function validation($data, $files) { global $COURSE, $CFG; $errors = parent::validation($data, $files); $textlib = textlib_get_instance(); $name = trim(stripslashes($data['name'])); if ($data['id'] and $group = get_record('groups', 'id', $data['id'])) { if ($textlib->strtolower($group->name) != $textlib->strtolower($name)) { if (groups_get_group_by_name($COURSE->id, $name)) { $errors['name'] = get_string('groupnameexists', 'group', $name); } } if (!empty($CFG->enrol_manual_usepasswordpolicy) and $data['enrolmentkey'] != '' and $group->enrolmentkey !== $data['enrolmentkey']) { // enforce password policy only if changing password $errmsg = ''; if (!check_password_policy($data['enrolmentkey'], $errmsg)) { $errors['enrolmentkey'] = $errmsg; } } } else { if (groups_get_group_by_name($COURSE->id, $name)) { $errors['name'] = get_string('groupnameexists', 'group', $name); } } return $errors; }
function validation($data, $files) { global $USER; $errors = parent::validation($data, $files); update_login_count(); // ignore submitted username if (!($user = authenticate_user_login($USER->username, $data['password']))) { $errors['password'] = get_string('invalidlogin'); return $errors; } reset_login_count(); if ($data['newpassword1'] != $data['newpassword2']) { $errors['newpassword1'] = get_string('passwordsdiffer'); $errors['newpassword2'] = get_string('passwordsdiffer'); return $errors; } if ($data['password'] == $data['newpassword1']) { $errors['newpassword1'] = get_string('mustchangepassword'); $errors['newpassword2'] = get_string('mustchangepassword'); return $errors; } $errmsg = ''; //prevents eclipse warnings if (!check_password_policy($data['newpassword1'], $errmsg)) { $errors['newpassword1'] = $errmsg; $errors['newpassword2'] = $errmsg; return $errors; } return $errors; }
/** * Form validation * * @param array $data * @param array $files * @return array $errors An array of errors */ function validation($data, $files) { global $COURSE, $DB, $CFG; $errors = parent::validation($data, $files); $name = trim($data['name']); if ($data['id'] and $group = $DB->get_record('groups', array('id' => $data['id']))) { if (textlib::strtolower($group->name) != textlib::strtolower($name)) { if (groups_get_group_by_name($COURSE->id, $name)) { $errors['name'] = get_string('groupnameexists', 'group', $name); } } if (!empty($CFG->groupenrolmentkeypolicy) and $data['enrolmentkey'] != '' and $group->enrolmentkey !== $data['enrolmentkey']) { // enforce password policy only if changing password $errmsg = ''; if (!check_password_policy($data['enrolmentkey'], $errmsg)) { $errors['enrolmentkey'] = $errmsg; } } } else { if (groups_get_group_by_name($COURSE->id, $name)) { $errors['name'] = get_string('groupnameexists', 'group', $name); } } return $errors; }
/** * Perform extra password change validation. * @param array $data submitted form fields. * @param array $files submitted with the form. * @return array errors occuring during validation. */ public function validation($data, $files) { global $USER; $errors = parent::validation($data, $files); // Ignore submitted username. if ($data['password'] !== $data['password2']) { $errors['password'] = get_string('passwordsdiffer'); $errors['password2'] = get_string('passwordsdiffer'); return $errors; } $errmsg = ''; // Prevents eclipse warnings. if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; $errors['password2'] = $errmsg; return $errors; } return $errors; }
function validation($data, $files) { global $USER; $errors = parent::validation($data, $files); update_login_count(); // ignore submitted username if (!($user = authenticate_user_login($USER->username, $data['password']))) { $errors['password'] = get_string('invalidlogin'); return $errors; } reset_login_count(); if ($data['newpassword1'] != $data['newpassword2']) { $errors['newpassword1'] = get_string('passwordsdiffer'); $errors['newpassword2'] = get_string('passwordsdiffer'); return $errors; } if ($data['password'] == $data['newpassword1']) { $errors['newpassword1'] = get_string('mustchangepassword'); $errors['newpassword2'] = get_string('mustchangepassword'); return $errors; } $errmsg = ''; //prevents eclipse warnings if (!check_password_policy($data['newpassword1'], $errmsg)) { $errors['newpassword1'] = $errmsg; $errors['newpassword2'] = $errmsg; return $errors; } // Added by SMS 8/7/2011: To make sure the password does not include special // characters that may result in issues when synching the password with vms if (!isValidPassword($data['newpassword1'])) { $errors['newpassword1'] .= 'Your password cannot contain the following characters: " / \\ [ ] : ; | = , + * ? < > @ & !'; $errors['newpassword2'] .= 'Your password cannot contain the following characters: " / \\ [ ] : ; | = , + * ? < > @ & !'; } return $errors; }
