From 35a48c9ae4d94c79a9b7fa9e8802e624c7bf6987 Mon Sep 17 00:00:00 2001 From: moodler Date: Tue, 19 Nov 2002 08:51:33 +0000 Subject: [PATCH] A significant new system for authentication configuration that exposes the wide array of authentication possibilities. Authentication now has it's own page separate from other variables. Most of this work was done by Petri Asikainen , who started these changes off. I've done some cleanups and additions which is why I'm checking it in. It's all working pretty well at the moment but could use some testing. Thanks, Petri! :-) --- admin/auth.php | 135 +++++++++++++++++++++++++++++++++++++++++ admin/config.html | 16 ----- admin/index.php | 3 +- auth/db/config.html | 100 ++++++++++++++++++++++++++++++ auth/db/lib.php | 9 --- auth/email/config.html | 1 + auth/imap/config.html | 44 ++++++++++++++ auth/imap/lib.php | 21 +++---- auth/ldap/config.html | 74 ++++++++++++++++++++++ auth/nntp/config.html | 32 ++++++++++ auth/nntp/lib.php | 10 +-- auth/none/config.html | 1 + auth/pop3/config.html | 45 ++++++++++++++ auth/pop3/lib.php | 12 ++-- lang/en/auth.php | 58 ++++++++++++++++++ lang/en/moodle.php | 3 +- login/index.php | 12 +++- login/index_form.html | 79 +++++++++++++----------- 18 files changed, 566 insertions(+), 89 deletions(-) create mode 100644 admin/auth.php create mode 100644 auth/db/config.html create mode 100644 auth/email/config.html create mode 100644 auth/imap/config.html create mode 100644 auth/ldap/config.html create mode 100644 auth/nntp/config.html create mode 100644 auth/none/config.html create mode 100644 auth/pop3/config.html create mode 100644 lang/en/auth.php diff --git a/admin/auth.php b/admin/auth.php new file mode 100644 index 0000000000..fcb657c7cd --- /dev/null +++ b/admin/auth.php @@ -0,0 +1,135 @@ + $value) { + unset($conf); + $conf->name = $name; + $conf->value = $value; + if ($current = get_record("config", "name", $name)) { + $conf->id = $current->id; + if (! update_record("config", $conf)) { + notify("Could not update $name to $value"); + } + } else { + if (! insert_record("config", $conf)) { + notify("Error: could not add new variable $name !"); + } + } + } + redirect("auth.php", get_string("changessaved"), 1); + exit; + + } else { + foreach ($err as $key => $value) { + $focus = "form.$key"; + } + } + } + +/// Otherwise fill and print the form. + + if (!isset($config)) { + $config = $CFG; + } + + $modules = get_list_of_plugins("auth"); + foreach ($modules as $module) { + $options[$module] = get_string("auth_$module"."title", "auth"); + } + asort($options); + if (isset($_GET['auth'])) { + $auth = $_GET['auth']; + } else { + $auth = $config->auth; + } + + if (! isset($config->guestloginbutton)) { + $config->guestloginbutton = 1; + } + $guestoptions[0] = get_string("hide"); + $guestoptions[1] = get_string("show"); + + $stradministration = get_string("administration"); + $strauthentication = get_string("authentication"); + $strauthenticationoptions = get_string("authenticationoptions","auth"); + $strsettings = get_string("settings"); + + print_header("$site->shortname: $strauthenticationoptions", "$site->fullname", + "$stradministration -> $strauthenticationoptions", "$focus"); + + echo "

"; + echo "

"; + print_string("chooseauthmethod","auth"); + + choose_from_menu ($options, "auth", $auth, "","top.location='auth.php?auth='+document.authmenu.auth.options[document.authmenu.auth.selectedIndex].value", ""); + + echo "

"; + + print_simple_box_start("center", "100%", "$THEME->cellheading"); + print_heading($options[$auth]); + + echo "

"; + print_string("auth_$auth"."description", "auth"); + echo "

"; + + echo "
"; + + print_heading($strsettings); + + echo ""; + + require("$CFG->dirroot/auth/$auth/config.html"); + + echo ""; + echo ""; + echo ""; + echo "

guestloginbutton:

"; + choose_from_menu($guestoptions, "guestloginbutton", $config->guestloginbutton, ""); + echo ""; + print_string("showguestlogin","auth"); + echo "
"; + + echo "

