/**
* Auth and email related methods
* @group IL_Init
*/
public function testAuthAndEmailMethods()
{
include_once "./Services/User/classes/class.ilObjUser.php";
$value = "";
// creation
$user = new ilObjUser();
$d = array("login" => "aatestuser2", "passwd_type" => IL_PASSWD_PLAIN, "passwd" => "password", "gender" => "f", "firstname" => "Heidi", "lastname" => "Kabel", "email" => "*****@*****.**", "ext_account" => "ext_");
$user->assignData($d);
$user->setActive(true);
$user->create();
$user->saveAsNew();
$user->setLanguage("de");
$user->writePrefs();
$id = $user->getId();
ilObjUser::_writeExternalAccount($id, "ext_kabel");
ilObjUser::_writeAuthMode($id, "cas");
$ids = ilObjUser::_getUserIdsByEmail("*****@*****.**");
//var_dump($ids);
if (is_array($ids) && count($ids) == 1 && $ids[0] == "aatestuser2") {
$value .= "email1-";
}
$uid = ilObjUser::getUserIdByEmail("*****@*****.**");
if ($uid == $id) {
$value .= "email2-";
}
$acc = ilObjUser::_getExternalAccountsByAuthMode("cas");
foreach ($acc as $k => $v) {
if ($k == $id && $v == "ext_kabel") {
$value .= "auth1-";
}
}
if (ilObjUser::_lookupAuthMode($id) == "cas") {
$value .= "auth2-";
}
if (ilObjUser::_checkExternalAuthAccount("cas", "ext_kabel") == "aatestuser2") {
$value .= "auth3-";
}
if (ilObjUser::_externalAccountExists("ext_kabel", "cas")) {
$value .= "auth4-";
}
ilObjUser::_getNumberOfUsersPerAuthMode();
$la = ilObjUser::_getLocalAccountsForEmail("*****@*****.**");
ilObjUser::_incrementLoginAttempts($id);
ilObjUser::_getLoginAttempts($id);
ilObjUser::_resetLoginAttempts($id);
ilObjUser::_setUserInactive($id);
// deletion
$user->delete();
$this->assertEquals("email1-email2-auth1-auth2-auth3-auth4-", $value);
}
/**
* Called after successful login
* @return
* @param array $a_username
* @param object $a_auth
*/
protected function loginObserver($a_username, $a_auth)
{
global $ilLog, $ilAppEventHandler, $ilSetting;
if ($this->getContainer()->loginObserver($a_username, $a_auth)) {
// validate user
include_once "Services/User/classes/class.ilObjUser.php";
$user_id = ilObjUser::_loginExists($a_auth->getUsername());
if ($user_id != ANONYMOUS_USER_ID) {
$user = new ilObjUser($user_id);
// check if profile is complete
include_once "Services/User/classes/class.ilUserProfile.php";
if (ilUserProfile::isProfileIncomplete($user) and ilAuthFactory::getContext() != ilAuthFactory::CONTEXT_ECS) {
$user->setProfileIncomplete(true);
$user->update();
}
// --- extended user validation
//
// we only have a single status, so abort after each one
// order from highest priority to lowest
// active?
if (!$user->getActive()) {
$this->status = AUTH_USER_INACTIVE;
$a_auth->logout();
return;
}
// time limit
if (!$user->checkTimeLimit()) {
$this->status = AUTH_USER_TIME_LIMIT_EXCEEDED;
// #16327
$this->exceeded_user_name = $this->getUserName();
$a_auth->logout();
return;
}
// check client ip
$clientip = $user->getClientIP();
if (trim($clientip) != "") {
$clientip = preg_replace("/[^0-9.?*,:]+/", "", $clientip);
$clientip = str_replace(".", "\\.", $clientip);
$clientip = str_replace(array("?", "*", ","), array("[0-9]", "[0-9]*", "|"), $clientip);
if (!preg_match("/^" . $clientip . "\$/", $_SERVER["REMOTE_ADDR"])) {
$this->status = AUTH_USER_WRONG_IP;
$a_auth->logout();
return;
}
}
// simultaneous login
if ($ilSetting->get('ps_prevent_simultaneous_logins') && ilObjUser::hasActiveSession($user_id)) {
$this->status = AUTH_USER_SIMULTANEOUS_LOGIN;
$a_auth->logout();
return;
}
include_once 'Services/Tracking/classes/class.ilOnlineTracking.php';
ilOnlineTracking::addUser($user_id);
include_once 'Modules/Forum/classes/class.ilObjForum.php';
ilObjForum::_updateOldAccess($user_id);
require_once 'Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
$security_settings = ilSecuritySettings::_getInstance();
// determine first login of user for setting an indicator
// which still is available in PersonalDesktop, Repository, ...
