/** * @param $a_username * @param $password * @param bool $isChallengeResponse * @return bool|void * @throws ilLDAPQueryException */ function fetchData($a_username, $password, $isChallengeResponse = false) { /** * @var $ilDB ilDB * @var $ilSetting ilSetting * @var $rbacadmin ilRbacAdmin */ global $ilDB, $ilSetting, $rbacadmin; $settings = new ilSetting('apache_auth'); if (!$settings->get('apache_enable_auth')) { return false; } if (!$settings->get('apache_auth_indicator_name') || !$settings->get('apache_auth_indicator_value')) { return false; } if (!ilUtil::isLogin($a_username)) { return false; } if ($a_username == 'anonymous' && $password == 'anonymous') { $query = 'SELECT * FROM usr_data WHERE login = %s'; $qres = $ilDB->queryF($query, array('text'), array($a_username)); $userRow = $ilDB->fetchAssoc($qres); if (is_array($userRow) && $userRow['usr_id']) { // user as a local account... // fetch logindata $this->activeUser = $userRow['login']; foreach ($userRow as $key => $value) { if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) { continue; } // Use reference to the auth object if exists // This is because the auth session variable can change so a static call to setAuthData does not make sense $this->_auth_obj->setAuthData($key, $value); } $this->_auth_obj->setAuth($userRow['login']); return true; } return false; } if (!$_SESSION['login_invalid'] && in_array($_SERVER[$settings->get('apache_auth_indicator_name')], array_filter(array_map('trim', str_getcsv($settings->get('apache_auth_indicator_value')))))) { // we have a valid apache auth $list = array($ilSetting->get('auth_mode')); // Respect the auth method sequence include_once './Services/Authentication/classes/class.ilAuthModeDetermination.php'; $det = ilAuthModeDetermination::_getInstance(); if (!$det->isManualSelection() && $det->getCountActiveAuthModes() > 1) { $list = array(); foreach (ilAuthModeDetermination::_getInstance()->getAuthModeSequence() as $auth_mode) { $list[] = $auth_mode; } } foreach ($list as $auth_mode) { if (AUTH_LDAP == $auth_mode) { // if no local user has been found AND ldap lookup is enabled if ($settings->get('apache_enable_ldap')) { include_once 'Services/LDAP/classes/class.ilLDAPServer.php'; $this->server = new ilLDAPServer(ilLDAPServer::_getFirstActiveServer()); $this->server->doConnectionCheck(); $config = $this->server->toPearAuthArray(); $query = new ilLDAPQuery($this->server); $query->bind(); $ldapUser = $query->fetchUser($a_username); if ($ldapUser && $ldapUser[$a_username] && $ldapUser[$a_username][$config['userattr']] == $a_username) { $ldapUser[$a_username]['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("ldap", $a_username); $user_data = $ldapUser[$a_username]; //array_change_key_case($a_auth->getAuthData(),CASE_LOWER); if ($this->server->enabledSyncOnLogin()) { if (!$user_data['ilInternalAccount'] && $this->server->isAccountMigrationEnabled() && !self::$force_creation) { $this->_auth_obj->logout(); $_SESSION['tmp_auth_mode'] = 'ldap'; $_SESSION['tmp_external_account'] = $a_username; $_SESSION['tmp_pass'] = $_POST['password']; include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php'; $roles = ilLDAPRoleAssignmentRules::getAssignmentsForCreation($a_username, $user_data); $_SESSION['tmp_roles'] = array(); foreach ($roles as $info) { if ($info['action'] == ilLDAPRoleAssignmentRules::ROLE_ACTION_ASSIGN) { $_SESSION['tmp_roles'][] = $info['id']; } } ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration'); } if ($this->updateRequired($a_username)) { $this->initLDAPAttributeToUser(); $this->ldap_attr_to_user->setUserData($ldapUser); $this->ldap_attr_to_user->refresh(); $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("ldap", $a_username); } else { // User exists and no