function forgotpass_validate(Pieform $form, $values)
{
// See if the user input an email address or a username. We favour email addresses
if (!$form->get_error('emailusername')) {
// Check if the user who associates to username or email address is using the external authentication
if (record_exists_sql('SELECT u.authinstance
FROM {usr} u INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id)
WHERE (LOWER(u.email) = ? OR LOWER(u.username) = ?)
AND ((ai.authname != \'internal\') AND (ai.authname != \'none\'))', array_fill(0, 2, strtolower($values['emailusername'])))) {
$form->set_error('emailusername', get_string('forgotpassuserusingexternalauthentication', 'mahara', get_config('wwwroot') . 'contact.php'));
} else {
if (!($authinstance = get_field_sql('SELECT u.authinstance
FROM {usr} u INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id)
WHERE (LOWER(u.email) = ? OR LOWER(u.username) = ?)
AND ai.authname = \'internal\'', array_fill(0, 2, strtolower($values['emailusername']))))) {
$form->set_error('emailusername', get_string('forgotpassnosuchemailaddressorusername'));
}
}
}
if ($form->get_error('emailusername')) {
return;
}
$authobj = AuthFactory::create($authinstance);
if (!method_exists($authobj, 'change_password')) {
die_info(get_string('cantchangepassword'));
}
}
function forgotpass_validate(Pieform $form, $values)
{
// See if the user input an email address or a username. We favour email addresses
if (!$form->get_error('emailusername')) {
if (!($authinstance = get_field_sql('SELECT authinstance FROM {usr} WHERE LOWER(email) = ?', array(strtolower($values['emailusername']))))) {
if (!($authinstance = get_field_sql('SELECT authinstance FROM {usr} WHERE LOWER(username) = ?', array(strtolower($values['emailusername']))))) {
$form->set_error('emailusername', get_string('forgotpassnosuchemailaddressorusername'));
}
}
}
if ($form->get_error('emailusername')) {
return;
}
$authobj = AuthFactory::create($authinstance);
if (!method_exists($authobj, 'change_password')) {
die_info(get_string('cantchangepassword'));
}
}
/**
* @todo add note: because the form select thing will eventually enforce
* that the result for $values['institution'] was in the original lot,
* and because that only allows authmethods that use 'internal' auth, we
* can guarantee that the auth method is internal
*/
function auth_register_validate(Pieform $form, $values)
{
global $SESSION;
$registerterms = get_config('registerterms');
$spamtrap = new_spam_trap(array(array('type' => 'name', 'value' => $values['firstname']), array('type' => 'name', 'value' => $values['lastname']), array('type' => 'email', 'value' => $values['email'])));
if ($form->spam_error() || $spamtrap->is_spam()) {
$msg = get_string('formerror');
$emailcontact = get_config('emailcontact');
if (!empty($emailcontact)) {
$msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
}
$form->set_error(null, $msg);
return;
}
$institution = $values['institution'];
safe_require('auth', 'internal');
// First name and last name must contain at least one non whitespace
// character, so that there's something to read
if (!$form->get_error('firstname') && !preg_match('/\\S/', $values['firstname'])) {
$form->set_error('firstname', $form->i18n('required'));
}
if (!$form->get_error('lastname') && !preg_match('/\\S/', $values['lastname'])) {
$form->set_error('lastname', $form->i18n('required'));
}
// The e-mail address cannot already be in the system
if (!$form->get_error('email') && (record_exists('usr', 'email', $values['email']) || record_exists('artefact_internal_profile_email', 'email', $values['email']))) {
$form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
}
// If the user hasn't agreed to the terms and conditions, don't bother
if ($registerterms && $values['tandc'] != 'yes') {
$form->set_error('tandc', get_string('youmaynotregisterwithouttandc', 'auth.internal'), false);
}
$institution = get_record_sql('
SELECT
i.name, i.maxuseraccounts, i.registerallowed, COUNT(u.id) AS count
FROM {institution} i
LEFT OUTER JOIN {usr_institution} ui ON ui.institution = i.name
LEFT OUTER JOIN {usr} u ON (ui.usr = u.id AND u.deleted = 0)
WHERE
i.name = ?
