/**
* Test validate() method.
*/
public function test_validate()
{
// Create user with just with username and firstname.
$record = array('username' => 's10', 'firstname' => 'Bebe Stevens');
$validation = core_user::validate((object) $record);
// Validate the user, should return true as the user data is correct.
$this->assertTrue($validation);
// Create user with incorrect data (invalid country and theme).
$record = array('username' => 's1', 'firstname' => 'Eric Cartman', 'country' => 'UU', 'theme' => 'beise');
// Should return an array with 2 errors.
$validation = core_user::validate((object) $record);
$this->assertArrayHasKey('country', $validation);
$this->assertArrayHasKey('theme', $validation);
$this->assertCount(2, $validation);
// Create user with malicious data (xss).
$record = array('username' => 's3', 'firstname' => 'Kyle<script>alert(1);<script> Broflovski');
// Should return an array with 1 error.
$validation = core_user::validate((object) $record);
$this->assertCount(1, $validation);
$this->assertArrayHasKey('firstname', $validation);
}
}
$gid = $ccache[$shortname]->groups[$addgroup]->id;
$gname = $ccache[$shortname]->groups[$addgroup]->name;
try {
if (groups_add_member($gid, $user->id)) {
$upt->track('enrolments', get_string('addedtogroup', '', s($gname)));
} else {
$upt->track('enrolments', get_string('addedtogroupnot', '', s($gname)), 'error');
}
} catch (moodle_exception $e) {
$upt->track('enrolments', get_string('addedtogroupnot', '', s($gname)), 'error');
continue;
}
}
}
$validation[$user->username] = core_user::validate($user);
}
$upt->close();
// close table
if (!empty($validation)) {
foreach ($validation as $username => $result) {
if ($result !== true) {
\core\notification::warning(get_string('invaliduserdata', 'tool_uploaduser', s($username)));
}
}
}
$cir->close();
$cir->cleanup(true);
echo $OUTPUT->box_start('boxwidthnarrow boxaligncenter generalbox', 'uploadresults');
echo '<p>';
if ($optype != UU_USER_UPDATE) {
/**
* Test for mod_assign_external::list_participants().
*
* @throws coding_exception
*/
public function test_list_participants_user_info_with_special_characters()
{
global $CFG, $DB;
$this->resetAfterTest(true);
$CFG->showuseridentity = 'idnumber,email,phone1,phone2,department,institution';
$data = $this->create_assign_with_student_and_teacher();
$assignment = $data['assign'];
$teacher = $data['teacher'];
// Set data for student info that contain special characters.
$student = $data['student'];
$student->idnumber = '<\'"1am@wesome&c00l"\'>';
$student->phone1 = '+63 (999) 888-7777';
$student->phone2 = '(011) [15]4-123-4567';
$student->department = 'Arts & Sciences & \' " ¢ £ © € ¥ ® < >';
$student->institution = 'University of Awesome People & \' " ¢ £ © € ¥ ® < >';
// Assert that we have valid user data.
$this->assertTrue(core_user::validate($student));
// Update the user record.
$DB->update_record('user', $student);
$this->setUser($teacher);
$participants = mod_assign_external::list_participants($assignment->id, 0, '', 0, 0);
$this->assertCount(1, $participants);
// Asser that we have a valid response data.
$response = external_api::clean_returnvalue(mod_assign_external::list_participants_returns(), $participants);
$this->assertEquals($response, $participants);
// Check participant data.
$participant = $participants[0];
$this->assertEquals($student->idnumber, $participant['idnumber']);
$this->assertEquals($student->email, $participant['email']);
$this->assertEquals($student->phone1, $participant['phone1']);
$this->assertEquals($student->phone2, $participant['phone2']);
$this->assertEquals($student->department, $participant['department']);
$this->assertEquals($student->institution, $participant['institution']);
}
/**
* Update a user with a user object (will compare against the ID)
*
* @throws moodle_exception
* @param stdClass $user the user to update
* @param bool $updatepassword if true, authentication plugin will update password.
* @param bool $triggerevent set false if user_updated event should not be triggred.
* This will not affect user_password_updated event triggering.
*/
function user_update_user($user, $updatepassword = true, $triggerevent = true)
{
global $DB;
// Set the timecreate field to the current time.
if (!is_object($user)) {
$user = (object) $user;
}
// Check username.
if (isset($user->username)) {
if ($user->username !== core_text::strtolower($user->username)) {
throw new moodle_exception('usernamelowercase');
} else {
if ($user->username !== core_user::clean_field($user->username, 'username')) {
throw new moodle_exception('invalidusername');
}
}
}
// Unset password here, for updating later, if password update is required.
if ($updatepassword && isset($user->password)) {
// Check password toward the password policy.
if (!check_password_policy($user->password, $errmsg)) {
throw new moodle_exception($errmsg);
}
$passwd = $user->password;
unset($user->password);
}
// Make sure calendartype, if set, is valid.
if (empty($user->calendartype)) {
// Unset this variable, must be an empty string, which we do not want to update the calendartype to.
unset($user->calendartype);
}
$user->timemodified = time();
// Validate user data object.
$uservalidation = core_user::validate($user);
if ($uservalidation !== true) {
foreach ($uservalidation as $field => $message) {
debugging("The property '{$field}' has invalid data and has been cleaned.", DEBUG_DEVELOPER);
$user->{$field} = core_user::clean_field($user->{$field}, $field);
}
}
$DB->update_record('user', $user);
if ($updatepassword) {
// Get full user record.
$updateduser = $DB->get_record('user', array('id' => $user->id));
// If password was set, then update its hash.
if (isset($passwd)) {
$authplugin = get_auth_plugin($updateduser->auth);
if ($authplugin->can_change_password()) {
$authplugin->user_update_password($updateduser, $passwd);
}
}
}
// Trigger event if required.
if ($triggerevent) {
\core\event\user_updated::create_from_userid($user->id)->trigger();
}
}