update required $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("ldap", $a_username); } } if ($user_data['ilInternalAccount']) { $this->_auth_obj->setAuth($user_data['ilInternalAccount']); $this->_auth_obj->username = $user_data['ilInternalAccount']; return true; } } } } else { if (AUTH_APACHE != $auth_mode && $settings->get('apache_enable_local')) { $condition = ''; if ($ilSetting->get("auth_mode") && $ilSetting->get("auth_mode") == 'ldap') { $condition = " AND auth_mode != " . $ilDB->quote('default', 'text') . " "; } $query = "SELECT * FROM usr_data WHERE login = %s AND auth_mode != %s {$condition}"; $qres = $ilDB->queryF($query, array('text', 'text'), array($a_username, 'ldap')); $userRow = $ilDB->fetchAssoc($qres); if (is_array($userRow) && $userRow['usr_id']) { // user as a local account... // fetch logindata $this->activeUser = $userRow['login']; foreach ($userRow as $key => $value) { if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) { continue; } // Use reference to the auth object if exists // This is because the auth session variable can change so a static call to setAuthData does not make sense $this->_auth_obj->setAuthData($key, $value); } $this->_auth_obj->setAuth($userRow['login']); return true; } } } } if ($settings->get('apache_enable_local') && $settings->get('apache_local_autocreate')) { if ($_GET['r']) { $_SESSION['profile_complete_redirect'] = $_GET['r']; } $user = new ilObjUser(); $user->setLogin($a_username); $user->setExternalAccount($a_username); $user->setProfileIncomplete(true); $user->create(); $user->setAuthMode('apache'); // set a timestamp for last_password_change // this ts is needed by ilSecuritySettings $user->setLastPasswordChangeTS(time()); $user->setTimeLimitUnlimited(1); $user->setActive(1); //insert user data in table user_data $user->saveAsNew(); $user->writePrefs(); $rbacadmin->assignUser($settings->get('apache_default_role', 4), $user->getId(), true); return true; } } else { if (defined('IL_CERT_SSO') && IL_CERT_SSO) { define('APACHE_ERRORCODE', AUTH_APACHE_FAILED); } } return false; }
function fetchData($a_username, $password, $isChallengeResponse = false) { //var_dump(func_get_args()); //var_dump($_SERVER); global $lng; $settings = new ilSetting('apache_auth'); if (!$settings->get('apache_enable_auth')) { return false; } if (!$settings->get('apache_auth_indicator_name') || !$settings->get('apache_auth_indicator_value')) { return false; } if (!ilUtil::isLogin($a_username)) { return false; } if ($a_username == 'anonymous' && $password == 'anonymous') { global $ilDB; $query = 'SELECT * FROM usr_data WHERE login = %s'; $qres = $ilDB->queryF($query, array('text'), array($a_username)); $userRow = $ilDB->fetchAssoc($qres); if (is_array($userRow) && $userRow['usr_id']) { // user as a local account... // fetch logindata $this->activeUser = $userRow['login']; foreach ($userRow as $key => $value) { if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) { continue; } // Use reference to the auth object if exists // This is because the auth session variable can change so a static call to setAuthData does not make sense $this->_auth_obj->setAuthData($key, $value); } //var_dump($userRow); $this->_auth_obj->setAuth($userRow['login']); return true; } return false; } if (!