function adminusers_submit(Pieform $form, $values)
{
global $SESSION;
db_begin();
execute_sql('UPDATE {usr}
SET admin = 0
WHERE admin = 1');
execute_sql('UPDATE {usr}
SET admin = 1
WHERE id IN (' . join(',', array_map('intval', $values['users'])) . ')');
activity_add_admin_defaults($values['users']);
db_commit();
$SESSION->add_ok_msg(get_string('adminusersupdated', 'admin'));
redirect('/admin/users/admins.php');
}
function adminusers_submit(Pieform $form, $values)
{
global $SESSION, $USER;
$inst = $values['institution'];
if (empty($inst) || !$USER->can_edit_institution($inst)) {
$SESSION->add_error_msg(get_string('notadminforinstitution', 'admin'));
redirect('/admin/users/institutionadmins.php');
}
db_begin();
execute_sql('UPDATE {usr_institution}
SET admin = 0
WHERE admin = 1 AND institution = ' . db_quote($inst));
if ($values['users']) {
execute_sql('UPDATE {usr_institution}
SET admin = 1
WHERE usr IN (' . join(',', $values['users']) . ') AND institution = ' . db_quote($inst));
}
require_once 'activity.php';
activity_add_admin_defaults($values['users']);
db_commit();
$SESSION->add_ok_msg(get_string('adminusersupdated', 'admin'));
redirect('/admin/users/institutionadmins.php?institution=' . $inst);
}
function adduser_submit(Pieform $form, $values)
{
global $USER, $SESSION, $TRANSPORTER;
db_begin();
raise_time_limit(180);
// Create user
$user = (object) array('authinstance' => $values['authinstance'], 'username' => $values['username'], 'firstname' => $values['firstname'] ? $values['firstname'] : 'Imported', 'lastname' => $values['lastname'] ? $values['lastname'] : 'User', 'email' => $values['email'], 'password' => $values['password'], 'passwordchange' => 1);
if ($USER->get('admin')) {
// Not editable by institutional admins
$user->staff = (int) ($values['staff'] == 'on');
$user->admin = (int) ($values['admin'] == 'on');
}
if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
$user->quota = $values['quota'];
}
$authinstance = get_record('auth_instance', 'id', $values['authinstance']);
$remoteauth = false;
if ($authinstance->authname != 'internal') {
$remoteauth = true;
}
if (!isset($values['remoteusername'])) {
$values['remoteusername'] = null;
}
$user->id = create_user($user, array(), $authinstance->institution, $remoteauth, $values['remoteusername'], $values);
if (isset($user->admin) && $user->admin) {
require_once 'activity.php';
activity_add_admin_defaults(array($user->id));
}
if ($values['institutionadmin']) {
set_field('usr_institution', 'admin', 1, 'usr', $user->id, 'institution', $authinstance->institution);
}
if (isset($values['leap2afile'])) {
// And we're good to go
$importdata = (object) array('token' => '', 'usr' => $user->id, 'queue' => (int) (!PluginImport::import_immediately_allowed()), 'ready' => 0, 'expirytime' => db_format_timestamp(time() + 60 * 60 * 24), 'format' => 'leap', 'loglevel' => PluginImportLeap::LOG_LEVEL_VERBOSE, 'logtargets' => LOG_TARGET_FILE, 'profile' => true);
$importer = PluginImport::create_importer(null, $TRANSPORTER, $importdata);
try {
$importer->process();
log_info("Imported user account {$user->id} from Leap2A file, see " . $importer->get('logfile') . ' for a full log');
} catch (ImportException $e) {
log_info("Leap2A import failed: " . $e->getMessage());
die_info(get_string('leap2aimportfailed', 'admin'));
}
// Reload the user details, as various fields are changed by the
// importer when importing (e.g. firstname/lastname)
$user = get_record('usr', 'id', $user->id);
}
db_commit();
if (!empty($user->email)) {
try {
email_user($user, $USER, get_string('accountcreated', 'mahara', get_config('sitename')), get_string('accountcreatedchangepasswordtext', 'mahara', $user->firstname, get_config('sitename'), $user->username, $values['password'], get_config('wwwroot'), get_config('sitename')), get_string('accountcreatedchangepasswordhtml', 'mahara', $user->firstname, get_config('wwwroot'), get_config('sitename'), $user->username, $values['password'], get_config('wwwroot'), get_config('wwwroot'), get_config('sitename')));
} catch (EmailException $e) {
$SESSION->add_error_msg(get_string('newuseremailnotsent', 'admin'));
}
}
$SESSION->add_ok_msg(get_string('newusercreated', 'admin'));
redirect('/admin/users/edit.php?id=' . $user->id);
