/** * Process an authorization request. * * Operations: * - Auto creates users. * - Sets up user object for linked accounts. * * @param string $oidcuniqid The OIDC unique identifier received. * @param array $tokenparams Received token parameters. * @param \auth_oidc\jwt $idtoken Received id token. * @return bool Success/Failure. */ public function request_user_authorise($oidcuniqid, $tokenparams, $idtoken) { global $USER, $SESSION; $this->must_be_ready(); $username = $oidcuniqid; $email = $idtoken->claim('email'); $firstname = $idtoken->claim('given_name'); $lastname = $idtoken->claim('family_name'); // Office 365 uses "upn". $upn = $idtoken->claim('upn'); if (!empty($upn)) { $username = $upn; $email = $upn; } $create = false; try { $user = new \User(); $user->find_by_instanceid_username($this->instanceid, $username, true); if ($user->get('suspendedcusr')) { die_info(get_string('accountsuspended', 'mahara', strftime(get_string('strftimedaydate'), $user->get('suspendedctime')), $user->get('suspendedreason'))); } } catch (\AuthUnknownUserException $e) { if ($this->can_auto_create_users() === true) { $institution = new \Institution($this->institution); if ($institution->isFull()) { throw new \XmlrpcClientException('OpenID Connect login attempt failed because the institution is full.'); } $user = new \User(); $create = true; } else { return false; } } if ($create === true) { $user->passwordchange = 0; $user->active = 1; $user->deleted = 0; $user->expiry = null; $user->expirymailsent = 0; $user->lastlogin = time(); $user->firstname = $firstname; $user->lastname = $lastname; $user->email = $email; $user->authinstance = $this->instanceid; db_begin(); $user->username = get_new_username($username); $user->id = create_user($user, array(), $this->institution, $this, $username); $userobj = $user->to_stdclass(); $userarray = (array) $userobj; db_commit(); $user = new User(); $user->find_by_id($userobj->id); } $user->commit(); $USER->reanimate($user->id, $this->instanceid); $SESSION->set('authinstance', $this->instanceid); return true; }
function denyregistration_submit(Pieform $form, $values) { global $USER, $SESSION; if (isset($values['message']) && !empty($values['message'])) { $message = get_string('registrationdeniedmessagereason', 'auth.internal', $values['firstname'], get_config('sitename'), $values['message'], display_name($USER)); } else { $message = get_string('registrationdeniedmessage', 'auth.internal', $values['firstname'], get_config('sitename'), display_name($USER)); } try { delete_records('usr_registration', 'email', $values['email']); $user = (object) $values; $user->admin = 0; $user->staff = 0; email_user($user, $USER, get_string('registrationdeniedemailsubject', 'auth.internal', get_config('sitename')), $message); } catch (EmailException $e) { log_warn($e); die_info(get_string('registrationdeniedunsuccessful', 'admin')); } catch (SQLException $e) { log_warn($e); die_info(get_string('registrationdeniedunsuccessful', 'admin')); } $SESSION->add_ok_msg(get_string('registrationdeniedsuccessful', 'admin')); redirect('/admin/users/pendingregistrations.php?institution=' . $values['institution']); }
/** * Grab a delegate object for auth stuff */ public function request_user_authorise($token, $remotewwwroot) { global $USER, $SESSION; $this->must_be_ready(); $peer = get_peer($remotewwwroot); if ($peer->deleted != 0 || $this->config['theyssoin'] != 1) { throw new XmlrpcClientException('We don\'t accept SSO connections from ' . institution_display_name($peer->institution)); } $client = new Client(); $client->set_method('auth/mnet/auth.php/user_authorise')->add_param($token)->add_param(sha1($_SERVER['HTTP_USER_AGENT']))->send($remotewwwroot); $remoteuser = (object) $client->response; if (empty($remoteuser) or !property_exists($remoteuser, 'username')) { // Caught by land.php throw new AccessDeniedException(); } $create = false; $update = false; if ('1' == $this->config['updateuserinfoonlogin']) { $update = true; } // Retrieve a $user object. If that fails, create a blank one. try { $user = new User(); if (get_config('usersuniquebyusername')) { // When turned on, this setting means that it doesn't matter // which other application the user SSOs from, they will be // given the same account in Mahara. // // This setting is one that has security implications unless // only turned on by people who know what they're doing. In // particular, every system linked to Mahara should be making // sure that same username == same person. This happens for // example if two Moodles are using the same LDAP server for // authentication. // // If this setting is on, it must NOT be possible to self // register on the site for ANY institution - otherwise users // could simply pick usernames of people's accounts they wished // to steal. if ($institutions = get_column('institution', 'name', 'registerallowed', '1')) { log_warn("usersuniquebyusername is turned on but registration is allowed for an institution. " . "No institution can have registration allowed for it, for security reasons.\n" . "The following institutions have registration enabled:\n " . join("\n ", $institutions)); throw new AccessDeniedException(); } if (!get_config('usersallowedmultipleinstitutions')) { log_warn("usersuniquebyusername is turned on but usersallowedmultipleinstitutions is off. " . "This makes no sense, as users will then change institution every time they log in from " . "somewhere else. Please turn this setting on in Site Options"); throw new AccessDeniedException(); } $user->find_by_username($remoteuser->username); } else { $user->find_by_instanceid_username($this->instanceid, $remoteuser->username, true); } if ($user->get('suspendedcusr')) { die_info(get_string('accountsuspended', 'mahara', strftime(get_string('strftimedaydate'), $user->get('suspendedctime')), $user->get('suspendedreason'))); } } catch (AuthUnknownUserException $e) { if (!empty($this->config['weautocreateusers'])) { $institution = new Institution($this->institution); if ($institution->isFull()) { $institution->send_admin_institution_is_full_message(); throw new XmlrpcClientException('SSO attempt from ' . $institution->displayname . ' failed - institution is full'); } $user = new User(); $create = true; } else { log_debug("User authorisation request from {$remotewwwroot} failed - " . "remote user '{$remoteuser->username}' is unknown to us and auto creation of users is turned off"); return false; } } /*******************************************/ if ($create) { $user->passwordchange = 1; $user->active = 1; $user->deleted = 0; //TODO: import institution's expiry?: //$institution = new Institution($peer->institution); $user->expiry = null; $user->expirymailsent = 0; $user->lastlogin = time(); $user->firstname = $remoteuser->firstname; $user->lastname = $remoteuser->lastname; $user->email = $remoteuser->email; $imported = array('firstname', 'lastname', 'email'); //TODO: import institution's per-user-quota?: //$user->quota = $userrecord->quota; $user->authinstance = empty($this->config['parent']) ? $this->instanceid : $this->parent; db_begin(); $user->username = get_new_username($remoteuser->username); $user->id = create_user($user, array(), $this->institution, $this, $remoteuser->username); $locked = $this->import_user_settings($user, $remoteuser); $locked = array_merge($imported, $locked); /* * We need to convert the object to a stdclass with its own * custom method because it uses overloaders in its implementation * and its properties wouldn't be visible to a simple cast operation * like (array)$user */ $userobj = $user->to_stdclass(); $userarray = (array) $userobj; db_commit(); // Now we have fired the create event, we need to re-get the data // for this user $user = new User(); $user->find_by_id($userobj->id); } elseif ($update) { $imported = array('firstname', 'lastname', 'email'); foreach ($imported as $field) { if ($user->{$field} != $remoteuser->{$field}) { $user->{$field} = $remoteuser->{$field}; set_profile_field($user->id, $field, $user->{$field}); } } if (isset($remoteuser->idnumber)) { if ($user->studentid != $remoteuser->idnumber) { $user->studentid = $remoteuser->idnumber; set_profile_field($user->id, 'studentid', $user->studentid); } $imported[] = 'studentid'; } $locked = $this->import_user_settings($user, $remoteuser); $locked = array_merge($imported, $locked); $user->lastlastlogin = $user->lastlogin; $user->lastlogin = time(); //TODO: import institution's per-user-quota?: //$user->quota = $userrecord->quota; $user->commit(); } if (get_config('usersuniquebyusername')) { // Add them to the institution they have SSOed in by $user->join_institution($peer->institution); } // See if we need to create/update a profile Icon image if ($create || $update) { $client->set_method('auth/mnet/auth.php/fetch_user_image')->add_param($remoteuser->username)->send($remotewwwroot); $imageobject = (object) $client->response; $u = preg_replace('/[^A-Za-z0-9 ]/', '', $user->username); $filename = get_config('dataroot') . 'temp/mpi_' . intval($this->instanceid) . '_' . $u; if (array_key_exists('f1', $client->response)) { $imagecontents = base64_decode($client->response['f1']); if (file_put_contents($filename, $imagecontents)) { $imageexists = false; $icons = false; if ($update) { $newchecksum = sha1_file($filename); $icons = get_records_select_array('artefact', 'artefacttype = \'profileicon\' AND owner = ? ', array($user->id), '', 'id'); if (false != $icons) { foreach ($icons as $icon) { $iconfile = get_config('dataroot') . 'artefact/file/profileicons/originals/' . $icon->id % 256 . '/' . $icon->id; $checksum = sha1_file($iconfile); if ($newchecksum == $checksum) { $imageexists = true; unlink($filename); break; } } } } if (false == $imageexists) { $filesize = filesize($filename); if (!$user->quota_allowed($filesize)) { $error = get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot')); } require_once 'file.php'; $imagesize = getimagesize($filename); if (!$imagesize || !is_image_type($imagesize[2])) { $error = get_string('filenotimage'); } $mime = $imagesize['mime']; $width = $imagesize[0]; $height = $imagesize[1]; $imagemaxwidth = get_config('imagemaxwidth'); $imagemaxheight = get_config('imagemaxheight'); if ($width > $imagemaxwidth || $height > $imagemaxheight) { $error = get_string('profileiconimagetoobig', 'artefact.file', $width, $height, $imagemaxwidth, $imagemaxheight); } try { $user->quota_add($filesize); } catch (QuotaException $qe) { $error = get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot')); } require_once get_config('docroot') . '/artefact/lib.php'; require_once get_config('docroot') . '/artefact/file/lib.php'; // Entry in artefact table $artefact = new ArtefactTypeProfileIcon(); $artefact->set('owner', $user->id); $artefact->set('parent', ArtefactTypeFolder::get_folder_id(get_string('imagesdir', 'artefact.file'), get_string('imagesdirdesc', 'artefact.file'), null, true, $user->id)); $artefact->set('title', ArtefactTypeFileBase::get_new_file_title(get_string('profileicon', 'artefact.file'), (int) $artefact->get('parent'), $user->id)); // unique title $artefact->set('description', get_string('uploadedprofileicon', 'artefact.file')); $artefact->set('note', get_string('profileicon', 'artefact.file')); $artefact->set('size', $filesize); $artefact->set('filetype', $mime); $artefact->set('width', $width); $artefact->set('height', $height); $artefact->commit(); $id = $artefact->get('id'); // Move the file into the correct place. $directory = get_config('dataroot') . 'artefact/file/profileicons/originals/' . $id % 256 . '/'; check_dir_exists($directory); rename($filename, $directory . $id); if ($create || empty($icons)) { $user->profileicon = $id; } } $user->commit(); } else { log_warn(get_string('cantcreatetempprofileiconfile', 'artefact.file', $filename)); } } if ($update) { $locked[] = 'profileicon'; } } /*******************************************/ // We know who our user is now. Bring her back to life. $USER->reanimate($user->id, $this->instanceid); // Set session variables to let the application know this session was // initiated by MNET. Don't forget that users could initiate their // sessions without MNET sometimes, which is why this data is stored in // the session object. $SESSION->set('mnetuser', $user->id); $SESSION->set('authinstance', $this->instanceid); if (isset($_SERVER['HTTP_REFERER'])) { $SESSION->set('mnetuserfrom', $_SERVER['HTTP_REFERER']); } if ($update && isset($locked)) { $SESSION->set('lockedfields', $locked); } return true; }
if (param_integer('rerun', 0)) { delete_records('config', 'field', '_upgrade'); } if (!($lastupgrade = get_field('config', 'value', 'field', '_upgrade'))) { try { insert_record('config', (object) array('field' => '_upgrade', 'value' => $start)); } catch (SQLException $e) { if (!($lastupgrade = get_field('config', 'value', 'field', '_upgrade'))) { $lastupgrade = '???'; } } } if (!empty($lastupgrade)) { $laststart = format_date($lastupgrade, 'strftimedatetimeshort'); log_debug('Not upgrading; unfinished upgrade from ' . $laststart . ' still in progress'); die_info(get_string('upgradeinprogress', 'admin', $laststart)); } } $loadingicon = 'icon icon-spinner icon-pulse left'; $successicon = 'icon icon-check text-success left'; $failureicon = 'icon icon-exclamation-triangle left'; $warningicon = 'icon icon-exclamation-triangle left'; // Remove all files in the smarty and dwoo caches // TODO post 1.2 remove the smarty part require_once 'file.php'; $basedir = get_config('dataroot') . 'smarty/compile/'; $dh = new DirectoryIterator($basedir); foreach ($dh as $themedir) { if ($themedir->isDot()) { continue; }
