/**
* Set up this controller.
*
* @param String $action Name of the action to be invoked
* @param Array $args Arguments to be passed to the action method
*/
public function before_filter(&$action, &$args)
{
parent::before_filter($action, $args);
if (!in_array($this->user->perms, words('autor tutor dozent'))) {
throw new AccessDeniedException();
}
PageLayout::setHelpKeyword('Basis.HomepageUniversitäreDaten');
PageLayout::setTitle(_('Studiengang bearbeiten'));
Navigation::activateItem('/profile/edit/studies');
SkipLinks::addIndex(_('Fächer und Abschlüsse auswählen'), 'select_fach_abschluss');
SkipLinks::addIndex(_('Zu Einrichtungen zuordnen'), 'select_institute');
$this->allow_change = array('sg' => !StudipAuthAbstract::CheckField('studiengang_id', $this->user->auth_plugin) && (Config::get()->ALLOW_SELFASSIGN_STUDYCOURSE || $GLOBALS['perm']->have_perm('admin')), 'in' => Config::get()->ALLOW_SELFASSIGN_INSTITUTE || $GLOBALS['perm']->have_perm('admin'));
}
public static function verify()
{
$user_id = false;
if (isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
$username = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
$check = StudipAuthAbstract::CheckAuthentication($username, $password);
if (!$check['uid'] || $check['uid'] == 'nobody') {
throw new Exception(trim(strip_tags($check['error'])), 401);
}
$user_id = $check['uid'];
}
return $user_id;
}
/**
* Handles the download the calendar data as iCalendar for the
* user identified by $key.
*
*
* @global Seminar_User $user
* @global Seminar_Perm $perm
* @param string $key
* @param string $type type of export
*/
function index_action($key = '')
{
if (strlen($key)) {
$user_id = IcalExport::getUserIdByKey($key);
} else {
$username = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
if (isset($username) && isset($password)) {
$result = StudipAuthAbstract::CheckAuthentication($username, $password);
}
if (isset($result) && $result['uid'] !== false) {
$user_id = $result['uid'];
} else {
$this->response->add_header('WWW-Authenticate', 'Basic realm="Stud.IP Login"');
$this->set_status(401);
$this->render_text('authentication failed');
return;
}
}
if ($user_id) {
$GLOBALS['user'] = new Seminar_User($user_id);
$GLOBALS['perm'] = new Seminar_Perm();
$extype = 'ALL_EVENTS';
$export = new CalendarExport(new CalendarWriterICalendar());
$export->exportFromDatabase($user_id, strtotime('-4 week'), 2114377200, 'ALL_EVENTS');
if ($GLOBALS['_calendar_error']->getMaxStatus(ErrorHandler::ERROR_CRITICAL)) {
$this->set_status(500);
$this->render_nothing();
return;
}
$content = join($export->getExport());
if (stripos($_SERVER['HTTP_USER_AGENT'], 'google-calendar') !== false) {
$content = str_replace(array('CLASS:PRIVATE', 'CLASS:CONFIDENTIAL'), 'CLASS:PUBLIC', $content);
}
$this->response->add_header('Content-Type', 'text/calendar;charset=utf-8');
$this->response->add_header('Content-Disposition', 'attachment; filename="studip.ics"');
$this->response->add_header('Content-Transfer-Encoding', 'binary');
$this->response->add_header('Pragma', 'public');
$this->response->add_header('Cache-Control', 'private');
$this->response->add_header('Content-Length', strlen($content));
$this->render_text($content);
} else {
// delayed response to prevent brute force attacks ???
$this->set_status(400);
$this->render_nothing();
}
}
function create_action()
{
$username = strtolower(Request::get("username"));
$password = Request::get("password");
if (isset($username) && isset($password)) {
$result = StudipAuthAbstract::CheckAuthentication($username, $password);
}
if (!isset($result) || $result['uid'] === false) {
$this->flash["notice"] = "login unsuccessful!";
$this->redirect("session/new");
return;
}
$user_id = get_userid($username);
if (isset($user_id)) {
$this->start_session($user_id);
}
$this->flash["notice"] = "login successful!";
$this->redirect("quickdial");
}
/**
* Stores the account informations of a user
*/
public function store_action()
{
$this->check_ticket();
$errors = $info = $success = array();
$logout = false;
//erstmal die "unwichtigen" Daten
$geschlecht = Request::int('geschlecht');
if ($this->shallChange('user_info.geschlecht', 'gender', $geschlecht)) {
$this->user->geschlecht = $geschlecht;
}
$title_front = Request::get('title_front') ?: Request::get('title_front_chooser');
if ($this->shallChange('user_info.title_front', 'title', $title_front)) {
$this->user->title_front = $title_front;
}
$title_rear = Request::get('title_rear') ?: Request::get('title_rear_chooser');
if ($this->shallChange('user_info.title_rear', 'title', $title_rear)) {
$this->user->title_rear = $title_rear;
}
if ($this->user->store()) {
$success[] = _('Ihre persönlichen Daten wurden geändert.');
// Inform the user about this change
setTempLanguage($this->user->user_id);
$this->postPrivateMessage(_("Ihre persönlichen Daten wurden geändert.\n"));
restoreLanguage();
}
//nur nötig wenn der user selbst seine daten ändert
if (!$this->restricted) {
// Vorname verändert ?