GROUP BY
i.name, i.maxuseraccounts, i.registerallowed', array($institution));
if (!empty($institution->maxuseraccounts) && $institution->count >= $institution->maxuseraccounts) {
// the institution is full so we need to alert the admins of the institution to this fact so
// they can either increase the maxusers or turn off the public registration.
require_once get_config('docroot') . 'lib/institution.php';
$institutionobj = new Institution($institution->name);
$institutionobj->send_admin_institution_is_full_message();
$form->set_error('institution', get_string('institutionfull'));
}
if (!$institution || !$institution->registerallowed) {
$form->set_error('institution', get_string('registrationnotallowed'));
}
}
function adduser_validate(Pieform $form, $values)
{
global $USER, $TRANSPORTER;
$authobj = AuthFactory::create($values['authinstance']);
$institution = $authobj->institution;
// Institutional admins can only set their own institutions' authinstances
if (!$USER->get('admin') && !$USER->is_institutional_admin($authobj->institution)) {
$form->set_error('authinstance', get_string('notadminforinstitution', 'admin'));
return;
}
$institution = new Institution($authobj->institution);
// Don't exceed max user accounts for the institution
if ($institution->isFull()) {
$institution->send_admin_institution_is_full_message();
$form->set_error('authinstance', get_string('institutionmaxusersexceeded', 'admin'));
return;
}
$username = $values['username'];
$firstname = sanitize_firstname($values['firstname']);
$lastname = sanitize_lastname($values['lastname']);
$email = sanitize_email($values['email']);
$password = $values['password'];
if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
$maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
$maxquota = get_config_plugin('artefact', 'file', 'maxquota');
if ($maxquotaenabled && $values['quota'] > $maxquota) {
$form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
}
}
if (method_exists($authobj, 'is_username_valid_admin')) {
if (!$authobj->is_username_valid_admin($username)) {
$form->set_error('username', get_string('usernameinvalidadminform', 'auth.internal'));
}
} else {
if (method_exists($authobj, 'is_username_valid')) {
if (!$authobj->is_username_valid($username)) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
}
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', array(strtolower($username)))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
if (method_exists($authobj, 'is_password_valid') && !$authobj->is_password_valid($password)) {
$form->set_error('password', get_string('passwordinvalidform', 'auth.' . $authobj->type));
}
if (isset($_POST['createmethod']) && $_POST['createmethod'] == 'leap2a') {
$form->set_error('firstname', null);
$form->set_error('lastname', null);
$form->set_error('email', null);
if (!$values['leap2afile'] && ($_FILES['leap2afile']['error'] == UPLOAD_ERR_INI_SIZE || $_FILES['leap2afile']['error'] == UPLOAD_ERR_FORM_SIZE)) {
$form->reply(PIEFORM_ERR, array('message' => get_string('uploadedfiletoobig'), 'goto' => '/admin/users/add.php'));
$form->set_error('leap2afile', get_string('uploadedfiletoobig'));
return;
} else {
if (!$values['leap2afile']) {
$form->set_error('leap2afile', $form->i18n('rule', 'required', 'required'));
return;
}
}
if ($values['leap2afile']['type'] == 'application/octet-stream') {
require_once 'file.php';
$mimetype = file_mime_type($values['leap2afile']['tmp_name']);
} else {
$mimetype = trim($values['leap2afile']['type'], '"');
}
$date = time();
$niceuser = preg_replace('/[^a-zA-Z0-9_-]/', '-', $values['username']);
safe_require('import', 'leap');
$fakeimportrecord = (object) array('data' => array('importfile' => $values['leap2afile']['tmp_name'], 'importfilename' => $values['leap2afile']['name'], 'importid' => $niceuser . '-' . $date, 'mimetype' => $mimetype));
$TRANSPORTER = new LocalImporterTransport($fakeimportrecord);
try {
$TRANSPORTER->extract_file();
PluginImportLeap::validate_transported_data($TRANSPORTER);
} catch (Exception $e) {
$form->set_error('leap2afile', $e->getMessage());
}
} else {
if (!$form->get_error('firstname') && empty($firstname)) {
