ILIAS  release_4-4 Revision
Public Member Functions | Protected Member Functions | Protected Attributes
ilPasswordAssistanceGUI Class Reference
Services/Init

Password assistance facility for users who have forgotten their password or for users for whom no password has been assigned yet. More...

+ Collaboration diagram for ilPasswordAssistanceGUI:

Public Member Functions

 executeCommand ()
 
 showAssistanceForm (ilPropertyFormGUI $form=null)
 
 submitAssistanceForm ()
 Reads the submitted data from the password assistance form. More...
 
 sendPasswordAssistanceMail (ilObjUser $userObj)
 Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user. More...
 
 showAssignPasswordForm (ilPropertyFormGUI $form=null, $pwassist_id='')
 Assign password form. More...
 
 submitAssignPasswordForm ()
 Reads the submitted data from the password assistance form. More...
 
 showUsernameAssistanceForm (ilPropertyFormGUI $form=null)
 Shows the password assistance form. More...
 
 submitUsernameAssistanceForm ()
 Reads the submitted data from the password assistance form. More...
 
 sendUsernameAssistanceMail ($email, array $logins)
 Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user. More...
 
 showMessageForm ($text)
 This form is used to show a message to the user. More...
 

Protected Member Functions

 getAssistanceForm ()
 
 getAssignPasswordForm ($pwassist_id)
 
 getUsernameAssistanceForm ()
 

Protected Attributes

 $ctrl
 
 $lng
 
 $rbacreview
 
 $tpl
 
 $settings
 
 $ilias
 
 $https
 

Detailed Description

Password assistance facility for users who have forgotten their password or for users for whom no password has been assigned yet.

Author
Werner Randelshofer wrand.nosp@m.els@.nosp@m.hsw.f.nosp@m.hz.c.nosp@m.h
Michael Jansen mjans.nosp@m.en@d.nosp@m.ataba.nosp@m.y.de
Version
$Id$

Definition at line 12 of file class.ilPasswordAssistanceGUI.php.

Member Function Documentation

◆ executeCommand()

ilPasswordAssistanceGUI::executeCommand ( )
Returns
mixed

Definition at line 77 of file class.ilPasswordAssistanceGUI.php.

References $_GET, $_SESSION, $cmd, $lang, $lng, showAssignPasswordForm(), and showAssistanceForm().

78  {
79  // check hack attempts
80  if(!$this->settings->get('password_assistance')) // || AUTH_DEFAULT != AUTH_LOCAL)
81  {
82  if(empty($_SESSION['AccountId']) && $_SESSION['AccountId'] !== false)
83  {
84  $this->ilias->error_obj->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->WARNING);
85  }
86  }
87 
88  // check correct setup
89  if(!$this->settings->get('setup_ok'))
90  {
91  die('Setup is not completed. Please run setup routine again.');
92  }
93 
94  // Change the language, if necessary.
95  // And load the 'pwassist' language module
96  $lang = $_GET['lang'];
97  if($lang != null && $lang != '' && $this->lng->getLangKey() != $lang)
98  {
99  $lng = new ilLanguage($lang);
100  }
101  $this->lng->loadLanguageModule('pwassist');
102 
103  $cmd = $this->ctrl->getCmd();
104  $next_class = $this->ctrl->getNextClass($this);
105 
106  switch($next_class)
107  {
108  default:
109  if($cmd != '')
110  {
111  return $this->$cmd();
112  }
113  else
114  {
115  if(!empty($_GET['key']))
116  {
117  $this->showAssignPasswordForm();
118  }
119  else
120  {
121  $this->showAssistanceForm();
122  }
123  }
124  break;
125  }
126  }
$_SESSION
< a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false">< img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0"/></a >< br/>< strong > Enter Code *if($_SERVER['REQUEST_METHOD']=='POST' &&@ $_POST['do']=='contact') $_SESSION['ctform']['success']
Definition: example_form.php:192
$lang
$lang
Definition: inc.setup_header.php:117
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$cmd
$cmd
Definition: sahs_server.php:35
ilPasswordAssistanceGUI\showAssignPasswordForm
showAssignPasswordForm(ilPropertyFormGUI $form=null, $pwassist_id='')
Assign password form.
Definition: class.ilPasswordAssistanceGUI.php:389
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilPasswordAssistanceGUI\showAssistanceForm
showAssistanceForm(ilPropertyFormGUI $form=null)
Definition: class.ilPasswordAssistanceGUI.php:155
ilLanguage
language handling
Definition: class.ilLanguage.php:26
+ Here is the call graph for this function:

