function accountprefs_validate(Pieform $form, $values) { global $USER; $authobj = AuthFactory::create($USER->authinstance); if (isset($values['oldpassword'])) { if ($values['oldpassword'] !== '') { global $USER, $authtype, $authclass; if (!$authobj->authenticate_user_account($USER, $values['oldpassword'])) { $form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account')); return; } password_validate($form, $values, $USER); } else { if ($values['password1'] !== '' || $values['password2'] !== '') { $form->set_error('oldpassword', get_string('mustspecifyoldpassword')); } } } if ($authobj->authname == 'internal' && $values['username'] != $USER->get('username')) { if (!AuthInternal::is_username_valid($values['username'])) { $form->set_error('username', get_string('usernameinvalidform', 'auth.internal')); } if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) { $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal')); } } }
function accountprefs_validate(Pieform $form, $values) { global $USER; $authobj = AuthFactory::create($USER->authinstance); if (isset($values['oldpassword'])) { if ($values['oldpassword'] !== '') { global $USER, $authtype, $authclass; try { if (!$authobj->authenticate_user_account($USER, $values['oldpassword'])) { $form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account')); return; } } catch (UserException $e) { $form->set_error('oldpassword', $e->getMessage()); return; } password_validate($form, $values, $USER); } else { if ($values['password1'] !== '' || $values['password2'] !== '') { $form->set_error('oldpassword', get_string('mustspecifyoldpassword')); } } } if ($authobj->authname == 'internal' && $values['username'] != $USER->get('username')) { if (!AuthInternal::is_username_valid($values['username'])) { $form->set_error('username', get_string('usernameinvalidform', 'auth.internal')); } if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', array(strtolower($values['username'])))) { $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal')); } } if (isset($values['urlid']) && get_config('cleanurls') && $values['urlid'] != $USER->get('urlid')) { if (strlen($values['urlid']) < 3) { $form->set_error('urlid', get_string('rule.minlength.minlength', 'pieforms', 3)); } else { if (record_exists('usr', 'urlid', $values['urlid'])) { $form->set_error('urlid', get_string('urlalreadytaken', 'account')); } } } if (get_config('allowmobileuploads')) { foreach ($values['mobileuploadtoken'] as $k => $text) { if (strlen($text) > 0 && !preg_match('/^[a-zA-Z0-9 !@#$%^&*()\\-_=+\\[{\\]};:\'",<\\.>\\/?]{6,}$/', $text)) { $form->set_error('mobileuploadtoken', get_string('badmobileuploadtoken', 'account')); } } } plugin_account_prefs_validate($form, $values); }
function requiredfields_validate(Pieform $form, $values) { global $USER; if (isset($values['password1'])) { // Get the authentication type for the user, and // use the information to validate the password $authobj = AuthFactory::create($USER->authinstance); // @todo this could be done by a custom form rule... 'password' => $user password_validate($form, $values, $USER); // The password cannot be the same as the old one try { if (!$form->get_error('password1') && $authobj->authenticate_user_account($USER, $values['password1'])) { $form->set_error('password1', get_string('passwordnotchanged')); } } catch (AuthInstanceException $e) { $form->set_error('password1', $e->getMessage()); } if ($authobj->authname == 'internal' && isset($values['username']) && $values['username'] != $USER->get('username')) { if (!AuthInternal::is_username_valid($values['username'])) { $form->set_error('username', get_string('usernameinvalidform', 'auth.internal')); } if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) { $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal')); } } } // Check if email has been taken if (isset($values['email']) && record_exists('artefact_internal_profile_email', 'email', $values['email'])) { $form->set_error('email', get_string('unvalidatedemailalreadytaken', 'artefact.internal')); } // Check if the socialprofile url is valid. if (isset($values['socialprofile_hidden']) && $values['socialprofile_hidden'] && $values['socialprofile_profiletype'] == 'webpage' && !filter_var($values['socialprofile_profileurl'], FILTER_VALIDATE_URL)) { $form->set_error('socialprofile_profileurl', get_string('notvalidprofileurl', 'artefact.internal')); } }
