function exporteuropassform_validate(Pieform $form, $values)
{
global $SESSION;
require_once 'file.php';
$filename = $values['photograph']['tmp_name'];
if ($filename != null) {
$filesize = filesize($filename);
$imageinfo = getimagesize($filename);
// Photograph file is not a valid image file!
if (!$imageinfo || !is_image_type($imageinfo[2])) {
$SESSION->add_info_msg(get_string('filenotimage'));
redirect('/artefact/europass/export.php');
}
// Size of the photograph can't be larger than 100 kB - this is Europass demand!
if ($filesize > 100 * 1024) {
$SESSION->add_info_msg(get_string('phototoolarge', 'artefact.europass'));
redirect('/artefact/europass/export.php');
}
}
}
/**
* Grab a delegate object for auth stuff
*/
public function request_user_authorise($token, $remotewwwroot)
{
global $USER, $SESSION;
$this->must_be_ready();
$peer = get_peer($remotewwwroot);
if ($peer->deleted != 0 || $this->config['theyssoin'] != 1) {
throw new XmlrpcClientException('We don\'t accept SSO connections from ' . institution_display_name($peer->institution));
}
$client = new Client();
$client->set_method('auth/mnet/auth.php/user_authorise')->add_param($token)->add_param(sha1($_SERVER['HTTP_USER_AGENT']))->send($remotewwwroot);
$remoteuser = (object) $client->response;
if (empty($remoteuser) or !property_exists($remoteuser, 'username')) {
// Caught by land.php
throw new AccessDeniedException();
}
$create = false;
$update = false;
if ('1' == $this->config['updateuserinfoonlogin']) {
$update = true;
}
// Retrieve a $user object. If that fails, create a blank one.
try {
$user = new User();
if (get_config('usersuniquebyusername')) {
// When turned on, this setting means that it doesn't matter
// which other application the user SSOs from, they will be
// given the same account in Mahara.
//
// This setting is one that has security implications unless
// only turned on by people who know what they're doing. In
// particular, every system linked to Mahara should be making
// sure that same username == same person. This happens for
// example if two Moodles are using the same LDAP server for
// authentication.
//
// If this setting is on, it must NOT be possible to self
// register on the site for ANY institution - otherwise users
// could simply pick usernames of people's accounts they wished
// to steal.
if ($institutions = get_column('institution', 'name', 'registerallowed', '1')) {
log_warn("usersuniquebyusername is turned on but registration is allowed for an institution. " . "No institution can have registration allowed for it, for security reasons.\n" . "The following institutions have registration enabled:\n " . join("\n ", $institutions));
throw new AccessDeniedException();
}
if (!get_config('usersallowedmultipleinstitutions')) {
log_warn("usersuniquebyusername is turned on but usersallowedmultipleinstitutions is off. " . "This makes no sense, as users will then change institution every time they log in from " . "somewhere else. Please turn this setting on in Site Options");
throw new AccessDeniedException();
}
$user->find_by_username($remoteuser->username);
} else {
$user->find_by_instanceid_username($this->instanceid, $remoteuser->username, true);
}
if ($user->get('suspendedcusr')) {
die_info(get_string('accountsuspended', 'mahara', strftime(get_string('strftimedaydate'), $user->get('suspendedctime')), $user->get('suspendedreason')));
}
} catch (AuthUnknownUserException $e) {
if (!empty($this->config['weautocreateusers'])) {
$institution = new Institution($this->institution);
if ($institution->isFull()) {
$institution->send_admin_institution_is_full_message();
throw new XmlrpcClientException('SSO attempt from ' . $institution->displayname . ' failed - institution is full');
}
$user = new User();
$create = true;
} else {
log_debug("User authorisation request from {$remotewwwroot} failed - " . "remote user '{$remoteuser->username}' is unknown to us and auto creation of users is turned off");
return false;
}
}
/*******************************************/
if ($create) {
$user->passwordchange = 1;
$user->active = 1;
$user->deleted = 0;
//TODO: import institution's expiry?:
//$institution = new Institution($peer->institution);
$user->expiry = null;
$user->expirymailsent = 0;
$user->lastlogin = time();
$user->firstname = $remoteuser->firstname;
$user->lastname = $remoteuser->lastname;
$user->email = $remoteuser->email;
$imported = array('firstname', 'lastname', 'email');
//TODO: import institution's per-user-quota?:
//$user->quota = $userrecord->quota;
