/** * Init * @return */ private function init() { if (ilUserAccountSettings::getInstance()->isUserAccessRestricted()) { include_once './Services/User/classes/class.ilLocalUser.php'; $this->folder_ids = ilLocalUser::_getFolderIds(); } }
/** * Singelton get instance * @return object ilUserAccountSettings */ public static function getInstance() { if (self::$instance) { return self::$instance; } return self::$instance = new ilUserAccountSettings(); }
/** * @param integer $ref_id * * @return bool */ static function _checkAccessAdministrateUsers($ref_id) { global $ilAccess; if (ilUserAccountSettings::getInstance()->isLocalUserAdministrationEnabled() and $ilAccess->checkAccess('cat_administrate_users', "", $ref_id)) { return true; } return false; }
/** * Save user account settings * @return */ public function saveGeneralSettingsObject() { global $ilUser, $ilSetting; $this->initFormGeneralSettings(); if ($this->form->checkInput()) { $valid = true; if (!strlen($this->form->getInput('loginname_change_blocking_time'))) { $valid = false; $this->form->getItemByPostVar('loginname_change_blocking_time')->setAlert($this->lng->txt('loginname_change_blocking_time_invalidity_info')); } include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php'; $security = ilSecuritySettings::_getInstance(); // account security settings $security->setPasswordCharsAndNumbersEnabled((bool) $_POST["password_chars_and_numbers_enabled"]); $security->setPasswordSpecialCharsEnabled((bool) $_POST["password_special_chars_enabled"]); $security->setPasswordMinLength((int) $_POST["password_min_length"]); $security->setPasswordMaxLength((int) $_POST["password_max_length"]); $security->setPasswordNumberOfUppercaseChars((int) $_POST['password_ucase_chars_num']); $security->setPasswordNumberOfLowercaseChars((int) $_POST['password_lowercase_chars_num']); $security->setPasswordMaxAge((int) $_POST["password_max_age"]); $security->setLoginMaxAttempts((int) $_POST["login_max_attempts"]); $security->setPreventionOfSimultaneousLogins((bool) $_POST['ps_prevent_simultaneous_logins']); $security->setPasswordChangeOnFirstLoginEnabled((bool) $_POST['password_change_on_first_login_enabled']); $security->setPasswordMustNotContainLoginnameStatus((int) $_POST['password_must_not_contain_loginame']); if (!$security->validate($this->form)) { $valid = false; } if ($valid) { $security->save(); include_once './Services/User/classes/class.ilUserAccountSettings.php'; ilUserAccountSettings::getInstance()->enableLocalUserAdministration($this->form->getInput('lua')); ilUserAccountSettings::getInstance()->restrictUserAccess($this->form->getInput('lrua')); ilUserAccountSettings::getInstance()->update(); // TODO: move to user account settings $save_blocking_time_in_seconds = (int) $ilSetting->get('loginname_change_blocking_time') * 86400; $ilSetting->set('allow_change_loginname', (int) $this->form->getInput('allow_change_loginname')); $ilSetting->set('create_history_loginname', (int) $this->form->getInput('create_history_loginname')); $ilSetting->set('reuse_of_loginnames', (int) $this->form->getInput('reuse_of_loginnames')); $ilSetting->set('loginname_change_blocking_time', (int) $save_blocking_time_in_seconds); $ilSetting->set('user_adm_alpha_nav', (int) $this->form->getInput('user_adm_alpha_nav')); $ilSetting->set('user_reactivate_code', (int) $this->form->getInput('user_reactivate_code')); $ilSetting->set('user_delete_own_account', (int) $this->form->getInput('user_own_account')); $ilSetting->set('user_delete_own_account_email', $this->form->getInput('user_own_account_email')); $ilSetting->set("passwd_auto_generate", $this->form->getInput("passwd_auto_generate")); $ilSetting->set("password_assistance", $this->form->getInput("password_assistance")); // BEGIN SESSION SETTINGS $ilSetting->set('session_handling_type', (int) $this->form->getInput('session_handling_type')); if ($this->form->getInput('session_handling_type') == ilSession::SESSION_HANDLING_FIXED) { $ilSetting->set('session_reminder_enabled', $this->form->getInput('session_reminder_enabled')); } else { if ($this->form->getInput('session_handling_type') == ilSession::SESSION_HANDLING_LOAD_DEPENDENT) { require_once 'Services/Authentication/classes/class.ilSessionControl.php'; if ($ilSetting->get('session_allow_client_maintenance', ilSessionControl::DEFAULT_ALLOW_CLIENT_MAINTENANCE)) { // has to be done BEFORE updating the setting! include_once "Services/Authentication/classes/class.ilSessionStatistics.php"; ilSessionStatistics::updateLimitLog((int) $this->form->getInput('session_max_count')); $ilSetting->set('session_max_count', (int) $this->form->getInput('session_max_count')); $ilSetting->set('session_min_idle', (int) $this->form->getInput('session_min_idle')); $ilSetting->set('session_max_idle', (int) $this->form->getInput('session_max_idle')); $ilSetting->set('session_max_idle_after_first_request', (int) $this->form->getInput('session_max_idle_after_first_request')); } } } // END SESSION SETTINGS ilUtil::sendSuccess($this->lng->txt('saved_successfully')); } else { ilUtil::sendFailure($this->lng->txt('form_input_not_valid')); } } else { ilUtil::sendFailure($this->lng->txt('form_input_not_valid')); } $this->form->setValuesByPost(); $this->tpl->setContent($this->form->getHTML()); }
/** * reads all active sessions from db and returns users that are online * OR returns only one active user if a user_id is given * * @param integer user_id (optional) * @return array */ public static function _getUsersOnline($a_user_id = 0, $a_no_anonymous = false) { /** * @var $ilDB ilDB */ global $ilDB; $pd_set = new ilSetting('pd'); $atime = $pd_set->get('user_activity_time') * 60; $ctime = time(); $where = array(); if ($a_user_id == 0) { $where[] = 'user_id > 0'; $where[] = '(agree_date IS NOT NULL OR user_id = ' . $ilDB->quote(SYSTEM_USER_ID, 'integer') . ')'; } else { $where[] = 'user_id = ' . $ilDB->quote($a_user_id, 'integer'); } if ($a_no_anonymous) { $where[] = 'user_id != ' . $ilDB->quote(ANONYMOUS_USER_ID, 'integer'); } include_once 'Services/User/classes/class.ilUserAccountSettings.php'; if (ilUserAccountSettings::getInstance()->isUserAccessRestricted()) { include_once 'Services/User/classes/class.ilUserFilter.php'; $where[] = $ilDB->in('time_limit_owner', ilUserFilter::getInstance()->getFolderIds(), false, 'integer'); } $where[] = 'expires > ' . $ilDB->quote($ctime, 'integer'); $where[] = '(p.value IS NULL OR NOT p.value = ' . $ilDB->quote('y', 'text') . ')'; $where = 'WHERE ' . implode(' AND ', $where); $r = $ilDB->queryF("\n\t\t\tSELECT COUNT(user_id) num, user_id, firstname, lastname, title, login, last_login, MAX(ctime) ctime\n\t\t\tFROM usr_session\n\t\t\tLEFT JOIN usr_data u\n\t\t\t\tON user_id = u.usr_id\n\t\t\tLEFT JOIN usr_pref p\n\t\t\t\tON (p.usr_id = u.usr_id AND p.keyword = %s)\n\t\t\t{$where}\n\t\t\tGROUP BY user_id, firstname, lastname, title, login, last_login\n\t\t\tORDER BY lastname, firstname\n\t\t\t", array('text'), array('hide_own_online_status')); $users = array(); while ($user = $ilDB->fetchAssoc($r)) { if ($atime <= 0 || $user['ctime'] + $atime > $ctime) { $users[$user['user_id']] = $user; } } return $users; }
/** * Get tabs */ function getTabs(&$tabs_gui) { global $rbacsystem, $lng, $ilHelp, $ilAccess; if ($this->ctrl->getCmd() == "editPageContent") { return; } #$this->ctrl->setParameter($this,"ref_id",$this->ref_id); $ilHelp->setScreenIdComponent("cat"); if ($rbacsystem->checkAccess('read', $this->ref_id)) { $force_active = $_GET["cmd"] == "" || $_GET["cmd"] == "render" ? true : false; $tabs_gui->addTab("view_content", $lng->txt("content"), $this->ctrl->getLinkTarget($this, "")); //BEGIN ChangeEvent add info tab to category object $force_active = $this->ctrl->getNextClass() == "ilinfoscreengui" || strtolower($_GET["cmdClass"]) == "ilnotegui" ? true : false; $tabs_gui->addTarget("info_short", $this->ctrl->getLinkTargetByClass(array("ilobjcategorygui", "ilinfoscreengui"), "showSummary"), array("showSummary", "", "infoScreen"), "", "", $force_active); //END