ILIAS  eassessment Revision 61809
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilPasswordAssistanceGUI.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
33 class ilPasswordAssistanceGUI
34 {
38  function ilPasswordAssistanceGUI()
39  {
40  global $ilCtrl;
41 
42  $this->ctrl =& $ilCtrl;
43  }
44 
48  function &executeCommand()
49  {
50  global $ilias, $lng, $ilSetting, $ilErr, $ilAuth;
51 
52  // check hack attempts
53  if (!$ilSetting->get("password_assistance")) // || AUTH_DEFAULT != AUTH_LOCAL)
54  {
55  if (empty($_SESSION["AccountId"]) and $_SESSION["AccountId"] !== false)
56  {
57  $ilErr->raiseError($lng->txt("permission_denied"),$ilias->error_obj->WARNING);
58  }
59  }
60 
61  // check correct setup
62  if (!$ilSetting->get("setup_ok"))
63  {
64  die("Setup is not completed. Please run setup routine again. (pwassist.php)");
65  }
66 
67  // Change the language, if necessary.
68  // And load the 'pwassist' language module
69  $lang = $_GET['lang'];
70  if ($lang != null && $lang != "" && $lng->getLangKey() != $lang)
71  {
72  $lng = new ilLanguage($lang);
73  }
74  $lng->loadLanguageModule('pwassist');
75 
76  $cmd = $this->ctrl->getCmd();
77  $next_class = $this->ctrl->getNextClass($this);
78 
79  switch($next_class)
80  {
81  default:
82  if ($cmd != "")
83  {
84  return $this->$cmd();
85  }
86  else
87  {
88  if (!empty($_GET["key"])) {
89  $this->showAssignPasswordForm();
90  } else {
91  $this->showAssistanceForm();
92  }
93  }
94  break;
95  }
96 
97  // Logout current session
98  //$ilAuth->logout();
99  //session_destroy();
100 
101  }
102 
103 
104  /* Shows the password assistance form.
105  * This form is used to request a password assistance mail from ILIAS.
106  *
107  * This form contains the following fields:
108  * username
109  * email
110  *
111  * When the user submits the form, then this script is invoked with the cmd
112  * 'submitAssistanceForm'.
113  *
114  * @param message A message to display on the form.
115  * @param username The user name to be shown in the form.
116  * @param email The e-mail to be shown in the form.
117  */
118  function showAssistanceForm($message="", $username="", $email="")
119  {
120  global $tpl, $ilias, $lng;
121 
122  // Create the form
123  $tpl->addBlockFile("CONTENT", "content", "tpl.pwassist_assistance.html");
124 
125  if ($message != "")
126  {
127  $tpl->setCurrentBlock("pw_message");
128  $tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
129  $tpl->parseCurrentBlock();
130  }
131 
132  $tpl->setVariable("FORMACTION",
133  $this->ctrl->getFormAction($this));
134  $tpl->setVariable("TARGET","target=\"_parent\"");
135  $tpl->setVariable("IMG_AUTH",
136  ilUtil::getImagePath("icon_auth_b.gif"));
137  $tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
138 
139  $contact_address = $ilias->getSetting("admin_email");
140  $tpl->setVariable
141  (
142  "TXT_ENTER_USERNAME_AND_EMAIL",
143  str_replace
144  (
145  "\\n","<br>",
146  sprintf
147  (
148  $lng->txt("pwassist_enter_username_and_email"),
149  "<a href=\"mailto:".$contact_address."\">".$contact_address."</a>"
150  )
151  )
152  );
153  $tpl->setVariable("TXT_USERNAME", $lng->txt("username"));
154  $tpl->setVariable("TXT_EMAIL", $lng->txt("email"));
155  $tpl->setVariable("USERNAME", htmlentities($username));
156  $tpl->setVariable("EMAIL", htmlentities($email));
157  $tpl->setVariable("TXT_SUBMIT", $lng->txt("submit"));
158  $tpl->setVariable("BACK", $lng->txt("back"));
159  $tpl->setVariable("LINK_BACK",
160  $this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
161  $tpl->setVariable("LANG", $lng->getLangKey());
162 
163  $tpl->show();
164  }
165 
166 
167  /* Shows the password assistance form.
168  * This form is used to request a password assistance mail from ILIAS.
169  *
170  * This form contains the following fields:
171  * username
172  * email
173  *
174  * When the user submits the form, then this script is invoked with the cmd
175  * 'submitAssistanceForm'.
176  *
177  * @param message A message to display on the form.
178  * @param username The user name to be shown in the form.