"; + + print_simple_box_end(); + + print_footer(); + exit; + +/// Functions ///////////////////////////////////////////////////////////////// + +function validate_form(&$form, &$err) { + + // if (empty($form->fullname)) + // $err["fullname"] = get_string("missingsitename"); + + return; +} + + +?> diff --git a/admin/config.html b/admin/config.html index 9b1642c04c..4a4dfd5f15 100644 --- a/admin/config.html +++ b/admin/config.html @@ -1,22 +1,6 @@
- - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/auth/db/lib.php b/auth/db/lib.php index 9f220e7415..28aeee25bc 100644 --- a/auth/db/lib.php +++ b/auth/db/lib.php @@ -4,15 +4,6 @@ // This code is completely untested so far - IT NEEDS TESTERS! // Looks like it should work though ... -$CFG->auth_dbhost = "localhost"; // The computer hosting the database server -$CFG->auth_dbtype = "mysql"; // The database type (mysql, postgres7, access, oracle etc) -$CFG->auth_dbname = "authtest"; // Name of the database itself -$CFG->auth_dbuser = "user"; // Username with read access to the database -$CFG->auth_dbpass = "pass"; // Password matching the above username -$CFG->auth_dbtable = "users"; // Name of the table in the database -$CFG->auth_dbfielduser = "user"; // Name of the field containing usernames -$CFG->auth_dbfieldpass = "pass"; // Name of the field containing passwords -$CFG->auth_instructions = "Use the same username and password as your school account"; // Instructions function auth_user_login ($username, $password) { // Returns true if the username and password work diff --git a/auth/email/config.html b/auth/email/config.html new file mode 100644 index 0000000000..ad9ab1e7ca --- /dev/null +++ b/auth/email/config.html @@ -0,0 +1 @@ + diff --git a/auth/imap/config.html b/auth/imap/config.html new file mode 100644 index 0000000000..2f0e5c7a00 --- /dev/null +++ b/auth/imap/config.html @@ -0,0 +1,44 @@ + + + + + + + + + + + + + + + + + + + + + + + diff --git a/auth/imap/lib.php b/auth/imap/lib.php index c16faeefd6..ab0d9fa5c0 100644 --- a/auth/imap/lib.php +++ b/auth/imap/lib.php @@ -1,15 +1,6 @@ auth_imaphost = "127.0.0.1"; // Should be IP number -$CFG->auth_imaptype = "imap"; // imap, imaptls, imapssl, imapcert -$CFG->auth_imapport = "143"; // 143, 993 -$CFG->auth_instructions = "Use the same username and password as your school email account"; // Instructions - - function auth_user_login ($username, $password) { // Returns true if the username and password work // and false if they are wrong or don't exist. @@ -18,22 +9,26 @@ function auth_user_login ($username, $password) { switch ($CFG->auth_imaptype) { case "imapssl": - $host = "{".$CFG->auth_imaphost.":$CFG->auth_imapport/imap/ssl}INBOX"; + $host = "{".$CFG->auth_imaphost.":$CFG->auth_imapport/imap/ssl}"; break; case "imapcert": - $host = "{".$CFG->auth_imaphost.":$CFG->auth_imapport/imap/ssl/novalidate-cert}INBOX"; + $host = "{".$CFG->auth_imaphost.":$CFG->auth_imapport/imap/ssl/novalidate-cert}"; break; case "imaptls": - $host = "{".$CFG->auth_imaphost.":$CFG->auth_imapport/imap/notls}INBOX"; + $host = "{".$CFG->auth_imaphost.":$CFG->auth_imapport/imap/notls}"; break; default: $host = "{".$CFG->auth_imaphost.":$CFG->auth_imapport}"; } - if ($connection = imap_open($host, $username, $password, OP_HALFOPEN)) { + error_reporting(0); + $connection = imap_open($host, $username, $password, OP_HALFOPEN); + error_reporting(7); + + if ($connection) { imap_close($connection); return true; diff --git a/auth/ldap/config.html b/auth/ldap/config.html new file mode 100644 index 0000000000..6a8a26ffa0 --- /dev/null +++ b/auth/ldap/config.html @@ -0,0 +1,74 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/auth/nntp/config.html b/auth/nntp/config.html new file mode 100644 index 0000000000..f9492914c4 --- /dev/null +++ b/auth/nntp/config.html @@ -0,0 +1,32 @@ + + + + + + + + + + + + + + + + + diff --git a/auth/nntp/lib.php b/auth/nntp/lib.php index 605fcaf5c6..6ed1cfeac7 100644 --- a/auth/nntp/lib.php +++ b/auth/nntp/lib.php @@ -4,10 +4,6 @@ // This code is completely untested so far - IT NEEDS TESTERS! // Looks like it should work though ... -$CFG->auth_nntphost = "127.0.0.1"; // Should be IP number -$CFG->auth_nntpport = "119"; // 119 is most common -$CFG->auth_instructions = "Use the same username and password as your school news account"; // Instructions - function auth_user_login ($username, $password) { // Returns true if the username and password work @@ -17,7 +13,11 @@ function auth_user_login ($username, $password) { $host = "{".