ILIAS  release_4-3 Revision
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilPasswordAssistanceGUI.php
Go to the documentation of this file.
1 <?php
2 
3 /* Copyright (c) 1998-2011 ILIAS open source, Extended GPL, see docs/LICENSE */
4 
5 
14 class ilPasswordAssistanceGUI
15 {
19  function ilPasswordAssistanceGUI()
20  {
21  global $ilCtrl;
22 
23  $this->ctrl =& $ilCtrl;
24  }
25 
29  function &executeCommand()
30  {
31  global $ilias, $lng, $ilSetting, $ilErr, $ilAuth;
32 
33  // check hack attempts
34  if (!$ilSetting->get("password_assistance")) // || AUTH_DEFAULT != AUTH_LOCAL)
35  {
36  if (empty($_SESSION["AccountId"]) and $_SESSION["AccountId"] !== false)
37  {
38  $ilErr->raiseError($lng->txt("permission_denied"),$ilias->error_obj->WARNING);
39  }
40  }
41 
42  // check correct setup
43  if (!$ilSetting->get("setup_ok"))
44  {
45  die("Setup is not completed. Please run setup routine again. (pwassist.php)");
46  }
47 
48  // Change the language, if necessary.
49  // And load the 'pwassist' language module
50  $lang = $_GET['lang'];
51  if ($lang != null && $lang != "" && $lng->getLangKey() != $lang)
52  {
53  $lng = new ilLanguage($lang);
54  }
55  $lng->loadLanguageModule('pwassist');
56 
57  $cmd = $this->ctrl->getCmd();
58  $next_class = $this->ctrl->getNextClass($this);
59 
60  switch($next_class)
61  {
62  default:
63  if ($cmd != "")
64  {
65  return $this->$cmd();
66  }
67  else
68  {
69  if (!empty($_GET["key"])) {
70  $this->showAssignPasswordForm();
71  } else {
72  $this->showAssistanceForm();
73  }
74  }
75  break;
76  }
77 
78  // Logout current session
79  //$ilAuth->logout();
80  //session_destroy();
81 
82  }
83 
84 
85  /* Shows the password assistance form.
86  * This form is used to request a password assistance mail from ILIAS.
87  *
88  * This form contains the following fields:
89  * username
90  * email
91  *
92  * When the user submits the form, then this script is invoked with the cmd
93  * 'submitAssistanceForm'.
94  *
95  * @param message A message to display on the form.
96  * @param username The user name to be shown in the form.
97  * @param email The e-mail to be shown in the form.
98  */
99  function showAssistanceForm($message="", $username="", $email="")
100  {
101  global $tpl, $ilias, $lng;
102 
103  // Create the form
104  $tpl->addBlockFile("CONTENT", "content", "tpl.startup_screen.html", "Services/Init");
105  $tpl->setVariable("HEADER_ICON", ilUtil::getImagePath("HeaderIcon.png"));
106  $tpl->addBlockFile("STARTUP_CONTENT", "startup_content",
107  "tpl.pwassist_assistance.html", "Services/Init");
108 
109  if ($message != "")
110  {
111  $tpl->setCurrentBlock("pw_message");
112  $tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
113  $tpl->parseCurrentBlock();
114  }
115 
116  $tpl->setVariable("FORMACTION",
117  $this->ctrl->getFormAction($this));
118  $tpl->setVariable("TARGET","target=\"_parent\"");
119  $tpl->setVariable("IMG_AUTH",
120  ilUtil::getImagePath("icon_auth_b.png"));
121  $tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
122 
123  $contact_address = $ilias->getSetting("admin_email");
124  $tpl->setVariable
125  (
126  "TXT_ENTER_USERNAME_AND_EMAIL",
127  str_replace
128  (
129  "\\n","<br>",
130  sprintf
131  (
132  $lng->txt("pwassist_enter_username_and_email"),
133  "<a href=\"mailto:".$contact_address."\">".$contact_address."</a>"
134  )
135  )
136  );
137  $tpl->setVariable("TXT_USERNAME", $lng->txt("username"));
138  $tpl->setVariable("TXT_EMAIL", $lng->txt("email"));
139  $tpl->setVariable("USERNAME", ilUtil::prepareFormOutput($username));
140  $tpl->setVariable("EMAIL", ilUtil::prepareFormOutput($email));
141  $tpl->setVariable("TXT_SUBMIT", $lng->txt("submit"));
142  $tpl->setVariable("BACK", $lng->txt("back"));
143  $tpl->setVariable("LINK_BACK",
144  $this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
145  $tpl->setVariable("LANG", $lng->getLangKey());
146 
147  $tpl->show();
148  }
149 
150 
151  /* Shows the password assistance form.
