From 80274abfa1581e3d981b10dac4eb5dca6bb20ee7 Mon Sep 17 00:00:00 2001
From: skodak <skodak>
Date: Fri, 20 Apr 2007 10:02:38 +0000
Subject: [PATCH] MDL-9429 make clear that alternate change password url is
 used only when user is logged in, for example change url may contain
 $USER->username; other minor cleanup

---
 lib/authlib.php           |  1 +
 lib/moodlelib.php         |  4 ++--
 login/change_password.php |  4 ++--
 login/index.php           | 23 +++++++++--------------
 user/view.php             |  7 +++++--
 5 files changed, 19 insertions(+), 20 deletions(-)

diff --git a/lib/authlib.php b/lib/authlib.php
index 57f05f91d2..f64a32cc0b 100644
--- a/lib/authlib.php
+++ b/lib/authlib.php
@@ -87,6 +87,7 @@ class auth_plugin_base {
     /**
      * Returns the URL for changing the users' passwords, or empty if the default
      * URL can be used. This method is used if can_change_password() returns true.
+     * This method is called only when user is logged in, it may use global $USER.
      *
      * @return string
      */
diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index bcbf4f078c..b8311cf81f 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -1665,9 +1665,9 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null) {
     if (get_user_preferences('auth_forcepasswordchange') && empty($USER->realuser)) {
         if ($userauth->can_change_password()) {
             $SESSION->wantsurl = $FULLME;
-            if ($userauth->change_password_url()) {
+            if ($changeurl = $userauth->change_password_url()) {
                 //use plugin custom url
-                redirect($userauth->change_password_url());
+                redirect($changeurl);
             } else {
                 //use moodle internal method
                 if (empty($CFG->loginhttps)) {
diff --git a/login/change_password.php b/login/change_password.php
index 0e8c1fd296..6a6b938b72 100644
--- a/login/change_password.php
+++ b/login/change_password.php
@@ -43,9 +43,9 @@
         error(get_string('nopasswordchange', 'auth'));
     }
 
-    if ($userauth->change_password_url()) {
+    if ($changeurl = $userauth->change_password_url()) {
         // this internal scrip not used
-        redirect($userauth->change_password_url());
+        redirect($changeurl);
     }
 
     $mform = new login_change_password_form();
diff --git a/login/index.php b/login/index.php
index 5f1aa4f2bc..0ee0c170d0 100644
--- a/login/index.php
+++ b/login/index.php
@@ -25,6 +25,7 @@
 
 /// Check if the guest user exists.  If not, create one.
     if (! record_exists('user', 'username', 'guest')) {
+        $guest = new object();
         $guest->auth        = 'manual'; 
         $guest->username    = 'guest'; 
         $guest->password    = hash_internal_user_password('guest');
@@ -177,25 +178,19 @@ httpsrequired();
 
             /// This is what lets the user do anything on the site :-)
             load_all_capabilities();
-
-            //Select password change url
             $userauth = get_auth_plugin($USER->auth);
-            if ($userauth->can_change_password()) {
-                if ($userauth->change_password_url()) {
-                    $passwordchangeurl = $userauth->change_password_url();
-                } else {
-                    $passwordchangeurl = $CFG->httpswwwroot.'/login/change_password.php';
-                }
-            } else {
-                $passwordchangeurl = '';
-            }
 
             // check whether the user should be changing password
             if (get_user_preferences('auth_forcepasswordchange', false) || $frm->password == 'changeme'){
-                if ($passwordchangeurl != '') {
-                    redirect($passwordchangeurl);
+                //Select password change url
+                if ($userauth->can_change_password()) {
+                    if ($changeurl = $userauth->change_password_url()) {
+                        redirect($changeurl);
+                    } else {
+                        redirect($CFG->httpswwwroot.'/login/change_password.php');
+                    }
                 } else {
-                    error(get_strin('nopasswordchangeforced', 'auth'));
+                    error(get_string('nopasswordchangeforced', 'auth'));
                 }
             }
 
diff --git a/user/view.php b/user/view.php
index 208809e89c..81eb4f92b3 100644
--- a/user/view.php
+++ b/user/view.php
@@ -356,7 +356,7 @@
     $userauth = get_auth_plugin($user->auth);
 
     $passwordchangeurl = false;
-    if ($userauth->can_change_password()) {
+    if ($currentuser and $userauth->can_change_password() and !isguest()) { //TODO: add proper capability for password changing
         if ($userauth->change_password_url()) {
             $passwordchangeurl = $userauth->change_password_url();
         } else {
@@ -371,7 +371,10 @@
 //  Print other functions
     echo '<div class="buttons">';
 
-    if ($currentuser and $passwordchangeurl and !isguest()) { //TODO: add proper capability for password changing
+    if ($passwordchangeurl) {
+        if (!empty($USER->realuser)) {
+            $passwordchangeurl = ''; // do not use actual change password url - might contain sensitive data
+        }
         echo "<form action=\"$passwordchangeurl\" method=\"get\">";
         echo "<div>";
         echo "<input type=\"hidden\" name=\"id\" value=\"$course->id\" />";
-- 
2.39.5