Password assistance facility for users who have forgotten their password or for users for whom no password has been assigned yet. More...
Public Member Functions | |
| ilPasswordAssistanceGUI () | |
| constructor | |
| & | executeCommand () |
| execute command | |
| showAssistanceForm ($message="", $username="", $email="") | |
| showUsernameAssistanceForm ($message="", $username="", $email="") | |
| submitAssistanceForm () | |
| Reads the submitted data from the password assistance form. | |
| submitUsernameAssistanceForm () | |
| Reads the submitted data from the password assistance form. | |
| sendPasswordAssistanceMail ($userObj) | |
| Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user. | |
| sendUsernameAssistanceMail ($email, $logins) | |
| Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user. | |
| showAssignPasswordForm ($message="", $username="", $password1="", $password2="", $pwassist_id="") | |
| submitAssignPasswordForm () | |
| Reads the submitted data from the password assistance form. | |
| showMessageForm ($message="", $text="") | |
Detailed Description
Password assistance facility for users who have forgotten their password or for users for whom no password has been assigned yet.
- Version:
- Id:
- class.ilPasswordAssistanceGUI.php 14671 2007-09-10 19:11:59Z rkuester
Definition at line 33 of file class.ilPasswordAssistanceGUI.php.
Member Function Documentation
| & ilPasswordAssistanceGUI::executeCommand | ( | ) |
execute command
Definition at line 48 of file class.ilPasswordAssistanceGUI.php.
References $_GET, $_SESSION, $cmd, $ilErr, $ilias, $lang, $lng, showAssignPasswordForm(), and showAssistanceForm().
{
global $ilias, $lng, $ilSetting, $ilErr, $ilAuth;
// check hack attempts
if (!$ilSetting->get("password_assistance")) // || AUTH_DEFAULT != AUTH_LOCAL)
{
if (empty($_SESSION["AccountId"]) and $_SESSION["AccountId"] !== false)
{
$ilErr->raiseError($lng->txt("permission_denied"),$ilias->error_obj->WARNING);
}
}
// check correct setup
if (!$ilSetting->get("setup_ok"))
{
die("Setup is not completed. Please run setup routine again. (pwassist.php)");
}
// Change the language, if necessary.
// And load the 'pwassist' language module
$lang = $_GET['lang'];
if ($lang != null && $lang != "" && $lng->getLangKey() != $lang)
{
$lng = new ilLanguage($lang);
}
$lng->loadLanguageModule('pwassist');
$cmd = $this->ctrl->getCmd();
$next_class = $this->ctrl->getNextClass($this);
switch($next_class)
{
default:
if ($cmd != "")
{
return $this->$cmd();
}
else
{
if (!empty($_GET["key"])) {
$this->showAssignPasswordForm();
} else {
$this->showAssistanceForm();
}
}
break;
}
// Logout current session
//$ilAuth->logout();
//session_destroy();
}
Here is the call graph for this function:
| ilPasswordAssistanceGUI::ilPasswordAssistanceGUI | ( | ) |
constructor
Definition at line 38 of file class.ilPasswordAssistanceGUI.php.
References $ilCtrl.
{
global $ilCtrl;
$this->ctrl =& $ilCtrl;
}
| ilPasswordAssistanceGUI::sendPasswordAssistanceMail | ( | $ | userObj | ) |
Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user.
Note: To prevent DOS attacks, a new session is created only, if no session exists, or if the existing session has been expired.
The password assistance mail contains an URL, which points to this script and contains the following URL parameters: client_id key
- Parameters:
-
usrObj An instance of class.ilObjUserObject.php.
Definition at line 404 of file class.ilPasswordAssistanceGUI.php.
References $ilias, $lng, db_pwassist_create_id(), db_pwassist_session_find(), db_pwassist_session_write(), and db_set_save_handler().
Referenced by submitAssistanceForm().
{
global $lng, $ilias;
include_once "classes/class.ilMailbox.php";
include_once "classes/class.ilMimeMail.php";
require_once "include/inc.pwassist_session_handler.php";
// Check if we need to create a new session
$pwassist_session = db_pwassist_session_find($userObj->getId());
if (count($pwassist_session) == 0 || $pwassist_session["expires"] < time())
{
// Create a new session id
db_set_save_handler();
session_start();
$pwassist_session["pwassist_id"] = db_pwassist_create_id();
session_destroy();
db_pwassist_session_write(
$pwassist_session["pwassist_id"],
3600,
$userObj->getId()
);
}
$protocol = isset($_SERVER['HTTPS'])?"https://":"http://";
// Compose the mail
$server_url=$protocol.$_SERVER['HTTP_HOST'].
substr($_SERVER['PHP_SELF'],0,strrpos($_SERVER['PHP_SELF'],'/')).
