<?php
require_once '../../config.php';
require_once './lib.php';
$retVal = true;
$tokenParam = optional_param('token', null, PARAM_ALPHANUM);
// if token value is POSTed in then it has come from a form. else it has come from querystring
if (isset($_POST['token']) === true) {
$SESSION->tokenFrom = empty($_SERVER['HTTP_REFERER']) === false ? $_SERVER['HTTP_REFERER'] : $CFG->wwwroot;
}
if (empty($tokenParam) === true) {
$retVal = 2;
} else {
$plugin = new enrol_token_plugin();
// try enrolment, and return back here after user logs in
$courseId = 0;
$retVal = $plugin->doEnrolment($tokenParam, $courseId, "{$FULLME}?token={$tokenParam}");
}
$goToUrl = empty($SESSION->tokenFrom) ? $CFG->wwwroot : $SESSION->tokenFrom;
unset($SESSION->tokenFrom);
// if there are no errors, redirect to course page
if ($retVal === true) {
require_once "{$CFG->dirroot}/course/lib.php";
redirect(course_get_url($courseId));
}
// errors
// overwrite any existing tokenerr query parameter
$params = array();
parse_str(parse_url($goToUrl, PHP_URL_QUERY), $params);
$params['tokenerr'] = $retVal;
redirect(strtok($goToUrl, '?') . '?' . http_build_query($params));
function user_signup($user, $notify = false)
{
global $CFG, $DB, $SESSION;
require_once $CFG->dirroot . '/user/profile/lib.php';
require_once $CFG->dirroot . '/enrol/token/lib.php';
$lang = empty($user->lang) ? $CFG->lang : $user->lang;
$site = get_site();
$supportuser = core_user::get_support_user();
$newpassword = generate_password();
// the token the user entered (which is now validated)
$tokenValue = $user->token;
$newuser = new stdClass();
$newuser->auth = 'token';
// since technially this auth plugin is a skin
$newuser->firstname = $user->firstname;
$newuser->lastname = $user->lastname;
$newuser->password = hash_internal_user_password($newpassword, false);
$newuser->policyagreed = 1;
// might need to put this in somewhere
$newuser->username = $user->email;
$newuser->email = $user->email;
$newuser->lastip = getremoteaddr();
$newuser->timecreated = time();
$newuser->timemodified = $newuser->timecreated;
$newuser->mnethostid = $CFG->mnet_localhost_id;
$newuser = self::truncate_user_obj($newuser);
if (($newuser->id = $DB->insert_record('user', $newuser)) === false) {
notice(get_string('signupfailure', 'auth_token'), $CFG->wwwroot);
return false;
}
$user = get_complete_user_data('id', $newuser->id);
\core\event\user_created::create_from_userid($user->id)->trigger();
// just the query part of post-login redirect
$params = empty($SESSION->wantsurl) === true ? '' : parse_url($SESSION->wantsurl, PHP_URL_QUERY);
$a = new stdClass();
$a->firstname = $user->firstname;
$a->lastname = $user->lastname;
$a->username = $user->username;
$a->password = $newpassword;
$a->sitename = format_string($site->fullname);
$a->link = $CFG->wwwroot . '/auth/token/login.php?' . $params;
$a->signoff = generate_email_signoff();
$message = (string) new lang_string('signup_userregoemail', 'auth_token', $a, $lang);
$subject = format_string($site->fullname) . ': ' . (string) new lang_string('newusernewpasswordsubj', '', $a, $lang);
// Directly email rather than using the messaging system to ensure its not routed to a popup or jabber.
email_to_user($user, $supportuser, $subject, $message);
// log the user in immediately
if (($user = authenticate_user_login($user->username, $newpassword)) === false || complete_user_login($user) == null) {
notice(get_string('autologinfailure', 'auth_token'), $CFG->wwwroot);
return false;
}
// now, actually DO the enrolment for this course / user
$token_plugin = new enrol_token_plugin();
$courseId = 0;
$return_to_url = empty($SESSION->wantsurl) === true ? $CFG->wwwroot : $SESSION->wantsurl;
$enrolled_ok = $token_plugin->doEnrolment($tokenValue, $courseId, $return_to_url);
if ($enrolled_ok == true) {
redirect($return_to_url);
}
return $enrolled_ok == true;
}
function validation($data, $files)
{
global $CFG, $DB;
$errors = parent::validation($data, $files);
$authplugin = get_auth_plugin($CFG->registerauth);
if (empty(trim($data['username']))) {
$errors['username'] = get_string('missingemail');
}
if (!isset($errors['username'])) {
if ($DB->record_exists('user', array('username' => $data['username'], 'mnethostid' => $CFG->mnet_localhost_id))) {
$errors['username'] = get_string('usernameexists');
}
if ($authplugin->user_exists($data['username'])) {
$errors['username'] = get_string('usernameexists');
}
if (!validate_email($data['username'])) {
$errors['username'] = get_string('invalidemail');
} else {
if ($DB->record_exists('user', array('email' => $data['username']))) {
$errors['username'] = get_string('emailexists');
// . ' <a href="forgot_password.php">' . get_string('newpassword') . '?</a>';
}
}
}
if (!isset($errors['username'])) {
if ($err = email_is_not_allowed($data['username'])) {
$errors['username'] = $err;
}
}
require_once $CFG->dirroot . '/enrol/token/lib.php';
$tokenValue = $data['token'];
$tve = enrol_token_plugin::getTokenValidationErrors($tokenValue);
if (isset($tve) && $tve !== '') {
$errors['token'] = $tve;
}
return $errors;
}
public static function getTokenValidationErrors($value)
{
global $DB;
if ($row = $DB->get_record('enrol_token_tokens', array('id' => $value), 'courseid, seatsavailable, numseats, timeexpire')) {
$inst = self::getInstanceDataForCourse($row->courseid);
// is static
if (!$inst) {
return 'Token enrolment is not yet set up for this course';
// that's a showstopper, for sure
} else {
if ($row->seatsavailable <= 0) {
return 'No places remaining on this token (' . $row->numseats . ' used)';
// get_string('noseatsavailable', 'enrol_token');
} else {
if ($row->timeexpire != 0 && $row->timeexpire < time()) {
return 'Token has expired';
//get_string('tokenexpired', 'enrol_token');
} else {
if ($inst && enrol_token_plugin::isThrottled($value, $inst) === true) {
return get_string('toomanyattempts', 'enrol_token');
} else {
if ($inst && $inst->enrolstartdate != 0 and $inst->enrolstartdate > time()) {
return 'Enrolment begins ' . userdate($inst->enrolstartdate);
} else {
if ($inst && $inst->enrolstartdate != 0 and $inst->enrolstartdate < time()) {
return 'Enrolment ended ' . userdate($inst->enrolstartdate);
} else {
if ($inst && !$inst->customint6) {
return 'Tokens have been disabled';
}
}
}
}
}
}
}
return '';
} else {
return 'Invalid token (not found)';
}
}