$user->authinstance = empty($this->config['parent']) ? $this->instanceid : $this->parent;
db_begin();
$user->username = get_new_username($remoteuser->username);
$user->id = create_user($user, array(), $this->institution, $this, $remoteuser->username);
$locked = $this->import_user_settings($user, $remoteuser);
$locked = array_merge($imported, $locked);
/*
* We need to convert the object to a stdclass with its own
* custom method because it uses overloaders in its implementation
* and its properties wouldn't be visible to a simple cast operation
* like (array)$user
*/
$userobj = $user->to_stdclass();
$userarray = (array) $userobj;
db_commit();
// Now we have fired the create event, we need to re-get the data
// for this user
$user = new User();
$user->find_by_id($userobj->id);
} elseif ($update) {
$imported = array('firstname', 'lastname', 'email');
foreach ($imported as $field) {
if ($user->{$field} != $remoteuser->{$field}) {
$user->{$field} = $remoteuser->{$field};
set_profile_field($user->id, $field, $user->{$field});
}
}
if (isset($remoteuser->idnumber)) {
if ($user->studentid != $remoteuser->idnumber) {
$user->studentid = $remoteuser->idnumber;
set_profile_field($user->id, 'studentid', $user->studentid);
}
$imported[] = 'studentid';
}
$locked = $this->import_user_settings($user, $remoteuser);
$locked = array_merge($imported, $locked);
$user->lastlastlogin = $user->lastlogin;
$user->lastlogin = time();
//TODO: import institution's per-user-quota?:
//$user->quota = $userrecord->quota;
$user->commit();
}
if (get_config('usersuniquebyusername')) {
// Add them to the institution they have SSOed in by
$user->join_institution($peer->institution);
}
// See if we need to create/update a profile Icon image
if ($create || $update) {
$client->set_method('auth/mnet/auth.php/fetch_user_image')->add_param($remoteuser->username)->send($remotewwwroot);
$imageobject = (object) $client->response;
$u = preg_replace('/[^A-Za-z0-9 ]/', '', $user->username);
$filename = get_config('dataroot') . 'temp/mpi_' . intval($this->instanceid) . '_' . $u;
if (array_key_exists('f1', $client->response)) {
$imagecontents = base64_decode($client->response['f1']);
if (file_put_contents($filename, $imagecontents)) {
$imageexists = false;
$icons = false;
if ($update) {
$newchecksum = sha1_file($filename);
$icons = get_records_select_array('artefact', 'artefacttype = \'profileicon\' AND owner = ? ', array($user->id), '', 'id');
if (false != $icons) {
foreach ($icons as $icon) {
$iconfile = get_config('dataroot') . 'artefact/file/profileicons/originals/' . $icon->id % 256 . '/' . $icon->id;
$checksum = sha1_file($iconfile);
if ($newchecksum == $checksum) {
$imageexists = true;
unlink($filename);
break;
}
}
}
}
if (false == $imageexists) {
$filesize = filesize($filename);
if (!$user->quota_allowed($filesize)) {
$error = get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot'));
}
require_once 'file.php';
$imagesize = getimagesize($filename);
if (!$imagesize || !is_image_type($imagesize[2])) {
$error = get_string('filenotimage');
}
$mime = $imagesize['mime'];
$width = $imagesize[0];
$height = $imagesize[1];
$imagemaxwidth = get_config('imagemaxwidth');
$imagemaxheight = get_config('imagemaxheight');
if ($width > $imagemaxwidth || $height > $imagemaxheight) {
$error = get_string('profileiconimagetoobig', 'artefact.file', $width, $height, $imagemaxwidth, $imagemaxheight);
}
try {
$user->quota_add($filesize);
} catch (QuotaException $qe) {
$error = get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot'));
}
require_once get_config('docroot') . '/artefact/lib.php';
require_once get_config('docroot') . '/artefact/file/lib.php';
// Entry in artefact table
$artefact = new ArtefactTypeProfileIcon();
$artefact->set('owner', $user->id);
$artefact->set('parent', ArtefactTypeFolder::get_folder_id(get_string('imagesdir', 'artefact.file'), get_string('imagesdirdesc', 'artefact.file'), null, true, $user->id));
$artefact->set('title', ArtefactTypeFileBase::get_new_file_title(get_string('profileicon', 'artefact.file'), (int) $artefact->get('parent'), $user->id));
// unique title
$artefact->set('description', get_string('uploadedprofileicon', 'artefact.file'));
$artefact->set('note', get_string('profileicon', 'artefact.file'));
$artefact->set('size', $filesize);
$artefact->set('filetype', $mime);
$artefact->set('width', $width);
$artefact->set('height', $height);
$artefact->commit();
$id = $artefact->get('id');
// Move the file into the correct place.