152  * This form is used to request a password assistance mail from ILIAS.
153  *
154  * This form contains the following fields:
155  * username
156  * email
157  *
158  * When the user submits the form, then this script is invoked with the cmd
159  * 'submitAssistanceForm'.
160  *
161  * @param message A message to display on the form.
162  * @param username The user name to be shown in the form.
163  * @param email The e-mail to be shown in the form.
164  */
165  function showUsernameAssistanceForm($message="", $username="", $email="")
166  {
167  global $tpl, $ilias, $lng;
168 
169  // Create the form
170  $tpl->addBlockFile("CONTENT", "content", "tpl.startup_screen.html", "Services/Init");
171  $tpl->setVariable("HEADER_ICON", ilUtil::getImagePath("HeaderIcon.png"));
172  $tpl->addBlockFile("STARTUP_CONTENT", "startup_content",
173  "tpl.pwassist_username_assistance.html", "Services/Init");
174 
175 
176  if ($message != "")
177  {
178  $tpl->setCurrentBlock("pw_message");
179  $tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
180  $tpl->parseCurrentBlock();
181  }
182 
183  $tpl->setVariable("FORMACTION",
184  $this->ctrl->getFormAction($this));
185  $tpl->setVariable("IMG_AUTH",
186  ilUtil::getImagePath("icon_auth_b.png"));
187  $tpl->setVariable("TARGET","target=\"_parent\"");
188  $tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
189 
190  $contact_address = $ilias->getSetting("admin_email");
191  $tpl->setVariable
192  (
193  "TXT_ENTER_USERNAME_AND_EMAIL",
194  str_replace
195  (
196  "\\n","<br>",
197  sprintf
198  (
199  $lng->txt("pwassist_enter_email"),
200  "<a href=\"mailto:".$contact_address."\">".$contact_address."</a>"
201  )
202  )
203  );
204  $tpl->setVariable("TXT_USERNAME", $lng->txt("username"));
205  $tpl->setVariable("TXT_EMAIL", $lng->txt("email"));
206  $tpl->setVariable("USERNAME", ilUtil::prepareFormOutput($username));
207  $tpl->setVariable("EMAIL", ilUtil::prepareFormOutput($email));
208  $tpl->setVariable("TXT_SUBMIT", $lng->txt("submit"));
209  $tpl->setVariable("BACK", $lng->txt("back"));
210  $tpl->setVariable("LINK_BACK",
211  $this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
212  $tpl->setVariable("LANG", $lng->getLangKey());
213 
214  $tpl->show();
215  }
216 
229  function submitAssistanceForm()
230  {
231  global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
232 
233  require_once './Services/User/classes/class.ilObjUser.php';
234  require_once "./Services/Utilities/classes/class.ilUtil.php";
235 
236  // Retrieve form data
237  $username = ilUtil::stripSlashes($_POST["username"]);
238  $email = ilUtil::stripSlashes($_POST["email"]);
239 
240  // Retrieve a user object with matching user name and email address.
241  $userObj = null;
242  $userid = ilObjUser::getUserIdByLogin($username);
243  $txt_key = "pwassist_invalid_username_or_email";
244  if ($userid != 0)
245  {
246  $userObj = new ilObjUser($userid);
247  if (strcasecmp($userObj->getEmail(), $email) != 0)
248  {
249  $userObj = null;
250  }
251  elseif(!strlen($email))
252  {
253  $userObj = null;
254  $txt_key = 'pwassist_no_email_found';
255  }
256  else if ($userObj->getAuthMode(true) != AUTH_LOCAL ||
257  ($userObj->getAuthMode(true) == AUTH_DEFAULT && AUTH_DEFAULT != AUTH_LOCAL))
258  {
259  $userObj = null;
260  $txt_key = "pwassist_invalid_auth_mode";
261  }
262  }
263 
264  // No matching user object found?
