[Summary view] [Print] [Text view]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Authentication Plugin: Email Authentication
  19   *
  20   * @author Martin Dougiamas
  21   * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
  22   * @package auth_email
  23   */
  24  
  25  defined('MOODLE_INTERNAL') || die();
  26  
  27  require_once($CFG->libdir.'/authlib.php');
  28  
  29  /**
  30   * Email authentication plugin.
  31   */
  32  class auth_plugin_email extends auth_plugin_base {
  33  
  34      /**
  35       * Constructor.
  36       */
  37      public function __construct() {
  38          $this->authtype = 'email';
  39          $this->config = get_config('auth/email');
  40      }
  41  
  42      /**
  43       * Old syntax of class constructor. Deprecated in PHP7.
  44       *
  45       * @deprecated since Moodle 3.1
  46       */
  47      public function auth_plugin_email() {
  48          debugging('Use of class name as constructor is deprecated', DEBUG_DEVELOPER);
  49          self::__construct();
  50      }
  51  
  52      /**
  53       * Returns true if the username and password work and false if they are
  54       * wrong or don't exist.
  55       *
  56       * @param string $username The username
  57       * @param string $password The password
  58       * @return bool Authentication success or failure.
  59       */
  60      function user_login ($username, $password) {
  61          global $CFG, $DB;
  62          if ($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) {
  63              return validate_internal_user_password($user, $password);
  64          }
  65          return false;
  66      }
  67  
  68      /**
  69       * Updates the user's password.
  70       *
  71       * called when the user password is updated.
  72       *
  73       * @param  object  $user        User table object  (with system magic quotes)
  74       * @param  string  $newpassword Plaintext password (with system magic quotes)
  75       * @return boolean result
  76       *
  77       */
  78      function user_update_password($user, $newpassword) {
  79          $user = get_complete_user_data('id', $user->id);
  80          // This will also update the stored hash to the latest algorithm
  81          // if the existing hash is using an out-of-date algorithm (or the
  82          // legacy md5 algorithm).
  83          return update_internal_user_password($user, $newpassword);
  84      }
  85  
  86      function can_signup() {
  87          return true;
  88      }
  89  
  90      /**
  91       * Sign up a new user ready for confirmation.
  92       * Password is passed in plaintext.
  93       *
  94       * @param object $user new user object
  95       * @param boolean $notify print notice with link and terminate
  96       */
  97      function user_signup($user, $notify=true) {
  98          global $CFG, $DB;
  99          require_once($CFG->dirroot.'/user/profile/lib.php');
 100          require_once($CFG->dirroot.'/user/lib.php');
 101  
 102          $plainpassword = $user->password;
 103          $user->password = hash_internal_user_password($user->password);
 104          if (empty($user->calendartype)) {
 105              $user->calendartype = $CFG->calendartype;
 106          }
 107  
 108          $user->id = user_create_user($user, false, false);
 109  
 110          user_add_password_history($user->id, $plainpassword);
 111  
 112          // Save any custom profile field information.
 113          profile_save_data($user);
 114  
 115          // Trigger event.
 116          \core\event\user_created::create_from_userid($user->id)->trigger();
 117  
 118          if (! send_confirmation_email($user)) {
 119              print_error('auth_emailnoemail','auth_email');
 120          }
 121  
 122          if ($notify) {
 123              global $CFG, $PAGE, $OUTPUT;
 124              $emailconfirm = get_string('emailconfirm');
 125              $PAGE->navbar->add($emailconfirm);
 126              $PAGE->set_title($emailconfirm);
 127              $PAGE->set_heading($PAGE->course->fullname);
 128              echo $OUTPUT->header();
 129              notice(get_string('emailconfirmsent', '', $user->email), "$CFG->wwwroot/index.php");
 130          } else {
 131              return true;
 132          }
 133      }
 134  
 135      /**
 136       * Returns true if plugin allows confirming of new users.
 137       *
 138       * @return bool
 139       */
 140      function can_confirm() {
 141          return true;
 142      }
 143  
 144      /**
 145       * Confirm the new user as registered.
 146       *
 147       * @param string $username
 148       * @param string $confirmsecret
 149       */
 150      function user_confirm($username, $confirmsecret) {
 151          global $DB;
 152          $user = get_complete_user_data('username', $username);
 153  
 154          if (!empty($user)) {
 155              if ($user->auth != $this->authtype) {
 156                  return AUTH_CONFIRM_ERROR;
 157  
 158              } else if ($user->secret == $confirmsecret && $user->confirmed) {
 159                  return AUTH_CONFIRM_ALREADY;
 160  
 161              } else if ($user->secret == $confirmsecret) {   // They have provided the secret key to get in
 162                  $DB->set_field("user", "confirmed", 1, array("id"=>$user->id));
 163                  return AUTH_CONFIRM_OK;
 164              }
 165          } else {
 166              return AUTH_CONFIRM_ERROR;
 167          }
 168      }
 169  
 170      function prevent_local_passwords() {
 171          return false;
 172      }
 173  
 174      /**
 175       * Returns true if this authentication plugin is 'internal'.
 176       *
 177       * @return bool
 178       */
 179      function is_internal() {
 180          return true;
 181      }
 182  
 183      /**
 184       * Returns true if this authentication plugin can change the user's
 185       * password.
 186       *
 187       * @return bool
 188       */
 189      function can_change_password() {
 190          return true;
 191      }
 192  
 193      /**
 194       * Returns the URL for changing the user's pw, or empty if the default can
 195       * be used.
 196       *
 197       * @return moodle_url
 198       */
 199      function change_password_url() {
 200          return null; // use default internal method
 201      }
 202  
 203      /**
 204       * Returns true if plugin allows resetting of internal password.
 205       *
 206       * @return bool
 207       */
 208      function can_reset_password() {
 209          return true;
 210      }
 211  
 212      /**
 213       * Returns true if plugin can be manually set.
 214       *
 215       * @return bool
 216       */
 217      function can_be_manually_set() {
 218          return true;
 219      }
 220  
 221      /**
 222       * Prints a form for configuring this authentication plugin.
 223       *
 224       * This function is called from admin/auth.php, and outputs a full page with
 225       * a form for configuring this plugin.
 226       *
 227       * @param array $page An object containing all the data for this page.
 228       */
 229      function config_form($config, $err, $user_fields) {
 230          include  "config.html";
 231      }
 232  
 233      /**
 234       * Processes and stores configuration data for this authentication plugin.
 235       */
 236      function process_config($config) {
 237          // set to defaults if undefined
 238          if (!isset($config->recaptcha)) {
 239              $config->recaptcha = false;
 240          }
 241  
 242          // save settings
 243          set_config('recaptcha', $config->recaptcha, 'auth/email');
 244          return true;
 245      }
 246  
 247      /**
 248       * Returns whether or not the captcha element is enabled.
 249       * @return bool
 250       */
 251      function is_captcha_enabled() {
 252          return get_config("auth/{$this->authtype}", 'recaptcha');
 253      }
 254  
 255  }
 256  
 257