From: skodak Date: Thu, 22 Mar 2007 12:27:52 +0000 (+0000) Subject: (MDL-8973) Fix OOP model of new multi auth plugins + some other auth related fixes... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=6bc1e5d577f91cffd163f64dbdeb4c6ea6d96584;p=moodle.git (MDL-8973) Fix OOP model of new multi auth plugins + some other auth related fixes, fixed change_password, ldap updates, etc.; TODO: fix docs --- diff --git a/admin/auth.php b/admin/auth.php index c30ed576ee..ff57cf87c6 100644 --- a/admin/auth.php +++ b/admin/auth.php @@ -147,7 +147,7 @@ $registrationauths[''] = $txt->disable; foreach ($authsenabled as $auth) { $authplugin = get_auth_plugin($auth); $displayauths[$auth] = get_string("auth_{$auth}title", 'auth'); - if (method_exists($authplugin, 'user_signup')) { + if ($authplugin->can_signup()) { $registrationauths[$auth] = get_string("auth_{$auth}title", 'auth'); } } @@ -158,7 +158,7 @@ foreach ($authsavailable as $auth) { } $authplugin = get_auth_plugin($auth); $displayauths[$auth] = get_string("auth_{$auth}title", 'auth'); - if (method_exists($authplugin, 'user_signup')) { + if ($authplugin->can_signup()) { $registrationauths[$auth] = get_string("auth_{$auth}title", 'auth'); } } diff --git a/admin/auth_config.php b/admin/auth_config.php index 710af72925..99459f094b 100644 --- a/admin/auth_config.php +++ b/admin/auth_config.php @@ -19,9 +19,7 @@ if ($frm = data_submitted()) { error(get_string('confirmsesskeybad', 'error')); } - if (method_exists($authplugin, 'validate_form')) { - $authplugin->validate_form($frm, $err); - } + $authplugin->validate_form($frm, $err); if (count($err) == 0) { diff --git a/auth/authlib.php b/auth/authlib.php deleted file mode 100644 index 9aa2e7548e..0000000000 --- a/auth/authlib.php +++ /dev/null @@ -1,33 +0,0 @@ - diff --git a/auth/cas/auth.php b/auth/cas/auth.php index 61ac669cea..4278b39e0c 100644 --- a/auth/cas/auth.php +++ b/auth/cas/auth.php @@ -15,20 +15,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * CAS authentication plugin. */ -class auth_plugin_cas { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_cas extends auth_plugin_base { /** * Constructor. */ function auth_plugin_cas() { + $this->authtype = 'cas'; $this->config = get_config('auth/cas'); } @@ -222,6 +220,17 @@ class auth_plugin_cas { return !empty($this->config->changepasswordurl); } + function prelogin_hook() { + // Load alternative login screens if necessary + // TODO: fix the cas login screen + return; + + if(!empty($CFG->cas_enabled)) { + require($CFG->dirroot.'/auth/cas/login.php'); + } + } + + /** * Prints a form for configuring this authentication plugin. * diff --git a/auth/db/auth.php b/auth/db/auth.php index babface7c1..1bc28a580e 100644 --- a/auth/db/auth.php +++ b/auth/db/auth.php @@ -16,20 +16,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * External database authentication plugin. */ -class auth_plugin_db { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_db extends auth_plugin_base { /** * Constructor. */ function auth_plugin_db() { + $this->authtype = 'db'; $this->config = get_config('auth/db'); if (empty($this->config->extencoding)) { $this->config->extencoding = 'utf-8'; @@ -572,7 +570,6 @@ class auth_plugin_db { $this->config->changepasswordurl = ''; set_config('changepasswordurl', '', 'auth/db'); } - return true; } /** diff --git a/auth/email/auth.php b/auth/email/auth.php index 4f39c169d3..20ad9232ef 100644 --- a/auth/email/auth.php +++ b/auth/email/auth.php @@ -16,21 +16,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); /** * Email authentication plugin. */ -class auth_plugin_email { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_email extends auth_plugin_base { /** * Constructor. */ function auth_plugin_email() { + $this->authtype = 'email'; $this->config = get_config('auth/email'); } @@ -65,6 +62,10 @@ class auth_plugin_email { return update_internal_user_password($user, $newpassword); } + function can_signup() { + return true; + } + /** * Sign up a new user ready for confirmation. * Password is passed in plaintext. @@ -72,7 +73,7 @@ class auth_plugin_email { * @param object $user new user object (with system magic quotes) * @param boolean $notify print notice with link and terminate */ - function user_signup($user, $notify = true) { + function user_signup($user, $notify=true) { $user->password = hash_internal_user_password($user->password); if (! ($user->id = insert_record('user', $user)) ) { @@ -92,6 +93,15 @@ class auth_plugin_email { } } + /** + * Returns true if plugin allows confirming of new users. + * + * @return bool + */ + function can_confirm() { + return true; + } + /** * Confirm the new user as registered. * diff --git a/auth/fc/auth.php b/auth/fc/auth.php index f61b25c8f7..45049ad9f2 100644 --- a/auth/fc/auth.php +++ b/auth/fc/auth.php @@ -15,22 +15,20 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + require_once 'fcFPP.php'; /** * FirstClass authentication plugin. */ -class auth_plugin_fc { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_fc extends auth_plugin_base { /** * Constructor. */ function auth_plugin_fc() { + $this->authtype = 'fc'; $this->config = get_config('auth/fc'); } @@ -116,14 +114,9 @@ class auth_plugin_fc { * Get users group membership from the FirstClass server user and check if * user is member of one of the groups of creators. */ - function iscreator($username = 0) { - global $USER; - + function iscreator($username) { if (! $this->config->creators) { - return false; - } - if (! $username) { - $username = $USER->username; + return null; } $fcgroups = array(); @@ -143,7 +136,9 @@ class auth_plugin_fc { $creators = explode(";", $this->config->creators); foreach($creators as $creator) { - If (in_array($creator, $fcgroups)) return true; + if (in_array($creator, $fcgroups)) { + return true; + } } return false; @@ -168,6 +163,30 @@ class auth_plugin_fc { return false; } + /** + * Sync roles for this user + * + * @param $user object user object (without system magic quotes) + */ + function sync_roles($user) { + $iscreator = $this->iscreator($user->username); + if ($iscreator === null) { + return; //nothing to sync - creators not configured + } + + if ($roles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) { + $creatorrole = array_shift($roles); // We can only use one, let's use the first one + $systemcontext = get_context_instance(CONTEXT_SYSTEM); + + if ($iscreator) { // Following calls will not create duplicates + role_assign($creatorrole->id, $user->id, 0, $systemcontext->id, 0, 0, 0, 'fc'); + } else { + //unassign only if previously assigned by this plugin! + role_unassign($creatorrole->id, $user->id, 0, $systemcontext->id, 'fc'); + } + } + } + /** * Prints a form for configuring this authentication plugin. * diff --git a/auth/imap/auth.php b/auth/imap/auth.php index 3c1c0f7e22..c2c3cf0ae6 100644 --- a/auth/imap/auth.php +++ b/auth/imap/auth.php @@ -16,20 +16,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * IMAP authentication plugin. */ -class auth_plugin_imap { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_imap extends auth_plugin_base { /** * Constructor. */ function auth_plugin_imap() { + $this->authtype = 'imap'; $this->config = get_config('auth/imap'); } diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php index 96d9327052..8f4b09a756 100644 --- a/auth/ldap/auth.php +++ b/auth/ldap/auth.php @@ -16,20 +16,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * LDAP authentication plugin. */ -class auth_plugin_ldap { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_ldap extends auth_plugin_base { /** * Constructor with initialisation. */ function auth_plugin_ldap() { + $this->authtype = 'ldap'; $this->config = get_config('auth/ldap'); if (empty($this->config->ldapencoding)) { $this->config->ldapencoding = 'utf-8'; @@ -274,7 +272,7 @@ class auth_plugin_ldap { * If userpassword does not expire it should return 0. If password is already expired * it should return negative value. * - * @param mixed $username username + * @param mixed $username username (with system magic quotes) * @return integer */ function password_expire($username) { @@ -584,7 +582,7 @@ class auth_plugin_ldap { if ($this->iscreator($user->username)) { role_assign($creatorrole->id, $user->id, 0, $sitecontext->id, 0, 0, 0, 'ldap'); } else { - role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id); + role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id, 'ldap'); } } @@ -783,26 +781,18 @@ class auth_plugin_ldap { /** * Returns true if user should be coursecreator. * - * @param mixed $username username (with system magic quotes) + * @param mixed $username username (without system magic quotes) * @return boolean result */ - function iscreator($username = false) { - global $USER; - + function iscreator($username) { if (empty($this->config->creators) or empty($this->config->memberattribute)) { - return false; - } - - if ($username === false) { - $username = $USER->username; - } else { - $username = stripslashes($username); + return null; } $textlib = textlib_get_instance(); $extusername = $textlib->convert($username, 'utf-8', $this->config->ldapencoding); - return $this->ldap_isgroupmember($extusername, $this->config->creators); + return (boolean)$this->ldap_isgroupmember($extusername, $this->config->creators); } /** @@ -824,7 +814,7 @@ class auth_plugin_ldap { return false; } - if (isset($olduser->auth) and $olduser->auth == 'ldap') { + if (isset($olduser->auth) and $olduser->auth != 'ldap') { return true; // just change auth and skip update } @@ -1512,6 +1502,30 @@ class auth_plugin_ldap { } } + /** + * Sync roles for this user + * + * @param $user object user object (without system magic quotes) + */ + function sync_roles($user) { + $iscreator = $this->iscreator($user->username); + if ($iscreator === null) { + return; //nothing to sync - creators not configured + } + + if ($roles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) { + $creatorrole = array_shift($roles); // We can only use one, let's use the first one + $systemcontext = get_context_instance(CONTEXT_SYSTEM); + + if ($iscreator) { // Following calls will not create duplicates + role_assign($creatorrole->id, $user->id, 0, $systemcontext->id, 0, 0, 0, 'ldap'); + } else { + //unassign only if previously assigned by this plugin! + role_unassign($creatorrole->id, $user->id, 0, $systemcontext->id, 'ldap'); + } + } + } + /** * Prints a form for configuring this authentication plugin. * diff --git a/auth/manual/auth.php b/auth/manual/auth.php index 23ebf4b1d4..6f1e7ca620 100644 --- a/auth/manual/auth.php +++ b/auth/manual/auth.php @@ -15,23 +15,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * Manual authentication plugin. */ -class auth_plugin_manual -{ - /** - * The configuration details for the plugin. - */ - var $config; - - var $canchangepassword = true; - var $isinternal = true; +class auth_plugin_manual extends auth_plugin_base { /** * Constructor. */ function auth_plugin_manual() { + $this->authtype = 'manual'; $this->config = get_config('auth/manual'); } diff --git a/auth/mnet/auth.php b/auth/mnet/auth.php index 338a9b259b..4061fac508 100644 --- a/auth/mnet/auth.php +++ b/auth/mnet/auth.php @@ -16,21 +16,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * Moodle Network authentication plugin. */ -class auth_plugin_mnet -{ - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_mnet extends auth_plugin_base { /** * Constructor. */ function auth_plugin_mnet() { + $this->authtype = 'mnet'; $this->config = get_config('auth/mnet'); } @@ -1336,6 +1333,16 @@ class auth_plugin_mnet } return $accessctrl == 'allow'; } + + function prelogout_hook() { + global $USER, $CFG, $redirect; + + if (!empty($USER->mnethostid) and $USER->mnethostid != $CFG->mnet_localhost_id) { + $host = get_record('mnet_host', 'id', $USER->mnethostid); + $redirect = $host->wwwroot.'/'; + } + } + } ?