/** * Called when the auth_saml_login form is submitted. Validates the user and password, and * if they are valid, starts a new session for the user. * * Copied and modified from core login_submit * * @param object $form The Pieform form object * @param array $values The submitted values */ function auth_saml_login_submit(Pieform $form, $values) { global $SESSION, $USER; $username = trim($values['login_username']); $password = $values['login_password']; $authenticated = false; $oldlastlogin = 0; try { $authenticated = login_test_all_user_authinstance($username, $password); if (empty($authenticated)) { $SESSION->add_error_msg(get_string('loginfailed')); redirect('/auth/saml/index.php'); } } catch (AuthUnknownUserException $e) { $SESSION->add_error_msg(get_string('loginfailed')); redirect('/auth/saml/index.php'); } auth_check_admin_section(); // Check if the user's account has been deleted if ($USER->deleted) { $USER->logout(); die_info(get_string('accountdeleted')); } // Check if the user's account has expired if ($USER->expiry > 0 && time() > $USER->expiry) { $USER->logout(); die_info(get_string('accountexpired')); } // Check if the user's account has become inactive $inactivetime = get_config('defaultaccountinactiveexpire'); if ($inactivetime && $oldlastlogin > 0 && $oldlastlogin + $inactivetime < time()) { $USER->logout(); die_info(get_string('accountinactive')); } // Check if the user's account has been suspended if ($USER->suspendedcusr) { $suspendedctime = strftime(get_string('strftimedaydate'), $USER->suspendedctime); $suspendedreason = $USER->suspendedreason; $USER->logout(); die_info(get_string('accountsuspended', 'mahara', $suspendedctime, $suspendedreason)); } // User is allowed to log in auth_check_required_fields(); // all happy - carry on now redirect('/auth/saml/index.php'); }
public function addUserAsMember($user) { global $USER; if ($this->isFull()) { $this->send_admin_institution_is_full_message(); die_info(get_string('institutionmaxusersexceeded', 'admin')); } if (is_numeric($user)) { $user = get_record('usr', 'id', $user); } // The user hasn't been added yet, so we have to manually use this institution's lang if ($this->lang != 'default') { $lang = $this->lang; } else { $lang = get_user_language($user->id); } $userinst = new StdClass(); $userinst->institution = $this->name; $studentid = get_field('usr_institution_request', 'studentid', 'usr', $user->id, 'institution', $this->name); if (!empty($studentid)) { $userinst->studentid = $studentid; } else { if (!empty($user->studentid)) { $userinst->studentid = $user->studentid; } } $userinst->usr = $user->id; $now = time(); $userinst->ctime = db_format_timestamp($now); $defaultexpiry = $this->defaultmembershipperiod; if (!empty($defaultexpiry)) { $userinst->expiry = db_format_timestamp($now + $defaultexpiry); } $message = (object) array('users' => array($user->id), 'subject' => get_string_from_language($lang, 'institutionmemberconfirmsubject'), 'message' => get_string_from_language($lang, 'institutionmemberconfirmmessage', 'mahara', $this->displayname)); db_begin(); if (!get_config('usersallowedmultipleinstitutions')) { delete_records('usr_institution', 'usr', $user->id); delete_records('usr_institution_request', 'usr', $user->id); } insert_record('usr_institution', $userinst); delete_records('usr_institution_request', 'usr', $userinst->usr, 'institution', $this->name); execute_sql("\n DELETE FROM {usr_tag}\n WHERE usr = ? AND tag " . db_ilike() . " 'lastinstitution:%'", array($user->id)); // Copy institution views and collection to the user's portfolio $checkviewaccess = empty($user->newuser) && !$USER->get('admin'); $userobj = new User(); $userobj->find_by_id($user->id); $userobj->copy_institution_views_collections_to_new_member($this->name); require_once 'activity.php'; activity_occurred('maharamessage', $message); handle_event('updateuser', $userinst->usr); // Give institution members access to user's profile page require_once 'view.php'; if ($profileview = $userobj->get_profile_view()) { $profileview->add_owner_institution_access(array($this->name)); } db_commit(); }
function register_submit(Pieform $form, $values) { global $SESSION; // store password encrypted // don't die_info, since reloading the page shows the login form. // instead, redirect to some other page that says this safe_require('auth', 'internal'); $values['salt'] = substr(md5(rand(1000000, 9999999)), 2, 8); $values['password'] = AuthInternal::encrypt_password($values['password1'], $values['salt']); $values['key'] = get_random_key(); // @todo the expiry date should be configurable $values['expiry'] = db_format_timestamp(time() + 86400); $values['lang'] = $SESSION->get('lang'); try { insert_record('usr_registration', $values); $f = fopen('/tmp/donal.txt', 'w'); fwrite($f, get_string('registeredemailmessagetext', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('sitename'))); $user = (object) $values; $user->admin = 0; $user->staff = 0; email_user($user, null, get_string('registeredemailsubject', 'auth.internal', get_config('sitename')), get_string('registeredemailmessagetext', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('sitename')), get_string('registeredemailmessagehtml', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('wwwroot'), $values['key'], get_config('sitename'))); } catch (EmailException $e) { log_warn($e); die_info(get_string('registrationunsuccessful', 'auth.internal')); } catch (SQLException $e) { log_warn($e); die_info(get_string('registrationunsuccessful', 'auth.internal')); } // Add a marker in the session to say that the user has registered $_SESSION['registered'] = true; redirect('/register.php'); }
function auth_register_submit(Pieform $form, $values) { global $SESSION; safe_require('auth', 'internal'); $values['key'] = get_random_key(); $values['lang'] = $SESSION->get('lang'); // If the institution requires approval, mark the record as pending // @todo the expiry date should be configurable if ($confirm = get_config('requireregistrationconfirm') || get_field('institution', 'registerconfirm', 'name', $values['institution'])) { if (isset($values['authtype']) && $values['authtype'] != 'internal') { $authinstance = get_record('auth_instance', 'institution', $values['institution'], 'authname', $values['authtype'] ? $values['authtype'] : 'internal'); $auth = AuthFactory::create($authinstance->id); $confirm = !$auth->weautocreateusers; } if ($confirm) { $values['pending'] = 1; $values['expiry'] = db_format_timestamp(time() + 86400 * 14); // now + 2 weeks } else { $values['pending'] = 0; $values['expiry'] = db_format_timestamp(time() + 86400); } } else { $values['pending'] = 0; $values['expiry'] = db_format_timestamp(time() + 86400); } if (function_exists('local_register_submit')) { local_register_submit($values); } try { if (!record_exists('usr_registration', 'email', $values['email'])) { insert_record('usr_registration', $values); } else { update_record('usr_registration', $values, array('email' => $values['email'])); } $user = (object) $values; $user->admin = 0; $user->staff = 0; // If the institution requires approval, notify institutional admins. if ($confirm) { $fullname = sprintf("%s %s", trim($user->firstname), trim($user->lastname)); $institution = new Institution($values['institution']); $pendingregistrationslink = sprintf("%sadmin/users/pendingregistrations.php?institution=%s", get_config('wwwroot'), $values['institution']); // list of admins for this institution if (count($institution->admins()) > 0) { $admins = $institution->admins(); } else { // use site admins if the institution doesn't have any $admins = get_column('usr', 'id', 'admin', 1, 'deleted', 0); } require_once get_config('libroot') . 