function validation($usernew, $files) { global $CFG; $usernew = (object) $usernew; $usernew->username = trim($usernew->username); $user = get_record('user', 'id', $usernew->id); $err = array(); if (!empty($usernew->newpassword)) { $errmsg = ''; //prevent eclipse warning if (!check_password_policy($usernew->newpassword, $errmsg)) { $err['newpassword'] = $errmsg; } } if (empty($usernew->username)) { //might be only whitespace $err['username'] = get_string('required'); } else { if (!$user or $user->username !== stripslashes($usernew->username)) { //check new username does not exist if (record_exists('user', 'username', $usernew->username, 'mnethostid', $CFG->mnet_localhost_id)) { $err['username'] = get_string('usernameexists'); } //check allowed characters if ($usernew->username !== moodle_strtolower($usernew->username)) { echo 'grrrr'; $err['username'] = get_string('usernamelowercase'); } else { if (empty($CFG->extendedusernamechars)) { $string = eregi_replace("[^(-\\.[:alnum:])]", '', $usernew->username); if ($usernew->username !== $string) { $err['username'] = get_string('alphanumerical'); } } } } } if (!$user or $user->email !== stripslashes($usernew->email)) { if (!validate_email(stripslashes($usernew->email))) { $err['email'] = get_string('invalidemail'); } else { if (record_exists('user', 'email', $usernew->email, 'mnethostid', $CFG->mnet_localhost_id)) { $err['email'] = get_string('emailexists'); } } } /// Next the customisable profile fields $err += profile_validation($usernew, $files); if (count($err) == 0) { return true; } else { return $err; } }
/** * Validates course edit form data * * @param object $instance enrol instance or null if does not exist yet * @param array $data * @param object $context context of existing course or parent category if course does not exist * @return array errors array */ public function course_edit_validation($instance, array $data, $context) { $errors = array(); if (!has_capability('enrol/guest:config', $context)) { // we are going to ignore the data later anyway, they would nto be able to fix the form anyway return $errors; } $i = isset($instance->id) ? $instance->id : 0; if (!isset($data['enrol_guest_status_' . $i])) { return $errors; } $password = empty($data['enrol_guest_password_' . $i]) ? '' : $data['enrol_guest_password_' . $i]; $checkpassword = false; if ($instance) { if ($data['enrol_guest_status_' . $i] == ENROL_INSTANCE_ENABLED) { if ($instance->password !== $password) { $checkpassword = true; } } } else { if ($data['enrol_guest_status_' . $i] == ENROL_INSTANCE_ENABLED) { $checkpassword = true; } } if ($checkpassword) { $require = $this->get_config('requirepassword'); $policy = $this->get_config('usepasswordpolicy'); if ($require and empty($password)) { $errors['enrol_guest_password_' . $i] = get_string('required'); } else { if ($policy) { $errmsg = ''; //prevent eclipse warning if (!check_password_policy($password, $errmsg)) { $errors['enrol_guest_password_' . $i] = $errmsg; } } } } return $errors; }
public function validation($usernew, $files) { global $CFG, $DB; $usernew = (object) $usernew; //$usernew->username = trim($usernew->username); $user = $DB->get_record('user', array('id' => $usernew->id)); $err = array(); /* GWL : Phone no. validation For Moodle User Reg page */ if (!preg_match("/^[0-9]{10}\$/", $usernew->username)) { $err['username'] = get_string('errorphonenum'); } /* GWL : Phone no. validation For Moodle User Reg page */ if (!$user and !empty($usernew->createpassword)) { if ($usernew->suspended) { // Show some error because we can not mail suspended users. $err['suspended'] = get_string('error'); } } else { if (!empty($usernew->newpassword)) { $errmsg = ''; // Prevent eclipse warning. if (!check_password_policy($usernew->newpassword, $errmsg)) { $err['newpassword'] = $errmsg; } } else { if (!$user) { $auth = get_auth_plugin($usernew->auth); if ($auth->is_internal()) { // Internal accounts require password! $err['newpassword'] = get_string('required'); } } } } // Code added by sumit if ($usernew->managertype != 1 && $usernew->managertype != 3) { //GWL : Add Instructor if (empty($usernew->userregion)) { $errors['userregion'] = get_string('selectregion', 'block_iomad_company_admin'); } } // End of code if (empty($usernew->username)) { // Might be only whitespace. $err['username'] = get_string('required'); } else { if (!$user or $user->username !== $usernew->username) { // Check new username does not exist. if ($DB->record_exists('user', array('username' => $usernew->username, 'mnethostid' => $CFG->mnet_localhost_id))) { $err['username'] = get_string('phonenumexists'); //GWL : Change get_string('usernameexists') to 'phonenumexists' } /* GWL : For Phone No. Validation Remove Another Check for username */ /* // Check allowed characters. if ($usernew->username !== core_text::strtolower($usernew->username)) { $err['username'] = get_string('usernamelowercase'); } else { if ($usernew->username !== clean_param($usernew->username, PARAM_USERNAME)) { $err['username'] = get_string('invalidusername'); } } */ /* GWL : For Phone No. Validation Remove Another Check for username */ } } if (!$user or $user->email !== $usernew->email) { if (!validate_email($usernew->email)) { $err['email'] = get_string('invalidemail'); } else { if ($DB->record_exists('user', array('email' => $usernew->email, 'mnethostid' => $CFG->mnet_localhost_id))) { $err['email'] = get_string('emailexists'); } } } // Next the customisable profile fields. $err += profile_validation($usernew, $files); if (count($err) == 0) { return true; } else { return $err; } }