> diff --git a/auth/nntp/auth.php b/auth/nntp/auth.php index 9e236ee68d..da549b915e 100644 --- a/auth/nntp/auth.php +++ b/auth/nntp/auth.php @@ -16,20 +16,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * NNTP authentication plugin. */ -class auth_plugin_nntp { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_nntp extends auth_plugin_base { /** * Constructor. */ function auth_plugin_nntp() { + $this->authtype = 'nntp'; $this->config = get_config('auth/nntp'); } diff --git a/auth/nologin/auth.php b/auth/nologin/auth.php index baf9206228..f91ec9c8a7 100644 --- a/auth/nologin/auth.php +++ b/auth/nologin/auth.php @@ -16,16 +16,19 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * Plugin for no authentication. */ -class auth_plugin_nologin { +class auth_plugin_nologin extends auth_plugin_base { /** * Constructor. */ function auth_plugin_nologin() { + $this->authtype = 'nologin'; } /** diff --git a/auth/none/auth.php b/auth/none/auth.php index 76211ba548..9b2da1e04b 100644 --- a/auth/none/auth.php +++ b/auth/none/auth.php @@ -16,23 +16,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * Plugin for no authentication. */ -class auth_plugin_none { - - /** - * The configuration details for the plugin. - */ - var $config; - - var $canchangepassword = true; - var $isinternal = true; +class auth_plugin_none extends auth_plugin_base { /** * Constructor. */ function auth_plugin_none() { + $this->authtype = 'none'; $this->config = get_config('auth/none'); } diff --git a/auth/pam/auth.php b/auth/pam/auth.php index 28d3c75034..dbb2eb1cee 100644 --- a/auth/pam/auth.php +++ b/auth/pam/auth.php @@ -30,15 +30,12 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * PAM authentication plugin. */ -class auth_plugin_pam { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_pam extends auth_plugin_base { /** * Store error messages from pam authentication attempts. @@ -49,6 +46,7 @@ class auth_plugin_pam { * Constructor. */ function auth_plugin_pam() { + $this->authtype = 'pam'; $this->config = get_config('auth/pam'); $this->errormessage = ''; } diff --git a/auth/pop3/auth.php b/auth/pop3/auth.php index 431d20796a..888b0d6296 100644 --- a/auth/pop3/auth.php +++ b/auth/pop3/auth.php @@ -16,20 +16,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * POP3 authentication plugin. */ -class auth_plugin_pop3 { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_pop3 extends auth_plugin_base { /** * Constructor. */ function auth_plugin_pop3() { + $this->authtype = 'pop3'; $this->config = get_config('auth/pop3'); } diff --git a/auth/radius/auth.php b/auth/radius/auth.php index 7f1776aeaf..e01fe2c3d1 100644 --- a/auth/radius/auth.php +++ b/auth/radius/auth.php @@ -17,20 +17,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * RADIUS authentication plugin. */ -class auth_plugin_radius { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_radius extends auth_plugin_base { /** * Constructor. */ function auth_plugin_radius() { + $this->authtype = 'radius'; $this->config = get_config('auth/radius'); } diff --git a/auth/shibboleth/auth.php b/auth/shibboleth/auth.php index 0a49ae81bb..4d1fd8a1c6 100644 --- a/auth/shibboleth/auth.php +++ b/auth/shibboleth/auth.php @@ -24,20 +24,18 @@ if (!defined('MOODLE_INTERNAL')) { die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page } +require_once($CFG->libdir.'/authlib.php'); + /** * Shibboleth authentication plugin. */ -class auth_plugin_shibboleth { - - /** - * The configuration details for the plugin. - */ - var $config; +class auth_plugin_shibboleth extends auth_plugin_base { /** * Constructor. */ function auth_plugin_shibboleth() { + $this->authtype = 'shibboleth'; $this->config = get_config('auth/shibboleth'); } @@ -148,6 +146,22 @@ class auth_plugin_shibboleth { return false; } + function prelogin_hook() { + global $SESSION, $CFG; + + //TODO: fix the code + return; + + // See http://moodle.org/mod/forum/discuss.php?d=39918#187611 + // if ($CFG->auth == 'shibboleth') { + // if (!empty($SESSION->shibboleth_checked) ) { // Just come from there + // unset($SESSION->shibboleth_checked); + // } else if (empty($_POST)) { // No incoming data, so redirect + // redirect($CFG->wwwroot.'/auth/shibboleth/index.php'); + // } + // } + } + /** * Prints a form for configuring this authentication plugin. * diff --git a/blocks/login/block_login.php b/blocks/login/block_login.php index 417d213941..65fa64b2df 100644 --- a/blocks/login/block_login.php +++ b/blocks/login/block_login.php @@ -29,7 +29,7 @@ class block_login extends block_base { if (!empty($CFG->registerauth)) { $authplugin = get_auth_plugin($CFG->registerauth); - if (method_exists($authplugin, 'user_signup')) { + if ($authplugin->can_signup()) { $signup = $wwwroot . '/login/signup.php'; } } diff --git a/lang/en_utf8/auth.php b/lang/en_utf8/auth.php index fd7d1a1df9..bdaadd5042 100644 --- a/lang/en_utf8/auth.php +++ b/lang/en_utf8/auth.php @@ -304,6 +304,7 @@ $string['changepassword'] = 'Change password URL'; $string['changepasswordhelp'] = 'Here you can specify a location at which your users can recover or change their username/password if they\'ve forgotten it. This will be provided to users as a button on the login page and their user page. if you leave this blank the button will not be printed.'; $string['chooseauthmethod'] = 'Choose an authentication method'; $string['createpasswordifneeded'] = 'Create password if needed'; +$string['errorpasswordupdate'] = 'Error updating password, password not changed'; $string['infilefield'] = 'Field required in file'; $string['forcechangepassword'] = 'Force change password'; $string['forcechangepassword_help'] = 'Force users to change password on their next login to Moodle.'; diff --git a/lib/accesslib.php b/lib/accesslib.php index 09e849eef4..9f4c2eebe6 100755 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -2194,9 +2194,10 @@ function role_assign($roleid, $userid, $groupid, $contextid, $timestart=0, $time * @param $userid * @param $groupid * @param $contextid + * @param $enrol unassign only if enrolment type matches, NULL means anything * @return boolean - success or failure */ -function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0) { +function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0, $enrol=NULL) { global $USER, $CFG; @@ -2209,6 +2210,9 @@ function role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0) { $select[] = $arg.' = '.$$arg; } } + if (!empty($enrol)) { + $select[] = "enrol='$enrol'"; + } if ($select) { if ($ras = get_records_select('role_assignments', implode(' AND ', $select))) { diff --git a/lib/authlib.php b/lib/authlib.php new file mode 100644 index 0000000000..d701a2d264 --- /dev/null +++ b/lib/authlib.php @@ -0,0 +1,281 @@ +sso)) { + include_once($CFG->dirroot .'/sso/'. $CFG->sso .'