$_SESSION['login_invalid'] && $_SERVER[$settings->get('apache_auth_indicator_name')] == $settings->get('apache_auth_indicator_value')) { // we have a valid apache auth global $ilDB; if ($settings->get('apache_enable_local')) { $query = 'SELECT * FROM usr_data WHERE login = %s OR (auth_mode = %s AND ext_account = %s)'; $qres = $ilDB->queryF($query, array('text', 'text', 'text'), array($a_username, 'apache', $a_username)); $userRow = $ilDB->fetchAssoc($qres); if (is_array($userRow) && $userRow['usr_id']) { // user as a local account... // fetch logindata $this->activeUser = $userRow['login']; foreach ($userRow as $key => $value) { if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) { continue; } // Use reference to the auth object if exists // This is because the auth session variable can change so a static call to setAuthData does not make sense $this->_auth_obj->setAuthData($key, $value); } //var_dump($userRow); $this->_auth_obj->setAuth($userRow['login']); return true; } } // if no local user has been found AND ldap lookup is enabled if ($settings->get('apache_enable_ldap')) { include_once 'Services/LDAP/classes/class.ilLDAPServer.php'; $this->server = new ilLDAPServer(ilLDAPServer::_getFirstActiveServer()); $this->server->doConnectionCheck(); $config = $this->server->toPearAuthArray(); $query = new ilLDAPQuery($this->server); $ldapUser = $query->fetchUser($a_username); if ($ldapUser && $ldapUser[$a_username] && $ldapUser[$a_username][$config['userattr']] == $a_username) { $ldapUser[$a_username]['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("apache", $a_username); $user_data = $ldapUser[$a_username]; //array_change_key_case($a_auth->getAuthData(),CASE_LOWER); if ($this->server->enabledSyncOnLogin()) { if (!$user_data['ilInternalAccount'] && $this->server->isAccountMigrationEnabled() && !self::$force_creation) { $this->_auth_obj->logout(); $_SESSION['tmp_auth_mode'] = 'apache'; $_SESSION['tmp_external_account'] = $a_username; $_SESSION['tmp_pass'] = $_POST['password']; include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php'; $roles = ilLDAPRoleAssignmentRules::getAssignmentsForCreation($a_username, $user_data); $_SESSION['tmp_roles'] = array(); foreach ($roles as $info) { if ($info['action'] == ilLDAPRoleAssignmentRules::ROLE_ACTION_ASSIGN) { $_SESSION['tmp_roles'][] = $info['id']; } } ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration'); exit; } if ($this->updateRequired($a_username)) { $this->initLDAPAttributeToUser(); $this->ldap_attr_to_user->setUserData($ldapUser); $this->ldap_attr_to_user->refresh(); $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("apache", $a_username); } else { // User exists and no update required $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("apache", $a_username); } } if ($user_data['ilInternalAccount']) { $this->_auth_obj->setAuth($user_data['ilInternalAccount']); return true; } } } if ($settings->get('apache_enable_local') && $settings->get('apache_local_autocreate')) { // no local user, no ldap match or ldap not activated // if (!self::$force_creation) // { // $_SESSION['tmp_auth_mode'] = 'apache'; // $_SESSION['tmp_external_account'] = $a_username; // $_SESSION['tmp_pass'] = $_POST['password']; //ilUtil::redirect('https://lernwelt.janposselt.de/ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration'); // } // else // { global $ilIliasIniFile; if ($_GET['r']) { $_SESSION['profile_complete_redirect'] = $_GET['r']; } $user = new ilObjUser(); $user->setLogin($a_username); $user->setExternalAccount($a_username); $user->setProfileIncomplete(true); $user->create(); $user->setAuthMode('apache'); // set a timestamp for last_password_change // this ts is needed by ilSecuritySettings $user->setLastPasswordChangeTS(time()); $user->setTimeLimitUnlimited(1); $user->setActive(1); //insert user data in table user_data $user->saveAsNew(); $user->writePrefs(); global $rbacadmin; $rbacadmin->assignUser($settings->get('apache_default_role', 4), $user->getId(), true); return true; // } } } else { if (defined('IL_CERT_SSO') && IL_CERT_SSO) { define('APACHE_ERRORCODE', AUTH_APACHE_FAILED); } } return false; }
