die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
}
-/**
- * Error codes for user confirm
- */
-define('AUTH_CONFIRM_FAIL', 0);
-define('AUTH_CONFIRM_OK', 1);
-define('AUTH_CONFIRM_ALREADY', 2);
-define('AUTH_CONFIRM_ERROR', 3);
-// TODO: instead of integers these could be the language keys?
-
/**
* Email authentication plugin.
/**
* Sign up a new user ready for confirmation.
+ * Password is passed in plaintext.
+ *
+ * @param object $user new user object (with system magic quotes)
+ * @param boolean $notify print notice with link and terminate
*/
function user_signup($user, $notify = true) {
+ $user->password = hash_internal_user_password($user->password);
+
if (! ($user->id = insert_record('user', $user)) ) {
print_error('auth_emailnoinsert','auth');
}
$emailconfirm = get_string('emailconfirm');
print_header($emailconfirm, $emailconfirm, $emailconfirm);
notice(get_string('emailconfirmsent', '', $user->email), "$CFG->wwwroot/index.php");
+ } else {
+ return true;
}
}
/**
* Confirm the new user as registered.
+ *
+ * @param string $username (with system magic quotes)
+ * @param string $confirmsecret (with system magic quotes)
*/
function user_confirm($username, $confirmsecret) {
$user = get_complete_user_data('username', $username);
if (!empty($user)) {
if ($user->confirmed) {
return AUTH_CONFIRM_ALREADY;
- }
- if ($user->secret == $confirmsecret) { // They have provided the secret key to get in
+
+ } else if ($user->auth != 'email') {
+ return AUTH_CONFIRM_ERROR;
+
+ } else if ($user->secret == stripslashes($confirmsecret)) { // They have provided the secret key to get in
if (!set_field("user", "confirmed", 1, "id", $user->id)) {
return AUTH_CONFIRM_FAIL;
}
}
return AUTH_CONFIRM_OK;
}
+ } else {
+ return AUTH_CONFIRM_ERROR;
}
}
define ('BLOG_SITE_LEVEL', 4);
define ('BLOG_GLOBAL_LEVEL', 5);
+/**
+ * Authentication - error codes for user confirm
+ */
+define('AUTH_CONFIRM_FAIL', 0);
+define('AUTH_CONFIRM_OK', 1);
+define('AUTH_CONFIRM_ALREADY', 2);
+define('AUTH_CONFIRM_ERROR', 3);
+
/// PARAMETER HANDLING ////////////////////////////////////////////////////
}
$authplugin = get_auth_plugin($CFG->registerauth);
- if (!method_exists($authplugin, 'user_create')) {
+ if (!method_exists($authplugin, 'user_confirm')) {
error("Sorry, you may not use this page.");
}
- if (!empty($data) || (!empty($p) && !empty($s))) {
+ if (!empty($data) || (!empty($p) && !empty($s))) {
if (!empty($data)) {
$dataelements = explode('/',$data);
$username = $s;
}
- $authplugin = get_auth_plugin($CFG->registerauth);
$confirmed = $authplugin->user_confirm($username, $usersecret);
if ($confirmed == AUTH_CONFIRM_ALREADY) {
- $user = get_complete_user_data('username', $username);
- print_header(get_string("alreadyconfirmed"), get_string("alreadyconfirmed"), "", "");
- echo "<center><h3>".get_string("thanks").", ". fullname($user) . "</h3>\n";
- echo "<h4>".get_string("alreadyconfirmed")."</h4>\n";
- echo "<h3> -> <a href=\"$CFG->wwwroot/course/\">".get_string("courses")."</a></h3></center>\n";
- print_footer();
- exit;
- }
- if ($confirmed == AUTH_CONFIRM_OK) {
- // Activate new user if necessary
- $authplugin = get_auth_plugin($CFG->registerauth);
- if (method_exists($authplugin, 'user_activate')) {
- if (!$authplugin->user_activate($username)) {
- error('Could not activate this user!');
- }
- }
-
- // The user has confirmed successfully, let's log them in
-
- if (!$USER = get_complete_user_data('username', $username)) {
- error("Something serious is wrong with the database");
+ $user = get_complete_user_data('username', $username);
+ print_header(get_string("alreadyconfirmed"), get_string("alreadyconfirmed"), "", "");