'pieforms/pieform/elements/expiry.php'; $expirytime = pieform_element_expiry_get_expiry_from_seconds(get_config('defaultregistrationexpirylifetime')); if ($expirytime == null) { $expirystring = get_config('defaultregistrationexpirylifetime') . ' ' . get_string('seconds', 'performance'); } else { if ($expirytime['units'] == 'noenddate') { $expirystring = get_string('element.expiry.noenddate', 'pieforms'); } else { $expirystring = $expirytime['number'] . ' ' . get_string('element.expiry.' . $expirytime['units'], 'pieforms'); } } // email each admin // @TODO Respect the notification preferences of the admins. foreach ($admins as $admin) { $adminuser = new User(); $adminuser->find_by_id($admin); email_user($adminuser, null, get_string('pendingregistrationadminemailsubject', 'auth.internal', $institution->displayname, get_config('sitename')), get_string('pendingregistrationadminemailtext', 'auth.internal', $adminuser->firstname, $institution->displayname, $pendingregistrationslink, $expirystring, $fullname, $values['email'], $values['reason'], get_config('sitename')), get_string('pendingregistrationadminemailhtml', 'auth.internal', $adminuser->firstname, $institution->displayname, $pendingregistrationslink, $pendingregistrationslink, $expirystring, $fullname, $values['email'], $values['reason'], get_config('sitename'))); } email_user($user, null, get_string('approvalemailsubject', 'auth.internal', get_config('sitename')), get_string('approvalemailmessagetext', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('sitename')), get_string('approvalemailmessagehtml', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('sitename'))); $_SESSION['registeredokawaiting'] = true; } else { if (isset($values['authtype']) && $values['authtype'] == 'browserid') { redirect('/register.php?key=' . $values['key']); } else { email_user($user, null, get_string('registeredemailsubject', 'auth.internal', get_config('sitename')), get_string('registeredemailmessagetext', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('sitename')), get_string('registeredemailmessagehtml', 'auth.internal', $values['firstname'], get_config('sitename'), get_config('wwwroot'), $values['key'], get_config('wwwroot'), $values['key'], get_config('sitename'))); } // Add a marker in the session to say that the user has registered $_SESSION['registered'] = true; } } catch (EmailException $e) { log_warn($e); die_info(get_string('registrationunsuccessful', 'auth.internal')); } catch (SQLException $e) { log_warn($e); die_info(get_string('registrationunsuccessful', 'auth.internal')); } redirect($values['goto']); }
function adduser_submit(Pieform $form, $values) { global $USER, $SESSION, $TRANSPORTER; db_begin(); raise_time_limit(180); // Create user $user = (object) array('authinstance' => $values['authinstance'], 'username' => $values['username'], 'firstname' => $values['firstname'] ? $values['firstname'] : 'Imported', 'lastname' => $values['lastname'] ? $values['lastname'] : 'User', 'email' => $values['email'], 'password' => $values['password'], 'passwordchange' => 1); if ($USER->get('admin')) { // Not editable by institutional admins $user->staff = (int) ($values['staff'] == 'on'); $user->admin = (int) ($values['admin'] == 'on'); } if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) { $user->quota = $values['quota']; } $authinstance = get_record('auth_instance', 'id', $values['authinstance']); $remoteauth = false; if ($authinstance->authname != 'internal') { $remoteauth = true; } if (!isset($values['remoteusername'])) { $values['remoteusername'] = null; } $user->id = create_user($user, array(), $authinstance->institution, $remoteauth, $values['remoteusername'], $values); if (isset($user->admin) && $user->admin) { require_once 'activity.php'; activity_add_admin_defaults(array($user->id)); } if ($values['institutionadmin']) { set_field('usr_institution', 'admin', 1, 'usr', $user->id, 'institution', $authinstance->institution); } if (isset($values['leap2afile'])) { // And we're good to go $importdata = (object) array('token' => '', 'usr' => $user->id, 'queue' => (int) (!PluginImport::import_immediately_allowed()), 'ready' => 0, 'expirytime' => db_format_timestamp(time() + 60 * 60 * 24), 'format' => 'leap', 'loglevel' => PluginImportLeap::LOG_LEVEL_VERBOSE, 'logtargets' => LOG_TARGET_FILE, 'profile' => true); $importer = PluginImport::create_importer(null, $TRANSPORTER, $importdata); try { $importer->process(); log_info("Imported user account {$user->id} from Leap2A file, see " . $importer->get('logfile') . ' for a full log'); } catch (ImportException $e) { log_info("Leap2A import failed: " . $e->getMessage()); die_info(get_string('leap2aimportfailed', 'admin')); } // Reload the user details, as various fields are changed by the // importer when importing (e.g. firstname/lastname) $user = get_record('usr', 'id', $user->id); } db_commit(); if (!empty($user->email)) { try { email_user($user, $USER, get_string('accountcreated', 'mahara', get_config('sitename')), get_string('accountcreatedchangepasswordtext', 'mahara', $user->firstname, get_config('sitename'), $user->username, $values['password'], get_config('wwwroot'), get_config('sitename')), get_string('accountcreatedchangepasswordhtml', 'mahara', $user->firstname, get_config('wwwroot'), get_config('sitename'), $user->username, $values['password'], get_config('wwwroot'), get_config('wwwroot'), get_config('sitename'))); } catch (EmailException $e) { $SESSION->add_error_msg(get_string('newuseremailnotsent', 'admin')); } } $SESSION->add_ok_msg(get_string('newusercreated', 'admin')); redirect('/admin/users/edit.php?id=' . $user->id); }
function do_import() { global $IMPORTER; safe_require('import', 'leap'); try { $result = $IMPORTER->do_import_from_requests(); } catch (ImportException $e) { log_info("Leap2A import failed: " . $e->getMessage()); die_info(get_string('importfailed', 'import')); } if ($IMPORTER) { delete_records('import_entry_requests', 'importid', $IMPORTER->get('importertransport')->get('importid'), 'ownerid', $IMPORTER->get('usr')); remove_importer_from_session(); } $smarty = smarty(); $smarty->assign('PAGEHEADING', get_string('importresult', 'import')); $smarty->assign('form', $result); $smarty->display('form.tpl'); }