ChangeEvent add info tab to category object } if ($rbacsystem->checkAccess('write', $this->ref_id)) { $force_active = $_GET["cmd"] == "edit" ? true : false; $tabs_gui->addTarget("settings", $this->ctrl->getLinkTarget($this, "edit"), "edit", get_class($this), "", $force_active); } include_once './Services/User/classes/class.ilUserAccountSettings.php'; if (ilUserAccountSettings::getInstance()->isLocalUserAdministrationEnabled() and $rbacsystem->checkAccess('cat_administrate_users', $this->ref_id)) { $tabs_gui->addTarget("administrate_users", $this->ctrl->getLinkTarget($this, "listUsers"), "listUsers", get_class($this)); } if ($ilAccess->checkAccess('write', '', $this->object->getRefId())) { $tabs_gui->addTarget('export', $this->ctrl->getLinkTargetByClass('ilexportgui', ''), 'export', 'ilexportgui'); } // parent tabs (all container: edit_permission, clipboard, trash parent::getTabs($tabs_gui); }
/** * Save user account settings * @return */ public function saveGeneralSettingsObject() { global $ilUser, $ilSetting; $this->initFormGeneralSettings(); if ($this->form->checkInput()) { $valid = true; if (!strlen($this->form->getInput('loginname_change_blocking_time'))) { $valid = false; $this->form->getItemByPostVar('loginname_change_blocking_time')->setAlert($this->lng->txt('loginname_change_blocking_time_invalidity_info')); } if ($valid) { include_once './Services/User/classes/class.ilUserAccountSettings.php'; ilUserAccountSettings::getInstance()->enableLocalUserAdministration($this->form->getInput('lua')); ilUserAccountSettings::getInstance()->restrictUserAccess($this->form->getInput('lrua')); ilUserAccountSettings::getInstance()->update(); // TODO: move to user account settings $save_blocking_time_in_seconds = (int) $ilSetting->get('loginname_change_blocking_time') * 86400; $ilSetting->set('allow_change_loginname', (int) $this->form->getInput('allow_change_loginname')); $ilSetting->set('create_history_loginname', (int) $this->form->getInput('create_history_loginname')); $ilSetting->set('reuse_of_loginnames', (int) $this->form->getInput('reuse_of_loginnames')); $ilSetting->set('loginname_change_blocking_time', (int) $save_blocking_time_in_seconds); $ilSetting->set('user_adm_alpha_nav', (int) $this->form->getInput('user_adm_alpha_nav')); // $ilSetting->set('user_ext_profiles', (int)$this->form->getInput('user_ext_profiles')); $ilSetting->set('user_portfolios', (int) $this->form->getInput('user_portfolios')); $ilSetting->set('user_reactivate_code', (int) $this->form->getInput('user_reactivate_code')); $ilSetting->set('user_delete_own_account', (int) $this->form->getInput('user_own_account')); $ilSetting->set('user_delete_own_account_email', $this->form->getInput('user_own_account_email')); ilUtil::sendSuccess($this->lng->txt('saved_successfully')); } else { ilUtil::sendFailure($this->lng->txt('form_input_not_valid')); } } else { ilUtil::sendFailure($this->lng->txt('form_input_not_valid')); } $this->form->setValuesByPost(); $this->tpl->setContent($this->form->getHTML()); }
/** * @param string * @return string */ protected function getWherePart($search_query) { /** * @var $ilDB ilDB * @var $ilSetting ilSetting */ global $ilDB, $ilSetting; $outer_conditions = array(); // In 'anonymous' context with respected user privacy, only users with globally published profiles should be found. if (self::PRIVACY_MODE_RESPECT_USER_SETTING == $this->getPrivacyMode() && $this->getUser() instanceof ilObjUser && $this->getUser()->isAnonymous()) { if (!