Exemplo n.º 1
0
 public static function _createRandomUserAccount($keyarray)
 {
     global $ilDB, $ilUser, $ilSetting, $rbacadmin;
     if ($_SESSION['create_user_account'] != NULL) {
         $obj_user = new ilObjUser($_SESSION['create_user_account']);
         return $obj_user;
     } else {
         $userLogin = array();
         $res = $ilDB->query('SELECT sequence FROM object_data_seq');
         $row = $ilDB->fetchAssoc($res);
         $temp_user_id = (int) $row['sequence'] + 1;
         $userLogin['login'] = '******' . $temp_user_id;
         $userLogin['passwd'] = ilUtil::generatePasswords(1);
         require_once 'Services/User/classes/class.ilObjUser.php';
         include_once "Services/Mail/classes/class.ilAccountMail.php";
         $obj_user = new ilObjUser();
         $obj_user->setId($temp_user_id);
         $obj_user->setLogin($userLogin['login']);
         $obj_user->setPasswd((string) $userLogin['passwd'][0], IL_PASSWD_PLAIN);
         $_SESSION['tmp_user_account']['login'] = $userLogin['login'];
         $_SESSION['tmp_user_account']['passwd'] = $userLogin['passwd'];
         $obj_user->setFirstname($keyarray['first_name']);
         $obj_user->setLastname($keyarray['last_name']);
         $obj_user->setEmail($keyarray['payer_email']);
         #	$obj_user->setEmail('*****@*****.**');
         $obj_user->setGender('f');
         $obj_user->setLanguage($ilSetting->get("language"));
         $obj_user->setActive(true);
         $obj_user->setTimeLimitUnlimited(true);
         $obj_user->setTitle($obj_user->getFullname());
         $obj_user->setDescription($obj_user->getEmail());
         $obj_user->setTimeLimitOwner(7);
         $obj_user->setTimeLimitUnlimited(1);
         $obj_user->setTimeLimitMessage(0);
         $obj_user->setApproveDate(date("Y-m-d H:i:s"));
         // Set default prefs
         $obj_user->setPref('hits_per_page', $ilSetting->get('hits_per_page', 30));
         $obj_user->setPref('show_users_online', $ilSetting->get('show_users_online', 'y'));
         $obj_user->writePrefs();
         // at the first login the user must complete profile
         $obj_user->setProfileIncomplete(true);
         $obj_user->create();
         $obj_user->saveAsNew();
         $user_role = ilObject::_exists(4, false);
         if (!$user_role) {
             include_once "./Services/AccessControl/classes/class.ilObjRole.php";
             $reg_allowed = ilObjRole::_lookupRegisterAllowed();
             $user_role = $reg_allowed[0]['id'];
         } else {
             $user_role = 4;
         }
         $rbacadmin->assignUser((int) $user_role, $obj_user->getId(), true);
         include_once "Services/Mail/classes/class.ilMimeMail.php";
         global $ilias, $lng;
         $settings = $ilias->getAllSettings();
         $mmail = new ilMimeMail();
         $mmail->autoCheck(false);
         $mmail->From($settings["admin_email"]);
         $mmail->To($obj_user->getEmail());
         // mail subject
         $subject = $lng->txt("reg_mail_subject");
         // mail body
         $body = $lng->txt("reg_mail_body_salutation") . " " . $obj_user->getFullname() . ",\n\n" . $lng->txt("reg_mail_body_text1") . "\n\n" . $lng->txt("reg_mail_body_text2") . "\n" . ILIAS_HTTP_PATH . "/login.php?client_id=" . $ilias->client_id . "\n";
         $body .= $lng->txt("login") . ": " . $obj_user->getLogin() . "\n";
         $body .= $lng->txt("passwd") . ": " . $userLogin['passwd'][0] . "\n";
         $body .= "\n";
         $body .= $lng->txt("reg_mail_body_text3") . "\n\r";
         $body .= $obj_user->getProfileAsString($lng);
         $mmail->Subject($subject);
         $mmail->Body($body);
         $mmail->Send();
         $_SESSION['create_user_account'] = $obj_user->getId();
         return $obj_user;
     }
 }
 /**
  * @param      $a_username
  * @param      $password
  * @param bool $isChallengeResponse
  * @return bool|void
  * @throws ilLDAPQueryException
  */
 function fetchData($a_username, $password, $isChallengeResponse = false)
 {
     /**
      * @var $ilDB      ilDB
      * @var $ilSetting ilSetting
      * @var $rbacadmin ilRbacAdmin
      */
     global $ilDB, $ilSetting, $rbacadmin;
     $settings = new ilSetting('apache_auth');
     if (!$settings->get('apache_enable_auth')) {
         return false;
     }
     if (!$settings->get('apache_auth_indicator_name') || !$settings->get('apache_auth_indicator_value')) {
         return false;
     }
     if (!ilUtil::isLogin($a_username)) {
         return false;
     }
     if ($a_username == 'anonymous' && $password == 'anonymous') {
         $query = 'SELECT * FROM usr_data WHERE login = %s';
         $qres = $ilDB->queryF($query, array('text'), array($a_username));
         $userRow = $ilDB->fetchAssoc($qres);
         if (is_array($userRow) && $userRow['usr_id']) {
             // user as a local account...