$vorname = trim(Request::get('vorname'));
if ($this->shallChange('auth_user_md5.Vorname', 'name', $vorname)) {
// Vorname nicht korrekt oder fehlend
if (!$this->validator->ValidateName($vorname)) {
$errors[] = _('Der Vorname fehlt oder ist unsinnig!');
} else {
$this->user->Vorname = $vorname;
$success[] = _('Ihr Vorname wurde geändert!');
}
}
// Nachname verändert ?
$nachname = trim(Request::get('nachname'));
if ($this->shallChange('auth_user_md5.Nachname', 'name', $nachname)) {
// Nachname nicht korrekt oder fehlend
if (!$this->validator->ValidateName($nachname)) {
$errors[] = _('Der Nachname fehlt oder ist unsinnig!');
} else {
$this->user->Nachname = $nachname;
$success[] = _('Ihr Nachname wurde geändert!');
}
}
// Username
$new_username = trim(Request::get('new_username'));
if ($this->shallChange('auth_user_md5.username', 'username', $new_username)) {
if (!$this->validator->ValidateUsername($new_username)) {
$errors[] = _('Der gewählte Benutzername ist nicht lang genug!');
} else {
if ($check_uname = StudipAuthAbstract::CheckUsername($new_username) && $check_uname['found']) {
$errors[] = _('Der Benutzername wird bereits von einem anderen Benutzer verwendet. Bitte wählen Sie einen anderen Usernamen!');
} else {
$this->user->username = $new_username;
$success[] = _('Ihr Benutzername wurde geändert!');
URLHelper::addLinkParam('username', $this->user->username);
$logout = true;
}
}
}
// Email
$email1 = trim(Request::get('email1'));
$email2 = trim(Request::get('email2'));
if ($this->shallChange('auth_user_md5.Email', 'email', $email1)) {
$auth = StudipAuthAbstract::GetInstance($this->user->auth_plugin ?: 'standard');
$is_sso = $auth instanceof StudipAuthSSO;
if (!$is_sso && !$auth->isAuthenticated($this->user->username, Request::get('password'))) {
$errors[] = _('Das aktuelle Passwort wurde nicht korrekt eingegeben.');
} else {
if ($email1 !== $email2) {
$errors[] = _('Die Wiederholung der E-Mail-Adresse stimmt nicht mit Ihrer Eingabe überein.');
} else {
$result = edit_email($this->user, $email1);
$messages = explode('§', $result[1]);
if ($result[0]) {
$this->user->Email = $email1;
if (count($messages) < 2) {
$success[] = _('Ihre E-Mail-Adresse wurde geändert!');
}
}
for ($i = 0; $i < count($messages); $i += 2) {
$type = $messages[$i];
if ($type === 'msg') {
$type = 'success';
} else {
if ($type === 'error') {
$type = 'errors';
}
}
${$type}[] = $messages[$i + 1];
}
}
}
}
}
if (count($errors) > 0) {
$this->reportErrorWithDetails(_('Bitte überprüfen Sie Ihre Eingaben:'), $errors);
} else {
if ($this->user->store()) {
$this->reportSuccessWithDetails(_('Ihre Nutzerdaten wurden geändert.'), $success);
if (count($info) > 0) {
$this->reportInfoWithDetails(_('Bitte beachten Sie:'), $info);
}
}
}
if ($logout) {
$token = uniqid('logout', true);
$this->flash['logout-token'] = $token;
$this->redirect('settings/account/logout?token=' . $token);
} else {
$this->redirect('settings/account');
}
}
/**
* Displays the user domain settings of a user.
*/
public function index_action()
{
$this->allow_change = !StudipAuthAbstract::CheckField("userdomain_id", $this->user->auth_plugin) && $GLOBALS['perm']->have_perm('admin');
}
/**
* check authentication for a user.
*
* @param string the api key.
* @param string the user's username.
* @param string the user's username.
*
* @return boolean returns TRUE if authentication was successful or a fault
* otherwise.
*/
function check_credentials_action($api_key, $username, $password)
{
list($user_id, $error_msg, $is_new_user) = array_values(StudipAuthAbstract::CheckAuthentication($username, $password));
if ($user_id === false) {
return new Studip_Ws_Fault(strip_tags($error_msg));
} else {
return true;
}
}
</label>
</td>
</tr>
</tbody>
<? if (in_array($user['perms'], words('autor tutor dozent'))) : ?>
<tbody>
<tr class="header-row">
<th colspan="3" class="toggle-indicator">
<a class="toggler"><b><?php
echo _('Studiendaten');
?>
</b></a>
</th>
</tr>
<? if (!StudipAuthAbstract::CheckField('studiengang_id', $auth_plugin)) : ?>
<tr>
<td>
<label for="new_studiengang"><?php
echo _('Neuer Studiengang');
?>
</label>
</td>
<td colspan="2">
<? $about->select_studiengang() ?>
<? $about->select_abschluss() ?>
<select name="fachsem">
<? for ($s=1; $s < 51; $s++) : ?>
<option><?php
echo $s;
?>
require '../lib/bootstrap.php';
page_open(array("sess" => "Seminar_Session", "auth" => "Seminar_Default_Auth", "perm" => "Seminar_Perm", "user" => "Seminar_User"));
require_once 'lib/messaging.inc.php';
//nur wenn wir angemeldet sind sollten wir dies tun!
