Commit | Line | Data |
---|---|---|
b9ddb2d5 | 1 | <?php |
2 | ||
3 | /** | |
4 | * @author Martin Dougiamas | |
5 | * @license http://www.gnu.org/copyleft/gpl.html GNU Public License | |
6 | * @package moodle multiauth | |
7 | * | |
8 | * Authentication Plugin: External Database Authentication | |
9 | * | |
10 | * Checks against an external database. | |
11 | * | |
12 | * 2006-08-28 File created. | |
13 | */ | |
14 | ||
8ae42b8d | 15 | if (!defined('MOODLE_INTERNAL')) { |
16 | die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page | |
17 | } | |
b9ddb2d5 | 18 | |
6bc1e5d5 | 19 | require_once($CFG->libdir.'/authlib.php'); |
e7721485 | 20 | require_once($CFG->libdir.'/adodb/adodb.inc.php'); |
6bc1e5d5 | 21 | |
b9ddb2d5 | 22 | /** |
23 | * External database authentication plugin. | |
24 | */ | |
6bc1e5d5 | 25 | class auth_plugin_db extends auth_plugin_base { |
b9ddb2d5 | 26 | |
27 | /** | |
28 | * Constructor. | |
29 | */ | |
30 | function auth_plugin_db() { | |
6bc1e5d5 | 31 | $this->authtype = 'db'; |
b9ddb2d5 | 32 | $this->config = get_config('auth/db'); |
8ae42b8d | 33 | if (empty($this->config->extencoding)) { |
34 | $this->config->extencoding = 'utf-8'; | |
35 | } | |
b9ddb2d5 | 36 | } |
37 | ||
38 | /** | |
39 | * Returns true if the username and password work and false if they are | |
40 | * wrong or don't exist. | |
41 | * | |
576c063b | 42 | * @param string $username The username |
43 | * @param string $password The password | |
8ae42b8d | 44 | * |
45 | * @return bool Authentication success or failure. | |
b9ddb2d5 | 46 | */ |
139ebfdb | 47 | function user_login($username, $password) { |
576c063b | 48 | global $CFG, $DB; |
b9ddb2d5 | 49 | |
8ae42b8d | 50 | $textlib = textlib_get_instance(); |
576c063b | 51 | $extusername = $textlib->convert($username, 'utf-8', $this->config->extencoding); |
52 | $extpassword = $textlib->convert($password, 'utf-8', $this->config->extencoding); | |
8ae42b8d | 53 | |
139ebfdb | 54 | $authdb = $this->db_init(); |
b9ddb2d5 | 55 | |
8ae42b8d | 56 | if ($this->config->passtype === 'internal') { |
b9ddb2d5 | 57 | // lookup username externally, but resolve |
58 | // password locally -- to support backend that | |
59 | // don't track passwords | |
8ae42b8d | 60 | $rs = $authdb->Execute("SELECT * FROM {$this->config->table} |
61 | WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."' "); | |
b9ddb2d5 | 62 | if (!$rs) { |
03cedd62 | 63 | $authdb->Close(); |
03ea0b32 | 64 | debugging(get_string('auth_dbcantconnect','auth_db')); |
b9ddb2d5 | 65 | return false; |
66 | } | |
8ae42b8d | 67 | |
03cedd62 | 68 | if ( !$rs->EOF ) { |
69 | $rs->Close(); | |
70 | $authdb->Close(); | |
b9ddb2d5 | 71 | // user exists exterally |
72 | // check username/password internally | |
576c063b | 73 | if ($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) { |
b9ddb2d5 | 74 | return validate_internal_user_password($user, $password); |
75 | } | |
76 | } else { | |
03cedd62 | 77 | $rs->Close(); |
78 | $authdb->Close(); | |
b9ddb2d5 | 79 | // user does not exist externally |
80 | return false; | |
8ae42b8d | 81 | } |
b9ddb2d5 | 82 | |
8ae42b8d | 83 | } else { |
b9ddb2d5 | 84 | // normal case: use external db for passwords |
85 | ||
86 | if ($this->config->passtype === 'md5') { // Re-format password accordingly | |
8ae42b8d | 87 | $extpassword = md5($extpassword); |
88 | } else if ($this->config->passtype === 'sha1') { | |
89 | $extpassword = sha1($extpassword); | |
b9ddb2d5 | 90 | } |
91 | ||
8ae42b8d | 92 | $rs = $authdb->Execute("SELECT * FROM {$this->config->table} |