/lib.php'); + if (function_exists('sso_user_login')) { + if (!sso_user_login($username, $password)) { // Perform the signon process + notify('Second sign-on failed'); + } + } + } + } + + /** + * Prelogout actions. + */ + function prelogout_hook() { + //override if needed + } +} + +?> diff --git a/lib/db/mysql.php b/lib/db/mysql.php index d42ba5eb71..3ef47adfe4 100644 --- a/lib/db/mysql.php +++ b/lib/db/mysql.php @@ -826,14 +826,15 @@ function main_upgrade($oldversion=0) { if ($oldversion < 2004082600) { //update auth-fields for external users - include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php"); + // following code would not work in 1.8 +/* include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php"); if (function_exists('auth_get_userlist')) { $externalusers = auth_get_userlist(); if (!empty($externalusers)){ $externalusers = '\''. implode('\',\'',$externalusers).'\''; execute_sql("UPDATE {$CFG->prefix}user SET auth = '$CFG->auth' WHERE username IN ($externalusers)"); } - } + }*/ } if ($oldversion < 2004082900) { // Make sure guest is "manual" too. diff --git a/lib/db/postgres7.php b/lib/db/postgres7.php index 22fe33aa25..850d1ac148 100644 --- a/lib/db/postgres7.php +++ b/lib/db/postgres7.php @@ -559,14 +559,15 @@ function main_upgrade($oldversion=0) { if ($oldversion < 2004082600) { //update auth-fields for external users - include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php"); + // following code would not work in 1.8 +/* include_once ($CFG->dirroot."/auth/".$CFG->auth."/lib.php"); if (function_exists('auth_get_userlist')) { $externalusers = auth_get_userlist(); if (!empty($externalusers)){ $externalusers = '\''. implode('\',\'',$externalusers).'\''; execute_sql("UPDATE {$CFG->prefix}user SET auth = '$CFG->auth' WHERE username IN ($externalusers)"); } - } + }*/ } if ($oldversion < 2004082900) { // Make sure guest is "manual" too. diff --git a/lib/moodlelib.php b/lib/moodlelib.php index a822ba8333..d8cc0bf7f4 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -261,14 +261,6 @@ define ('BLOG_COURSE_LEVEL', 3); define ('BLOG_SITE_LEVEL', 4); define ('BLOG_GLOBAL_LEVEL', 5); -/** - * Authentication - error codes for user confirm - */ -define('AUTH_CONFIRM_FAIL', 0); -define('AUTH_CONFIRM_OK', 1); -define('AUTH_CONFIRM_ALREADY', 2); -define('AUTH_CONFIRM_ERROR', 3); - /// PARAMETER HANDLING //////////////////////////////////////////////////// @@ -1673,7 +1665,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null) { if (get_user_preferences('auth_forcepasswordchange') && empty($USER->realuser)) { if ($userauth->can_change_password()) { $SESSION->wantsurl = $FULLME; - if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) { + if ($userauth->change_password_url()) { //use plugin custom url redirect($userauth->change_password_url()); } else { @@ -2462,12 +2454,10 @@ function create_user_record($username, $password, $auth='') { $authplugin = get_auth_plugin($auth); - if (method_exists($authplugin, 'get_userinfo')) { - if ($newinfo = $authplugin->get_userinfo($username)) { - $newinfo = truncate_userinfo($newinfo); - foreach ($newinfo as $key => $value){ - $newuser->$key = addslashes($value); - } + if ($newinfo = $authplugin->get_userinfo($username)) { + $newinfo = truncate_userinfo($newinfo); + foreach ($newinfo as $key => $value){ + $newuser->$key = addslashes($value); } } @@ -2511,24 +2501,23 @@ function create_user_record($username, $password, $auth='') { * @return user A {@link $USER} object */ function update_user_record($username, $authplugin) { - if (method_exists($authplugin, 'get_userinfo')) { - $username = trim(moodle_strtolower($username)); /// just in case check text case - - $oldinfo = get_record('user', 'username', $username, '','','','', 'username, auth'); - $userauth = get_auth_plugin($oldinfo->auth); - - if ($newinfo = $authplugin->get_userinfo($username)) { - $newinfo = truncate_userinfo($newinfo); - foreach ($newinfo as $key => $value){ - $confkey = 'field_updatelocal_' . $key; - if (!empty($userauth->config->$confkey) and $userauth->config->$confkey === 'onlogin') { - $value = addslashes(stripslashes($value)); // Just in case - set_field('user', $key, $value, 'username', $username) - or error_log("Error updating $key for $username"); - } + $username = trim(moodle_strtolower($username)); /// just in case check text case + + $oldinfo = get_record('user', 'username', $username, '','','','', 'username, auth'); + $userauth = get_auth_plugin($oldinfo->auth); + + if ($newinfo = $userauth->get_userinfo($username)) { + $newinfo = truncate_userinfo($newinfo); + foreach ($newinfo as $key => $value){ + $confkey = 'field_updatelocal_' . $key; + if (!empty($userauth->config->$confkey) and $userauth->config->$confkey === 'onlogin') { + $value = addslashes(stripslashes($value)); // Just in case + set_field('user', $key, $value, 'username', $username) + or error_log("Error updating $key for $username"); } } } + return get_complete_user_data('username', $username); } @@ -2649,29 +2638,10 @@ function authenticate_user_login($username, $password) { // if user not found, create him $user = create_user_record($username, $password, $auth); } - // fix for MDL-6928 - if (method_exists($authplugin, 'iscreator')) { - $sitecontext = get_context_instance(CONTEXT_SYSTEM); - if ($creatorroles = get_roles_with_capability('moodle/legacy:coursecreator', CAP_ALLOW)) { - $creatorrole = array_shift($creatorroles); // We can only use one, let's use the first one - // Check if the user is a creator - if ($authplugin->iscreator($username)) { // Following calls will not create duplicates - role_assign($creatorrole->id, $user->id, 0, $sitecontext->id, 0, 0, 0, $auth); - } else { - role_unassign($creatorrole->id, $user->id, 0, $sitecontext->id); - } - } - } - /// Log in to a second system if necessary - if (!empty($CFG->sso)) { - include_once($CFG->dirroot .'/sso/'. $CFG->sso .'/lib.php'); - if (function_exists('sso_user_login')) { - if (!sso_user_login($username, $password)) { // Perform the signon process - notify('Second sign-on failed'); - } - } - } + $authplugin->sync_roles($user); + + $authplugin->user_authenticated_hook($user, $username, $password); return $user; @@ -3631,7 +3601,7 @@ function send_password_change_info($user) { $data->admin = fullname($from).' ('. $from->email .')'; $userauth = get_auth_plugin($user->auth); - if ($userauth->can_change_password() and method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) { + if ($userauth->can_change_password() and $userauth->change_password_url()) { // we have some external url for password cahnging $data->link .