error('No such course!');
}
+ if (is_mnet_remote_user($USER)) {
+ $message = get_string('usercannotchangepassword', 'mnet');
+ if ($idprovider = get_record('mnet_host', 'id', $USER->mnethostid)) {
+ $message .= get_string('userchangepasswordlink', 'mnet', $idprovider);
+ }
+ error($message);
+ }
+
// require proper login; guest can not change passwords anymore!
// TODO: add change password capability so that we can prevent participants to change password
if (empty($USER->id) or $USER->username=='guest' or has_capability('moodle/legacy:guest', $sitecontext, $USER->id, false)) {
$user = get_complete_user_data('username', $data->username);
}
- if (is_internal_auth($user->auth)){
- if (!update_internal_user_password($user, $data->newpassword1)) {
+ // load the appropriate auth plugin
+ $userauth = get_auth_plugin($user->auth);
+ if ($userauth->can_change_password()){
+ if ($userauth->user_update_password($user, $data->newpassword1)) {
+ // hash the $user->password field (without local db update)
+ update_internal_user_password($user, $frm->newpassword1, false);
+ } else {
error('Could not set the new password');
}
} else { // external users
- // the relevant auth libs should be loaded already
- // as part of form validation in function authenticate_user_login()
- // check that we allow changes through moodle
- if (!empty($CFG->{'auth_'. $user->auth.'_stdchangepassword'})) {
- if (function_exists('auth_user_update_password')){
- // note that we pass cleartext password
- if (auth_user_update_password($user->username, $data->newpassword1)){
- update_internal_user_password($user, $data->newpassword1, false);
- } else {
- error('Could not set the new password');
- }
- } else {
- error('The authentication module is misconfigured (missing auth_user_update_password)');
- }
- } else {
- error('You cannot change your password this way.');
+ $message = 'You cannot change your password this way.';
+ if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
+ $message .= '<br /><br />' . get_string('passwordextlink')
+ . '<br /><br />' . '<a href="' . $userauth->change_password_url() . '">'
+ . $userauth->change_password_url() . '</a>'; error('You cannot change your password this way.');
}
+ error($message);
}
// register success changing password
<?php // $Id$
require_once("../config.php");
- require_once("../auth/$CFG->auth/lib.php");
$data = optional_param('data', '', PARAM_CLEAN); // Formatted as: secret/username
$username = $s;
}
- $user = get_complete_user_data('username', $username );
+ $authplugin = get_auth_plugin('email');
+ $confirmed = $authplugin->user_confirm($username, $usersecret);
- if (!empty($user)) {
-
- if ($user->confirmed) {
+ if ($confirmed == AUTH_CONFIRM_ALREADY) {
+ $user = get_complete_user_data('username', $username);
print_header(get_string("alreadyconfirmed"), get_string("alreadyconfirmed"), "", "");
echo "<center><h3>".get_string("thanks").", ". fullname($user) . "</h3>\n";
echo "<h4>".get_string("alreadyconfirmed")."</h4>\n";
echo "<h3> -> <a href=\"$CFG->wwwroot/course/\">".get_string("courses")."</a></h3></center>\n";
print_footer();
exit;
- }
-
- if ($user->secret == $usersecret) { // They have provided the secret key to get in
-
- if (!set_field("user", "confirmed", 1, "id", $user->id)) {
- error("Could not confirm this user!");
- }
- if (!set_field("user", "firstaccess", time(), "id", $user->id)) {
- error("Could not set this user's first access date!");
- }
- if (isset($CFG->auth_user_create) and $CFG->auth_user_create==1 and function_exists('auth_user_activate') ) {
- if (!auth_user_activate($user->username)) {
- error("Could not activate this user!");
+ }
+ if ($confirmed == AUTH_CONFIRM_OK) {
