From a3f1f815a9d3b110e38a2da25e51ae7d96a7f7e6 Mon Sep 17 00:00:00 2001 From: moodler Date: Thu, 23 Sep 2004 03:56:53 +0000 Subject: [PATCH] OK, finished the fixes I wanted to add to the recent LDAP changes for user field locking and forcing of password changing - Locked user fields always apply (for any authentication method). Currently these can only be defined in the LDAP auth screen but later these can be brought out as part of the generic interface for defining user fields and their behaviour. - Fields are now locked using Javascript and will work for any user fields that exist (list is not hard coded anymore). - Admins can always edit locked fields. - Admins can always force a password change. The checkbox reflects the current status of this, and the admin can UNSET the checkbox if they want. It is no longer necessary for the admin to change the old password for this to take effect, either. --- lib/moodlelib.php | 85 +++++++++++++++++++++++++----------------- user/edit.html | 94 ++++++++++------------------------------------- user/edit.php | 80 ++++++++++++++++++++-------------------- 3 files changed, 111 insertions(+), 148 deletions(-) diff --git a/lib/moodlelib.php b/lib/moodlelib.php index 830a1e044b..686265a3e1 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -130,7 +130,6 @@ function set_config($name, $value) { * @uses $USER */ function reload_user_preferences() { -/// Refresh current USER with all their current preferences global $USER; @@ -157,21 +156,19 @@ function reload_user_preferences() { * @todo Add inline links to $USER and user functions in above line. * @return boolean */ -function set_user_preference($name, $value, $user=NULL) { -/// Sets a preference for the current user -/// Optionally, can set a preference for a different user object +function set_user_preference($name, $value, $userid=NULL) { global $USER; - if (empty($user)){ - $user = $USER; + if (empty($userid)){ + $userid = $USER->id; } if (empty($name)) { return false; } - if ($preference = get_record('user_preferences', 'userid', $user->id, 'name', $name)) { + if ($preference = get_record('user_preferences', 'userid', $userid, 'name', $name)) { if (set_field('user_preferences', 'value', $value, 'id', $preference->id)) { $user->preference[$name] = $value; return true; @@ -180,7 +177,7 @@ function set_user_preference($name, $value, $user=NULL) { } } else { - $preference->userid = $user->id; + $preference->userid = $userid; $preference->name = $name; $preference->value = (string)$value; if (insert_record('user_preferences', $preference)) { @@ -197,19 +194,24 @@ function set_user_preference($name, $value, $user=NULL) { * @param array $prefarray An array of key/value pairs to be set * @return boolean */ -function set_user_preferences($prefarray) { -/// Sets a whole array of preferences for the current user +function set_user_preferences($prefarray, $userid=NULL) { + + global $USER; if (!is_array($prefarray) or empty($prefarray)) { return false; } + if (empty($userid)){ + $userid = $USER->id; + } + $return = true; foreach ($prefarray as $name => $value) { // The order is important; if the test for return is done first, // then if one function call fails all the remaining ones will // be "optimized away" - $return = set_user_preference($name, $value) and $return; + $return = set_user_preference($name, $value, $userid) and $return; } return $return; } @@ -226,25 +228,33 @@ function set_user_preferences($prefarray) { * @uses $USER * @return string */ -function get_user_preferences($name=NULL, $default=NULL) { -/// Without arguments, returns all the current user preferences -/// as an array. If a name is specified, then this function -/// attempts to return that particular preference value. If -/// none is found, then the optional value $default is returned, -/// otherwise NULL. +function get_user_preferences($name=NULL, $default=NULL, $userid=NULL) { global $USER; - if (empty($USER->preference)) { - return $default; // Default value (or NULL) - } - if (empty($name)) { - return $USER->preference; // Whole array - } - if (!isset($USER->preference[$name])) { - return $default; // Default value (or NULL) + if (empty($userid)) { // assume current user + if (empty($USER->preference)) { + return $default; // Default value (or NULL) + } + if (empty($name)) { + return $USER->preference; // Whole array + } + if (!isset($USER->preference[$name])) { + return $default; // Default value (or NULL) + } + return $USER->preference[$name]; // The single value + + } else { + $preference = get_records_menu('user_preferences', 'userid', $userid, 'name', 'name,value'); + + if (empty($name)) { + return $preference; + } + if (!isset($preference[$name])) { + return $default; // Default value (or NULL) + } + return $preference[$name]; // The single value } - return $USER->preference[$name]; // The single value } @@ -544,7 +554,7 @@ function require_login($courseid=0, $autologinguest=true) { // check whether the user should be changing password reload_user_preferences(); - if (isset($USER->preference['auth_forcepasswordchange'])){ + if (!empty($USER->preference['auth_forcepasswordchange'])){ if (is_internal_auth() || $CFG->{'auth_'.$USER->auth.'_stdchangepassword'}){ redirect($CFG->wwwroot .'/login/change_password.php'); } elseif($CFG->changepassword) { @@ -1028,17 +1038,26 @@ function get_moodle_cookie() { */ function is_internal_auth($auth='') { /// Returns true if an internal authentication method is being used. -/// if method not specified then, global default is assumed +/// If auth not specified then global default is assumed global $CFG; - $method = $CFG->auth; - - if (!empty($auth)) { - $method = $auth; + if (empty($auth)) { + $auth = $CFG->auth; } - return ($method == 'email' || $method == 'none' || $method == 'manual'); + return ($auth == "email" || $auth == "none" || $auth == "manual"); +} + +function get_user_fieldnames() { +/// Returns an array of user fields + + global $CFG, $db; + + $fieldarray = $db->MetaColumnNames($CFG->prefix.'user'); + unset($fieldarray['ID']); + + return $fieldarray; } /** diff --git a/user/edit.html b/user/edit.html index 8f1074cb2e..32c9b6e165 100644 --- a/user/edit.html +++ b/user/edit.html @@ -11,7 +11,7 @@ ?> -
+ "; echo ""; echo ""; echo "\n"; - if(!$adminself && (isset($CFG->{'auth_'.$user->auth.'_stdchangepassword'}) || $CFG->changepassword)){ + if (!$adminself && ($CFG->{'auth_'.$user->auth.'_stdchangepassword'} || $CFG->changepassword)){ + if (get_user_preferences('auth_forcepasswordchange', NULL, $user->id)) { + $checked = ' checked="checked" '; + } else { + $checked = ''; + } echo ""; - echo ''; - echo ''; + echo ''; + echo ''; echo ""; - } + } echo ""; } @@ -71,36 +78,21 @@ if (isadmin()) { @@ -165,12 +157,7 @@ if (isadmin()) { @@ -183,13 +170,8 @@ if (isadmin()) { $user->country = $CFG->country; } - if(isset($CFG->auth_user_country_editlock)){ ?> - - country); - } else { - choose_from_menu(get_list_of_countries(), "country", $user->country, get_string("selectacountry")."...", "", ""); - } - ?> + choose_from_menu(get_list_of_countries(), "country", $user->country, get_string("selectacountry")."...", "", ""); + ?> @@ -199,12 +181,7 @@ if (isadmin()) { if (!$user->lang) { $user->lang = $CFG->lang; } - if(isset($CFG->auth_user_lang_editlock)){ ?> - - lang); - } else { - choose_from_menu ($languages, "lang", $user->lang, "", "", ""); - } + choose_from_menu ($languages, "lang", $user->lang, "", "", ""); } if (isset($err["lang"])) formerr($err["lang"]); ?> @@ -239,22 +216,14 @@ if (isadmin()) { - @@ -317,12 +286,7 @@ if (isadmin()) { @@ -335,48 +299,28 @@ if (isadmin()) { diff --git a/user/edit.php b/user/edit.php index ab6122275b..d2b66b0027 100644 --- a/user/edit.php +++ b/user/edit.php @@ -90,6 +90,7 @@ $user = $usernew; } else { + $db->debug = true; $timenow = time(); if (!$usernew->picture = save_profile_image($user->id,$um,'users')) { @@ -108,7 +109,7 @@ $usernew->password = md5($usernew->newpassword); // update external passwords if (!empty($CFG->{'auth_'. $user->auth.'_stdchangepassword'})) { - if(function_exists('auth_user_update_password')){ + if (function_exists('auth_user_update_password')){ if (!auth_user_update_password($user->username, $usernew->newpassword)){ error('Failed to update password on external auth: ' . $user->auth . '. See the server logs for more details.'); @@ -117,10 +118,12 @@ error('Your external authentication module is misconfigued!'); } } - // store forcepasswordchange in user's preferences - if (isset($usernew->forcepasswordchange)){ - set_user_preference('auth_forcepasswordchange', 1, $user); - } + } + // store forcepasswordchange in user's preferences + if (isset($usernew->forcepasswordchange)){ + set_user_preference('auth_forcepasswordchange', 1, $user->id); + } else { + set_user_preference('auth_forcepasswordchange', 0, $user->id); } } else { if (isset($usernew->newpassword)) { @@ -209,12 +212,32 @@ } print_simple_box_start("center", "", "$THEME->cellheading"); + if (!empty($err)) { echo "
