From 466558e349a6ba157ef6a9ece3d5cab3ec1d2719 Mon Sep 17 00:00:00 2001 From: moodler Date: Fri, 22 Nov 2002 08:43:35 +0000 Subject: [PATCH] Changes to allow admin to control the "forgot password" function and a bug fix for set_config --- admin/auth.php | 29 +++++++++++++++++------------ auth/imap/config.html | 5 ++++- auth/pop3/config.html | 5 ++++- doc/release.html | 4 ++-- lang/en/auth.php | 2 ++ lang/en/moodle.php | 1 + lib/moodlelib.php | 29 +++++++++++++++++------------ login/index_form.html | 25 ++++++++++++++++++------- 8 files changed, 65 insertions(+), 35 deletions(-) diff --git a/admin/auth.php b/admin/auth.php index d51cea1b9c..7d1e2fad9d 100644 --- a/admin/auth.php +++ b/admin/auth.php @@ -25,18 +25,8 @@ if (count($err) == 0) { print_header(); foreach ($config as $name => $value) { - unset($conf); - $conf->name = $name; - $conf->value = $value; - if ($current = get_record("config", "name", $name)) { - $conf->id = $current->id; - if (! update_record("config", $conf)) { - notify("Could not update $name to $value"); - } - } else { - if (! insert_record("config", $conf)) { - notify("Error: could not add new variable $name !"); - } + if (! set_config($name, $value)) { + notify("Problem saving config $name as $value"); } } redirect("auth.php", get_string("changessaved"), 1); @@ -103,6 +93,20 @@ require("$CFG->dirroot/auth/$auth/config.html"); + if ($auth != "email" and $auth != "none") { + echo ""; + echo "

"; + print_string("changepassword", "auth"); + echo ":

"; + echo ""; + echo "changepassword\">"; + echo ""; + echo ""; + print_string("changepasswordhelp","auth"); + echo ""; + + } + echo ""; echo "

"; print_string("guestloginbutton", "auth"); @@ -114,6 +118,7 @@ print_string("showguestlogin","auth"); echo ""; + echo "

"; diff --git a/auth/imap/config.html b/auth/imap/config.html index 34b3975cc6..79089256d4 100644 --- a/auth/imap/config.html +++ b/auth/imap/config.html @@ -13,7 +13,10 @@

auth_imaptype: auth_imaptype, ""); + foreach($imaptypes as $imaptype) { + $imapoptions[$imaptype] = $imaptype; + } + choose_from_menu($imapoptions, "auth_imaptype", $config->auth_imaptype, ""); ?> diff --git a/auth/pop3/config.html b/auth/pop3/config.html index a219c13e41..19847cc55f 100644 --- a/auth/pop3/config.html +++ b/auth/pop3/config.html @@ -13,7 +13,10 @@

auth_pop3type: auth_pop3type, ""); + foreach($pop3types as $pop3type) { + $pop3options[$pop3type] = $pop3type; + } + choose_from_menu($pop3options, "auth_pop3type", $config->auth_pop3type, ""); ?> diff --git a/doc/release.html b/doc/release.html index bd9acf09ff..ca9e3b1572 100644 --- a/doc/release.html +++ b/doc/release.html @@ -18,7 +18,7 @@ authentication against user-specified fields in ANY external database table. In addition, Moodle now sports a cool new admin GUI for configuring all of this, so it should be pretty - easy to configure all of this. + easy to configure external authentication. Thanks to contributor Petri Asikainen for his work on the GUI.