             // fetch logindata
             $this->activeUser = $userRow['login'];
             foreach ($userRow as $key => $value) {
                 if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) {
                     continue;
                 }
                 // Use reference to the auth object if exists
                 // This is because the auth session variable can change so a static call to setAuthData does not make sense
                 $this->_auth_obj->setAuthData($key, $value);
             }
             $this->_auth_obj->setAuth($userRow['login']);
             return true;
         }
         return false;
     }
     if (!$_SESSION['login_invalid'] && in_array($_SERVER[$settings->get('apache_auth_indicator_name')], array_filter(array_map('trim', str_getcsv($settings->get('apache_auth_indicator_value')))))) {
         // we have a valid apache auth
         $list = array($ilSetting->get('auth_mode'));
         // Respect the auth method sequence
         include_once './Services/Authentication/classes/class.ilAuthModeDetermination.php';
         $det = ilAuthModeDetermination::_getInstance();
         if (!$det->isManualSelection() && $det->getCountActiveAuthModes() > 1) {
             $list = array();
             foreach (ilAuthModeDetermination::_getInstance()->getAuthModeSequence() as $auth_mode) {
                 $list[] = $auth_mode;
             }
         }
         foreach ($list as $auth_mode) {
             if (AUTH_LDAP == $auth_mode) {
                 // if no local user has been found AND ldap lookup is enabled
                 if ($settings->get('apache_enable_ldap')) {
                     include_once 'Services/LDAP/classes/class.ilLDAPServer.php';
                     $this->server = new ilLDAPServer(ilLDAPServer::_getFirstActiveServer());
                     $this->server->doConnectionCheck();
                     $config = $this->server->toPearAuthArray();
                     $query = new ilLDAPQuery($this->server);
                     $query->bind();
                     $ldapUser = $query->fetchUser($a_username);
                     if ($ldapUser && $ldapUser[$a_username] && $ldapUser[$a_username][$config['userattr']] == $a_username) {
                         $ldapUser[$a_username]['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("ldap", $a_username);
                         $user_data = $ldapUser[$a_username];
                         //array_change_key_case($a_auth->getAuthData(),CASE_LOWER);
                         if ($this->server->enabledSyncOnLogin()) {
                             if (!$user_data['ilInternalAccount'] && $this->server->isAccountMigrationEnabled() && !self::$force_creation) {
                                 $this->_auth_obj->logout();
                                 $_SESSION['tmp_auth_mode'] = 'ldap';
                                 $_SESSION['tmp_external_account'] = $a_username;
                                 $_SESSION['tmp_pass'] = $_POST['password'];
                                 include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
                                 $roles = ilLDAPRoleAssignmentRules::getAssignmentsForCreation($a_username, $user_data);
                                 $_SESSION['tmp_roles'] = array();
                                 foreach ($roles as $info) {
                                     if ($info['action'] == ilLDAPRoleAssignmentRules::ROLE_ACTION_ASSIGN) {
                                         $_SESSION['tmp_roles'][] = $info['id'];
                                     }
                                 }
                                 ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration');
                             }
                             if ($this->updateRequired($a_username)) {
                                 $this->initLDAPAttributeToUser();
                                 $this->ldap_attr_to_user->setUserData($ldapUser);
                                 $this->ldap_attr_to_user->refresh();
                                 $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("ldap", $a_username);
                             } else {
                                 // User exists and no update required
                                 $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("ldap", $a_username);
                             }
                         }
                         if ($user_data['ilInternalAccount']) {
                             $this->_auth_obj->setAuth($user_data['ilInternalAccount']);
                             $this->_auth_obj->username = $user_data['ilInternalAccount'];
                             return true;
                         }
                     }
                 }
             } else {
                 if (AUTH_APACHE != $auth_mode && $settings->get('apache_enable_local')) {
                     $condition = '';
                     if ($ilSetting->get("auth_mode") && $ilSetting->get("auth_mode") == 'ldap') {
                         $condition = " AND auth_mode != " . $ilDB->quote('default', 'text') . " ";
                     }
                     $query = "SELECT * FROM usr_data WHERE login = %s AND auth_mode != %s {$condition}";
                     $qres = $ilDB->queryF($query, array('text', 'text'), array($a_username, 'ldap'));
                     $userRow = $ilDB->fetchAssoc($qres);
                     if (is_array($userRow) && $userRow['usr_id']) {
                         // user as a local account...
                         // fetch logindata
                         $this->activeUser = $userRow['login'];
                         foreach ($userRow as $key => $value) {
                             if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) {
                                 continue;
                             }
                             // Use reference to the auth object if exists
                             // This is because the auth session variable can change so a static call to setAuthData does not make sense
                             $this->_auth_obj->setAuthData($key, $value);
                         }
                         $this->_auth_obj->setAuth($userRow['login']);
                         return true;
                     }
                 }
             }
         }
         if ($settings->get('apache_enable_local') && $settings->get('apache_local_autocreate')) {
             if ($_GET['r']) {
                 $_SESSION['profile_complete_redirect'] = $_GET['r'];
             }
             $user = new ilObjUser();
             $user->setLogin($a_username);
             $user->setExternalAccount($a_username);
             $user->setProfileIncomplete(true);
             $user->create();
             $user->setAuthMode('apache');
             // set a timestamp for last_password_change
             // this ts is needed by ilSecuritySettings
             $user->setLastPasswordChangeTS(time());
             $user->setTimeLimitUnlimited(1);
             $user->setActive(1);
             //insert user data in table user_data
             $user->saveAsNew();
             $user->writePrefs();
             $rbacadmin->assignUser($settings->get('apache_default_role', 4), $user->getId(), true);
             return true;
         }
     } else {
         if (defined('IL_CERT_SSO') && IL_CERT_SSO) {
             define('APACHE_ERRORCODE', AUTH_APACHE_FAILED);
         }
     }
     return false;
 }
 function fetchData($a_username, $password, $isChallengeResponse = false)
 {
     //var_dump(func_get_args());
     //var_dump($_SERVER);
     global $lng;
     $settings = new ilSetting('apache_auth');
     if (!$settings->get('apache_enable_auth')) {
         return false;
     }
     if (!$settings->get('apache_auth_indicator_name') || !$settings->get('apache_auth_indicator_value')) {
         return false;
     }
     if (!ilUtil::isLogin($a_username)) {
         return false;
     }
     if ($a_username == 'anonymous' && $password == 'anonymous') {
         global $ilDB;
         $query = 'SELECT * FROM usr_data WHERE login = %s';
         $qres = $ilDB->queryF($query, array('text'), array($a_username));
         $userRow = $ilDB->fetchAssoc($qres);
         if (is_array($userRow) && $userRow['usr_id']) {
             // user as a local account...