93 | WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."' | |
94 | AND {$this->config->fieldpass} = '".$this->ext_addslashes($extpassword)."' "); | |
b9ddb2d5 | 95 | if (!$rs) { |
03cedd62 | 96 | $authdb->Close(); |
03ea0b32 | 97 | debugging(get_string('auth_dbcantconnect','auth_db')); |
b9ddb2d5 | 98 | return false; |
99 | } | |
8ae42b8d | 100 | |
03cedd62 | 101 | if (!$rs->EOF) { |
102 | $rs->Close(); | |
103 | $authdb->Close(); | |
b9ddb2d5 | 104 | return true; |
105 | } else { | |
03cedd62 | 106 | $rs->Close(); |
107 | $authdb->Close(); | |
b9ddb2d5 | 108 | return false; |
8ae42b8d | 109 | } |
110 | ||
b9ddb2d5 | 111 | } |
112 | } | |
113 | ||
139ebfdb | 114 | function db_init() { |
93901eb4 | 115 | // Connect to the external database (forcing new connection) |
116 | $authdb = &ADONewConnection($this->config->type); | |
8ae42b8d | 117 | if (!empty($this->config->debugauthdb)) { |
118 | $authdb->debug = true; | |
119 | ob_start();//start output buffer to allow later use of the page headers | |
120 | } | |
121 | $authdb->Connect($this->config->host, $this->config->user, $this->config->pass, $this->config->name, true); | |
b9ddb2d5 | 122 | $authdb->SetFetchMode(ADODB_FETCH_ASSOC); |
8ae42b8d | 123 | if (!empty($this->config->setupsql)) { |
124 | $authdb->Execute($this->config->setupsql); | |
125 | } | |
b9ddb2d5 | 126 | |
139ebfdb | 127 | return $authdb; |
128 | } | |
129 | /** | |
130 | * retuns user attribute mappings between moodle and ldap | |
131 | * | |
132 | * @return array | |
133 | */ | |
134 | function db_attributes() { | |
139ebfdb | 135 | $moodleattributes = array(); |
4105caff | 136 | foreach ($this->userfields as $field) { |
139ebfdb | 137 | if (!empty($this->config->{"field_map_$field"})) { |
138 | $moodleattributes[$field] = $this->config->{"field_map_$field"}; | |
0f02788f | 139 | } |
140 | } | |
5261baf1 | 141 | $moodleattributes['username'] = $this->config->fielduser; |
139ebfdb | 142 | return $moodleattributes; |
143 | } | |
144 | ||
145 | /** | |
146 | * Reads any other information for a user from external database, | |
147 | * then returns it in an array | |
148 | * | |
be544ec3 | 149 | * @param string $username |
139ebfdb | 150 | * |
151 | * @return array without magic quotes | |
152 | */ | |
153 | function get_userinfo($username) { | |
154 | ||
155 | global $CFG; | |
156 | ||
157 | $textlib = textlib_get_instance(); | |
be544ec3 | 158 | $extusername = $textlib->convert($username, 'utf-8', $this->config->extencoding); |
139ebfdb | 159 | |
160 | $authdb = $this->db_init(); | |
161 | ||
162 | //Array to map local fieldnames we want, to external fieldnames | |
163 | $selectfields = $this->db_attributes(); | |
164 | ||
0f02788f | 165 | $result = array(); |
166 | //If at least one field is mapped from external db, get that mapped data: | |
167 | if ($selectfields) { | |
168 | $select = ''; | |
169 | foreach ($selectfields as $localname=>$externalname) { | |
170 | $select .= ", $externalname AS $localname"; | |
171 | } | |
172 | $select = 'SELECT ' . substr($select,1); | |
173 | $sql = $select . | |
174 | " FROM {$this->config->table}" . | |
8ae42b8d | 175 | " WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."'"; |
0f02788f | 176 | if ($rs = $authdb->Execute($sql)) { |
03cedd62 | 177 | if ( !$rs->EOF ) { |
245ac557 | 178 | $fields_obj = $rs->FetchObj(); |
1ed6ae07 | 179 | $fields_obj = (object)array_change_key_case((array)$fields_obj , CASE_LOWER); |
0f02788f | 180 | foreach ($selectfields as $localname=>$externalname) { |
8ae42b8d | 181 | $result[$localname] = $textlib->convert($fields_obj->{$localname}, $this->config->extencoding, 'utf-8'); |
