public static function verify($course, $id)
{
global $DB, $OUTPUT;
$entry = self::get_one($id);
$value = optional_param('key', null, PARAM_TEXT);
$userid = optional_param('activator', null, PARAM_INT);
$params = array('instance' => $course->id, 'value' => $value, 'userid' => $userid, 'script' => 'blocks/quickmail');
$back_url = self::base_url($course->id);
// Pass through already valid entries
if ($entry->valid) {
redirect($back_url);
}
// Verify key
if (empty($value) or !($key = $DB->get_record('user_private_key', $params))) {
$reactivate = self::base_url($course->id, array('id' => $id, 'action' => self::INFORMATION));
$html = $OUTPUT->notification(quickmail::_s('entry_key_not_valid', $entry));
$html .= $OUTPUT->continue_button($reactivate);
return $html;
}
// One at a time...They can resend the link if they want
delete_user_key('blocks/quickmail', $userid);
$entry->valid = 1;
$DB->update_record('block_quickmail_alternate', $entry);
$entry->course = $course->fullname;
$html = $OUTPUT->notification(quickmail::_s('entry_activated', $entry), 'notifysuccess');
$html .= $OUTPUT->continue_button($back_url);
return $html;
}
/**
* Removes the token for the given user from the DB
* @param int $userid The user id for the token you wish to delete
*/
function rss_delete_token($userid)
{
delete_user_key('rss', $userid);
}
$context = context_system::instance();
$PAGE->set_context($context);
// Force https.
$PAGE->https_required();
// Check if the user is already logged-in.
if (isloggedin() and !isguestuser()) {
delete_user_key('tool_mobile', $userid);
if ($USER->id == $userid) {
redirect($urltogo);
} else {
throw new moodle_exception('alreadyloggedin', 'error', '', format_string(fullname($USER)));
}
}
tool_mobile\api::check_autologin_prerequisites($userid);
// Validate and delete the key.
$key = validate_user_key($key, 'tool_mobile', null);
delete_user_key('tool_mobile', $userid);
// Double check key belong to user.
if ($key->userid != $userid) {
throw new moodle_exception('invalidkey');
}
// Key validated, now require an active user: not guest, not suspended.
$user = core_user::get_user($key->userid, '*', MUST_EXIST);
core_user::require_active_user($user, true, true);
// Do the user log-in.
if (!($user = get_complete_user_data('id', $user->id))) {
throw new moodle_exception('cannotfinduser', '', '', $user->id);
}
complete_user_login($user);
\core\session\manager::apply_concurrent_login_limit($user->id, session_id());
redirect($urltogo);
/**
* Creates an auto-login key for the current user, this key is restricted by time and ip address.
*
* @return string the key
* @since Moodle 3.2
*/
public static function get_autologin_key()
{
global $USER;
// Delete previous keys.
delete_user_key('tool_mobile', $USER->id);
// Create a new key.
$iprestriction = getremoteaddr();
$validuntil = time() + self::LOGIN_KEY_TTL;
return create_user_key('tool_mobile', $USER->id, null, $iprestriction, $validuntil);
}
