- $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
+ $systemcontext = get_context_instance(CONTEXT_SYSTEM);
if (!$course = get_record('course', 'id', $id)) {
error('No such course!');
}
- if (is_mnet_remote_user($USER)) {
- $message = get_string('usercannotchangepassword', 'mnet');
- if ($idprovider = get_record('mnet_host', 'id', $USER->mnethostid)) {
- $message .= get_string('userchangepasswordlink', 'mnet', $idprovider);
- }
- error($message);
- }
-
// require proper login; guest can not change password
- // TODO: add change password capability so that we can prevent participants to change password
- if (empty($USER->id) or isguestuser() or has_capability('moodle/legacy:guest', $sitecontext, $USER->id, false)) {
+ // TODO: add change password capability so that we can prevent participants from changing password
+ if (empty($USER->id) or isguestuser() or has_capability('moodle/legacy:guest', $systemcontext, $USER->id, false)) {
if (empty($SESSION->wantsurl)) {
$SESSION->wantsurl = $CFG->httpswwwroot.'/login/change_password.php';
}
error('Can not use this script when "Logged in as"!');
}
+ if (is_mnet_remote_user($USER)) {
+ $message = get_string('usercannotchangepassword', 'mnet');
+ if ($idprovider = get_record('mnet_host', 'id', $USER->mnethostid)) {
+ $message .= get_string('userchangepasswordlink', 'mnet', $idprovider);
+ }
+ error($message);
+ }
+
// load the appropriate auth plugin
$userauth = get_auth_plugin($USER->auth);
error(get_string('nopasswordchange', 'auth'));
}
- if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ if ($userauth->change_password_url()) {
// this internal scrip not used
redirect($userauth->change_password_url());
}
$mform = new login_change_password_form();
- $mform->set_data(array('id'=>$course->id, 'username'=>$USER->username));
+ $mform->set_data(array('id'=>$course->id));
if ($mform->is_cancelled()) {
redirect($CFG->wwwroot.'/user/view.php?id='.$USER->id.'&course='.$course->id);
} else if ($data = $mform->get_data()) {
- if (!has_capability('moodle/user:update', $sitecontext)) {
- //ignore submitted username - the same is done in form validation
- $data->username = $USER->username;
- }
-
- if ($data->username == $USER->username) {
- $user =& $USER;
- } else {
- $user = get_complete_user_data('username', $data->username);
+ if (!$userauth->user_update_password(addslashes_recursive($USER), $data->newpassword1)) {
+ error(get_string('errorpasswordupdate', 'auth'));
}
// register success changing password
- unset_user_preference('auth_forcepasswordchange', $user->id);
+ unset_user_preference('auth_forcepasswordchange', $USER->id);
$strpasswordchanged = get_string('passwordchanged');
- add_to_log($course->id, 'user', 'change password', "view.php?id=$user->id&course=$course->id", "$user->id");
+ add_to_log($course->id, 'user', 'change password', "view.php?id=$USER->id&course=$course->id", "$USER->id");
$fullname = fullname($USER, true);
function definition() {
global $USER;
- $mform =& $this->_form;
+ $mform =& $this->_form;
$mform->addElement('header', '', get_string('changepassword'), '');
- $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
// visible elements
- if (has_capability('moodle/user:update', $sitecontext)) {
- $mform->addElement('text', 'username', get_string('username'));
- $mform->addRule('username', get_string('required'), 'required', null, 'client');
- $mform->setType('username', PARAM_RAW);
- } else {
- $mform->addElement('hidden', 'username');
- $mform->setType('username', PARAM_RAW);
- }
+ $mform->addElement('static', 'username', get_string('username'));
- if (has_capability('moodle/user:update', $sitecontext)) {
- $mform->addElement('hidden', 'password');
- $mform->setType('username', PARAM_RAW);
- } else {
- $mform->addElement('password', 'password', get_string('oldpassword'));
- $mform->addRule('password', get_string('required'), 'required', null, 'client');