0f02788f | 182 | } |
183 | } | |
245ac557 | 184 | $rs->Close(); |
b9ddb2d5 | 185 | } |
186 | } | |
187 | $authdb->Close(); | |
b9ddb2d5 | 188 | return $result; |
a7e32367 | 189 | |
b9ddb2d5 | 190 | } |
191 | ||
192 | ||
fb5c7739 | 193 | /** |
194 | * Change a user's password | |
195 | * | |
ae040d4b | 196 | * @param object $user User table object |
197 | * @param string $newpassword Plaintext password | |
8ae42b8d | 198 | * |
fb5c7739 | 199 | * @return bool True on success |
200 | */ | |
da249a30 | 201 | function user_update_password($user, $newpassword) { |
b9ddb2d5 | 202 | |
b7b50143 | 203 | global $CFG; |
b9ddb2d5 | 204 | if ($this->config->passtype === 'internal') { |
d972bfd0 | 205 | return update_internal_user_password($user, $newpassword); |
b9ddb2d5 | 206 | } else { |
207 | // we should have never been called! | |
208 | return false; | |
209 | } | |
210 | } | |
211 | ||
212 | /** | |
213 | * syncronizes user fron external db to moodle user table | |
214 | * | |
215 | * Sync shouid be done by using idnumber attribute, not username. | |
216 | * You need to pass firstsync parameter to function to fill in | |
217 | * idnumbers if they dont exists in moodle user table. | |
8ae42b8d | 218 | * |
b9ddb2d5 | 219 | * Syncing users removes (disables) users that dont exists anymore in external db. |
8ae42b8d | 220 | * Creates new users and updates coursecreator status of users. |
221 | * | |
b9ddb2d5 | 222 | * @param bool $do_updates Optional: set to true to force an update of existing accounts |
223 | * | |
224 | * This implementation is simpler but less scalable than the one found in the LDAP module. | |
225 | * | |
226 | */ | |
139ebfdb | 227 | function sync_users($do_updates=false) { |
8ae42b8d | 228 | |
70ca450a | 229 | global $CFG, $DB; |
b9ddb2d5 | 230 | $pcfg = get_config('auth/db'); |
231 | ||
139ebfdb | 232 | /// list external users |
b9ddb2d5 | 233 | $userlist = $this->get_userlist(); |
b9ddb2d5 | 234 | |
139ebfdb | 235 | /// delete obsolete internal users |
236 | if (!empty($this->config->removeuser)) { | |
b9ddb2d5 | 237 | |
139ebfdb | 238 | // find obsolete users |
239 | if (count($userlist)) { | |
bc31625a PS |
240 | list($notin_sql, $params) = $DB->get_in_or_equal($userlist, SQL_PARAMS_NAMED, 'u0000', false); |
241 | $params['authtype'] = $this->authtype; | |
242 | $sql = "SELECT u.id, u.username, u.email, u.auth | |
243 | FROM {user} u | |
244 | WHERE u.auth=:authtype AND u.deleted=0 AND u.username $notin_sql"; | |
139ebfdb | 245 | } else { |
59669b63 | 246 | $sql = "SELECT u.id, u.username, u.email, u.auth |
bc31625a PS |
247 | FROM {user} u |
248 | WHERE u.auth=:authtype AND u.deleted=0"; | |
249 | $params = array(); | |
250 | $params['authtype'] = $this->authtype; | |
139ebfdb | 251 | } |
bc31625a | 252 | $remove_users = $DB->get_records_sql($sql, $params); |
139ebfdb | 253 | |
254 | if (!empty($remove_users)) { | |
2b06294b | 255 | print_string('auth_dbuserstoremove','auth_db', count($remove_users)); echo "\n"; |
139ebfdb | 256 | |
139ebfdb | 257 | foreach ($remove_users as $user) { |
6f87ef52 | 258 | if ($this->config->removeuser == AUTH_REMOVEUSER_FULLDELETE) { |
90afcf32 | 259 | if (delete_user($user)) { |
2c10db3b | 260 | echo "\t"; print_string('auth_dbdeleteuser', 'auth_db', array('name'=>$user->username, 'id'=>$user->id)); echo "\n"; |
139ebfdb | 261 | } else { |
2b06294b | 262 | echo "\t"; print_string('auth_dbdeleteusererror', 'auth_db', $user->username); echo "\n"; |
139ebfdb | 263 | } |
6f87ef52 | 264 | } else if ($this->config->removeuser == AUTH_REMOVEUSER_SUSPEND) { |