if ($auth->auth["uid"] != "nobody") {
$sms = new messaging();
$my_messaging_settings = UserConfig::get($user->id)->MESSAGING_SETTINGS;
//Wenn Option dafuer gewaehlt, alle ungelsesenen Nachrichten als gelesen speichern
if ($my_messaging_settings["logout_markreaded"]) {
$sms->set_read_all_messages();
}
$logout_user = $user->id;
// TODO this needs to be generalized or removed
//erweiterung cas
if ($auth->auth["auth_plugin"] == "cas") {
$casauth = StudipAuthAbstract::GetInstance('cas');
$docaslogout = true;
}
//Logout aus dem Sessionmanagement
$auth->logout();
$sess->delete();
page_close();
//Session changed zuruecksetzen
$timeout = time() - 15 * 60;
$user->set_last_action($timeout);
//der logout() Aufruf fuer CAS (dadurch wird das Cookie (Ticket) im Browser zerstoert)
if ($docaslogout) {
$casauth->logout();
}
} else {
$sess->delete();
/**
* Change an existing studip user according to the given parameters
*
* @access public
* @param array structure: array('string table_name.field_name'=>'string value')
* @return bool Change successful?
*/
function changeUser($newuser)
{
global $perm;
// Do we have permission to do so?
if (!$perm->have_perm("admin")) {
$this->msg .= "error§" . _("Sie haben keine Berechtigung Accounts zu verändern.") . "§";
return FALSE;
}
if (!$perm->is_fak_admin() && $newuser['auth_user_md5.perms'] == "admin") {
$this->msg .= "error§" . _("Sie haben keine Berechtigung, <em>Admin-Accounts</em> anzulegen.") . "§";
return FALSE;
}
if (!$perm->have_perm("root") && $newuser['auth_user_md5.perms'] == "root") {
$this->msg .= "error§" . _("Sie haben keine Berechtigung, <em>Root-Accounts</em> anzulegen.") . "§";
return FALSE;
}
if (!$perm->have_perm("root")) {
if (!$perm->is_fak_admin() && $this->user_data['auth_user_md5.perms'] == "admin") {
$this->msg .= "error§" . _("Sie haben keine Berechtigung <em>Admin-Accounts</em> zu verändern.") . "§";
return FALSE;
}
if ($this->user_data['auth_user_md5.perms'] == "root") {
$this->msg .= "error§" . _("Sie haben keine Berechtigung <em>Root-Accounts</em> zu verändern.") . "§";
return FALSE;
}
if ($perm->is_fak_admin() && $this->user_data['auth_user_md5.perms'] == "admin") {
if (!$this->adminOK()) {
$this->msg .= "error§" . _("Sie haben keine Berechtigung diesen Admin-Account zu verändern.") . "§";
return FALSE;
}
}
}
// active dozent? (ignore the studygroup guys)
$status = studygroup_sem_types();
if (empty($status)) {
$count = 0;
} else {
$query = "SELECT COUNT(*)\n FROM seminar_user AS su\n LEFT JOIN seminare AS s USING (Seminar_id)\n WHERE su.user_id = ?\n AND s.status NOT IN (?)\n AND su.status = 'dozent'\n AND (SELECT COUNT(*) FROM seminar_user su2 WHERE Seminar_id = su.Seminar_id AND su2.status = 'dozent') = 1\n GROUP BY user_id";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id'], $status));
$count = $statement->fetchColumn();
}
if ($count && isset($newuser['auth_user_md5.perms']) && $newuser['auth_user_md5.perms'] != "dozent") {
$this->msg .= sprintf("error§" . _("Der Benutzer <em>%s</em> ist alleiniger Dozent in %s aktiven Veranstaltungen und kann daher nicht in einen anderen Status versetzt werden!") . "§", $this->user_data['auth_user_md5.username'], $count);
return FALSE;
}
// active admin?
if ($this->user_data['auth_user_md5.perms'] == 'admin' && $newuser['auth_user_md5.perms'] != 'admin') {
// count number of institutes where the user is admin
$query = "SELECT COUNT(*)\n FROM user_inst\n WHERE user_id = ? AND inst_perms = 'admin'\n GROUP BY Institut_id";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
// if there are institutes with admin-perms, add error-message and deny change
if ($count = $statement->fetchColumn()) {
$this->msg .= sprintf('error§' . _("Der Benutzer <em>%s</em> ist Admin in %s Einrichtungen und kann daher nicht in einen anderen Status versetzt werden!") . '§', $this->user_data['auth_user_md5.username'], $count);
return false;
}
}
// Is the username correct?