'/';
$pwassist_url=$protocol.$_SERVER['HTTP_HOST']
.str_replace("ilias.php", "pwassist.php", $_SERVER['PHP_SELF'])
."?client_id=".$ilias->getClientId()
."&lang=".$lng->getLangKey()
."&key=".$pwassist_session["pwassist_id"];
$contact_address=$ilias->getSetting("admin_email");
//echo "<br>-".htmlentities($pwassist_url)."-";
$mm = new ilMimeMail();
$mm->Subject($lng->txt("pwassist_mail_subject"));
$mm->From($contact_address);
$mm->To($userObj->getEmail());
$mm->Body
(
str_replace
(
array("\\n","\\t"),
array("\n","\t"),
sprintf
(
$lng->txt("pwassist_mail_body"),
$pwassist_url,
$server_url,
$_SERVER['REMOTE_ADDR'],
$userObj->getLogin(),
'mailto:'.$contact_address
)
)
);
$mm->Send();
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilPasswordAssistanceGUI::sendUsernameAssistanceMail | ( | $ | email, | |
| $ | logins | |||
| ) |
Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user.
Note: To prevent DOS attacks, a new session is created only, if no session exists, or if the existing session has been expired.
The password assistance mail contains an URL, which points to this script and contains the following URL parameters: client_id key
- Parameters:
-
usrObj An instance of class.ilObjUserObject.php.
Definition at line 480 of file class.ilPasswordAssistanceGUI.php.
Referenced by submitUsernameAssistanceForm().
{
global $lng, $ilias;
include_once "classes/class.ilMailbox.php";
include_once "classes/class.ilMimeMail.php";
require_once "include/inc.pwassist_session_handler.php";
$protocol = isset($_SERVER['HTTPS'])?"https://":"http://";
// Compose the mail
$server_url=$protocol.$_SERVER['HTTP_HOST'].
substr($_SERVER['PHP_SELF'],0,strrpos($_SERVER['PHP_SELF'],'/')).
'/';
$login_url=$server_url."pwassist.php"
."?client_id=".$ilias->getClientId()
."&lang=".$lng->getLangKey();
//echo "-".htmlentities($login_url)."-";
$contact_address=$ilias->getSetting("admin_email");
$mm = new ilMimeMail();
$mm->Subject($lng->txt("pwassist_mail_subject"));
$mm->From($contact_address);
$mm->To($email);
$mm->Body
(
str_replace
(
array("\\n","\\t"),
array("\n","\t"),
sprintf
(
$lng->txt("pwassist_username_mail_body"),
join ($logins,",\n"),
$server_url,
$_SERVER['REMOTE_ADDR'],
$email,
'mailto:'.$contact_address,
$login_url
)
)
);
$mm->Send();
}
Here is the caller graph for this function:
| ilPasswordAssistanceGUI::showAssignPasswordForm | ( | $ | message = "", |
|
| $ | username = "", |
|||
| $ | password1 = "", |
|||
| $ | password2 = "", |
|||
| $ | pwassist_id = "" | |||
| ) |
Definition at line 546 of file class.ilPasswordAssistanceGUI.php.
References $_GET, $ilias, $lng, $rbacadmin, $rbacreview, $tpl, db_pwassist_session_read(), ilUtil::getImagePath(), and showAssistanceForm().
Referenced by executeCommand(), and submitAssignPasswordForm().
{
global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
require_once "include/inc.pwassist_session_handler.php";
require_once "classes/class.ilLanguage.php";
// Retrieve form data
if ($pwassist_id == "")
{
$pwassist_id = $_GET["key"];
}
// Retrieve the session, and check if it is valid
$pwassist_session = db_pwassist_session_read($pwassist_id);
if (count($pwassist_session) == 0 || $pwassist_session["expires"] < time())
{
$this->showAssistanceForm($lng->txt("pwassist_session_expired"));
}
else
{
$tpl->addBlockFile("CONTENT", "content", "tpl.pwassist_assignpassword.html");
if ($message != "")
{
$tpl->setCurrentBlock("pw_message");
$tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
$tpl->parseCurrentBlock();
}
$tpl->setVariable("FORMACTION",
$this->ctrl->getFormAction($this));
$tpl->setVariable("TARGET","target=\"_parent\"");
$tpl->setVariable("IMG_AUTH",
ilUtil::getImagePath("icon_auth_b.gif"));
$tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
$tpl->setVariable("TXT_ENTER_USERNAME_AND_NEW_PASSWORD", $lng->txt("pwassist_enter_username_and_new_password"));
$tpl->setVariable("TXT_USERNAME", $lng->txt("username"));
$tpl->setVariable("TXT_PASSWORD1", $lng->txt("password"));
$tpl->setVariable("TXT_PASSWORD2", $lng->txt("retype_password"));
$tpl->setVariable("USERNAME", $username);
$tpl->setVariable("PASSWORD1", $password1);
$tpl->setVariable("PASSWORD2", $password2);
$tpl->setVariable("TXT_SUBMIT", $lng->txt("submit"));
$tpl->setVariable("KEY", $pwassist_id);
$tpl->setVariable("BACK", $lng->txt("back"));
$tpl->setVariable("CMD_BACK",
$this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
$tpl->setVariable("LANG", $lng->getLangKey());
$tpl->show();
}
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilPasswordAssistanceGUI::showAssistanceForm | ( | $ | message = "", |
|
| $ | username = "", |
|||
| $ | email = "" | |||
| ) |
Definition at line 118 of file class.ilPasswordAssistanceGUI.php.