function forgotpass_submit(Pieform $form, $values) { global $SESSION; try { if (!($user = get_record_sql('SELECT * FROM {usr} WHERE LOWER(email) = ?', array(strtolower($values['emailusername']))))) { if (!($user = get_record_sql('SELECT * FROM {usr} WHERE LOWER(username) = ?', array(strtolower($values['emailusername']))))) { die_info(get_string('forgotpassnosuchemailaddressorusername')); } } $pwrequest = new StdClass(); $pwrequest->usr = $user->id; $pwrequest->expiry = db_format_timestamp(time() + 86400); $pwrequest->key = get_random_key(); $sitename = get_config('sitename'); $fullname = display_name($user); email_user($user, null, get_string('forgotusernamepasswordemailsubject', 'mahara', $sitename), get_string('forgotusernamepasswordemailmessagetext', 'mahara', $fullname, $sitename, $user->username, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'contact.php', $sitename), get_string('forgotusernamepasswordemailmessagehtml', 'mahara', $fullname, $sitename, $user->username, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'contact.php', $sitename)); insert_record('usr_password_request', $pwrequest); } catch (SQLException $e) { die_info(get_string('forgotpassemailsendunsuccessful')); } catch (EmailDisabledException $e) { die_info(get_string('forgotpassemaildisabled')); } catch (EmailException $e) { die_info(get_string('forgotpassemailsendunsuccessful')); } // Add a marker in the session to say that the user has registered $_SESSION['pwchangerequested'] = true; redirect('/forgotpass.php'); }
*/ define('INTERNAL', 1); define('MENUITEM', 'myportfolio/export'); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'view.php'; require_once 'collection.php'; define('TITLE', get_string('exportyourportfolio', 'export')); define('SECTION_PLUGINTYPE', 'core'); define('SECTION_PLUGINNAME', 'export'); define('SECTION_PAGE', 'index'); $SESSION->set('exportdata', ''); $SESSION->set('exportfile', ''); $exportoptions = array(); $exportplugins = plugins_installed('export'); if (!$exportplugins) { die_info(get_string('noexportpluginsenabled', 'export')); } foreach ($exportplugins as $plugin) { safe_require('export', $plugin->name); $exportoptions[$plugin->name] = array('text' => call_static_method(generate_class_name('export', $plugin->name), 'get_title'), 'description' => call_static_method(generate_class_name('export', $plugin->name), 'get_description')); } $elements = array('format' => array('type' => 'radio', 'options' => $exportoptions, 'defaultvalue' => 'html'), 'what' => array('type' => 'radio', 'options' => array('all' => get_string('allmydata', 'export'), 'views' => get_string('justsomeviews', 'export')), 'defaultvalue' => 'all'), 'includefeedback' => array('type' => 'switchbox', 'class' => 'last', 'title' => get_string('includefeedback', 'export'), 'description' => get_string('includefeedbackdescription', 'export'), 'defaultvalue' => 1)); if ($viewids = get_column_sql('SELECT id FROM {view} WHERE owner = ? AND type = ? ORDER BY title', array($USER->get('id'), 'portfolio'))) { foreach ($viewids as $viewid) { $view = new View($viewid); $elements['view_' . $viewid] = array('type' => 'checkbox', 'class' => 'checkbox', 'title' => $view->get('title'), 'description' => $view->get('description'), 'viewlink' => $view->get_url(true, true)); } $jsfiles = array('js/preview.js', 'js/export.js'); $collections = get_records_sql_array(' SELECT c.id, c.name, c.description FROM {collection} c JOIN {collection_view} cv ON c.id = cv.collection
/** * Called when the login form is submitted. Validates the user and password, and * if they are valid, starts a new session for the user. * * @param object $form The Pieform form object * @param array $values The submitted values * @access private */ function login_submit(Pieform $form, $values) { global $SESSION, $USER; $username = $values['login_username']; $password = $values['login_password']; $authenticated = false; $oldlastlogin = 0; try { $authenticated = $USER->login($username, $password); if (empty($authenticated)) { $SESSION->add_error_msg(get_string('loginfailed')); return; } } catch (AuthUnknownUserException $e) { // If the user doesn't exist, check for institutions that // want to create users automatically. try { // Reset the LiveUser object, since we are attempting to create a // new user $SESSION->destroy_session(); $USER = new LiveUser(); $authinstances = get_records_sql_array(' SELECT a.id, a.instancename, a.priority, a.authname, a.institution, i.suspended, i.displayname FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name ORDER BY a.institution, a.priority, a.instancename', null); if ($authinstances == false) { throw new AuthUnknownUserException("\"{$username}\" is not known"); } $USER->username = $username; reset($authinstances); while ((list(, $authinstance) = each($authinstances)) && false == $authenticated) { $auth = AuthFactory::create($authinstance->id); if (!$auth->can_auto_create_users()) { continue; } if ($auth->authenticate_user_account($USER, $password)) { $authenticated = true; } else { continue; } // Check now to see if the institution has its maximum quota of users require_once 'institution.php'; $institution = new Institution($authinstance->institution); if ($institution->isFull()) { throw new AuthUnknownUserException('Institution has too many users'); } $USER->authinstance = $authinstance->id; $userdata = $auth->get_user_info($username); if (empty($userdata)) { throw new AuthUnknownUserException("\"{$username}\" is not known"); } // Check for a suspended institution if ($authinstance->suspended) { $sitename = get_config('sitename'); throw new AccessTotallyDeniedException(get_string('accesstotallydenied_institutionsuspended', 'mahara', $authinstance->displayname, $sitename)); } // We have the data - create the user $USER->lastlogin = db_format_timestamp(time()); if (isset($userdata->firstname)) { $USER->firstname = $userdata->firstname; } if (isset($userdata->lastname)) { $USER->lastname = $userdata->lastname; } if (isset($userdata->email)) { $USER->email = $userdata->email; } else { // The user will be asked to populate this when they log in. $USER->email = null; } try { create_user($USER, array(), $institution); $USER->reanimate($USER->id, $authinstance->id); } catch (Exception $e) { db_rollback(); throw $e; } } if (!$authenticated) { $SESSION->add_error_msg(get_string('loginfailed')); return; } } catch (AuthUnknownUserException $e) { // We weren't able to authenticate the user for some reason that // probably isn't their fault (e.g. ldap extension not available // when using ldap authentication) log_info($e->getMessage()); $SESSION->add_error_msg(get_string('loginfailed')); return; } } // Only admins in the admin section! if (!$USER->get('admin') && (defined('ADMIN') || defined('INSTITUTIONALADMIN') && !$USER->is_institutional_admin())) { $SESSION->add_error_msg(get_string('accessforbiddentoadminsection')); redirect(); } // Check if the user's account has been deleted if ($USER->deleted) { $USER->logout(); die_info(get_string('accountdeleted')); } // Check if the user's account has expired if ($USER->expiry > 0 && time() > $USER->expiry) { $USER->logout(); die_info(get_string('accountexpired')); } // Check if the user's account has become inactive $inactivetime = get_config('defaultaccountinactiveexpire'); if ($inactivetime && $oldlastlogin > 0 && $oldlastlogin + $inactivetime < time()) { $USER->logout(); die_info(get_string('accountinactive')); } // Check if the user's account has been suspended if ($USER->suspendedcusr) { $suspendedctime = $USER->suspendedctime; $suspendedreason = $USER->suspendedreason; $USER->logout(); die_info(get_string('accountsuspended', 'mahara', $suspendedctime, $suspendedreason)); } // User is allowed to log in //$USER->login($userdata); auth_check_password_change(); auth_check_required_fields(); }
