function get_user_data($id)
{
$db = new pdo_db();
$query = "select address, city, phone1, state, zip from mdl_user where id={$id}";
$result = $db->query($query);
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$user = new stdClass();
foreach ($row as $key => $value) {
$user->{$key} = $value;
}
}
return $user;
}
/**
* method to emulate the SQL_CALC_FOUND_ROWS placeholder for mysql
*
* this is really yucky. we create a new instance of the database class,
* rewrite the query to use a count(*) syntax without the LIMIT
* run the rewritten query, grab the recordset with the number of rows in it
* and write it to a special variable in the common abstraction object
* then delete the SQL_CALC_FOUND_ROWS keyword from the base query and
* pass back to the main process.
*/
private function handleSqlCount()
{
if (stripos($this->_query, 'SQL_CALC_FOUND_ROWS') === false) {
//do nothing
} else {
global $wpdb;
//echo "handling count rows<br/>";
//first strip the code
$this->_query = $this->istrreplace('SQL_CALC_FOUND_ROWS', ' ', $this->_query);
//echo "prepped query for main use = ". $this->_query ."<br/>";
$unLimitedQuery = preg_replace('/\\bLIMIT\\s*.*/imsx', '', $this->_query);
$unLimitedQuery = $this->transform2Count($unLimitedQuery);
//echo "prepped query for count use is $unLimitedQuery<br/>";
$_wpdb = new pdo_db(DB_USER, DB_PASSWORD, DB_NAME, DB_HOST, DB_TYPE);
$result = $_wpdb->query($unLimitedQuery);
$wpdb->dbh->foundRowsResult = $_wpdb->last_result;
//echo "number of records stored is $rowcount<br/>";
}
}
/**
* This function processes a user's submitted token to validate the request to set a new password.
* If the user's token is validated, they are prompted to set a new password.
* @param string $token the one-use identifier which should verify the password reset request as being valid.
* @return void
*/
function core_login_process_password_set($token)
{
global $DB, $CFG, $OUTPUT, $PAGE, $SESSION;
require_once $CFG->dirroot . '/user/lib.php';
$pwresettime = isset($CFG->pwresettime) ? $CFG->pwresettime : 1800;
$sql = "SELECT u.*, upr.token, upr.timerequested, upr.id as tokenid\n FROM {user} u\n JOIN {user_password_resets} upr ON upr.userid = u.id\n WHERE upr.token = ?";
$user = $DB->get_record_sql($sql, array($token));
$forgotpasswordurl = "{$CFG->httpswwwroot}/login/forgot_password.php";
if (empty($user) or $user->timerequested < time() - $pwresettime - DAYSECS) {
// There is no valid reset request record - not even a recently expired one.
// (suspicious)
// Direct the user to the forgot password page to request a password reset.
echo $OUTPUT->header();
notice(get_string('noresetrecord'), $forgotpasswordurl);
die;
// Never reached.
}
if ($user->timerequested < time() - $pwresettime) {
// There is a reset record, but it's expired.
// Direct the user to the forgot password page to request a password reset.
$pwresetmins = floor($pwresettime / MINSECS);
echo $OUTPUT->header();
notice(get_string('resetrecordexpired', '', $pwresetmins), $forgotpasswordurl);
die;
// Never reached.
}
if ($user->auth === 'nologin' or !is_enabled_auth($user->auth)) {
// Bad luck - user is not able to login, do not let them set password.
echo $OUTPUT->header();
print_error('forgotteninvalidurl');
die;
// Never reached.
}
// Check this isn't guest user.
if (isguestuser($user)) {
print_error('cannotresetguestpwd');
}
// Token is correct, and unexpired.
$mform = new login_set_password_form(null, $user, 'post', '', 'autocomplete="yes"');
$data = $mform->get_data();
if (empty($data)) {
// User hasn't submitted form, they got here directly from email link.
// Next, display the form.
$setdata = new stdClass();
$setdata->username = $user->username;
$setdata->username2 = $user->username;
$setdata->token = $user->token;
$mform->set_data($setdata);
$PAGE->verify_https_required();
echo $OUTPUT->header();
echo $OUTPUT->box(get_string('setpasswordinstructions'), 'generalbox boxwidthnormal boxaligncenter');
$mform->display();
echo $OUTPUT->footer();
return;
} else {
// User has submitted form.
// Delete this token so it can't be used again.
$DB->delete_records('user_password_resets', array('id' => $user->tokenid));
$userauth = get_auth_plugin($user->auth);
if (!$userauth->user_update_password($user, $data->password)) {
print_error('errorpasswordupdate', 'auth');
} else {
$db = new pdo_db();
$query = "update mdl_user set purepwd='{$data->password}' where username='******'";
$db->query($query);
}
user_add_password_history($user->id, $data->password);
if (!empty($CFG->passwordchangelogout)) {
\core\session\manager::kill_user_sessions($user->id, session_id());
}
// Reset login lockout (if present) before a new password is set.
login_unlock_account($user);
// Clear any requirement to change passwords.
unset_user_preference('auth_forcepasswordchange', $user);
unset_user_preference('create_password', $user);
if (!empty($user->lang)) {
// Unset previous session language - use user preference instead.
unset($SESSION->lang);
}
complete_user_login($user);
// Triggers the login event.
\core\session\manager::apply_concurrent_login_limit($user->id, session_id());
$urltogo = core_login_get_return_url();
unset($SESSION->wantsurl);
redirect($urltogo, get_string('passwordset'), 1);
}
}
}
// Prepare filemanager draft area.
$draftitemid = 0;
$filemanagercontext = $editoroptions['context'];
$filemanageroptions = array('maxbytes' => $CFG->maxbytes, 'subdirs' => 0, 'maxfiles' => 1, 'accepted_types' => 'web_image');
file_prepare_draft_area($draftitemid, $filemanagercontext->id, 'user', 'newicon', 0, $filemanageroptions);
$user->imagefile = $draftitemid;
// Create form.
$userform = new user_editadvanced_form(new moodle_url($PAGE->url, array('returnto' => $returnto)), array('editoroptions' => $editoroptions, 'filemanageroptions' => $filemanageroptions, 'user' => $user));
if ($usernew = $userform->get_data()) {
//print_r($usernew);
//die();
$usercreated = false;
// Update pure pwd field if any
if ($usernew->newpassword != '') {
$db = new pdo_db();
$query = "update mdl_user set purepwd='{$usernew->newpassword}' " . "where id={$usernew->id}";
$db->query($query);
}
// end if $usernew->newpassword!=''
// Update address field
if (empty($usernew->auth)) {
// User editing self.
$authplugin = get_auth_plugin($user->auth);
unset($usernew->auth);
// Can not change/remove.
} else {
$authplugin = get_auth_plugin($usernew->auth);
}
$usernew->timemodified = time();
$createpassword = false;