References $ilias, $lng, $tpl, and ilUtil::getImagePath().
Referenced by executeCommand(), showAssignPasswordForm(), submitAssignPasswordForm(), and submitAssistanceForm().
{
global $tpl, $ilias, $lng;
// Create the form
$tpl->addBlockFile("CONTENT", "content", "tpl.pwassist_assistance.html");
if ($message != "")
{
$tpl->setCurrentBlock("pw_message");
$tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
$tpl->parseCurrentBlock();
}
$tpl->setVariable("FORMACTION",
$this->ctrl->getFormAction($this));
$tpl->setVariable("TARGET","target=\"_parent\"");
$tpl->setVariable("IMG_AUTH",
ilUtil::getImagePath("icon_auth_b.gif"));
$tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
$contact_address = $ilias->getSetting("admin_email");
$tpl->setVariable
(
"TXT_ENTER_USERNAME_AND_EMAIL",
str_replace
(
"\\n","<br>",
sprintf
(
$lng->txt("pwassist_enter_username_and_email"),
"<a href=\"mailto:".$contact_address."\">".$contact_address."</a>"
)
)
);
$tpl->setVariable("TXT_USERNAME", $lng->txt("username"));
$tpl->setVariable("TXT_EMAIL", $lng->txt("email"));
$tpl->setVariable("USERNAME", $username);
$tpl->setVariable("EMAIL", $email);
$tpl->setVariable("TXT_SUBMIT", $lng->txt("submit"));
$tpl->setVariable("BACK", $lng->txt("back"));
$tpl->setVariable("LINK_BACK",
$this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
$tpl->setVariable("LANG", $lng->getLangKey());
$tpl->show();
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilPasswordAssistanceGUI::showMessageForm | ( | $ | message = "", |
|
| $ | text = "" | |||
| ) |
Definition at line 733 of file class.ilPasswordAssistanceGUI.php.
References $ilias, $lng, $tpl, and ilUtil::getImagePath().
Referenced by submitAssignPasswordForm(), submitAssistanceForm(), and submitUsernameAssistanceForm().
{
global $tpl, $ilias, $lng;
if ($message != "")
{
$tpl->setCurrentBlock("pw_message");
$tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
$tpl->parseCurrentBlock();
}
$tpl->addBlockFile("CONTENT", "content", "tpl.pwassist_message.html");
$tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
$tpl->setVariable("IMG_AUTH",
ilUtil::getImagePath("icon_auth_b.gif"));
$tpl->setVariable("TXT_TEXT",str_replace("\\n","<br>",$text));
$tpl->setVariable("BACK", $lng->txt("back"));
$tpl->setVariable("LINK_BACK",
$this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
$tpl->setVariable("LANG", $lng->getLangKey());
$tpl->show();
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilPasswordAssistanceGUI::showUsernameAssistanceForm | ( | $ | message = "", |
|
| $ | username = "", |
|||
| $ | email = "" | |||
| ) |
Definition at line 181 of file class.ilPasswordAssistanceGUI.php.
References $ilias, $lng, $tpl, and ilUtil::getImagePath().
Referenced by submitUsernameAssistanceForm().
{
global $tpl, $ilias, $lng;
// Create the form
$tpl->addBlockFile("CONTENT", "content", "tpl.pwassist_username_assistance.html");
if ($message != "")
{
$tpl->setCurrentBlock("pw_message");
$tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
$tpl->parseCurrentBlock();
}
$tpl->setVariable("FORMACTION",
$this->ctrl->getFormAction($this));
$tpl->setVariable("IMG_AUTH",
ilUtil::getImagePath("icon_auth_b.gif"));
$tpl->setVariable("TARGET","target=\"_parent\"");
$tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
$contact_address = $ilias->getSetting("admin_email");
$tpl->setVariable
(
"TXT_ENTER_USERNAME_AND_EMAIL",
str_replace
(
"\\n","<br>",
sprintf
(
$lng->txt("pwassist_enter_email"),
"<a href=\"mailto:".$contact_address."\">".$contact_address."</a>"
)
)
);
$tpl->setVariable("TXT_USERNAME", $lng->txt("username"));
$tpl->setVariable("TXT_EMAIL", $lng->txt("email"));
$tpl->setVariable("USERNAME", $username);
$tpl->setVariable("EMAIL", $email);
$tpl->setVariable("TXT_SUBMIT", $lng->txt("submit"));
$tpl->setVariable("BACK", $lng->txt("back"));
$tpl->setVariable("LINK_BACK",
$this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
$tpl->setVariable("LANG", $lng->getLangKey());
$tpl->show();
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilPasswordAssistanceGUI::submitAssignPasswordForm | ( | ) |
Reads the submitted data from the password assistance form.
The following form fields are read as HTTP POST parameters: key username password1 password2
The key is used to retrieve the password assistance session. If the key is missing, or if the password assistance session has expired, the password assistance form will be shown instead of this form.
If the password assistance session is valid, and if the username matches the username, for which the password assistance has been requested, and if the new password is valid, ILIAS assigns the password to the user.
Note: To prevent replay attacks, the session is deleted when the password has been assigned successfully.
Definition at line 618 of file class.ilPasswordAssistanceGUI.php.
References $_POST, $ilias, $lng, $rbacadmin, $rbacreview, $tpl, db_pwassist_session_destroy(), db_pwassist_session_read(), ilUtil::isPassword(), showAssignPasswordForm(), showAssistanceForm(), showMessageForm(), and ilUtil::stripSlashes().
{
global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
require_once "include/inc.pwassist_session_handler.php";
// Retrieve form data
$pwassist_id = ilUtil::stripSlashes($_POST["key"]);
$username = ilUtil::stripSlashes($_POST["username"]);
$password1 = ilUtil::stripSlashes($_POST["password1"]);
$password2 = ilUtil::stripSlashes($_POST["password2"]);
// Retrieve the session
$pwassist_session = db_pwassist_session_read($pwassist_id);
if (count($pwassist_session) == 0 || $pwassist_session["expires"] < time())
{
$this->showAssistanceForm($lng->txt("pwassist_session_expired"));
}
else
{
$is_successful = true;
$message = "";
$userObj = new ilObjUser($pwassist_session["user_id"]);
// Validate the entries of the user
// ----------------------------------
// check if the user still exists
if ($userObj == null)
{
$message = $lng->txt("user_does_not_exist");
$is_successful = false;
}
// check if the username entered by the user matches the
// one of the user object.
if ($is_successful && strcasecmp($userObj->getLogin(), $username) != 0)
{
$message = $lng->txt("pwassist_login_not_match");
$is_successful = false;
}
// check if the user entered the password correctly into the
// two entry fields.
if ($is_successful && $password1 != $password2)
{
$message = $lng->txt("passwd_not_match");
$is_successful = false;
}
// validate the password
if ($is_successful && !ilUtil::isPassword($password1))
{
$message = $lng->txt("passwd_invalid");
$is_successful = false;
}
// End of validation
// If the validation was successful, we change the password of the
// user.
// ------------------
if ($is_successful)
{
$is_successful = $userObj->resetPassword($password1,$password2);
if (! $is_successful)
{
$message = $lng->txt("passwd_invalid");
}
}
// If we are successful so far, we update the user object.
// ------------------
if ($is_successful)
{
$is_successfull = $userObj->update();
if (! $is_successful)
{
$message = $lng->txt("update_error");
}
}
// If we are successful, we destroy the password assistance
// session and redirect to the login page.
// Else we display the form again along with an error message.
// ------------------
if ($is_successful)
{
db_pwassist_session_destroy($pwassist_id);
$this->showMessageForm
(
null,
sprintf
(
$lng->txt("pwassist_password_assigned"),
$username
)
);
}
else
{
$this->showAssignPasswordForm
(
$message,
$username,
$password1,
$password2,
$pwassist_id
);
}
}
}
Here is the call graph for this function:
| ilPasswordAssistanceGUI::submitAssistanceForm | ( | ) |
Reads the submitted data from the password assistance form.
The following form fields are read as HTTP POST parameters: username email
If the submitted username and email address matches an entry in the user data table, then ILIAS creates a password assistance session for the user, and sends a password assistance mail to the email address. For details about the creation of the session and the e-mail see function sendPasswordAssistanceMail().
