Exemple #1
0
function accountprefs_validate(Pieform $form, $values)
{
    global $USER;
    $authobj = AuthFactory::create($USER->authinstance);
    if (isset($values['oldpassword'])) {
        if ($values['oldpassword'] !== '') {
            global $USER, $authtype, $authclass;
            if (!$authobj->authenticate_user_account($USER, $values['oldpassword'])) {
                $form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account'));
                return;
            }
            password_validate($form, $values, $USER);
        } else {
            if ($values['password1'] !== '' || $values['password2'] !== '') {
                $form->set_error('oldpassword', get_string('mustspecifyoldpassword'));
            }
        }
    }
    if ($authobj->authname == 'internal' && $values['username'] != $USER->get('username')) {
        if (!AuthInternal::is_username_valid($values['username'])) {
            $form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
        }
        if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
            $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
        }
    }
}
Exemple #2
0
function accountprefs_validate(Pieform $form, $values)
{
    global $USER;
    $authobj = AuthFactory::create($USER->authinstance);
    if (isset($values['oldpassword'])) {
        if ($values['oldpassword'] !== '') {
            global $USER, $authtype, $authclass;
            try {
                if (!$authobj->authenticate_user_account($USER, $values['oldpassword'])) {
                    $form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account'));
                    return;
                }
            } catch (UserException $e) {
                $form->set_error('oldpassword', $e->getMessage());
                return;
            }
            password_validate($form, $values, $USER);
        } else {
            if ($values['password1'] !== '' || $values['password2'] !== '') {
                $form->set_error('oldpassword', get_string('mustspecifyoldpassword'));
            }
        }
    }
    if ($authobj->authname == 'internal' && $values['username'] != $USER->get('username')) {
        if (!AuthInternal::is_username_valid($values['username'])) {
            $form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
        }
        if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', array(strtolower($values['username'])))) {
            $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
        }
    }
    if (isset($values['urlid']) && get_config('cleanurls') && $values['urlid'] != $USER->get('urlid')) {
        if (strlen($values['urlid']) < 3) {
            $form->set_error('urlid', get_string('rule.minlength.minlength', 'pieforms', 3));
        } else {
            if (record_exists('usr', 'urlid', $values['urlid'])) {
                $form->set_error('urlid', get_string('urlalreadytaken', 'account'));
            }
        }
    }
    if (get_config('allowmobileuploads')) {
        foreach ($values['mobileuploadtoken'] as $k => $text) {
            if (strlen($text) > 0 && !preg_match('/^[a-zA-Z0-9 !@#$%^&*()\\-_=+\\[{\\]};:\'",<\\.>\\/?]{6,}$/', $text)) {
                $form->set_error('mobileuploadtoken', get_string('badmobileuploadtoken', 'account'));
            }
        }
    }
    plugin_account_prefs_validate($form, $values);
}
function requiredfields_validate(Pieform $form, $values)
{
    global $USER;
    if (isset($values['password1'])) {
        // Get the authentication type for the user, and
        // use the information to validate the password
        $authobj = AuthFactory::create($USER->authinstance);
        // @todo this could be done by a custom form rule... 'password' => $user
        password_validate($form, $values, $USER);
        // The password cannot be the same as the old one
        try {
            if (!$form->get_error('password1') && $authobj->authenticate_user_account($USER, $values['password1'])) {
                $form->set_error('password1', get_string('passwordnotchanged'));
            }
        } catch (AuthInstanceException $e) {
            $form->set_error('password1', $e->getMessage());
        }
        if ($authobj->authname == 'internal' && isset($values['username']) && $values['username'] != $USER->get('username')) {
            if (!AuthInternal::is_username_valid($values['username'])) {
                $form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
            }
            if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
                $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
            }
        }
    }
    // Check if email has been taken
    if (isset($values['email']) && record_exists('artefact_internal_profile_email', 'email', $values['email'])) {
        $form->set_error('email', get_string('unvalidatedemailalreadytaken', 'artefact.internal'));
    }
    // Check if the socialprofile url is valid.
    if (isset($values['socialprofile_hidden']) && $values['socialprofile_hidden'] && $values['socialprofile_profiletype'] == 'webpage' && !filter_var($values['socialprofile_profileurl'], FILTER_VALIDATE_URL)) {
        $form->set_error('socialprofile_profileurl', get_string('notvalidprofileurl', 'artefact.internal'));
    }
}
Exemple #4
0
function forgotpasschange_validate(Pieform $form, $values)
{
    $user = new User();
    $user->find_by_id($values['user']);
    password_validate($form, $values, $user);
}
Exemple #5
0
/**
 * Validates the form for changing the password for a user.
 *
 * Change password will only be if a URL for it exists, or a function exists.