1dffbae2 | 265 | $updateuser = new stdClass(); |
139ebfdb | 266 | $updateuser->id = $user->id; |
267 | $updateuser->auth = 'nologin'; | |
dd88de0e PS |
268 | $DB->update_record('user', $updateuser); |
269 | echo "\t"; print_string('auth_dbsuspenduser', 'auth_db', array('name'=>$user->username, 'id'=>$user->id)); echo "\n"; | |
139ebfdb | 270 | } |
b9ddb2d5 | 271 | } |
8ae42b8d | 272 | } |
139ebfdb | 273 | unset($remove_users); // free mem! |
8ae42b8d | 274 | } |
b9ddb2d5 | 275 | |
276 | if (!count($userlist)) { | |
277 | // exit right here | |
278 | // nothing else to do | |
279 | return true; | |
280 | } | |
281 | ||
282 | /// | |
283 | /// update existing accounts | |
284 | /// | |
285 | if ($do_updates) { | |
286 | // narrow down what fields we need to update | |
287 | $all_keys = array_keys(get_object_vars($this->config)); | |
288 | $updatekeys = array(); | |
289 | foreach ($all_keys as $key) { | |
290 | if (preg_match('/^field_updatelocal_(.+)$/',$key, $match)) { | |
291 | if ($this->config->{$key} === 'onlogin') { | |
292 | array_push($updatekeys, $match[1]); // the actual key name | |
293 | } | |
294 | } | |
295 | } | |
296 | // print_r($all_keys); print_r($updatekeys); | |
297 | unset($all_keys); unset($key); | |
298 | ||
299 | // only go ahead if we actually | |
300 | // have fields to update locally | |
301 | if (!empty($updatekeys)) { | |
bc31625a PS |
302 | list($in_sql, $params) = $DB->get_in_or_equal($userlist, SQL_PARAMS_NAMED, 'u0000', true); |
303 | $params['authtype'] = $this->authtype; | |
304 | $sql = "SELECT u.id, u.username | |
305 | FROM {user} u | |
306 | WHERE u.auth=:authtype AND u.deleted=0 AND u.username {$in_sql}"; | |
307 | if ($update_users = $DB->get_records_sql($sql, $params)) { | |
139ebfdb | 308 | print "User entries to update: ". count($update_users). "\n"; |
8ae42b8d | 309 | |
310 | foreach ($update_users as $user) { | |
2c10db3b | 311 | echo "\t"; print_string('auth_dbupdatinguser', 'auth_db', array('name'=>$user->username, 'id'=>$user->id)); |
185721a4 | 312 | if (!$this->update_user_record($user->username, $updatekeys)) { |
139ebfdb | 313 | echo " - ".get_string('skipped'); |
314 | } | |
315 | echo "\n"; | |
8ae42b8d | 316 | } |
317 | unset($update_users); // free memory | |
b9ddb2d5 | 318 | } |
b9ddb2d5 | 319 | } |
320 | } | |
321 | ||
322 | ||
323 | /// | |
324 | /// create missing accounts | |
325 | /// | |
326 | // NOTE: this is very memory intensive | |
327 | // and generally inefficient | |
8ae42b8d | 328 | $sql = 'SELECT u.id, u.username |
70ca450a | 329 | FROM {user} u |
5211c7ec | 330 | WHERE u.auth=\'' . $this->authtype . '\' AND u.deleted=\'0\''; |
b9ddb2d5 | 331 | |
70ca450a | 332 | $users = $DB->get_records_sql($sql); |
8ae42b8d | 333 | |
b9ddb2d5 | 334 | // simplify down to usernames |
335 | $usernames = array(); | |
2b214bc1 | 336 | if (!empty($users)) { |
337 | foreach ($users as $user) { | |
338 | array_push($usernames, $user->username); | |
339 | } | |
340 | unset($users); | |
b9ddb2d5 | 341 | } |
b9ddb2d5 | 342 | |
343 | $add_users = array_diff($userlist, $usernames); | |
344 | unset($usernames); | |
345 | ||
346 | if (!empty($add_users)) { | |
2b06294b | 347 | print_string('auth_dbuserstoadd','auth_db',count($add_users)); echo "\n"; |
d5a8d9aa | 348 | $transaction = $DB->start_delegated_transaction(); |
b9ddb2d5 | 349 | foreach($add_users as $user) { |
350 | $username = $user; | |
351 | $user = $this->get_userinfo_asobj($user); | |
8ae42b8d | 352 | |
b9ddb2d5 | 353 | // prep a few params |
b7b50143 | 354 | $user->username = $username; |