$form->set_error('firstname', $form->i18n('rule', 'required', 'required'));
}
if (!$form->get_error('lastname') && empty($lastname)) {
$form->set_error('lastname', $form->i18n('rule', 'required', 'required'));
}
if (!$form->get_error('email')) {
if (!$form->get_error('email') && empty($email)) {
$form->set_error('email', get_string('invalidemailaddress', 'artefact.internal'));
}
if (record_exists('usr', 'email', $email) || record_exists('artefact_internal_profile_email', 'email', $email)) {
$form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
}
}
}
}
function edituser_site_validate(Pieform $form, $values)
{
global $USER, $SESSION;
if (!($user = get_record('usr', 'id', $values['id']))) {
return false;
}
if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
$maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
$maxquota = get_config_plugin('artefact', 'file', 'maxquota');
if ($maxquotaenabled && $values['quota'] > $maxquota) {
$form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
$SESSION->add_error_msg(get_string('maxquotaexceeded', 'artefact.file', display_size($maxquota)));
}
}
$userobj = new User();
$userobj = $userobj->find_by_id($user->id);
if (isset($values['username']) && !empty($values['username']) && $values['username'] != $userobj->username) {
if (!isset($values['authinstance'])) {
$authobj = AuthFactory::create($userobj->authinstance);
} else {
$authobj = AuthFactory::create($values['authinstance']);
}
if (method_exists($authobj, 'change_username')) {
if (method_exists($authobj, 'is_username_valid_admin')) {
if (!$authobj->is_username_valid_admin($values['username'])) {
$form->set_error('username', get_string('usernameinvalidadminform', 'auth.internal'));
}
} else {
if (method_exists($authobj, 'is_username_valid')) {
if (!$authobj->is_username_valid($values['username'])) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
}
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
} else {
$form->set_error('username', get_string('usernamechangenotallowed', 'admin'));
}
}
// OVERWRITE 3: insert
if (isset($values['email']) && !empty($values['email']) && $values['email'] != $userobj->email) {
$email = sanitize_email($values['email']);
if ($email == '') {
$form->set_error('email', get_string('invalidemailaddress', 'artefact.internal'));
} else {
$values['email'] = $email;
}
if (GcrInstitutionTable::isEmailAddressUsed($email)) {
$form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
}
}
// END OVERWITE 3
// Check that the external username isn't already in use by someone else
if (isset($values['authinstance']) && isset($values['remoteusername'])) {
// there are 4 cases for changes on the page
// 1) ai and remoteuser have changed
// 2) just ai has changed
// 3) just remoteuser has changed
// 4) the ai changes and the remoteuser is wiped - this is a delete of the old ai-remoteuser
// determine the current remoteuser
$current_remotename = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
if (!$current_remotename) {
$current_remotename = $user->username;
}
// what should the new remoteuser be
$new_remoteuser = get_field('auth_remote_user', 'remoteusername', 'authinstance', $values['authinstance'], 'localusr', $user->id);
if (!$new_remoteuser) {
$new_remoteuser = $user->username;
}
if (strlen(trim($values['remoteusername'])) > 0) {
// value changed on page - use it
if ($values['remoteusername'] != $current_remotename) {
$new_remoteuser = $values['remoteusername'];
}
}
// what really counts is who owns the target remoteuser slot
$target_owner = get_field('auth_remote_user', 'localusr', 'authinstance', $values['authinstance'], 'remoteusername', $new_remoteuser);
// target remoteuser is owned by someone else
if ($target_owner && $target_owner != $user->id) {
$usedbyuser = get_field('usr', 'username', 'id', $target_owner);
$SESSION->add_error_msg(get_string('duplicateremoteusername', 'auth', $usedbyuser));
$form->set_error('remoteusername', get_string('duplicateremoteusernameformerror', 'auth'));
}
}
}
public static function instance_config_validate(Pieform $form, $values)
{