◆ getAssignPasswordForm()

ilPasswordAssistanceGUI::getAssignPasswordForm (   $pwassist_id)
protected
Parameters
string$pwassist_id
Returns
ilPropertyFormGUI

Definition at line 352 of file class.ilPasswordAssistanceGUI.php.

References ilFormPropertyGUI\setRequired().

Referenced by showAssignPasswordForm(), and submitAssignPasswordForm().

353  {
354  require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
355  $form = new ilPropertyFormGUI();
356 
357  $form->setFormAction($this->ctrl->getFormAction($this, 'submitAssignPasswordForm'));
358  $form->setTarget('_parent');
359 
360  $username = new ilTextInputGUI($this->lng->txt('username'), 'username');
361  $username->setRequired(true);
362  $form->addItem($username);
363 
364  $password = new ilPasswordInputGUI($this->lng->txt('password'), 'password');
365  $password->setRequired(true);
366  $form->addItem($password);
367 
368  $key = new ilHiddenInputGUI('key');
369  $key->setValue($pwassist_id);
370  $form->addItem($key);
371 
372  $form->addCommandButton('submitAssignPasswordForm', $this->lng->txt('submit'));
373 
374  return $form;
375  }
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:32
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilPasswordInputGUI
This class represents a password property in a property form.
Definition: class.ilPasswordInputGUI.php:11
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:171
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssistanceForm()

ilPasswordAssistanceGUI::getAssistanceForm ( )
protected
Returns
ilPropertyFormGUI

Definition at line 131 of file class.ilPasswordAssistanceGUI.php.

References ilFormPropertyGUI\setRequired().

Referenced by showAssistanceForm(), and submitAssistanceForm().

132  {
133  require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
134  $form = new ilPropertyFormGUI();
135 
136  $form->setFormAction($this->ctrl->getFormAction($this, 'submitAssistanceForm'));
137  $form->setTarget('_parent');
138 
139  $username = new ilTextInputGUI($this->lng->txt('username'), 'username');
140  $username->setRequired(true);
141  $form->addItem($username);
142 
143  $email = new ilTextInputGUI($this->lng->txt('email'), 'email');
144  $email->setRequired(true);
145  $form->addItem($email);
146 
147  $form->addCommandButton('submitAssistanceForm', $this->lng->txt('submit'));
148 
149  return $form;
150  }
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:171
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getUsernameAssistanceForm()

ilPasswordAssistanceGUI::getUsernameAssistanceForm ( )
protected
Returns
ilPropertyFormGUI

Definition at line 543 of file class.ilPasswordAssistanceGUI.php.

References ilFormPropertyGUI\setRequired().

Referenced by showUsernameAssistanceForm(), and submitUsernameAssistanceForm().

544  {
545  require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
546  $form = new ilPropertyFormGUI();
547 
548  $form->setFormAction($this->ctrl->getFormAction($this, 'submitUsernameAssistanceForm'));
549  $form->setTarget('_parent');
550 
551  $email = new ilTextInputGUI($this->lng->txt('email'), 'email');
552  $email->setRequired(true);
553  $form->addItem($email);
554 
555  $form->addCommandButton('submitUsernameAssistanceForm', $this->lng->txt('submit'));
556 
557  return $form;
558  }
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:171
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ sendPasswordAssistanceMail()

ilPasswordAssistanceGUI::sendPasswordAssistanceMail ( ilObjUser  $userObj)

Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user.

Note: To prevent DOS attacks, a new session is created only, if no session exists, or if the existing session has been expired. The password assistance mail contains an URL, which points to this script and contains the following URL parameters: client_id key

Parameters
$userObjilObjUser

Definition at line 277 of file class.ilPasswordAssistanceGUI.php.