179  * @param email The e-mail to be shown in the form.
180  */
181  function showUsernameAssistanceForm($message="", $username="", $email="")
182  {
183  global $tpl, $ilias, $lng;
184 
185  // Create the form
186  $tpl->addBlockFile("CONTENT", "content", "tpl.pwassist_username_assistance.html");
187 
188  if ($message != "")
189  {
190  $tpl->setCurrentBlock("pw_message");
191  $tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
192  $tpl->parseCurrentBlock();
193  }
194 
195  $tpl->setVariable("FORMACTION",
196  $this->ctrl->getFormAction($this));
197  $tpl->setVariable("IMG_AUTH",
198  ilUtil::getImagePath("icon_auth_b.gif"));
199  $tpl->setVariable("TARGET","target=\"_parent\"");
200  $tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
201 
202  $contact_address = $ilias->getSetting("admin_email");
203  $tpl->setVariable
204  (
205  "TXT_ENTER_USERNAME_AND_EMAIL",
206  str_replace
207  (
208  "\\n","<br>",
209  sprintf
210  (
211  $lng->txt("pwassist_enter_email"),
212  "<a href=\"mailto:".$contact_address."\">".$contact_address."</a>"
213  )
214  )
215  );
216  $tpl->setVariable("TXT_USERNAME", $lng->txt("username"));
217  $tpl->setVariable("TXT_EMAIL", $lng->txt("email"));
218  $tpl->setVariable("USERNAME", $username);
219  $tpl->setVariable("EMAIL", htmlentities($email));
220  $tpl->setVariable("TXT_SUBMIT", $lng->txt("submit"));
221  $tpl->setVariable("BACK", $lng->txt("back"));
222  $tpl->setVariable("LINK_BACK",
223  $this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
224  $tpl->setVariable("LANG", $lng->getLangKey());
225 
226  $tpl->show();
227  }
228 
241  function submitAssistanceForm()
242  {
243  global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
244 
245  require_once './Services/User/classes/class.ilObjUser.php';
246  require_once "./Services/Utilities/classes/class.ilUtil.php";
247 
248  // Retrieve form data
249  $username = ilUtil::stripSlashes($_POST["username"]);
250  $email = ilUtil::stripSlashes($_POST["email"]);
251 
252  // Retrieve a user object with matching user name and email address.
253  $userObj = null;
254  $userid = ilObjUser::getUserIdByLogin($username);
255  $txt_key = "pwassist_invalid_username_or_email";
256  if ($userid != 0)
257  {
258  $userObj = new ilObjUser($userid);
259  if (strcasecmp($userObj->getEmail(), $email) != 0)
260  {
261  $userObj = null;
262  }
263  elseif(!strlen($email))
264  {
265  $userObj = null;
266  $txt_key = 'pwassist_no_email_found';
267  }
268  else if ($userObj->getAuthMode(true) != AUTH_LOCAL ||
269  ($userObj->getAuthMode(true) == AUTH_DEFAULT && AUTH_DEFAULT != AUTH_LOCAL))
270  {
271  $userObj = null;
272  $txt_key = "pwassist_invalid_auth_mode";
273  }
274  }
275 
276  // No matching user object found?
277  // Show the password assistance form again, and display an error message.
278  if ($userObj == null)
279  {
280  $this->showAssistanceForm
281  (
282  $lng->txt($txt_key),
283  $username,
284  $email
285  );
286  }
287 
288  // Matching user object found?
289  // Check if the user is permitted to use the password assistance function,
290  // and then send a password assistance mail to the email address.
291  else
292  {
293  // FIXME: Extend this if-statement to check whether the user
294  // has the permission to use the password assistance function.
295  // The anonymous user and users who are system administrators are
296  // not allowed to use this feature
297  if ($rbacreview->isAssigned($userObj->getID, ANONYMOUS_ROLE_ID)
298  || $rbacreview->isAssigned($userObj->getID, SYSTEM_ROLE_ID)
299  )
300  {
301  $this->showAssistanceForm
302  (
303  $lng->txt("pwassist_not_permitted"),
304  $username,
305  $email
306  );
307  }
308  else
309  {
310  $this->sendPasswordAssistanceMail($userObj);
311  $this->showMessageForm
312  (
313  null,
314  sprintf
315  (
316  $lng->txt("pwassist_mail_sent"),
317  $email
318  )
319  );
320  }
321  }
322  }
323 
336  function submitUsernameAssistanceForm()
337  {
338  global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
339 
340  require_once './Services/User/classes/class.ilObjUser.php';
341  require_once "./Services/Utilities/classes/class.ilUtil.php";
342 
343  // Retrieve form data
344  $email = ilUtil::stripSlashes($_POST["email"]);
345 
346  // Retrieve a user object with matching user name and email address.