$ilSetting->get('enable_global_profiles', 0)) { // If 'Enable User Content Publishing' is not set in the administration, no user should be found for 'anonymous' context. return '1 = 2'; } else { // Otherwise respect the profile activation setting of every user (as a global (outer) condition in the where clause). $outer_conditions[] = 'profpref.value = ' . $ilDB->quote('g', 'text'); } } $outer_conditions[] = 'ud.usr_id != ' . $ilDB->quote(ANONYMOUS_USER_ID, 'integer'); $field_conditions = array(); foreach ($this->getFields() as $field) { $field_condition = $this->getQueryConditionByFieldAndValue($field, $search_query); if ('email' == $field && self::PRIVACY_MODE_RESPECT_USER_SETTING == $this->getPrivacyMode()) { // If privacy should be respected, the profile setting of every user concerning the email address has to be // respected (in every user context, no matter if the user is 'logged in' or 'anonymous'). $email_query = array(); $email_query[] = $field_condition; $email_query[] = 'pubemail.value = ' . $ilDB->quote('y', 'text'); $field_conditions[] = '(' . implode(' AND ', $email_query) . ')'; } else { $field_conditions[] = $field_condition; } } // If the current user context ist 'logged in' and privacy should be respected, all fields >>>except the login<<< // should only be searchable if the users' profile is published (y oder g) // In 'anonymous' context we do not need this additional conditions, // because we checked the privacy setting in the condition above: profile = 'g' if (self::PRIVACY_MODE_RESPECT_USER_SETTING == $this->getPrivacyMode() && $this->getUser() instanceof ilObjUser && !$this->getUser()->isAnonymous() && $field_conditions) { $fields = implode(' OR ', $field_conditions); $field_conditions[] = '(' . implode(' AND ', array($fields, $ilDB->in('profpref.value', array('y', 'g'), false, 'text'))) . ')'; } // The login field must be searchable regardless (for 'logged in' users) of any privacy settings. // We handled the general condition for 'anonymous' context above: profile = 'g' $field_conditions[] = $this->getQueryConditionByFieldAndValue('login', $search_query); include_once 'Services/User/classes/class.ilUserAccountSettings.php'; if (ilUserAccountSettings::getInstance()->isUserAccessRestricted()) { include_once './Services/User/classes/class.ilUserFilter.php'; $outer_conditions[] = $ilDB->in('time_limit_owner', ilUserFilter::getInstance()->getFolderIds(), false, 'integer'); } if ($field_conditions) { $outer_conditions[] = '(' . implode(' OR ', $field_conditions) . ')'; } return implode(' AND ', $outer_conditions); }
/** * reads all active sessions from db and returns users that are online * OR returns only one active user if a user_id is given * * @param integer user_id (optional) * @return array */ function _getUsersOnline($a_user_id = 0, $a_no_anonymous = false) { global $ilDB; $pd_set = new ilSetting("pd"); $atime = $pd_set->get("user_activity_time") * 60; $ctime = time(); if ($a_user_id == 0) { $where = "WHERE user_id != 0 AND NOT agree_date IS NULL "; $type_array = array("integer"); $val_array = array(time()); } else { $where = "WHERE user_id = %s "; $type_array = array("integer", "integer"); $val_array = array($a_user_id, time()); } $no_anonym = $a_no_anonymous ? "AND user_id <> " . $ilDB->quote(ANONYMOUS_USER_ID, "integer") . " " : ""; include_once './Services/User/classes/class.ilUserAccountSettings.php'; if (ilUserAccountSettings::getInstance()->isUserAccessRestricted()) { include_once './Services/User/classes/class.ilUserFilter.php'; $user_filter = 'AND ' . $ilDB->in('time_limit_owner', ilUserFilter::getInstance()->getFolderIds(), false, 'integer') . ' '; } else { $user_filter = ' '; } $r = $ilDB->queryF($q = "SELECT count(user_id) as num,user_id,firstname,lastname,title,login,last_login,max(ctime) AS ctime " . "FROM usr_session " . "LEFT JOIN usr_data u ON user_id = u.usr_id " . "LEFT JOIN usr_pref p ON (p.usr_id = u.usr_id AND p.keyword = " . $ilDB->quote("hide_own_online_status", "text") . ") " . $where . "AND expires > %s " . "AND (p.value IS NULL OR NOT p.value = " . $ilDB->quote("y", "text") . ") " . $no_anonym . $user_filter . "GROUP BY user_id,firstname,lastname,title,login,last_login " . "ORDER BY lastname, firstname", $type_array, $val_array); while ($user = $ilDB->fetchAssoc($r)) { if ($atime <= 0 || $user["ctime"] + $atime > $ctime) { $users[$user["user_id"]] = $user; } } return $users ? $users : array(); }