/** * Given a password that the user has sent, the password we have for them * and the salt we have, see if the password they sent is correct. * * @param string $theysent The password the user sent * @param string $wehave The password we have in the database for them * @param string $salt The salt we have. */ protected function validate_password($theysent, $wehave, $salt) { $this->must_be_ready(); $validate = parent::validate_password($theysent, $wehave, $salt); return !empty($validate) ? true : false; }
function requiredfields_validate(Pieform $form, $values) { global $USER; if (!isset($values['password1'])) { return true; } // Get the authentication type for the user, and // use the information to validate the password $authobj = AuthFactory::create($USER->authinstance); // @todo this could be done by a custom form rule... 'password' => $user password_validate($form, $values, $USER); // The password cannot be the same as the old one try { if (!$form->get_error('password1') && $authobj->authenticate_user_account($USER, $values['password1'])) { $form->set_error('password1', get_string('passwordnotchanged')); } } catch (AuthInstanceException $e) { $form->set_error('password1', $e->getMessage()); } if ($authobj->authname == 'internal' && isset($values['username']) && $values['username'] != $USER->get('username')) { if (!AuthInternal::is_username_valid($values['username'])) { $form->set_error('username', get_string('usernameinvalidform', 'auth.internal')); } if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) { $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal')); } } }
function register_submit(Pieform $form, $values) { global $SESSION; // store password encrypted // don't die_info, since reloading the page shows the login form. // instead, redirect to some other page that says this safe_require('auth', 'internal'); $values['salt'] = substr(md5(rand(1000000, 9999999)), 2, 8); $values['password'] = AuthInternal::encrypt_password($values['password1'], $values['salt']); $values['key'] = get_random_key(); // @todo the expiry date should be configurable $values['expiry'] = db_format_timestamp(time() + 86400); $values['lang'] = $SESSION->get('lang'); try { insert_record('usr_registration', $values); $f = fopen('/tmp/donal.txt', 'w'); fwrite($f, get_string('registeredemailmessagetext', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('sitename'))); $user = (object) $values; $user->admin = 0; $user->staff = 0; email_user($user, null, get_string('registeredemailsubject', 'auth.internal', get_config('sitename')), get_string('registeredemailmessagetext', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('sitename')), get_string('registeredemailmessagehtml', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('wwwroot'), $values['key'], get_config('sitename'))); } catch (EmailException $e) { log_warn($e); die_info(get_string('registrationunsuccessful', 'auth.internal')); } catch (SQLException $e) { log_warn($e); die_info(get_string('registrationunsuccessful', 'auth.internal')); } // Add a marker in the session to say that the user has registered $_SESSION['registered'] = true; redirect('/register.php'); }
function accountprefs_validate(Pieform $form, $values) { global $USER; $authobj = AuthFactory::create($USER->authinstance); if (isset($values['oldpassword'])) { if ($values['oldpassword'] !== '') { global $USER, $authtype, $authclass; try { if (!$authobj->authenticate_user_account($USER, $values['oldpassword'])) { $form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account')); return; } } catch (UserException $e) { $form->set_error('oldpassword', $e->getMessage()); return; } password_validate($form, $values, $USER); } else { if ($values['password1'] !== '' || $values['password2'] !== '') { $form->set_error('oldpassword', get_string('mustspecifyoldpassword')); } } } if ($authobj->authname == 'internal' && $values['username'] != $USER->get('username')) { if (!AuthInternal::is_username_valid($values['username'])) { $form->set_error('username', get_string('usernameinvalidform', 'auth.internal')); } if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) { $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal')); } } // Don't let users turn multiple blogs off unless they only have 1 blog if ($USER->get_account_preference('multipleblogs') && empty($values['multipleblogs']) && count_records('artefact', 'artefacttype', 'blog', 'owner', $USER->get('id')) != 1) { $form->set_error('multipleblogs', get_string('disablemultipleblogserror', 'account')); } }