/** * Validate the form data. * @param array $usernew * @param array $files * @return array|bool */ public function validation($usernew, $files) { global $CFG, $DB; $usernew = (object) $usernew; $usernew->username = trim($usernew->username); $user = $DB->get_record('user', array('id' => $usernew->id)); $err = array(); if (!$user and !empty($usernew->createpassword)) { if ($usernew->suspended) { // Show some error because we can not mail suspended users. $err['suspended'] = get_string('error'); } } else { if (!empty($usernew->newpassword)) { $errmsg = ''; // Prevent eclipse warning. if (!check_password_policy($usernew->newpassword, $errmsg)) { $err['newpassword'] = $errmsg; } } else { if (!$user) { $auth = get_auth_plugin($usernew->auth); if ($auth->is_internal()) { // Internal accounts require password! $err['newpassword'] = get_string('required'); } } } } if (empty($usernew->username)) { // Might be only whitespace. $err['username'] = get_string('required'); } else { if (!$user or $user->username !== $usernew->username) { // Check new username does not exist. if ($DB->record_exists('user', array('username' => $usernew->username, 'mnethostid' => $CFG->mnet_localhost_id))) { $err['username'] = get_string('usernameexists'); } // Check allowed characters. if ($usernew->username !== core_text::strtolower($usernew->username)) { $err['username'] = get_string('usernamelowercase'); } else { if ($usernew->username !== clean_param($usernew->username, PARAM_USERNAME)) { $err['username'] = get_string('invalidusername'); } } } } if (!$user or isset($usernew->email) && $user->email !== $usernew->email) { if (!validate_email($usernew->email)) { $err['email'] = get_string('invalidemail'); } else { if (empty($CFG->allowaccountssameemail) and $DB->record_exists('user', array('email' => $usernew->email, 'mnethostid' => $CFG->mnet_localhost_id))) { $err['email'] = get_string('emailexists'); } } } // Next the customisable profile fields. $err += profile_validation($usernew, $files); if (count($err) == 0) { return true; } else { return $err; } }
function validation($data, $files) { global $CFG, $DB; $errors = parent::validation($data, $files); $authplugin = get_auth_plugin($CFG->registerauth); if ($DB->record_exists('user', array('username' => $data['username'], 'mnethostid' => $CFG->mnet_localhost_id))) { $errors['username'] = get_string('usernameexists'); } else { //check allowed characters if ($data['username'] !== moodle_strtolower($data['username'])) { $errors['username'] = get_string('usernamelowercase'); } else { if ($data['username'] !== clean_param($data['username'], PARAM_USERNAME)) { $errors['username'] = get_string('invalidusername'); } } } //check if user exists in external db //TODO: maybe we should check all enabled plugins instead if ($authplugin->user_exists($data['username'])) { $errors['username'] = get_string('usernameexists'); } if (!validate_email($data['email'])) { $errors['email'] = get_string('invalidemail'); } else { if ($DB->record_exists('user', array('email' => $data['email']))) { $errors['email'] = get_string('emailexists') . ' <a href="forgot_password.php">' . get_string('newpassword') . '?</a>'; } } if (empty($data['email2'])) { $errors['email2'] = get_string('missingemail'); } else { if ($data['email2'] != $data['email']) { $errors['email2'] = get_string('invalidemail'); } } if (!isset($errors['email'])) { if ($err = email_is_not_allowed($data['email'])) { $errors['email'] = $err; } } $errmsg = ''; if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; } if ($this->signup_captcha_enabled()) { $recaptcha_element = $this->_form->getElement('recaptcha_element'); if (!empty($this->_form->_submitValues['recaptcha_challenge_field'])) { $challenge_field = $this->_form->_submitValues['recaptcha_challenge_field']; $response_field = $this->_form->_submitValues['recaptcha_response_field']; if (true !== ($result = $recaptcha_element->verify($challenge_field, $response_field))) { $errors['recaptcha'] = $result; } } else { $errors['recaptcha'] = get_string('missingrecaptchachallengefield'); } } return $errors; }
/** * Perform custom validation of the data used to edit the instance. * * @param array $data array of ("fieldname"=>value) of submitted data * @param array $files array of uploaded files "element_name"=>tmp_file_path * @param object $instance The instance loaded from the DB * @param context $context The context of the instance we are editing * @return array of "element_name"=>"error_description" if there are errors, * or an empty array if everything is OK. * @return void */ public function edit_instance_validation($data, $files, $instance, $context) { $errors = array(); $checkpassword = false; if ($data['id']) { // Check the password if we are enabling the plugin again. if ($instance->status == ENROL_INSTANCE_DISABLED && $data['status'] == ENROL_INSTANCE_ENABLED) { $checkpassword = true; } // Check the password if the instance is enabled and the password has changed. if ($data['status'] == ENROL_INSTANCE_ENABLED && $instance->password !== $data['password']) { $checkpassword = true; } } else { $checkpassword = true; } if ($checkpassword) { $require = $this->get_config('requirepassword'); $policy = $this->get_config('usepasswordpolicy'); if ($require && trim($data['password']) === '') { $errors['password'] = get_string('required'); } else { if (!empty($data['password']) && $policy) { $errmsg = ''; if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; } } } } $validstatus = array_keys($this->get_status_options()); $tovalidate = array('status' => $validstatus); $typeerrors = $this->validate_param_types($data, $tovalidate); $errors = array_merge($errors, $typeerrors); return $errors; }