// (last login date is set to current date in next step)
if ($security_settings->isPasswordChangeOnFirstLoginEnabled() && $user->getLastLogin() == null) {
$user->resetLastPasswordChange();
}
$user->refreshLogin();
// reset counter for failed logins
ilObjUser::_resetLoginAttempts($user_id);
}
// --- anonymous/registered user
$ilLog->write(__METHOD__ . ': logged in as ' . $a_auth->getUsername() . ', remote:' . $_SERVER['REMOTE_ADDR'] . ':' . $_SERVER['REMOTE_PORT'] . ', server:' . $_SERVER['SERVER_ADDR'] . ':' . $_SERVER['SERVER_PORT']);
ilSessionControl::handleLoginEvent($a_auth->getUsername(), $a_auth);
$ilAppEventHandler->raise('Services/Authentication', 'afterLogin', array('username' => $a_auth->getUsername()));
}
}
function initIlias($context = "web")
{
global $ilDB, $ilUser, $ilLog, $ilErr, $ilClientIniFile, $ilIliasIniFile, $ilSetting, $ilias, $https, $ilObjDataCache, $ilLog, $objDefinition, $lng, $ilCtrl, $ilBrowser, $ilHelp, $ilTabs, $ilMainMenu, $rbacsystem, $ilNavigationHistory;
// remove unsafe characters
$this->removeUnsafeCharacters();
// error reporting
// remove notices from error reporting
if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
error_reporting(ini_get("error_reporting") & ~E_NOTICE & ~E_DEPRECATED);
} else {
error_reporting(ini_get('error_reporting') & ~E_NOTICE);
}
// include common code files
$this->requireCommonIncludes();
global $ilBench;
// set error handler (to do: check preconditions for error handler to work)
$ilBench->start("Core", "HeaderInclude_GetErrorHandler");
$ilErr = new ilErrorHandling();
$GLOBALS['ilErr'] =& $ilErr;
$ilErr->setErrorHandling(PEAR_ERROR_CALLBACK, array($ilErr, 'errorHandler'));
$ilBench->stop("Core", "HeaderInclude_GetErrorHandler");
// prepare file access to work with safe mode (has been done in class ilias before)
umask(0117);
// set cookie params
$this->setCookieParams();
// $ilIliasIniFile initialisation
$this->initIliasIniFile();
// CLIENT_ID determination
$this->determineClient();
// $ilAppEventHandler initialisation
$this->initEventHandling();
// $ilClientIniFile initialisation
$this->initClientIniFile();
// removed redirection madness the service should respond with SERVICE UNAVAILABLE
// $ilDB initialisation
$this->initDatabase();
// init plugin admin class
include_once "Services/Component/classes/class.ilPluginAdmin.php";
$ilPluginAdmin = new ilPluginAdmin();
$GLOBALS['ilPluginAdmin'] = $ilPluginAdmin;
// set session handler
$this->setSessionHandler();
// $ilSetting initialisation
$this->initSettings();
// $ilLog initialisation
$this->initLog();
// $https initialisation
require_once 'classes/class.ilHTTPS.php';
$https = new ilHTTPS();
$GLOBALS['https'] =& $https;
$https->enableSecureCookies();
$https->checkPort();
if ($this->returnBeforeAuth()) {
return;
}
$ilCtrl = new ilCtrl2();
$GLOBALS['ilCtrl'] =& $ilCtrl;
// $ilAuth initialisation