}
function edituser_institution_submit(Pieform $form, $values)
{
$user = new User();
if (!$user->find_by_id($values['id'])) {
return false;
}
$userinstitutions = $user->get('institutions');
global $USER, $SESSION;
foreach ($userinstitutions as $i) {
if ($USER->can_edit_institution($i->institution)) {
if (isset($values[$i->institution . '_submit'])) {
$newuser = (object) array('usr' => $user->id, 'institution' => $i->institution, 'ctime' => db_format_timestamp($i->ctime), 'studentid' => $values[$i->institution . '_studentid'], 'staff' => (int) ($values[$i->institution . '_staff'] == 'on'), 'admin' => (int) ($values[$i->institution . '_admin'] == 'on'));
if ($values[$i->institution . '_expiry']) {
$newuser->expiry = db_format_timestamp($values[$i->institution . '_expiry']);
}
db_begin();
delete_records('usr_institution', 'usr', $user->id, 'institution', $i->institution);
insert_record('usr_institution', $newuser);
if ($newuser->admin) {
activity_add_admin_defaults(array($user->id));
}
handle_event('updateuser', $user->id);
db_commit();
$SESSION->add_ok_msg(get_string('userinstitutionupdated', 'admin', $i->displayname));
break;
} else {
if (isset($values[$i->institution . '_remove'])) {
if ($user->id == $USER->id) {
$USER->leave_institution($i->institution);
} else {
$user->leave_institution($i->institution);
}
$SESSION->add_ok_msg(get_string('userinstitutionremoved', 'admin', $i->displayname));
// Institutional admins can no longer access this page
// if they remove the user from the institution, so
// send them back to user search.
if (!$USER->get('admin')) {
if (!$USER->is_institutional_admin()) {
redirect(get_config('wwwroot'));
}
redirect('/admin/users/search.php');
}
break;
}
}
}
}
if (isset($values['add']) && $USER->get('admin') && (empty($userinstitutions) || get_config('usersallowedmultipleinstitutions'))) {
if ($user->id == $USER->id) {
$USER->join_institution($values['addinstitution']);
$USER->commit();
$userinstitutions = $USER->get('institutions');
} else {
$user->join_institution($values['addinstitution']);
$userinstitutions = $user->get('institutions');
}
$SESSION->add_ok_msg(get_string('userinstitutionjoined', 'admin', $userinstitutions[$values['addinstitution']]->displayname));
}
redirect('/admin/users/edit.php?id=' . $user->id);
}
function core_install_lastcoredata_defaults()
{
db_begin();
$institution = new StdClass();
$institution->name = 'mahara';
$institution->displayname = 'No Institution';
$institution->authplugin = 'internal';
$institution->theme = 'default';
insert_record('institution', $institution);
$auth_instance = new StdClass();
$auth_instance->instancename = 'Internal';
$auth_instance->priority = '1';
$auth_instance->institution = 'mahara';
$auth_instance->authname = 'internal';
$auth_instance->id = insert_record('auth_instance', $auth_instance, 'id', true);
// Insert the root user
$user = new StdClass();
$user->id = 0;
$user->username = '******';
$user->password = '******';
$user->salt = '*';
$user->firstname = 'System';
$user->lastname = 'User';
$user->email = '*****@*****.**';
$user->quota = get_config_plugin('artefact', 'file', 'defaultquota');
$user->authinstance = $auth_instance->id;
if (is_mysql()) {
// gratuitous mysql workaround
$newid = insert_record('usr', $user, 'id', true);
set_field('usr', 'id', 0, 'id', $newid);
execute_sql('ALTER TABLE {usr} AUTO_INCREMENT=1');
} else {
insert_record('usr', $user);
}
install_system_profile_view();
// Insert the admin user
$user = new StdClass();
$user->username = '******';
$user->password = '******';
$user->authinstance = $auth_instance->id;
$user->passwordchange = 1;
$user->admin = 1;
$user->firstname = 'Admin';
$user->lastname = 'User';
$user->email = '*****@*****.**';
$user->quota = get_config_plugin('artefact', 'file', 'defaultquota');
$user->id = insert_record('usr', $user, 'id', true);
set_profile_field($user->id, 'email', $user->email);
set_profile_field($user->id, 'firstname', $user->firstname);
set_profile_field($user->id, 'lastname', $user->lastname);
set_config('installed', true);
handle_event('createuser', $user->id);
activity_add_admin_defaults(array($user->id));
db_commit();
// if we're installing, set up the block categories here and then poll the plugins.