265  // Show the password assistance form again, and display an error message.
266  if ($userObj == null)
267  {
268  $this->showAssistanceForm
269  (
270  $lng->txt($txt_key),
271  $username,
272  $email
273  );
274  }
275 
276  // Matching user object found?
277  // Check if the user is permitted to use the password assistance function,
278  // and then send a password assistance mail to the email address.
279  else
280  {
281  // FIXME: Extend this if-statement to check whether the user
282  // has the permission to use the password assistance function.
283  // The anonymous user and users who are system administrators are
284  // not allowed to use this feature
285  if ($rbacreview->isAssigned($userObj->getID, ANONYMOUS_ROLE_ID)
286  || $rbacreview->isAssigned($userObj->getID, SYSTEM_ROLE_ID)
287  )
288  {
289  $this->showAssistanceForm
290  (
291  $lng->txt("pwassist_not_permitted"),
292  $username,
293  $email
294  );
295  }
296  else
297  {
298  $this->sendPasswordAssistanceMail($userObj);
299  $this->showMessageForm
300  (
301  null,
302  sprintf
303  (
304  $lng->txt("pwassist_mail_sent"),
305  $email
306  )
307  );
308  }
309  }
310  }
311 
324  function submitUsernameAssistanceForm()
325  {
326  global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
327 
328  require_once './Services/User/classes/class.ilObjUser.php';
329  require_once "./Services/Utilities/classes/class.ilUtil.php";
330 
331  // Retrieve form data
332  $email = ilUtil::stripSlashes($_POST["email"]);
333 
334  // Retrieve a user object with matching user name and email address.
335  $logins = ilObjUser::_getUserIdsByEmail($email);
336 
337  // No matching user object found?
338  // Show the password assistance form again, and display an error message.
339  if (count($logins)< 1)
340  {
341  $this->showUsernameAssistanceForm
342  (
343  $lng->txt("pwassist_invalid_email"),
344  "",
345  $email
346  );
347  }
348  elseif(!strlen($email))
349  {
350  $this->showUsernameAssistanceForm
351  (
352  $lng->txt("pwassist_invalid_email"),
353  "",
354  $email
355  );
356  }
357 
358  // Matching user object found?
359  // Check if the user is permitted to use the password assistance function,
360  // and then send a password assistance mail to the email address.
361  else
362  {
363  // FIXME: Extend this if-statement to check whether the user
364  // has the permission to use the password assistance function.
365  // The anonymous user and users who are system administrators are
366  // not allowed to use this feature
367  /* if ($rbacreview->isAssigned($userObj->getID, ANONYMOUS_ROLE_ID)
368  || $rbacreview->isAssigned($userObj->getID, SYSTEM_ROLE_ID)
369  )
370  {
371  $this->showAssistanceForm
372  (
373  $lng->txt("pwassist_not_permitted"),
374  $username,
375  $email
376  );
377  }
378  else */
379  {
380  $this->sendUsernameAssistanceMail($email, $logins);
381  $this->showMessageForm
382  (
383  null,
384  sprintf
385  (
386  $lng->txt("pwassist_mail_sent"),
387  $email
388  )
389  );
390  }
391  }
392  }
393 
407  function sendPasswordAssistanceMail($userObj)
408  {
409  global $lng, $ilias;
410 
411  include_once "Services/Mail/classes/class.ilMailbox.php";
412  include_once "Services/Mail/classes/class.ilMimeMail.php";
413 
414  require_once "include/inc.pwassist_session_handler.php";
415 
416 
417  // Check if we need to create a new session
418  $pwassist_session = db_pwassist_session_find($userObj->getId());
419  if (count($pwassist_session) == 0 || $pwassist_session["expires"] < time() || true)
420  {
421  // Create a new session id
422 
423  // #9700 - this didn't do anything before?!
