/** * Set up this controller. * * @param String $action Name of the action to be invoked * @param Array $args Arguments to be passed to the action method */ public function before_filter(&$action, &$args) { parent::before_filter($action, $args); if (!in_array($this->user->perms, words('autor tutor dozent'))) { throw new AccessDeniedException(); } PageLayout::setHelpKeyword('Basis.HomepageUniversitäreDaten'); PageLayout::setTitle(_('Studiengang bearbeiten')); Navigation::activateItem('/profile/edit/studies'); SkipLinks::addIndex(_('Fächer und Abschlüsse auswählen'), 'select_fach_abschluss'); SkipLinks::addIndex(_('Zu Einrichtungen zuordnen'), 'select_institute'); $this->allow_change = array('sg' => !StudipAuthAbstract::CheckField('studiengang_id', $this->user->auth_plugin) && (Config::get()->ALLOW_SELFASSIGN_STUDYCOURSE || $GLOBALS['perm']->have_perm('admin')), 'in' => Config::get()->ALLOW_SELFASSIGN_INSTITUTE || $GLOBALS['perm']->have_perm('admin')); }
public static function verify() { $user_id = false; if (isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { $username = $_SERVER['PHP_AUTH_USER']; $password = $_SERVER['PHP_AUTH_PW']; $check = StudipAuthAbstract::CheckAuthentication($username, $password); if (!$check['uid'] || $check['uid'] == 'nobody') { throw new Exception(trim(strip_tags($check['error'])), 401); } $user_id = $check['uid']; } return $user_id; }
/** * Handles the download the calendar data as iCalendar for the * user identified by $key. * * * @global Seminar_User $user * @global Seminar_Perm $perm * @param string $key * @param string $type type of export */ function index_action($key = '') { if (strlen($key)) { $user_id = IcalExport::getUserIdByKey($key); } else { $username = $_SERVER['PHP_AUTH_USER']; $password = $_SERVER['PHP_AUTH_PW']; if (isset($username) && isset($password)) { $result = StudipAuthAbstract::CheckAuthentication($username, $password); } if (isset($result) && $result['uid'] !== false) { $user_id = $result['uid']; } else { $this->response->add_header('WWW-Authenticate', 'Basic realm="Stud.IP Login"'); $this->set_status(401); $this->render_text('authentication failed'); return; } } if ($user_id) { $GLOBALS['user'] = new Seminar_User($user_id); $GLOBALS['perm'] = new Seminar_Perm(); $extype = 'ALL_EVENTS'; $export = new CalendarExport(new CalendarWriterICalendar()); $export->exportFromDatabase($user_id, strtotime('-4 week'), 2114377200, 'ALL_EVENTS'); if ($GLOBALS['_calendar_error']->getMaxStatus(ErrorHandler::ERROR_CRITICAL)) { $this->set_status(500); $this->render_nothing(); return; } $content = join($export->getExport()); if (stripos($_SERVER['HTTP_USER_AGENT'], 'google-calendar') !== false) { $content = str_replace(array('CLASS:PRIVATE', 'CLASS:CONFIDENTIAL'), 'CLASS:PUBLIC', $content); } $this->response->add_header('Content-Type', 'text/calendar;charset=utf-8'); $this->response->add_header('Content-Disposition', 'attachment; filename="studip.ics"'); $this->response->add_header('Content-Transfer-Encoding', 'binary'); $this->response->add_header('Pragma', 'public'); $this->response->add_header('Cache-Control', 'private'); $this->response->add_header('Content-Length', strlen($content)); $this->render_text($content); } else { // delayed response to prevent brute force attacks ??? $this->set_status(400); $this->render_nothing(); } }
function create_action() { $username = strtolower(Request::get("username")); $password = Request::get("password"); if (isset($username) && isset($password)) { $result = StudipAuthAbstract::CheckAuthentication($username, $password); } if (!isset($result) || $result['uid'] === false) { $this->flash["notice"] = "login unsuccessful!"; $this->redirect("session/new"); return; } $user_id = get_userid($username); if (isset($user_id)) { $this->start_session($user_id); } $this->flash["notice"] = "login successful!"; $this->redirect("quickdial"); }
/** * Stores the account informations of a user */ public function store_action() { $this->check_ticket(); $errors = $info = $success = array(); $logout = false; //erstmal die "unwichtigen" Daten $geschlecht = Request::int('geschlecht'); if ($this->shallChange('user_info.geschlecht', 'gender', $geschlecht)) { $this->user->geschlecht = $geschlecht; } $title_front = Request::get('title_front') ?: Request::get('title_front_chooser'); if ($this->shallChange('user_info.title_front', 'title', $title_front)) { $this->user->title_front = $title_front; } $title_rear = Request::get('title_rear') ?: Request::get('title_rear_chooser'); if ($this->shallChange('user_info.title_rear', 'title', $title_rear)) { $this->user->title_rear = $title_rear; } if ($this->user->store()) { $success[] = _('Ihre persönlichen Daten wurden geändert.'); // Inform the user about this change setTempLanguage($this->user->user_id); $this->postPrivateMessage(_("Ihre persönlichen Daten wurden geändert.