} // do not update record if new auth plugin does not exist! if (!in_array($existinguser->auth, $availableauths)) { $upt->track('auth', get_string('userautherror', 'error', $existinguser->auth), 'error'); $upt->track('status', $strusernotupdated, 'error'); $userserrors++; continue; } else if (!in_array($existinguser->auth, $allowedauths)) { $upt->track('auth', $struserauthunsupported, 'warning'); } $auth = get_auth_plugin($existinguser->auth); $isinternalauth = $auth->is_internal(); if ($isinternalauth && $updatepasswords && !check_password_policy($user->password, $errmsg)) { $upt->track('password', get_string('internalauthpassworderror', 'error', $existinguser->password), 'error'); $upt->track('status', $strusernotupdated, 'error'); $userserrors++; continue; } else { $forcechangepassword = true; } if (!$isinternalauth) { $existinguser->password = '******'; $upt->track('password', 'not cached'); $forcechangepassword = false; } else if ($updatepasswords){ $existinguser->password = hash_internal_user_password($existinguser->password); } else {
function validation($usernew, $files) { global $CFG, $DB; $usernew = (object)$usernew; $usernew->username = trim($usernew->username); $user = $DB->get_record('user', array('id'=>$usernew->id)); $err = array(); if (!empty($usernew->newpassword)) { $errmsg = '';//prevent eclipse warning if (!check_password_policy($usernew->newpassword, $errmsg)) { $err['newpassword'] = $errmsg; } } if (empty($usernew->username)) { //might be only whitespace $err['username'] = get_string('required'); } else if (!$user or $user->username !== $usernew->username) { //check new username does not exist if ($DB->record_exists('user', array('username'=>$usernew->username, 'mnethostid'=>$CFG->mnet_localhost_id))) { $err['username'] = get_string('usernameexists'); } //check allowed characters if ($usernew->username !== textlib::strtolower($usernew->username)) { $err['username'] = get_string('usernamelowercase'); } else { if ($usernew->username !== clean_param($usernew->username, PARAM_USERNAME)) { $err['username'] = get_string('invalidusername'); } } } if (!$user or $user->email !== $usernew->email) { if (!validate_email($usernew->email)) { $err['email'] = get_string('invalidemail'); } else if ($DB->record_exists('user', array('email'=>$usernew->email, 'mnethostid'=>$CFG->mnet_localhost_id))) { $err['email'] = get_string('emailexists'); } } /// Next the customisable profile fields $err += profile_validation($usernew, $files); if (count($err) == 0){ return true; } else { return $err; } }
/** * Assemble the user data based on defaults. * This returns the final data to be passed to proceed(). * * @param array data current data. * @return array. */ protected function get_final_create_data($data) { global $CFG, $DB, $UUC_DEFAULTS, $UUC_SUPPORTEDAUTHS; $data->confirmed = 1; $data->timemodified = time(); $data->timecreated = time(); // Only local accounts. Huh? $data->mnethostid = $CFG->mnet_localhost_id; if (!isset($data->suspended) || $data->suspended === '') { $data->suspended = 0; } else { $data->suspended = $data->suspended ? 1 : 0; } if (empty($data->auth)) { $data->auth = empty($UUC_DEFAULTS['auth']) ? 'manual' : $UUC_DEFAULTS['auth']; } try { $auth = get_auth_plugin($data->auth); } catch (Exception $e) { $this->error('userautherror', new lang_string('userautherror', 'error', s($data->auth))); return false; } if (!isset($UUC_SUPPORTEDAUTHS[$data->auth])) { $this->set_status('userauthunsupported', new lang_string('userauthunsupported', 'warning')); } $isinternalauth = $auth->is_internal(); if ($DB->record_exists('user', array('email' => $data->email))) { if ($this->importoptions['noemailduplicates']) { $this->error('useremailduplicate', new lang_string('useremailduplicate', 'error')); return false; } else { $this->set_status('useremailduplicate', new lang_string('useremailduplicate', 'error')); } } if (!validate_email($data->email)) { $this->set_status('invalidemail', new lang_string('invalidemail')); } if (empty($data->lang)) { $data->lang = empty($UUC_DEFAULTS['lang']) ? '' : $UUC_DEFAULTS['lang']; } else { if (clean_param($data->lang, PARAM_LANG) === '') { $this->set_status('cannotfindlang', new lang_string('cannotfindlang', 'error', $data->lang)); $data->lang = empty($UUC_DEFAULTS['lang']) ? '' : $UUC_DEFAULTS['lang']; } } $this->needpasswordchange = false; if ($isinternalauth) { if (empty($data->password)) { if ($this->importoptions['passwordmode'] === tool_uploadusercli_processor::PASSWORD_MODE_GENERATE) { $data->password = '******'; } else { $this->error('missingfield', new lang_string('missingfield', 'error', 'password')); return false; } } else { $errmsg = NULL; $weak = !check_password_policy($data->password, $errmsg); if ($this->importoptions['forcepasswordchange'] == tool_uploadusercli_processor::FORCE_PASSWORD_CHANGE_ALL || $this->reset_password() && $weak) { $this->needpasswordchange = true; } // Use a low cost factor when generating hash so it's not too // slow when uploading lots of users. Hashes will be // automatically updated the first time the user logs in. $data->password = hash_internal_user_password($data->password, true); } } else { $data->password = AUTH_PASSWORD_NOT_CACHED; } // insert_record only keeps the valid fields for the record //$data->id = user_create_user($data, false, false); return $data; }
