From a014e3bcd88066adc3f8bd157964fb41d24b056d Mon Sep 17 00:00:00 2001 From: David Mudrak Date: Sun, 28 Aug 2011 02:28:12 +0200 Subject: [PATCH] MDL-27107 auth_mnet - consider all incoming roaming users as confirmed The 'confirmed' field can't be optional. If the identity provider did not export it, the new remote user would be created with 'confirmed' set to default zero and as such could be a subject of scheduled deletion. --- auth/mnet/auth.php | 1 + mnet/lib.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/auth/mnet/auth.php b/auth/mnet/auth.php index 5858ca475fb..9c463d66e9f 100644 --- a/auth/mnet/auth.php +++ b/auth/mnet/auth.php @@ -276,6 +276,7 @@ class auth_plugin_mnet extends auth_plugin_base { */ $remoteuser->mnethostid = $remotehost->id; $remoteuser->firstaccess = time(); // First time user in this server, grab it here + $remoteuser->confirmed = 1; $remoteuser->id = $DB->insert_record('user', $remoteuser); $firsttime = true; diff --git a/mnet/lib.php b/mnet/lib.php index 7a2f000e7ad..1e6324d599c 100644 --- a/mnet/lib.php +++ b/mnet/lib.php @@ -586,6 +586,7 @@ function mnet_profile_field_options() { 'timemodified', // will be set to relative to the host anyway 'auth', // going to be set to 'mnet' 'deleted', // we should never get deleted users sent over, but don't send this anyway + 'confirmed', // unconfirmed users can't log in to their home site, all remote users considered confirmed 'password', // no password for mnet users 'theme', // handled separately 'lastip', // will be set to relative to the host anyway @@ -610,7 +611,6 @@ function mnet_profile_field_options() { 'username', 'email', 'auth', - 'confirmed', 'deleted', 'firstname', 'lastname', -- 2.43.0