References db_pwassist_create_id(), db_pwassist_session_find(), db_pwassist_session_write(), ilObjUser\getEmail(), ilObject\getId(), and ilObjUser\getLogin().

Referenced by submitAssistanceForm().

278  {
279  require_once 'Services/Mail/classes/class.ilMailbox.php';
280  require_once 'Services/Mail/classes/class.ilMimeMail.php';
281  require_once 'include/inc.pwassist_session_handler.php';
282 
283  // Check if we need to create a new session
284  $pwassist_session = db_pwassist_session_find($userObj->getId());
285  if(
286  count($pwassist_session) == 0 ||
287  $pwassist_session['expires'] < time() ||
288  true // comment by mjansen: wtf? :-)
289  )
290  {
291  // Create a new session id
292  // #9700 - this didn't do anything before?!
293  // db_set_save_handler();
294  session_start();
295  $pwassist_session['pwassist_id'] = db_pwassist_create_id();
296  session_destroy();
297  db_pwassist_session_write(
298  $pwassist_session['pwassist_id'],
299  3600,
300  $userObj->getId()
301  );
302  }
303  $protocol = $this->https->isDetected() ? 'https://' : 'http://';
304  // Compose the mail
305  $server_url = $protocol . $_SERVER['HTTP_HOST'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')) . '/';
306  // XXX - Werner Randelshofer - Insert code here to dynamically get the
307  // the delimiter. For URL's that are sent by e-mail to a user,
308  // it is best to use semicolons as parameter delimiter
309  $delimiter = '&';
310  $pwassist_url = $protocol . $_SERVER['HTTP_HOST']
311  . str_replace('ilias.php', 'pwassist.php', $_SERVER['PHP_SELF'])
312  . '?client_id=' . $this->ilias->getClientId()
313  . $delimiter . 'lang=' . $this->lng->getLangKey()
314  . $delimiter . 'key=' . $pwassist_session['pwassist_id'];
315  $alternative_pwassist_url = $protocol . $_SERVER['HTTP_HOST']
316  . str_replace('ilias.php', 'pwassist.php', $_SERVER['PHP_SELF'])
317  . '?client_id=' . $this->ilias->getClientId()
318  . $delimiter . 'lang=' . $this->lng->getLangKey()
319  . $delimiter . 'key=' . $pwassist_session['pwassist_id'];
320 
321  $contact_address = $this->settings->get('admin_email');
322 
323  $mm = new ilMimeMail();
324  $mm->Subject($this->lng->txt('pwassist_mail_subject'));
325  $mm->From($contact_address);
326  $mm->To($userObj->getEmail());
327  $mm->Body
328  (
329  str_replace
330  (
331  array("\\n", "\\t"),
332  array("\n", "\t"),
333  sprintf
334  (
335  $this->lng->txt('pwassist_mail_body'),
336  $pwassist_url,
337  $server_url,
338  $_SERVER['REMOTE_ADDR'],
339  $userObj->getLogin(),
340  'mailto:' . $contact_address,
341  $alternative_pwassist_url
342  )
343  )
344  );
345  $mm->Send();
346  }
ilObjUser\getLogin
getLogin()
get login / username public
Definition: class.ilObjUser.php:1546
db_pwassist_create_id
db_pwassist_create_id()
Definition: inc.pwassist_session_handler.php:67
ilObjUser\getEmail
getEmail()
get email address public
Definition: class.ilObjUser.php:1945
db_pwassist_session_find
db_pwassist_session_find($user_id)
Definition: inc.pwassist_session_handler.php:106
ilMimeMail
this class encapsulates the PHP mail() function.
Definition: class.ilMimeMail.php:26
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:295
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
db_pwassist_session_write
db_pwassist_session_write($pwassist_id, $maxlifetime, $user_id)
Writes serialized session data to the database.
Definition: inc.pwassist_session_handler.php:125
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ sendUsernameAssistanceMail()

ilPasswordAssistanceGUI::sendUsernameAssistanceMail (   $email,
array  $logins 
)

Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user.