Definition at line 241 of file class.ilPasswordAssistanceGUI.php.
References $_POST, $ilias, $lng, $rbacadmin, $rbacreview, $tpl, ilObjUser::getUserIdByLogin(), sendPasswordAssistanceMail(), showAssistanceForm(), showMessageForm(), and ilUtil::stripSlashes().
{
global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
require_once "classes/class.ilObjUser.php";
require_once "classes/class.ilUtil.php";
// Retrieve form data
$username = ilUtil::stripSlashes($_POST["username"]);
$email = ilUtil::stripSlashes($_POST["email"]);
// Retrieve a user object with matching user name and email address.
$userObj = null;
$userid = ilObjUser::getUserIdByLogin($username);
$txt_key = "pwassist_invalid_username_or_email";
if ($userid != 0)
{
$userObj = new ilObjUser($userid);
if (strcasecmp($userObj->getEmail(), $email) != 0)
{
$userObj = null;
} else if ($userObj->getAuthMode(true) != AUTH_LOCAL ||
($userObj->getAuthMode(true) == AUTH_DEFAULT && AUTH_DEFAULT != AUTH_LOCAL))
{
$userObj = null;
$txt_key = "pwassist_invalid_auth_mode";
}
}
// No matching user object found?
// Show the password assistance form again, and display an error message.
if ($userObj == null)
{
$this->showAssistanceForm
(
$lng->txt($txt_key),
$username,
$email
);
}
// Matching user object found?
// Check if the user is permitted to use the password assistance function,
// and then send a password assistance mail to the email address.
else
{
// FIXME: Extend this if-statement to check whether the user
// has the permission to use the password assistance function.
// The anonymous user and users who are system administrators are
// not allowed to use this feature
if ($rbacreview->isAssigned($userObj->getID, ANONYMOUS_ROLE_ID)
|| $rbacreview->isAssigned($userObj->getID, SYSTEM_ROLE_ID)
)
{
$this->showAssistanceForm
(
$lng->txt("pwassist_not_permitted"),
$username,
$email
);
}
else
{
$this->sendPasswordAssistanceMail($userObj);
$this->showMessageForm
(
null,
sprintf
(
$lng->txt("pwassist_mail_sent"),
$email
)
);
}
}
}
Here is the call graph for this function:
| ilPasswordAssistanceGUI::submitUsernameAssistanceForm | ( | ) |
Reads the submitted data from the password assistance form.
The following form fields are read as HTTP POST parameters: username email
If the submitted username and email address matches an entry in the user data table, then ILIAS creates a password assistance session for the user, and sends a password assistance mail to the email address. For details about the creation of the session and the e-mail see function sendPasswordAssistanceMail().
Definition at line 330 of file class.ilPasswordAssistanceGUI.php.
References $_POST, $ilias, $lng, $rbacadmin, $rbacreview, $tpl, ilObjUser::_getUserIdsByEmail(), sendUsernameAssistanceMail(), showMessageForm(), showUsernameAssistanceForm(), and ilUtil::stripSlashes().
{
global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
require_once "classes/class.ilObjUser.php";
require_once "classes/class.ilUtil.php";
// Retrieve form data
$email = ilUtil::stripSlashes($_POST["email"]);
// Retrieve a user object with matching user name and email address.
$logins = ilObjUser::_getUserIdsByEmail($email);
// No matching user object found?
// Show the password assistance form again, and display an error message.
if (count($logins)< 1)
{
$this->showUsernameAssistanceForm
(
$lng->txt("pwassist_invalid_email"),
"",
$email
);
}
// Matching user object found?
// Check if the user is permitted to use the password assistance function,
// and then send a password assistance mail to the email address.
else
{
// FIXME: Extend this if-statement to check whether the user
// has the permission to use the password assistance function.
// The anonymous user and users who are system administrators are
// not allowed to use this feature
/* if ($rbacreview->isAssigned($userObj->getID, ANONYMOUS_ROLE_ID)
|| $rbacreview->isAssigned($userObj->getID, SYSTEM_ROLE_ID)
)
{
$this->showAssistanceForm
(
$lng->txt("pwassist_not_permitted"),
$username,
$email
);
}
else */
{
$this->sendUsernameAssistanceMail($email, $logins);
$this->showMessageForm
(
null,
sprintf
(
$lng->txt("pwassist_mail_sent"),
$email
)
);
}
}
}
Here is the call graph for this function:
The documentation for this class was generated from the following file:
- Services/Init/classes/class.ilPasswordAssistanceGUI.php