/** * Save personal data form * */ public function savePersonalData() { global $tpl, $lng, $ilCtrl, $ilUser, $ilSetting, $ilAuth; $this->initPersonalDataForm(); if ($this->form->checkInput()) { $form_valid = true; // if form field name differs from setter $map = array("firstname" => "FirstName", "lastname" => "LastName", "title" => "UTitle", "sel_country" => "SelectedCountry", "phone_office" => "PhoneOffice", "phone_home" => "PhoneHome", "phone_mobile" => "PhoneMobile", "referral_comment" => "Comment", "interests_general" => "GeneralInterests", "interests_help_offered" => "OfferingHelp", "interests_help_looking" => "LookingForHelp"); include_once "./Services/User/classes/class.ilUserProfile.php"; $up = new ilUserProfile(); foreach ($up->getStandardFields() as $f => $p) { // if item is part of form, it is currently valid (if not disabled) $item = $this->form->getItemByPostVar("usr_" . $f); if ($item && !$item->getDisabled()) { $value = $this->form->getInput("usr_" . $f); switch ($f) { case "birthday": if (is_array($value)) { if (is_array($value['date'])) { if ($value['d'] > 0 && $value['m'] > 0 && $value['y'] > 0) { $ilUser->setBirthday(sprintf("%04d-%02d-%02d", $value['y'], $value['m'], $value['d'])); } else { $ilUser->setBirthday(""); } } else { $ilUser->setBirthday($value['date']); } } break; default: $m = ucfirst($f); if (isset($map[$f])) { $m = $map[$f]; } $ilUser->{"set" . $m}($value); break; } } } $ilUser->setFullname(); // set instant messengers if ($this->workWithUserSetting("instant_messengers")) { $ilUser->setInstantMessengerId('icq', $this->form->getInput("usr_im_icq")); $ilUser->setInstantMessengerId('yahoo', $this->form->getInput("usr_im_yahoo")); $ilUser->setInstantMessengerId('msn', $this->form->getInput("usr_im_msn")); $ilUser->setInstantMessengerId('aim', $this->form->getInput("usr_im_aim")); $ilUser->setInstantMessengerId('skype', $this->form->getInput("usr_im_skype")); $ilUser->setInstantMessengerId('jabber', $this->form->getInput("usr_im_jabber")); $ilUser->setInstantMessengerId('voip', $this->form->getInput("usr_im_voip")); } // check map activation include_once "./Services/Maps/classes/class.ilMapUtil.php"; if (ilMapUtil::isActivated()) { $location = $this->form->getInput("location"); $ilUser->setLatitude(ilUtil::stripSlashes($location["latitude"])); $ilUser->setLongitude(ilUtil::stripSlashes($location["longitude"])); $ilUser->setLocationZoom(ilUtil::stripSlashes($location["zoom"])); } // Set user defined data $defs = $this->user_defined_fields->getVisibleDefinitions(); $udf = array(); foreach ($defs as $definition) { $f = "udf_" . $definition['field_id']; $item = $this->form->getItemByPostVar($f); if ($item && !$item->getDisabled()) { $udf[$definition['field_id']] = $this->form->getInput($f); } } $ilUser->setUserDefinedData($udf); // if loginname is changeable -> validate $un = $this->form->getInput('username'); if ((int) $ilSetting->get('allow_change_loginname') && $un != $ilUser->getLogin()) { if (!strlen($un) || !ilUtil::isLogin($un)) { ilUtil::sendFailure($lng->txt('form_input_not_valid')); $this->form->getItemByPostVar('username')->setAlert($this->lng->txt('login_invalid')); $form_valid = false; } else { if (ilObjUser::_loginExists($un, $ilUser->getId())) { ilUtil::sendFailure($lng->txt('form_input_not_valid')); $this->form->getItemByPostVar('username')->setAlert($this->lng->txt('loginname_already_exists')); $form_valid = false; } else { $ilUser->setLogin($un); try { $ilUser->updateLogin($ilUser->getLogin()); $ilAuth->setAuth($ilUser->getLogin()); $ilAuth->start(); } catch (ilUserException $e) { ilUtil::sendFailure($lng->txt('form_input_not_valid')); $this->form->getItemByPostVar('username')->setAlert($e->getMessage()); $form_valid = false; } } } } // everthing's ok. save form data if ($form_valid) { $this->uploadUserPicture(); // profile ok $ilUser->setProfileIncomplete(false); // save user data & object_data $ilUser->setTitle($ilUser->getFullname()); $ilUser->setDescription($ilUser->getEmail()); $ilUser->update(); ilUtil::sendSuccess($lng->txt("msg_obj_modified"), true); if (ilSession::get('orig_request_target')) { $target = ilSession::get('orig_request_target'); ilSession::set('orig_request_target', ''); ilUtil::redirect($target); } else { if ($redirect = $_SESSION['profile_complete_redirect']) { unset($_SESSION['profile_complete_redirect']); ilUtil::redirect($redirect); } else { $ilCtrl->redirect($this, "showPersonalData"); } } } } $this->form->setValuesByPost(); $this->showPersonalData(true); }
public function saveForm() { global $lng, $ilSetting; $this->__initForm(); $form_valid = $this->form->checkInput(); require_once 'Services/User/classes/class.ilObjUser.php'; // custom validation // validate email against restricted domains $email = $this->form->getInput("usr_email"); if ($email) { // #10366 $domains = array(); foreach ($this->registration_settings->getAllowedDomains() as $item) { if (trim($item)) { $domains[] = $item; } } if (sizeof($domains)) { $mail_valid = false; foreach ($domains as $domain) { $domain = str_replace("*", "~~~", $domain); $domain = preg_quote($domain); $domain = str_replace("~~~", ".+", $domain); if (preg_match("/^" . $domain . "\$/", $email, $hit)) { $mail_valid = true; break; } } if (!$mail_valid) { $mail_obj = $this->form->getItemByPostVar('usr_email'); $mail_obj->setAlert(sprintf($lng->txt("reg_email_domains"), implode(", ", $domains))); $form_valid = false; } } } if (!$this->form->getInput("usr_agreement")) { $agr_obj = $this->form->getItemByPostVar('usr_agreement'); $agr_obj->setAlert($lng->txt("force_accept_usr_agreement")); $form_valid = false; } $valid_role = false; // code if ($this->code_enabled) { $code = $this->form->getInput('usr_registration_code'); // could be optional if ($code) { // code validation include_once './Services/Registration/classes/class.ilRegistrationCode.php'; if (!ilRegistrationCode::isUnusedCode($code)) { $code_obj = $this->form->getItemByPostVar('usr_registration_code'); $code_obj->setAlert($lng->txt('registration_code_not_valid')); $form_valid = false; } else { // get role from valid code $valid_role = (int) ilRegistrationCode::getCodeRole($code); } } } // no need if role is attached to code if (!$valid_role) { // manual selection if ($this->registration_settings->roleSelectionEnabled()) { include_once "./Services/AccessControl/classes/class.ilObjRole.php"; $selected_role = $this->form->getInput("usr_roles"); if ($selected_role && ilObjRole::_lookupAllowRegister($selected_role)) { $valid_role = (int) $selected_role; } } else { include_once 'Services/Registration/classes/class.ilRegistrationEmailRoleAssignments.php'; $registration_role_assignments = new ilRegistrationRoleAssignments(); $valid_role = (int) $registration_role_assignments->getRoleByEmail($this->form->getInput("usr_email")); } } // no valid role could be determined if (!$valid_role) { ilUtil::sendInfo($lng->txt("registration_no_valid_role")); $form_valid = false; } // validate username $login_obj = $this->form->getItemByPostVar('username'); $login = $this->form->getInput("username"); if (!ilUtil::isLogin($login)) { $login_obj->setAlert($lng->txt("login_invalid")); $form_valid = false; } else { if (ilObjUser::_loginExists($login)) { $login_obj->setAlert($lng->txt("login_exists")); $form_valid = false; } else { if ((int) $ilSetting->get('allow_change_loginname') && (int) $ilSetting->get('reuse_of_loginnames') == 0 && ilObjUser::_doesLoginnameExistInHistory($login)) { $login_obj->setAlert($lng->txt('login_exists')); $form_valid = false; } } } if (!$form_valid) { ilUtil::sendFailure($lng->txt('form_input_not_valid')); } else { $password = $this->__createUser($valid_role); $this->__distributeMails($password, $this->form->getInput("usr_language")); $this->login($password); return true; } $this->form->setValuesByPost(); $this->displayForm(); return false; }