             // fetch logindata
             $this->activeUser = $userRow['login'];
             foreach ($userRow as $key => $value) {
                 if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) {
                     continue;
                 }
                 // Use reference to the auth object if exists
                 // This is because the auth session variable can change so a static call to setAuthData does not make sense
                 $this->_auth_obj->setAuthData($key, $value);
             }
             //var_dump($userRow);
             $this->_auth_obj->setAuth($userRow['login']);
             return true;
         }
         return false;
     }
     if (!$_SESSION['login_invalid'] && $_SERVER[$settings->get('apache_auth_indicator_name')] == $settings->get('apache_auth_indicator_value')) {
         // we have a valid apache auth
         global $ilDB;
         if ($settings->get('apache_enable_local')) {
             $query = 'SELECT * FROM usr_data WHERE login = %s OR (auth_mode = %s AND ext_account = %s)';
             $qres = $ilDB->queryF($query, array('text', 'text', 'text'), array($a_username, 'apache', $a_username));
             $userRow = $ilDB->fetchAssoc($qres);
             if (is_array($userRow) && $userRow['usr_id']) {
                 // user as a local account...
                 // fetch logindata
                 $this->activeUser = $userRow['login'];
                 foreach ($userRow as $key => $value) {
                     if ($key == $this->options['passwordcol'] || $key == $this->options['usernamecol']) {
                         continue;
                     }
                     // Use reference to the auth object if exists
                     // This is because the auth session variable can change so a static call to setAuthData does not make sense
                     $this->_auth_obj->setAuthData($key, $value);
                 }
                 //var_dump($userRow);
                 $this->_auth_obj->setAuth($userRow['login']);
                 return true;
             }
         }
         // if no local user has been found AND ldap lookup is enabled
         if ($settings->get('apache_enable_ldap')) {
             include_once 'Services/LDAP/classes/class.ilLDAPServer.php';
             $this->server = new ilLDAPServer(ilLDAPServer::_getFirstActiveServer());
             $this->server->doConnectionCheck();
             $config = $this->server->toPearAuthArray();
             $query = new ilLDAPQuery($this->server);
             $ldapUser = $query->fetchUser($a_username);
             if ($ldapUser && $ldapUser[$a_username] && $ldapUser[$a_username][$config['userattr']] == $a_username) {
                 $ldapUser[$a_username]['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("apache", $a_username);
                 $user_data = $ldapUser[$a_username];
                 //array_change_key_case($a_auth->getAuthData(),CASE_LOWER);
                 if ($this->server->enabledSyncOnLogin()) {
                     if (!$user_data['ilInternalAccount'] && $this->server->isAccountMigrationEnabled() && !self::$force_creation) {
                         $this->_auth_obj->logout();
                         $_SESSION['tmp_auth_mode'] = 'apache';
                         $_SESSION['tmp_external_account'] = $a_username;
                         $_SESSION['tmp_pass'] = $_POST['password'];
                         include_once './Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php';
                         $roles = ilLDAPRoleAssignmentRules::getAssignmentsForCreation($a_username, $user_data);
                         $_SESSION['tmp_roles'] = array();
                         foreach ($roles as $info) {
                             if ($info['action'] == ilLDAPRoleAssignmentRules::ROLE_ACTION_ASSIGN) {
                                 $_SESSION['tmp_roles'][] = $info['id'];
                             }
                         }
                         ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration');
                         exit;
                     }
                     if ($this->updateRequired($a_username)) {
                         $this->initLDAPAttributeToUser();
                         $this->ldap_attr_to_user->setUserData($ldapUser);
                         $this->ldap_attr_to_user->refresh();
                         $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("apache", $a_username);
                     } else {
                         // User exists and no update required
                         $user_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount("apache", $a_username);
                     }
                 }
                 if ($user_data['ilInternalAccount']) {
                     $this->_auth_obj->setAuth($user_data['ilInternalAccount']);
                     return true;
                 }
             }
         }
         if ($settings->get('apache_enable_local') && $settings->get('apache_local_autocreate')) {
             // no local user, no ldap match or ldap not activated
             //				if (!self::$force_creation)
             //				{
             //					$_SESSION['tmp_auth_mode'] = 'apache';
             //					$_SESSION['tmp_external_account'] = $a_username;
             //					$_SESSION['tmp_pass'] = $_POST['password'];
             //ilUtil::redirect('https://lernwelt.janposselt.de/ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&cmd=showAccountMigration');
             //				}
             //				else
             //				{
             global $ilIliasIniFile;
             if ($_GET['r']) {
                 $_SESSION['profile_complete_redirect'] = $_GET['r'];
             }
             $user = new ilObjUser();
             $user->setLogin($a_username);
             $user->setExternalAccount($a_username);
             $user->setProfileIncomplete(true);
             $user->create();
             $user->setAuthMode('apache');
             // set a timestamp for last_password_change
             // this ts is needed by ilSecuritySettings
             $user->setLastPasswordChangeTS(time());
             $user->setTimeLimitUnlimited(1);
             $user->setActive(1);
             //insert user data in table user_data
             $user->saveAsNew();
             $user->writePrefs();
             global $rbacadmin;
             $rbacadmin->assignUser($settings->get('apache_default_role', 4), $user->getId(), true);
             return true;
             //				}
         }
     } else {
         if (defined('IL_CERT_SSO') && IL_CERT_SSO) {
             define('APACHE_ERRORCODE', AUTH_APACHE_FAILED);
         }
     }
     return false;
 }
 /**
  * handler for end of element when in import user mode.