Note: To prevent DOS attacks, a new session is created only, if no session exists, or if the existing session has been expired. The password assistance mail contains an URL, which points to this script and contains the following URL parameters: client_id key

Parameters
$email
$logins

Definition at line 677 of file class.ilPasswordAssistanceGUI.php.

Referenced by submitUsernameAssistanceForm().

678  {
679  require_once 'Services/Mail/classes/class.ilMailbox.php';
680  require_once 'Services/Mail/classes/class.ilMimeMail.php';
681  require_once 'include/inc.pwassist_session_handler.php';
682 
683  $protocol = $this->https->isDetected() ? 'https://' : 'http://';
684 
685  $server_url = $protocol . $_SERVER['HTTP_HOST'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')) . '/';
686  $login_url = $server_url . 'pwassist.php' . '?client_id=' . $this->ilias->getClientId() . '&lang=' . $this->lng->getLangKey();
687  $contact_address = $this->settings->get('admin_email');
688 
689  $mm = new ilMimeMail();
690  $mm->Subject($this->lng->txt('pwassist_mail_subject'));
691  $mm->From($contact_address);
692  $mm->To($email);
693  $mm->Body
694  (
695  str_replace
696  (
697  array("\\n", "\\t"),
698  array("\n", "\t"),
699  sprintf
700  (
701  $this->lng->txt('pwassist_username_mail_body'),
702  join($logins, ",\n"),
703  $server_url,
704  $_SERVER['REMOTE_ADDR'],
705  $email,
706  'mailto:' . $contact_address,
707  $login_url
708  )
709  )
710  );
711  $mm->Send();
712  }
ilMimeMail
this class encapsulates the PHP mail() function.
Definition: class.ilMimeMail.php:26
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
+ Here is the caller graph for this function:

◆ showAssignPasswordForm()

ilPasswordAssistanceGUI::showAssignPasswordForm ( ilPropertyFormGUI  $form = null,
  $pwassist_id = '' 
)

Assign password form.

This form is used to assign a password to a username. To use this form, the following data must be provided as HTTP GET parameter, or in argument pwassist_id: key The key is used to retrieve the password assistance session. If the key is missing, or if the password assistance session has expired, the password assistance form will be shown instead of this form.

Parameters
ilPropertyFormGUI$form
string$pwassist_id

Definition at line 389 of file class.ilPasswordAssistanceGUI.php.

References $_GET, db_pwassist_session_read(), getAssignPasswordForm(), ilUtil\getImagePath(), and showAssistanceForm().

Referenced by executeCommand(), and submitAssignPasswordForm().

390  {
391  require_once 'include/inc.pwassist_session_handler.php';
392  require_once 'Services/Language/classes/class.ilLanguage.php';
393 
394  // Retrieve form data
395  if(!$pwassist_id)
396  {
397  $pwassist_id = $_GET['key'];
398  }
399 
400  // Retrieve the session, and check if it is valid
401  $pwassist_session = db_pwassist_session_read($pwassist_id);
402  if(
403  count($pwassist_session) == 0 ||
404  $pwassist_session['expires'] < time()
405  )
406  {
407  $this->showAssistanceForm(null, $this->lng->txt('pwassist_session_expired'));
408  }
409  else
410  {
411  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_assignpassword.html', true);
412  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth_b.png'));
413  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
414 
415  $this->tpl->setVariable('TXT_ENTER_USERNAME_AND_NEW_PASSWORD', $this->lng->txt('pwassist_enter_username_and_new_password'));
416 
417  if(!$form)
418  {
419  $form = $this->getAssignPasswordForm($pwassist_id);
420  }
421  $this->tpl->setVariable('FORM', $form->getHTML());
422  $this->tpl->show();
423  }
424  }
db_pwassist_session_read
db_pwassist_session_read($pwassist_id)
Definition: inc.pwassist_session_handler.php:86
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:107
ilPasswordAssistanceGUI\showAssistanceForm
showAssistanceForm(ilPropertyFormGUI $form=null)
Definition: class.ilPasswordAssistanceGUI.php:155
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ showAssistanceForm()

ilPasswordAssistanceGUI::showAssistanceForm ( ilPropertyFormGUI  $form = null)
Parameters
ilPropertyFormGUI$form

Definition at line 155 of file class.ilPasswordAssistanceGUI.php.