if (strpos($values['url'], '://') == false) {
// try add on http://
$values['url'] = 'http://' . $values['url'];
} else {
$proto = substr($values['url'], 0, strpos($values['url'], '://'));
if (!in_array($proto, array('http', 'https'))) {
$form->set_error('url', get_string('invalidurl', 'blocktype.externalfeed'));
}
}
if (!$form->get_error('url') && !record_exists('blocktype_externalfeed_data', 'url', $values['url'])) {
try {
self::parse_feed($values['url']);
return;
} catch (XML_Feed_Parser_Exception $e) {
$form->set_error('url', get_string('invalidfeed', 'blocktype.externalfeed', $e->getMessage()));
}
}
}
public static function instance_config_validate(Pieform $form, $values)
{
if (strpos($values['url'], '://') == false) {
// try add on http://
$values['url'] = 'http://' . $values['url'];
} else {
$proto = substr($values['url'], 0, strpos($values['url'], '://'));
if (!in_array($proto, array('http', 'https'))) {
$form->set_error('url', get_string('invalidurl', 'blocktype.externalfeed'), false);
}
}
// If you're changing the URL on an authenticated feed, force them to re-enter the password
if (!empty($values['blockconfig'])) {
$instance = new BlockInstance($values['blockconfig']);
$configdata = $instance->get('configdata');
if (!empty($configdata['feedid'])) {
$olddata = $instance->get_data('feed', $configdata['feedid']);
if ($olddata) {
if ($values['url'] != $olddata->url && $olddata->authpassword != '' && $values['authpassword']['submittedvalue'] === null) {
$form->set_error('authpassword', get_string('reenterpassword', 'blocktype.externalfeed'), false);
return;
}
}
}
}
if (!$form->get_error('url')) {
try {
$authpassword = $values['authpassword']['submittedvalue'] !== null ? $values['authpassword']['submittedvalue'] : $values['authpassword']['defaultvalue'];
self::parse_feed($values['url'], $values['insecuresslmode'], $values['authuser'], $authpassword);
return;
} catch (XML_Feed_Parser_Exception $e) {
$form->set_error('url', get_string('invalidfeed', 'blocktype.externalfeed', hsc($e->getMessage())), false);
}
}
}
function institution_validate(Pieform $form, $values)
{
if (!empty($values['name']) && !$form->get_error('name') && record_exists('institution', 'name', $values['name'])) {
$form->set_error('name', get_string('institutionnamealreadytaken', 'admin'));
}
}
function institution_validate(Pieform $form, $values)
{
global $USER;
if (!empty($values['name']) && !$form->get_error('name') && record_exists('institution', 'name', $values['name'])) {
$form->set_error('name', get_string('institutionnamealreadytaken', 'admin'));
}
if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
if (get_config_plugin('artefact', 'file', 'maxquotaenabled') && get_config_plugin('artefact', 'file', 'maxquota') < $values['defaultquota']) {
$form->set_error('defaultquota', get_string('maxquotatoolow', 'artefact.file'));
}
}
if (get_config('licensemetadata') && !empty($values['licensemandatory']) && (isset($values['licensedefault']) && $values['licensedefault'] == '')) {
$form->set_error('licensedefault', get_string('licensedefaultmandatory', 'admin'));
}
// Check uploaded logo
if (!empty($values['logo'])) {
require_once 'file.php';
require_once 'uploadmanager.php';
$um = new upload_manager('logo');
if ($error = $um->preprocess_file()) {
$form->set_error('logo', $error);
return false;
}
$imageinfo = getimagesize($values['logo']['tmp_name']);
if (!$imageinfo || !is_image_type($imageinfo[2])) {
$form->set_error('logo', get_string('filenotimage'));
return false;
}
// Check the file isn't greater than the max allowable size
$width = $imageinfo[0];
$height = $imageinfo[1];
$imagemaxwidth = get_config('imagemaxwidth');
$imagemaxheight = get_config('imagemaxheight');
if ($width > $imagemaxwidth || $height > $imagemaxheight) {
$form->set_error('logo', get_string('profileiconimagetoobig', 'artefact.file', $width, $height, $imagemaxwidth, $imagemaxheight));
}
}
if (!empty($values['lang']) && $values['lang'] != 'sitedefault' && !array_key_exists($values['lang'], get_languages())) {
$form->set_error('lang', get_string('institutionlanginvalid', 'admin'));
}
// Validate plugins settings.