if (isset($newuser['auth_user_md5.username'])) {
if ($this->user_data['auth_user_md5.username'] != $newuser['auth_user_md5.username']) {
if (!$this->validator->ValidateUsername($newuser['auth_user_md5.username'])) {
$this->msg .= "error§" . _("Der gewählte Benutzername ist zu kurz oder enthält unzulässige Zeichen!") . "§";
return FALSE;
}
$check_uname = StudipAuthAbstract::CheckUsername($newuser['auth_user_md5.username']);
if ($check_uname['found']) {
$this->msg .= "error§" . _("Der Benutzername wird bereits von einem anderen Benutzer verwendet. Bitte wählen Sie einen anderen Benutzernamen!") . "§";
return false;
} else {
//$this->msg .= "info§" . $check_uname['error'] ."§";
}
} else {
unset($newuser['auth_user_md5.username']);
}
}
// Can we reach the email?
if (isset($newuser['auth_user_md5.Email'])) {
if (!$this->checkMail($newuser['auth_user_md5.Email'])) {
return FALSE;
}
}
// Store changed values in internal array if allowed
$old_perms = $this->user_data['auth_user_md5.perms'];
$auth_plugin = $this->user_data['auth_user_md5.auth_plugin'];
foreach ($newuser as $key => $value) {
if (!StudipAuthAbstract::CheckField($key, $auth_plugin)) {
$this->user_data[$key] = $value;
} else {
$this->msg .= "error§" . sprintf(_("Das Feld <em>%s</em> können Sie nicht ändern!"), $key) . "§";
return FALSE;
}
}
if (!$this->storeToDatabase()) {
$this->msg .= "info§" . _("Es wurden keine Veränderungen der Grunddaten vorgenommen.") . "§";
return false;
}
$this->msg .= "msg§" . sprintf(_("Benutzer \"%s\" verändert."), $this->user_data['auth_user_md5.username']) . "§";
if ($auth_plugin !== null) {
// Automated entering new users, based on their status (perms)
$result = AutoInsert::instance()->saveUser($this->user_data['auth_user_md5.user_id'], $newuser['auth_user_md5.perms']);
foreach ($result['added'] as $item) {
$this->msg .= "msg§" . sprintf(_("Das automatische Eintragen in die Veranstaltung <em>%s</em> wurde durchgeführt."), $item) . "§";
}
foreach ($result['removed'] as $item) {
$this->msg .= "msg§" . sprintf(_("Das automatische Austragen aus der Veranstaltung <em>%s</em> wurde durchgeführt."), $item) . "§";
}
// include language-specific subject and mailbody
$user_language = getUserLanguagePath($this->user_data['auth_user_md5.user_id']);
$Zeit = date("H:i:s, d.m.Y", time());
include "locale/{$user_language}/LC_MAILS/change_mail.inc.php";
// send mail
StudipMail::sendMessage($this->user_data['auth_user_md5.Email'], $subject, $mailbody);
}
// Upgrade to admin or root?
if ($newuser['auth_user_md5.perms'] == "admin" || $newuser['auth_user_md5.perms'] == "root") {
$this->re_sort_position_in_seminar_user();
// delete all seminar entries
$query = "SELECT seminar_id FROM seminar_user WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
$seminar_ids = $statement->fetchAll(PDO::FETCH_COLUMN);
$query = "DELETE FROM seminar_user WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus Veranstaltungen gelöscht."), $db_ar) . "§";
array_map('update_admission', $seminar_ids);
}
// delete all entries from waiting lists
$query = "SELECT seminar_id FROM admission_seminar_user WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
$seminar_ids = $statement->fetchAll(PDO::FETCH_COLUMN);
$query = "DELETE FROM admission_seminar_user WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus Wartelisten gelöscht."), $db_ar) . "§";
array_map('update_admission', $seminar_ids);
}
// delete 'Studiengaenge'
$query = "DELETE FROM user_studiengang WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Zuordnungen zu Studiengängen gelöscht."), $db_ar) . "§";
}
// delete all private appointments of this user
if ($db_ar = delete_range_of_dates($this->user_data['auth_user_md5.user_id'], FALSE) > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus den Terminen gelöscht."), $db_ar) . "§";
}
}
if ($newuser['auth_user_md5.perms'] == "admin") {
$this->logInstUserDel($this->user_data['auth_user_md5.user_id'], "inst_perms != 'admin'");
$query = "DELETE FROM user_inst WHERE user_id = ? AND inst_perms != 'admin'";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus MitarbeiterInnenlisten gelöscht."), $db_ar) . "§";
}
}
if ($newuser['auth_user_md5.perms'] == "root") {
$this->logInstUserDel($this->user_data['auth_user_md5.user_id']);
$query = "DELETE FROM user_inst WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus MitarbeiterInnenlisten gelöscht."), $db_ar) . "§";
}
}
return TRUE;
}
/**
* @return bool
*/
function auth_validatelogin()
{
global $_language_path;
//prevent replay attack
if (!Seminar_Session::check_ticket(Request::option('login_ticket'))) {
return false;
}
// check for direct link
if (!$_SESSION['_language'] || $_SESSION['_language'] == "") {
$_SESSION['_language'] = get_accepted_languages();
}
$_language_path = init_i18n($_SESSION['_language']);
include 'config.inc.php';
$this->auth["uname"] = Request::get('loginname');
// This provides access for "loginform.ihtml"
$this->auth["jscript"] = Request::get('resolution') != "";
$this->auth['devicePixelRatio'] = Request::float('device_pixel_ratio');
$check_auth = StudipAuthAbstract::CheckAuthentication(Request::get('loginname'), Request::get('password'));
if ($check_auth['uid']) {
$uid = $check_auth['uid'];
if ($check_auth['need_email_activation'] == $uid) {
$this->need_email_activation = $uid;
$_SESSION['semi_logged_in'] = $uid;
return false;
}
$user = $check_auth['user'];
$this->auth["perm"] = $user->perms;
$this->auth["uname"] = $user->username;
$this->auth["auth_plugin"] = $user->auth_plugin;
$this->auth_set_user_settings($user);
Metrics::increment('core.login.succeeded');
return $uid;
} else {
Metrics::increment('core.login.failed');
$this->error_msg = $check_auth['error'];
return false;
}
}
/**
* Determines whether a user is permitted to change a certain value
* and if provided, whether the value has actually changed.