$CFG->auth_nntphost.":$CFG->auth_nntpport/nntp}"; - if ($connection = imap_open($host, $username, $password, OP_HALFOPEN)) { + error_reporting(0); + $connection = imap_open($host, $username, $password, OP_HALFOPEN); + error_reporting(7); + + if ($connection) { imap_close($connection); return true; diff --git a/auth/none/config.html b/auth/none/config.html new file mode 100644 index 0000000000..ad9ab1e7ca --- /dev/null +++ b/auth/none/config.html @@ -0,0 +1 @@ + diff --git a/auth/pop3/config.html b/auth/pop3/config.html new file mode 100644 index 0000000000..97fb3d3f84 --- /dev/null +++ b/auth/pop3/config.html @@ -0,0 +1,45 @@ + + + + + + + + + + + + + + + + + + + + + + + diff --git a/auth/pop3/lib.php b/auth/pop3/lib.php index 9a04493d15..88412f6b98 100644 --- a/auth/pop3/lib.php +++ b/auth/pop3/lib.php @@ -4,12 +4,6 @@ // This code is completely untested so far - IT NEEDS TESTERS! // Looks like it should work though ... -$CFG->auth_pop3host = "127.0.0.1"; // Should be IP number -$CFG->auth_pop3type = "pop3"; // pop3, pop3cert -$CFG->auth_pop3port = "110"; // 110 is most common -$CFG->auth_instructions = "Use the same username and password as your school email account"; // Instructions - - function auth_user_login ($username, $password) { // Returns true if the username and password work // and false if they are wrong or don't exist. @@ -25,7 +19,11 @@ function auth_user_login ($username, $password) { break; } - if ($connection = imap_open($host, $username, $password, OP_HALFOPEN)) { + error_reporting(0); + $connection = imap_open($host, $username, $password, OP_HALFOPEN); + error_reporting(7); + + if ($connection) { imap_close($connection); return true; diff --git a/lang/en/auth.php b/lang/en/auth.php new file mode 100644 index 0000000000..3777c41a12 --- /dev/null +++ b/lang/en/auth.php @@ -0,0 +1,58 @@ + diff --git a/lang/en/moodle.php b/lang/en/moodle.php index d073f20ec3..5344ef760f 100644 --- a/lang/en/moodle.php +++ b/lang/en/moodle.php @@ -31,6 +31,7 @@ $string['alreadyconfirmed'] = "Registration has already been confirmed"; $string['answer'] = "Answer"; $string['assessment'] = "Assessment"; $string['assignteachers'] = "Assign teachers"; +$string['authentication'] = "Authentication"; $string['availablecourses'] = "Available Courses"; $string['cancel'] = "Cancel"; $string['categories'] = "Course categories"; @@ -50,7 +51,6 @@ $string['chooseuser'] = "Choose a user"; $string['city'] = "City/town"; $string['closewindow'] = "Close this window"; $string['comparelanguage'] = "Compare and edit current language"; -$string['configauth'] = "Choose the authentication module you want to use. The default is 'email' and has the best security. The method 'none' has no checking whatsoever - be careful using it unless you really know what you are doing."; $string['configgdversion'] = "Indicate the version of GD that is installed. The version shown by default is the one that has been auto-detected. Don't change this unless you really know what you're doing."; $string['configerrorlevel'] = "Choose the amount of PHP warnings that you want to be displayed. Normal is usually the best choice."; $string['confightmleditor'] = "Choose whether or not to allow use of the embedded HTML text editor. Even if you choose allow, this editor will only appear when the user is using a compatible browser (IE 5.5 or later). Users can also choose not to use it."; @@ -416,6 +416,7 @@ $string['serverlocaltime'] = "Server's local time"; $string['settings'] = "Settings"; $string['shortname'] = "Short name"; $string['shortsitename'] = "Short name for site (eg single word)"; +$string['show'] = "Show"; $string['showalltopics'] = "Show all topics"; $string['showallweeks'] = "Show all weeks"; $string['showlistofcourses'] = "Show list of courses"; diff --git a/login/index.php b/login/index.php index 1b7270800a..b23d80940f 100644 --- a/login/index.php +++ b/login/index.php @@ -1,7 +1,6 @@ username = "guest"; @@ -85,10 +84,19 @@ } else { $focus = "form.username"; } + + if ($CFG->auth == "email" or $CFG->auth == "none" or $CFG->auth_instructions) { + $show_instructions = true; + } else { + $show_instructions = false; + } + if (!$site = get_site()) { + error("No site found!"); + } $loginsite = get_string("loginsite"); - print_header($loginsite, $loginsite, get_string("login"), $focus); + print_header("$site->fullname: $loginsite", "$loginsite", get_string("login"), $focus); include("index_form.html"); print_footer(); diff --git a/login/index_form.html b/login/index_form.html index 94f6c8398f..375850597f 100644 --- a/login/index_form.html +++ b/login/index_form.html @@ -2,12 +2,14 @@