References getAssistanceForm(), and ilUtil\getImagePath().

Referenced by executeCommand(), showAssignPasswordForm(), submitAssignPasswordForm(), and submitAssistanceForm().

156  {
157  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_assistance.html', true);
158  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth_b.png'));
159  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
160 
161  $this->tpl->setVariable
162  (
163  'TXT_ENTER_USERNAME_AND_EMAIL',
164  str_replace
165  (
166  "\\n", '<br />',
167  sprintf
168  (
169  $this->lng->txt('pwassist_enter_username_and_email'),
170  '<a href="mailto:' . $this->settings->get('admin_email') . '">' . $this->settings->get('admin_email') . '</a>'
171  )
172  )
173  );
174 
175  if(!$form)
176  {
177  $form = $this->getAssistanceForm();
178  }
179  $this->tpl->setVariable('FORM', $form->getHTML());
180  $this->tpl->show();
181  }
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:107
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ showMessageForm()

ilPasswordAssistanceGUI::showMessageForm (   $text)

This form is used to show a message to the user.

Parameters
string$text

Definition at line 718 of file class.ilPasswordAssistanceGUI.php.

References ilUtil\getImagePath().

Referenced by submitAssignPasswordForm(), submitAssistanceForm(), and submitUsernameAssistanceForm().

719  {
720  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_message.html', true);
721  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
722  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth_b.png'));
723 
724  $this->tpl->setVariable('TXT_TEXT', str_replace("\\n", '<br />', $text));
725  $this->tpl->show();
726  }
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:107
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ showUsernameAssistanceForm()

ilPasswordAssistanceGUI::showUsernameAssistanceForm ( ilPropertyFormGUI  $form = null)

Shows the password assistance form.

This form is used to request a password assistance mail from ILIAS. This form contains the following fields: username email When the user submits the form, then this script is invoked with the cmd 'submitAssistanceForm'.

Parameters
ilPropertyFormGUI$form

Definition at line 570 of file class.ilPasswordAssistanceGUI.php.

References ilUtil\getImagePath(), and getUsernameAssistanceForm().

Referenced by submitUsernameAssistanceForm().

571  {
572  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_username_assistance.html', true);
573  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth_b.png'));
574  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
575 
576  $this->tpl->setVariable
577  (
578  'TXT_ENTER_USERNAME_AND_EMAIL',
579  str_replace
580  (
581  "\\n", '<br />',
582  sprintf
583  (
584  $this->lng->txt('pwassist_enter_email'),
585  '<a href="mailto:' . $this->settings->get('admin_email') . '">' . $this->settings->get('admin_email') . '</a>'
586  )
587  )
588  );
589 
590  if(!$form)
591  {
592  $form = $this->getUsernameAssistanceForm();
593  }
594  $this->tpl->setVariable('FORM', $form->getHTML());
595  $this->tpl->show();
596  }
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:107
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ submitAssignPasswordForm()

ilPasswordAssistanceGUI::submitAssignPasswordForm ( )

Reads the submitted data from the password assistance form.

The following form fields are read as HTTP POST parameters: key username password1 password2 The key is used to retrieve the password assistance session. If the key is missing, or if the password assistance session has expired, the password assistance form will be shown instead of this form. If the password assistance session is valid, and if the username matches the username, for which the password assistance has been requested, and if the new password is valid, ILIAS assigns the password to the user. Note: To prevent replay attacks, the session is deleted when the password has been assigned successfully.

Definition at line 442 of file class.ilPasswordAssistanceGUI.php.

References $_POST, db_pwassist_session_destroy(), db_pwassist_session_read(), getAssignPasswordForm(), ilUtil\isPasswordValidForUserContext(), ilUtil\sendFailure(), showAssignPasswordForm(), showAssistanceForm(), showMessageForm(), and ilUtil\stripSlashes().

