function accountprefs_validate(Pieform $form, $values)
{
global $USER;
$authobj = AuthFactory::create($USER->authinstance);
if (isset($values['oldpassword'])) {
if ($values['oldpassword'] !== '') {
global $USER, $authtype, $authclass;
if (!$authobj->authenticate_user_account($USER, $values['oldpassword'])) {
$form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account'));
return;
}
password_validate($form, $values, $USER);
} else {
if ($values['password1'] !== '' || $values['password2'] !== '') {
$form->set_error('oldpassword', get_string('mustspecifyoldpassword'));
}
}
}
if ($authobj->authname == 'internal' && $values['username'] != $USER->get('username')) {
if (!AuthInternal::is_username_valid($values['username'])) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
}
}
function accountprefs_validate(Pieform $form, $values)
{
global $USER;
$authobj = AuthFactory::create($USER->authinstance);
if (isset($values['oldpassword'])) {
if ($values['oldpassword'] !== '') {
global $USER, $authtype, $authclass;
try {
if (!$authobj->authenticate_user_account($USER, $values['oldpassword'])) {
$form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account'));
return;
}
} catch (UserException $e) {
$form->set_error('oldpassword', $e->getMessage());
return;
}
password_validate($form, $values, $USER);
} else {
if ($values['password1'] !== '' || $values['password2'] !== '') {
$form->set_error('oldpassword', get_string('mustspecifyoldpassword'));
}
}
}
if ($authobj->authname == 'internal' && $values['username'] != $USER->get('username')) {
if (!AuthInternal::is_username_valid($values['username'])) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', array(strtolower($values['username'])))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
}
if (isset($values['urlid']) && get_config('cleanurls') && $values['urlid'] != $USER->get('urlid')) {
if (strlen($values['urlid']) < 3) {
$form->set_error('urlid', get_string('rule.minlength.minlength', 'pieforms', 3));
} else {
if (record_exists('usr', 'urlid', $values['urlid'])) {
$form->set_error('urlid', get_string('urlalreadytaken', 'account'));
}
}
}
if (get_config('allowmobileuploads')) {
foreach ($values['mobileuploadtoken'] as $k => $text) {
if (strlen($text) > 0 && !preg_match('/^[a-zA-Z0-9 !@#$%^&*()\\-_=+\\[{\\]};:\'",<\\.>\\/?]{6,}$/', $text)) {
$form->set_error('mobileuploadtoken', get_string('badmobileuploadtoken', 'account'));
}
}
}
plugin_account_prefs_validate($form, $values);
}
function requiredfields_validate(Pieform $form, $values)
{
global $USER;
if (isset($values['password1'])) {
// Get the authentication type for the user, and
// use the information to validate the password
$authobj = AuthFactory::create($USER->authinstance);
// @todo this could be done by a custom form rule... 'password' => $user
password_validate($form, $values, $USER);
// The password cannot be the same as the old one
try {
if (!$form->get_error('password1') && $authobj->authenticate_user_account($USER, $values['password1'])) {
$form->set_error('password1', get_string('passwordnotchanged'));
}
} catch (AuthInstanceException $e) {
$form->set_error('password1', $e->getMessage());
}
if ($authobj->authname == 'internal' && isset($values['username']) && $values['username'] != $USER->get('username')) {
if (!AuthInternal::is_username_valid($values['username'])) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
}
}
// Check if email has been taken
if (isset($values['email']) && record_exists('artefact_internal_profile_email', 'email', $values['email'])) {
$form->set_error('email', get_string('unvalidatedemailalreadytaken', 'artefact.internal'));
}
// Check if the socialprofile url is valid.
if (isset($values['socialprofile_hidden']) && $values['socialprofile_hidden'] && $values['socialprofile_profiletype'] == 'webpage' && !filter_var($values['socialprofile_profileurl'], FILTER_VALIDATE_URL)) {
$form->set_error('socialprofile_profileurl', get_string('notvalidprofileurl', 'artefact.internal'));
}
}
/**
* Given a password that the user has sent, the password we have for them
* and the salt we have, see if the password they sent is correct.