plugin_institution_prefs_validate($form, $values);
}
function course_create_validate(Pieform $form, $values)
{
if ($form->get_error('fullname')) {
$form->set_error('fullname', get_string('errorfullname', 'artefact.courses'));
}
if ($form->get_error('shortname')) {
$form->set_error('shortname', get_string('errorshortname', 'artefact.courses'));
}
}
function adduser_validate(Pieform $form, $values)
{
global $USER;
$authobj = AuthFactory::create($values['authinstance']);
$institution = $authobj->institution;
// Institutional admins can only set their own institutions' authinstances
if (!$USER->get('admin') && !$USER->is_institutional_admin($authobj->institution)) {
$form->set_error('authinstance', get_string('notadminforinstitution', 'admin'));
return;
}
$institution = new Institution($authobj->institution);
// Don't exceed max user accounts for the institution
if ($institution->isFull()) {
$SESSION->add_error_msg(get_string('institutionmaxusersexceeded', 'admin'));
redirect('/admin/users/add.php');
}
$username = $values['username'];
$firstname = $values['firstname'];
$lastname = $values['lastname'];
$email = $values['email'];
$password = $values['password'];
if (method_exists($authobj, 'is_username_valid') && !$authobj->is_username_valid($username)) {
$form->set_error('username', get_string('addusererrorinvalidusername', 'admin'));
return;
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($username))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
return;
}
if (!$form->get_error('firstname') && !preg_match('/\\S/', $firstname)) {
$form->set_error('firstname', $form->i18n('required'));
}
if (!$form->get_error('lastname') && !preg_match('/\\S/', $lastname)) {
$form->set_error('lastname', $form->i18n('required'));
}
if (record_exists('usr', 'email', $email) || record_exists('artefact_internal_profile_email', 'email', $email)) {
$form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
}
if (method_exists($authobj, 'is_password_valid') && !$authobj->is_password_valid($password)) {
$form->set_error('password', get_string('passwordinvalidform', 'auth.' . $authobj->type));
return;
}
}
/**
* Given a form, an array of values with 'password1' and 'password2'
* indices and a user, validate that the user can change their password to
* the one in $values.
*
* This provides one place where validation of passwords can be done. This is
* used by:
* - registration
* - user forgot password
* - user changing password on their account page
* - user forced to change their password by the <kbd>passwordchange</kbd>
* flag on the <kbd>usr</kbd> table.
*
* The password is checked for:
* - Being in valid form according to the rules of the authentication method
* for the user
* - Not being an easy password (a blacklist of strings, NOT a length check or
* similar), including being the user's username
* - Both values being equal
*
* @param Pieform $form The form to validate
* @param array $values The values passed through
* @param string $authplugin The authentication plugin that the user uses
*/
function password_validate(Pieform $form, $values, $user)
{
$authobj = AuthFactory::create($user->authinstance);
if (!$form->get_error('password1') && !$authobj->is_password_valid($values['password1'])) {
$form->set_error('password1', get_string('passwordinvalidform', "auth.{$authobj->type}"));
}
$suckypasswords = array('mahara', 'password', $user->username, 'abc123');
if (!$form->get_error('password1') && in_array($values['password1'], $suckypasswords)) {
$form->set_error('password1', get_string('passwordtooeasy'));
}
if (!$form->get_error('password1') && $values['password1'] != $values['password2']) {
$form->set_error('password2', get_string('passwordsdonotmatch'));
}
}
function adduser_validate(Pieform $form, $values)
{
global $USER, $TRANSPORTER;
$authobj = AuthFactory::create($values['authinstance']);
$institution = $authobj->institution;
// Institutional admins can only set their own institutions' authinstances
if (!$USER->get('admin') && !$USER->is_institutional_admin($authobj->institution)) {
$form->set_error('authinstance', get_string('notadminforinstitution', 'admin'));
return;
}
$institution = new Institution($authobj->institution);
// Don't exceed max user accounts for the institution
if ($institution->isFull()) {
$form->set_error('authinstance', get_string('institutionmaxusersexceeded', 'admin'));
return;
}
$username = $values['username'];
$firstname = $values['firstname'];
$lastname = $values['lastname'];
$email = $values['email'];
$password = $values['password'];