auth:

 - auth, "", "", ""); - formerr($err["auth"]); - unset($options); - ?> - - -

lang:

 diff --git a/admin/index.php b/admin/index.php index f1a8aff0bc..e1649a3a05 100644 --- a/admin/index.php +++ b/admin/index.php @@ -251,7 +251,8 @@ "

".get_string("deletecourse")."

". "

".get_string("categories")."

"; $table->data[0][2] = "

".get_string("addnewuser")."

". - "

".get_string("edituser")."

"; + "

".get_string("edituser")."

". + "

".get_string("authentication")."

"; print_table($table); diff --git a/auth/db/config.html b/auth/db/config.html new file mode 100644 index 0000000000..493b921e9c --- /dev/null +++ b/auth/db/config.html @@ -0,0 +1,100 @@ +

auth_dbhost:

 + + + + +

auth_dbtype:

 + auth_dbtype, ""); + ?> + + + +

auth_dbname:

 + + + + +

auth_dbuser:

 + + + + +

auth_dbpass:

 + + + + +

auth_dbtable:

 + + + + +

auth_dbfielduser:

 + + + + +

auth_dbfieldpass:

 + + + + +

auth_instructions:

 + + + + +

auth_imaphost:

 + + + + +

auth_imaptype:

 + auth_imaptype, ""); + ?> + + +

auth_imapport:

 + + + + +

auth_instructions:

 + + + + +

ldap_host_url:

 + + + + +

ldap_user_context(s):

 + + + + +

ldap_user_attribute(s):

 + + + + +

ldap_search_sub:

 + + + + +

ldap_bind_dn:

 + + + + +

ldap_bind_password:

 + + + + +

auth_instructions:

 + + + + +

auth_nntphost:

 + + + + +

auth_nntpport:

 + + + + +

auth_instructions:

 + + + + +

auth_pop3host:

 + + + + +

auth_pop3type:

 + auth_pop3type, ""); + ?> + + + +

auth_pop3port:

 + + + + +

auth_instructions:

 + + + + +
- - + + + + - + -
cellheading2?>> -

- 		cellheading2?>> -

- 		cellheading2?>> +

+ 		cellheading2?>> +

+
@@ -40,15 +42,17 @@
-
-

:

-
-
- - - "> -
-
+ guestloginbutton) { ?> +
+

:

+
+
+ + + "> +
+
+

@@ -58,26 +62,31 @@
- - auth) { - case "email": ?> -

- -
-
- "> -
-
- ".get_string("loginstepsnone")."

"; - break; - default: - echo format_text($CFG->auth_instructions); - } - ?> + + 		+ + auth) { + case "email": ?> +

+ +
+
+ "> +
+
+ ".get_string("loginstepsnone")."

"; + break; + default: + echo "
"; + echo format_text($CFG->auth_instructions); + echo "
"; + } + ?> + +
-- 2.39.5