include_once "Services/Authentication/classes/class.ilAuthUtils.php";
ilAuthUtils::_initAuth();
global $ilAuth;
$this->includePhp5Compliance();
// Do not accept external session ids
if (!ilSession::_exists(session_id())) {
// $_GET["PHPSESSID"] = "";
session_regenerate_id();
}
// $ilias initialisation
global $ilias, $ilBench;
$ilBench->start("Core", "HeaderInclude_GetILIASObject");
$ilias = new ILIAS();
$GLOBALS['ilias'] =& $ilias;
$ilBench->stop("Core", "HeaderInclude_GetILIASObject");
// $ilObjDataCache initialisation
$ilObjDataCache = new ilObjectDataCache();
$GLOBALS['ilObjDataCache'] =& $ilObjDataCache;
// workaround: load old post variables if error handler 'message' was called
if (isset($_SESSION["message"]) && $_SESSION["message"]) {
$_POST = $_SESSION["post_vars"];
}
// put debugging functions here
require_once "include/inc.debug.php";
// $objDefinition initialisation
$ilBench->start("Core", "HeaderInclude_getObjectDefinitions");
$objDefinition = new ilObjectDefinition();
$GLOBALS['objDefinition'] =& $objDefinition;
// $objDefinition->startParsing();
$ilBench->stop("Core", "HeaderInclude_getObjectDefinitions");
// init tree
$tree = new ilTree(ROOT_FOLDER_ID);
$GLOBALS['tree'] =& $tree;
// $ilAccess and $rbac... initialisation
$this->initAccessHandling();
// authenticate & start session
PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, array($ilErr, "errorHandler"));
$ilBench->start("Core", "HeaderInclude_Authentication");
//var_dump($_SESSION);
////require_once('Log.php');
////$ilAuth->logger = Log::singleton('error_log',PEAR_LOG_TYPE_SYSTEM,'TEST');
////$ilAuth->enableLogging = true;
if (!defined("IL_PHPUNIT_TEST")) {
$oldSid = session_id();
$ilAuth->start();
$newSid = session_id();
include_once 'Services/Payment/classes/class.ilPaymentShoppingCart.php';
ilPaymentShoppingCart::_migrateShoppingCart($oldSid, $newSid);
}
//var_dump($_SESSION);
$ilias->setAuthError($ilErr->getLastError());
$ilBench->stop("Core", "HeaderInclude_Authentication");
// workaround: force login
if (!empty($_GET["cmd"]) && $_GET["cmd"] == "force_login" || $this->script == "login.php") {
$ilAuth->logout();
if (!isset($_GET['forceShoppingCartRedirect'])) {
$_SESSION = array();
}
$_SESSION["AccountId"] = "";
$ilAuth->start();
$ilias->setAuthError($ilErr->getLastError());
}
// check correct setup
if (!$ilias->getSetting("setup_ok")) {
die("Setup is not completed. Please run setup routine again.");
}
// $ilUser initialisation (1)
$ilBench->start("Core", "HeaderInclude_getCurrentUser");
$ilUser = new ilObjUser();
$ilias->account =& $ilUser;
$GLOBALS['ilUser'] =& $ilUser;
$ilBench->stop("Core", "HeaderInclude_getCurrentUser");
// $ilCtrl initialisation
//$ilCtrl = new ilCtrl();
// determin current script and up-path to main directory
// (sets $this->script and $this->updir)
$this->determineScriptAndUpDir();
// $styleDefinition initialisation and style handling for login and co.