/** * Called when the login form is submitted. Validates the user and password, and * if they are valid, starts a new session for the user. * * @param object $form The Pieform form object * @param array $values The submitted values * @access private */ function login_submit(Pieform $form, $values) { global $SESSION, $USER; $username = $values['login_username']; $password = $values['login_password']; $authenticated = false; $oldlastlogin = 0; try { $authenticated = $USER->login($username, $password); if (empty($authenticated)) { $SESSION->add_error_msg(get_string('loginfailed')); return; } } catch (AuthUnknownUserException $e) { // If the user doesn't exist, check for institutions that // want to create users automatically. try { // Reset the LiveUser object, since we are attempting to create a // new user $SESSION->destroy_session(); $USER = new LiveUser(); $authinstances = get_records_sql_array(' SELECT a.id, a.instancename, a.priority, a.authname, a.institution, i.suspended, i.displayname FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name ORDER BY a.institution, a.priority, a.instancename', null); if ($authinstances == false) { throw new AuthUnknownUserException("\"{$username}\" is not known"); } $USER->username = $username; reset($authinstances); while ((list(, $authinstance) = each($authinstances)) && false == $authenticated) { $auth = AuthFactory::create($authinstance->id); if (!$auth->can_auto_create_users()) { continue; } // catch semi-fatal auth errors, but allow next auth instance to be // tried try { if ($auth->authenticate_user_account($USER, $password)) { $authenticated = true; } else { continue; } } catch (AuthInstanceException $e) { continue; } // Check now to see if the institution has its maximum quota of users require_once 'institution.php'; $institution = new Institution($authinstance->institution); if ($institution->isFull()) { throw new AuthUnknownUserException('Institution has too many users'); } $USER->authinstance = $authinstance->id; $userdata = $auth->get_user_info($username); if (empty($userdata)) { throw new AuthUnknownUserException("\"{$username}\" is not known"); } // Check for a suspended institution if ($authinstance->suspended) { $sitename = get_config('sitename'); throw new AccessTotallyDeniedException(get_string('accesstotallydenied_institutionsuspended', 'mahara', $authinstance->displayname, $sitename)); } // We have the data - create the user $USER->lastlogin = db_format_timestamp(time()); if (isset($userdata->firstname)) { $USER->firstname = $userdata->firstname; } if (isset($userdata->lastname)) { $USER->lastname = $userdata->lastname; } if (isset($userdata->email)) { $USER->email = $userdata->email; } else { // The user will be asked to populate this when they log in. $USER->email = null; } try { // If this authinstance is a parent auth for some xmlrpc authinstance, pass it along to create_user // so that this username also gets recorded as the username for sso from the remote sites. $remoteauth = count_records('auth_instance_config', 'field', 'parent', 'value', $authinstance->id) ? $authinstance : null; create_user($USER, array(), $institution, $remoteauth); $USER->reanimate($USER->id, $authinstance->id); } catch (Exception $e) { db_rollback(); throw $e; } } if (!$authenticated) { $SESSION->add_error_msg(get_string('loginfailed')); return; } } catch (AuthUnknownUserException $e) { // We weren't able to authenticate the user for some reason that // probably isn't their fault (e.g. ldap extension not available // when using ldap authentication) log_info($e->getMessage()); $SESSION->add_error_msg(get_string('loginfailed')); return; } } // Only admins in the admin section! if (!$USER->get('admin') && (defined('ADMIN') || defined('INSTITUTIONALADMIN') && !$USER->is_institutional_admin())) { $SESSION->add_error_msg(get_string('accessforbiddentoadminsection')); redirect(); } // Check if the user's account has been deleted if ($USER->deleted) { $USER->logout(); die_info(get_string('accountdeleted')); } // Check if the user's account has expired if ($USER->expiry > 0 && time() > $USER->expiry) { $USER->logout(); die_info(get_string('accountexpired')); } // Check if the user's account has become inactive $inactivetime = get_config('defaultaccountinactiveexpire'); if ($inactivetime && $oldlastlogin > 0 && $oldlastlogin + $inactivetime < time()) { $USER->logout(); die_info(get_string('accountinactive')); } // Check if the user's account has been suspended if ($USER->suspendedcusr) { $suspendedctime = strftime(get_string('strftimedaydate'), $USER->suspendedctime); $suspendedreason = $USER->suspendedreason; $USER->logout(); die_info(get_string('accountsuspended', 'mahara', $suspendedctime, $suspendedreason)); } // User is allowed to log in //$USER->login($userdata); auth_check_required_fields(); if (get_config('httpswwwroot') && !defined('JSON')) { // If we are using HTTPS for logins we need to go back to // non-HTTPS URLs. Otherwise, Javascript (and possibly CSS) // breaks. Don't use get_full_script_path(), as it doesn't // work if someone sets httpswwwroot to something like // 'https://x.y.z.w:443/...' (unlikely, but // possible). get_full_script_path() doesn't gives us the // ':443' part and things break horribly. $parts = parse_url(get_config('httpswwwroot')); $httpsrequest = rtrim($parts['path'], '/'); redirect(hsc(substr(get_script_path(), strlen($httpsrequest)))); } }
define('INTERNAL', 1); define('MENUITEM', 'myportfolio/export'); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'view.php'; require_once 'collection.php'; define('TITLE', get_string('exportyourportfolio', 'export')); $SESSION->set('exportdata', ''); $SESSION->set('exportfile', ''); $exportoptions = array(); $exportplugins = plugins_installed('export'); if (!$exportplugins) { die_info(get_string('noexportpluginsenabled', 'export')); } if (!is_executable(get_config('pathtozip'))) { log_info("Either you do not have the 'zip' command installed, or the config setting 'pathtozip' is not pointing at your zip command." . " Until you fix this, you will not be able to use the export system."); die_info(get_string('zipnotinstalled', 'export')); } foreach ($exportplugins as $plugin) { safe_require('export', $plugin->name); $exportoptions[$plugin->name] = array('text' => call_static_method(generate_class_name('export', $plugin->name), 'get_title'), 'description' => call_static_method(generate_class_name('export', $plugin->name), 'get_description')); } $elements = array('format' => array('type' => 'radio', 'options' => $exportoptions, 'defaultvalue' => 'html', 'separator' => '</div><div>'), 'what' => array('type' => 'radio', 'options' => array('all' => get_string('allmydata', 'export'), 'views' => get_string('justsomeviews', 'export')), 'separator' => '</div><div>', 'defaultvalue' => 'all'), 'includefeedback' => array('type' => 'checkbox', 'title' => get_string('includefeedback', 'export'), 'description' => get_string('includefeedbackdescription', 'export'), 'separator' => '</div><div>', 'defaultvalue' => 1)); if ($viewids = get_column('view', 'id', 'owner', $USER->get('id'), 'type', 'portfolio')) { foreach ($viewids as $viewid) { $view = new View($viewid); $elements['view_' . $viewid] = array('type' => 'checkbox', 'title' => $view->get('title'), 'description' => $view->get('description'), 'viewlink' => $view->get_url(true, true)); } $jsfiles = array('js/preview.js', 'js/export.js'); $collections = get_records_sql_array(' SELECT c.id, c.name, c.description FROM {collection} c JOIN {collection_view} cv ON c.id = cv.collection