"; notify(get_string("someerrorswerefound")); echo "
"; } + include("edit.html"); + + if (!isadmin()) { /// Lock all the locked fields using Javascript + $fields = get_user_fieldnames(); + + echo ''."\n"; + } + print_simple_box_end(); if (!isset($USER->newadminuser)) { @@ -286,45 +309,22 @@ function find_form_errors(&$user, &$usernew, &$err, &$um) { $err["email"] = $error; } } + if (!$um->preprocess_files()) { $err['imagefile'] = $um->notify; } - if ($CFG->auth_user_firstname_editlock && !($user->firstname === $usernew->firstname)){ - $err["firstname"] = get_string("editlock"); - } - if ($CFG->auth_user_lastname_editlock && !($user->lastname === $usernew->lastname)){ - $err["lastname"] = get_string("editlock"); - } - if ($CFG->auth_user_email_editlock && !($user->email === $usernew->email)){ - $err["email"] = get_string("editlock"); - } - if ($CFG->auth_user_phone1_editlock && !($user->phone1 === $usernew->phone1)){ - $err["phone1"] = get_string("editlock"); - } - if ($CFG->auth_user_phone2_editlock && !($user->phone2 === $usernew->phone2)){ - $err["phone2"] = get_string("editlock"); - } - if ($CFG->auth_user_department_editlock && !($user->department === $usernew->department)){ - $err["department"] = get_string("editlock"); - } - if ($CFG->auth_user_address_editlock && !($user->address === $usernew->address)){ - $err["address"] = get_string("editlock"); - } - if ($CFG->auth_user_city_editlock && !($user->city === $usernew->city)){ - $err["city"] = get_string("editlock"); - } - if ($CFG->auth_user_description_editlock && !($user->description === $usernew->description)){ - $err["description"] = get_string("editlock"); - } - if ($CFG->auth_user_idnumber_editlock && !($user->idnumber === $usernew->idnumber)){ - $err["idnumber"] = get_string("editlock"); - } - if ($CFG->auth_user_lang_editlock && !($user->lang === $usernew->lang)){ - $err["lang"] = get_string("editlock"); - } - if ($CFG->auth_user_guid_editlock && !($user->guid === $usernew->guid)){ - $err["guid"] = get_string("editlock"); + if (!isadmin()) { /// Make sure that locked fields are not being edited + $fields = get_user_fieldnames(); + + foreach ($fields as $field) { + $configvariable = 'auth_user_'.$field.'_editlock'; + if (!empty($CFG->$configvariable)) { + if ($user->$field !== $usernew->$field) { + $err[$field] = get_string("editlock"); + } + } + } } $user->email = $usernew->email; -- 2.39.5
".get_string("newpassword").": newpassword)) p($user->newpassword); - echo "\" />"; + if (isset($user->newpassword)) { + p($user->newpassword); + } + echo "\" />"; if (isset($err["newpassword"])) { formerr($err["newpassword"]); } else if (empty($user->newpassword)) { @@ -56,12 +58,17 @@ if (isadmin()) { } echo "

'.get_string('forcechangepassword', 'auth').':

'.get_string('forcechangepassword_help','auth').'

'.get_string('forcepasswordchange').':

 '.get_string('forcepasswordchangehelp').'
: - auth_user_firstname_editlock)){ ?> - - firstname) ?> - -
: - auth_user_lastname_editlock)){ ?> - - lastname) ?> - -

:

 - auth_user_email_editlock)){ ?> - - email) ?> - -
: - auth_user_city_editlock)){ ?> - - city) ?> - -
: "; - } ?> - auth_user_description_editlock)){ ?> - - description, FORMAT_MOODLE); - } else { + "; } print_textarea(false, 10, 50, 50, 10, 'description', "$user->description"); helpbutton("text", get_string("helptext")); - - } ?> + ?>
: - auth_user_idnumber_editlock)){ ?> - - idnumber) ?> - -
: - auth_user_department_editlock)){ ?> - - department) ?> - -
1: - auth_user_phone1_editlock)){ ?> - - phone1) ?> - -
2: - auth_user_phone2_editlock)){ ?> - - phone2) ?> - -
: - auth_user_address_editlock)){ ?> - - address) ?> - -