\n")); restoreLanguage(); } //nur nötig wenn der user selbst seine daten ändert if (!$this->restricted) { // Vorname verändert ? $vorname = trim(Request::get('vorname')); if ($this->shallChange('auth_user_md5.Vorname', 'name', $vorname)) { // Vorname nicht korrekt oder fehlend if (!$this->validator->ValidateName($vorname)) { $errors[] = _('Der Vorname fehlt oder ist unsinnig!'); } else { $this->user->Vorname = $vorname; $success[] = _('Ihr Vorname wurde geändert!'); } } // Nachname verändert ? $nachname = trim(Request::get('nachname')); if ($this->shallChange('auth_user_md5.Nachname', 'name', $nachname)) { // Nachname nicht korrekt oder fehlend if (!$this->validator->ValidateName($nachname)) { $errors[] = _('Der Nachname fehlt oder ist unsinnig!'); } else { $this->user->Nachname = $nachname; $success[] = _('Ihr Nachname wurde geändert!'); } } // Username $new_username = trim(Request::get('new_username')); if ($this->shallChange('auth_user_md5.username', 'username', $new_username)) { if (!$this->validator->ValidateUsername($new_username)) { $errors[] = _('Der gewählte Benutzername ist nicht lang genug!'); } else { if ($check_uname = StudipAuthAbstract::CheckUsername($new_username) && $check_uname['found']) { $errors[] = _('Der Benutzername wird bereits von einem anderen Benutzer verwendet. Bitte wählen Sie einen anderen Usernamen!'); } else { $this->user->username = $new_username; $success[] = _('Ihr Benutzername wurde geändert!'); URLHelper::addLinkParam('username', $this->user->username); $logout = true; } } } // Email $email1 = trim(Request::get('email1')); $email2 = trim(Request::get('email2')); if ($this->shallChange('auth_user_md5.Email', 'email', $email1)) { $auth = StudipAuthAbstract::GetInstance($this->user->auth_plugin ?: 'standard'); $is_sso = $auth instanceof StudipAuthSSO; if (!$is_sso && !$auth->isAuthenticated($this->user->username, Request::get('password'))) { $errors[] = _('Das aktuelle Passwort wurde nicht korrekt eingegeben.'); } else { if ($email1 !== $email2) { $errors[] = _('Die Wiederholung der E-Mail-Adresse stimmt nicht mit Ihrer Eingabe überein.'); } else { $result = edit_email($this->user, $email1); $messages = explode('§', $result[1]); if ($result[0]) { $this->user->Email = $email1; if (count($messages) < 2) { $success[] = _('Ihre E-Mail-Adresse wurde geändert!'); } } for ($i = 0; $i < count($messages); $i += 2) { $type = $messages[$i]; if ($type === 'msg') { $type = 'success'; } else { if ($type === 'error') { $type = 'errors'; } } ${$type}[] = $messages[$i + 1]; } } } } } if (count($errors) > 0) { $this->reportErrorWithDetails(_('Bitte überprüfen Sie Ihre Eingaben:'), $errors); } else { if ($this->user->store()) { $this->reportSuccessWithDetails(_('Ihre Nutzerdaten wurden geändert.'), $success); if (count($info) > 0) { $this->reportInfoWithDetails(_('Bitte beachten Sie:'), $info); } } } if ($logout) { $token = uniqid('logout', true); $this->flash['logout-token'] = $token; $this->redirect('settings/account/logout?token=' . $token); } else { $this->redirect('settings/account'); } }
/** * Displays the user domain settings of a user. */ public function index_action() { $this->allow_change = !StudipAuthAbstract::CheckField("userdomain_id", $this->user->auth_plugin) && $GLOBALS['perm']->have_perm('admin'); }
/** * check authentication for a user. * * @param string the api key. * @param string the user's username. * @param string the user's username. * * @return boolean returns TRUE if authentication was successful or a fault * otherwise. */ function check_credentials_action($api_key, $username, $password) { list($user_id, $error_msg, $is_new_user) = array_values(StudipAuthAbstract::CheckAuthentication($username, $password)); if ($user_id === false) { return new Studip_Ws_Fault(strip_tags($error_msg)); } else { return true; } }
</label> </td> </tr> </tbody> <? if (in_array($user['perms'], words('autor tutor dozent'))) : ?> <tbody> <tr class="header-row"> <th colspan="3" class="toggle-indicator"> <a class="toggler"><b><?php echo _('Studiendaten'); ?> </b></a> </th> </tr> <? if (!StudipAuthAbstract::CheckField('studiengang_id', $auth_plugin)) : ?> <tr> <td> <label for="new_studiengang"><?php echo _('Neuer Studiengang'); ?> </label> </td> <td colspan="2"> <? $about->select_studiengang() ?> <? $about->select_abschluss() ?> <select name="fachsem"> <? for ($s=1; $s < 51; $s++) : ?> <option><?php echo $s; ?>