function __validateUserData(&$user_data, $check_complete = true) { global $lng, $styleDefinition, $ilLog; $this->__setMessage(''); include_once './Services/Authentication/classes/class.ilAuthUtils.php'; $allow_empty_password = ilAuthUtils::_needsExternalAccountByAuthMode(ilAuthUtils::_getAuthMode($user_data['auth_mode'])); if ($check_complete) { if (!isset($user_data['login'])) { $this->__appendMessage('No login given.'); } if (!isset($user_data['passwd']) and !$allow_empty_password) { $this->__appendMessage('No password given.'); } if (!isset($user_data['email'])) { $this->__appendMessage('No email given'); } if (!isset($user_data['user_language'])) { $user_data['user_language'] = $lng->getDefaultLanguage(); } } foreach ($user_data as $field => $value) { switch ($field) { case 'login': if (!ilUtil::isLogin($value)) { $this->__appendMessage('Login invalid.'); } // check loginname if ($check_complete) { if (ilObjUser::_loginExists($value)) { $this->__appendMessage('Login already exists.'); } } break; case 'passwd': if (!strlen($value) and $allow_empty_password) { break; } if (!ilUtil::isPassword($value)) { $this->__appendMessage('Password invalid.'); } break; case 'email': if (!ilUtil::is_email($value)) { $this->__appendMessage('Email invalid.'); } break; case 'time_limit_unlimited': if ($value != 1) { if ($user_data['time_limit_from'] >= $user_data['time_limit_until']) { $this->__appendMessage('Time limit invalid'); } } break; case 'user_language': $lang_inst = $lng->getInstalledLanguages(); if (!in_array($user_data['user_language'], $lang_inst)) { $this->__appendMessage('Language: ' . $user_data['user_language'] . ' is not installed'); } break; case 'user_skin': case 'user_style': if ($user_data['user_skin'] and !$user_data['user_style'] or !$user_data['user_skin'] and $user_data['user_style']) { $this->__appendMessage('user_skin, user_style not valid.'); } elseif ($user_data['user_skin'] and $user_data['user_style']) { $ok = false; $templates = $styleDefinition->getAllTemplates(); if (count($templates) > 0 && is_array($templates)) { foreach ($templates as $template) { $styleDef =& new ilStyleDefinition($template["id"]); $styleDef->startParsing(); $styles = $styleDef->getStyles(); foreach ($styles as $style) { if ($user_data['user_skin'] == $template["id"] && $user_data['user_style'] == $style["id"]) { $ok = true; } } } if (!$ok) { $this->__appendMessage('user_skin, user_style not valid.'); } } } break; case 'time_limit_owner': $type = ilObject::_lookupType($user_data['time_limit_owner'], true); if ($type != 'cat' and $type != 'usrf') { $this->__appendMessage('time_limit_owner must be ref_id of category or user folder' . $type); } break; default: continue; } } return strlen($this->__getMessage()) ? false : true; }
/** * Does input checks and updates a user account if everything is fine. * @access public */ function updateObjectOld() { global $ilias, $rbacsystem, $rbacadmin, $ilUser; include_once './Services/Authentication/classes/class.ilAuthUtils.php'; //load ILIAS settings $settings = $ilias->getAllSettings(); // User folder if ($this->usrf_ref_id == USER_FOLDER_ID and !$rbacsystem->checkAccess('visible,read,write', $this->usrf_ref_id)) { $this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_user"), $this->ilias->error_obj->MESSAGE); } // if called from local administration $this->usrf_ref_id is category id // Todo: this has to be fixed. Do not mix user folder id and category id if ($this->usrf_ref_id != USER_FOLDER_ID) { // check if user is assigned to category if (!