- $mform->setType('password', PARAM_RAW);
- }
+ $mform->addElement('password', 'password', get_string('oldpassword'));
+ $mform->addRule('password', get_string('required'), 'required', null, 'client');
+ $mform->setType('password', PARAM_RAW);
$mform->addElement('password', 'newpassword1', get_string('newpassword'));
$mform->addRule('newpassword1', get_string('required'), 'required', null, 'client');
/// perform extra password change validation
function validation($data){
global $USER;
- $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
$errors = array();
- if (has_capability('moodle/user:update', $sitecontext)) {
- if (!$user = get_record('user', 'username', $data['username'])) {
- $errors['username'] = get_string('invalidlogin');
- return $errors;
- }
- } else {
- update_login_count();
-
- // ignore submitted username
- if (!$user = authenticate_user_login($USER->username, $data['password'])) {
- $errors['password'] = get_string('invalidlogin');
- return $errors;
- }
+ update_login_count();
- reset_login_count();
- }
-
- // can not change guest user password
- if ($user->username == 'guest') {
- $errors['username'] = get_string('invalidlogin');
+ // ignore submitted username
+ if (!$user = authenticate_user_login($USER->username, $data['password'])) {
+ $errors['password'] = get_string('invalidlogin');
return $errors;
}
- // can not change password of primary admin
- $mainadmin = get_admin();
- if ($user->id == $mainadmin->id and $USER->id != $mainadmin->id) {
- $errors['username'] = get_string('adminprimarynoedit');
- return $errors;
- }
+ reset_login_count();
if ($data['newpassword1'] <> $data['newpassword2']) {
$errors['newpassword1'] = get_string('passwordsdiffer');
$errors['newpassword2'] = get_string('passwordsdiffer');
return $errors;
- } else if (!has_capability('moodle/user:update', $sitecontext) and ($data['password'] == $data['newpassword1'])){
+ }
+
+ if ($data['password'] == $data['newpassword1']){
$errors['newpassword1'] = get_string('mustchangepassword');
$errors['newpassword2'] = get_string('mustchangepassword');
return $errors;
}
$authplugin = get_auth_plugin($CFG->registerauth);
- if (!method_exists($authplugin, 'user_confirm')) {
+ if (!$authplugin->can_confirm()) {
error("Sorry, you may not use this page.");
}
} else if ($confirmed == AUTH_CONFIRM_OK) {
// Activate new user if necessary
- if (method_exists($authplugin, 'user_activate')) {
- if (!$authplugin->user_activate($username)) {
- error('Could not activate this user!');
- }
+ if (!$authplugin->user_activate($username)) {
+ error('Could not activate this user!');
}
// The user has confirmed successfully, let's log them in
$userauth = get_auth_plugin($user->auth);
- if (method_exists($userauth, 'can_reset_password') and $userauth->can_reset_password()) {
+ if ($userauth->can_reset_password()) {
// reset internal password and notify user
// set 'secret' string
$session_has_timed_out = false;
}
- //HTTPS is potentially required in this page
- httpsrequired();
-
/// Check if the guest user exists. If not, create one.
if (! record_exists('user', 'username', 'guest')) {
$guest->auth = 'manual';
$authsequence = explode(',', $CFG->auth); // auths, in sequence
-// Load alternative login screens if necessary
-if ($authsequence[0] == 'cas' and !empty($CFG->cas_enabled)) {
- require($CFG->dirroot.'/auth/cas/login.php');
- }
-
if (!isset($CFG->registerauth)) {
set_config('registerauth', '');
}
set_config('auth_instructions', '');
}
-// See http://moodle.org/mod/forum/discuss.php?d=39918#187611
-// if ($CFG->auth == 'shibboleth') {
-// if (!empty($SESSION->shibboleth_checked) ) { // Just come from there
-// unset($SESSION->shibboleth_checked);
-// } else if (empty($_POST)) { // No incoming data, so redirect
-// redirect($CFG->wwwroot.'/auth/shibboleth/index.php');
-// }
-// }
-
-
+// auth plugins can override these - SSO anyone?