347  $logins = ilObjUser::_getUserIdsByEmail($email);
348 
349  // No matching user object found?
350  // Show the password assistance form again, and display an error message.
351  if (count($logins)< 1)
352  {
353  $this->showUsernameAssistanceForm
354  (
355  $lng->txt("pwassist_invalid_email"),
356  "",
357  $email
358  );
359  }
360  elseif(!strlen($email))
361  {
362  $this->showUsernameAssistanceForm
363  (
364  $lng->txt("pwassist_invalid_email"),
365  "",
366  $email
367  );
368  }
369 
370  // Matching user object found?
371  // Check if the user is permitted to use the password assistance function,
372  // and then send a password assistance mail to the email address.
373  else
374  {
375  // FIXME: Extend this if-statement to check whether the user
376  // has the permission to use the password assistance function.
377  // The anonymous user and users who are system administrators are
378  // not allowed to use this feature
379  /* if ($rbacreview->isAssigned($userObj->getID, ANONYMOUS_ROLE_ID)
380  || $rbacreview->isAssigned($userObj->getID, SYSTEM_ROLE_ID)
381  )
382  {
383  $this->showAssistanceForm
384  (
385  $lng->txt("pwassist_not_permitted"),
386  $username,
387  $email
388  );
389  }
390  else */
391  {
392  $this->sendUsernameAssistanceMail($email, $logins);
393  $this->showMessageForm
394  (
395  null,
396  sprintf
397  (
398  $lng->txt("pwassist_mail_sent"),
399  $email
400  )
401  );
402  }
403  }
404  }
405 
419  function sendPasswordAssistanceMail($userObj)
420  {
421  global $lng, $ilias;
422 
423  include_once "Services/Mail/classes/class.ilMailbox.php";
424  include_once "Services/Mail/classes/class.ilMimeMail.php";
425 
426  require_once "include/inc.pwassist_session_handler.php";
427 
428 
429  // Check if we need to create a new session
430  $pwassist_session = db_pwassist_session_find($userObj->getId());
431  if (count($pwassist_session) == 0 || $pwassist_session["expires"] < time())
432  {
433  // Create a new session id
434  db_set_save_handler();
435  session_start();
436  $pwassist_session["pwassist_id"] = db_pwassist_create_id();
437  session_destroy();
438  db_pwassist_session_write(
439  $pwassist_session["pwassist_id"],
440  3600,
441  $userObj->getId()
442  );
443  }
444  $protocol = isset($_SERVER['HTTPS'])?"https://":"http://";
445  // Compose the mail
446  $server_url=$protocol.$_SERVER['HTTP_HOST'].
447  substr($_SERVER['PHP_SELF'],0,strrpos($_SERVER['PHP_SELF'],'/')).
448  '/';
449  // XXX - Werner Randelshofer - Insert code here to dynamically get the
450  // the delimiter. For URL's that are sent by e-mail to a user,
451  // it is best to use semicolons as parameter delimiter
452  $delimiter = "&";
453  $pwassist_url=$protocol .$_SERVER['HTTP_HOST']
454  .str_replace("ilias.php", "pwassist.php", $_SERVER['PHP_SELF'])
455  ."?client_id=".$ilias->getClientId()
456  .$delimiter."lang=".$lng->getLangKey()
457  .$delimiter."key=".$pwassist_session["pwassist_id"];
458  $alternative_pwassist_url=$protocol.$_SERVER['HTTP_HOST']
459  .str_replace("ilias.php", "pwassist.php", $_SERVER['PHP_SELF'])
460  ."?client_id=".$ilias->getClientId()
461  .$delimiter."lang=".$lng->getLangKey()
462  .$delimiter."key=".$pwassist_session["pwassist_id"];
463 
464  $contact_address=$ilias->getSetting("admin_email");
465 //echo "<br>-".htmlentities($pwassist_url)."-";
466  $mm = new ilMimeMail();
467  $mm->Subject($lng->txt("pwassist_mail_subject"));
468  $mm->From($contact_address);
469  $mm->To($userObj->getEmail());
470 
471  $mm->Body
472  (
473  str_replace
474  (
475  array("\\n","\\t"),
476  array("\n","\t"),
477  sprintf
478  (
479  $lng->txt("pwassist_mail_body"),
480  $pwassist_url,
481  $server_url,
482  $_SERVER['REMOTE_ADDR'],
483  $userObj->getLogin(),
484  // BEGIN Mail Provide alternative assist URL
485  'mailto:'.$contact_address,
486  $alternative_pwassist_url
487  // END Mail Provide alternative assist URL
488  )
489  )
490  );
491 
492  $mm->Send();
493  }
494 
495 
509  function sendUsernameAssistanceMail($email, $logins)
510  {
511  global $lng, $ilias;
512 
513  include_once "Services/Mail/classes/class.ilMailbox.php";
514  include_once "Services/Mail/classes/class.ilMimeMail.php";
515  require_once "include/inc.pwassist_session_handler.php";
516  $protocol = isset($_SERVER['HTTPS'])?"https://":"http://";
517 
518 
519  // Compose the mail
520  $server_url=$protocol.$_SERVER['HTTP_HOST'].