*
* @param String $field Which db field shall change
* @param mixed $attribute Which attribute is related (optional,
* automatically guessedif missing)
* @param mixed $value Optional new value of the field (used to determine
* whether the value has actually changed)
* @return bool Indicates whether the value shall actually change
*/
public function shallChange($field, $attribute = null, $value = null)
{
$column = end(explode('.', $field));
$attribute = $attribute ?: strtolower($column);
$global_mapping = array('email' => 'ALLOW_CHANGE_EMAIL', 'name' => 'ALLOW_CHANGE_NAME', 'title' => 'ALLOW_CHANGE_TITLE', 'username' => 'ALLOW_CHANGE_USERNAME');
if (isset($global_mapping[$attribute]) and !$GLOBALS[$global_mapping[$attribute]]) {
return false;
}
return !($field && StudipAuthAbstract::CheckField($field, $this->user->auth_plugin)) && !LockRules::check($this->user->user_id, $attribute) && ($value === null || $this->user->{$column} != $value);
}
function edit_email($user, $email, $force = False)
{
$msg = '';
$query = "SELECT email, username, auth_plugin\n FROM auth_user_md5\n WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($user->user_id));
$row = $statement->fetch(PDO::FETCH_ASSOC);
$email_cur = $row['email'];
$username = $row['username'];
$auth_plugin = $row['auth_plugin'];
if ($email_cur == $email && !$force) {
return array(True, $msg);
}
if (StudipAuthAbstract::CheckField("auth_user_md5.Email", $auth_plugin) || LockRules::check($user->user_id, 'email')) {
return array(False, $msg);
}
if (!$GLOBALS['ALLOW_CHANGE_EMAIL']) {
return array(False, $msg);
}
$validator = new email_validation_class();
## Klasse zum Ueberpruefen der Eingaben
$validator->timeout = 10;
$REMOTE_ADDR = $_SERVER["REMOTE_ADDR"];
$Zeit = date("H:i:s, d.m.Y", time());
// accept only registered domains if set
$email_restriction = trim(get_config('EMAIL_DOMAIN_RESTRICTION'));
if (!$validator->ValidateEmailAddress($email, $email_restriction)) {
if ($email_restriction) {
$email_restriction_msg_part = '';
$email_restriction_parts = explode(',', $email_restriction);
for ($email_restriction_count = 0; $email_restriction_count < count($email_restriction_parts); $email_restriction_count++) {
if ($email_restriction_count == count($email_restriction_parts) - 1) {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . '<br>';
} else {
if (($email_restriction_count + 1) % 3) {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ', ';
} else {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ',<br>';
}
}
}
$msg .= 'error§' . sprintf(_("Die E-Mail-Adresse fehlt, ist falsch geschrieben oder gehört nicht zu folgenden Domains:%s"), '<br>' . $email_restriction_msg_part);
} else {
$msg .= "error§" . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "§";
}
return array(False, $msg);
// E-Mail syntaktisch nicht korrekt oder fehlend
}
if (!$validator->ValidateEmailHost($email)) {
// Mailserver nicht erreichbar, ablehnen
$msg .= "error§" . _("Der Mailserver ist nicht erreichbar. Bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken können!") . "§";
return array(False, $msg);
} else {
// Server ereichbar
if (!$validator->ValidateEmailBox($email)) {
// aber user unbekannt. Mail an abuse!
StudipMail::sendAbuseMessage("edit_about", "Emailbox unbekannt\n\nUser: "******"\nEmail: {$email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n");
$msg .= "error§" . _("Die angegebene E-Mail-Adresse ist nicht erreichbar. Bitte überprüfen Sie Ihre Angaben!") . "§";
return array(False, $msg);
}
}
$query = "SELECT Vorname, Nachname\n FROM auth_user_md5\n WHERE Email = ? AND user_id != ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($email, $user->user_id));
$row = $statement->fetch(PDO::FETCH_ASSOC);
if ($row) {
$msg .= "error§" . sprintf(_("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer (%s %s) verwendet. Bitte geben Sie eine andere E-Mail-Adresse an."), htmlReady($row['Vorname']), htmlReady($row['Nachname'])) . "§";
return array(False, $msg);
}
// This already moved to the controller
// $query = "UPDATE auth_user_md5 SET Email = ? WHERE user_id = ?";
// $statement = DBManager::get()->prepare($query);
// $statement->execute(array($email, $uid));
if (StudipAuthAbstract::CheckField("auth_user_md5.validation_key", $auth_plugin)) {
$msg .= "msg§" . _("Ihre E-Mail-Adresse wurde geändert!") . "§";
return array(True, $msg);
} else {
// auth_plugin does not map validation_key (what if...?)
