MDL-51217 auth: Check if recaptcha enabled in the plugin used for signup.
[moodle.git] / auth / email / auth.php
CommitLineData
b9ddb2d5 1<?php
a2f10958
PS
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
b9ddb2d5 16
17/**
b9ddb2d5 18 * Authentication Plugin: Email Authentication
19 *
a2f10958
PS
20 * @author Martin Dougiamas
21 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
22 * @package auth_email
b9ddb2d5 23 */
24
60d7078a 25defined('MOODLE_INTERNAL') || die();
b9ddb2d5 26
6bc1e5d5 27require_once($CFG->libdir.'/authlib.php');
b9ddb2d5 28
29/**
30 * Email authentication plugin.
31 */
6bc1e5d5 32class auth_plugin_email extends auth_plugin_base {
b9ddb2d5 33
34 /**
35 * Constructor.
36 */
37 function auth_plugin_email() {
6bc1e5d5 38 $this->authtype = 'email';
b9ddb2d5 39 $this->config = get_config('auth/email');
40 }
41
42 /**
43 * Returns true if the username and password work and false if they are
44 * wrong or don't exist.
45 *
46 * @param string $username The username
47 * @param string $password The password
139ebfdb 48 * @return bool Authentication success or failure.
b9ddb2d5 49 */
50 function user_login ($username, $password) {
be544ec3 51 global $CFG, $DB;
52 if ($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) {
b9ddb2d5 53 return validate_internal_user_password($user, $password);
54 }
55 return false;
56 }
57
fb5c7739 58 /**
b9ddb2d5 59 * Updates the user's password.
60 *
61 * called when the user password is updated.
62 *
c57dcb62 63 * @param object $user User table object (with system magic quotes)
64 * @param string $newpassword Plaintext password (with system magic quotes)
b9ddb2d5 65 * @return boolean result
66 *
67 */
da249a30 68 function user_update_password($user, $newpassword) {
69 $user = get_complete_user_data('id', $user->id);
ec2d8ceb
SC
70 // This will also update the stored hash to the latest algorithm
71 // if the existing hash is using an out-of-date algorithm (or the
72 // legacy md5 algorithm).
b9ddb2d5 73 return update_internal_user_password($user, $newpassword);
74 }
75
6bc1e5d5 76 function can_signup() {
77 return true;
78 }
79
430759a5 80 /**
b9ddb2d5 81 * Sign up a new user ready for confirmation.
dd0feda5 82 * Password is passed in plaintext.
83 *
5d910388 84 * @param object $user new user object
dd0feda5 85 * @param boolean $notify print notice with link and terminate
b9ddb2d5 86 */
6b8ad965 87 function user_signup($user, $notify=true) {
5d910388 88 global $CFG, $DB;
831d450e 89 require_once($CFG->dirroot.'/user/profile/lib.php');
bb78e249 90 require_once($CFG->dirroot.'/user/lib.php');
5117d598 91
1d658535 92 $plainpassword = $user->password;
dd0feda5 93 $user->password = hash_internal_user_password($user->password);
8bf0f207
MN
94 if (empty($user->calendartype)) {
95 $user->calendartype = $CFG->calendartype;
96 }
dd0feda5 97
9363073b 98 $user->id = user_create_user($user, false, false);
5117d598 99
1d658535
PS
100 user_add_password_history($user->id, $plainpassword);
101
bb78e249 102 // Save any custom profile field information.
831d450e 103 profile_save_data($user);
104
9363073b
RT
105 // Trigger event.
106 \core\event\user_created::create_from_userid($user->id)->trigger();
107
b9ddb2d5 108 if (! send_confirmation_email($user)) {
2b06294b 109 print_error('auth_emailnoemail','auth_email');
b9ddb2d5 110 }
111
112 if ($notify) {
07ed083e 113 global $CFG, $PAGE, $OUTPUT;
b9ddb2d5 114 $emailconfirm = get_string('emailconfirm');
cfc5b79b 115 $PAGE->navbar->add($emailconfirm);
116 $PAGE->set_title($emailconfirm);
c93fdc7b 117 $PAGE->set_heading($PAGE->course->fullname);
cfc5b79b 118 echo $OUTPUT->header();
b9ddb2d5 119 notice(get_string('emailconfirmsent', '', $user->email), "$CFG->wwwroot/index.php");
dd0feda5 120 } else {
121 return true;
139ebfdb 122 }
b9ddb2d5 123 }
124
6bc1e5d5 125 /**
126 * Returns true if plugin allows confirming of new users.