// Log the user in and send them to the homepage $USER = new LiveUser(); $USER->reanimate($user->id, $authinstance->id); if (function_exists('local_post_register')) { local_post_register($registration); } $SESSION->add_ok_msg(get_string('registrationcomplete', 'mahara', get_config('sitename'))); $SESSION->set('resetusername', true); redirect(); } create_registered_user(); } // Default page - show the registration form list($form, $registerconfirm) = auth_generate_registration_form('register', 'internal', '/register.php'); if (!$form) { die_info(get_string('registeringdisallowed')); } list($formhtml, $js) = auth_generate_registration_form_js($form, $registerconfirm); $registerdescription = get_string('registerwelcome'); if ($registerterms = get_config('registerterms')) { $registerdescription .= ' ' . get_string('registeragreeterms'); } $registerdescription .= ' ' . get_string('registerprivacy'); $smarty = smarty(); $smarty->assign('register_form', $formhtml); $smarty->assign('registerdescription', $registerdescription); if ($registerterms) { $smarty->assign('termsandconditions', '<a name="user_acceptterms"></a>' . get_site_page_content('termsandconditions')); } $smarty->assign('PAGEHEADING', TITLE); $smarty->assign('INLINEJAVASCRIPT', $js);
/** * Grab a delegate object for auth stuff */ public function request_user_authorise($attributes) { global $USER, $SESSION; $this->must_be_ready(); if (empty($attributes) or !array_key_exists($this->config['user_attribute'], $attributes) or !array_key_exists($this->config['institutionattribute'], $attributes)) { throw new AccessDeniedException(); } $remoteuser = $attributes[$this->config['user_attribute']][0]; $firstname = isset($attributes[$this->config['firstnamefield']][0]) ? $attributes[$this->config['firstnamefield']][0] : null; $lastname = isset($attributes[$this->config['surnamefield']][0]) ? $attributes[$this->config['surnamefield']][0] : null; $email = isset($attributes[$this->config['emailfield']][0]) ? $attributes[$this->config['emailfield']][0] : null; $institutionname = $this->institution; $create = false; $update = false; // Retrieve a $user object. If that fails, create a blank one. try { $isremote = $this->config['remoteuser'] ? true : false; $user = new User(); if (get_config('usersuniquebyusername')) { // When turned on, this setting means that it doesn't matter // which other application the user SSOs from, they will be // given the same account in Mahara. // // This setting is one that has security implications unless // only turned on by people who know what they're doing. In // particular, every system linked to Mahara should be making // sure that same username == same person. This happens for // example if two Moodles are using the same LDAP server for // authentication. // // If this setting is on, it must NOT be possible to self // register on the site for ANY institution - otherwise users // could simply pick usernames of people's accounts they wished // to steal. if ($institutions = get_column('institution', 'name', 'registerallowed', '1')) { log_warn("usersuniquebyusername is turned on but registration is allowed for an institution. " . "No institution can have registration allowed for it, for security reasons.\n" . "The following institutions have registration enabled:\n " . join("\n ", $institutions)); throw new AccessDeniedException(); } if (!get_config('usersallowedmultipleinstitutions')) { log_warn("usersuniquebyusername is turned on but usersallowedmultipleinstitutions is off. " . "This makes no sense, as users will then change institution every time they log in from " . "somewhere else. Please turn this setting on in Site Options"); throw new AccessDeniedException(); } } else { if (!$isremote) { log_warn("usersuniquebyusername is turned off but remoteuser has not been set on for this institution: {$institutionname}. " . "This is a security risk as users from different institutions with different IdPs can hijack " . "each others accounts. Fix this in the institution level auth/saml settings."); throw new AccessDeniedException(); } } if ($isremote) { $user->find_by_instanceid_username($this->instanceid, $remoteuser, $isremote); } else { $user->find_by_username($remoteuser); } if ($user->get('suspendedcusr')) { die_info(get_string('accountsuspended', 'mahara', strftime(get_string('strftimedaydate'), $user->get('suspendedctime')), $user->get('suspendedreason'))); } if ('1' == $this->config['updateuserinfoonlogin']) { $update = true; } } catch (AuthUnknownUserException $e) { if (!empty($this->config['weautocreateusers'])) { $institution = new Institution($this->institution); if ($institution->isFull()) { $institution->send_admin_institution_is_full_message(); throw new XmlrpcClientException('SSO attempt from ' . $institution->displayname . ' failed - institution is full'); } $user = new User(); $create = true; } else { log_debug("User authorisation request from SAML failed - " . "remote user '{$remoteuser}' is unknown to us and auto creation of users is turned off"); return false; } } /*******************************************/ if ($create) { $user->passwordchange = 1; $user->active = 1; $user->deleted = 0; $user->expiry = null; $user->expirymailsent = 0; $user->lastlogin = time(); $user->firstname = $firstname; $user->lastname = $lastname; $user->email = $email; // must have these values if (empty($firstname) || empty($lastname) || empty($email)) { throw new AccessDeniedException(get_string('errormissinguserattributes1', 'auth.saml', get_config('sitename'))); } $user->authinstance = empty($this->config['parent']) ? $this->instanceid : $this->parent; db_begin(); $user->username = get_new_username($remoteuser, 40); $user->id = create_user($user, array(), $institutionname, $this, $remoteuser); /* * We need to convert the object to a stdclass with its own * custom method because it uses overloaders in its implementation * and its properties wouldn't be visible to a simple cast operation * like (array)$user */ $userobj = $user->to_stdclass(); $userarray = (array) $userobj; db_commit(); // Now we have fired the create event, we need to re-get the data // for this user $user = new User(); $user->find_by_id($userobj->id); if (get_config('usersuniquebyusername')) { // Add them to the institution they have SSOed in by $user->join_institution($institutionname); } } elseif ($update) { if (!empty($firstname)) { set_profile_field($user->id, 'firstname', $firstname); $user->firstname = $firstname; } if (!empty($lastname)) { set_profile_field($user->id, 'lastname', $lastname); $user->lastname = $lastname; } if (!empty($email)) { set_profile_field($user->id, 'email', $email); $user->email = $email; } $user->lastlastlogin = $user->lastlogin; $user->lastlogin = time(); } $user->commit(); /*******************************************/ // We know who our user is now. Bring em back to life. $result = $USER->reanimate($user->id, $this->instanceid); log_debug("remote user '{$remoteuser}' is now reanimated as '{$USER->username}' "); $SESSION->set('authinstance', $this->instanceid); return true; }