+ // Activate new user if necessary
+ $authplugin = get_auth_plugin($CFG->auth);
+ if (isset($CFG->auth_user_create) and $CFG->auth_user_create == 1 and method_exists($authplugin, 'user_activate') ) {
+ if (!$authplugin->user_activate($username)) {
+ error('Could not activate this user!');
}
}
// The user has confirmed successfully, let's log them in
-
- if (!$USER = get_complete_user_data('username', $user->username)) {
+
+ if (!$USER = get_complete_user_data('username', $username)) {
error("Something serious is wrong with the database");
}
unset($SESSION->wantsurl);
redirect("$goto");
}
-
+
print_header(get_string("confirmed"), get_string("confirmed"), "", "");
echo "<center><h3>".get_string("thanks").", ". fullname($USER) . "</h3>\n";
echo "<h4>".get_string("confirmed")."</h4>\n";
echo "<h3> -> <a href=\"$CFG->wwwroot/course/\">".get_string("courses")."</a></h3></center>\n";
print_footer();
exit;
-
- } else {
+ } else {
error("Invalid confirmation data");
- }
}
} else {
error(get_string("errorwhenconfirming"));
redirect($CFG->wwwroot.'/index.php', $strloginalready, 5);
}
-// changepassword link replaced by individual auth setting
+// instantiate default auth
$auth = $CFG->auth; // the 'default' authentication method
-if (!empty($CFG->changepassword)) {
- if (empty($CFG->{'auth_'.$auth.'_changepasswordurl'})) {
- set_config('auth_'.$auth.'_changepasswordurl', $CFG->changepassword);
- }
- set_config('changepassword', '');
-}
-
+$defaultauth = get_auth_plugin($auth);
$mform = new login_forgot_password_form();
$errors[] = $strconfirmednot;
} else {
// what to do depends on the authentication method
- $authmethod = $user->auth;
- if (is_internal_auth($authmethod) or !empty($CFG->{'auth_'.$authmethod.'_stdchangepassword'})) {
+ $userauth = get_auth_plugin($user->auth);
+ if ($userauth->is_internal() or $userauth->can_change_password()) {
// handle internal authentication
// set 'secret' string
// if help text defined then we are going to display another page
$strextmessage = '';
$continue = false;
- if (!empty($CFG->{'auth_'.$authmethod.'_changepasswordhelp'})) {
- $strextmessage = $CFG->{'auth_'.$authmethod.'_changepasswordhelp'}.'<br /><br />';
+ if (!empty($userauth->config->changepasswordhelp)) {
+ $txt->extmessage = $userauth->config->changepasswordhelp .'<br /><br />';
}
// if url defined then add that to the message (with a standard message)
- if (!empty($CFG->{'auth_'.$authmethod.'_changepasswordurl'})) {
+ if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) {
$strextmessage .= $strpasswordextlink . '<br /><br />';
- $link = $CFG->{'auth_'.$authmethod.'_changepasswordurl'};
- $strextmessage .= "<a href=\"$link\">$link</a>";
+ $txt->extmessage .= '<a href="' . $userauth->change_password_url() . '">' . $userauth->change_password_url() . '</a>';
}
// if nothing to display, just do message that we can't help
if (empty($strextmessage)) {
print_footer();
?>
-
<?php // $Id$
+
require_once("../config.php");
$loginguest = optional_param('loginguest', 0, PARAM_BOOL); // determines whether visitors are logged in as guest automatically
/// Load alternative login screens if necessary
- if ($CFG->auth == 'cas' && !empty($CFG->cas_enabled)) {
+
+// check if auth config broken (old config --> multi config)
+if (empty($CFG->auth_plugins_enabled) and ! empty($CFG->auth)) {
+ set_config('auth_plugins_enabled', $CFG->auth);
+}
+$authsequence = explode(',', $CFG->auth_plugins_enabled); // auths, in sequence
+
+// Load alternative login screens if necessary
+if ($authsequence[0] == 'cas' and !empty($CFG->cas_enabled)) {
require($CFG->dirroot.'/auth/cas/login.php');
}
update_user_login_times();