/** * Update a user with a user object (will compare against the ID) * * @param stdClass $user the user to update * @param bool $updatepassword if true, authentication plugin will update password. */ function user_update_user($user, $updatepassword = true) { global $DB; // set the timecreate field to the current time if (!is_object($user)) { $user = (object) $user; } //check username if (isset($user->username)) { if ($user->username !== core_text::strtolower($user->username)) { throw new moodle_exception('usernamelowercase'); } else { if ($user->username !== clean_param($user->username, PARAM_USERNAME)) { throw new moodle_exception('invalidusername'); } } } // Unset password here, for updating later, if password update is required. if ($updatepassword && isset($user->password)) { //check password toward the password policy if (!check_password_policy($user->password, $errmsg)) { throw new moodle_exception($errmsg); } $passwd = $user->password; unset($user->password); } $user->timemodified = time(); $DB->update_record('user', $user); if ($updatepassword) { // Get full user record. $updateduser = $DB->get_record('user', array('id' => $user->id)); // if password was set, then update its hash if (isset($passwd)) { $authplugin = get_auth_plugin($updateduser->auth); if ($authplugin->can_change_password()) { $authplugin->user_update_password($updateduser, $passwd); } } } // Trigger event. $event = \core\event\user_updated::create(array('objectid' => $user->id, 'context' => context_user::instance($user->id))); $event->trigger(); }
/** * Form validation * * @param array $data * @param array $files * @return array */ public function validation($data, $files) { $errors = parent::validation($data, $files); list($instance, $plugin) = $this->_customdata; $checkpassword = false; if ($data['id']) { if ($data['status'] == ENROL_INSTANCE_ENABLED) { if ($instance->password !== $data['password']) { $checkpassword = true; } } } else { if ($data['status'] == ENROL_INSTANCE_ENABLED) { $checkpassword = true; } } if ($checkpassword) { $policy = $plugin->get_config('usepasswordpolicy'); if ($policy) { $errmsg = ''; if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; } } } return $errors; }
function validation($data, $files) { global $CFG; $errors = parent::validation($data, $files); $authplugin = get_auth_plugin($CFG->registerauth); if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) { $errors['username'] = get_string('usernameexists'); } else { if (empty($CFG->extendedusernamechars)) { $string = eregi_replace("[^(-\\.[:alnum:])]", '', $data['username']); if (strcmp($data['username'], $string)) { $errors['username'] = get_string('alphanumerical'); } } } //check if user exists in external db //TODO: maybe we should check all enabled plugins instead if ($authplugin->user_exists($data['username'])) { $errors['username'] = get_string('usernameexists'); } if (!validate_email($data['email'])) { $errors['email'] = get_string('invalidemail'); } else { if (record_exists('user', 'email', $data['email'])) { $errors['email'] = get_string('emailexists') . ' <a href="forgot_password.php">' . get_string('newpassword') . '?</a>'; } } if (empty($data['email2'])) { $errors['email2'] = get_string('missingemail'); } else { if ($data['email2'] != $data['email']) { $errors['email2'] = get_string('invalidemail'); } } if (!isset($errors['email'])) { if ($err = email_is_not_allowed($data['email'])) { $errors['email'] = $err; } } $errmsg = ''; if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; } return $errors; }
/** * Perform extra password change validation. * @param array $data submitted form fields. * @param array $files submitted with the form. * @return array errors occuring during validation. */ public function validation($data, $files) { $user = $this->_customdata; $errors = parent::validation($data, $files); // Ignore submitted username. if ($data['password'] !== $data['password2']) { $errors['password'] = get_string('passwordsdiffer'); $errors['password2'] = get_string('passwordsdiffer'); return $errors; } $errmsg = ''; // Prevents eclipse warnings. if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; $errors['password2'] = $errmsg; return $errors; } if (user_is_previously_used_password($user->id, $data['password'])) { $errors['password'] = get_string('errorpasswordreused', 'core_auth'); $errors['password2'] = get_string('errorpasswordreused', 'core_auth'); } return $errors; }
while ($line = $cir->next()) { $upt->flush(); $linenum++; $upt->track('line', $linenum); $user = new object(); // by default, use the local mnet id (this may be changed in the file) $user->mnethostid = $CFG->mnet_localhost_id; // add fields to user object foreach ($line as $key => $value) { if ($value !== '') { $key = $columns[$key]; // password is special field if ($key == 'password') { if ($value !== '') { $user->password = hash_internal_user_password($value); if (!empty($CFG->passwordpolicy) and !check_password_policy($value, $errmsg)) { $forcechangepassword++; } } } else { $user->{$key} = $value; if (in_array($key, $upt->columns)) { $upt->track($key, $value); } } } } // get username, first/last name now - we need them in templates!! if ($optype == UU_UPDATE) { // when updating only username is required if (!isset($user->username)) {
if ($unrecognized) { $unrecognized = implode("\n ", $unrecognized); cli_error(get_string('cliunknowoption', 'admin', $unrecognized)); } if ($options['help']) { $help = "Reset local user passwords, useful especially for admin acounts.\n\nThere are no security checks here because anybody who is able to\nexecute this file may execute any PHP too.\n\nOptions:\n-h, --help Print out this help\n\nExample:\n\$sudo -u www-data /usr/bin/php admin/cli/reset_password.php\n"; //TODO: localize - to be translated later when everything is finished echo $help; die; } cli_heading('Password reset'); // TODO: localize $prompt = "enter username (manual authentication only)"; // TODO: localize $username = cli_input($prompt); if (!($user = $DB->get_record('user', array('auth' => 'manual', 'username' => $username, 'mnethostid' => $CFG->mnet_localhost_id)))) { cli_error("Can not find user '{$username}'"); } $prompt = "Enter new password"; // TODO: localize $password = cli_input($prompt); $errmsg = ''; //prevent eclipse warning if (!check_password_policy($password, $errmsg)) { cli_error($errmsg); } $hashedpassword = hash_internal_user_password($password); $DB->set_field('user', 'password', $hashedpassword, array('id' => $user->id)); echo "Password changed\n"; exit(0); // 0 means success