if (method_exists($authobj, 'is_username_valid') && !$authobj->is_username_valid($username)) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($username))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
if (method_exists($authobj, 'is_password_valid') && !$authobj->is_password_valid($password)) {
$form->set_error('password', get_string('passwordinvalidform', 'auth.' . $authobj->type));
}
if (isset($_POST['createmethod']) && $_POST['createmethod'] == 'leap2a') {
$form->set_error('firstname', null);
$form->set_error('lastname', null);
$form->set_error('email', null);
if (!$values['leap2afile']) {
$form->set_error('leap2afile', $form->i18n('rule', 'required', 'required'));
return;
}
if ($values['leap2afile']['type'] == 'application/octet-stream') {
require_once 'file.php';
$mimetype = file_mime_type($values['leap2afile']['tmp_name']);
} else {
$mimetype = $values['leap2afile']['type'];
}
$date = time();
$niceuser = preg_replace('/[^a-zA-Z0-9_-]/', '-', $values['username']);
safe_require('import', 'leap');
$fakeimportrecord = (object) array('data' => array('importfile' => $values['leap2afile']['tmp_name'], 'importfilename' => $values['leap2afile']['name'], 'importid' => $niceuser . '-' . $date, 'mimetype' => $mimetype));
$TRANSPORTER = new LocalImporterTransport($fakeimportrecord);
try {
$TRANSPORTER->extract_file();
PluginImportLeap::validate_transported_data($TRANSPORTER);
} catch (Exception $e) {
$form->set_error('leap2afile', $e->getMessage());
}
} else {
if (!$form->get_error('firstname') && !preg_match('/\\S/', $firstname)) {
$form->set_error('firstname', $form->i18n('rule', 'required', 'required'));
}
if (!$form->get_error('lastname') && !preg_match('/\\S/', $lastname)) {
$form->set_error('lastname', $form->i18n('rule', 'required', 'required'));
}
if (!$form->get_error('email')) {
require_once 'phpmailer/class.phpmailer.php';
if (!$form->get_error('email') && !PHPMailer::ValidateAddress($email)) {
$form->set_error('email', get_string('invalidemailaddress', 'artefact.internal'));
}
if (record_exists('usr', 'email', $email) || record_exists('artefact_internal_profile_email', 'email', $email)) {
$form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
}
}
}
}
/**
* @todo add note: because the form select thing will eventually enforce
* that the result for $values['institution'] was in the original lot,
* and because that only allows authmethods that use 'internal' auth, we
* can guarantee that the auth method is internal
*/
function register_validate(Pieform $form, $values)
{
global $SESSION;
$institution = $values['institution'];
safe_require('auth', 'internal');
if (!$form->get_error('username') && !AuthInternal::is_username_valid($values['username'])) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
$user = (object) $values;
$user->authinstance = get_field('auth_instance', 'id', 'authname', 'internal', 'institution', $institution);
password_validate($form, $values, $user);
// First name and last name must contain at least one non whitespace
// character, so that there's something to read
if (!$form->get_error('firstname') && !preg_match('/\\S/', $values['firstname'])) {
$form->set_error('firstname', $form->i18n('required'));
}
if (!$form->get_error('lastname') && !preg_match('/\\S/', $values['lastname'])) {
$form->set_error('lastname', $form->i18n('required'));
}
// The e-mail address cannot already be in the system
if (!$form->get_error('email') && (record_exists('usr', 'email', $values['email']) || record_exists('artefact_internal_profile_email', 'email', $values['email']))) {
$form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
}
// If the user hasn't agreed to the terms and conditions, don't bother
if ($values['tandc'] != 'yes') {
$form->set_error('tandc', get_string('youmaynotregisterwithouttandc', 'auth.internal'));
}
// CAPTCHA image
$captcharequired = get_config('captcha_on_register_form');
if ((is_null($captcharequired) || $captcharequired) && !$values['captcha']) {
$form->set_error('captcha', get_string('captchaincorrect'));
}
$institution = get_record_sql('
SELECT
i.name, i.maxuseraccounts, i.registerallowed, COUNT(u.id)
FROM {institution} i
LEFT OUTER JOIN {usr_institution} ui ON ui.institution = i.name
LEFT OUTER JOIN {usr} u ON (ui.usr = u.id AND u.deleted = 0)
WHERE
i.name = ?
GROUP BY
i.name, i.maxuseraccounts, i.registerallowed', array($institution));
if (!empty($institution->maxuseraccounts) && $institution->count >= $institution->maxuseraccounts) {
$form->set_error('institution', get_string('institutionfull'));
}
if (!$institution->registerallowed) {
$form->set_error('institution', get_string('registrationnotallowed'));
}
}