// if we're upgrading this happens somewhere else. This is because of dependency issues around
// the order of installation stuff.
install_blocktype_extras();
}
function xmldb_interaction_forum_upgrade($oldversion = 0)
{
if ($oldversion < 2009062300) {
foreach (array('topic', 'forum') as $type) {
log_debug("Subscription upgrade for {$type}s");
// Add missing primary key to the subscription tables
// Step 1: remove duplicates
if ($dupes = get_records_sql_array('
SELECT "user", ' . $type . ', COUNT(*)
FROM {interaction_forum_subscription_' . $type . '}
GROUP BY "user", ' . $type . '
HAVING COUNT(*) > 1', array())) {
// We found duplicate subscriptions to a topic/forum
foreach ($dupes as $dupe) {
log_debug("interaction.forum: Removing duplicate {$type} subscription for {$dupe->user}");
delete_records('interaction_forum_subscription_' . $type, 'user', $dupe->user, $type, $dupe->{$type});
insert_record('interaction_forum_subscription_' . $type, (object) array('user' => $dupe->user, $type => $dupe->{$type}));
}
}
// Step 2: add the actual key
$table = new XMLDBTable('interaction_forum_subscription_' . $type);
$key = new XMLDBKey('primary');
$key->setAttributes(XMLDB_KEY_PRIMARY, array('user', $type));
add_key($table, $key);
// Add a 'key' column, used for unsubscriptions
$field = new XMLDBField('key');
$field->setAttributes(XMLDB_TYPE_CHAR, 50, XMLDB_UNSIGNED, null);
add_field($table, $field);
$key = new XMLDBKey('keyuk');
$key->setAttributes(XMLDB_KEY_UNIQUE, array('key'));
add_key($table, $key);
// Populate the key column
if ($records = get_records_array('interaction_forum_subscription_' . $type, '', '', '', '"user", ' . $type)) {
foreach ($records as $where) {
$new = (object) array('user' => $where->user, $type => $where->{$type}, 'key' => dechex(mt_rand()));
update_record('interaction_forum_subscription_' . $type, $new, $where);
}
}
// Now make the key column not null
$field->setAttributes(XMLDB_TYPE_CHAR, 50, XMLDB_UNSIGNED, XMLDB_NOTNULL);
change_field_notnull($table, $field);
}
}
if ($oldversion < 2009081700) {
if (!get_record('interaction_config', 'plugin', 'forum', 'field', 'postdelay')) {
insert_record('interaction_config', (object) array('plugin' => 'forum', 'field' => 'postdelay', 'value' => 30));
}
}
if ($oldversion < 2009081800) {
$subscription = (object) array('plugin' => 'forum', 'event' => 'creategroup', 'callfunction' => 'create_default_forum');
ensure_record_exists('interaction_event_subscription', $subscription, $subscription);
}
if ($oldversion < 2012071100) {
// Add new column 'path' to table interaction_forum_post used for diplaying posts by threads
$table = new XMLDBTable('interaction_forum_post');
$field = new XMLDBField('path');
$field->setAttributes(XMLDB_TYPE_CHAR, 2048, null, null);
add_field($table, $field);
$index = new XMLDBIndex('pathix');
$index->setAttributes(XMLDB_INDEX_NOTUNIQUE, array('path'));
add_index($table, $index);
// Update the column 'path' for all posts in the old database
$done = 0;
$lastid = 0;
$pwcount = count_records('interaction_forum_post');
if (is_mysql()) {
$mp = mysql_get_variable('max_allowed_packet');
$limit = $mp && is_numeric($mp) && $mp > 1048576 ? $mp / 8192 : 100;
} else {
$limit = 2000;
}
while ($posts = get_records_select_array('interaction_forum_post', 'id > ?', array($lastid), 'id', 'id, parent', 0, $limit)) {
foreach ($posts as $post) {
// Update the column 'path'
$path = sprintf('%010d', $post->id);
$parentid = $post->parent;
while (!empty($parentid)) {
if ($p = get_record_select('interaction_forum_post', 'id = ?', array($parentid), 'parent, path')) {
if (!empty($p->path)) {
$path = $p->path . '/' . $path;
break;
}
$path = sprintf('%010d', $parentid) . '/' . $path;
$parentid = $p->parent;
} else {
throw new SQLException("Can't find the post with id = '{$parentid}'");
}
}
$post->path = $path;
update_record('interaction_forum_post', $post);
$lastid = $post->id;
}
$done += count($posts);
log_debug("Updating posts' path: {$done}/{$pwcount}");
set_time_limit(50);
}
}
if ($oldversion < 2014050800) {
// Subscribe admins to new activity.
