<?php require_once '../../config.php'; require_once './lib.php'; $retVal = true; $tokenParam = optional_param('token', null, PARAM_ALPHANUM); // if token value is POSTed in then it has come from a form. else it has come from querystring if (isset($_POST['token']) === true) { $SESSION->tokenFrom = empty($_SERVER['HTTP_REFERER']) === false ? $_SERVER['HTTP_REFERER'] : $CFG->wwwroot; } if (empty($tokenParam) === true) { $retVal = 2; } else { $plugin = new enrol_token_plugin(); // try enrolment, and return back here after user logs in $courseId = 0; $retVal = $plugin->doEnrolment($tokenParam, $courseId, "{$FULLME}?token={$tokenParam}"); } $goToUrl = empty($SESSION->tokenFrom) ? $CFG->wwwroot : $SESSION->tokenFrom; unset($SESSION->tokenFrom); // if there are no errors, redirect to course page if ($retVal === true) { require_once "{$CFG->dirroot}/course/lib.php"; redirect(course_get_url($courseId)); } // errors // overwrite any existing tokenerr query parameter $params = array(); parse_str(parse_url($goToUrl, PHP_URL_QUERY), $params); $params['tokenerr'] = $retVal; redirect(strtok($goToUrl, '?') . '?' . http_build_query($params));
function user_signup($user, $notify = false) { global $CFG, $DB, $SESSION; require_once $CFG->dirroot . '/user/profile/lib.php'; require_once $CFG->dirroot . '/enrol/token/lib.php'; $lang = empty($user->lang) ? $CFG->lang : $user->lang; $site = get_site(); $supportuser = core_user::get_support_user(); $newpassword = generate_password(); // the token the user entered (which is now validated) $tokenValue = $user->token; $newuser = new stdClass(); $newuser->auth = 'token'; // since technially this auth plugin is a skin $newuser->firstname = $user->firstname; $newuser->lastname = $user->lastname; $newuser->password = hash_internal_user_password($newpassword, false); $newuser->policyagreed = 1; // might need to put this in somewhere $newuser->username = $user->email; $newuser->email = $user->email; $newuser->lastip = getremoteaddr(); $newuser->timecreated = time(); $newuser->timemodified = $newuser->timecreated; $newuser->mnethostid = $CFG->mnet_localhost_id; $newuser = self::truncate_user_obj($newuser); if (($newuser->id = $DB->insert_record('user', $newuser)) === false) { notice(get_string('signupfailure', 'auth_token'), $CFG->wwwroot); return false; } $user = get_complete_user_data('id', $newuser->id); \core\event\user_created::create_from_userid($user->id)->trigger(); // just the query part of post-login redirect $params = empty($SESSION->wantsurl) === true ? '' : parse_url($SESSION->wantsurl, PHP_URL_QUERY); $a = new stdClass(); $a->firstname = $user->firstname; $a->lastname = $user->lastname; $a->username = $user->username; $a->password = $newpassword; $a->sitename = format_string($site->fullname); $a->link = $CFG->wwwroot . '/auth/token/login.php?' . $params; $a->signoff = generate_email_signoff(); $message = (string) new lang_string('signup_userregoemail', 'auth_token', $a, $lang); $subject = format_string($site->fullname) . ': ' . (string) new lang_string('newusernewpasswordsubj', '', $a, $lang); // Directly email rather than using the messaging system to ensure its not routed to a popup or jabber. email_to_user($user, $supportuser, $subject, $message); // log the user in immediately if (($user = authenticate_user_login($user->username, $newpassword)) === false || complete_user_login($user) == null) { notice(get_string('autologinfailure', 'auth_token'), $CFG->wwwroot); return false; } // now, actually DO the enrolment for this course / user $token_plugin = new enrol_token_plugin(); $courseId = 0; $return_to_url = empty($SESSION->wantsurl) === true ? $CFG->wwwroot : $SESSION->wantsurl; $enrolled_ok = $token_plugin->doEnrolment($tokenValue, $courseId, $return_to_url); if ($enrolled_ok == true) { redirect($return_to_url); } return $enrolled_ok == true; }
function validation($data, $files) { global $CFG, $DB; $errors = parent::validation($data, $files); $authplugin = get_auth_plugin($CFG->registerauth); if (empty(trim($data['username']))) { $errors['username'] = get_string('missingemail'); } if (!isset($errors['username'])) { if ($DB->record_exists('user', array('username' => $data['username'], 'mnethostid' => $CFG->mnet_localhost_id))) { $errors['username'] = get_string('usernameexists'); } if ($authplugin->user_exists($data['username'])) { $errors['username'] = get_string('usernameexists'); } if (!validate_email($data['username'])) { $errors['username'] = get_string('invalidemail'); } else { if ($DB->record_exists('user', array('email' => $data['username']))) { $errors['username'] = get_string('emailexists'); // . ' <a href="forgot_password.php">' . get_string('newpassword') . '?</a>'; } } } if (!isset($errors['username'])) { if ($err = email_is_not_allowed($data['username'])) { $errors['username'] = $err; } } require_once $CFG->dirroot . '/enrol/token/lib.php'; $tokenValue = $data['token']; $tve = enrol_token_plugin::getTokenValidationErrors($tokenValue); if (isset($tve) && $tve !== '') { $errors['token'] = $tve; } return $errors; }
public static function getTokenValidationErrors($value) { global $DB; if ($row = $DB->get_record('enrol_token_tokens', array('id' => $value), 'courseid, seatsavailable, numseats, timeexpire')) { $inst = self::getInstanceDataForCourse($row->courseid); // is static if (!$inst) { return 'Token enrolment is not yet set up for this course'; // that's a showstopper, for sure } else { if ($row->seatsavailable <= 0) { return 'No places remaining on this token (' . $row->numseats . ' used)'; // get_string('noseatsavailable', 'enrol_token'); } else { if ($row->timeexpire != 0 && $row->timeexpire < time()) { return 'Token has expired'; //get_string('tokenexpired', 'enrol_token'); } else { if ($inst && enrol_token_plugin::isThrottled($value, $inst) === true) { return get_string('toomanyattempts', 'enrol_token'); } else { if ($inst && $inst->enrolstartdate != 0 and $inst->enrolstartdate > time()) { return 'Enrolment begins ' . userdate($inst->enrolstartdate); } else { if ($inst && $inst->enrolstartdate != 0 and $inst->enrolstartdate < time()) { return 'Enrolment ended ' . userdate($inst->enrolstartdate); } else { if ($inst && !$inst->customint6) { return 'Tokens have been disabled'; } } } } } } } return ''; } else { return 'Invalid token (not found)'; } }