$this->initStyle();
if (in_array($this->script, array("login.php", "register.php", "view_usr_agreement.php")) || $_GET["baseClass"] == "ilStartUpGUI") {
$this->handleStyle();
}
// init locale
$this->initLocale();
// handle ILIAS 2 imported users:
// check ilias 2 password, if authentication failed
// only if AUTH_LOCAL
//echo "A";
if (AUTH_CURRENT == AUTH_LOCAL && !$ilAuth->getAuth() && $this->script == "login.php" && $_POST["username"] != "") {
if (ilObjUser::_lookupHasIlias2Password(ilUtil::stripSlashes($_POST["username"]))) {
if (ilObjUser::_switchToIlias3Password(ilUtil::stripSlashes($_POST["username"]), ilUtil::stripSlashes($_POST["password"]))) {
$ilAuth->start();
$ilias->setAuthError($ilErr->getLastError());
ilUtil::redirect("index.php");
}
}
}
//
// SUCCESSFUL AUTHENTICATION
//
if ($ilAuth->getStatus() == '' && $ilias->account->isCurrentUserActive() || defined("IL_PHPUNIT_TEST") && DEVMODE) {
//echo "C"; exit;
$ilBench->start("Core", "HeaderInclude_getCurrentUserAccountData");
//var_dump($_SESSION);
// get user data
$this->initUserAccount();
//var_dump($_SESSION);
// differentiate account security mode
require_once 'Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
$security_settings = ilSecuritySettings::_getInstance();
if ($security_settings->getAccountSecurityMode() == ilSecuritySettings::ACCOUNT_SECURITY_MODE_CUSTOMIZED) {
// reset counter for failed logins
ilObjUser::_resetLoginAttempts($ilUser->getId());
}
$ilBench->stop("Core", "HeaderInclude_getCurrentUserAccountData");
} else {
if (!$ilAuth->getAuth()) {
require_once 'Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
// differentiate account security mode
$security = ilSecuritySettings::_getInstance();
if ($security->getAccountSecurityMode() == ilSecuritySettings::ACCOUNT_SECURITY_MODE_CUSTOMIZED) {
if (isset($_POST['username']) && $_POST['username'] && $ilUser->getId() == 0) {
$username = ilUtil::stripSlashes($_POST['username']);
$usr_id = ilObjUser::_lookupId($username);
if ($usr_id != ANONYMOUS_USER_ID) {
ilObjUser::_incrementLoginAttempts($usr_id);
$login_attempts = ilObjUser::_getLoginAttempts($usr_id);
$max_attempts = $security->getLoginMaxAttempts();
if ($login_attempts >= $max_attempts && $usr_id != SYSTEM_USER_ID && $max_attempts > 0) {
ilObjUser::_setUserInactive($usr_id);
}
}
}
}
}
}
//
// SUCCESSFUL AUTHENTICATED or NON-AUTH-AREA (Login, Registration, ...)
//
// $lng initialisation
$this->initLanguage();
// store user language in tree
$GLOBALS['tree']->initLangCode();
// ### AA 03.10.29 added new LocatorGUI class ###
// when locator data array does not exist, initialise
if (!isset($_SESSION["locator_level"])) {
$_SESSION["locator_data"] = array();
$_SESSION["locator_level"] = -1;
}
// initialise global ilias_locator object
// ECS Tasks
include_once 'Services/WebServices/ECS/classes/class.ilECSTaskScheduler.php';
$scheduler = ilECSTaskScheduler::start();
$ilBench->stop("Core", "HeaderInclude");
}
/**
* Update user
*/
public function updateObject()
{
global $tpl, $rbacsystem, $ilias, $ilUser, $ilSetting;
// User folder
if ($this->usrf_ref_id == USER_FOLDER_ID and !$rbacsystem->checkAccess('visible,read,write', $this->usrf_ref_id)) {
$this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_user"), $this->ilias->error_obj->MESSAGE);
}
// if called from local administration $this->usrf_ref_id is category id
// Todo: this has to be fixed. Do not mix user folder id and category id
if ($this->usrf_ref_id != USER_FOLDER_ID) {
// check if user is assigned to category
if (!$rbacsystem->checkAccess('cat_administrate_users', $this->object->getTimeLimitOwner())) {
$this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_user"), $this->ilias->error_obj->MESSAGE);
}
}
$this->initForm("edit");
// we do not want to store this dates, they are only printed out
unset($_POST['approve_date']);
$_POST['agree_date'] = $this->object->getAgreeDate();
unset($_POST['last_login']);
// Manipulate form so ignore required fields are no more required. This has to be done before ilPropertyFormGUI::checkInput() is called.