521  substr($_SERVER['PHP_SELF'],0,strrpos($_SERVER['PHP_SELF'],'/')).
522  '/';
523  $login_url=$server_url."pwassist.php"
524  ."?client_id=".$ilias->getClientId()
525  ."&lang=".$lng->getLangKey();
526 //echo "-".htmlentities($login_url)."-";
527  $contact_address=$ilias->getSetting("admin_email");
528 
529  $mm = new ilMimeMail();
530  $mm->Subject($lng->txt("pwassist_mail_subject"));
531  $mm->From($contact_address);
532  $mm->To($email);
533 
534  $mm->Body
535  (
536  str_replace
537  (
538  array("\\n","\\t"),
539  array("\n","\t"),
540  sprintf
541  (
542  $lng->txt("pwassist_username_mail_body"),
543  join ($logins,",\n"),
544  $server_url,
545  $_SERVER['REMOTE_ADDR'],
546  $email,
547  'mailto:'.$contact_address,
548  $login_url
549  )
550  )
551  );
552 
553  $mm->Send();
554  }
555 
556  /* Assign password form.
557  * This form is used to assign a password to a username.
558  *
559  * To use this form, the following data must be provided as HTTP GET parameter,
560  * or in argument pwassist_id:
561  * key
562  *
563  * The key is used to retrieve the password assistance session.
564  * If the key is missing, or if the password assistance session has expired, the
565  * password assistance form will be shown instead of this form.
566  *
567  * @param message A message to display on the form.
568  * @param username The user name to be shown in the form.
569  * @param password The password1 to be shown in the form.
570  * @param password The password2 to be shown in the form.
571  * @param pwassist_id The session key for the password assistance use case.
572  * If this parameter is omitted, the key is retrieved from
573  * the form data.
574  */
575  function showAssignPasswordForm($message="", $username="", $password1="", $password2="", $pwassist_id="")
576  {
577  global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
578 
579  require_once "include/inc.pwassist_session_handler.php";
580  require_once "./Services/Language/classes/class.ilLanguage.php";
581 
582  // Retrieve form data
583  if ($pwassist_id == "")
584  {
585  $pwassist_id = $_GET["key"];
586  }
587 
588  // Retrieve the session, and check if it is valid
589  $pwassist_session = db_pwassist_session_read($pwassist_id);
590  if (count($pwassist_session) == 0 || $pwassist_session["expires"] < time())
591  {
592  $this->showAssistanceForm($lng->txt("pwassist_session_expired"));
593  }
594  else
595  {
596  $tpl->addBlockFile("CONTENT", "content", "tpl.pwassist_assignpassword.html");
597  if ($message != "")
598  {
599  $tpl->setCurrentBlock("pw_message");
600  $tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
601  $tpl->parseCurrentBlock();
602  }
603 
604  $tpl->setVariable("FORMACTION",
605  $this->ctrl->getFormAction($this));
606  $tpl->setVariable("TARGET","target=\"_parent\"");
607  $tpl->setVariable("IMG_AUTH",
608  ilUtil::getImagePath("icon_auth_b.gif"));
609  $tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
610  $tpl->setVariable("TXT_ENTER_USERNAME_AND_NEW_PASSWORD", $lng->txt("pwassist_enter_username_and_new_password"));
611  $tpl->setVariable("TXT_USERNAME", $lng->txt("username"));
612  $tpl->setVariable("TXT_PASSWORD1", $lng->txt("password"));
613  $tpl->setVariable("TXT_PASSWORD2", $lng->txt("retype_password"));
614  $tpl->setVariable("USERNAME", $username);
615  $tpl->setVariable("PASSWORD1", $password1);
616  $tpl->setVariable("PASSWORD2", $password2);
617  $tpl->setVariable("TXT_SUBMIT", $lng->txt("submit"));
618  $tpl->setVariable("KEY", $pwassist_id);
619  $tpl->setVariable("BACK", $lng->txt("back"));
620  $tpl->setVariable("CMD_BACK",
621  $this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
622  $tpl->setVariable("LANG", $lng->getLangKey());
623 
624  $tpl->show();
625  }
626  }
627 
647  function submitAssignPasswordForm() {