function forgotpass_submit(Pieform $form, $values) { global $SESSION; try { if (!($user = get_record_sql('SELECT u.* FROM {usr} u INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id) WHERE (LOWER(u.email) = ? OR LOWER(u.username) = ?) AND ai.authname = \'internal\'', array_fill(0, 2, strtolower($values['emailusername']))))) { die_info(get_string('forgotpassnosuchemailaddressorusername')); } $pwrequest = new StdClass(); $pwrequest->usr = $user->id; $pwrequest->expiry = db_format_timestamp(time() + 86400); $pwrequest->key = get_random_key(); $sitename = get_config('sitename'); $fullname = display_name($user); // Override the disabled status of this e-mail address $user->ignoredisabled = true; email_user($user, null, get_string('forgotusernamepasswordemailsubject', 'mahara', $sitename), get_string('forgotusernamepasswordemailmessagetext', 'mahara', $fullname, $sitename, $user->username, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'contact.php', $sitename), get_string('forgotusernamepasswordemailmessagehtml', 'mahara', $fullname, $sitename, $user->username, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'contact.php', $sitename)); insert_record('usr_password_request', $pwrequest); } catch (SQLException $e) { die_info(get_string('forgotpassemailsendunsuccessful')); } catch (EmailException $e) { die_info(get_string('forgotpassemailsendunsuccessful')); } // Add a note if this e-mail address is over the bounce threshold to // warn users that they may not receive the e-mail if ($mailinfo = get_record_select('artefact_internal_profile_email', '"owner" = ? AND principal = 1', array($user->id))) { if (check_overcount($mailinfo)) { $SESSION->add_info_msg(get_string('forgotpassemailsentanyway1', 'mahara', get_config('sitename'))); } } // Unsetting disabled status overriding unset($user->ignoredisabled); // Add a marker in the session to say that the user has registered $SESSION->set('pwchangerequested', true); redirect('/forgotpass.php'); }
} if ($delete = param_integer('delete', null)) { ArtefactTypeBlogpost::delete_form($delete); } if (is_null($id)) { if ($institutionname) { $records = get_records_select_array('artefact', "artefacttype = 'blog' AND \"institution\" = ?", array($institutionname), 'id ASC'); if (!$records || count($records) > 1) { // There are either no blogs for this institution or more than one so we need to send them to journal list page // so they can add one or chose a particular blog by id. redirect("/artefact/blog/index.php?institution={$institutionname}"); exit; } } else { if (!($records = get_records_select_array('artefact', "artefacttype = 'blog' AND \"owner\" = ?", array($USER->get('id')), 'id ASC'))) { die_info(get_string('nodefaultblogfound', 'artefact.blog', get_config('wwwroot'))); } } if ($records) { if (count($records) > 1) { // no id supplied and more than one journal so go to journal list page redirect("/artefact/blog/index.php"); exit; } $id = $records[0]->id; $blog = new ArtefactTypeBlog($id, $records[0]); } } else { $blog = new ArtefactTypeBlog($id); } if (!empty($blog)) {
* */ define('INTERNAL', 1); define('ADMIN', 1); define('INSTALLER', 1); require dirname(dirname(__FILE__)) . '/init.php'; define('TITLE', get_string('upgrades', 'admin')); require get_config('libroot') . 'upgrade.php'; $smarty = smarty(); $upgrades = check_upgrades(); if (empty($upgrades['disablelogin'])) { auth_setup(); } unset($upgrades['disablelogin']); if (!$upgrades) { die_info(get_string('noupgrades', 'admin')); } // Remove all files in the smarty cache require_once 'file.php'; $basedir = get_config('dataroot') . 'smarty/compile/'; $dh = new DirectoryIterator($basedir); foreach ($dh as $themedir) { if ($themedir->isDot()) { continue; } $themedirname = $basedir . $themedir->getFilename(); rmdirr($themedirname); clearstatcache(); check_dir_exists($themedirname); } $loadingicon = theme_get_url('images/loading.gif');
function do_import() { global $SESSION, $USER, $TRANSPORTER, $IMPORTER; safe_require('import', 'leap'); // Get $TRANSPORTER and $IMPORTER from $SESSION $importrecord = (object) array('data' => array('importid' => $SESSION->get('importid'), 'extracted' => $SESSION->get('extracted'), 'mimetype' => $SESSION->get('mimetype'))); $TRANSPORTER = new LocalImporterTransport($importrecord); $importdata = (object) array('token' => '', 'usr' => $USER->get('id'), 'queue' => (int) false, 'ready' => 0, 'expirytime' => db_format_timestamp(time() + 60 * 60 * 24), 'format' => 'leap', 'loglevel' => PluginImportLeap::LOG_LEVEL_STANDARD, 'logtargets' => LOG_TARGET_FILE, 'profile' => true); $IMPORTER = PluginImport::create_importer(null, $TRANSPORTER, $importdata); try { $result = $IMPORTER->do_import_from_requests(); } catch (ImportException $e) { log_info("Leap2A import failed: " . $e->getMessage()); die_info(get_string('importfailed', 'import')); } $smarty = smarty(); $smarty->assign('PAGEHEADING', get_string('importresult', 'import')); $smarty->assign('form', $result); $smarty->display('form.tpl'); }
* along with this program. If not, see <http://www.gnu.org/licenses/>. * * @package mahara * @subpackage import * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz * */ define('INTERNAL', 1); define('MENUITEM', 'myportfolio/import'); require dirname(dirname(__FILE__)) . '/init.php'; define('TITLE', get_string('import', 'import')); $importplugins = plugins_installed('import'); if (!$importplugins) { die_info(get_string('noimportpluginsenabled', 'import')); } $form = pieform(array('name' => 'import', 'elements' => array('file' => array('type' => 'file', 'title' => 'LEAP2A file', 'description' => 'Either a .zip file or just the LEAP2A XML file', 'rules' => array('required' => true)), 'submit' => array('type' => 'submit', 'value' => 'Import')))); function import_validate(Pieform $form, $values) { if ($values['file']['type'] != 'application/zip' && $values['file']['type'] != 'text/xml') { $form->set_error('file', 'The file must be a .zip or LEAP2A XML file'); } } function import_submit(Pieform $form, $values) { global $SESSION; $date = time(); $nicedate = date('Y/m/d h:i:s', $date); $uploaddir = get_config('dataroot') . 'import/test-' . $date . '/'; $filename = $uploaddir . $values['file']['name'];