$adminusers = get_column('usr', 'id', 'admin', 1, 'deleted', 0);
activity_add_admin_defaults($adminusers);
}
if ($oldversion < 2014060500) {
// Drop unused fields.
$table = new XMLDBTable('interaction_forum_post');
$field = new XMLDBField('reported');
if (field_exists($table, $field)) {
drop_field($table, $field, true);
}
$field = new XMLDBField('reportedreason');
if (field_exists($table, $field)) {
drop_field($table, $field, true);
}
}
return true;
}
/**
* Create a test user
* @param array $record
* @throws SystemException if creating failed
* @return int new user id
*/
public function create_user($record)
{
// Data validation
// Set default auth method for a new user is 'internal' for 'No institution' if not set
if (empty($record['institution']) || empty($record['authname'])) {
$record['institution'] = 'mahara';
$record['authname'] = 'internal';
}
if (!($auth = get_record('auth_instance', 'institution', $record['institution'], 'authname', $record['authname']))) {
throw new SystemException("The authentication method authname" . $record['authname'] . " for institution '" . $record['institution'] . "' does not exist.");
}
$record['authinstance'] = $auth->id;
// Don't exceed max user accounts for the institution
$institution = new Institution($record['institution']);
if ($institution->isFull()) {
throw new SystemException("Can not add new users to the institution '" . $record['institution'] . "' as it is full.");
}
$record['firstname'] = sanitize_firstname($record['firstname']);
$record['lastname'] = sanitize_lastname($record['lastname']);
$record['email'] = sanitize_email($record['email']);
$authobj = AuthFactory::create($auth->id);
if (method_exists($authobj, 'is_username_valid_admin') && !$authobj->is_username_valid_admin($record['username'])) {
throw new SystemException("New username'" . $record['username'] . "' is not valid.");
}
if (method_exists($authobj, 'is_username_valid') && !$authobj->is_username_valid($record['username'])) {
throw new SystemException("New username'" . $record['username'] . "' is not valid.");
}
if (record_exists_select('usr', 'LOWER(username) = ?', array(strtolower($record['username'])))) {
throw new ErrorException("The username'" . $record['username'] . "' has been taken.");
}
if (method_exists($authobj, 'is_password_valid') && !$authobj->is_password_valid($record['password'])) {
throw new ErrorException("The password'" . $record['password'] . "' is not valid.");
}
if (record_exists('usr', 'email', $record['email']) || record_exists('artefact_internal_profile_email', 'email', $record['email'])) {
throw new ErrorException("The email'" . $record['email'] . "' has been taken.");
}
// Create new user
db_begin();
raise_time_limit(180);
$user = (object) array('authinstance' => $record['authinstance'], 'username' => $record['username'], 'firstname' => $record['firstname'], 'lastname' => $record['lastname'], 'email' => $record['email'], 'password' => $record['password'], 'passwordchange' => 0);
if ($record['institution'] == 'mahara') {
if ($record['role'] == 'admin') {
$user->admin = 1;
} else {
if ($record['role'] == 'staff') {
$user->staff = 1;
}
}
}
$remoteauth = $record['authname'] != 'internal';
if (!isset($record['remoteusername'])) {
$record['remoteusername'] = null;
}
$user->id = create_user($user, array(), $record['institution'], $remoteauth, $record['remoteusername'], $record);
if (isset($user->admin) && $user->admin) {
require_once 'activity.php';
activity_add_admin_defaults(array($user->id));
}
if ($record['institution'] != 'mahara') {
if ($record['role'] == 'admin') {
set_field('usr_institution', 'admin', 1, 'usr', $user->id, 'institution', $record['institution']);
} else {
if ($record['role'] == 'staff') {
set_field('usr_institution', 'staff', 1, 'usr', $user->id, 'institution', $record['institution']);
}
}
}
db_commit();
$this->usercounter++;
return $user->id;
}
function core_install_lastcoredata_defaults()
{
global $USER;
db_begin();
$institution = new StdClass();
$institution->name = 'mahara';
$institution->displayname = 'No Institution';
$institution->authplugin = 'internal';
$institution->theme = 'default';
$institution->priority = 0;
insert_record('institution', $institution);
$pages = site_content_pages();
$now = db_format_timestamp(time());
foreach ($pages as $name) {
$page = new stdClass();