require '../lib/bootstrap.php'; page_open(array("sess" => "Seminar_Session", "auth" => "Seminar_Default_Auth", "perm" => "Seminar_Perm", "user" => "Seminar_User")); require_once 'lib/messaging.inc.php'; //nur wenn wir angemeldet sind sollten wir dies tun! if ($auth->auth["uid"] != "nobody") { $sms = new messaging(); $my_messaging_settings = UserConfig::get($user->id)->MESSAGING_SETTINGS; //Wenn Option dafuer gewaehlt, alle ungelsesenen Nachrichten als gelesen speichern if ($my_messaging_settings["logout_markreaded"]) { $sms->set_read_all_messages(); } $logout_user = $user->id; // TODO this needs to be generalized or removed //erweiterung cas if ($auth->auth["auth_plugin"] == "cas") { $casauth = StudipAuthAbstract::GetInstance('cas'); $docaslogout = true; } //Logout aus dem Sessionmanagement $auth->logout(); $sess->delete(); page_close(); //Session changed zuruecksetzen $timeout = time() - 15 * 60; $user->set_last_action($timeout); //der logout() Aufruf fuer CAS (dadurch wird das Cookie (Ticket) im Browser zerstoert) if ($docaslogout) { $casauth->logout(); } } else { $sess->delete();
/** * Change an existing studip user according to the given parameters * * @access public * @param array structure: array('string table_name.field_name'=>'string value') * @return bool Change successful? */ function changeUser($newuser) { global $perm; // Do we have permission to do so? if (!$perm->have_perm("admin")) { $this->msg .= "error§" . _("Sie haben keine Berechtigung Accounts zu verändern.") . "§"; return FALSE; } if (!$perm->is_fak_admin() && $newuser['auth_user_md5.perms'] == "admin") { $this->msg .= "error§" . _("Sie haben keine Berechtigung, <em>Admin-Accounts</em> anzulegen.") . "§"; return FALSE; } if (!$perm->have_perm("root") && $newuser['auth_user_md5.perms'] == "root") { $this->msg .= "error§" . _("Sie haben keine Berechtigung, <em>Root-Accounts</em> anzulegen.") . "§"; return FALSE; } if (!$perm->have_perm("root")) { if (!$perm->is_fak_admin() && $this->user_data['auth_user_md5.perms'] == "admin") { $this->msg .= "error§" . _("Sie haben keine Berechtigung <em>Admin-Accounts</em> zu verändern.") . "§"; return FALSE; } if ($this->user_data['auth_user_md5.perms'] == "root") { $this->msg .= "error§" . _("Sie haben keine Berechtigung <em>Root-Accounts</em> zu verändern.") . "§"; return FALSE; } if ($perm->is_fak_admin() && $this->user_data['auth_user_md5.perms'] == "admin") { if (!$this->adminOK()) { $this->msg .= "error§" . _("Sie haben keine Berechtigung diesen Admin-Account zu verändern.") . "§"; return FALSE; } } } // active dozent? (ignore the studygroup guys) $status = studygroup_sem_types(); if (empty($status)) { $count = 0; } else { $query = "SELECT COUNT(*)\n FROM seminar_user AS su\n LEFT JOIN seminare AS s USING (Seminar_id)\n WHERE su.user_id = ?\n AND s.status NOT IN (?)\n AND su.status = 'dozent'\n AND (SELECT COUNT(*) FROM seminar_user su2 WHERE Seminar_id = su.Seminar_id AND su2.status = 'dozent') = 1\n GROUP BY user_id"; $statement = DBManager::get()->prepare($query); $statement->execute(array($this->user_data['auth_user_md5.user_id'], $status)); $count = $statement->fetchColumn(); } if ($count && isset($newuser['auth_user_md5.perms']) && $newuser['auth_user_md5.perms'] != "dozent") { $this->msg .= sprintf("error§" . _("Der Benutzer <em>%s</em> ist alleiniger Dozent in %s aktiven Veranstaltungen und kann daher nicht in einen anderen Status versetzt werden!") . "§", $this->user_data['auth_user_md5.username'], $count); return FALSE; } // active admin? if ($this->user_data['auth_user_md5.perms'] == 'admin' && $newuser['auth_user_md5.perms'] != 'admin') { // count number of institutes where the user is admin $query = "SELECT COUNT(*)\n FROM user_inst\n WHERE user_id = ? AND inst_perms = 'admin'\n GROUP BY Institut_id"; $statement = DBManager::get()->prepare($query); $statement->execute(array($this->user_data['auth_user_md5.user_id'])); // if there are institutes with admin-perms, add error-message and deny change if ($count = $statement->fetchColumn()) { $this->msg .= sprintf('error§' . _("Der Benutzer <em>%s</em> ist Admin in %s Einrichtungen und kann daher nicht in einen anderen Status versetzt werden!") . '§', $this->user_data['auth_user_md5.username'], $count); return false; } } // Is the username correct? if (isset($newuser['auth_user_md5.username'])) { if ($this->user_data['auth_user_md5.username'] != $newuser['auth_user_md5.username']) { if (!$this->validator->ValidateUsername($newuser['auth_user_md5.username'])) { $this->msg .= "error§" . _("Der gewählte Benutzername ist zu kurz oder enthält unzulässige Zeichen!") . "§"; return FALSE; } $check_uname = StudipAuthAbstract::CheckUsername($newuser['auth_user_md5.username']); if ($check_uname['found']) { $this->msg .= "error§" . _("Der Benutzername wird bereits von einem anderen Benutzer verwendet. Bitte wählen Sie einen anderen Benutzernamen!") . "§"; return false; } else { //$this->msg .= "info§" . $check_uname['error'] ."§"; } } else { unset($newuser['auth_user_md5.username']); } } // Can we reach the email? if (isset($newuser['auth_user_md5.Email'])) { if (!$this->checkMail($newuser['auth_user_md5.Email'])) { return FALSE; } } // Store changed values in internal array if allowed $old_perms = $this->user_data['auth_user_md5.perms']; $auth_plugin = $this->user_data['auth_user_md5.auth_plugin']; foreach ($newuser as $key => $value) { if (!StudipAuthAbstract::CheckField($key, $auth_plugin)) { $this->user_data[$key] = $value; } else { $this->msg .