355 | $user->modified = time(); | |
356 | $user->confirmed = 1; | |
5211c7ec | 357 | $user->auth = $this->authtype; |
b7b50143 | 358 | $user->mnethostid = $CFG->mnet_localhost_id; |
8ae42b8d | 359 | if (empty($user->lang)) { |
360 | $user->lang = $CFG->lang; | |
361 | } | |
362 | ||
b9ddb2d5 | 363 | // maybe the user has been deleted before |
70ca450a | 364 | if ($old_user = $DB->get_record('user', array('username'=>$user->username, 'deleted'=>1, 'mnethostid'=>$user->mnethostid))) { |
b9ddb2d5 | 365 | $user->id = $old_user->id; |
70ca450a | 366 | $DB->set_field('user', 'deleted', 0, array('username'=>$user->username)); |
2c10db3b | 367 | echo "\t"; print_string('auth_dbreviveduser', 'auth_db', array('name'=>$user->username, 'id'=>$user->id)); echo "\n"; |
6b8ad965 | 368 | |
a9637e7d PS |
369 | } else { |
370 | $id = $DB->insert_record ('user',$user); // it is truly a new user | |
2c10db3b | 371 | echo "\t"; print_string('auth_dbinsertuser','auth_db',array('name'=>$user->username, 'id'=>$id)); echo "\n"; |
b9ddb2d5 | 372 | // if relevant, tag for password generation |
373 | if ($this->config->passtype === 'internal') { | |
374 | set_user_preference('auth_forcepasswordchange', 1, $id); | |
375 | set_user_preference('create_password', 1, $id); | |
376 | } | |
b9ddb2d5 | 377 | } |
b9ddb2d5 | 378 | } |
d5a8d9aa | 379 | $transaction->allow_commit(); |
b9ddb2d5 | 380 | unset($add_users); // free mem |
381 | } | |
382 | return true; | |
383 | } | |
384 | ||
139ebfdb | 385 | function user_exists($username) { |
93901eb4 | 386 | |
a7e32367 | 387 | /// Init result value |
388 | $result = false; | |
389 | ||
8ae42b8d | 390 | $textlib = textlib_get_instance(); |
70ca450a | 391 | $extusername = $textlib->convert($username, 'utf-8', $this->config->extencoding); |
8ae42b8d | 392 | |
139ebfdb | 393 | $authdb = $this->db_init(); |
b9ddb2d5 | 394 | |
8ae42b8d | 395 | $rs = $authdb->Execute("SELECT * FROM {$this->config->table} |
396 | WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."' "); | |
b9ddb2d5 | 397 | |
398 | if (!$rs) { | |
2b06294b | 399 | print_error('auth_dbcantconnect','auth_db'); |
03cedd62 | 400 | } else if ( !$rs->EOF ) { |
b9ddb2d5 | 401 | // user exists exterally |
03cedd62 | 402 | $result = true; |
8ae42b8d | 403 | } |
a7e32367 | 404 | |
405 | $authdb->Close(); | |
406 | return $result; | |
b9ddb2d5 | 407 | } |
408 | ||
409 | ||
410 | function get_userlist() { | |
93901eb4 | 411 | |
a7e32367 | 412 | /// Init result value |
413 | $result = array(); | |
414 | ||
139ebfdb | 415 | $authdb = $this->db_init(); |
b9ddb2d5 | 416 | |
417 | // fetch userlist | |
418 | $rs = $authdb->Execute("SELECT {$this->config->fielduser} AS username | |
419 | FROM {$this->config->table} "); | |
b9ddb2d5 | 420 | |
421 | if (!$rs) { | |
2b06294b | 422 | print_error('auth_dbcantconnect','auth_db'); |
03cedd62 | 423 | } else if ( !$rs->EOF ) { |
245ac557 | 424 | while ($rec = $rs->FetchRow()) { |
e9366bf8 | 425 | $rec = (object)array_change_key_case((array)$rec , CASE_LOWER); |
426 | array_push($result, $rec->username); | |
b9ddb2d5 | 427 | } |
8ae42b8d | 428 | } |
a7e32367 | 429 | |
430 | $authdb->Close(); | |
431 | return $result; | |
b9ddb2d5 | 432 | } |
433 | ||
434 | /** | |
435 | * reads userinformation from DB and return it in an object | |
436 | * | |
8ae42b8d | 437 | * @param string $username username (with system magic quotes) |
b9ddb2d5 | 438 | * @return array |
439 | */ | |
440 | function get_userinfo_asobj($username) { | |
441 | $user_array = truncate_userinfo($this->get_userinfo($username)); | |