  */
 function importEndTag($a_xml_parser, $a_name)
 {
     global $ilias, $rbacadmin, $rbacreview, $ilUser, $lng, $ilSetting;
     switch ($a_name) {
         case "Role":
             $this->roles[$this->current_role_id]["name"] = $this->cdata;
             $this->roles[$this->current_role_id]["type"] = $this->current_role_type;
             $this->roles[$this->current_role_id]["action"] = $this->current_role_action;
             break;
         case "PersonalPicture":
             switch ($this->personalPicture["encoding"]) {
                 case "Base64":
                     $this->personalPicture["content"] = base64_decode($this->cdata);
                     break;
                 case "UUEncode":
                     // this only works with PHP >= 5
                     if (version_compare(PHP_VERSION, '5', '>=')) {
                         $this->personalPicture["content"] = convert_uudecode($this->cdata);
                     }
                     break;
             }
             break;
         case "User":
             $this->userObj->setFullname();
             // Fetch the user_id from the database, if we didn't have it in xml file
             // fetch as well, if we are trying to insert -> recognize duplicates!
             if ($this->user_id == -1 || $this->action == "Insert") {
                 $user_id = ilObjUser::getUserIdByLogin($this->userObj->getLogin());
             } else {
                 $user_id = $this->user_id;
             }
             //echo $user_id.":".$this->userObj->getLogin();
             // Handle conflicts
             switch ($this->conflict_rule) {
                 case IL_FAIL_ON_CONFLICT:
                     // do not change action
                     break;
                 case IL_UPDATE_ON_CONFLICT:
                     switch ($this->action) {
                         case "Insert":
                             if ($user_id) {
                                 $this->logWarning($this->userObj->getLogin(), sprintf($lng->txt("usrimport_action_replaced"), "Insert", "Update"));
                                 $this->action = "Update";
                             }
                             break;
                         case "Update":
                             if (!$user_id) {
                                 $this->logWarning($this->userObj->getLogin(), sprintf($lng->txt("usrimport_action_replaced"), "Update", "Insert"));
                                 $this->action = "Insert";
                             }
                             break;
                         case "Delete":
                             if (!$user_id) {
                                 $this->logWarning($this->userObj->getLogin(), sprintf($lng->txt("usrimport_action_ignored"), "Delete"));
                                 $this->action = "Ignore";
                             }
                             break;
                     }
                     break;
                 case IL_IGNORE_ON_CONFLICT:
                     switch ($this->action) {
                         case "Insert":
                             if ($user_id) {
                                 $this->logWarning($this->userObj->getLogin(), sprintf($lng->txt("usrimport_action_ignored"), "Insert"));
                                 $this->action = "Ignore";
                             }
                             break;
                         case "Update":
                             if (!$user_id) {
                                 $this->logWarning($this->userObj->getLogin(), sprintf($lng->txt("usrimport_action_ignored"), "Update"));
                                 $this->action = "Ignore";
                             }
                             break;
                         case "Delete":
                             if (!$user_id) {
                                 $this->logWarning($this->userObj->getLogin(), sprintf($lng->txt("usrimport_action_ignored"), "Delete"));
                                 $this->action = "Ignore";
                             }
                             break;
                     }
                     break;
             }
             // check external account conflict (if external account is already used)
             // note: we cannot apply conflict rules in the same manner as to logins here
             // so we ignore records with already existing external accounts.
             //echo $this->userObj->getAuthMode().'h';
             $am = $this->userObj->getAuthMode() == "default" || $this->userObj->getAuthMode() == "" ? ilAuthUtils::_getAuthModeName($ilSetting->get('auth_mode')) : $this->userObj->getAuthMode();
             $loginForExternalAccount = $this->userObj->getExternalAccount() == "" ? "" : ilObjUser::_checkExternalAuthAccount($am, $this->userObj->getExternalAccount());
             switch ($this->action) {
                 case "Insert":
                     if ($loginForExternalAccount != "") {
                         $this->logWarning($this->userObj->getLogin(), $lng->txt("usrimport_no_insert_ext_account_exists") . " (" . $this->userObj->getExternalAccount() . ")");
                         $this->action = "Ignore";
                     }
                     break;
                 case "Update":
                     // this variable describes the ILIAS login which belongs to the given external account!!!
                     // it is NOT nescessarily the ILIAS login of the current user record !!
                     // so if we found an ILIAS login according to the authentication method
                     // check if the ILIAS login belongs to the current user record, otherwise somebody else is using it!
                     if ($loginForExternalAccount != "") {
                         // check if we changed the value!