+$frm = false;
+$user = false;
+
+foreach($authsequence as $authname) {
+ $authplugin = get_auth_plugin($authname);
+ $authplugin->prelogin_hook();
+}
+
+//HTTPS is potentially required in this page
+httpsrequired();
+
/// Define variables used in page
if (!$site = get_site()) {
error("No site found!");
$loginurl = (!empty($CFG->alternateloginurl)) ? $CFG->alternateloginurl : '';
- $frm = false;
- $user = false;
+ if ($user !== false or $frm !== false) {
+ // some auth plugin already supplied these
- if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) {
+ } else if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) {
/// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
$frm->username = 'guest';
$frm->password = 'guest';
+
} else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) {
// Handles the case of another Moodle site linking into a page on this site
+ //TODO: move weblink into own auth plugin
include($CFG->dirroot.'/login/weblinkauth.php');
if (function_exists(weblink_auth)) {
$user = weblink_auth($SESSION->wantsurl);
} else {
$frm = data_submitted($loginurl);
}
+
} else {
$frm = data_submitted($loginurl);
}
$errormsg = get_string("cookiesnotenabled");
- } else if ($frm) { // Login WITH cookies
+ } else if ($frm) { // Login WITH cookies
$frm->username = trim(moodle_strtolower($frm->username));
}
}
- if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
+ if ($user) {
+ //user already supplied by aut plugin prelogin hook
+ } else if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) {
$user = false; /// Can't log in as guest if guest button is disabled
$frm = false;
- } else if (!$user) {
+ } else {
if (empty($errormsg)) {
$user = authenticate_user_login($frm->username, $frm->password);
}
//Select password change url
$userauth = get_auth_plugin($USER->auth);
if ($userauth->can_change_password()) {
- if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ if ($userauth->change_password_url()) {
$passwordchangeurl = $userauth->change_password_url();
} else {
$passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
}
/// Go to my-moodle page instead of homepage if mymoodleredirect enabled
- if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM, SITEID)) and !empty($CFG->mymoodleredirect) and !isguest()) {
+ if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM)) and !empty($CFG->mymoodleredirect) and !isguest()) {
if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
$urltogo = $CFG->wwwroot.'/my/';
}
// check if user password has expired
// Currently supported only for ldap-authentication module
- if (method_exists($userauth, 'password_expire') and !empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
+ if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
$days2expire = $userauth->password_expire($USER->username);
if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) {
print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div class=\"langmenu\">$langmenu</div>");
</form>
</div>
<?php } else if (!empty($CFG->registerauth)) {
- echo format_text($CFG->auth_instructions);
- $authplugin = get_auth_plugin($CFG->registerauth);
- if (method_exists($authplugin, 'user_create')) { ?>
- <div class="signupform">
- <form action="signup.php" method="get" id="signup">
- <div><input type="submit" value="<?php print_string("startsignup") ?>" /></div>
- </form>
- </div>
-<?php }
- } else {
+ echo format_text($CFG->auth_instructions); ?>
+ <div class="signupform">
+ <form action="signup.php" method="get" id="signup">
+ <div><input type="submit" value="<?php print_string("startsignup") ?>" /></div>
+ </form>
+ </div>
+<?php } else {
echo format_text($CFG->auth_instructions);
} ?>
</div>
require_once("../config.php");
- if (!empty($USER->mnethostid) and $USER->mnethostid != $CFG->mnet_localhost_id) {
- $host = get_record('mnet_host', 'id', $USER->mnethostid);
- $wwwroot = $host->wwwroot;
- } else {
- $wwwroot = $CFG->wwwroot;
+ // can be overriden by auth plugins
+ $redirect = $CFG->wwwroot.'/';
+
+ $authsequence = explode(',', $CFG->auth); // auths, in sequence
+ foreach($authsequence as $authname) {
+ $authplugin = get_auth_plugin($authname);
+ $authplugin->prelogin_hook();
}
$sesskey = optional_param('sesskey', '__notpresent__', PARAM_RAW); // we want not null default to prevent required sesskey warning
require_logout();
- redirect("$wwwroot/");
+ redirect($redirect);
?>
}
$authplugin = get_auth_plugin($CFG->registerauth);
- if (!method_exists($authplugin, 'user_signup')) {
+ if (!$authplugin->can_signup()) {
error("Sorry, you may not use this page.");
}
$user->secret = random_string(15);
$user->auth = $CFG->registerauth;
- $authplugin->user_signup($user, $notify=true); // prints notice and link to login/index.php
+ $authplugin->user_signup($user, true); // prints notice and link to login/index.php