set_moodle_cookie($USER->username);
set_login_session_preferences();
-
-
+
//Select password change url
- if (is_internal_auth($USER->auth) || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){
+ $userauth = get_auth_plugin($USER->auth);
+ if ($userauth->can_change_password()) {
$passwordchangeurl=$CFG->wwwroot.'/login/change_password.php';
- } elseif($CFG->changepassword) {
- $passwordchangeurl=$CFG->changepassword;
} else {
- $passwordchangeurl = '';
+ $passwordchangeurl = $userauth->change_password_url();
}
-
+
// check whether the user should be changing password
if (get_user_preferences('auth_forcepasswordchange', false) || $frm->password == 'changeme'){
if ($passwordchangeurl != '') {
// check if user password has expired
// Currently supported only for ldap-authentication module
- if (isset($CFG->ldap_expiration) && $CFG->ldap_expiration == 1 ) {
- if (function_exists('auth_password_expire')){
- $days2expire = auth_password_expire($USER->username);
+ if (method_exists($userauth, 'password_expire') and !empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
+ $days2expire = $userauth->password_expire($USER->username);
if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) {
print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "<div align=\"right\">$langmenu</div>");
notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo);
print_footer();
exit;
}
- }
}
reset_login_count();
if (empty($errormsg)) {
$errormsg = get_string("invalidlogin");
}
+
+ // TODO: if the user failed to authenticate, check if the username corresponds to a remote mnet user
+ if ($users = get_records('user', 'username', $frm->username)) {
+ $errormsg .= "<br>If you are a Moodle Network remote user and can <a href=\"mnet_email.php?u=$frm->username\">confirm your email address here</a>, you can be redirected to your login page.<br>";
+ }
}
}
set_moodle_cookie('nobody'); // To help search for cookies
}
- if (empty($frm->username) && $CFG->auth != 'shibboleth') { // See bug 5184
+if (empty($frm->username) && $authsequence[0] != 'shibboleth') { // See bug 5184
$frm->username = get_moodle_cookie() === 'nobody' ? '' : get_moodle_cookie();
$frm->password = "";
}
if (isset($CFG->auth_instructions)) {
$CFG->auth_instructions = trim($CFG->auth_instructions);
}
- if ($CFG->auth == "email" or $CFG->auth == "none" or !empty($CFG->auth_instructions)) {
+if ($authsequence[0] == "email" or $authsequence[0] == "none" or !empty($CFG->auth_instructions)) {
$show_instructions = true;
} else {
$show_instructions = false;
<?php if ($show_instructions) { ?>
<td width="50%" valign="top" class="content right">
-<?php switch ($CFG->auth) {
+<?php switch ($authsequence[0]) {
case "email":
print_string("loginsteps", "", "signup.php");
?>
</form>
</div>
<?php break;
+
case "none":
print_string("loginstepsnone");
break;
+
default:
echo format_text($CFG->auth_instructions);
- if (!function_exists('auth_user_login')) {
- require_once("../auth/$CFG->auth/lib.php");
- }
- if (!empty($CFG->auth_user_create) and function_exists('auth_user_create') ){
+ // TODO: if !function_exists(auth_user_login) then require_once /auth/$CFG->auth/lib.php
+ // ..which implies that auth_user_login might have been floating
+ // about in global namespace. grr
+ $authplugin = get_auth_plugin($CFG->auth);
+ if (!empty($CFG->auth_user_create) and method_exists($authplugin, 'user_create') ){
?>
<div align="center">
<form action="signup.php" method="get" id="signup">
require_once("../config.php");
+ if ($USER->mnethostid != $CFG->mnet_localhost_id) {
+ $host = get_record('mnet_host', 'id', $USER->mnethostid);
+ $wwwroot = $host->wwwroot;
+ } else {
+ $wwwroot = $CFG->wwwroot;
+ }
+