function validation($data, $files) { global $DB, $CFG; $errors = parent::validation($data, $files); list($instance, $plugin, $context) = $this->_customdata; $checkpassword = false; if ($instance->id) { if ($data['status'] == ENROL_INSTANCE_ENABLED) { if ($instance->password !== $data['password']) { $checkpassword = true; } } } else { if ($data['status'] == ENROL_INSTANCE_ENABLED) { $checkpassword = true; } } if ($checkpassword) { $require = $plugin->get_config('requirepassword'); $policy = $plugin->get_config('usepasswordpolicy'); if ($require and trim($data['password']) === '') { $errors['password'] = get_string('required'); } else { if ($policy) { $errmsg = ''; //prevent eclipse warning if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; } } } } if ($data['status'] == ENROL_INSTANCE_ENABLED) { if (!empty($data['enrolenddate']) and $data['enrolenddate'] < $data['enrolstartdate']) { $errors['enrolenddate'] = get_string('enrolenddaterror', 'enrol_self'); } } if ($data['expirynotify'] > 0 and $data['expirythreshold'] < 86400) { $errors['expirythreshold'] = get_string('errorthresholdlow', 'core_enrol'); } return $errors; }
if ($isinternalauth) { if (empty($user->password)) { if ($createpasswords) { $user->password = '******'; $upt->track('password', '', 'normal', false); $upt->track('password', get_string('uupasswordcron', 'admin'), 'warning', false); } else { $upt->track('password', '', 'normal', false); $upt->track('password', get_string('missingfield', 'error', 'password'), 'error'); $upt->track('status', $strusernotaddederror, 'error'); $userserrors++; continue; } } else { $errmsg = null; $weak = !check_password_policy($user->password, $errmsg); if ($resetpasswords == UU_PWRESET_ALL or $resetpasswords == UU_PWRESET_WEAK and $weak) { if ($weak) { $weakpasswords++; $upt->track('password', $strinvalidpasswordpolicy, 'warning'); } $forcechangepassword = true; } $user->password = hash_internal_user_password($user->password); } } else { $user->password = '******'; $upt->track('password', '-', 'normal', false); } // create user - insert_record ignores any extra properties $user->id = $DB->insert_record('user', $user);
/** * Update a user with a user object (will compare against the ID) * * @param object $user the user to update */ function user_update_user($user) { global $DB; // set the timecreate field to the current time if (!is_object($user)) { $user = (object) $user; } //check username if (isset($user->username)) { if ($user->username !== textlib::strtolower($user->username)) { throw new moodle_exception('usernamelowercase'); } else { if ($user->username !== clean_param($user->username, PARAM_USERNAME)) { throw new moodle_exception('invalidusername'); } } } // unset password here, for updating later if (isset($user->password)) { //check password toward the password policy if (!check_password_policy($user->password, $errmsg)) { throw new moodle_exception($errmsg); } $passwd = $user->password; unset($user->password); } $user->timemodified = time(); $DB->update_record('user', $user); // trigger user_updated event on the full database user row $updateduser = $DB->get_record('user', array('id' => $user->id)); // if password was set, then update its hash if (isset($passwd)) { $authplugin = get_auth_plugin($updateduser->auth); if ($authplugin->can_change_password()) { $authplugin->user_update_password($updateduser, $passwd); } } events_trigger('user_updated', $updateduser); add_to_log(SITEID, 'user', get_string('update'), '/view.php?id=' . $updateduser->id, fullname($updateduser)); }
public function validation($data, $files) { $errors = array(); global $DB, $CFG; $errors = parent::validation($data, $files); $email = $data['email']; $id = $data['id']; $uname = $data['username']; $email_record = $DB->get_record_sql("SELECT * FROM {user} WHERE email = :email AND id <> :id AND deleted <> :del", array('email' => $email, 'id' => $id, 'del' => 1)); if ( $email_record) { $errors['email'] = get_string('emailexists', 'local_users'); } $uname_record = $DB->get_record_select('user', 'username LIKE :uname AND id <> :id AND deleted <> :del', array('uname' => "$uname", 'id' => $id, 'del' => 1)); if ( $uname_record) { $errors['username'] = get_string('unameexists', 'local_users'); } if (!empty($data['newpassword'])) { $errmsg = ''; //prevent eclipse warning if (!check_password_policy($data['newpassword'], $errmsg)) { $errors['newpassword'] = $errmsg; } } /*********************** code by sreekanth**********************************************/ $today = time(); if($data['doj'] > $today){ $errors['doj'] = get_string('datejoin', 'local_users'); } if($data['dob'] > $today){ $errors['dob'] = get_string('datebirth', 'local_users'); } //$years = (time() - $data['dob']) / (60 * 60 * 24 * 365); //if ($id<0 && $years <= 20) { // $errors['dob'] = get_string('givevaliddob', 'local_users'); //} return $errors; }