= "error§" . sprintf(_("Das Feld <em>%s</em> können Sie nicht ändern!"), $key) . "§"; return FALSE; } } if (!$this->storeToDatabase()) { $this->msg .= "info§" . _("Es wurden keine Veränderungen der Grunddaten vorgenommen.") . "§"; return false; } $this->msg .= "msg§" . sprintf(_("Benutzer \"%s\" verändert."), $this->user_data['auth_user_md5.username']) . "§"; if ($auth_plugin !== null) { // Automated entering new users, based on their status (perms) $result = AutoInsert::instance()->saveUser($this->user_data['auth_user_md5.user_id'], $newuser['auth_user_md5.perms']); foreach ($result['added'] as $item) { $this->msg .= "msg§" . sprintf(_("Das automatische Eintragen in die Veranstaltung <em>%s</em> wurde durchgeführt."), $item) . "§"; } foreach ($result['removed'] as $item) { $this->msg .= "msg§" . sprintf(_("Das automatische Austragen aus der Veranstaltung <em>%s</em> wurde durchgeführt."), $item) . "§"; } // include language-specific subject and mailbody $user_language = getUserLanguagePath($this->user_data['auth_user_md5.user_id']); $Zeit = date("H:i:s, d.m.Y", time()); include "locale/{$user_language}/LC_MAILS/change_mail.inc.php"; // send mail StudipMail::sendMessage($this->user_data['auth_user_md5.Email'], $subject, $mailbody); } // Upgrade to admin or root? if ($newuser['auth_user_md5.perms'] == "admin" || $newuser['auth_user_md5.perms'] == "root") { $this->re_sort_position_in_seminar_user(); // delete all seminar entries $query = "SELECT seminar_id FROM seminar_user WHERE user_id = ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($this->user_data['auth_user_md5.user_id'])); $seminar_ids = $statement->fetchAll(PDO::FETCH_COLUMN); $query = "DELETE FROM seminar_user WHERE user_id = ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($this->user_data['auth_user_md5.user_id'])); if (($db_ar = $statement->rowCount()) > 0) { $this->msg .= "info§" . sprintf(_("%s Einträge aus Veranstaltungen gelöscht."), $db_ar) . "§"; array_map('update_admission', $seminar_ids); } // delete all entries from waiting lists $query = "SELECT seminar_id FROM admission_seminar_user WHERE user_id = ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($this->user_data['auth_user_md5.user_id'])); $seminar_ids = $statement->fetchAll(PDO::FETCH_COLUMN); $query = "DELETE FROM admission_seminar_user WHERE user_id = ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($this->user_data['auth_user_md5.user_id'])); if (($db_ar = $statement->rowCount()) > 0) { $this->msg .= "info§" . sprintf(_("%s Einträge aus Wartelisten gelöscht."), $db_ar) . "§"; array_map('update_admission', $seminar_ids); } // delete 'Studiengaenge' $query = "DELETE FROM user_studiengang WHERE user_id = ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($this->user_data['auth_user_md5.user_id'])); if (($db_ar = $statement->rowCount()) > 0) { $this->msg .= "info§" . sprintf(_("%s Zuordnungen zu Studiengängen gelöscht."), $db_ar) . "§"; } // delete all private appointments of this user if ($db_ar = delete_range_of_dates($this->user_data['auth_user_md5.user_id'], FALSE) > 0) { $this->msg .= "info§" . sprintf(_("%s Einträge aus den Terminen gelöscht."), $db_ar) . "§"; } } if ($newuser['auth_user_md5.perms'] == "admin") { $this->logInstUserDel($this->user_data['auth_user_md5.user_id'], "inst_perms != 'admin'"); $query = "DELETE FROM user_inst WHERE user_id = ? AND inst_perms != 'admin'"; $statement = DBManager::get()->prepare($query); $statement->execute(array($this->user_data['auth_user_md5.user_id'])); if (($db_ar = $statement->rowCount()) > 0) { $this->msg .= "info§" . sprintf(_("%s Einträge aus MitarbeiterInnenlisten gelöscht."), $db_ar) . "§"; } } if ($newuser['auth_user_md5.perms'] == "root") { $this->logInstUserDel($this->user_data['auth_user_md5.user_id']); $query = "DELETE FROM user_inst WHERE user_id = ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($this->user_data['auth_user_md5.user_id'])); if (($db_ar = $statement->rowCount()) > 0) { $this->msg .= "info§" . sprintf(_("%s Einträge aus MitarbeiterInnenlisten gelöscht."), $db_ar) . "§"; } } return TRUE; }