443  {
444 
445  require_once 'include/inc.pwassist_session_handler.php';
446 
447  // We need to fetch this before form instantiation
448  $pwassist_id = ilUtil::stripSlashes($_POST['key']);
449 
450  $form = $this->getAssignPasswordForm($pwassist_id);
451  if(!$form->checkInput())
452  {
453  $form->setValuesByPost();
454  $this->showAssistanceForm($form);
455  return;
456  }
457 
458  $username = $form->getInput('username');
459  $password = $form->getInput('password');
460  $pwassist_id = $form->getInput('key');
461 
462  // Retrieve the session
463  $pwassist_session = db_pwassist_session_read($pwassist_id);
464 
465  if(
466  count($pwassist_session) == 0 ||
467  $pwassist_session['expires'] < time()
468  )
469  {
470  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_session_expired')));
471  $form->setValuesByPost();
472  $this->showAssistanceForm($form);
473  return;
474  }
475  else
476  {
477  $is_successful = true;
478  $message = '';
479 
480  $userObj = new ilObjUser($pwassist_session['user_id']);
481  if($userObj == null)
482  {
483  $message = $this->lng->txt('user_does_not_exist');
484  $is_successful = false;
485  }
486 
487  // check if the username entered by the user matches the
488  // one of the user object.
489  if($is_successful && strcasecmp($userObj->getLogin(), $username) != 0)
490  {
491  $message = $this->lng->txt('pwassist_login_not_match');
492  $is_successful = false;
493  }
494 
495  $error_lng_var = '';
496  if(!ilUtil::isPasswordValidForUserContext($password, $userObj, $error_lng_var))
497  {
498  $message = $this->lng->txt($error_lng_var);
499  $is_successful = false;
500  }
501 
502  // End of validation
503  // If the validation was successful, we change the password of the
504  // user.
505  // ------------------
506  if($is_successful)
507  {
508  $is_successful = $userObj->resetPassword($password, $password);
509  if(!$is_successful)
510  {
511  $message = $this->lng->txt('passwd_invalid');
512  }
513  }
514 
515  // If we are successful so far, we update the user object.
516  // ------------------
517  if($is_successful)
518  {
519  $userObj->update();
520  }
521 
522  // If we are successful, we destroy the password assistance
523  // session and redirect to the login page.
524  // Else we display the form again along with an error message.
525  // ------------------
526  if($is_successful)
527  {
528  db_pwassist_session_destroy($pwassist_id);
529  $this->showMessageForm(sprintf($this->lng->txt('pwassist_password_assigned'), $username));
530  }
531  else
532  {
533  ilUtil::sendFailure(str_replace("\\n", '', $message));
534  $form->setValuesByPost();
535  $this->showAssignPasswordForm($form, $pwassist_id);
536  }
537  }
538  }
$_POST
$_POST['username']
Definition: cron.php:12
db_pwassist_session_destroy
db_pwassist_session_destroy($pwassist_id)
destroy session
Definition: inc.pwassist_session_handler.php:150
db_pwassist_session_read
db_pwassist_session_read($pwassist_id)
Definition: inc.pwassist_session_handler.php:86
ilUtil\isPasswordValidForUserContext
static isPasswordValidForUserContext($clear_text_password, $user, &$error_language_variable=null)
Definition: class.ilUtil.php:1324
ilPasswordAssistanceGUI\showAssignPasswordForm
showAssignPasswordForm(ilPropertyFormGUI $form=null, $pwassist_id='')
Assign password form.
Definition: class.ilPasswordAssistanceGUI.php:389
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2683
ilPasswordAssistanceGUI\showMessageForm
showMessageForm($text)
This form is used to show a message to the user.
Definition: class.ilPasswordAssistanceGUI.php:718
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4930
ilPasswordAssistanceGUI\showAssistanceForm
showAssistanceForm(ilPropertyFormGUI $form=null)
Definition: class.ilPasswordAssistanceGUI.php:155
+ Here is the call graph for this function:

◆ submitAssistanceForm()

ilPasswordAssistanceGUI::submitAssistanceForm ( )

Reads the submitted data from the password assistance form.