= $userauth->change_password_url(); diff --git a/login/change_password.php b/login/change_password.php index 7bf7c6b597..0e8c1fd296 100644 --- a/login/change_password.php +++ b/login/change_password.php @@ -3,28 +3,20 @@ require_once('../config.php'); require_once('change_password_form.php'); - $id = optional_param('id', SITEID, PARAM_INT); + $id = optional_param('id', SITEID, PARAM_INT); // current course //HTTPS is potentially required in this page httpsrequired(); - $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); + $systemcontext = get_context_instance(CONTEXT_SYSTEM); if (!$course = get_record('course', 'id', $id)) { error('No such course!'); } - if (is_mnet_remote_user($USER)) { - $message = get_string('usercannotchangepassword', 'mnet'); - if ($idprovider = get_record('mnet_host', 'id', $USER->mnethostid)) { - $message .= get_string('userchangepasswordlink', 'mnet', $idprovider); - } - error($message); - } - // require proper login; guest can not change password - // TODO: add change password capability so that we can prevent participants to change password - if (empty($USER->id) or isguestuser() or has_capability('moodle/legacy:guest', $sitecontext, $USER->id, false)) { + // TODO: add change password capability so that we can prevent participants from changing password + if (empty($USER->id) or isguestuser() or has_capability('moodle/legacy:guest', $systemcontext, $USER->id, false)) { if (empty($SESSION->wantsurl)) { $SESSION->wantsurl = $CFG->httpswwwroot.'/login/change_password.php'; } @@ -36,6 +28,14 @@ error('Can not use this script when "Logged in as"!'); } + if (is_mnet_remote_user($USER)) { + $message = get_string('usercannotchangepassword', 'mnet'); + if ($idprovider = get_record('mnet_host', 'id', $USER->mnethostid)) { + $message .= get_string('userchangepasswordlink', 'mnet', $idprovider); + } + error($message); + } + // load the appropriate auth plugin $userauth = get_auth_plugin($USER->auth); @@ -43,35 +43,28 @@ error(get_string('nopasswordchange', 'auth')); } - if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) { + if ($userauth->change_password_url()) { // this internal scrip not used redirect($userauth->change_password_url()); } $mform = new login_change_password_form(); - $mform->set_data(array('id'=>$course->id, 'username'=>$USER->username)); + $mform->set_data(array('id'=>$course->id)); if ($mform->is_cancelled()) { redirect($CFG->wwwroot.'/user/view.php?id='.$USER->id.'&course='.$course->id); } else if ($data = $mform->get_data()) { - if (!has_capability('moodle/user:update', $sitecontext)) { - //ignore submitted username - the same is done in form validation - $data->username = $USER->username; - } - - if ($data->username == $USER->username) { - $user =& $USER; - } else { - $user = get_complete_user_data('username', $data->username); + if (!$userauth->user_update_password(addslashes_recursive($USER), $data->newpassword1)) { + error(get_string('errorpasswordupdate', 'auth')); } // register success changing password - unset_user_preference('auth_forcepasswordchange', $user->id); + unset_user_preference('auth_forcepasswordchange', $USER->id); $strpasswordchanged = get_string('passwordchanged'); - add_to_log($course->id, 'user', 'change password', "view.php?id=$user->id&course=$course->id", "$user->id"); + add_to_log($course->id, 'user', 'change password', "view.php?id=$USER->id&course=$course->id", "$USER->id"); $fullname = fullname($USER, true); diff --git a/login/change_password_form.php b/login/change_password_form.php index 92952f1136..685200219e 100644 --- a/login/change_password_form.php +++ b/login/change_password_form.php @@ -7,29 +7,16 @@ class login_change_password_form extends moodleform { function definition() { global $USER; - $mform =& $this->_form; + $mform =& $this->_form; $mform->addElement('header', '', get_string('changepassword'), ''); - $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); // visible elements - if (has_capability('moodle/user:update', $sitecontext)) { - $mform->addElement('text', 'username', get_string('username')); - $mform->addRule('username', get_string('required'), 'required', null, 'client'); - $mform->setType('username', PARAM_RAW); - } else { - $mform->addElement('hidden', 'username'); - $mform->setType('username', PARAM_RAW); - } + $mform->addElement('static', 'username', get_string('username')); - if (has_capability('moodle/user:update', $sitecontext)) { - $mform->addElement('hidden', 'password'); - $mform->setType('username', PARAM_RAW); - } else { - $mform->addElement('password', 'password', get_string('oldpassword')); - $mform->addRule('password', get_string('required'), 'required', null, 'client'); - $mform->setType('password', PARAM_RAW); - } + $mform->addElement('password', 'password', get_string('oldpassword')); + $mform->addRule('password', get_string('required'), 'required', null, 'client'); + $mform->setType('password', PARAM_RAW); $mform->addElement('password', 'newpassword1', get_string('newpassword')); $mform->addRule('newpassword1', get_string('required'), 'required', null, 'client'); @@ -55,44 +42,25 @@ class login_change_password_form extends moodleform { /// perform extra password change validation function validation($data){ global $USER; - $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); $errors = array(); - if (has_capability('moodle/user:update', $sitecontext)) { - if (!$user = get_record('user', 'username', $data['username'])) { - $errors['username'] = get_string('invalidlogin'); - return $errors; - } - } else { - update_login_count(); - - // ignore submitted username - if (!$user = authenticate_user_login($USER->username, $data['password'])) { - $errors['password'] = get_string('invalidlogin'); - return $errors; - } + update_login_count(); - reset_login_count(); - } - - // can not change guest user password - if ($user->username == 'guest') { - $errors['username'] = get_string('invalidlogin'); + // ignore submitted username + if (!