/** * Update a user with a user object (will compare against the ID) * * @param stdClass $user the user to update * @param bool $updatepassword if true, authentication plugin will update password. * @param bool $triggerevent set false if user_updated event should not be triggred. */ function user_update_user($user, $updatepassword = true, $triggerevent = true) { global $DB; // set the timecreate field to the current time if (!is_object($user)) { $user = (object) $user; } //check username if (isset($user->username)) { if ($user->username !== core_text::strtolower($user->username)) { throw new moodle_exception('usernamelowercase'); } else { if ($user->username !== clean_param($user->username, PARAM_USERNAME)) { throw new moodle_exception('invalidusername'); } } } // Unset password here, for updating later, if password update is required. if ($updatepassword && isset($user->password)) { //check password toward the password policy if (!check_password_policy($user->password, $errmsg)) { throw new moodle_exception($errmsg); } $passwd = $user->password; unset($user->password); } // Make sure calendartype, if set, is valid. if (!empty($user->calendartype)) { $availablecalendartypes = \core_calendar\type_factory::get_list_of_calendar_types(); // If it doesn't exist, then unset this value, we do not want to update the user's value. if (empty($availablecalendartypes[$user->calendartype])) { unset($user->calendartype); } } else { // Unset this variable, must be an empty string, which we do not want to update the calendartype to. unset($user->calendartype); } $user->timemodified = time(); $DB->update_record('user', $user); if ($updatepassword) { // Get full user record. $updateduser = $DB->get_record('user', array('id' => $user->id)); // if password was set, then update its hash if (isset($passwd)) { $authplugin = get_auth_plugin($updateduser->auth); if ($authplugin->can_change_password()) { $authplugin->user_update_password($updateduser, $passwd); } } } // Trigger event if required. if ($triggerevent) { \core\event\user_updated::create_from_userid($user->id)->trigger(); } }
/** * Form validation * * @param array $data * @param array $files * @return array $errors An array of errors */ function validation($data, $files) { global $COURSE, $DB, $CFG; $errors = parent::validation($data, $files); $name = trim($data['name']); if (isset($data['idnumber'])) { $idnumber = trim($data['idnumber']); } else { $idnumber = ''; } if ($data['id'] and $group = $DB->get_record('groups', array('id' => $data['id']))) { if (core_text::strtolower($group->name) != core_text::strtolower($name)) { if (groups_get_group_by_name($COURSE->id, $name)) { $errors['name'] = get_string('groupnameexists', 'group', $name); } } if (!empty($idnumber) && $group->idnumber != $idnumber) { if (groups_get_group_by_idnumber($COURSE->id, $idnumber)) { $errors['idnumber'] = get_string('idnumbertaken'); } } if ($data['enrolmentkey'] != '') { $errmsg = ''; if (!empty($CFG->groupenrolmentkeypolicy) && $group->enrolmentkey !== $data['enrolmentkey'] && !check_password_policy($data['enrolmentkey'], $errmsg)) { // Enforce password policy when the password is changed. $errors['enrolmentkey'] = $errmsg; } else { // Prevent twice the same enrolment key in course groups. $sql = "SELECT id FROM {groups} WHERE id <> :groupid AND courseid = :courseid AND enrolmentkey = :key"; $params = array('groupid' => $data['id'], 'courseid' => $COURSE->id, 'key' => $data['enrolmentkey']); if ($DB->record_exists_sql($sql, $params)) { $errors['enrolmentkey'] = get_string('enrolmentkeyalreadyinuse', 'group'); } } } } else { if (groups_get_group_by_name($COURSE->id, $name)) { $errors['name'] = get_string('groupnameexists', 'group', $name); } else { if (!empty($idnumber) && groups_get_group_by_idnumber($COURSE->id, $idnumber)) { $errors['idnumber'] = get_string('idnumbertaken'); } else { if ($data['enrolmentkey'] != '') { $errmsg = ''; if (!empty($CFG->groupenrolmentkeypolicy) && !check_password_policy($data['enrolmentkey'], $errmsg)) { // Enforce password policy. $errors['enrolmentkey'] = $errmsg; } else { if ($DB->record_exists('groups', array('courseid' => $COURSE->id, 'enrolmentkey' => $data['enrolmentkey']))) { // Prevent the same enrolment key from being used multiple times in course groups. $errors['enrolmentkey'] = get_string('enrolmentkeyalreadyinuse', 'group'); } } } } } } return $errors; }
function validation($data, $files) { global $DB, $CFG; $errors = parent::validation($data, $files); if ($foundcourses = $DB->get_records('course', array('shortname' => $data['shortname']))) { if (!empty($data['id'])) { unset($foundcourses[$data['id']]); } if (!empty($foundcourses)) { foreach ($foundcourses as $foundcourse) { $foundcoursenames[] = $foundcourse->fullname; } $foundcoursenamestring = implode(',', $foundcoursenames); $errors['shortname'] = get_string('shortnametaken', '', $foundcoursenamestring); } } if (!empty($data['enrolstartdate']) && !empty($data['enrolenddate']) && $data['enrolenddate'] <= $data['enrolstartdate']) { $errors['enrolenddate'] = get_string('enrolenddaterror'); } if (!empty($CFG->enrol_manual_usepasswordpolicy) and isset($data['enrolpassword']) and $data['enrolpassword'] != '') { $course = $this->_customdata['course']; if ($course->password !== $data['enrolpassword']) { // enforce password policy only if changing password - backwards compatibility $errmsg = ''; if (!check_password_policy($data['enrolpassword'], $errmsg)) { $errors['enrolpassword'] = $errmsg; } } } return $errors; }