/** * @return bool */ function auth_validatelogin() { global $_language_path; //prevent replay attack if (!Seminar_Session::check_ticket(Request::option('login_ticket'))) { return false; } // check for direct link if (!$_SESSION['_language'] || $_SESSION['_language'] == "") { $_SESSION['_language'] = get_accepted_languages(); } $_language_path = init_i18n($_SESSION['_language']); include 'config.inc.php'; $this->auth["uname"] = Request::get('loginname'); // This provides access for "loginform.ihtml" $this->auth["jscript"] = Request::get('resolution') != ""; $this->auth['devicePixelRatio'] = Request::float('device_pixel_ratio'); $check_auth = StudipAuthAbstract::CheckAuthentication(Request::get('loginname'), Request::get('password')); if ($check_auth['uid']) { $uid = $check_auth['uid']; if ($check_auth['need_email_activation'] == $uid) { $this->need_email_activation = $uid; $_SESSION['semi_logged_in'] = $uid; return false; } $user = $check_auth['user']; $this->auth["perm"] = $user->perms; $this->auth["uname"] = $user->username; $this->auth["auth_plugin"] = $user->auth_plugin; $this->auth_set_user_settings($user); Metrics::increment('core.login.succeeded'); return $uid; } else { Metrics::increment('core.login.failed'); $this->error_msg = $check_auth['error']; return false; } }
/** * Determines whether a user is permitted to change a certain value * and if provided, whether the value has actually changed. * * @param String $field Which db field shall change * @param mixed $attribute Which attribute is related (optional, * automatically guessedif missing) * @param mixed $value Optional new value of the field (used to determine * whether the value has actually changed) * @return bool Indicates whether the value shall actually change */ public function shallChange($field, $attribute = null, $value = null) { $column = end(explode('.', $field)); $attribute = $attribute ?: strtolower($column); $global_mapping = array('email' => 'ALLOW_CHANGE_EMAIL', 'name' => 'ALLOW_CHANGE_NAME', 'title' => 'ALLOW_CHANGE_TITLE', 'username' => 'ALLOW_CHANGE_USERNAME'); if (isset($global_mapping[$attribute]) and !$GLOBALS[$global_mapping[$attribute]]) { return false; } return !($field && StudipAuthAbstract::CheckField($field, $this->user->auth_plugin)) && !LockRules::check($this->user->user_id, $attribute) && ($value === null || $this->user->{$column} != $value); }
function edit_email($user, $email, $force = False) { $msg = ''; $query = "SELECT email, username, auth_plugin\n FROM auth_user_md5\n WHERE user_id = ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($user->user_id)); $row = $statement->fetch(PDO::FETCH_ASSOC); $email_cur = $row['email']; $username = $row['username']; $auth_plugin = $row['auth_plugin']; if ($email_cur == $email && !$force) { return array(True, $msg); } if (StudipAuthAbstract::CheckField("auth_user_md5.Email", $auth_plugin) || LockRules::check($user->user_id, 'email')) { return array(False, $msg); } if (!$GLOBALS['ALLOW_CHANGE_EMAIL']) { return array(False, $msg); } $validator = new email_validation_class(); ## Klasse zum Ueberpruefen der Eingaben $validator->timeout = 10; $REMOTE_ADDR = $_SERVER["REMOTE_ADDR"]; $Zeit = date("H:i:s, d.m.Y", time()); // accept only registered domains if set $email_restriction = trim(get_config('EMAIL_DOMAIN_RESTRICTION')); if (!$validator->ValidateEmailAddress($email, $email_restriction)) { if ($email_restriction) { $email_restriction_msg_part = ''; $email_restriction_parts = explode(',', $email_restriction); for ($email_restriction_count = 0; $email_restriction_count < count($email_restriction_parts); $email_restriction_count++) { if ($email_restriction_count == count($email_restriction_parts) - 1) { $email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . '<br>'; } else { if (($email_restriction_count + 1) % 3) { $email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ', '; } else { $email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ',<br>'; } } } $msg .= 'error§' . sprintf(_("Die E-Mail-Adresse fehlt, ist falsch geschrieben oder gehört nicht zu folgenden Domains:%s"), '<br>' . $email_restriction_msg_part); } else { $msg .= "error§" . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "§"; } return array(False, $msg); // E-Mail syntaktisch nicht korrekt oder fehlend } if (!$validator->ValidateEmailHost($email)) { // Mailserver nicht erreichbar, ablehnen $msg .= "error§" . _("Der Mailserver ist nicht erreichbar. Bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken können!") . "§"; return array(False, $msg); } else { // Server ereichbar if (!$validator->ValidateEmailBox($email)) { // aber user unbekannt. Mail an abuse! StudipMail::sendAbuseMessage("edit_about", "Emailbox unbekannt\n\nUser: "******"\nEmail: {$email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n"); $msg .= "error§" . _("Die angegebene E-Mail-Adresse ist nicht erreichbar. Bitte überprüfen Sie Ihre Angaben!") . "§"; return array(False, $msg); } } $query = "SELECT Vorname, Nachname\n FROM auth_user_md5\n WHERE Email = ? AND user_id != ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($email, $user->user_id)); $row = $statement->fetch(PDO::FETCH_ASSOC); if ($row) { $msg .= "error§" . sprintf(_("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer (%s %s) verwendet. Bitte geben Sie eine andere E-Mail-Adresse an."), htmlReady($row['Vorname']), htmlReady($row['Nachname'])) . "§"; return array(False, $msg); } // This already moved to the controller // $query = "UPDATE auth_user_md5 SET Email = ? WHERE user_id = ?"; // $statement = DBManager::get()->prepare($query); // $statement->execute(array($email, $uid)); if (StudipAuthAbstract::CheckField("auth_user_md5.validation_key", $auth_plugin)) { $msg .