/**
* Init
* @return
*/
private function init()
{
if (ilUserAccountSettings::getInstance()->isUserAccessRestricted()) {
include_once './Services/User/classes/class.ilLocalUser.php';
$this->folder_ids = ilLocalUser::_getFolderIds();
}
}
/**
* Singelton get instance
* @return object ilUserAccountSettings
*/
public static function getInstance()
{
if (self::$instance) {
return self::$instance;
}
return self::$instance = new ilUserAccountSettings();
}
/**
* @param integer $ref_id
*
* @return bool
*/
static function _checkAccessAdministrateUsers($ref_id)
{
global $ilAccess;
if (ilUserAccountSettings::getInstance()->isLocalUserAdministrationEnabled() and $ilAccess->checkAccess('cat_administrate_users', "", $ref_id)) {
return true;
}
return false;
}
/**
* Save user account settings
* @return
*/
public function saveGeneralSettingsObject()
{
global $ilUser, $ilSetting;
$this->initFormGeneralSettings();
if ($this->form->checkInput()) {
$valid = true;
if (!strlen($this->form->getInput('loginname_change_blocking_time'))) {
$valid = false;
$this->form->getItemByPostVar('loginname_change_blocking_time')->setAlert($this->lng->txt('loginname_change_blocking_time_invalidity_info'));
}
include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
$security = ilSecuritySettings::_getInstance();
// account security settings
$security->setPasswordCharsAndNumbersEnabled((bool) $_POST["password_chars_and_numbers_enabled"]);
$security->setPasswordSpecialCharsEnabled((bool) $_POST["password_special_chars_enabled"]);
$security->setPasswordMinLength((int) $_POST["password_min_length"]);
$security->setPasswordMaxLength((int) $_POST["password_max_length"]);
$security->setPasswordNumberOfUppercaseChars((int) $_POST['password_ucase_chars_num']);
$security->setPasswordNumberOfLowercaseChars((int) $_POST['password_lowercase_chars_num']);
$security->setPasswordMaxAge((int) $_POST["password_max_age"]);
$security->setLoginMaxAttempts((int) $_POST["login_max_attempts"]);
$security->setPreventionOfSimultaneousLogins((bool) $_POST['ps_prevent_simultaneous_logins']);
$security->setPasswordChangeOnFirstLoginEnabled((bool) $_POST['password_change_on_first_login_enabled']);
$security->setPasswordMustNotContainLoginnameStatus((int) $_POST['password_must_not_contain_loginame']);
if (!$security->validate($this->form)) {
$valid = false;
}
if ($valid) {
$security->save();
include_once './Services/User/classes/class.ilUserAccountSettings.php';
ilUserAccountSettings::getInstance()->enableLocalUserAdministration($this->form->getInput('lua'));
ilUserAccountSettings::getInstance()->restrictUserAccess($this->form->getInput('lrua'));
ilUserAccountSettings::getInstance()->update();
// TODO: move to user account settings
$save_blocking_time_in_seconds = (int) $ilSetting->get('loginname_change_blocking_time') * 86400;
$ilSetting->set('allow_change_loginname', (int) $this->form->getInput('allow_change_loginname'));
$ilSetting->set('create_history_loginname', (int) $this->form->getInput('create_history_loginname'));
$ilSetting->set('reuse_of_loginnames', (int) $this->form->getInput('reuse_of_loginnames'));
$ilSetting->set('loginname_change_blocking_time', (int) $save_blocking_time_in_seconds);
$ilSetting->set('user_adm_alpha_nav', (int) $this->form->getInput('user_adm_alpha_nav'));
$ilSetting->set('user_reactivate_code', (int) $this->form->getInput('user_reactivate_code'));
$ilSetting->set('user_delete_own_account', (int) $this->form->getInput('user_own_account'));
$ilSetting->set('user_delete_own_account_email', $this->form->getInput('user_own_account_email'));
$ilSetting->set("passwd_auto_generate", $this->form->getInput("passwd_auto_generate"));
$ilSetting->set("password_assistance", $this->form->getInput("password_assistance"));
// BEGIN SESSION SETTINGS
$ilSetting->set('session_handling_type', (int) $this->form->getInput('session_handling_type'));
if ($this->form->getInput('session_handling_type') == ilSession::SESSION_HANDLING_FIXED) {
$ilSetting->set('session_reminder_enabled', $this->form->getInput('session_reminder_enabled'));
} else {
if ($this->form->getInput('session_handling_type') == ilSession::SESSION_HANDLING_LOAD_DEPENDENT) {
require_once 'Services/Authentication/classes/class.ilSessionControl.php';
if ($ilSetting->get('session_allow_client_maintenance', ilSessionControl::DEFAULT_ALLOW_CLIENT_MAINTENANCE)) {
// has to be done BEFORE updating the setting!