                         $externalAccountHasChanged = $this->userObj->getExternalAccount() != ilObjUser::_lookupExternalAccount($this->user_id);
                         // if it has changed and the external login
                         if ($externalAccountHasChanged && trim($loginForExternalAccount) != trim($this->userObj->getLogin())) {
                             $this->logWarning($this->userObj->getLogin(), $lng->txt("usrimport_no_update_ext_account_exists") . " (" . $this->userObj->getExternalAccount() . ")");
                             $this->action = "Ignore";
                         }
                     }
                     break;
             }
             // Perform the action
             switch ($this->action) {
                 case "Insert":
                     if ($user_id) {
                         $this->logFailure($this->userObj->getLogin(), $lng->txt("usrimport_cant_insert"));
                     } else {
                         if (!strlen($this->currPassword) == 0) {
                             switch ($this->currPasswordType) {
                                 case "ILIAS2":
                                     $this->userObj->setPasswd($this->currPassword, IL_PASSWD_CRYPT);
                                     break;
                                 case "ILIAS3":
                                     $this->userObj->setPasswd($this->currPassword, IL_PASSWD_MD5);
                                     break;
                                 case "PLAIN":
                                     $this->userObj->setPasswd($this->currPassword, IL_PASSWD_PLAIN);
                                     $this->acc_mail->setUserPassword($this->currPassword);
                                     break;
                             }
                         } else {
                             // this does the trick for empty passwords
                             // since a MD5 string has always 32 characters,
                             // no hashed password combination will ever equal to
                             // an empty string
                             $this->userObj->setPasswd("", IL_PASSWD_MD5);
                         }
                         $this->userObj->setTitle($this->userObj->getFullname());
                         $this->userObj->setDescription($this->userObj->getEmail());
                         if (!$this->time_limit_owner_set) {
                             $this->userObj->setTimeLimitOwner($this->getFolderId());
                         }
                         // default time limit settings
                         if (!$this->time_limit_set) {
                             $this->userObj->setTimeLimitUnlimited(1);
                             $this->userObj->setTimeLimitMessage(0);
                             if (!$this->approve_date_set) {
                                 $this->userObj->setApproveDate(date("Y-m-d H:i:s"));
                             }
                         }
                         $this->userObj->setActive($this->currActive == 'true' || is_null($this->currActive));
                         // Finally before saving new user.
                         // Check if profile is incomplete
                         // #8759
                         if (count($this->udf_data)) {
                             $this->userObj->setUserDefinedData($this->udf_data);
                         }
                         $this->userObj->setProfileIncomplete($this->checkProfileIncomplete($this->userObj));
                         $this->userObj->create();
                         //insert user data in table user_data
                         $this->userObj->saveAsNew(false);
                         // Set default prefs
                         $this->userObj->setPref('hits_per_page', $ilSetting->get('hits_per_page', 30));
                         $this->userObj->setPref('show_users_online', $ilSetting->get('show_users_online', 'y'));
                         if (count($this->prefs)) {
                             foreach ($this->prefs as $key => $value) {
                                 if ($key != "mail_incoming_type" && $key != "mail_signature" && $key != "mail_linebreak") {
                                     $this->userObj->setPref($key, $value);
                                 }
                             }
                         }
                         $this->userObj->writePrefs();
                         // update mail preferences, to be extended
                         $this->updateMailPreferences($this->userObj->getId());
                         if (is_array($this->personalPicture)) {
                             if (strlen($this->personalPicture["content"])) {
                                 $extension = "jpg";
                                 if (preg_match("/.*(png|jpg|gif|jpeg)\$/", $this->personalPicture["imagetype"], $matches)) {
                                     $extension = $matches[1];
                                 }
                                 $tmp_name = $this->saveTempImage($this->personalPicture["content"], ".{$extension}");
                                 if (strlen($tmp_name)) {
                                     ilObjUser::_uploadPersonalPicture($tmp_name, $this->userObj->getId());
                                     unlink($tmp_name);
                                 }
                             }
                         }
                         if ($this->ilincdata["id"]) {
                             include_once 'Modules/ILinc/classes/class.ilObjiLincUser.php';
                             $ilinc_user = new ilObjiLincUser($this->userObj);
                             $ilinc_user->setVar("id", $this->ilincdata["id"]);
                             $ilinc_user->setVar("login", $this->ilincdata["login"]);
                             $ilinc_user->setVar("passwd", $this->ilincdata["password"]);
                             $ilinc_user->update();
                         }
                         //set role entries
                         foreach ($this->roles as $role_id => $role) {
                             if ($this->role_assign[$role_id]) {
                                 $this->assignToRole($this->userObj, $this->role_assign[$role_id]);
                             }
                         }
                         if (count($this->udf_data)) {
                             include_once './Services/User/classes/class.ilUserDefinedData.php';
                             $udd = new ilUserDefinedData($this->userObj->getId());
                             foreach ($this->udf_data as $field => $value) {
                                 $udd->set("f_" . $field, $value);
                             }
                             $udd->update();
                         }
                         $this->sendAccountMail();
                         $this->logSuccess($this->userObj->getLogin(), $this->userObj->getId(), "Insert");
                         // reset account mail object
                         $this->acc_mail->reset();
                     }
                     break;
                 case "Update":
                     if (!$user_id) {
                         $this->logFailure($this->userObj->getLogin(), $lng->txt("usrimport_cant_update"));
                     } else {
                         $updateUser = new ilObjUser($user_id);
                         $updateUser->read();
                         $updateUser->readPrefs();
                         if ($this->currPassword != null) {