require_logout();
- redirect("$CFG->wwwroot/");
+ redirect("$wwwroot/");
?>
--- /dev/null
+<?php
+
+require_once dirname(dirname(__FILE__)) . '/config.php';
+httpsrequired();
+
+$username = required_param('u', PARAM_ALPHANUM);
+$sesskey = sesskey();
+
+// if you are logged in then you shouldn't be here
+if (isloggedin() and !isguest()) {
+ redirect( $CFG->wwwroot.'/', get_string('loginalready'), 5);
+}
+
+print_header('MNET ID Provider', 'MNET ID Provider', 'MNET ID Provider', 'form.email' );
+
+if ($form = data_submitted() and confirm_sesskey()) {
+ if ($user = get_record('user', 'username', $username, 'email', $form->email)) {
+ if (!empty($user->mnethostid) and $host = get_record('mnet_host', 'id', $user->mnethostid)) {
+ notice("You should be able to login at your <a href=\"{$host->wwwroot}/login/\">{$host->name}</a> provider.");
+ }
+ }
+}
+
+echo '<p> </p>';
+print_simple_box_start('center','50%','','20');
+
+?>
+ <form method="post">
+ <input type="hidden" name="sesskey" value="<?php echo $sesskey; ?>">
+ <?php echo get_string('email') ?>:
+ <input type="text" name="email" size="" maxlength="100">
+ <input type="submit" value="Find Login">
+ </form>
+<?php
+
+print_simple_box_end();
+print_footer();
+
+?>
<?php // $Id$
require_once('../config.php');
- require_once("../auth/$CFG->auth/lib.php");
require_once('signup_form.php');
//HTTPS is potentially required in this page
httpsrequired();
- if ($CFG->auth != 'email' and (empty($CFG->auth_user_create) or !(function_exists('auth_user_create'))) ) {
+ $authplugin = get_auth_plugin($CFG->auth);
+
+ if ($CFG->auth != 'email' and (empty($CFG->auth_user_create) or !(method_exists($authplugin, 'user_create'))) ) {
error("Sorry, you may not use this page.");
}
$user->confirmed = 0;
$user->lang = current_language();
$user->firstaccess = time();
+ $user->mnethostid = $CFG->mnet_localhost_id;
$user->secret = random_string(15);
$user->auth = $CFG->auth;
- if (!empty($CFG->auth_user_create) and function_exists('auth_user_create') ){
- if (! auth_user_exists($user->username)) {
- if (! auth_user_create($user, $plainpass)) {
+ if (!empty($CFG->auth_user_create) and method_exists($authplugin, 'user_create') ){
+ if (! $authplugin->user_exists($user->username)) {
+ if (! $authplugin->user_create($user, $plainpass)) {
error("Could not add user to authentication module!");
}
} else {
}
}
- if (! ($user->id = insert_record('user', $user))) {
- error("Could not add your record to the database!");
- }
-
- if (! send_confirmation_email($user)) {
- error("Tried to send you an email but failed!");
- }
-
- $emailconfirm = get_string("emailconfirm");
- print_header($emailconfirm, $emailconfirm, $emailconfirm);
- notice(get_string("emailconfirmsent", "", $user->email), "$CFG->wwwroot/index.php");
+ $authplugin = get_auth_plugin($CFG->auth);
+ $signedup = $authplugin->user_signup($user, $notify=true);
exit;
}
-
$newaccount = get_string('newaccount');
$login = get_string('login');
global $CFG;
$errors = array();
+ $authplugin = get_auth_plugin($CFG->auth);
- if (record_exists('user', 'username', $data['username'])){
+ if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id))){
$errors['username'] = get_string('usernameexists');
} else {
if (empty($CFG->extendedusernamechars)) {
}
}
}
- if (isset($CFG->auth_user_create) and $CFG->auth_user_create==1 and function_exists('auth_user_exists') ){
- if (auth_user_exists($data['username'])) {
+ if (isset($CFG->auth_user_create) and $CFG->auth_user_create==1 and method_exists($authplugin, 'user_exists')){
+ if ($authplugin->user_exists($user->username)) {
$errors['username'] = get_string('usernameexists');
}
}
projects / moodle.git / commitdiff