$page->name = $name;
$page->ctime = $now;
$page->mtime = $now;
$page->content = get_string($page->name . 'defaultcontent', 'install', get_string('staticpageconfigdefault', 'install'));
$page->institution = 'mahara';
insert_record('site_content', $page);
}
$auth_instance = new StdClass();
$auth_instance->instancename = 'Internal';
$auth_instance->priority = '1';
$auth_instance->institution = 'mahara';
$auth_instance->authname = 'internal';
$auth_instance->id = insert_record('auth_instance', $auth_instance, 'id', true);
// Insert the root user
$user = new StdClass();
$user->id = 0;
$user->username = '******';
$user->password = '******';
$user->salt = '*';
$user->firstname = 'System';
$user->lastname = 'User';
$user->email = '*****@*****.**';
$user->quota = get_config_plugin('artefact', 'file', 'defaultquota');
$user->authinstance = $auth_instance->id;
if (is_mysql()) {
// gratuitous mysql workaround
$newid = insert_record('usr', $user, 'id', true);
set_field('usr', 'id', 0, 'id', $newid);
execute_sql('ALTER TABLE {usr} AUTO_INCREMENT=1');
} else {
insert_record('usr', $user);
}
// install the default layout options
install_view_layout_defaults();
require_once 'group.php';
install_system_profile_view();
install_system_dashboard_view();
install_system_grouphomepage_view();
require_once 'license.php';
install_licenses_default();
require_once 'skin.php';
install_skins_default();
// Insert the admin user
$user = new StdClass();
$user->username = '******';
$user->salt = auth_get_random_salt();
$user->password = crypt('mahara', '$2a$' . get_config('bcrypt_cost') . '$' . substr(md5(get_config('passwordsaltmain') . $user->salt), 0, 22));
$user->password = substr($user->password, 0, 7) . substr($user->password, 7 + 22);
$user->authinstance = $auth_instance->id;
$user->passwordchange = 1;
$user->admin = 1;
$user->firstname = 'Admin';
$user->lastname = 'User';
$user->email = '*****@*****.**';
$user->quota = get_config_plugin('artefact', 'file', 'defaultquota');
$user->id = insert_record('usr', $user, 'id', true);
set_profile_field($user->id, 'email', $user->email);
set_profile_field($user->id, 'firstname', $user->firstname);
set_profile_field($user->id, 'lastname', $user->lastname);
handle_event('createuser', $user);
activity_add_admin_defaults(array($user->id));
db_commit();
// if we're installing, set up the block categories here and then poll the plugins.
// if we're upgrading this happens somewhere else. This is because of dependency issues around
// the order of installation stuff.
install_blocktype_extras();
}
function adduser_submit(Pieform $form, $values)
{
$user = new StdClass();
$user->authinstance = $values['authinstance'];
$user->username = $values['username'];
$user->firstname = $values['firstname'];
$user->lastname = $values['lastname'];
$user->email = $values['email'];
$user->password = $values['password'];
$user->quota = $values['quota'];
$user->passwordchange = 1;
global $USER, $SESSION;
if ($USER->get('admin')) {
// Not editable by institutional admins
$user->staff = (int) ($values['staff'] == 'on');
$user->admin = (int) ($values['admin'] == 'on');
}
$authinstance = get_record('auth_instance', 'id', $values['authinstance']);
if (!isset($values['remoteusername'])) {
$values['remoteusername'] = null;
}
db_begin();
$user->id = create_user($user, array(), $authinstance->institution, $authinstance, $values['remoteusername']);
if (isset($user->admin) && $user->admin) {
require_once 'activity.php';
activity_add_admin_defaults(array($user->id));
}
if ($values['institutionadmin']) {
set_field('usr_institution', 'admin', 1, 'usr', $user->id, 'institution', $authinstance->institution);
}
db_commit();
try {
email_user($user, $USER, get_string('accountcreated', 'mahara', get_config('sitename')), get_string('accountcreatedchangepasswordtext', 'mahara', $user->firstname, get_config('sitename'), $user->username, $user->password, get_config('wwwroot'), get_config('sitename')), get_string('accountcreatedchangepasswordhtml', 'mahara', $user->firstname, get_config('wwwroot'), get_config('sitename'), $user->username, $user->password, get_config('wwwroot'), get_config('wwwroot'), get_config('sitename')));
} catch (EmailException $e) {
$SESSION->add_error_msg(get_string('newuseremailnotsent', 'admin'));
}
redirect('/admin/users/edit.php?id=' . $user->id);
}