424  // db_set_save_handler();
425 
426  session_start();
427  $pwassist_session["pwassist_id"] = db_pwassist_create_id();
428  session_destroy();
429  db_pwassist_session_write(
430  $pwassist_session["pwassist_id"],
431  3600,
432  $userObj->getId()
433  );
434  }
435  $protocol = isset($_SERVER['HTTPS'])?"https://":"http://";
436  // Compose the mail
437  $server_url=$protocol.$_SERVER['HTTP_HOST'].
438  substr($_SERVER['PHP_SELF'],0,strrpos($_SERVER['PHP_SELF'],'/')).
439  '/';
440  // XXX - Werner Randelshofer - Insert code here to dynamically get the
441  // the delimiter. For URL's that are sent by e-mail to a user,
442  // it is best to use semicolons as parameter delimiter
443  $delimiter = "&";
444  $pwassist_url=$protocol .$_SERVER['HTTP_HOST']
445  .str_replace("ilias.php", "pwassist.php", $_SERVER['PHP_SELF'])
446  ."?client_id=".$ilias->getClientId()
447  .$delimiter."lang=".$lng->getLangKey()
448  .$delimiter."key=".$pwassist_session["pwassist_id"];
449  $alternative_pwassist_url=$protocol.$_SERVER['HTTP_HOST']
450  .str_replace("ilias.php", "pwassist.php", $_SERVER['PHP_SELF'])
451  ."?client_id=".$ilias->getClientId()
452  .$delimiter."lang=".$lng->getLangKey()
453  .$delimiter."key=".$pwassist_session["pwassist_id"];
454 
455  $contact_address=$ilias->getSetting("admin_email");
456 //echo "<br>-".htmlentities($pwassist_url)."-";
457  $mm = new ilMimeMail();
458  $mm->Subject($lng->txt("pwassist_mail_subject"));
459  $mm->From($contact_address);
460  $mm->To($userObj->getEmail());
461 
462  $mm->Body
463  (
464  str_replace
465  (
466  array("\\n","\\t"),
467  array("\n","\t"),
468  sprintf
469  (
470  $lng->txt("pwassist_mail_body"),
471  $pwassist_url,
472  $server_url,
473  $_SERVER['REMOTE_ADDR'],
474  $userObj->getLogin(),
475  // BEGIN Mail Provide alternative assist URL
476  'mailto:'.$contact_address,
477  $alternative_pwassist_url
478  // END Mail Provide alternative assist URL
479  )
480  )
481  );
482 
483  $mm->Send();
484  }
485 
486 
500  function sendUsernameAssistanceMail($email, $logins)
501  {
502  global $lng, $ilias;
503 
504  include_once "Services/Mail/classes/class.ilMailbox.php";
505  include_once "Services/Mail/classes/class.ilMimeMail.php";
506  require_once "include/inc.pwassist_session_handler.php";
507  $protocol = isset($_SERVER['HTTPS'])?"https://":"http://";
508 
509 
510  // Compose the mail
511  $server_url=$protocol.$_SERVER['HTTP_HOST'].
512  substr($_SERVER['PHP_SELF'],0,strrpos($_SERVER['PHP_SELF'],'/')).
513  '/';
514  $login_url=$server_url."pwassist.php"
515  ."?client_id=".$ilias->getClientId()
516  ."&lang=".$lng->getLangKey();
517 //echo "-".htmlentities($login_url)."-";
518  $contact_address=$ilias->getSetting("admin_email");
519 
520  $mm = new ilMimeMail();
521  $mm->Subject($lng->txt("pwassist_mail_subject"));
522  $mm->From($contact_address);
523  $mm->To($email);
524 
525  $mm->Body
526  (
527  str_replace
528  (
529  array("\\n","\\t"),
530  array("\n","\t"),
531  sprintf
532  (
533  $lng->txt("pwassist_username_mail_body"),
534  join ($logins,",\n"),
535  $server_url,
536  $_SERVER['REMOTE_ADDR'],
537  $email,
538  'mailto:'.$contact_address,
539  $login_url
540  )
541  )
542  );
543 
544  $mm->Send();
545  }
546 
547  /* Assign password form.