// generate 10 char activation key
$key = '';
mt_srand((double) microtime() * 1000000);
for ($i = 1; $i <= 10; $i++) {
$temp = mt_rand() % 36;
if ($temp < 10) {
$temp += 48;
} else {
$temp += 87;
}
// a = chr(97), z = chr(122)
$key .= chr($temp);
}
$user->validation_key = $key;
$activatation_url = $GLOBALS['ABSOLUTE_URI_STUDIP'] . 'activate_email.php?uid=' . $user->user_id . '&key=' . $user->validation_key;
// include language-specific subject and mailbody with fallback to german
$lang = $GLOBALS['_language_path'];
// workaround
if ($lang == '') {
$lang = 'de';
}
include_once "locale/{$lang}/LC_MAILS/change_self_mail.inc.php";
$mail = StudipMail::sendMessage($email, $subject, $mailbody);
if (!$mail) {
return array(True, $msg);
}
$query = "UPDATE auth_user_md5 SET validation_key = ? WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($user->validation_key, $user->user_id));
$msg .= "info§<b>" . sprintf(_('An Ihre neue E-Mail-Adresse <b>%s</b> wurde ein Aktivierungslink geschickt, dem Sie folgen müssen bevor Sie sich das nächste mal einloggen können.'), $email) . '</b>§';
log_event("USER_NEWPWD", $user->user_id);
// logging
}
return array(True, $msg);
}
/**
* Constructor
*
*
* @access public
*
*/
function __construct()
{
//calling the baseclass constructor
parent::__construct();
}
/**
* @return bool|string
*/
function auth_doregister()
{
global $_language_path;
$this->error_msg = "";
// check for direct link to register2.php
if (!$_SESSION['_language'] || $_SESSION['_language'] == "") {
$_SESSION['_language'] = get_accepted_languages();
}
$_language_path = init_i18n($_SESSION['_language']);
$this->auth["uname"] = Request::username('username');
// This provides access for "crcregister.ihtml"
$validator = new email_validation_class();
// Klasse zum Ueberpruefen der Eingaben
$validator->timeout = 10;
// Wie lange warten wir auf eine Antwort des Mailservers?
if (!Seminar_Session::check_ticket(Request::option('login_ticket'))) {
return false;
}
$username = trim(Request::get('username'));
$Vorname = trim(Request::get('Vorname'));
$Nachname = trim(Request::get('Nachname'));
// accept only registered domains if set
$cfg = Config::GetInstance();
$email_restriction = $cfg->getValue('EMAIL_DOMAIN_RESTRICTION');
if ($email_restriction) {
$Email = trim(Request::get('Email')) . '@' . trim(Request::get('emaildomain'));
} else {
$Email = trim(Request::get('Email'));
}
if (!$validator->ValidateUsername($username)) {
$this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist zu kurz!") . "<br>";
return false;
}
// username syntaktisch falsch oder zu kurz
// auf doppelte Vergabe wird weiter unten getestet.
if (!$validator->ValidatePassword(Request::quoted('password'))) {
$this->error_msg = $this->error_msg . _("Das Passwort ist zu kurz!") . "<br>";
return false;
}
if (!$validator->ValidateName($Vorname)) {
$this->error_msg = $this->error_msg . _("Der Vorname fehlt oder ist unsinnig!") . "<br>";
return false;
}
// Vorname nicht korrekt oder fehlend
if (!$validator->ValidateName($Nachname)) {
$this->error_msg = $this->error_msg . _("Der Nachname fehlt oder ist unsinnig!") . "<br>";
return false;
// Nachname nicht korrekt oder fehlend
}
if (!$validator->ValidateEmailAddress($Email)) {
$this->error_msg = $this->error_msg . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "<br>";
return false;
}
// E-Mail syntaktisch nicht korrekt oder fehlend
$REMOTE_ADDR = $_SERVER["REMOTE_ADDR"];
$Zeit = date("H:i:s, d.m.Y", time());
if (!$validator->ValidateEmailHost($Email)) {
// Mailserver nicht erreichbar, ablehnen
$this->error_msg = $this->error_msg . _("Der Mailserver ist nicht erreichbar, bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken und empfangen können!") . "<br>";
return false;
} else {
// Server ereichbar
if (!$validator->ValidateEmailBox($Email)) {
// aber user unbekannt. Mail an abuse!
StudipMail::sendAbuseMessage("Register", "Emailbox unbekannt\n\nUser: {$username}\nEmail: {$Email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n");
$this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse ist nicht erreichbar, bitte überprüfen Sie Ihre Angaben!") . "<br>";
return false;
} else {
// Alles paletti, jetzt kommen die Checks gegen die Datenbank...
}
}
$check_uname = StudipAuthAbstract::CheckUsername($username);
if ($check_uname['found']) {
// error_log("username schon vorhanden", 0);
$this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist bereits vorhanden!") . "<br>";
return false;
// username schon vorhanden
}
if (count(User::findBySQL("Email LIKE " . DbManager::get()->quote($Email)))) {
$this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer verwendet. Sie müssen eine andere E-Mail-Adresse angeben!") . "<br>";
return false;
// Email schon vorhanden
}
// alle Checks ok, Benutzer registrieren...