include_once "Services/Authentication/classes/class.ilSessionStatistics.php";
ilSessionStatistics::updateLimitLog((int) $this->form->getInput('session_max_count'));
$ilSetting->set('session_max_count', (int) $this->form->getInput('session_max_count'));
$ilSetting->set('session_min_idle', (int) $this->form->getInput('session_min_idle'));
$ilSetting->set('session_max_idle', (int) $this->form->getInput('session_max_idle'));
$ilSetting->set('session_max_idle_after_first_request', (int) $this->form->getInput('session_max_idle_after_first_request'));
}
}
}
// END SESSION SETTINGS
ilUtil::sendSuccess($this->lng->txt('saved_successfully'));
} else {
ilUtil::sendFailure($this->lng->txt('form_input_not_valid'));
}
} else {
ilUtil::sendFailure($this->lng->txt('form_input_not_valid'));
}
$this->form->setValuesByPost();
$this->tpl->setContent($this->form->getHTML());
}
/**
* reads all active sessions from db and returns users that are online
* OR returns only one active user if a user_id is given
*
* @param integer user_id (optional)
* @return array
*/
public static function _getUsersOnline($a_user_id = 0, $a_no_anonymous = false)
{
/**
* @var $ilDB ilDB
*/
global $ilDB;
$pd_set = new ilSetting('pd');
$atime = $pd_set->get('user_activity_time') * 60;
$ctime = time();
$where = array();
if ($a_user_id == 0) {
$where[] = 'user_id > 0';
$where[] = '(agree_date IS NOT NULL OR user_id = ' . $ilDB->quote(SYSTEM_USER_ID, 'integer') . ')';
} else {
$where[] = 'user_id = ' . $ilDB->quote($a_user_id, 'integer');
}
if ($a_no_anonymous) {
$where[] = 'user_id != ' . $ilDB->quote(ANONYMOUS_USER_ID, 'integer');
}
include_once 'Services/User/classes/class.ilUserAccountSettings.php';
if (ilUserAccountSettings::getInstance()->isUserAccessRestricted()) {
include_once 'Services/User/classes/class.ilUserFilter.php';
$where[] = $ilDB->in('time_limit_owner', ilUserFilter::getInstance()->getFolderIds(), false, 'integer');
}
$where[] = 'expires > ' . $ilDB->quote($ctime, 'integer');
$where[] = '(p.value IS NULL OR NOT p.value = ' . $ilDB->quote('y', 'text') . ')';
$where = 'WHERE ' . implode(' AND ', $where);
$r = $ilDB->queryF("\n\t\t\tSELECT COUNT(user_id) num, user_id, firstname, lastname, title, login, last_login, MAX(ctime) ctime\n\t\t\tFROM usr_session\n\t\t\tLEFT JOIN usr_data u\n\t\t\t\tON user_id = u.usr_id\n\t\t\tLEFT JOIN usr_pref p\n\t\t\t\tON (p.usr_id = u.usr_id AND p.keyword = %s)\n\t\t\t{$where}\n\t\t\tGROUP BY user_id, firstname, lastname, title, login, last_login\n\t\t\tORDER BY lastname, firstname\n\t\t\t", array('text'), array('hide_own_online_status'));
$users = array();
while ($user = $ilDB->fetchAssoc($r)) {
if ($atime <= 0 || $user['ctime'] + $atime > $ctime) {
$users[$user['user_id']] = $user;
}
}
return $users;
}
/**
* Get tabs
*/
function getTabs(&$tabs_gui)
{
global $rbacsystem, $lng, $ilHelp, $ilAccess;
if ($this->ctrl->getCmd() == "editPageContent") {
return;
}
#$this->ctrl->setParameter($this,"ref_id",$this->ref_id);
$ilHelp->setScreenIdComponent("cat");
if ($rbacsystem->checkAccess('read', $this->ref_id)) {
$force_active = $_GET["cmd"] == "" || $_GET["cmd"] == "render" ? true : false;
$tabs_gui->addTab("view_content", $lng->txt("content"), $this->ctrl->getLinkTarget($this, ""));
//BEGIN ChangeEvent add info tab to category object
$force_active = $this->ctrl->getNextClass() == "ilinfoscreengui" || strtolower($_GET["cmdClass"]) == "ilnotegui" ? true : false;
$tabs_gui->addTarget("info_short", $this->ctrl->getLinkTargetByClass(array("ilobjcategorygui", "ilinfoscreengui"), "showSummary"), array("showSummary", "", "infoScreen"), "", "", $force_active);
//END ChangeEvent add info tab to category object
}
if ($rbacsystem->checkAccess('write', $this->ref_id)) {