*
* @param string $theysent The password the user sent
* @param string $wehave The password we have in the database for them
* @param string $salt The salt we have.
*/
protected function validate_password($theysent, $wehave, $salt)
{
$this->must_be_ready();
$validate = parent::validate_password($theysent, $wehave, $salt);
return !empty($validate) ? true : false;
}
function requiredfields_validate(Pieform $form, $values)
{
global $USER;
if (!isset($values['password1'])) {
return true;
}
// Get the authentication type for the user, and
// use the information to validate the password
$authobj = AuthFactory::create($USER->authinstance);
// @todo this could be done by a custom form rule... 'password' => $user
password_validate($form, $values, $USER);
// The password cannot be the same as the old one
try {
if (!$form->get_error('password1') && $authobj->authenticate_user_account($USER, $values['password1'])) {
$form->set_error('password1', get_string('passwordnotchanged'));
}
} catch (AuthInstanceException $e) {
$form->set_error('password1', $e->getMessage());
}
if ($authobj->authname == 'internal' && isset($values['username']) && $values['username'] != $USER->get('username')) {
if (!AuthInternal::is_username_valid($values['username'])) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
}
}
function register_submit(Pieform $form, $values)
{
global $SESSION;
// store password encrypted
// don't die_info, since reloading the page shows the login form.
// instead, redirect to some other page that says this
safe_require('auth', 'internal');
$values['salt'] = substr(md5(rand(1000000, 9999999)), 2, 8);
$values['password'] = AuthInternal::encrypt_password($values['password1'], $values['salt']);
$values['key'] = get_random_key();
// @todo the expiry date should be configurable
$values['expiry'] = db_format_timestamp(time() + 86400);
$values['lang'] = $SESSION->get('lang');
try {
insert_record('usr_registration', $values);
$f = fopen('/tmp/donal.txt', 'w');
fwrite($f, get_string('registeredemailmessagetext', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('sitename')));
$user = (object) $values;
$user->admin = 0;
$user->staff = 0;
email_user($user, null, get_string('registeredemailsubject', 'auth.internal', get_config('sitename')), get_string('registeredemailmessagetext', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('sitename')), get_string('registeredemailmessagehtml', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('wwwroot'), $values['key'], get_config('sitename')));
} catch (EmailException $e) {
log_warn($e);
die_info(get_string('registrationunsuccessful', 'auth.internal'));
} catch (SQLException $e) {
log_warn($e);
die_info(get_string('registrationunsuccessful', 'auth.internal'));
}
// Add a marker in the session to say that the user has registered
$_SESSION['registered'] = true;
redirect('/register.php');
}
function accountprefs_validate(Pieform $form, $values)
{
global $USER;
$authobj = AuthFactory::create($USER->authinstance);
if (isset($values['oldpassword'])) {
if ($values['oldpassword'] !== '') {
global $USER, $authtype, $authclass;
try {
if (!$authobj->authenticate_user_account($USER, $values['oldpassword'])) {
$form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account'));
return;
}
} catch (UserException $e) {
$form->set_error('oldpassword', $e->getMessage());
return;
}
password_validate($form, $values, $USER);
} else {
if ($values['password1'] !== '' || $values['password2'] !== '') {
$form->set_error('oldpassword', get_string('mustspecifyoldpassword'));
}
}
}
if ($authobj->authname == 'internal' && $values['username'] != $USER->get('username')) {
if (!AuthInternal::is_username_valid($values['username'])) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
}
// Don't let users turn multiple blogs off unless they only have 1 blog
if ($USER->get_account_preference('multipleblogs') && empty($values['multipleblogs']) && count_records('artefact', 'artefacttype', 'blog', 'owner', $USER->get('id')) != 1) {
$form->set_error('multipleblogs', get_string('disablemultipleblogserror', 'account'));
}
}