$directory = get_config('dataroot') . 'artefact/file/profileicons/originals/' . $id % 256 . '/';
check_dir_exists($directory);
rename($filename, $directory . $id);
if ($create || empty($icons)) {
$user->profileicon = $id;
}
}
$user->commit();
} else {
log_warn(get_string('cantcreatetempprofileiconfile', 'artefact.file', $filename));
}
}
if ($update) {
$locked[] = 'profileicon';
}
}
/*******************************************/
// We know who our user is now. Bring her back to life.
$USER->reanimate($user->id, $this->instanceid);
// Set session variables to let the application know this session was
// initiated by MNET. Don't forget that users could initiate their
// sessions without MNET sometimes, which is why this data is stored in
// the session object.
$SESSION->set('mnetuser', $user->id);
$SESSION->set('authinstance', $this->instanceid);
if (isset($_SERVER['HTTP_REFERER'])) {
$SESSION->set('mnetuserfrom', $_SERVER['HTTP_REFERER']);
}
if ($update && isset($locked)) {
$SESSION->set('lockedfields', $locked);
}
return true;
}
/**
* Given path to a file, returns whether Mahara thinks it is a valid image file.
*
* Not all image types are valid for Mahara. Mahara supports JPEG, PNG, GIF
* and BMP.
*
* @param string $path The file to check
* @return boolean Whether the file is a valid image file for Mahara
*/
function is_image_file($path)
{
if (function_exists('exif_imagetype')) {
// exif_imagetype is faster
// surpressing errors because exif_imagetype spews "read error!" to the logs on small files
// http://nz.php.net/manual/en/function.exif-imagetype.php#79283
if (!($type = @exif_imagetype($path))) {
return false;
}
} else {
// getimagesize returns the same answer
if (!(list($width, $height, $type) = getimagesize($path))) {
return false;
}
}
return is_image_type($type);
}
function institution_validate(Pieform $form, $values)
{
global $USER;
if (!empty($values['name']) && !$form->get_error('name') && record_exists('institution', 'name', $values['name'])) {
$form->set_error('name', get_string('institutionnamealreadytaken', 'admin'));
}
if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
if (get_config_plugin('artefact', 'file', 'maxquotaenabled') && get_config_plugin('artefact', 'file', 'maxquota') < $values['defaultquota']) {
$form->set_error('defaultquota', get_string('maxquotatoolow', 'artefact.file'));
}
}
if (get_config('licensemetadata') && !empty($values['licensemandatory']) && (isset($values['licensedefault']) && $values['licensedefault'] == '')) {
$form->set_error('licensedefault', get_string('licensedefaultmandatory', 'admin'));
}
// Check uploaded logo
if (!empty($values['logo'])) {
require_once 'file.php';
require_once 'uploadmanager.php';
$um = new upload_manager('logo');
if ($error = $um->preprocess_file()) {
$form->set_error('logo', $error);
return false;
}
$imageinfo = getimagesize($values['logo']['tmp_name']);
if (!$imageinfo || !is_image_type($imageinfo[2])) {
$form->set_error('logo', get_string('filenotimage'));
return false;
}
// Check the file isn't greater than the max allowable size
$width = $imageinfo[0];
$height = $imageinfo[1];
$imagemaxwidth = get_config('imagemaxwidth');
$imagemaxheight = get_config('imagemaxheight');
if ($width > $imagemaxwidth || $height > $imagemaxheight) {
$form->set_error('logo', get_string('profileiconimagetoobig', 'artefact.file', $width, $height, $imagemaxwidth, $imagemaxheight));
}
}
if (!empty($values['lang']) && $values['lang'] != 'sitedefault' && !array_key_exists($values['lang'], get_languages())) {
$form->set_error('lang', get_string('institutionlanginvalid', 'admin'));
}
// Validate plugins settings.