$user = authenticate_user_login($USER->username, $data['password'])) { + $errors['password'] = get_string('invalidlogin'); return $errors; } - // can not change password of primary admin - $mainadmin = get_admin(); - if ($user->id == $mainadmin->id and $USER->id != $mainadmin->id) { - $errors['username'] = get_string('adminprimarynoedit'); - return $errors; - } + reset_login_count(); if ($data['newpassword1'] <> $data['newpassword2']) { $errors['newpassword1'] = get_string('passwordsdiffer'); $errors['newpassword2'] = get_string('passwordsdiffer'); return $errors; - } else if (!has_capability('moodle/user:update', $sitecontext) and ($data['password'] == $data['newpassword1'])){ + } + + if ($data['password'] == $data['newpassword1']){ $errors['newpassword1'] = get_string('mustchangepassword'); $errors['newpassword2'] = get_string('mustchangepassword'); return $errors; diff --git a/login/confirm.php b/login/confirm.php index 72fba41cf6..fcfdeb6082 100644 --- a/login/confirm.php +++ b/login/confirm.php @@ -12,7 +12,7 @@ } $authplugin = get_auth_plugin($CFG->registerauth); - if (!method_exists($authplugin, 'user_confirm')) { + if (!$authplugin->can_confirm()) { error("Sorry, you may not use this page."); } @@ -42,10 +42,8 @@ } else if ($confirmed == AUTH_CONFIRM_OK) { // Activate new user if necessary - if (method_exists($authplugin, 'user_activate')) { - if (!$authplugin->user_activate($username)) { - error('Could not activate this user!'); - } + if (!$authplugin->user_activate($username)) { + error('Could not activate this user!'); } // The user has confirmed successfully, let's log them in diff --git a/login/forgot_password.php b/login/forgot_password.php index 2d6e75b1f6..4de7199224 100644 --- a/login/forgot_password.php +++ b/login/forgot_password.php @@ -98,7 +98,7 @@ if ($mform->is_cancelled()) { $userauth = get_auth_plugin($user->auth); - if (method_exists($userauth, 'can_reset_password') and $userauth->can_reset_password()) { + if ($userauth->can_reset_password()) { // reset internal password and notify user // set 'secret' string diff --git a/login/index.php b/login/index.php index 569f038956..43eebe1f3e 100644 --- a/login/index.php +++ b/login/index.php @@ -23,9 +23,6 @@ $session_has_timed_out = false; } - //HTTPS is potentially required in this page - httpsrequired(); - /// Check if the guest user exists. If not, create one. if (! record_exists('user', 'username', 'guest')) { $guest->auth = 'manual'; @@ -49,11 +46,6 @@ $authsequence = explode(',', $CFG->auth); // auths, in sequence -// Load alternative login screens if necessary -if ($authsequence[0] == 'cas' and !empty($CFG->cas_enabled)) { - require($CFG->dirroot.'/auth/cas/login.php'); - } - if (!isset($CFG->registerauth)) { set_config('registerauth', ''); } @@ -62,17 +54,19 @@ if (!isset($CFG->auth_instructions)) { set_config('auth_instructions', ''); } -// See http://moodle.org/mod/forum/discuss.php?d=39918#187611 -// if ($CFG->auth == 'shibboleth') { -// if (!empty($SESSION->shibboleth_checked) ) { // Just come from there -// unset($SESSION->shibboleth_checked); -// } else if (empty($_POST)) { // No incoming data, so redirect -// redirect($CFG->wwwroot.'/auth/shibboleth/index.php'); -// } -// } - - +// auth plugins can override these - SSO anyone? +$frm = false; +$user = false; + +foreach($authsequence as $authname) { + $authplugin = get_auth_plugin($authname); + $authplugin->prelogin_hook(); +} + +//HTTPS is potentially required in this page +httpsrequired(); + /// Define variables used in page if (!$site = get_site()) { error("No site found!"); @@ -91,16 +85,18 @@ if (!isset($CFG->auth_instructions)) { $loginurl = (!empty($CFG->alternateloginurl)) ? $CFG->alternateloginurl : ''; - $frm = false; - $user = false; + if ($user !== false or $frm !== false) { + // some auth plugin already supplied these - if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) { + } else if ((!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) or $loginguest) { /// Log in as guest automatically (idea from Zbigniew Fiedorowicz) $frm->username = 'guest'; $frm->password = 'guest'; + } else if (!empty($SESSION->wantsurl) && file_exists($CFG->dirroot.'/login/weblinkauth.php')) { // Handles the case of another Moodle site linking into a page on this site + //TODO: move weblink into own auth plugin include($CFG->dirroot.'/login/weblinkauth.php'); if (function_exists(weblink_auth)) { $user = weblink_auth($SESSION->wantsurl); @@ -110,6 +106,7 @@ if (!isset($CFG->auth_instructions)) { } else { $frm = data_submitted($loginurl); } + } else { $frm = data_submitted($loginurl); } @@ -120,7 +117,7 @@ if (!isset($CFG->auth_instructions)) { $errormsg = get_string("cookiesnotenabled"); - } else if ($frm) { // Login WITH cookies + } else if ($frm) { // Login WITH cookies $frm->username = trim(moodle_strtolower($frm->username)); @@ -132,10 +129,12 @@ if (!isset($CFG->auth_instructions)) { } } - if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) { + if ($user) { + //user already supplied by aut plugin prelogin hook + } else if (($frm->username == 'guest') and empty($CFG->guestloginbutton)) { $user = false; /// Can't log in as guest if guest button is disabled $frm = false; - } else if (!$user) { + } else { if (empty($errormsg)) { $user = authenticate_user_login($frm->username, $frm->password); } @@ -178,7 +177,7 @@ if (!isset($CFG->auth_instructions)) { //Select password change url $userauth = get_auth_plugin($USER->auth); if ($userauth->can_change_password()) { - if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) { + if ($userauth->change_password_url()) { $passwordchangeurl = $userauth->change_password_url(); } else { $passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php'; @@ -213,7 +212,7 @@ if (!isset($CFG->auth_instructions)) { } /// Go to my-moodle page instead of homepage if mymoodleredirect enabled - if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM, SITEID)) and !empty($CFG->mymoodleredirect) and !isguest()) { + if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM)) and !empty($CFG->mymoodleredirect) and !isguest()) { if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') { $urltogo = $CFG->wwwroot.'/my/'; } @@ -222,7 +221,7 @@ if (!isset($CFG->auth_instructions)) { // check if user password has expired // Currently supported only for ldap-authentication module - if (method_exists($userauth, 'password_expire') and !empty($userauth->config->expiration) and $userauth->config->expiration == 1) { + if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) { $days2expire = $userauth->password_expire($USER->username); if (intval($days2expire) > 0 && intval($days2expire) < intval($CFG->{$USER->auth.'_expiration_warning'})) { print_header("$site->fullname: $loginsite", "$site->fullname", $loginsite, $focus, "", true, "