function validation($data, $files) { global $CFG; $errors = parent::validation($data, $files); $authplugin = get_auth_plugin($CFG->registerauth); if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) { $errors['username'] = get_string('usernameexists'); } else { if (empty($CFG->extendedusernamechars)) { $string = eregi_replace("[^(-\\.[:alnum:])]", '', $data['username']); if (strcmp($data['username'], $string)) { $errors['username'] = get_string('alphanumerical'); } } } //check if user exists in external db //TODO: maybe we should check all enabled plugins instead if ($authplugin->user_exists($data['username'])) { $errors['username'] = get_string('usernameexists'); } if (!validate_email($data['email'])) { $errors['email'] = get_string('invalidemail'); } else { if (record_exists('user', 'email', $data['email'])) { $errors['email'] = get_string('emailexists') . ' <a href="forgot_password.php">' . get_string('newpassword') . '?</a>'; } } if (empty($data['email2'])) { $errors['email2'] = get_string('missingemail'); } else { if ($data['email2'] != $data['email']) { $errors['email2'] = get_string('invalidemail'); } } if (!isset($errors['email'])) { if ($err = email_is_not_allowed($data['email'])) { $errors['email'] = $err; } } $errmsg = ''; if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; } if (signup_captcha_enabled()) { $recaptcha_element = $this->_form->getElement('recaptcha_element'); if (!empty($this->_form->_submitValues['recaptcha_challenge_field'])) { $challenge_field = $this->_form->_submitValues['recaptcha_challenge_field']; $response_field = $this->_form->_submitValues['recaptcha_response_field']; if (true !== ($result = $recaptcha_element->verify($challenge_field, $response_field))) { $errors['recaptcha'] = $result; } } else { $errors['recaptcha'] = get_string('missingrecaptchachallengefield'); } } return $errors; }
/** * Perform custom validation of the data used to edit the instance. * * @param array $data array of ("fieldname"=>value) of submitted data * @param array $files array of uploaded files "element_name"=>tmp_file_path * @param object $instance The instance loaded from the DB * @param context $context The context of the instance we are editing * @return array of "element_name"=>"error_description" if there are errors, * or an empty array if everything is OK. * @return void */ public function edit_instance_validation($data, $files, $instance, $context) { $errors = array(); $checkpassword = false; if ($instance->id) { // Check the password if we are enabling the plugin again. if ($instance->status == ENROL_INSTANCE_DISABLED && $data['status'] == ENROL_INSTANCE_ENABLED) { $checkpassword = true; } // Check the password if the instance is enabled and the password has changed. if ($data['status'] == ENROL_INSTANCE_ENABLED && $instance->password !== $data['password']) { $checkpassword = true; } } else { $checkpassword = true; } if ($checkpassword) { $require = $this->get_config('requirepassword'); $policy = $this->get_config('usepasswordpolicy'); if ($require and trim($data['password']) === '') { $errors['password'] = get_string('required'); } else { if (!empty($data['password']) && $policy) { $errmsg = ''; if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; } } } } if ($data['status'] == ENROL_INSTANCE_ENABLED) { if (!empty($data['enrolenddate']) and $data['enrolenddate'] < $data['enrolstartdate']) { $errors['enrolenddate'] = get_string('enrolenddaterror', 'enrol_self'); } } if ($data['expirynotify'] > 0 and $data['expirythreshold'] < 86400) { $errors['expirythreshold'] = get_string('errorthresholdlow', 'core_enrol'); } // Now these ones are checked by quickforms, but we may be called by the upload enrolments tool, or a webservive. if (core_text::strlen($data['name']) > 255) { $errors['name'] = get_string('err_maxlength', 'form', 255); } $validstatus = array_keys($this->get_status_options()); $validnewenrols = array_keys($this->get_newenrols_options()); if (core_text::strlen($data['password']) > 50) { $errors['name'] = get_string('err_maxlength', 'form', 50); } $validgroupkey = array_keys($this->get_groupkey_options()); $context = context_course::instance($instance->courseid); $validroles = array_keys($this->extend_assignable_roles($context, $instance->roleid)); $validexpirynotify = array_keys($this->get_expirynotify_options()); $validlongtimenosee = array_keys($this->get_longtimenosee_options()); $tovalidate = array('enrolstartdate' => PARAM_INT, 'enrolenddate' => PARAM_INT, 'name' => PARAM_TEXT, 'customint1' => $validgroupkey, 'customint2' => $validlongtimenosee, 'customint3' => PARAM_INT, 'customint4' => PARAM_BOOL, 'customint5' => PARAM_INT, 'customint6' => $validnewenrols, 'status' => $validstatus, 'enrolperiod' => PARAM_INT, 'expirynotify' => $validexpirynotify, 'roleid' => $validroles); if ($data['expirynotify'] != 0) { $tovalidate['expirythreshold'] = PARAM_INT; } $typeerrors = $this->validate_param_types($data, $tovalidate); $errors = array_merge($errors, $typeerrors); return $errors; }
/** * Is it possible to hide/show enrol instance via standard UI? * * @param stdClass $instance * @return bool */ public function can_hide_show_instance($instance) { $context = context_course::instance($instance->courseid); if (!has_capability('enrol/guest:config', $context)) { return false; } // If the instance is currently disabled, before it can be enabled, we must check whether the password meets the // password policies. if ($instance->status == ENROL_INSTANCE_DISABLED) { if ($this->get_config('requirepassword')) { if (empty($instance->password)) { return false; } } // Only check the password if it is set. if (!empty($instance->password) && $this->get_config('usepasswordpolicy')) { if (!check_password_policy($instance->password, $errmsg)) { return false; } } } return true; }