exit; //never reached
}
require_once($CFG->libdir.'/formslib.php');
class login_signup_form extends moodleform {
- function definition() {
- global $USER, $CFG;
+ function definition() {
+ global $USER, $CFG;
- $mform =& $this->_form;
+ $mform =& $this->_form;
- $mform->addElement('header', '', get_string('createuserandpass'), '');
+ $mform->addElement('header', '', get_string('createuserandpass'), '');
- $mform->addElement('text', 'username', get_string('username'), 'size="12"');
- $mform->setType('username', PARAM_NOTAGS);
- $mform->addRule('username', get_string('missingusername'), 'required', null, 'client');
+ $mform->addElement('text', 'username', get_string('username'), 'size="12"');
+ $mform->setType('username', PARAM_NOTAGS);
+ $mform->addRule('username', get_string('missingusername'), 'required', null, 'client');
- $mform->addElement('password', 'password', get_string('password'), 'size="12"');
- $mform->setType('password', PARAM_RAW);
- $mform->addRule('password', get_string('missingpassword'), 'required', null, 'client');
+ $mform->addElement('password', 'password', get_string('password'), 'size="12"');
+ $mform->setType('password', PARAM_RAW);
+ $mform->addRule('password', get_string('missingpassword'), 'required', null, 'client');
- $mform->addElement('header', '', get_string('supplyinfo'),'');
+ $mform->addElement('header', '', get_string('supplyinfo'),'');
- $mform->addElement('text', 'email', get_string('email'), 'size="25"');
- $mform->setType('email', PARAM_NOTAGS);
- $mform->addRule('email', get_string('missingemail'), 'required', null, 'client');
+ $mform->addElement('text', 'email', get_string('email'), 'size="25"');
+ $mform->setType('email', PARAM_NOTAGS);
+ $mform->addRule('email', get_string('missingemail'), 'required', null, 'client');
- $mform->addElement('text', 'email2', get_string('emailagain'), 'size="25"');
- $mform->setType('email2', PARAM_NOTAGS);
- $mform->addRule('email2', get_string('missingemail'), 'required', null, 'client');
+ $mform->addElement('text', 'email2', get_string('emailagain'), 'size="25"');
+ $mform->setType('email2', PARAM_NOTAGS);
+ $mform->addRule('email2', get_string('missingemail'), 'required', null, 'client');
- $mform->addElement('text', 'firstname', get_string('firstname'), 'size="25"');
- $mform->setType('firstname', PARAM_TEXT);
- $mform->addRule('firstname', get_string('missingfirstname'), 'required', null, 'client');
+ $mform->addElement('text', 'firstname', get_string('firstname'), 'size="25"');
+ $mform->setType('firstname', PARAM_TEXT);
+ $mform->addRule('firstname', get_string('missingfirstname'), 'required', null, 'client');
- $mform->addElement('text', 'lastname', get_string('lastname'), 'size="25"');
- $mform->setType('lastname', PARAM_TEXT);
- $mform->addRule('lastname', get_string('missinglastname'), 'required', null, 'client');
+ $mform->addElement('text', 'lastname', get_string('lastname'), 'size="25"');
+ $mform->setType('lastname', PARAM_TEXT);
+ $mform->addRule('lastname', get_string('missinglastname'), 'required', null, 'client');
- $mform->addElement('text', 'city', get_string('city'), 'size="20"');
- $mform->setType('city', PARAM_TEXT);
- $mform->addRule('city', get_string('missingcity'), 'required', null, 'client');
+ $mform->addElement('text', 'city', get_string('city'), 'size="20"');
+ $mform->setType('city', PARAM_TEXT);
+ $mform->addRule('city', get_string('missingcity'), 'required', null, 'client');
- $country = get_list_of_countries();
- $default_country[''] = get_string('selectacountry');
- $country = array_merge($default_country, $country);
- $mform->addElement('select', 'country', get_string('country'), $country);
- $mform->addRule('country', get_string('missingcountry'), 'required', null, 'client');
+ $country = get_list_of_countries();
+ $default_country[''] = get_string('selectacountry');
+ $country = array_merge($default_country, $country);
+ $mform->addElement('select', 'country', get_string('country'), $country);
+ $mform->addRule('country', get_string('missingcountry'), 'required', null, 'client');
$mform->setDefault('country', '');
// buttons
$this->add_action_buttons(true, get_string('createaccount'));
- }
+ }
- function definition_after_data(){
- $mform =& $this->_form;
+ function definition_after_data(){
+ $mform =& $this->_form;
- $mform->applyFilter('username', 'moodle_strtolower');
- $mform->applyFilter('username', 'trim');
- }
+ $mform->applyFilter('username', 'moodle_strtolower');
+ $mform->applyFilter('username', 'trim');
+ }
- function validation($data) {
- global $CFG;
- $errors = array();
+ function validation($data) {
+ global $CFG;
+ $errors = array();
$authplugin = get_auth_plugin($CFG->registerauth);
- if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) {