$rbacsystem->checkAccess('cat_administrate_users', $this->object->getTimeLimitOwner())) { $this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_user"), $this->ilias->error_obj->MESSAGE); } } foreach ($_POST["Fobject"] as $key => $val) { $_POST["Fobject"][$key] = ilUtil::stripSlashes($val); } // check dynamically required fields foreach ($settings as $key => $val) { $field = substr($key, 8); switch ($field) { case 'passwd': case 'passwd2': if (ilAuthUtils::_allowPasswordModificationByAuthMode(ilAuthUtils::_getAuthMode($_POST['Fobject']['auth_mode']))) { $require_keys[] = $field; } break; default: $require_keys[] = $field; break; } } foreach ($require_keys as $key => $val) { // exclude required system and registration-only fields $system_fields = array("default_role"); if (!in_array($val, $system_fields)) { if (isset($settings["require_" . $val]) && $settings["require_" . $val]) { if (empty($_POST["Fobject"][$val])) { $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields") . ": " . $this->lng->txt($val), $this->ilias->error_obj->MESSAGE); } } } } if (!$this->__checkUserDefinedRequiredFields()) { $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE); } // validate login if ($this->object->getLogin() != $_POST["Fobject"]["login"] && !ilUtil::isLogin($_POST["Fobject"]["login"])) { $this->ilias->raiseError($this->lng->txt("login_invalid"), $this->ilias->error_obj->MESSAGE); } // check loginname if (ilObjUser::_loginExists($_POST["Fobject"]["login"], $this->id)) { $this->ilias->raiseError($this->lng->txt("login_exists"), $this->ilias->error_obj->MESSAGE); } if (ilAuthUtils::_allowPasswordModificationByAuthMode(ilAuthUtils::_getAuthMode($_POST['Fobject']['auth_mode']))) { if ($_POST['Fobject']['passwd'] == "********" and !strlen($this->object->getPasswd())) { $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields") . ": " . $this->lng->txt('password'), $this->ilias->error_obj->MESSAGE); } // check passwords if ($_POST["Fobject"]["passwd"] != $_POST["Fobject"]["passwd2"]) { $this->ilias->raiseError($this->lng->txt("passwd_not_match"), $this->ilias->error_obj->MESSAGE); } // validate password if (!ilUtil::isPassword($_POST["Fobject"]["passwd"])) { $this->ilias->raiseError($this->lng->txt("passwd_invalid"), $this->ilias->error_obj->MESSAGE); } } else { // Password will not be changed... $_POST['Fobject']['passwd'] = "********"; } if (ilAuthUtils::_needsExternalAccountByAuthMode(ilAuthUtils::_getAuthMode($_POST['Fobject']['auth_mode']))) { if (!strlen($_POST['Fobject']['ext_account'])) { $this->ilias->raiseError($this->lng->txt('ext_acccount_required'), $this->ilias->error_obj->MESSAGE); } } if ($_POST['Fobject']['ext_account'] && ($elogin = ilObjUser::_checkExternalAuthAccount($_POST['Fobject']['auth_mode'], $_POST['Fobject']['ext_account']))) { if ($elogin != $this->object->getLogin()) { $this->ilias->raiseError(sprintf($this->lng->txt("err_auth_ext_user_exists"), $_POST["Fobject"]["ext_account"], $_POST['Fobject']['auth_mode'], $elogin), $this->ilias->error_obj->MESSAGE); } } // The password type is not passed with the post data. Therefore we // append it here manually. include_once './Services/User/classes/class.ilObjUser.php'; $_POST["Fobject"]["passwd_type"] = IL_PASSWD_PLAIN; // validate email if (strlen($_POST['Fobject']['email']) and !ilUtil::is_email($_POST["Fobject"]["email"])) { $this->ilias->raiseError($this->lng->txt("email_not_valid"), $this->ilias->error_obj->MESSAGE); } $start = $this->__toUnix($_POST["time_limit"]["from"]); $end = $this->__toUnix($_POST["time_limit"]["until"]); // validate time limit if (!$_POST["time_limit"]["unlimited"] and $start > $end) { $this->ilias->raiseError($this->lng->txt("time_limit_not_valid"), $this->ilias->error_obj->MESSAGE); } if (!