The following form fields are read as HTTP POST parameters: username email If the submitted username and email address matches an entry in the user data table, then ILIAS creates a password assistance session for the user, and sends a password assistance mail to the email address. For details about the creation of the session and the e-mail see function sendPasswordAssistanceMail().

Definition at line 194 of file class.ilPasswordAssistanceGUI.php.

References AUTH_LOCAL, getAssistanceForm(), ilObjUser\getUserIdByLogin(), ilUtil\sendFailure(), sendPasswordAssistanceMail(), showAssistanceForm(), and showMessageForm().

195  {
196  $form = $this->getAssistanceForm();
197  if(!$form->checkInput())
198  {
199  $form->setValuesByPost();
200  $this->showAssistanceForm($form);
201  return;
202  }
203 
204  $username = $form->getInput('username');
205  $email = $form->getInput('email');
206 
207  $userObj = null;
208  $userid = ilObjUser::getUserIdByLogin($username);
209  $txt_key = 'pwassist_invalid_username_or_email';
210  if($userid != 0)
211  {
212  $userObj = new ilObjUser($userid);
213  if(strcasecmp($userObj->getEmail(), $email) != 0)
214  {
215  $userObj = null;
216  }
217  elseif(!strlen($email))
218  {
219  $userObj = null;
220  $txt_key = 'pwassist_no_email_found';
221  }
222  else if(
223  $userObj->getAuthMode(true) != AUTH_LOCAL ||
224  ($userObj->getAuthMode(true) == AUTH_DEFAULT && AUTH_DEFAULT != AUTH_LOCAL)
225  )
226  {
227  $userObj = null;
228  $txt_key = 'pwassist_invalid_auth_mode';
229  }
230  }
231 
232  // No matching user object found?
233  // Show the password assistance form again, and display an error message.
234  if($userObj == null)
235  {
236  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt($txt_key)));
237  $form->setValuesByPost();
238  $this->showAssistanceForm($form);
239  }
240  else
241  {
242  // Matching user object found?
243  // Check if the user is permitted to use the password assistance function,
244  // and then send a password assistance mail to the email address.
245  // FIXME: Extend this if-statement to check whether the user
246  // has the permission to use the password assistance function.
247  // The anonymous user and users who are system administrators are
248  // not allowed to use this feature
249  if(
250  $this->rbacreview->isAssigned($userObj->getId, ANONYMOUS_ROLE_ID) ||
251  $this->rbacreview->isAssigned($userObj->getId, SYSTEM_ROLE_ID)
252  )
253  {
254  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_not_permitted')));
255  $form->setValuesByPost();
256  $this->showAssistanceForm($form);
257  }
258  else
259  {
260  $this->sendPasswordAssistanceMail($userObj);
261  $this->showMessageForm(sprintf($this->lng->txt('pwassist_mail_sent'), $email));
262  }
263  }
264  }
ilPasswordAssistanceGUI\sendPasswordAssistanceMail
sendPasswordAssistanceMail(ilObjUser $userObj)
Creates (or reuses) a password assistance session, and sends a password assistance mail to the specif...
Definition: class.ilPasswordAssistanceGUI.php:277
ilObjUser\getUserIdByLogin
getUserIdByLogin($a_login)
Definition: class.ilObjUser.php:2641
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
ilPasswordAssistanceGUI\showMessageForm
showMessageForm($text)
This form is used to show a message to the user.
Definition: class.ilPasswordAssistanceGUI.php:718
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4930
ilPasswordAssistanceGUI\showAssistanceForm
showAssistanceForm(ilPropertyFormGUI $form=null)
Definition: class.ilPasswordAssistanceGUI.php:155
+ Here is the call graph for this function:

◆ submitUsernameAssistanceForm()

ilPasswordAssistanceGUI::submitUsernameAssistanceForm ( )

Reads the submitted data from the password assistance form.

The following form fields are read as HTTP POST parameters: username email If the submitted username and email address matches an entry in the user data table, then ILIAS creates a password assistance session for the user, and sends a password assistance mail to the email address. For details about the creation of the session and the e-mail see function sendPasswordAssistanceMail().

Definition at line 609 of file class.ilPasswordAssistanceGUI.php.