                             switch ($this->currPasswordType) {
                                 case "ILIAS2":
                                     $updateUser->setPasswd($this->currPassword, IL_PASSWD_CRYPT);
                                     break;
                                 case "ILIAS3":
                                     $updateUser->setPasswd($this->currPassword, IL_PASSWD_MD5);
                                     break;
                                 case "PLAIN":
                                     $updateUser->setPasswd($this->currPassword, IL_PASSWD_PLAIN);
                                     $this->acc_mail->setUserPassword($this->currPassword);
                                     break;
                             }
                         }
                         if (!is_null($this->userObj->getFirstname())) {
                             $updateUser->setFirstname($this->userObj->getFirstname());
                         }
                         if (!is_null($this->userObj->getLastname())) {
                             $updateUser->setLastname($this->userObj->getLastname());
                         }
                         if (!is_null($this->userObj->getUTitle())) {
                             $updateUser->setUTitle($this->userObj->getUTitle());
                         }
                         if (!is_null($this->userObj->getGender())) {
                             $updateUser->setGender($this->userObj->getGender());
                         }
                         if (!is_null($this->userObj->getEmail())) {
                             $updateUser->setEmail($this->userObj->getEmail());
                         }
                         if (!is_null($this->userObj->getBirthday())) {
                             $updateUser->setBirthday($this->userObj->getBirthday());
                         }
                         if (!is_null($this->userObj->getInstitution())) {
                             $updateUser->setInstitution($this->userObj->getInstitution());
                         }
                         if (!is_null($this->userObj->getStreet())) {
                             $updateUser->setStreet($this->userObj->getStreet());
                         }
                         if (!is_null($this->userObj->getCity())) {
                             $updateUser->setCity($this->userObj->getCity());
                         }
                         if (!is_null($this->userObj->getZipCode())) {
                             $updateUser->setZipCode($this->userObj->getZipCode());
                         }
                         if (!is_null($this->userObj->getCountry())) {
                             $updateUser->setCountry($this->userObj->getCountry());
                         }
                         if (!is_null($this->userObj->getPhoneOffice())) {
                             $updateUser->setPhoneOffice($this->userObj->getPhoneOffice());
                         }
                         if (!is_null($this->userObj->getPhoneHome())) {
                             $updateUser->setPhoneHome($this->userObj->getPhoneHome());
                         }
                         if (!is_null($this->userObj->getPhoneMobile())) {
                             $updateUser->setPhoneMobile($this->userObj->getPhoneMobile());
                         }
                         if (!is_null($this->userObj->getFax())) {
                             $updateUser->setFax($this->userObj->getFax());
                         }
                         if (!is_null($this->userObj->getHobby())) {
                             $updateUser->setHobby($this->userObj->getHobby());
                         }
                         if (!is_null($this->userObj->getComment())) {
                             $updateUser->setComment($this->userObj->getComment());
                         }
                         if (!is_null($this->userObj->getDepartment())) {
                             $updateUser->setDepartment($this->userObj->getDepartment());
                         }
                         if (!is_null($this->userObj->getMatriculation())) {
                             $updateUser->setMatriculation($this->userObj->getMatriculation());
                         }
                         if (!is_null($this->currActive)) {
                             $updateUser->setActive($this->currActive == "true", is_object($ilUser) ? $ilUser->getId() : 0);
                         }
                         if (!is_null($this->userObj->getClientIP())) {
                             $updateUser->setClientIP($this->userObj->getClientIP());
                         }
                         if (!is_null($this->userObj->getTimeLimitUnlimited())) {
                             $updateUser->setTimeLimitUnlimited($this->userObj->getTimeLimitUnlimited());
                         }
                         if (!is_null($this->userObj->getTimeLimitFrom())) {
                             $updateUser->setTimeLimitFrom($this->userObj->getTimeLimitFrom());
                         }
                         if (!is_null($this->userObj->getTimeLimitUntil())) {
                             $updateUser->setTimeLimitUntil($this->userObj->getTimeLimitUntil());
                         }
                         if (!is_null($this->userObj->getTimeLimitMessage())) {
                             $updateUser->setTimeLimitMessage($this->userObj->getTimeLimitMessage());
                         }
                         if (!is_null($this->userObj->getApproveDate())) {
                             $updateUser->setApproveDate($this->userObj->getApproveDate());
                         }
                         if (!is_null($this->userObj->getAgreeDate())) {
                             $updateUser->setAgreeDate($this->userObj->getAgreeDate());
                         }
                         if (!is_null($this->userObj->getLanguage())) {
                             $updateUser->setLanguage($this->userObj->getLanguage());
                         }
                         if (!is_null($this->userObj->getExternalAccount())) {
                             $updateUser->setExternalAccount($this->userObj->getExternalAccount());
                         }
                         // Fixed: if auth_mode is not set, it was always overwritten with auth_default
                         #if (! is_null($this->userObj->getAuthMode())) $updateUser->setAuthMode($this->userObj->getAuthMode());
                         if ($this->auth_mode_set) {
                             $updateUser->setAuthMode($this->userObj->getAuthMode());
                         }
                         if (!is_null($this->userObj->getInstantMessengerId("aim"))) {
                             $updateUser->setInstantMessengerId("aim", $this->userObj->getInstantMessengerId("aim"));
                         }
                         if (!is_null($this->userObj->getInstantMessengerId("msn"))) {
                             $updateUser->setInstantMessengerId("msn", $this->userObj->getInstantMessengerId("msn"));
                         }
                         if (!is_null($this->userObj->getInstantMessengerId("icq"))) {
                             $updateUser->setInstantMessengerId("icq", $this->userObj->getInstantMessengerId("icq"));
                         }
                         if (!is_null($this->userObj->getInstantMessengerId("yahoo"))) {
                             $updateUser->setInstantMessengerId("yahoo", $this->userObj->getInstantMessengerId("yahoo"));