1dffbae2 | 442 | $user = new stdClass(); |
b9ddb2d5 | 443 | foreach($user_array as $key=>$value) { |
444 | $user->{$key} = $value; | |
445 | } | |
446 | return $user; | |
447 | } | |
448 | ||
8ae42b8d | 449 | /** |
450 | * will update a local user record from an external source. | |
451 | * is a lighter version of the one in moodlelib -- won't do | |
b9ddb2d5 | 452 | * expensive ops such as enrolment |
453 | * | |
8ae42b8d | 454 | * If you don't pass $updatekeys, there is a performance hit and |
b9ddb2d5 | 455 | * values removed from DB won't be removed from moodle. |
8ae42b8d | 456 | * |
185721a4 | 457 | * @param string $username username |
b9ddb2d5 | 458 | */ |
139ebfdb | 459 | function update_user_record($username, $updatekeys=false) { |
185721a4 | 460 | global $CFG, $DB; |
b9ddb2d5 | 461 | |
b9ddb2d5 | 462 | //just in case check text case |
463 | $username = trim(moodle_strtolower($username)); | |
8ae42b8d | 464 | |
b9ddb2d5 | 465 | // get the current user record |
185721a4 | 466 | $user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id)); |
b9ddb2d5 | 467 | if (empty($user)) { // trouble |
468 | error_log("Cannot update non-existent user: $username"); | |
2b06294b | 469 | print_error('auth_dbusernotexist','auth_db',$username); |
b9ddb2d5 | 470 | die; |
471 | } | |
472 | ||
b7b50143 | 473 | // Ensure userid is not overwritten |
474 | $userid = $user->id; | |
475 | ||
b9ddb2d5 | 476 | if ($newinfo = $this->get_userinfo($username)) { |
477 | $newinfo = truncate_userinfo($newinfo); | |
8ae42b8d | 478 | |
b9ddb2d5 | 479 | if (empty($updatekeys)) { // all keys? this does not support removing values |
480 | $updatekeys = array_keys($newinfo); | |
481 | } | |
8ae42b8d | 482 | |
b9ddb2d5 | 483 | foreach ($updatekeys as $key) { |
b9ddb2d5 | 484 | if (isset($newinfo[$key])) { |
485 | $value = $newinfo[$key]; | |
b9ddb2d5 | 486 | } else { |
487 | $value = ''; | |
488 | } | |
8ae42b8d | 489 | |
490 | if (!empty($this->config->{'field_updatelocal_' . $key})) { | |
bc31625a | 491 | if (isset($user->{$key}) and $user->{$key} != $value) { // only update if it's changed |
185721a4 | 492 | $DB->set_field('user', $key, $value, array('id'=>$userid)); |
139ebfdb | 493 | } |
b9ddb2d5 | 494 | } |
495 | } | |
496 | } | |
185721a4 | 497 | return $DB->get_record('user', array('id'=>$userid, 'deleted'=>0)); |
139ebfdb | 498 | } |
499 | ||
500 | /** | |
501 | * Called when the user record is updated. | |
502 | * Modifies user in external database. It takes olduser (before changes) and newuser (after changes) | |
503 | * conpares information saved modified information to external db. | |
504 | * | |
70ca450a | 505 | * @param mixed $olduser Userobject before modifications |
506 | * @param mixed $newuser Userobject new modified userobject | |
139ebfdb | 507 | * @return boolean result |
508 | * | |
509 | */ | |
510 | function user_update($olduser, $newuser) { | |
511 | if (isset($olduser->username) and isset($newuser->username) and $olduser->username != $newuser->username) { | |
512 | error_log("ERROR:User renaming not allowed in ext db"); | |
513 | return false; | |
514 | } | |
515 | ||
5211c7ec | 516 | if (isset($olduser->auth) and $olduser->auth != $this->authtype) { |
139ebfdb | 517 | return true; // just change auth and skip update |
518 | } | |
519 | ||
520 | $curruser = $this->get_userinfo($olduser->username); | |
521 | if (empty($curruser)) { | |
522 | error_log("ERROR:User $olduser->username found in ext db"); | |
523 | return false; | |
524 | } | |
525 | ||
526 | $textlib = textlib_get_instance(); | |