+ print_box_start('generalbox centerpara boxwidthnormal boxaligncenter');
+ echo "<h3>".get_string("thanks").", ". fullname($user) . "</h3>\n";
+ echo "<p>".get_string("alreadyconfirmed")."</p>\n";
+ print_single_button("$CFG->wwwroot/course/", null, get_string('courses'));
+ print_box_end();
+ print_footer();
+ exit;
+
+ } else if ($confirmed == AUTH_CONFIRM_OK) {
+ // Activate new user if necessary
+ if (method_exists($authplugin, 'user_activate')) {
+ if (!$authplugin->user_activate($username)) {
+ error('Could not activate this user!');
}
-
- set_moodle_cookie($USER->username);
-
- if ( ! empty($SESSION->wantsurl) ) { // Send them where they were going
- $goto = $SESSION->wantsurl;
- unset($SESSION->wantsurl);
- redirect("$goto");
- }
-
- print_header(get_string("confirmed"), get_string("confirmed"), "", "");
- echo "<center><h3>".get_string("thanks").", ". fullname($USER) . "</h3>\n";
- echo "<h4>".get_string("confirmed")."</h4>\n";
- echo "<h3> -> <a href=\"$CFG->wwwroot/course/\">".get_string("courses")."</a></h3></center>\n";
- print_footer();
- exit;
+ }
+
+ // The user has confirmed successfully, let's log them in
+
+ if (!$USER = get_complete_user_data('username', $username)) {
+ error("Something serious is wrong with the database");
+ }
+
+ set_moodle_cookie($USER->username);
+
+ if ( ! empty($SESSION->wantsurl) ) { // Send them where they were going
+ $goto = $SESSION->wantsurl;
+ unset($SESSION->wantsurl);
+ redirect($goto);
+ }
+
+ print_header(get_string("confirmed"), get_string("confirmed"), "", "");
+ print_box_start('generalbox centerpara boxwidthnormal boxaligncenter');
+ echo "<h3>".get_string("thanks").", ". fullname($USER) . "</h3>\n";
+ echo "<p>".get_string("confirmed")."</p>\n";
+ print_single_button("$CFG->wwwroot/course/", null, get_string('courses'));
+ print_box_end();
+ print_footer();
+ exit;
} else {
- error("Invalid confirmation data");
+ error("Invalid confirmation data");
}
} else {
error(get_string("errorwhenconfirming"));
}
$authplugin = get_auth_plugin($CFG->registerauth);
- if (!method_exists($authplugin, 'user_create')) {
+ if (!method_exists($authplugin, 'user_signup')) {
error("Sorry, you may not use this page.");
}
//HTTPS is potentially required in this page
httpsrequired();
- $mform_signup = new login_signup_form_1();
+ $mform_signup = new login_signup_form();
if ($mform_signup->is_cancelled()) {
redirect($CFG->httpswwwroot.'/login/index.php');
- } else if ($user = $mform_signup->get_data()) {
- $plainpass = $user->password;
- $user->password = hash_internal_user_password($plainpass);
+ } else if ($user = $mform_signup->get_data()) {
$user->confirmed = 0;
$user->lang = current_language();
$user->firstaccess = time();
$user->secret = random_string(15);
$user->auth = $CFG->registerauth;
- if (! $authplugin->user_exists($user->username)) {
- if (! $authplugin->user_create($user, $plainpass)) {
- error("Could not add user to authentication module!");
- }
- } else {
- error("User already exists on authentication database.");
- }
-
- $authplugin = get_auth_plugin($CFG->registerauth);
- $signedup = $authplugin->user_signup($user, $notify=true);
- exit;
+ $authplugin->user_signup($user, $notify=true); // prints notice and link to login/index.php
+ exit; //never reached
}
$newaccount = get_string('newaccount');
require_once($CFG->libdir.'/formslib.php');
-class login_signup_form_1 extends moodleform {
+class login_signup_form extends moodleform {
function definition() {
global $USER, $CFG;
- $mform =& $this->_form;
+ $mform =& $this->_form;
$mform->addElement('header', '', get_string('createuserandpass'), '');
projects / moodle.git / commitdiff