$profileMaybeIncomplete = false;
if ($this->form_gui->getInput('ignore_rf', false)) {
$profileMaybeIncomplete = $this->handleIgnoredRequiredFields();
}
if ($this->form_gui->checkInput()) {
// @todo: external account; time limit
// if not allowed or empty -> do no change password
if (ilAuthUtils::_allowPasswordModificationByAuthMode(ilAuthUtils::_getAuthMode($_POST['auth_mode'])) && trim($_POST['passwd']) != "") {
$this->object->setPasswd($_POST['passwd'], IL_PASSWD_PLAIN);
}
/*
* reset counter for failed logins
* if $_POST['active'] is set to 1
*/
if ($_POST['active'] == 1) {
ilObjUser::_resetLoginAttempts($this->object->getId());
}
#$this->object->assignData($_POST);
$this->loadValuesFromForm('update');
$udf = array();
foreach ($_POST as $k => $v) {
if (substr($k, 0, 4) == "udf_") {
$udf[substr($k, 4)] = $v;
}
}
$this->object->setUserDefinedData($udf);
try {
$this->object->updateLogin($_POST['login']);
} catch (ilUserException $e) {
ilUtil::sendFailure($e->getMessage());
$this->form_gui->setValuesByPost();
return $tpl->setContent($this->form_gui->getHtml());
}
$this->object->setTitle($this->object->getFullname());
$this->object->setDescription($this->object->getEmail());
if ($this->isSettingChangeable('language')) {
$this->object->setLanguage($this->form_gui->getInput('language'));
}
require_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
if (ilDiskQuotaActivationChecker::_isActive()) {
// set disk quota
$this->object->setPref("disk_quota", $_POST["disk_quota"] * ilFormat::_getSizeMagnitude() * ilFormat::_getSizeMagnitude());
}
if (ilDiskQuotaActivationChecker::_isPersonalWorkspaceActive()) {
// set personal workspace disk quota
$this->object->setPref("wsp_disk_quota", $_POST["wsp_disk_quota"] * ilFormat::_getSizeMagnitude() * ilFormat::_getSizeMagnitude());
}
if ($this->isSettingChangeable('skin_style')) {
//set user skin and style
$sknst = explode(":", $_POST["skin_style"]);
if ($this->object->getPref("style") != $sknst[1] || $this->object->getPref("skin") != $sknst[0]) {
$this->object->setPref("skin", $sknst[0]);
$this->object->setPref("style", $sknst[1]);
}
}
if ($this->isSettingChangeable('hits_per_page')) {
$this->object->setPref("hits_per_page", $_POST["hits_per_page"]);
}
if ($this->isSettingChangeable('show_users_online')) {
$this->object->setPref("show_users_online", $_POST["show_users_online"]);
}
if ($this->isSettingChangeable('hide_own_online_status')) {
$this->object->setPref("hide_own_online_status", $_POST["hide_own_online_status"] ? 'y' : 'n');
}
// set a timestamp for last_password_change
// this ts is needed by ilSecuritySettings
$this->object->setLastPasswordChangeTS(time());
global $ilSetting;
if ((int) $ilSetting->get('session_reminder_enabled')) {
$this->object->setPref('session_reminder_enabled', (int) $_POST['session_reminder_enabled']);
}
// #10054 - profile may have been completed, check below is only for incomplete
$this->object->setProfileIncomplete(false);
$this->update = $this->object->update();
// If the current user is editing its own user account,
// we update his preferences.
if ($ilUser->getId() == $this->object->getId()) {
$ilUser->readPrefs();
}
$ilUser->setPref('send_info_mails', $_POST['send_mail'] == 'y' ? 'y' : 'n');
$ilUser->writePrefs();
$mail_message = $this->__sendProfileMail();
$msg = $this->lng->txt('saved_successfully') . $mail_message;
// same personal image
if ($this->isSettingChangeable('upload')) {
$this->uploadUserPictureObject();
}
if ($profileMaybeIncomplete) {
include_once 'Services/User/classes/class.ilUserProfile.php';
if (ilUserProfile::isProfileIncomplete($this->object)) {
$this->object->setProfileIncomplete(true);
$this->object->update();
}
}
// feedback
ilUtil::sendSuccess($msg, true);
if (strtolower($_GET["baseClass"]) == 'iladministrationgui') {
$this->ctrl->redirectByClass("ilobjuserfoldergui", "view");
} else {
$this->ctrl->redirectByClass('ilobjcategorygui', 'listUsers');
}
} else {
$this->form_gui->setValuesByPost();
$tpl->setContent($this->form_gui->getHtml());
}
}