527 | $extusername = $textlib->convert($olduser->username, 'utf-8', $this->config->extencoding); | |
528 | ||
529 | $authdb = $this->db_init(); | |
530 | ||
531 | $update = array(); | |
532 | foreach($curruser as $key=>$value) { | |
533 | if ($key == 'username') { | |
534 | continue; // skip this | |
535 | } | |
536 | if (empty($this->config->{"field_updateremote_$key"})) { | |
537 | continue; // remote update not requested | |
538 | } | |
539 | if (!isset($newuser->$key)) { | |
540 | continue; | |
541 | } | |
70ca450a | 542 | $nuvalue = $newuser->$key; |
139ebfdb | 543 | if ($nuvalue != $value) { |
544 | $update[] = $this->config->{"field_map_$key"}."='".$this->ext_addslashes($textlib->convert($nuvalue, 'utf-8', $this->config->extencoding))."'"; | |
545 | } | |
546 | } | |
547 | if (!empty($update)) { | |
548 | $authdb->Execute("UPDATE {$this->config->table} | |
549 | SET ".implode(',', $update)." | |
550 | WHERE {$this->config->fielduser}='".$this->ext_addslashes($extusername)."'"); | |
551 | } | |
552 | $authdb->Close(); | |
553 | return true; | |
b9ddb2d5 | 554 | } |
555 | ||
8ae42b8d | 556 | /** |
557 | * A chance to validate form data, and last chance to | |
558 | * do stuff before it is inserted in config_plugin | |
559 | */ | |
560 | function validate_form(&$form, &$err) { | |
150b5fb0 | 561 | if ($form->passtype === 'internal') { |
b9ddb2d5 | 562 | $this->config->changepasswordurl = ''; |
563 | set_config('changepasswordurl', '', 'auth/db'); | |
564 | } | |
b9ddb2d5 | 565 | } |
566 | ||
edb5da83 PS |
567 | function prevent_local_passwords() { |
568 | if (!isset($this->config->passtype)) { | |
569 | return false; | |
570 | } | |
571 | return ($this->config->passtype != 'internal'); | |
572 | } | |
573 | ||
b9ddb2d5 | 574 | /** |
575 | * Returns true if this authentication plugin is 'internal'. | |
576 | * | |
139ebfdb | 577 | * @return bool |
b9ddb2d5 | 578 | */ |
579 | function is_internal() { | |
e79781f7 PS |
580 | if (!isset($this->config->passtype)) { |
581 | return true; | |
582 | } | |
ab6ff8a4 | 583 | return ($this->config->passtype == 'internal'); |
b9ddb2d5 | 584 | } |
585 | ||
586 | /** | |
587 | * Returns true if this authentication plugin can change the user's | |
588 | * password. | |
589 | * | |
139ebfdb | 590 | * @return bool |
b9ddb2d5 | 591 | */ |
592 | function can_change_password() { | |
430759a5 | 593 | return ($this->config->passtype == 'internal' or !empty($this->config->changepasswordurl)); |
b9ddb2d5 | 594 | } |
595 | ||
596 | /** | |
430759a5 | 597 | * Returns the URL for changing the user's pw, or empty if the default can |
b9ddb2d5 | 598 | * be used. |
599 | * | |
99f9f85f | 600 | * @return moodle_url |
b9ddb2d5 | 601 | */ |
602 | function change_password_url() { | |
430759a5 | 603 | if ($this->config->passtype == 'internal') { |
604 | // standard form | |
99f9f85f | 605 | return null; |
430759a5 | 606 | } else { |
607 | // use custom url | |
99f9f85f | 608 | return new moodle_url($this->config->changepasswordurl); |
430759a5 | 609 | } |
b9ddb2d5 | 610 | } |
611 | ||
ab6ff8a4 | 612 | /** |
613 | * Returns true if plugin allows resetting of internal password. | |
614 | * | |
615 | * @return bool | |
616 | */ | |
617 | function can_reset_password() { | |
618 | return ($this->config->passtype == 'internal'); | |
619 | } | |
620 | ||
b9ddb2d5 | 621 | /** |
622 | * Prints a form for configuring this authentication plugin. | |
623 | * | |
624 | * This function is called from admin/auth.php, and outputs a full page with | |
625 | * a form for configuring this plugin. | |
626 | * | |