$langmenu
"); diff --git a/login/index_form.html b/login/index_form.html index 0bcecc9854..012075adf0 100644 --- a/login/index_form.html +++ b/login/index_form.html @@ -90,16 +90,13 @@ if ($show_instructions) { registerauth)) { - echo format_text($CFG->auth_instructions); - $authplugin = get_auth_plugin($CFG->registerauth); - if (method_exists($authplugin, 'user_create')) { ?> -
-
-
" />
-
-
-auth_instructions); ?> +
+
+
" />
+
+
+auth_instructions); } ?> diff --git a/login/logout.php b/login/logout.php index e4e90d2f12..41c3039aba 100644 --- a/login/logout.php +++ b/login/logout.php @@ -3,11 +3,13 @@ require_once("../config.php"); - if (!empty($USER->mnethostid) and $USER->mnethostid != $CFG->mnet_localhost_id) { - $host = get_record('mnet_host', 'id', $USER->mnethostid); - $wwwroot = $host->wwwroot; - } else { - $wwwroot = $CFG->wwwroot; + // can be overriden by auth plugins + $redirect = $CFG->wwwroot.'/'; + + $authsequence = explode(',', $CFG->auth); // auths, in sequence + foreach($authsequence as $authname) { + $authplugin = get_auth_plugin($authname); + $authplugin->prelogin_hook(); } $sesskey = optional_param('sesskey', '__notpresent__', PARAM_RAW); // we want not null default to prevent required sesskey warning @@ -21,6 +23,6 @@ require_logout(); - redirect("$wwwroot/"); + redirect($redirect); ?> diff --git a/login/signup.php b/login/signup.php index 2aecde05c5..be1f6000c1 100644 --- a/login/signup.php +++ b/login/signup.php @@ -8,7 +8,7 @@ } $authplugin = get_auth_plugin($CFG->registerauth); - if (!method_exists($authplugin, 'user_signup')) { + if (!$authplugin->can_signup()) { error("Sorry, you may not use this page."); } @@ -28,7 +28,7 @@ $user->secret = random_string(15); $user->auth = $CFG->registerauth; - $authplugin->user_signup($user, $notify=true); // prints notice and link to login/index.php + $authplugin->user_signup($user, true); // prints notice and link to login/index.php exit; //never reached } diff --git a/login/signup_form.php b/login/signup_form.php index 7a7081ab38..20176bae52 100644 --- a/login/signup_form.php +++ b/login/signup_form.php @@ -3,114 +3,115 @@ require_once($CFG->libdir.'/formslib.php'); class login_signup_form extends moodleform { - function definition() { - global $USER, $CFG; + function definition() { + global $USER, $CFG; - $mform =& $this->_form; + $mform =& $this->_form; - $mform->addElement('header', '', get_string('createuserandpass'), ''); + $mform->addElement('header', '', get_string('createuserandpass'), ''); - $mform->addElement('text', 'username', get_string('username'), 'size="12"'); - $mform->setType('username', PARAM_NOTAGS); - $mform->addRule('username', get_string('missingusername'), 'required', null, 'client'); + $mform->addElement('text', 'username', get_string('username'), 'size="12"'); + $mform->setType('username', PARAM_NOTAGS); + $mform->addRule('username', get_string('missingusername'), 'required', null, 'client'); - $mform->addElement('password', 'password', get_string('password'), 'size="12"'); - $mform->setType('password', PARAM_RAW); - $mform->addRule('password', get_string('missingpassword'), 'required', null, 'client'); + $mform->addElement('password', 'password', get_string('password'), 'size="12"'); + $mform->setType('password', PARAM_RAW); + $mform->addRule('password', get_string('missingpassword'), 'required', null, 'client'); - $mform->addElement('header', '', get_string('supplyinfo'),''); + $mform->addElement('header', '', get_string('supplyinfo'),''); - $mform->addElement('text', 'email', get_string('email'), 'size="25"'); - $mform->setType('email', PARAM_NOTAGS); - $mform->addRule('email', get_string('missingemail'), 'required', null, 'client'); + $mform->addElement('text', 'email', get_string('email'), 'size="25"'); + $mform->setType('email', PARAM_NOTAGS); + $mform->addRule('email', get_string('missingemail'), 'required', null, 'client'); - $mform->addElement('text', 'email2', get_string('emailagain'), 'size="25"'); - $mform->setType('email2', PARAM_NOTAGS); - $mform->addRule('email2', get_string('missingemail'), 'required', null, 'client'); + $mform->addElement('text', 'email2', get_string('emailagain'), 'size="25"'); + $mform->setType('email2', PARAM_NOTAGS); + $mform->addRule('email2', get_string('missingemail'), 'required', null, 'client'); - $mform->addElement('text', 'firstname', get_string('firstname'), 'size="25"'); - $mform->setType('firstname', PARAM_TEXT); - $mform->addRule('firstname', get_string('missingfirstname'), 'required', null, 'client'); + $mform->addElement('text', 'firstname', get_string('firstname'), 'size="25"'); + $mform->setType('firstname', PARAM_TEXT); + $mform->addRule('firstname', get_string('missingfirstname'), 'required', null, 'client'); - $mform->addElement('text', 'lastname', get_string('lastname'), 'size="25"'); - $mform->setType('lastname', PARAM_TEXT); - $mform->addRule('lastname', get_string('missinglastname'), 'required', null, 'client'); + $mform->addElement('text', 'lastname', get_string('lastname'), 'size="25"'); + $mform->setType('lastname', PARAM_TEXT); + $mform->addRule('lastname', get_string('missinglastname'), 'required', null, 'client'); - $mform->addElement('text', 'city', get_string('city'), 'size="20"'); - $mform->setType('city', PARAM_TEXT); - $mform->addRule('city', get_string('missingcity'), 'required', null, 'client'); + $mform->addElement('text', 'city', get_string('city'), 'size="20"'); + $mform->setType('city', PARAM_TEXT); + $mform->addRule('city', get_string('missingcity'), 'required', null, 'client'); - $country = get_list_of_countries(); - $default_country[''] = get_string('selectacountry'); - $country = array_merge($default_country, $country); - $mform->addElement('select', 