$force_active = $_GET["cmd"] == "edit" ? true : false;
$tabs_gui->addTarget("settings", $this->ctrl->getLinkTarget($this, "edit"), "edit", get_class($this), "", $force_active);
}
include_once './Services/User/classes/class.ilUserAccountSettings.php';
if (ilUserAccountSettings::getInstance()->isLocalUserAdministrationEnabled() and $rbacsystem->checkAccess('cat_administrate_users', $this->ref_id)) {
$tabs_gui->addTarget("administrate_users", $this->ctrl->getLinkTarget($this, "listUsers"), "listUsers", get_class($this));
}
if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) {
$tabs_gui->addTarget('export', $this->ctrl->getLinkTargetByClass('ilexportgui', ''), 'export', 'ilexportgui');
}
// parent tabs (all container: edit_permission, clipboard, trash
parent::getTabs($tabs_gui);
}
/**
* Save user account settings
* @return
*/
public function saveGeneralSettingsObject()
{
global $ilUser, $ilSetting;
$this->initFormGeneralSettings();
if ($this->form->checkInput()) {
$valid = true;
if (!strlen($this->form->getInput('loginname_change_blocking_time'))) {
$valid = false;
$this->form->getItemByPostVar('loginname_change_blocking_time')->setAlert($this->lng->txt('loginname_change_blocking_time_invalidity_info'));
}
if ($valid) {
include_once './Services/User/classes/class.ilUserAccountSettings.php';
ilUserAccountSettings::getInstance()->enableLocalUserAdministration($this->form->getInput('lua'));
ilUserAccountSettings::getInstance()->restrictUserAccess($this->form->getInput('lrua'));
ilUserAccountSettings::getInstance()->update();
// TODO: move to user account settings
$save_blocking_time_in_seconds = (int) $ilSetting->get('loginname_change_blocking_time') * 86400;
$ilSetting->set('allow_change_loginname', (int) $this->form->getInput('allow_change_loginname'));
$ilSetting->set('create_history_loginname', (int) $this->form->getInput('create_history_loginname'));
$ilSetting->set('reuse_of_loginnames', (int) $this->form->getInput('reuse_of_loginnames'));
$ilSetting->set('loginname_change_blocking_time', (int) $save_blocking_time_in_seconds);
$ilSetting->set('user_adm_alpha_nav', (int) $this->form->getInput('user_adm_alpha_nav'));
// $ilSetting->set('user_ext_profiles', (int)$this->form->getInput('user_ext_profiles'));
$ilSetting->set('user_portfolios', (int) $this->form->getInput('user_portfolios'));
$ilSetting->set('user_reactivate_code', (int) $this->form->getInput('user_reactivate_code'));
$ilSetting->set('user_delete_own_account', (int) $this->form->getInput('user_own_account'));
$ilSetting->set('user_delete_own_account_email', $this->form->getInput('user_own_account_email'));
ilUtil::sendSuccess($this->lng->txt('saved_successfully'));
} else {
ilUtil::sendFailure($this->lng->txt('form_input_not_valid'));
}
} else {
ilUtil::sendFailure($this->lng->txt('form_input_not_valid'));
}
$this->form->setValuesByPost();
$this->tpl->setContent($this->form->getHTML());
}
/**
* @param string
* @return string
*/
protected function getWherePart($search_query)
{
/**
* @var $ilDB ilDB
* @var $ilSetting ilSetting
*/
global $ilDB, $ilSetting;
$outer_conditions = array();
// In 'anonymous' context with respected user privacy, only users with globally published profiles should be found.
if (self::PRIVACY_MODE_RESPECT_USER_SETTING == $this->getPrivacyMode() && $this->getUser() instanceof ilObjUser && $this->getUser()->isAnonymous()) {
if (!$ilSetting->get('enable_global_profiles', 0)) {
// If 'Enable User Content Publishing' is not set in the administration, no user should be found for 'anonymous' context.
return '1 = 2';
} else {
// Otherwise respect the profile activation setting of every user (as a global (outer) condition in the where clause).