548  * This form is used to assign a password to a username.
549  *
550  * To use this form, the following data must be provided as HTTP GET parameter,
551  * or in argument pwassist_id:
552  * key
553  *
554  * The key is used to retrieve the password assistance session.
555  * If the key is missing, or if the password assistance session has expired, the
556  * password assistance form will be shown instead of this form.
557  *
558  * @param message A message to display on the form.
559  * @param username The user name to be shown in the form.
560  * @param password The password1 to be shown in the form.
561  * @param password The password2 to be shown in the form.
562  * @param pwassist_id The session key for the password assistance use case.
563  * If this parameter is omitted, the key is retrieved from
564  * the form data.
565  */
566  function showAssignPasswordForm($message="", $username="", $password1="", $password2="", $pwassist_id="")
567  {
568  global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
569 
570  require_once "include/inc.pwassist_session_handler.php";
571  require_once "./Services/Language/classes/class.ilLanguage.php";
572 
573  // Retrieve form data
574  if ($pwassist_id == "")
575  {
576  $pwassist_id = $_GET["key"];
577  }
578 
579  // Retrieve the session, and check if it is valid
580  $pwassist_session = db_pwassist_session_read($pwassist_id);
581  if (count($pwassist_session) == 0 || $pwassist_session["expires"] < time())
582  {
583  $this->showAssistanceForm($lng->txt("pwassist_session_expired"));
584  }
585  else
586  {
587  $tpl->addBlockFile("CONTENT", "content", "tpl.startup_screen.html", "Services/Init");
588  $tpl->setVariable("HEADER_ICON", ilUtil::getImagePath("HeaderIcon.png"));
589  $tpl->addBlockFile("STARTUP_CONTENT", "startup_content",
590  "tpl.pwassist_assignpassword.html", "Services/Init");
591 
592 
593  if ($message != "")
594  {
595  $tpl->setCurrentBlock("pw_message");
596  $tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
597  $tpl->parseCurrentBlock();
598  }
599 
600  $tpl->setVariable("FORMACTION",
601  $this->ctrl->getFormAction($this));
602  $tpl->setVariable("TARGET","target=\"_parent\"");
603  $tpl->setVariable("IMG_AUTH",
604  ilUtil::getImagePath("icon_auth_b.png"));
605  $tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
606  $tpl->setVariable("TXT_ENTER_USERNAME_AND_NEW_PASSWORD", $lng->txt("pwassist_enter_username_and_new_password"));
607  $tpl->setVariable("TXT_USERNAME", $lng->txt("username"));
608  $tpl->setVariable("TXT_PASSWORD1", $lng->txt("password"));
609  $tpl->setVariable("TXT_PASSWORD2", $lng->txt("retype_password"));
610  $tpl->setVariable("USERNAME", ilUtil::prepareFormOutput($username));
611  $tpl->setVariable("PASSWORD1", ilUtil::prepareFormOutput($password1));
612  $tpl->setVariable("PASSWORD2", ilUtil::prepareFormOutput($password2));
613  $tpl->setVariable("TXT_SUBMIT", $lng->txt("submit"));
614  $tpl->setVariable("KEY", $pwassist_id);
615  $tpl->setVariable("BACK", $lng->txt("back"));
616  $tpl->setVariable("CMD_BACK",
617  $this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
618  $tpl->setVariable("LANG", $lng->getLangKey());
619 
620  $tpl->show();
621  }
622  }
623 
643  function submitAssignPasswordForm() {
644  global $tpl, $ilias, $lng, $rbacadmin, $rbacreview;
645 
646  require_once "include/inc.pwassist_session_handler.php";
647 
648  // Retrieve form data
649  $pwassist_id = ilUtil::stripSlashes($_POST["key"]);
650  $username = ilUtil::stripSlashes($_POST["username"]);
651  $password1 = ilUtil::stripSlashes($_POST["password1"]);
652  $password2 = ilUtil::stripSlashes($_POST["password2"]);
653 
654  // Retrieve the session
655  $pwassist_session = db_pwassist_session_read($pwassist_id);
656 
657  if (count($pwassist_session) == 0 || $pwassist_session["expires"] < time())
658  {
659  $this->showAssistanceForm($lng->txt("pwassist_session_expired"));
660  }
661  else
662  {
663  $is_successful = true;
664  $message = "";
665 
666  $userObj = new ilObjUser($pwassist_session["user_id"]);
667 
668  // Validate the entries of the user
669  // ----------------------------------
670  // check if the user still exists
671  if ($userObj == null)
672  {
673  $message = $lng->txt("user_does_not_exist");
674  $is_successful = false;
675  }
676 
677  // check if the username entered by the user matches the
678  // one of the user object.