References ilObjUser\_getUserIdsByEmail(), getUsernameAssistanceForm(), ilUtil\sendFailure(), sendUsernameAssistanceMail(), showMessageForm(), and showUsernameAssistanceForm().

610  {
611  require_once 'Services/User/classes/class.ilObjUser.php';
612  require_once 'Services/Utilities/classes/class.ilUtil.php';
613 
614  $form = $this->getUsernameAssistanceForm();
615  if(!$form->checkInput())
616  {
617  $form->setValuesByPost();
618  $this->showUsernameAssistanceForm($form);
619  return;
620  }
621 
622  // Retrieve form data
623  $email = $form->getInput('email');
624 
625  // Retrieve a user object with matching user name and email address.
626  $logins = ilObjUser::_getUserIdsByEmail($email);
627 
628  // No matching user object found?
629  // Show the password assistance form again, and display an error message.
630  if(!is_array($logins) || count($logins) < 1)
631  {
632  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_invalid_email')));
633  $form->setValuesByPost();
634  $this->showUsernameAssistanceForm($form);
635  }
636  else
637  {
638  // Matching user object found?
639  // Check if the user is permitted to use the password assistance function,
640  // and then send a password assistance mail to the email address.
641 
642  // FIXME: Extend this if-statement to check whether the user
643  // has the permission to use the password assistance function.
644  // The anonymous user and users who are system administrators are
645  // not allowed to use this feature
646  /* if ($rbacreview->isAssigned($userObj->getID, ANONYMOUS_ROLE_ID)
647  || $rbacreview->isAssigned($userObj->getID, SYSTEM_ROLE_ID)
648  )
649  {
650  $this->showAssistanceForm
651  (
652  $lng->txt("pwassist_not_permitted"),
653  $username,
654  $email
655  );
656  }
657  else */
658  {
659  $this->sendUsernameAssistanceMail($email, $logins);
660  $this->showMessageForm(sprintf($this->lng->txt('pwassist_mail_sent'), $email));
661  }
662  }
663  }
ilPasswordAssistanceGUI\showMessageForm
showMessageForm($text)
This form is used to show a message to the user.
Definition: class.ilPasswordAssistanceGUI.php:718
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4930
ilPasswordAssistanceGUI\sendUsernameAssistanceMail
sendUsernameAssistanceMail($email, array $logins)
Creates (or reuses) a password assistance session, and sends a password assistance mail to the specif...
Definition: class.ilPasswordAssistanceGUI.php:677
ilPasswordAssistanceGUI\showUsernameAssistanceForm
showUsernameAssistanceForm(ilPropertyFormGUI $form=null)
Shows the password assistance form.
Definition: class.ilPasswordAssistanceGUI.php:570
ilObjUser\_getUserIdsByEmail
_getUserIdsByEmail($a_email)
STATIC METHOD get all user_ids of an email address.
Definition: class.ilObjUser.php:2654
+ Here is the call graph for this function:

Field Documentation

◆ $ctrl

ilPasswordAssistanceGUI::$ctrl
protected

Definition at line 17 of file class.ilPasswordAssistanceGUI.php.

◆ $https

ilPasswordAssistanceGUI::$https
protected

Definition at line 47 of file class.ilPasswordAssistanceGUI.php.

◆ $ilias

ilPasswordAssistanceGUI::$ilias
protected

Definition at line 42 of file class.ilPasswordAssistanceGUI.php.

◆ $lng

ilPasswordAssistanceGUI::$lng
protected

Definition at line 22 of file class.ilPasswordAssistanceGUI.php.

Referenced by executeCommand().

◆ $rbacreview

ilPasswordAssistanceGUI::$rbacreview
protected

Definition at line 27 of file class.ilPasswordAssistanceGUI.php.

◆ $settings

ilPasswordAssistanceGUI::$settings
protected

Definition at line 37 of file class.ilPasswordAssistanceGUI.php.

◆ $tpl

ilPasswordAssistanceGUI::$tpl
protected

Definition at line 32 of file class.ilPasswordAssistanceGUI.php.

The documentation for this class was generated from the following file: