/**
* Check input, strip slashes etc. set alert, if input is not ok.
*
* @return boolean Input ok, true/false
*/
function checkInput()
{
global $lng;
$_POST[$this->getPostVar()] = ilUtil::stripSlashes($_POST[$this->getPostVar()]);
$_POST[$this->getPostVar() . "_retype"] = ilUtil::stripSlashes($_POST[$this->getPostVar() . "_retype"]);
if ($this->getRequired() && trim($_POST[$this->getPostVar()]) == "") {
$this->setAlert($lng->txt("msg_input_is_required"));
return false;
}
if ($this->getValidateAuthPost() != "") {
$auth = ilAuthUtils::_getAuthMode($_POST[$this->getValidateAuthPost()]);
// check, if password is required dependent on auth mode
if ($this->getRequiredOnAuth() && ilAuthUtils::_allowPasswordModificationByAuthMode($auth) && trim($_POST[$this->getPostVar()]) == "") {
$this->setAlert($lng->txt("form_password_required_for_auth"));
return false;
}
// check, if password is allowed to be set for given auth mode
if (trim($_POST[$this->getPostVar()]) != "" && !ilAuthUtils::_allowPasswordModificationByAuthMode($auth)) {
$this->setAlert($lng->txt("form_password_not_allowed_for_auth"));
return false;
}
}
if ($this->getRetype() && !$this->getPreSelection() && $_POST[$this->getPostVar()] != $_POST[$this->getPostVar() . "_retype"]) {
$this->setAlert($lng->txt("passwd_not_match"));
return false;
}
if (!$this->getSkipSyntaxCheck() && !ilUtil::isPassword($_POST[$this->getPostVar()], $custom_error) && $_POST[$this->getPostVar()] != "") {
if ($custom_error != '') {
$this->setAlert($custom_error);
} else {
$this->setAlert($lng->txt("passwd_invalid"));
}
return false;
}
return $this->checkSubItemsInput();
}
/**
* Does input checks and updates a user account if everything is fine.
* @access public
*/
function updateObjectOld()
{
global $ilias, $rbacsystem, $rbacadmin, $ilUser;
include_once './Services/Authentication/classes/class.ilAuthUtils.php';
//load ILIAS settings
$settings = $ilias->getAllSettings();
// User folder
if ($this->usrf_ref_id == USER_FOLDER_ID and !$rbacsystem->checkAccess('visible,read,write', $this->usrf_ref_id)) {
$this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_user"), $this->ilias->error_obj->MESSAGE);
}
// if called from local administration $this->usrf_ref_id is category id
// Todo: this has to be fixed. Do not mix user folder id and category id
if ($this->usrf_ref_id != USER_FOLDER_ID) {
// check if user is assigned to category
if (!$rbacsystem->checkAccess('cat_administrate_users', $this->object->getTimeLimitOwner())) {
$this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_user"), $this->ilias->error_obj->MESSAGE);
}
}
foreach ($_POST["Fobject"] as $key => $val) {
$_POST["Fobject"][$key] = ilUtil::stripSlashes($val);
}
// check dynamically required fields
foreach ($settings as $key => $val) {
$field = substr($key, 8);
switch ($field) {
case 'passwd':
case 'passwd2':
if (ilAuthUtils::_allowPasswordModificationByAuthMode(ilAuthUtils::_getAuthMode($_POST['Fobject']['auth_mode']))) {
$require_keys[] = $field;
}
break;
default:
$require_keys[] = $field;
break;
}
}
foreach ($require_keys as $key => $val) {
// exclude required system and registration-only fields
$system_fields = array("default_role");
if (!in_array($val, $system_fields)) {
if (isset($settings["require_" . $val]) && $settings["require_" . $val]) {
if (empty($_POST["Fobject"][$val])) {
$this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields") . ": " . $this->lng->txt($val), $this->ilias->error_obj->MESSAGE);
}
}
}
}
if (!$this->__checkUserDefinedRequiredFields()) {
$this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"), $this->ilias->error_obj->MESSAGE);
}
// validate login
if ($this->object->getLogin() != $_POST["Fobject"]["login"] && !ilUtil::isLogin($_POST["Fobject"]["login"])) {
$this->ilias->raiseError($this->lng->txt("login_invalid"), $this->ilias->error_obj->MESSAGE);
}
// check loginname
if (ilObjUser::_loginExists($_POST["Fobject"]["login"], $this->id)) {
$this->ilias->raiseError($this->lng->txt("login_exists"), $this->ilias->error_obj->MESSAGE);
}
if (ilAuthUtils::_allowPasswordModificationByAuthMode(ilAuthUtils::_getAuthMode($_POST['Fobject']['auth_mode']))) {
if ($_POST['Fobject']['passwd'] == "********" and !strlen($this->object->getPasswd())) {
$this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields") . ": " . $this->lng->txt('password'), $this->ilias->error_obj->MESSAGE);
}
// check passwords
if ($_POST["Fobject"]["passwd"] != $_POST["Fobject"]["passwd2"]) {
$this->ilias->raiseError($this->lng->txt("passwd_not_match"), $this->ilias->error_obj->MESSAGE);
}
// validate password
if (!ilUtil::isPassword($_POST["Fobject"]["passwd"])) {
$this->ilias->raiseError($this->lng->txt("passwd_invalid"), $this->ilias->error_obj->MESSAGE);
}
} else {
// Password will not be changed...
$_POST['Fobject']['passwd'] = "********";
}
if (ilAuthUtils::_needsExternalAccountByAuthMode(ilAuthUtils::_getAuthMode($_POST['Fobject']['auth_mode']))) {
if (!strlen($_POST['Fobject']['ext_account'])) {
$this->ilias->raiseError($this->lng->txt('ext_acccount_required'), $this->ilias->error_obj->MESSAGE);
}
}
if ($_POST['Fobject']['ext_account'] && ($elogin = ilObjUser::_checkExternalAuthAccount($_POST['Fobject']['auth_mode'], $_POST['Fobject']['ext_account']))) {
if ($elogin != $this->object->getLogin()) {
$this->ilias->raiseError(sprintf($this->lng->txt("err_auth_ext_user_exists"), $_POST["Fobject"]["ext_account"], $_POST['Fobject']['auth_mode'], $elogin), $this->ilias->error_obj->MESSAGE);
}
}
// The password type is not passed with the post data. Therefore we
// append it here manually.
include_once './Services/User/classes/class.ilObjUser.php';
$_POST["Fobject"]["passwd_type"] = IL_PASSWD_PLAIN;
// validate email
if (strlen($_POST['Fobject']['email']) and !ilUtil::is_email($_POST["Fobject"]["email"])) {
$this->ilias->raiseError($this->lng->txt("email_not_valid"), $this->ilias->error_obj->MESSAGE);
}
$start = $this->__toUnix($_POST["time_limit"]["from"]);
$end = $this->__toUnix($_POST["time_limit"]["until"]);
// validate time limit
if (!$_POST["time_limit"]["unlimited"] and $start > $end) {
$this->ilias->raiseError($this->lng->txt("time_limit_not_valid"), $this->ilias->error_obj->MESSAGE);
}
if (!$this->ilias->account->getTimeLimitUnlimited()) {
if ($start < $this->ilias->account->getTimeLimitFrom() or $end > $this->ilias->account->getTimeLimitUntil() or $_POST['time_limit']['unlimited']) {
$_SESSION['error_post_vars'] = $_POST;
ilUtil::sendFailure($this->lng->txt('time_limit_not_within_owners'));
$this->editObject();
return false;
}
}
// TODO: check length of login and passwd
// checks passed. save user
$_POST['Fobject']['time_limit_owner'] = $this->object->getTimeLimitOwner();
$_POST['Fobject']['time_limit_unlimited'] = (int) $_POST['time_limit']['unlimited'];
$_POST['Fobject']['time_limit_from'] = $this->__toUnix($_POST['time_limit']['from']);
$_POST['Fobject']['time_limit_until'] = $this->__toUnix($_POST['time_limit']['until']);
if ($_POST['Fobject']['time_limit_unlimited'] != $this->object->getTimeLimitUnlimited() or $_POST['Fobject']['time_limit_from'] != $this->object->getTimeLimitFrom() or $_POST['Fobject']['time_limit_until'] != $this->object->getTimeLimitUntil()) {
$_POST['Fobject']['time_limit_message'] = 0;
} else {
$_POST['Fobject']['time_limit_message'] = $this->object->getTimeLimitMessage();
}
$this->object->assignData($_POST["Fobject"]);
$this->object->setUserDefinedData($_POST['udf']);
try {
$this->object->updateLogin($_POST['Fobject']['login']);
} catch (ilUserException $e) {
ilUtil::sendFailure($e->getMessage());
$this->form_gui->setValuesByPost();
return $tpl->setContent($this->form_gui->getHtml());
}
$this->object->setTitle($this->object->getFullname());
$this->object->setDescription($this->object->getEmail());
$this->object->setLanguage($_POST["Fobject"]["language"]);
//set user skin and style
$sknst = explode(":", $_POST["Fobject"]["skin_style"]);
if ($this->object->getPref("style") != $sknst[1] || $this->object->getPref("skin") != $sknst[0]) {
$this->object->setPref("skin", $sknst[0]);
$this->object->setPref("style", $sknst[1]);
}
// set hits per pages
$this->object->setPref("hits_per_page", $_POST["Fobject"]["hits_per_page"]);
// set show users online
$this->object->setPref("show_users_online", $_POST["Fobject"]["show_users_online"]);
// set hide_own_online_status
if ($_POST["Fobject"]["hide_own_online_status"]) {
$this->object->setPref("hide_own_online_status", $_POST["Fobject"]["hide_own_online_status"]);
} else {
$this->object->setPref("hide_own_online_status", "n");
}
$this->update = $this->object->update();
//$rbacadmin->updateDefaultRole($_POST["Fobject"]["default_role"], $this->object->getId());
// BEGIN DiskQuota: Remember the state of the "send info mail" checkbox
global $ilUser;
$ilUser->setPref('send_info_mails', $_POST['send_mail'] == 'y' ? 'y' : 'n');
$ilUser->writePrefs();
// END DiskQuota: Remember the state of the "send info mail" checkbox
$mail_message = $this->__sendProfileMail();
$msg = $this->lng->txt('saved_successfully') . $mail_message;
// feedback
ilUtil::sendSuccess($msg, true);
if (strtolower($_GET["baseClass"]) == 'iladministrationgui') {
$this->ctrl->redirectByClass("ilobjuserfoldergui", "view");
} else {
$this->ctrl->redirectByClass('ilobjcategorygui', 'listUsers');
}
}