= "msg§" . _("Ihre E-Mail-Adresse wurde geändert!") . "§"; return array(True, $msg); } else { // auth_plugin does not map validation_key (what if...?) // generate 10 char activation key $key = ''; mt_srand((double) microtime() * 1000000); for ($i = 1; $i <= 10; $i++) { $temp = mt_rand() % 36; if ($temp < 10) { $temp += 48; } else { $temp += 87; } // a = chr(97), z = chr(122) $key .= chr($temp); } $user->validation_key = $key; $activatation_url = $GLOBALS['ABSOLUTE_URI_STUDIP'] . 'activate_email.php?uid=' . $user->user_id . '&key=' . $user->validation_key; // include language-specific subject and mailbody with fallback to german $lang = $GLOBALS['_language_path']; // workaround if ($lang == '') { $lang = 'de'; } include_once "locale/{$lang}/LC_MAILS/change_self_mail.inc.php"; $mail = StudipMail::sendMessage($email, $subject, $mailbody); if (!$mail) { return array(True, $msg); } $query = "UPDATE auth_user_md5 SET validation_key = ? WHERE user_id = ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($user->validation_key, $user->user_id)); $msg .= "info§<b>" . sprintf(_('An Ihre neue E-Mail-Adresse <b>%s</b> wurde ein Aktivierungslink geschickt, dem Sie folgen müssen bevor Sie sich das nächste mal einloggen können.'), $email) . '</b>§'; log_event("USER_NEWPWD", $user->user_id); // logging } return array(True, $msg); }
/** * Constructor * * * @access public * */ function __construct() { //calling the baseclass constructor parent::__construct(); }
/** * @return bool|string */ function auth_doregister() { global $_language_path; $this->error_msg = ""; // check for direct link to register2.php if (!$_SESSION['_language'] || $_SESSION['_language'] == "") { $_SESSION['_language'] = get_accepted_languages(); } $_language_path = init_i18n($_SESSION['_language']); $this->auth["uname"] = Request::username('username'); // This provides access for "crcregister.ihtml" $validator = new email_validation_class(); // Klasse zum Ueberpruefen der Eingaben $validator->timeout = 10; // Wie lange warten wir auf eine Antwort des Mailservers? if (!Seminar_Session::check_ticket(Request::option('login_ticket'))) { return false; } $username = trim(Request::get('username')); $Vorname = trim(Request::get('Vorname')); $Nachname = trim(Request::get('Nachname')); // accept only registered domains if set $cfg = Config::GetInstance(); $email_restriction = $cfg->getValue('EMAIL_DOMAIN_RESTRICTION'); if ($email_restriction) { $Email = trim(Request::get('Email')) . '@' . trim(Request::get('emaildomain')); } else { $Email = trim(Request::get('Email')); } if (!$validator->ValidateUsername($username)) { $this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist zu kurz!") . "<br>"; return false; } // username syntaktisch falsch oder zu kurz // auf doppelte Vergabe wird weiter unten getestet. if (!$validator->ValidatePassword(Request::quoted('password'))) { $this->error_msg = $this->error_msg . _("Das Passwort ist zu kurz!") . "<br>"; return false; } if (!$validator->ValidateName($Vorname)) { $this->error_msg = $this->error_msg . _("Der Vorname fehlt oder ist unsinnig!") . "<br>"; return false; } // Vorname nicht korrekt oder fehlend if (!$validator->ValidateName($Nachname)) { $this->error_msg = $this->error_msg . _("Der Nachname fehlt oder ist unsinnig!") . "<br>"; return false; // Nachname nicht korrekt oder fehlend } if (!$validator->ValidateEmailAddress($Email)) { $this->error_msg = $this->error_msg . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "<br>"; return false; } // E-Mail syntaktisch nicht korrekt oder fehlend $REMOTE_ADDR = $_SERVER["REMOTE_ADDR"]; $Zeit = date("H:i:s, d.m.Y", time()); if (!$validator->ValidateEmailHost($Email)) { // Mailserver nicht erreichbar, ablehnen $this->error_msg = $this->error_msg . _("Der Mailserver ist nicht erreichbar, bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken und empfangen können!") . "<br>"; return false; } else { // Server ereichbar if (!