$outer_conditions[] = 'profpref.value = ' . $ilDB->quote('g', 'text');
}
}
$outer_conditions[] = 'ud.usr_id != ' . $ilDB->quote(ANONYMOUS_USER_ID, 'integer');
$field_conditions = array();
foreach ($this->getFields() as $field) {
$field_condition = $this->getQueryConditionByFieldAndValue($field, $search_query);
if ('email' == $field && self::PRIVACY_MODE_RESPECT_USER_SETTING == $this->getPrivacyMode()) {
// If privacy should be respected, the profile setting of every user concerning the email address has to be
// respected (in every user context, no matter if the user is 'logged in' or 'anonymous').
$email_query = array();
$email_query[] = $field_condition;
$email_query[] = 'pubemail.value = ' . $ilDB->quote('y', 'text');
$field_conditions[] = '(' . implode(' AND ', $email_query) . ')';
} else {
$field_conditions[] = $field_condition;
}
}
// If the current user context ist 'logged in' and privacy should be respected, all fields >>>except the login<<<
// should only be searchable if the users' profile is published (y oder g)
// In 'anonymous' context we do not need this additional conditions,
// because we checked the privacy setting in the condition above: profile = 'g'
if (self::PRIVACY_MODE_RESPECT_USER_SETTING == $this->getPrivacyMode() && $this->getUser() instanceof ilObjUser && !$this->getUser()->isAnonymous() && $field_conditions) {
$fields = implode(' OR ', $field_conditions);
$field_conditions[] = '(' . implode(' AND ', array($fields, $ilDB->in('profpref.value', array('y', 'g'), false, 'text'))) . ')';
}
// The login field must be searchable regardless (for 'logged in' users) of any privacy settings.
// We handled the general condition for 'anonymous' context above: profile = 'g'
$field_conditions[] = $this->getQueryConditionByFieldAndValue('login', $search_query);
include_once 'Services/User/classes/class.ilUserAccountSettings.php';
if (ilUserAccountSettings::getInstance()->isUserAccessRestricted()) {
include_once './Services/User/classes/class.ilUserFilter.php';
$outer_conditions[] = $ilDB->in('time_limit_owner', ilUserFilter::getInstance()->getFolderIds(), false, 'integer');
}
if ($field_conditions) {
$outer_conditions[] = '(' . implode(' OR ', $field_conditions) . ')';
}
return implode(' AND ', $outer_conditions);
}
/**
* reads all active sessions from db and returns users that are online
* OR returns only one active user if a user_id is given
*
* @param integer user_id (optional)
* @return array
*/
function _getUsersOnline($a_user_id = 0, $a_no_anonymous = false)
{
global $ilDB;
$pd_set = new ilSetting("pd");
$atime = $pd_set->get("user_activity_time") * 60;
$ctime = time();
if ($a_user_id == 0) {
$where = "WHERE user_id != 0 AND NOT agree_date IS NULL ";
$type_array = array("integer");
$val_array = array(time());
} else {
$where = "WHERE user_id = %s ";
$type_array = array("integer", "integer");
$val_array = array($a_user_id, time());
}
$no_anonym = $a_no_anonymous ? "AND user_id <> " . $ilDB->quote(ANONYMOUS_USER_ID, "integer") . " " : "";
include_once './Services/User/classes/class.ilUserAccountSettings.php';
if (ilUserAccountSettings::getInstance()->isUserAccessRestricted()) {
include_once './Services/User/classes/class.ilUserFilter.php';
$user_filter = 'AND ' . $ilDB->in('time_limit_owner', ilUserFilter::getInstance()->getFolderIds(), false, 'integer') . ' ';
} else {
$user_filter = ' ';
}
$r = $ilDB->queryF($q = "SELECT count(user_id) as num,user_id,firstname,lastname,title,login,last_login,max(ctime) AS ctime " . "FROM usr_session " . "LEFT JOIN usr_data u ON user_id = u.usr_id " . "LEFT JOIN usr_pref p ON (p.usr_id = u.usr_id AND p.keyword = " . $ilDB->quote("hide_own_online_status", "text") . ") " . $where . "AND expires > %s " . "AND (p.value IS NULL OR NOT p.value = " . $ilDB->quote("y", "text") . ") " . $no_anonym . $user_filter . "GROUP BY user_id,firstname,lastname,title,login,last_login " . "ORDER BY lastname, firstname", $type_array, $val_array);
while ($user = $ilDB->fetchAssoc($r)) {
if ($atime <= 0 || $user["ctime"] + $atime > $ctime) {
$users[$user["user_id"]] = $user;
}
}
return $users ? $users : array();
}