 *
 * @param Pieform  $form   The form to check
 * @param array    $values The values to check
 */
function change_password_validate(Pieform $form, $values)
{
    global $USER;
    // Get the authentication type for the user, and
    // use the information to validate the password
    $authobj = AuthFactory::create($USER->authinstance);
    // @todo this could be done by a custom form rule... 'password' => $user
    password_validate($form, $values, $USER);
    // The password cannot be the same as the old one
    if (!$form->get_error('password1') && $authobj->authenticate_user_account($USER, $values['password1'])) {
        $form->set_error('password1', get_string('passwordnotchanged'));
    }
}
function requiredfields_validate(Pieform $form, $values)
{
    global $USER;
    if (!isset($values['password1'])) {
        return true;
    }
    // Get the authentication type for the user, and
    // use the information to validate the password
    $authobj = AuthFactory::create($USER->authinstance);
    // @todo this could be done by a custom form rule... 'password' => $user
    password_validate($form, $values, $USER);
    // The password cannot be the same as the old one
    try {
        if (!$form->get_error('password1') && $authobj->authenticate_user_account($USER, $values['password1'])) {
            $form->set_error('password1', get_string('passwordnotchanged'));
        }
    } catch (AuthInstanceException $e) {
        $form->set_error('password1', $e->getMessage());
    }
    if ($authobj->authname == 'internal' && isset($values['username']) && $values['username'] != $USER->get('username')) {
        if (!AuthInternal::is_username_valid($values['username'])) {
            $form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
        }
        if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
            $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
        }
    }
}
Exemple #7
0
/**
 * @todo add note: because the form select thing will eventually enforce
 * that the result for $values['institution'] was in the original lot,
 * and because that only allows authmethods that use 'internal' auth, we
 * can guarantee that the auth method is internal
 */
function register_validate(Pieform $form, $values)
{
    global $SESSION;
    $institution = $values['institution'];
    safe_require('auth', 'internal');
    if (!$form->get_error('username') && !AuthInternal::is_username_valid($values['username'])) {
        $form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
    }
    if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
        $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
    }
    $user = (object) $values;
    $user->authinstance = get_field('auth_instance', 'id', 'authname', 'internal', 'institution', $institution);
    password_validate($form, $values, $user);
    // First name and last name must contain at least one non whitespace
    // character, so that there's something to read
    if (!$form->get_error('firstname') && !preg_match('/\\S/', $values['firstname'])) {
        $form->set_error('firstname', $form->i18n('required'));
    }
    if (!$form->get_error('lastname') && !preg_match('/\\S/', $values['lastname'])) {
        $form->set_error('lastname', $form->i18n('required'));
    }
    // The e-mail address cannot already be in the system
    if (!$form->get_error('email') && (record_exists('usr', 'email', $values['email']) || record_exists('artefact_internal_profile_email', 'email', $values['email']))) {
        $form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
    }
    // If the user hasn't agreed to the terms and conditions, don't bother
    if ($values['tandc'] != 'yes') {
        $form->set_error('tandc', get_string('youmaynotregisterwithouttandc', 'auth.internal'));
    }
    // CAPTCHA image
    $captcharequired = get_config('captcha_on_register_form');
    if ((is_null($captcharequired) || $captcharequired) && !$values['captcha']) {
        $form->set_error('captcha', get_string('captchaincorrect'));
    }
    $institution = get_record_sql('
        SELECT 
            i.name, i.maxuseraccounts, i.registerallowed, COUNT(u.id)
        FROM {institution} i
            LEFT OUTER JOIN {usr_institution} ui ON ui.institution = i.name
            LEFT OUTER JOIN {usr} u ON (ui.usr = u.id AND u.deleted = 0)
        WHERE
            i.name = ?
        GROUP BY
            i.name, i.maxuseraccounts, i.registerallowed', array($institution));
    if (!empty($institution->maxuseraccounts) && $institution->count >= $institution->maxuseraccounts) {
        $form->set_error('institution', get_string('institutionfull'));
    }
    if (!$institution->registerallowed) {
        $form->set_error('institution', get_string('registrationnotallowed'));
    }
}
function accountprefs_validate(Pieform $form, $values)
{
    global $USER;
    $authobj = AuthFactory::create($USER->authinstance);
    if (isset($values['oldpassword'])) {
        if ($values['oldpassword'] !== '') {
            global $USER, $authtype, $authclass;
            try {
                if (!$authobj->authenticate_user_account($USER, $values['oldpassword'])) {
                    $form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account'));
                    return;
                }
            } catch (UserException $e) {
                $form->set_error('oldpassword', $e->getMessage());
                return;
            }
            password_validate($form, $values, $USER);
        } else {
            if ($values['password1'] !== '' || $values['password2'] !== '') {
                $form->set_error('oldpassword', get_string('mustspecifyoldpassword'));
            }
        }
    }
    if ($authobj->authname == 'internal' && $values['username'] != $USER->get('username')) {
        if (!AuthInternal::is_username_valid($values['username'])) {
            $form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
        }
        if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
            $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
        }
    }
    // Don't let users turn multiple blogs off unless they only have 1 blog
    if ($USER->get_account_preference('multipleblogs') && empty($values['multipleblogs']) && count_records('artefact', 'artefacttype', 'blog', 'owner', $USER->get('id')) != 1) {
        $form->set_error('multipleblogs', get_string('disablemultipleblogserror', 'account'));
    }
}