$validator->ValidateEmailBox($Email)) { // aber user unbekannt. Mail an abuse! StudipMail::sendAbuseMessage("Register", "Emailbox unbekannt\n\nUser: {$username}\nEmail: {$Email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n"); $this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse ist nicht erreichbar, bitte überprüfen Sie Ihre Angaben!") . "<br>"; return false; } else { // Alles paletti, jetzt kommen die Checks gegen die Datenbank... } } $check_uname = StudipAuthAbstract::CheckUsername($username); if ($check_uname['found']) { // error_log("username schon vorhanden", 0); $this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist bereits vorhanden!") . "<br>"; return false; // username schon vorhanden } if (count(User::findBySQL("Email LIKE " . DbManager::get()->quote($Email)))) { $this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer verwendet. Sie müssen eine andere E-Mail-Adresse angeben!") . "<br>"; return false; // Email schon vorhanden } // alle Checks ok, Benutzer registrieren... $hasher = UserManagement::getPwdHasher(); $new_user = new User(); $new_user->username = $username; $new_user->perms = 'user'; $new_user->password = $hasher->HashPassword(Request::get('password')); $new_user->vorname = $Vorname; $new_user->nachname = $Nachname; $new_user->email = $Email; $new_user->geschlecht = Request::int('geschlecht'); $new_user->title_front = trim(Request::get('title_front', Request::get('title_front_chooser'))); $new_user->title_rear = trim(Request::get('title_rear', Request::get('title_rear_chooser'))); $new_user->auth_plugin = 'standard'; $new_user->store(); if ($new_user->user_id) { self::sendValidationMail($new_user); $this->auth["perm"] = $new_user->perms; return $new_user->user_id; } }
/** * static method to check for a mapped field * * this method checks in the plugin with the passed name, if the passed * Stud.IP DB field is mapped to an external data source * * @access public * @static * @param string the name of the db field must be in form '<table name>.<field name>' * @param string the name of the plugin to check * @return bool true if the field is mapped, else false */ static function CheckField($field_name, $plugin_name) { if (!$plugin_name) { return false; } $plugin = StudipAuthAbstract::GetInstance($plugin_name); return is_object($plugin) ? $plugin->isMappedField($field_name) : false; }
/** * get preferences * * shows additional settings. * @access public */ function getPreferences() { global $connected_cms; $role_template_name = Request::get('role_template_name'); $cat_name = Request::get('cat_name'); $this->soap_client->setCachingStatus(false); if ($cat_name != "") { $cat = $this->soap_client->getReferenceByTitle(trim($cat_name), "cat"); if ($cat == false) { $messages["error"] .= sprintf(_("Das Objekt mit dem Namen \"%s\" wurde im System %s nicht gefunden."), htmlReady($cat_name), htmlReady($this->getName())) . "<br>\n"; } elseif ($cat != "") { ELearningUtils::setConfigValue("category_id", $cat, $this->cms_type); $this->main_category_node_id = $cat; } } if ($this->main_category_node_id != false and ELearningUtils::getConfigValue("user_category_id", $this->cms_type) == "") { $object_data["title"] = sprintf(_("User-Daten")); $object_data["description"] = _("Hier befinden sich die persönlichen Ordner der Stud.IP-User."); $object_data["type"] = "cat"; $object_data["owner"] = $this->user->getId(); $user_cat = $connected_cms[$this->cms_type]->soap_client->addObject($object_data, $connected_cms[$this->cms_type]->main_category_node_id); if ($user_cat != false) { $this->user_category_node_id = $user_cat; ELearningUtils::setConfigValue("user_category_id", $user_cat, $this->cms_type); } else { $messages["error"] .= _("Die Kategorie für User-Daten konnte nicht angelegt werden.") . "<br>\n"; } } if ($role_template_name != "") { $role_template = $this->soap_client->getObjectByTitle(trim($role_template_name), "rolt"); if ($role_template == false) { $messages["error"] .= sprintf(_("Das Rollen-Template mit dem Namen \"%s\" wurde im System %s nicht gefunden."), htmlReady($role_template_name), htmlReady($this->getName())) . "<br>\n"; } if (is_array($role_template)) { ELearningUtils::setConfigValue("user_role_template_id", $role_template["obj_id"], $this->cms_type); ELearningUtils::setConfigValue("user_role_template_name", $role_template["title"], $this->cms_type); $this->user_role_template_id = $role_template["obj_id"]; } } if (Request::submitted('submit')) { ELearningUtils::setConfigValue("encrypt_passwords", Request::option("encrypt_passwords"), $this->cms_type); $encrypt_passwords = Request::option("encrypt_passwords"); ELearningUtils::setConfigValue("ldap_enable", Request::option("ldap_enable"), $this->cms_type); $this->ldap_enable = Request::option("ldap_enable"); } else { if (ELearningUtils::getConfigValue("encrypt_passwords", $this->cms_type) != "") { $encrypt_passwords = ELearningUtils::getConfigValue("encrypt_passwords", $this->cms_type); } } $cat = $this->soap_client->getObjectByReference($this->main_category_node_id); $user_cat = $this->soap_client->getObjectByReference($this->user_category_node_id); $title = $this->link->getModuleLink($user_cat["title"], $this->user_category_node_id, "cat"); $ldap_options = array(); foreach (StudipAuthAbstract::GetInstance() as $plugin) { if ($plugin instanceof StudipAuthLdap) { $ldap_options[] = '<option ' . ($plugin->plugin_name == $this->ldap_enable ? 