$hasher = UserManagement::getPwdHasher();
$new_user = new User();
$new_user->username = $username;
$new_user->perms = 'user';
$new_user->password = $hasher->HashPassword(Request::get('password'));
$new_user->vorname = $Vorname;
$new_user->nachname = $Nachname;
$new_user->email = $Email;
$new_user->geschlecht = Request::int('geschlecht');
$new_user->title_front = trim(Request::get('title_front', Request::get('title_front_chooser')));
$new_user->title_rear = trim(Request::get('title_rear', Request::get('title_rear_chooser')));
$new_user->auth_plugin = 'standard';
$new_user->store();
if ($new_user->user_id) {
self::sendValidationMail($new_user);
$this->auth["perm"] = $new_user->perms;
return $new_user->user_id;
}
}
/**
* static method to check for a mapped field
*
* this method checks in the plugin with the passed name, if the passed
* Stud.IP DB field is mapped to an external data source
*
* @access public
* @static
* @param string the name of the db field must be in form '<table name>.<field name>'
* @param string the name of the plugin to check
* @return bool true if the field is mapped, else false
*/
static function CheckField($field_name, $plugin_name)
{
if (!$plugin_name) {
return false;
}
$plugin = StudipAuthAbstract::GetInstance($plugin_name);
return is_object($plugin) ? $plugin->isMappedField($field_name) : false;
}
/**
* get preferences
*
* shows additional settings.
* @access public
*/
function getPreferences()
{
global $connected_cms;
$role_template_name = Request::get('role_template_name');
$cat_name = Request::get('cat_name');
$this->soap_client->setCachingStatus(false);
if ($cat_name != "") {
$cat = $this->soap_client->getReferenceByTitle(trim($cat_name), "cat");
if ($cat == false) {
$messages["error"] .= sprintf(_("Das Objekt mit dem Namen \"%s\" wurde im System %s nicht gefunden."), htmlReady($cat_name), htmlReady($this->getName())) . "<br>\n";
} elseif ($cat != "") {
ELearningUtils::setConfigValue("category_id", $cat, $this->cms_type);
$this->main_category_node_id = $cat;
}
}
if ($this->main_category_node_id != false and ELearningUtils::getConfigValue("user_category_id", $this->cms_type) == "") {
$object_data["title"] = sprintf(_("User-Daten"));
$object_data["description"] = _("Hier befinden sich die persönlichen Ordner der Stud.IP-User.");
$object_data["type"] = "cat";
$object_data["owner"] = $this->user->getId();
$user_cat = $connected_cms[$this->cms_type]->soap_client->addObject($object_data, $connected_cms[$this->cms_type]->main_category_node_id);
if ($user_cat != false) {
$this->user_category_node_id = $user_cat;
ELearningUtils::setConfigValue("user_category_id", $user_cat, $this->cms_type);
} else {
$messages["error"] .= _("Die Kategorie für User-Daten konnte nicht angelegt werden.") . "<br>\n";
}
}
if ($role_template_name != "") {
$role_template = $this->soap_client->getObjectByTitle(trim($role_template_name), "rolt");
if ($role_template == false) {
$messages["error"] .= sprintf(_("Das Rollen-Template mit dem Namen \"%s\" wurde im System %s nicht gefunden."), htmlReady($role_template_name), htmlReady($this->getName())) . "<br>\n";
}
if (is_array($role_template)) {
ELearningUtils::setConfigValue("user_role_template_id", $role_template["obj_id"], $this->cms_type);
ELearningUtils::setConfigValue("user_role_template_name", $role_template["title"], $this->cms_type);
$this->user_role_template_id = $role_template["obj_id"];
}
}
if (Request::submitted('submit')) {
ELearningUtils::setConfigValue("encrypt_passwords", Request::option("encrypt_passwords"), $this->cms_type);
$encrypt_passwords = Request::option("encrypt_passwords");
ELearningUtils::setConfigValue("ldap_enable", Request::option("ldap_enable"), $this->cms_type);
$this->ldap_enable = Request::option("ldap_enable");
} else {
if (ELearningUtils::getConfigValue("encrypt_passwords", $this->cms_type) != "") {
$encrypt_passwords = ELearningUtils::getConfigValue("encrypt_passwords", $this->cms_type);
}
}
$cat = $this->soap_client->getObjectByReference($this->main_category_node_id);
$user_cat = $this->soap_client->getObjectByReference($this->user_category_node_id);
$title = $this->link->getModuleLink($user_cat["title"], $this->user_category_node_id, "cat");
$ldap_options = array();
foreach (StudipAuthAbstract::GetInstance() as $plugin) {
if ($plugin instanceof StudipAuthLdap) {
$ldap_options[] = '<option ' . ($plugin->plugin_name == $this->ldap_enable ? 'selected' : '') . '>' . $plugin->plugin_name . '</option>';
}
}
ob_start();
ConnectedCMS::getPreferences();
$module_types = ob_get_clean();
$template = $GLOBALS['template_factory']->open('elearning/ilias4_connected_cms_preferences.php');
$template->set_attribute('messages', $messages);
$template->set_attribute('soap_error', $this->soap_client->getError());
$template->set_attribute('soap_data', $this->soap_data);
$template->set_attribute('main_category_node_id', $this->main_category_node_id);
$template->set_attribute('main_category_node_id_title', $cat['title']);
$template->set_attribute('user_category_node_id', $this->user_category_node_id);
$template->set_attribute('user_category_node_id_title', $title);
$template->set_attribute('user_role_template_name', ELearningUtils::getConfigValue("user_role_template_name", $this->cms_type));
$template->set_attribute('user_role_template_id', $this->user_role_template_id);
$template->set_attribute('encrypt_passwords', $encrypt_passwords);
$template->set_attribute('ldap_options', count($ldap_options) ? join("\n", array_merge(array('<option></option>'), $ldap_options)) : '');
$template->set_attribute('module_types', $module_types);
echo $template->render();
}
/**
* Initialize the subnavigation of this item. This method
* is called once before the first item is added or removed.