648  global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
649 
650  require_once "include/inc.pwassist_session_handler.php";
651 
652  // Retrieve form data
653  $pwassist_id = ilUtil::stripSlashes($_POST["key"]);
654  $username = ilUtil::stripSlashes($_POST["username"]);
655  $password1 = ilUtil::stripSlashes($_POST["password1"]);
656  $password2 = ilUtil::stripSlashes($_POST["password2"]);
657 
658  // Retrieve the session
659  $pwassist_session = db_pwassist_session_read($pwassist_id);
660 
661  if (count($pwassist_session) == 0 || $pwassist_session["expires"] < time())
662  {
663  $this->showAssistanceForm($lng->txt("pwassist_session_expired"));
664  }
665  else
666  {
667  $is_successful = true;
668  $message = "";
669 
670  $userObj = new ilObjUser($pwassist_session["user_id"]);
671 
672  // Validate the entries of the user
673  // ----------------------------------
674  // check if the user still exists
675  if ($userObj == null)
676  {
677  $message = $lng->txt("user_does_not_exist");
678  $is_successful = false;
679  }
680 
681  // check if the username entered by the user matches the
682  // one of the user object.
683  if ($is_successful && strcasecmp($userObj->getLogin(), $username) != 0)
684  {
685  $message = $lng->txt("pwassist_login_not_match");
686  $is_successful = false;
687  }
688 
689  // check if the user entered the password correctly into the
690  // two entry fields.
691  if ($is_successful && $password1 != $password2)
692  {
693  $message = $lng->txt("passwd_not_match");
694  $is_successful = false;
695  }
696 
697  // validate the password
698  if ($is_successful && !ilUtil::isPassword($password1))
699  {
700  $message = $lng->txt("passwd_invalid");
701  $is_successful = false;
702  }
703 
704  // End of validation
705  // If the validation was successful, we change the password of the
706  // user.
707  // ------------------
708  if ($is_successful)
709  {
710  $is_successful = $userObj->resetPassword($password1,$password2);
711  if (! $is_successful)
712  {
713  $message = $lng->txt("passwd_invalid");
714  }
715  }
716 
717  // If we are successful so far, we update the user object.
718  // ------------------
719  if ($is_successful)
720  {
721  $is_successfull = $userObj->update();
722  if (! $is_successful)
723  {
724  $message = $lng->txt("update_error");
725  }
726  }
727 
728  // If we are successful, we destroy the password assistance
729  // session and redirect to the login page.
730  // Else we display the form again along with an error message.
731  // ------------------
732  if ($is_successful)
733  {
734  db_pwassist_session_destroy($pwassist_id);
735  $this->showMessageForm
736  (
737  null,
738  sprintf
739  (
740  $lng->txt("pwassist_password_assigned"),
741  $username
742  )
743  );
744  }
745  else
746  {
747  $this->showAssignPasswordForm
748  (
749  $message,
750  $username,
751  $password1,
752  $password2,
753  $pwassist_id
754  );
755  }
756  }
757  }
758 
759  /* Message form.
760  * This form is used to show a message to the user.
761  */
762  function showMessageForm($message="", $text="")
763  {
764  global $tpl, $ilias, $lng;
765 
766  if ($message != "")
767  {
768  $tpl->setCurrentBlock("pw_message");
769  $tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
770  $tpl->parseCurrentBlock();
771  }
772 
773  $tpl->addBlockFile("CONTENT", "content", "tpl.pwassist_message.html");
774  $tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
775  $tpl->setVariable("IMG_AUTH",
776  ilUtil::getImagePath("icon_auth_b.gif"));
777  $tpl->setVariable("TXT_TEXT",str_replace("\\n","<br>",$text));
778  $tpl->setVariable("BACK", $lng->txt("back"));
779  $tpl->setVariable("LINK_BACK",
780  $this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
781  $tpl->setVariable("LANG", $lng->getLangKey());
782 
783  $tpl->show();
784  }
785 }
786 
787 ?>