                         }
                         if (!is_null($this->userObj->getInstantMessengerId("skype"))) {
                             $updateUser->setInstantMessengerId("skype", $this->userObj->getInstantMessengerId("skype"));
                         }
                         if (!is_null($this->userObj->getInstantMessengerId("jabber"))) {
                             $updateUser->setInstantMessengerId("jabber", $this->userObj->getInstantMessengerId("jabber"));
                         }
                         if (!is_null($this->userObj->getInstantMessengerId("voip"))) {
                             $updateUser->setInstantMessengerId("voip", $this->userObj->getInstantMessengerId("voip"));
                         }
                         // Special handlin since it defaults to 7 (USER_FOLDER_ID)
                         if ($this->time_limit_owner_set) {
                             $updateUser->setTimeLimitOwner($this->userObj->getTimeLimitOwner());
                         }
                         if (count($this->prefs)) {
                             foreach ($this->prefs as $key => $value) {
                                 if ($key != "mail_incoming_type" && $key != "mail_signature" && $key != "mail_linebreak") {
                                     $updateUser->setPref($key, $value);
                                 }
                             }
                         }
                         // save user preferences (skin and style)
                         if ($this->updateLookAndSkin) {
                             $updateUser->setPref("skin", $this->userObj->getPref("skin"));
                             $updateUser->setPref("style", $this->userObj->getPref("style"));
                         }
                         $updateUser->writePrefs();
                         // update mail preferences, to be extended
                         $this->updateMailPreferences($updateUser->getId());
                         // #8759
                         if (count($this->udf_data)) {
                             $updateUser->setUserDefinedData($this->udf_data);
                         }
                         $updateUser->setProfileIncomplete($this->checkProfileIncomplete($updateUser));
                         $updateUser->setTitle($updateUser->getFullname());
                         $updateUser->setDescription($updateUser->getEmail());
                         $updateUser->update();
                         if ($this->ilincdata["id"]) {
                             include_once 'Modules/ILinc/classes/class.ilObjiLincUser.php';
                             $ilinc_user = new ilObjiLincUser($updateUser);
                             $ilinc_user->setVar("id", $this->ilincdata["id"]);
                             $ilinc_user->setVar("login", $this->ilincdata["login"]);
                             $ilinc_user->setVar("passwd", $this->ilincdata["password"]);
                             $ilinc_user->update();
                         }
                         if (count($this->udf_data)) {
                             include_once './Services/User/classes/class.ilUserDefinedData.php';
                             $udd = new ilUserDefinedData($updateUser->getId());
                             foreach ($this->udf_data as $field => $value) {
                                 $udd->set("f_" . $field, $value);
                             }
                             $udd->update();
                         }
                         // update login
                         if (!is_null($this->userObj->getLogin()) && $this->user_id != -1) {
                             try {
                                 $updateUser->updateLogin($this->userObj->getLogin());
                             } catch (ilUserException $e) {
                             }
                         }
                         // if language has changed
                         if (is_array($this->personalPicture)) {
                             if (strlen($this->personalPicture["content"])) {
                                 $extension = "jpg";
                                 if (preg_match("/.*(png|jpg|gif|jpeg)\$/", $this->personalPicture["imagetype"], $matches)) {
                                     $extension = $matches[1];
                                 }
                                 $tmp_name = $this->saveTempImage($this->personalPicture["content"], ".{$extension}");
                                 if (strlen($tmp_name)) {
                                     ilObjUser::_uploadPersonalPicture($tmp_name, $this->userObj->getId());
                                     unlink($tmp_name);
                                 }
                             }
                         }
                         //update role entries
                         //-------------------
                         foreach ($this->roles as $role_id => $role) {
                             if ($this->role_assign[$role_id]) {
                                 switch ($role["action"]) {
                                     case "Assign":
                                         $this->assignToRole($updateUser, $this->role_assign[$role_id]);
                                         break;
                                     case "AssignWithParents":
                                         $this->assignToRoleWithParents($updateUser, $this->role_assign[$role_id]);
                                         break;
                                     case "Detach":
                                         $this->detachFromRole($updateUser, $this->role_assign[$role_id]);
                                         break;
                                 }
                             }
                         }
                         $this->logSuccess($updateUser->getLogin(), $user_id, "Update");
                     }
                     break;
                 case "Delete":
                     if (!$user_id) {
                         $this->logFailure($this->userObj->getLogin(), $lng->txt("usrimport_cant_delete"));
                     } else {
                         $deleteUser = new ilObjUser($user_id);
                         $deleteUser->delete();
                         $this->logSuccess($this->userObj->getLogin(), $user_id, "Delete");
                     }
                     break;
             }
             // init role array for next user
             $this->roles = array();
             break;
         case "Login":
             $this->userObj->setLogin($this->cdata);
             break;
         case "Password":
             $this->currPassword = $this->cdata;
             break;
         case "Firstname":
             $this->userObj->setFirstname($this->cdata);
             break;
         case "Lastname":
             $this->userObj->setLastname($this->cdata);
             break;
         case "Title":
             $this->userObj->setUTitle($this->cdata);
             break;
         case "Gender":
             $this->userObj->setGender($this->cdata);
             break;
         case "Email":
             $this->userObj->setEmail($this->cdata);
             break;
         case "Birthday":
             $timestamp = strtotime($this->cdata);
             if ($timestamp !== false) {
                 $this->userObj->setBirthday($this->cdata);
             }
             break;
         case "Institution":
             $this->userObj->setInstitution($this->cdata);