*/
public function initSubNavigation()
{
global $user, $perm;
parent::initSubNavigation();
$username = Request::username('username', $user->username);
$current_user = $username == $user->username ? $user : User::findByUsername($username);
// profile
$navigation = new Navigation(_('Profil'), 'dispatch.php/profile/index');
$this->addSubNavigation('index', $navigation);
if ($perm->have_profile_perm('user', $current_user->user_id)) {
// avatar
$navigation = new Navigation(_('Bild'), 'dispatch.php/settings/avatar');
$this->addSubNavigation('avatar', $navigation);
// profile data
$navigation = new Navigation(_('Nutzerdaten'));
$navigation->addSubNavigation('profile', new Navigation(_('Grunddaten'), 'dispatch.php/settings/account'));
if (($perm->get_profile_perm($current_user->user_id) == 'user' || $perm->have_perm('root') && Config::get()->ALLOW_ADMIN_USERACCESS) && !StudipAuthAbstract::CheckField('auth_user_md5.password', $current_user->auth_plugin) && !LockRules::check($current_user->user_id, 'password')) {
$navigation->addSubNavigation('password', new Navigation(_('Passwort ändern'), 'dispatch.php/settings/password'));
}
$navigation->addSubNavigation('details', new Navigation(_('Weitere Daten'), 'dispatch.php/settings/details'));
if (!in_array($current_user->perms, words('user admin root'))) {
$navigation->addSubNavigation('studies', new Navigation(_('Studiendaten'), 'dispatch.php/settings/studies'));
}
if ($current_user->perms != 'root') {
if (count(UserDomain::getUserDomains())) {
$navigation->addSubNavigation('userdomains', new Navigation(_('Nutzerdomänen'), 'dispatch.php/settings/userdomains'));
}
if ($perm->is_staff_member($current_user->user_id)) {
$navigation->addSubNavigation('statusgruppen', new Navigation(_('Einrichtungsdaten'), 'dispatch.php/settings/statusgruppen'));
}
}
$this->addSubNavigation('edit', $navigation);
if ($perm->have_perm('autor')) {
$navigation = new Navigation(_('Einstellungen'));
$navigation->addSubNavigation('general', new Navigation(_('Allgemeines'), 'dispatch.php/settings/general'));
$navigation->addSubNavigation('privacy', new Navigation(_('Privatsphäre'), 'dispatch.php/settings/privacy'));
$navigation->addSubNavigation('messaging', new Navigation(_('Nachrichten'), 'dispatch.php/settings/messaging'));
if (get_config('CALENDAR_ENABLE')) {
$navigation->addSubNavigation('calendar_new', new Navigation(_('Terminkalender'), 'dispatch.php/settings/calendar'));
}
if (!$perm->have_perm('admin') and get_config('MAIL_NOTIFICATION_ENABLE')) {
$navigation->addSubNavigation('notification', new Navigation(_('Benachrichtigung'), 'dispatch.php/settings/notification'));
}
if (isDefaultDeputyActivated() && $perm->get_perm() == 'dozent') {
$navigation->addSubNavigation('deputies', new Navigation(_('Standardvertretung'), 'dispatch.php/settings/deputies'));
}
if (Config::Get()->API_ENABLED) {
$navigation->addSubNavigation('api', new Navigation(_('API-Berechtigungen'), 'dispatch.php/api/authorizations'));
}
$this->addSubNavigation('settings', $navigation);
}
// user defined sections
$navigation = new Navigation(_('Kategorien'), 'dispatch.php/settings/categories');
$this->addSubNavigation('categories', $navigation);
}
// user documents page
if (Config::get()->PERSONALDOCUMENT_ENABLE && ($perm->have_profile_perm('user', $current_user->user_id) || Config::get()->PERSONALDOCUMENT_OPEN_ACCESS)) {
$title = _('Meine Dateien');
if (Config::get()->PERSONALDOCUMENT_OPEN_ACCESS && $current_user->id !== $user->id) {
$title = _('Dateibereich');
}
$navigation = new Navigation($title, 'dispatch.php/document/files');
$this->addSubNavigation('files', $navigation);
}
}
/**
* Constructor
*
*
* @access public
*
*/
function __construct()
{
parent::__construct();
}