Languages @@ -39,7 +39,7 @@
  • User pictures are now uploaded even if other fields have errors
  • Submitted assignments were sometimes having their owner changed - fixed.
  • Admin can always log in regardless of external authentication -
  • User log graphs are now translatable +
  • User log graphs are now faster, cleaner and translatable diff --git a/lang/en/auth.php b/lang/en/auth.php index 86994ee70f..5995e22896 100644 --- a/lang/en/auth.php +++ b/lang/en/auth.php @@ -48,6 +48,8 @@ $string['auth_pop3title'] = "Use a POP3 server"; $string['auth_pop3type'] = "Server type. If your server uses certificate security, choose pop3cert."; $string['authenticationoptions'] = "Authentication options"; $string['authinstructions'] = "Here you can provide instructions for your users, so they know which username and password they should be using. The text you enter here will appear on the login page. If you leave this blank then no instructions will be printed."; +$string['changepassword'] = "Change password URL"; +$string['changepasswordhelp'] = "Here you can specify a location at which your users can recover or change their username/password if they've forgotten it. This will be provided to users as a button on the login page. if you leave this blank the button will not be printed."; $string['chooseauthmethod'] = "Choose an authentication method: "; $string['guestloginbutton'] = "Guest login button"; $string['showguestlogin'] = "You can hide or show the guest login button on the login page."; diff --git a/lang/en/moodle.php b/lang/en/moodle.php index 8912452cde..5b003eb984 100644 --- a/lang/en/moodle.php +++ b/lang/en/moodle.php @@ -384,6 +384,7 @@ $string['participants'] = "Participants"; $string['password'] = "Password"; $string['passwordchanged'] = "Password has been changed"; $string['passwordsdiffer'] = "These passwords do not match"; +$string['passwordrecovery'] = "Yes, help me log in"; $string['passwordsent'] = "Password has been sent"; $string['passwordsenttext'] = "

    An email has been sent to your address at \$a->email. diff --git a/lib/moodlelib.php b/lib/moodlelib.php index d625052e61..51ae6dd784 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -980,7 +980,7 @@ function set_field($table, $field, $newvalue, $selector, $value) { function set_config($name, $value) { // No need for get_config because they are usually always available in $CFG - if (get_field("config", "value", "name", $name)) { + if (get_field("config", "name", "name", $name)) { return set_field("config", "value", $value, "name", $name); } else { $config->name = $name; @@ -1432,17 +1432,31 @@ function authenticate_user_login($username, $password) { global $CFG; + $md5password = md5($password); + if (!isset($CFG->auth)) { $CFG->auth = "email"; // Default authentication module } + if ($username == "guest") { + $CFG->auth = "none"; // Guest account always internal + } + + // If this is the admin, then just use internal methods + if ($user = get_record_sql("SELECT u.id FROM user u, user_admins a + WHERE u.id = a.user + AND u.username = '$username' + AND u.password = '$md5password'")) { + return get_user_info_from_db("username", $username); + } + require_once("$CFG->dirroot/auth/$CFG->auth/lib.php"); if (auth_user_login($username, $password)) { // Successful authentication if ($user = get_user_info_from_db("username", $username)) { - if (md5($password) <> $user->password) { - set_field("user", "password", md5($password), "username", $username); + if ($md5password <> $user->password) { + set_field("user", "password", $md5password, "username", $username); } return $user; @@ -1451,15 +1465,6 @@ function authenticate_user_login($username, $password) { } } - // It's possible that the user is the admin user, defined locally. - $password = md5($password); - if ($user = get_record_sql("SELECT u.id FROM user u, user_admins a - WHERE u.id = a.user - AND u.username = '$username' - AND u.password = '$password'")) { - return get_user_info_from_db("username", $username); - } - return false; } diff --git a/login/index_form.html b/login/index_form.html index 375850597f..91d174e92c 100644 --- a/login/index_form.html +++ b/login/index_form.html @@ -53,13 +53,24 @@ -

    -

    -
    -
    - "> -
    -
    + changepassword or $CFG->auth == "email" or $CFG->auth == "none") { + if ($CFG->auth == "email" or $CFG->auth == "none") { + $changepassword = "forgot_password.php"; + $changebuttonname = get_string("senddetails"); + } else { + $changepassword = $CFG->changepassword; + $changebuttonname = get_string("passwordrecovery"); + } + + ?> +
    +

    +
    +
    + +
    +
    + -- 2.39.5