- $errors['username'] = get_string('usernameexists');
- } else {
- if (empty($CFG->extendedusernamechars)) {
- $string = eregi_replace("[^(-\.[:alnum:])]", '', $data['username']);
- if (strcmp($data['username'], $string)) {
- $errors['username'] = get_string('alphanumerical');
- }
- }
- }
- if (method_exists($authplugin, 'user_exists')){
- if ($authplugin->user_exists($user->username)) {
- $errors['username'] = get_string('usernameexists');
- }
- }
-
-
- if (! validate_email($data['email'])) {
- $errors['email'] = get_string('invalidemail');
-
- } else if (record_exists('user', 'email', $data['email'])) {
- $errors['email'] = get_string('emailexists').' <a href="forgot_password.php">'.get_string('newpassword').'?</a>';
- }
+ if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) {
+ $errors['username'] = get_string('usernameexists');
+ } else {
+ if (empty($CFG->extendedusernamechars)) {
+ $string = eregi_replace("[^(-\.[:alnum:])]", '', $data['username']);
+ if (strcmp($data['username'], $string)) {
+ $errors['username'] = get_string('alphanumerical');
+ }
+ }
+ }
+
+ //check if user exists in external db
+ //TODO: maybe we should check all enabled plugins instead
+ if ($authplugin->user_exists($user->username)) {
+ $errors['username'] = get_string('usernameexists');
+ }
+
+
+ if (! validate_email($data['email'])) {
+ $errors['email'] = get_string('invalidemail');
+
+ } else if (record_exists('user', 'email', $data['email'])) {
+ $errors['email'] = get_string('emailexists').' <a href="forgot_password.php">'.get_string('newpassword').'?</a>';
+ }
if (empty($data['email2'])) {
$errors['email2'] = get_string('missingemail');
} else if ($data['email2'] != $data['email']) {
$errors['email2'] = get_string('invalidemail');
}
- if (!isset($errors['email'])) {
- if ($err = email_is_not_allowed($data['email'])) {
- $errors['email'] = $err;
- }
+ if (!isset($errors['email'])) {
+ if ($err = email_is_not_allowed($data['email'])) {
+ $errors['email'] = $err;
+ }
- }
+ }
- if (0 == count($errors)){
- return true;
- } else {
- return $errors;
- }
+ if (0 == count($errors)){
+ return true;
+ } else {
+ return $errors;
+ }
- }
+ }
}
?>
$usernew->timemodified = time();
- if (update_record('user', $usernew)) {
- if (method_exists($authplugin, 'user_update')){
- // pass a true $userold here
- if (! $authplugin->user_update($user, $userform->get_data(false))) {
- // auth update failed, rollback for moodle
- update_record('user', addslashes_object($user));
- error('Failed to update user data on external auth: '.$usernew->auth.
- '. See the server logs for more details.');
- }
- };
- } else {
+ if (!update_record('user', $usernew)) {
error('Error updating user record');
}
+ // pass a true $userold here
+ if (! $authplugin->user_update($user, $userform->get_data(false))) {
+ // auth update failed, rollback for moodle
+ update_record('user', addslashes_object($user));
+ error('Failed to update user data on external auth: '.$usernew->auth.
+ '. See the server logs for more details.');
+ }
+
//update preferences
useredit_update_user_preference($usernew);
if (!update_record('user', $usernew)) {
error('Error updating user record');
}
- if (method_exists($authplugin, 'user_update')){
- // pass a true $userold here
- if (! $authplugin->user_update($user, $userform->get_data(false))) {
- // auth update failed, rollback for moodle
- update_record('user', addslashes_object($user));
- error('Failed to update user data on external auth: '.$usernew->auth.
- '. See the server logs for more details.');
- }
- };
+ // pass a true $userold here
+ if (! $authplugin->user_update($user, $userform->get_data(false))) {
+ // auth update failed, rollback for moodle
+ update_record('user', addslashes_object($user));
+ error('Failed to update user data on external auth: '.$usernew->auth.
+ '. See the server logs for more details.');
+ }
//set new password if specified
if (!empty($usernew->newpassword)) {
if ($authplugin->can_change_password()) {
- if (method_exists($authplugin, 'user_update_password')){
- if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){
- error('Failed to update password on external auth: ' . $usernew->auth .
- '. See the server logs for more details.');
- }
- } else {
- error('Your external authentication module is misconfigued!');
+ if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){
+ error('Failed to update password on external auth: ' . $usernew->auth .
+ '. See the server logs for more details.');
}
}
}
$passwordchangeurl = false;
if ($userauth->can_change_password()) {
- if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ if ($userauth->change_password_url()) {
$passwordchangeurl = $userauth->change_password_url();
} else {
if (empty($CFG->loginhttps)) {
projects / moodle.git / commitdiff