             break;
         case "Street":
             $this->userObj->setStreet($this->cdata);
             break;
         case "City":
             $this->userObj->setCity($this->cdata);
             break;
         case "PostalCode":
             $this->userObj->setZipCode($this->cdata);
             break;
         case "Country":
             $this->userObj->setCountry($this->cdata);
             break;
         case "PhoneOffice":
             $this->userObj->setPhoneOffice($this->cdata);
             break;
         case "PhoneHome":
             $this->userObj->setPhoneHome($this->cdata);
             break;
         case "PhoneMobile":
             $this->userObj->setPhoneMobile($this->cdata);
             break;
         case "Fax":
             $this->userObj->setFax($this->cdata);
             break;
         case "Hobby":
             $this->userObj->setHobby($this->cdata);
             break;
         case "Comment":
             $this->userObj->setComment($this->cdata);
             break;
         case "Department":
             $this->userObj->setDepartment($this->cdata);
             break;
         case "Matriculation":
             $this->userObj->setMatriculation($this->cdata);
             break;
         case "Active":
             $this->currActive = $this->cdata;
             break;
         case "ClientIP":
             $this->userObj->setClientIP($this->cdata);
             break;
         case "TimeLimitOwner":
             $this->time_limit_owner_set = true;
             $this->userObj->setTimeLimitOwner($this->cdata);
             break;
         case "TimeLimitUnlimited":
             $this->time_limit_set = true;
             $this->userObj->setTimeLimitUnlimited($this->cdata);
             break;
         case "TimeLimitFrom":
             if (is_numeric($this->cdata)) {
                 // Treat cdata as a unix timestamp
                 $this->userObj->setTimeLimitFrom($this->cdata);
             } else {
                 // Try to convert cdata into unix timestamp, or ignore it
                 $timestamp = strtotime($this->cdata);
                 if ($timestamp !== false && trim($this->cdata) != "0000-00-00 00:00:00") {
                     $this->userObj->setTimeLimitFrom($timestamp);
                 } elseif ($this->cdata == "0000-00-00 00:00:00") {
                     $this->userObj->setTimeLimitFrom(null);
                 }
             }
             break;
         case "TimeLimitUntil":
             if (is_numeric($this->cdata)) {
                 // Treat cdata as a unix timestamp
                 $this->userObj->setTimeLimitUntil($this->cdata);
             } else {
                 // Try to convert cdata into unix timestamp, or ignore it
                 $timestamp = strtotime($this->cdata);
                 if ($timestamp !== false && trim($this->cdata) != "0000-00-00 00:00:00") {
                     $this->userObj->setTimeLimitUntil($timestamp);
                 } elseif ($this->cdata == "0000-00-00 00:00:00") {
                     $this->userObj->setTimeLimitUntil(null);
                 }
             }
             break;
         case "TimeLimitMessage":
             $this->userObj->setTimeLimitMessage($this->cdata);
             break;
         case "ApproveDate":
             $this->approve_date_set = true;
             if (is_numeric($this->cdata)) {
                 // Treat cdata as a unix timestamp
                 $tmp_date = new ilDateTime($this->cdata, IL_CAL_UNIX);
                 $this->userObj->setApproveDate($tmp_date->get(IL_CAL_DATETIME));
             } else {
                 // Try to convert cdata into unix timestamp, or ignore it
                 $timestamp = strtotime($this->cdata);
                 if ($timestamp !== false && trim($this->cdata) != "0000-00-00 00:00:00") {
                     $tmp_date = new ilDateTime($timestamp, IL_CAL_UNIX);
                     $this->userObj->setApproveDate($tmp_date->get(IL_CAL_DATETIME));
                 } elseif ($this->cdata == "0000-00-00 00:00:00") {
                     $this->userObj->setApproveDate(null);
                 }
             }
             break;
         case "AgreeDate":
             if (is_numeric($this->cdata)) {
                 // Treat cdata as a unix timestamp
                 $tmp_date = new ilDateTime($this->cdata, IL_CAL_UNIX);
                 $this->userObj->setAgreeDate($tmp_date->get(IL_CAL_DATETIME));
             } else {
                 // Try to convert cdata into unix timestamp, or ignore it
                 $timestamp = strtotime($this->cdata);
                 if ($timestamp !== false && trim($this->cdata) != "0000-00-00 00:00:00") {
                     $tmp_date = new ilDateTime($timestamp, IL_CAL_UNIX);
                     $this->userObj->setAgreeDate($tmp_date->get(IL_CAL_DATETIME));
                 } elseif ($this->cdata == "0000-00-00 00:00:00") {
                     $this->userObj->setAgreeDate(null);
                 }
             }
             break;
         case "iLincID":
             $this->ilincdata["id"] = $this->cdata;
             break;
         case "iLincLogin":
             $this->{$ilincdata}["login"] = $this->cdata;
             break;
         case "iLincPasswd":
             $this->{$ilincdata}["password"] = $this->cdata;
             //$this->userObj->setiLincData($this->ilincdata);
             break;
         case "ExternalAccount":
             $this->userObj->setExternalAccount($this->cdata);
             break;
         case "Look":
             $this->updateLookAndSkin = false;
             if (!$this->hideSkin) {
                 // TODO: what to do with disabled skins? is it possible to change the skin via import?
                 if (strlen($this->skin) > 0 && strlen($this->style) > 0) {
                     if (is_array($this->userStyles)) {
                         if (in_array($this->skin . ":" . $this->style, $this->userStyles)) {
                             $this->userObj->setPref("skin", $this->skin);
                             $this->userObj->setPref("style", $this->style);
                             $this->updateLookAndSkin = true;
                         }
                     }
                 }
             }
             break;
         case 'UserDefinedField':
             include_once './Services/User/classes/class.ilUserDefinedFields.php';
             $udf = ilUserDefinedFields::_getInstance();
             if ($field_id = $udf->fetchFieldIdFromImportId($this->tmp_udf_id)) {
                 $this->udf_data[$field_id] = $this->cdata;
             } elseif ($field_id = $udf->fetchFieldIdFromName($this->tmp_udf_name)) {
                 $this->udf_data[$field_id] = $this->cdata;
             }
             break;
         case 'AccountInfo':
             if ($this->current_messenger_type == "delicious") {
                 $this->userObj->setDelicious($this->cdata);
             } elseif ($this->current_messenger_type == "external") {
                 $this->userObj->setExternalAccount($this->cdata);
             } else {
                 $this->userObj->setInstantMessengerId($this->current_messenger_type, $this->cdata);
             }
             break;
         case 'Pref':
             if ($this->currentPrefKey != null && strlen(trim($this->cdata)) > 0 && ilUserXMLWriter::isPrefExportable($this->currentPrefKey)) {
                 $this->prefs[$this->currentPrefKey] = trim($this->cdata);
             }
             $this->currentPrefKey = null;
             break;
     }
 }