'selected' : '') . '>' . $plugin->plugin_name . '</option>'; } } ob_start(); ConnectedCMS::getPreferences(); $module_types = ob_get_clean(); $template = $GLOBALS['template_factory']->open('elearning/ilias4_connected_cms_preferences.php'); $template->set_attribute('messages', $messages); $template->set_attribute('soap_error', $this->soap_client->getError()); $template->set_attribute('soap_data', $this->soap_data); $template->set_attribute('main_category_node_id', $this->main_category_node_id); $template->set_attribute('main_category_node_id_title', $cat['title']); $template->set_attribute('user_category_node_id', $this->user_category_node_id); $template->set_attribute('user_category_node_id_title', $title); $template->set_attribute('user_role_template_name', ELearningUtils::getConfigValue("user_role_template_name", $this->cms_type)); $template->set_attribute('user_role_template_id', $this->user_role_template_id); $template->set_attribute('encrypt_passwords', $encrypt_passwords); $template->set_attribute('ldap_options', count($ldap_options) ? join("\n", array_merge(array('<option></option>'), $ldap_options)) : ''); $template->set_attribute('module_types', $module_types); echo $template->render(); }
/** * Initialize the subnavigation of this item. This method * is called once before the first item is added or removed. */ public function initSubNavigation() { global $user, $perm; parent::initSubNavigation(); $username = Request::username('username', $user->username); $current_user = $username == $user->username ? $user : User::findByUsername($username); // profile $navigation = new Navigation(_('Profil'), 'dispatch.php/profile/index'); $this->addSubNavigation('index', $navigation); if ($perm->have_profile_perm('user', $current_user->user_id)) { // avatar $navigation = new Navigation(_('Bild'), 'dispatch.php/settings/avatar'); $this->addSubNavigation('avatar', $navigation); // profile data $navigation = new Navigation(_('Nutzerdaten')); $navigation->addSubNavigation('profile', new Navigation(_('Grunddaten'), 'dispatch.php/settings/account')); if (($perm->get_profile_perm($current_user->user_id) == 'user' || $perm->have_perm('root') && Config::get()->ALLOW_ADMIN_USERACCESS) && !StudipAuthAbstract::CheckField('auth_user_md5.password', $current_user->auth_plugin) && !LockRules::check($current_user->user_id, 'password')) { $navigation->addSubNavigation('password', new Navigation(_('Passwort ändern'), 'dispatch.php/settings/password')); } $navigation->addSubNavigation('details', new Navigation(_('Weitere Daten'), 'dispatch.php/settings/details')); if (!in_array($current_user->perms, words('user admin root'))) { $navigation->addSubNavigation('studies', new Navigation(_('Studiendaten'), 'dispatch.php/settings/studies')); } if ($current_user->perms != 'root') { if (count(UserDomain::getUserDomains())) { $navigation->addSubNavigation('userdomains', new Navigation(_('Nutzerdomänen'), 'dispatch.php/settings/userdomains')); } if ($perm->is_staff_member($current_user->user_id)) { $navigation->addSubNavigation('statusgruppen', new Navigation(_('Einrichtungsdaten'), 'dispatch.php/settings/statusgruppen')); } } $this->addSubNavigation('edit', $navigation); if ($perm->have_perm('autor')) { $navigation = new Navigation(_('Einstellungen')); $navigation->addSubNavigation('general', new Navigation(_('Allgemeines'), 'dispatch.php/settings/general')); $navigation->addSubNavigation('privacy', new Navigation(_('Privatsphäre'), 'dispatch.php/settings/privacy')); $navigation->addSubNavigation('messaging', new Navigation(_('Nachrichten'), 'dispatch.php/settings/messaging')); if (get_config('CALENDAR_ENABLE')) { $navigation->addSubNavigation('calendar_new', new Navigation(_('Terminkalender'), 'dispatch.php/settings/calendar')); } if (!$perm->have_perm('admin') and get_config('MAIL_NOTIFICATION_ENABLE')) { $navigation->addSubNavigation('notification', new Navigation(_('Benachrichtigung'), 'dispatch.php/settings/notification')); } if (isDefaultDeputyActivated() && $perm->get_perm() == 'dozent') { $navigation->addSubNavigation('deputies', new Navigation(_('Standardvertretung'), 'dispatch.php/settings/deputies')); } if (Config::Get()->API_ENABLED) { $navigation->addSubNavigation('api', new Navigation(_('API-Berechtigungen'), 'dispatch.php/api/authorizations')); } $this->addSubNavigation('settings', $navigation); } // user defined sections $navigation = new Navigation(_('Kategorien'), 'dispatch.php/settings/categories'); $this->addSubNavigation('categories', $navigation); } // user documents page if (Config::get()->PERSONALDOCUMENT_ENABLE && ($perm->have_profile_perm('user', $current_user->user_id) || Config::get()->PERSONALDOCUMENT_OPEN_ACCESS)) { $title = _('Meine Dateien'); if (Config::get()->PERSONALDOCUMENT_OPEN_ACCESS && $current_user->id !== $user->id) { $title = _('Dateibereich'); } $navigation = new Navigation($title, 'dispatch.php/document/files'); $this->addSubNavigation('files', $navigation); } }
/** * Constructor * * * @access public * */ function __construct() { parent::__construct(); }