'country', get_string('country'), $country); - $mform->addRule('country', get_string('missingcountry'), 'required', null, 'client'); + $country = get_list_of_countries(); + $default_country[''] = get_string('selectacountry'); + $country = array_merge($default_country, $country); + $mform->addElement('select', 'country', get_string('country'), $country); + $mform->addRule('country', get_string('missingcountry'), 'required', null, 'client'); $mform->setDefault('country', ''); // buttons $this->add_action_buttons(true, get_string('createaccount')); - } + } - function definition_after_data(){ - $mform =& $this->_form; + function definition_after_data(){ + $mform =& $this->_form; - $mform->applyFilter('username', 'moodle_strtolower'); - $mform->applyFilter('username', 'trim'); - } + $mform->applyFilter('username', 'moodle_strtolower'); + $mform->applyFilter('username', 'trim'); + } - function validation($data) { - global $CFG; - $errors = array(); + function validation($data) { + global $CFG; + $errors = array(); $authplugin = get_auth_plugin($CFG->registerauth); - if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) { - $errors['username'] = get_string('usernameexists'); - } else { - if (empty($CFG->extendedusernamechars)) { - $string = eregi_replace("[^(-\.[:alnum:])]", '', $data['username']); - if (strcmp($data['username'], $string)) { - $errors['username'] = get_string('alphanumerical'); - } - } - } - if (method_exists($authplugin, 'user_exists')){ - if ($authplugin->user_exists($user->username)) { - $errors['username'] = get_string('usernameexists'); - } - } - - - if (! validate_email($data['email'])) { - $errors['email'] = get_string('invalidemail'); - - } else if (record_exists('user', 'email', $data['email'])) { - $errors['email'] = get_string('emailexists').' '.get_string('newpassword').'?'; - } + if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) { + $errors['username'] = get_string('usernameexists'); + } else { + if (empty($CFG->extendedusernamechars)) { + $string = eregi_replace("[^(-\.[:alnum:])]", '', $data['username']); + if (strcmp($data['username'], $string)) { + $errors['username'] = get_string('alphanumerical'); + } + } + } + + //check if user exists in external db + //TODO: maybe we should check all enabled plugins instead + if ($authplugin->user_exists($user->username)) { + $errors['username'] = get_string('usernameexists'); + } + + + if (! validate_email($data['email'])) { + $errors['email'] = get_string('invalidemail'); + + } else if (record_exists('user', 'email', $data['email'])) { + $errors['email'] = get_string('emailexists').' '.get_string('newpassword').'?'; + } if (empty($data['email2'])) { $errors['email2'] = get_string('missingemail'); } else if ($data['email2'] != $data['email']) { $errors['email2'] = get_string('invalidemail'); } - if (!isset($errors['email'])) { - if ($err = email_is_not_allowed($data['email'])) { - $errors['email'] = $err; - } + if (!isset($errors['email'])) { + if ($err = email_is_not_allowed($data['email'])) { + $errors['email'] = $err; + } - } + } - if (0 == count($errors)){ - return true; - } else { - return $errors; - } + if (0 == count($errors)){ + return true; + } else { + return $errors; + } - } + } } ?> diff --git a/user/edit.php b/user/edit.php index 4bb0f52e1a..a34776e2c9 100644 --- a/user/edit.php +++ b/user/edit.php @@ -70,20 +70,18 @@ $usernew->timemodified = time(); - if (update_record('user', $usernew)) { - if (method_exists($authplugin, 'user_update')){ - // pass a true $userold here - if (! $authplugin->user_update($user, $userform->get_data(false))) { - // auth update failed, rollback for moodle - update_record('user', addslashes_object($user)); - error('Failed to update user data on external auth: '.$usernew->auth. - '. See the server logs for more details.'); - } - }; - } else { + if (!update_record('user', $usernew)) { error('Error updating user record'); } + // pass a true $userold here + if (! $authplugin->user_update($user, $userform->get_data(false))) { + // auth update failed, rollback for moodle + update_record('user', addslashes_object($user)); + error('Failed to update user data on external auth: '.$usernew->auth. + '. See the server logs for more details.'); + } + //update preferences useredit_update_user_preference($usernew); diff --git a/user/editadvanced.php b/user/editadvanced.php index b94045da39..0f3c291eda 100644 --- a/user/editadvanced.php +++ b/user/editadvanced.php @@ -83,26 +83,20 @@ if (!update_record('user', $usernew)) { error('Error updating user record'); } - if (method_exists($authplugin, 'user_update')){ - // pass a true $userold here - if (! $authplugin->user_update($user, $userform->get_data(false))) { - // auth update failed, rollback for moodle - update_record('user', addslashes_object($user)); - error('Failed to update user data on external auth: '.$usernew->auth. - '. See the server logs for more details.'); - } - }; + // pass a true $userold here + if (! $authplugin->user_update($user, $userform->get_data(false))) { + // auth update failed, rollback for moodle + update_record('user', addslashes_object($user)); + error('Failed to update user data on external auth: '.$usernew->auth. + '. See the server logs for more details.'); + } //set new password if specified if (!empty($usernew->newpassword)) { if ($authplugin->can_change_password()) { - if (method_exists($authplugin, 'user_update_password')){ - if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){ - error('Failed to update password on external auth: ' . $usernew->auth . - '. See the server logs for more details.'); - } - } else { - error('Your external authentication module is misconfigued!'); + if (!$authplugin->user_update_password($usernew, $usernew->newpassword)){ + error('Failed to update password on external auth: ' . $usernew->auth . + '. See the server logs for more details.'); } } } diff --git a/user/view.php b/user/view.php index 69a1075a77..71eb5204b7 100644 --- a/user/view.php +++ b/user/view.php @@ -352,7 +352,7 @@ $passwordchangeurl = false; if ($userauth->can_change_password()) { - if (method_exists($userauth, 'change_password_url') and $userauth->change_password_url()) { + if ($userauth->change_password_url()) { $passwordchangeurl = $userauth->change_password_url(); } else { if (empty($CFG->loginhttps)) {