$this->ilias->account->getTimeLimitUnlimited()) { if ($start < $this->ilias->account->getTimeLimitFrom() or $end > $this->ilias->account->getTimeLimitUntil() or $_POST['time_limit']['unlimited']) { $_SESSION['error_post_vars'] = $_POST; ilUtil::sendFailure($this->lng->txt('time_limit_not_within_owners')); $this->editObject(); return false; } } // TODO: check length of login and passwd // checks passed. save user $_POST['Fobject']['time_limit_owner'] = $this->object->getTimeLimitOwner(); $_POST['Fobject']['time_limit_unlimited'] = (int) $_POST['time_limit']['unlimited']; $_POST['Fobject']['time_limit_from'] = $this->__toUnix($_POST['time_limit']['from']); $_POST['Fobject']['time_limit_until'] = $this->__toUnix($_POST['time_limit']['until']); if ($_POST['Fobject']['time_limit_unlimited'] != $this->object->getTimeLimitUnlimited() or $_POST['Fobject']['time_limit_from'] != $this->object->getTimeLimitFrom() or $_POST['Fobject']['time_limit_until'] != $this->object->getTimeLimitUntil()) { $_POST['Fobject']['time_limit_message'] = 0; } else { $_POST['Fobject']['time_limit_message'] = $this->object->getTimeLimitMessage(); } $this->object->assignData($_POST["Fobject"]); $this->object->setUserDefinedData($_POST['udf']); try { $this->object->updateLogin($_POST['Fobject']['login']); } catch (ilUserException $e) { ilUtil::sendFailure($e->getMessage()); $this->form_gui->setValuesByPost(); return $tpl->setContent($this->form_gui->getHtml()); } $this->object->setTitle($this->object->getFullname()); $this->object->setDescription($this->object->getEmail()); $this->object->setLanguage($_POST["Fobject"]["language"]); //set user skin and style $sknst = explode(":", $_POST["Fobject"]["skin_style"]); if ($this->object->getPref("style") != $sknst[1] || $this->object->getPref("skin") != $sknst[0]) { $this->object->setPref("skin", $sknst[0]); $this->object->setPref("style", $sknst[1]); } // set hits per pages $this->object->setPref("hits_per_page", $_POST["Fobject"]["hits_per_page"]); // set show users online $this->object->setPref("show_users_online", $_POST["Fobject"]["show_users_online"]); // set hide_own_online_status if ($_POST["Fobject"]["hide_own_online_status"]) { $this->object->setPref("hide_own_online_status", $_POST["Fobject"]["hide_own_online_status"]); } else { $this->object->setPref("hide_own_online_status", "n"); } $this->update = $this->object->update(); //$rbacadmin->updateDefaultRole($_POST["Fobject"]["default_role"], $this->object->getId()); // BEGIN DiskQuota: Remember the state of the "send info mail" checkbox global $ilUser; $ilUser->setPref('send_info_mails', $_POST['send_mail'] == 'y' ? 'y' : 'n'); $ilUser->writePrefs(); // END DiskQuota: Remember the state of the "send info mail" checkbox $mail_message = $this->__sendProfileMail(); $msg = $this->lng->txt('saved_successfully') . $mail_message; // feedback ilUtil::sendSuccess($msg, true); if (strtolower($_GET["baseClass"]) == 'iladministrationgui') { $this->ctrl->redirectByClass("ilobjuserfoldergui", "view"); } else { $this->ctrl->redirectByClass('ilobjcategorygui', 'listUsers'); } }
/** * Check input, strip slashes etc. set alert, if input is not ok. * * @return boolean Input ok, true/false */ function checkInput() { global $lng; $_POST[$this->getPostVar()] = ilUtil::stripSlashes($_POST[$this->getPostVar()]); if ($this->getRequired() && trim($_POST[$this->getPostVar()]) == "") { $this->setAlert($lng->txt("msg_input_is_required")); return false; } if (!ilUtil::isLogin($_POST[$this->getPostVar()])) { $this->setAlert($lng->txt("login_invalid")); return false; } if (ilObjUser::_loginExists($_POST[$this->getPostVar()], $this->getCurrentUserId())) { $this->setAlert($lng->txt("login_exists")); return false; } return true; }