679  if ($is_successful && strcasecmp($userObj->getLogin(), $username) != 0)
680  {
681  $message = $lng->txt("pwassist_login_not_match");
682  $is_successful = false;
683  }
684 
685  // check if the user entered the password correctly into the
686  // two entry fields.
687  if ($is_successful && $password1 != $password2)
688  {
689  $message = $lng->txt("passwd_not_match");
690  $is_successful = false;
691  }
692 
693  // validate the password
694  if ($is_successful && !ilUtil::isPassword($password1))
695  {
696  $message = $lng->txt("passwd_invalid");
697  $is_successful = false;
698  }
699 
700  // End of validation
701  // If the validation was successful, we change the password of the
702  // user.
703  // ------------------
704  if ($is_successful)
705  {
706  $is_successful = $userObj->resetPassword($password1,$password2);
707  if (! $is_successful)
708  {
709  $message = $lng->txt("passwd_invalid");
710  }
711  }
712 
713  // If we are successful so far, we update the user object.
714  // ------------------
715  if ($is_successful)
716  {
717  $is_successfull = $userObj->update();
718  if (! $is_successful)
719  {
720  $message = $lng->txt("update_error");
721  }
722  }
723 
724  // If we are successful, we destroy the password assistance
725  // session and redirect to the login page.
726  // Else we display the form again along with an error message.
727  // ------------------
728  if ($is_successful)
729  {
730  db_pwassist_session_destroy($pwassist_id);
731  $this->showMessageForm
732  (
733  null,
734  sprintf
735  (
736  $lng->txt("pwassist_password_assigned"),
737  $username
738  )
739  );
740  }
741  else
742  {
743  $this->showAssignPasswordForm
744  (
745  $message,
746  $username,
747  $password1,
748  $password2,
749  $pwassist_id
750  );
751  }
752  }
753  }
754 
755  /* Message form.
756  * This form is used to show a message to the user.
757  */
758  function showMessageForm($message="", $text="")
759  {
760  global $tpl, $ilias, $lng;
761 
762  if ($message != "")
763  {
764  $tpl->setCurrentBlock("pw_message");
765  $tpl->setVariable("TXT_MESSAGE", str_replace("\\n","<br>",$message));
766  $tpl->parseCurrentBlock();
767  }
768 
769  $tpl->addBlockFile("CONTENT", "content", "tpl.startup_screen.html", "Services/Init");
770  $tpl->setVariable("HEADER_ICON", ilUtil::getImagePath("HeaderIcon.png"));
771  $tpl->addBlockFile("STARTUP_CONTENT", "startup_content",
772  "tpl.pwassist_message.html", "Services/Init");
773 
774  $tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("password_assistance"));
775  $tpl->setVariable("IMG_AUTH",
776  ilUtil::getImagePath("icon_auth_b.png"));
777  $tpl->setVariable("TXT_TEXT",str_replace("\\n","<br>",$text));
778  $tpl->setVariable("BACK", $lng->txt("back"));
779  $tpl->setVariable("LINK_BACK",
780  $this->ctrl->getLinkTargetByClass("ilstartupgui", "showLogin"));
781  $tpl->setVariable("LANG", $lng->getLangKey());
782 
783  $tpl->show();
784  }
785 }
786 
787 ?>