627 | * @param array $page An object containing all the data for this page. | |
628 | */ | |
139ebfdb | 629 | function config_form($config, $err, $user_fields) { |
8ae42b8d | 630 | include 'config.html'; |
b9ddb2d5 | 631 | } |
632 | ||
633 | /** | |
634 | * Processes and stores configuration data for this authentication plugin. | |
635 | */ | |
636 | function process_config($config) { | |
637 | // set to defaults if undefined | |
638 | if (!isset($config->host)) { | |
8ae42b8d | 639 | $config->host = 'localhost'; |
b9ddb2d5 | 640 | } |
641 | if (!isset($config->type)) { | |
8ae42b8d | 642 | $config->type = 'mysql'; |
643 | } | |
644 | if (!isset($config->sybasequoting)) { | |
645 | $config->sybasequoting = 0; | |
b9ddb2d5 | 646 | } |
647 | if (!isset($config->name)) { | |
8ae42b8d | 648 | $config->name = ''; |
b9ddb2d5 | 649 | } |
650 | if (!isset($config->user)) { | |
8ae42b8d | 651 | $config->user = ''; |
b9ddb2d5 | 652 | } |
653 | if (!isset($config->pass)) { | |
8ae42b8d | 654 | $config->pass = ''; |
b9ddb2d5 | 655 | } |
656 | if (!isset($config->table)) { | |
8ae42b8d | 657 | $config->table = ''; |
b9ddb2d5 | 658 | } |
659 | if (!isset($config->fielduser)) { | |
8ae42b8d | 660 | $config->fielduser = ''; |
b9ddb2d5 | 661 | } |
662 | if (!isset($config->fieldpass)) { | |
8ae42b8d | 663 | $config->fieldpass = ''; |
b9ddb2d5 | 664 | } |
665 | if (!isset($config->passtype)) { | |
8ae42b8d | 666 | $config->passtype = 'plaintext'; |
667 | } | |
668 | if (!isset($config->extencoding)) { | |
669 | $config->extencoding = 'utf-8'; | |
670 | } | |
671 | if (!isset($config->setupsql)) { | |
672 | $config->setupsql = ''; | |
673 | } | |
674 | if (!isset($config->debugauthdb)) { | |
675 | $config->debugauthdb = 0; | |
b9ddb2d5 | 676 | } |
139ebfdb | 677 | if (!isset($config->removeuser)) { |
6f87ef52 | 678 | $config->removeuser = AUTH_REMOVEUSER_KEEP; |
139ebfdb | 679 | } |
b9ddb2d5 | 680 | if (!isset($config->changepasswordurl)) { |
681 | $config->changepasswordurl = ''; | |
682 | } | |
683 | ||
684 | // save settings | |
8ae42b8d | 685 | set_config('host', $config->host, 'auth/db'); |
686 | set_config('type', $config->type, 'auth/db'); | |
687 | set_config('sybasequoting', $config->sybasequoting, 'auth/db'); | |
688 | set_config('name', $config->name, 'auth/db'); | |
689 | set_config('user', $config->user, 'auth/db'); | |
690 | set_config('pass', $config->pass, 'auth/db'); | |
691 | set_config('table', $config->table, 'auth/db'); | |
692 | set_config('fielduser', $config->fielduser, 'auth/db'); | |
693 | set_config('fieldpass', $config->fieldpass, 'auth/db'); | |
694 | set_config('passtype', $config->passtype, 'auth/db'); | |
695 | set_config('extencoding', trim($config->extencoding), 'auth/db'); | |
139ebfdb | 696 | set_config('setupsql', trim($config->setupsql),'auth/db'); |
8ae42b8d | 697 | set_config('debugauthdb', $config->debugauthdb, 'auth/db'); |
139ebfdb | 698 | set_config('removeuser', $config->removeuser, 'auth/db'); |
8ae42b8d | 699 | set_config('changepasswordurl', trim($config->changepasswordurl), 'auth/db'); |
700 | ||
b9ddb2d5 | 701 | return true; |
702 | } | |
703 | ||
8ae42b8d | 704 | function ext_addslashes($text) { |
705 | // using custom made function for now | |
706 | if (empty($this->config->sybasequoting)) { | |
707 | $text = str_replace('\\', '\\\\', $text); | |
708 | $text = str_replace(array('\'', '"', "\0"), array('\\\'', '\\"', '\\0'), $text); | |
709 | } else { | |
710 | $text = str_replace("'", "''", $text); | |
711 | } | |
712 | return $text; | |
713 | } | |
b9ddb2d5 | 714 | } |
715 | ||
5117d598 | 716 |