127 *
128 * @return bool
129 */
130 function can_confirm() {
131 return true;
132 }
133
430759a5 134 /**
b9ddb2d5 135 * Confirm the new user as registered.
dd0feda5 136 *
b9a66360 137 * @param string $username
138 * @param string $confirmsecret
b9ddb2d5 139 */
140 function user_confirm($username, $confirmsecret) {
b9a66360 141 global $DB;
b9ddb2d5 142 $user = get_complete_user_data('username', $username);
143
144 if (!empty($user)) {
4f8b6d56 145 if ($user->auth != $this->authtype) {
dd0feda5 146 return AUTH_CONFIRM_ERROR;
147
4f8b6d56
MG
148 } else if ($user->secret == $confirmsecret && $user->confirmed) {
149 return AUTH_CONFIRM_ALREADY;
150
b9a66360 151 } else if ($user->secret == $confirmsecret) { // They have provided the secret key to get in
f685e830 152 $DB->set_field("user", "confirmed", 1, array("id"=>$user->id));
b9ddb2d5 153 return AUTH_CONFIRM_OK;
154 }
dd0feda5 155 } else {
156 return AUTH_CONFIRM_ERROR;
b9ddb2d5 157 }
158 }
159
edb5da83
PS
160 function prevent_local_passwords() {
161 return false;
162 }
163
b9ddb2d5 164 /**
165 * Returns true if this authentication plugin is 'internal'.
166 *
139ebfdb 167 * @return bool
b9ddb2d5 168 */
169 function is_internal() {
170 return true;
171 }
139ebfdb 172
b9ddb2d5 173 /**
174 * Returns true if this authentication plugin can change the user's
175 * password.
176 *
139ebfdb 177 * @return bool
b9ddb2d5 178 */
179 function can_change_password() {
180 return true;
181 }
139ebfdb 182
b9ddb2d5 183 /**
430759a5 184 * Returns the URL for changing the user's pw, or empty if the default can
b9ddb2d5 185 * be used.
186 *
99f9f85f 187 * @return moodle_url
b9ddb2d5 188 */
189 function change_password_url() {
99f9f85f 190 return null; // use default internal method
430759a5 191 }
192
193 /**
194 * Returns true if plugin allows resetting of internal password.
195 *
196 * @return bool
197 */
198 function can_reset_password() {
199 return true;
b9ddb2d5 200 }
139ebfdb 201
9b29f686
MN
202 /**
203 * Returns true if plugin can be manually set.
204 *
205 * @return bool
206 */
207 function can_be_manually_set() {
208 return true;
209 }
210
b9ddb2d5 211 /**
212 * Prints a form for configuring this authentication plugin.
213 *
214 * This function is called from admin/auth.php, and outputs a full page with
215 * a form for configuring this plugin.
216 *
217 * @param array $page An object containing all the data for this page.
218 */
139ebfdb 219 function config_form($config, $err, $user_fields) {
b9ddb2d5 220 include "config.html";
221 }
222
223 /**
224 * Processes and stores configuration data for this authentication plugin.
225 */
226 function process_config($config) {
5d6308d4 227 // set to defaults if undefined
5117d598
PS
228 if (!isset($config->recaptcha)) {
229 $config->recaptcha = false;
5d6308d4 230 }
5117d598 231
5d6308d4 232 // save settings
233 set_config('recaptcha', $config->recaptcha, 'auth/email');
b9ddb2d5 234 return true;
235 }
5117d598 236
9b5f87d2 237 /**
238 * Returns whether or not the captcha element is enabled, and the admin settings fulfil its requirements.
239 * @return bool
240 */
241 function is_captcha_enabled() {
242 global $CFG;
7f2033ea 243 return $this->config->recaptcha;
9b5f87d2 244 }
139ebfdb 245
b9ddb2d5 246}
247
5117d598 248