<?php
require_once '../../config.php';
require_once './lib.php';
$retVal = true;
$tokenParam = optional_param('token', null, PARAM_ALPHANUM);
// if token value is POSTed in then it has come from a form. else it has come from querystring
if (isset($_POST['token']) === true) {
$SESSION->tokenFrom = empty($_SERVER['HTTP_REFERER']) === false ? $_SERVER['HTTP_REFERER'] : $CFG->wwwroot;
}
if (empty($tokenParam) === true) {
$retVal = 2;
} else {
$plugin = new enrol_token_plugin();
// try enrolment, and return back here after user logs in
$courseId = 0;
$retVal = $plugin->doEnrolment($tokenParam, $courseId, "{$FULLME}?token={$tokenParam}");
}
$goToUrl = empty($SESSION->tokenFrom) ? $CFG->wwwroot : $SESSION->tokenFrom;
unset($SESSION->tokenFrom);
// if there are no errors, redirect to course page
if ($retVal === true) {
require_once "{$CFG->dirroot}/course/lib.php";
redirect(course_get_url($courseId));
}
// errors
// overwrite any existing tokenerr query parameter
$params = array();
parse_str(parse_url($goToUrl, PHP_URL_QUERY), $params);
$params['tokenerr'] = $retVal;
redirect(strtok($goToUrl, '?') . '?' . http_build_query($params));
function user_signup($user, $notify = false)
{
global $CFG, $DB, $SESSION;
require_once $CFG->dirroot . '/user/profile/lib.php';
require_once $CFG->dirroot . '/enrol/token/lib.php';
$lang = empty($user->lang) ? $CFG->lang : $user->lang;
$site = get_site();
$supportuser = core_user::get_support_user();
$newpassword = generate_password();
// the token the user entered (which is now validated)
$tokenValue = $user->token;
$newuser = new stdClass();
$newuser->auth = 'token';
// since technially this auth plugin is a skin
$newuser->firstname = $user->firstname;
$newuser->lastname = $user->lastname;
$newuser->password = hash_internal_user_password($newpassword, false);
$newuser->policyagreed = 1;
// might need to put this in somewhere
$newuser->username = $user->email;
$newuser->email = $user->email;
$newuser->lastip = getremoteaddr();
$newuser->timecreated = time();
$newuser->timemodified = $newuser->timecreated;
$newuser->mnethostid = $CFG->mnet_localhost_id;
$newuser = self::truncate_user_obj($newuser);
if (($newuser->id = $DB->insert_record('user', $newuser)) === false) {
notice(get_string('signupfailure', 'auth_token'), $CFG->wwwroot);
return false;
}
$user = get_complete_user_data('id', $newuser->id);
\core\event\user_created::create_from_userid($user->id)->trigger();
// just the query part of post-login redirect
$params = empty($SESSION->wantsurl) === true ? '' : parse_url($SESSION->wantsurl, PHP_URL_QUERY);
$a = new stdClass();
$a->firstname = $user->firstname;
$a->lastname = $user->lastname;
$a->username = $user->username;
$a->password = $newpassword;
$a->sitename = format_string($site->fullname);
$a->link = $CFG->wwwroot . '/auth/token/login.php?' . $params;
$a->signoff = generate_email_signoff();
$message = (string) new lang_string('signup_userregoemail', 'auth_token', $a, $lang);
$subject = format_string($site->fullname) . ': ' . (string) new lang_string('newusernewpasswordsubj', '', $a, $lang);
// Directly email rather than using the messaging system to ensure its not routed to a popup or jabber.
email_to_user($user, $supportuser, $subject, $message);
// log the user in immediately
if (($user = authenticate_user_login($user->username, $newpassword)) === false || complete_user_login($user) == null) {
notice(get_string('autologinfailure', 'auth_token'), $CFG->wwwroot);
return false;
}
// now, actually DO the enrolment for this course / user
$token_plugin = new enrol_token_plugin();
$courseId = 0;
$return_to_url = empty($SESSION->wantsurl) === true ? $CFG->wwwroot : $SESSION->wantsurl;
$enrolled_ok = $token_plugin->doEnrolment($tokenValue, $courseId, $return_to_url);
if ($enrolled_ok == true) {
redirect($return_to_url);
}
return $enrolled_ok == true;
}