plugin_institution_prefs_validate($form, $values);
}
function upload_validate(Pieform $form, $values)
{
global $USER, $filesize;
require_once 'file.php';
require_once 'uploadmanager.php';
$um = new upload_manager('file');
if ($error = $um->preprocess_file()) {
$form->set_error('file', $error);
return false;
}
$imageinfo = getimagesize($values['file']['tmp_name']);
if (!$imageinfo || !is_image_type($imageinfo[2])) {
$form->set_error('file', get_string('filenotimage'));
return false;
}
if (get_field('artefact', 'COUNT(*)', 'artefacttype', 'profileicon', 'owner', $USER->id) >= 5) {
$form->set_error('file', get_string('onlyfiveprofileicons', 'artefact.file'));
return false;
}
$filesize = $um->file['size'];
if (!$USER->quota_allowed($filesize)) {
$form->set_error('file', get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot')));
return false;
}
// Check the file isn't greater than the max allowable size
$width = $imageinfo[0];
$height = $imageinfo[1];
$imagemaxwidth = get_config('imagemaxwidth');
$imagemaxheight = get_config('imagemaxheight');
if ($width > $imagemaxwidth || $height > $imagemaxheight) {
$form->set_error('file', get_string('profileiconimagetoobig', 'artefact.file', $width, $height, $imagemaxwidth, $imagemaxheight));
}
}
}
// user check
// id check
// path check
$file = $_POST['file'];
$arr = explode("/", $file);
$id = $arr[1];
if (!$id) {
echo json_encode(array('result' => false, 'message' => 'Not found'));
exit;
}
$m = new MongoClient();
// select a rowbase
$db = $m->store;
$components = $db->components;
$row = $components->findOne(array('_id' => new MongoId($id)));
$isMy = true;
if ($id && ($row['login_type'] != $_SESSION['login_type'] || $row['userid'] != $_SESSION['userid'])) {
echo json_encode(array('result' => false, 'message' => 'Access denined.'));
exit;
}
$real_path = realpath(REPOSITORY . $file);
//var_dump($real_path, $_POST);
$content = $_POST['content'];
if (is_image_type($real_path)) {
$content = explode(",", $content);
$type = array_shift($content);
$content = base64_decode($content[0]);
}
file_put_contents($real_path, $content);
echo json_encode(array('result' => true));
/**
* Given path to a file, returns whether Mahara thinks it is a valid image file.
*
* Not all image types are valid for Mahara. Mahara supports JPEG, PNG, GIF
* and BMP.
*
* @param string $path The file to check
* @return boolean Whether the file is a valid image file for Mahara
*/
function is_image_file($path)
{
if (function_exists('exif_imagetype')) {
// exif_imagetype is faster
if (!($type = exif_imagetype($path))) {
return false;
}
} else {
// getimagesize returns the same answer
if (!(list($width, $height, $type) = getimagesize($path))) {
return false;
}
}
return is_image_type($type);
}
function validate_ad_photo($photo, &$error, &$error_list)
{
if (isset($photo) && !empty($photo['name'])) {
if (empty($photo['size']) || empty($photo['name']) || empty($photo['tmp_name'])) {
$error = true;
$error_list['photo_error'] = sprintf(LANG_POST_EM_PHOTO_ERROR, PHOTO_SIZE_LIMIT);
} else {
if ($photo['size'] > PHOTO_SIZE_LIMIT) {
$error = true;
$error_list['photo_size'] = sprintf(LANG_POST_EM_PHOTO_IS_BIG, PHOTO_SIZE_LIMIT);
}
if (!is_image_type($photo['name'], $photo['type'], $photo['tmp_name'])) {
$error = true;
$error_list['photo_type'] = sprintf(LANG_POST_EM_PHOTO_WRONG_TYPE, PHOTO_TYPES);
}
}
}
}
