ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilPasswordAssistanceGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2013 ILIAS open source, Extended GPL, see docs/LICENSE */
3
13{
17 protected $ctrl;
18
22 protected $lng;
23
27 protected $rbacreview;
28
32 protected $tpl;
33
37 protected $settings;
38
42 protected $ilias;
43
47 protected $https;
48
52 public function __construct()
53 {
64
65 $this->ctrl = $ilCtrl;
66 $this->lng = $lng;
67 $this->rbacreview = $rbacreview;
68 $this->tpl = $tpl;
69 $this->settings = $ilSetting;
70 $this->ilias = $ilias;
71 $this->https = $https;
72 }
73
77 public function executeCommand()
78 {
79 // check hack attempts
80 if(!$this->settings->get('password_assistance')) // || AUTH_DEFAULT != AUTH_LOCAL)
81 {
82 if(empty($_SESSION['AccountId']) && $_SESSION['AccountId'] !== false)
83 {
84 $this->ilias->error_obj->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->WARNING);
85 }
86 }
87
88 // check correct setup
89 if(!$this->settings->get('setup_ok'))
90 {
91 die('Setup is not completed. Please run setup routine again.');
92 }
93
94 // Change the language, if necessary.
95 // And load the 'pwassist' language module
96 $lang = $_GET['lang'];
97 if($lang != null && $lang != '' && $this->lng->getLangKey() != $lang)
98 {
99 $lng = new ilLanguage($lang);
100 }
101 $this->lng->loadLanguageModule('pwassist');
102
103 $cmd = $this->ctrl->getCmd();
104 $next_class = $this->ctrl->getNextClass($this);
105
106 switch($next_class)
107 {
108 default:
109 if($cmd != '')
110 {
111 return $this->$cmd();
112 }
113 else
114 {
115 if(!empty($_GET['key']))
116 {
117 $this->showAssignPasswordForm();
118 }
119 else
120 {
121 $this->showAssistanceForm();
122 }
123 }
124 break;
125 }
126 }
127
131 protected function getAssistanceForm()
132 {
133 require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
134 $form = new ilPropertyFormGUI();
135
136 $form->setFormAction($this->ctrl->getFormAction($this, 'submitAssistanceForm'));
137 $form->setTarget('_parent');
138
139 $username = new ilTextInputGUI($this->lng->txt('username'), 'username');
140 $username->setRequired(true);
141 $form->addItem($username);
142
143 $email = new ilTextInputGUI($this->lng->txt('email'), 'email');
144 $email->setRequired(true);
145 $form->addItem($email);
146
147 $form->addCommandButton('submitAssistanceForm', $this->lng->txt('submit'));
148
149 return $form;
150 }
151
155 public function showAssistanceForm(ilPropertyFormGUI $form = null)
156 {
157 ilStartUpGUI::initStartUpTemplate('tpl.pwassist_assistance.html', true);
158 $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
159 $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
160
161 $this->tpl->setVariable
162 (
163 'TXT_ENTER_USERNAME_AND_EMAIL',
164 str_replace
165 (
166 "\\n", '<br />',
167 sprintf
168 (
169 $this->lng->txt('pwassist_enter_username_and_email'),
170 '<a href="mailto:' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '">' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '</a>'
171 )
172 )
173 );
174
175 if(!$form)
176 {
177 $form = $this->getAssistanceForm();
178 }
179 $this->tpl->setVariable('FORM', $form->getHTML());
180 $this->tpl->show();
181 }
182
194 public function submitAssistanceForm()
195 {
196 $form = $this->getAssistanceForm();
197 if(!$form->checkInput())
198 {
199 $form->setValuesByPost();
200 $this->showAssistanceForm($form);
201 return;
202 }
203
204 $username = $form->getInput('username');
205 $email = $form->getInput('email');
206
207 $userObj = null;
208 $userid = ilObjUser::getUserIdByLogin($username);
209 $txt_key = 'pwassist_invalid_username_or_email';
210 if($userid != 0)
211 {
212 $userObj = new ilObjUser($userid);
213 if(strcasecmp($userObj->getEmail(), $email) != 0)
214 {
215 $userObj = null;
216 }
217 elseif(!strlen($email))
218 {
219 $userObj = null;
220 $txt_key = 'pwassist_no_email_found';
221 }
222 else if(
223 $userObj->getAuthMode(true) != AUTH_LOCAL ||
224 ($userObj->getAuthMode(true) == AUTH_DEFAULT && AUTH_DEFAULT != AUTH_LOCAL)
225 )
226 {
227 $userObj = null;
228 $txt_key = 'pwassist_invalid_auth_mode';
229 }
230 }
231
232 // No matching user object found?
233 // Show the password assistance form again, and display an error message.
234 if($userObj == null)
235 {
236 ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt($txt_key)));
237 $form->setValuesByPost();
238 $this->showAssistanceForm($form);
239 }
240 else
241 {
242 // Matching user object found?
243 // Check if the user is permitted to use the password assistance function,
244 // and then send a password assistance mail to the email address.
245 // FIXME: Extend this if-statement to check whether the user
246 // has the permission to use the password assistance function.
247 // The anonymous user and users who are system administrators are
248 // not allowed to use this feature
249 if(
250 $this->rbacreview->isAssigned($userObj->getId(), ANONYMOUS_ROLE_ID) ||
251 $this->rbacreview->isAssigned($userObj->getId(), SYSTEM_ROLE_ID)
252 )
253 {
254 ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_not_permitted')));
255 $form->setValuesByPost();
256 $this->showAssistanceForm($form);
257 }
258 else
259 {
260 $this->sendPasswordAssistanceMail($userObj);
261 $this->showMessageForm(sprintf($this->lng->txt('pwassist_mail_sent'), $email));
262 }
263 }
264 }
265
277 public function sendPasswordAssistanceMail(ilObjUser $userObj)
278 {
279 require_once 'Services/Mail/classes/class.ilMailbox.php';
280 require_once 'Services/Mail/classes/class.ilMail.php';
281 require_once 'Services/Mail/classes/class.ilMimeMail.php';
282 require_once 'include/inc.pwassist_session_handler.php';
283
284 // Check if we need to create a new session
285 $pwassist_session = db_pwassist_session_find($userObj->getId());
286 if(
287 count($pwassist_session) == 0 ||
288 $pwassist_session['expires'] < time() ||
289 true // comment by mjansen: wtf? :-)
290 )
291 {
292 // Create a new session id
293 // #9700 - this didn't do anything before?!
294 // db_set_save_handler();
295 session_start();
296 $pwassist_session['pwassist_id'] = db_pwassist_create_id();
297 session_destroy();
299 $pwassist_session['pwassist_id'],
300 3600,
301 $userObj->getId()
302 );
303 }
304 $protocol = $this->https->isDetected() ? 'https://' : 'http://';
305 // Compose the mail
306 $server_url = $protocol . $_SERVER['HTTP_HOST'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')) . '/';
307 // XXX - Werner Randelshofer - Insert code here to dynamically get the
308 // the delimiter. For URL's that are sent by e-mail to a user,
309 // it is best to use semicolons as parameter delimiter
310 $delimiter = '&';
311 $pwassist_url = $protocol . $_SERVER['HTTP_HOST']
312 . str_replace('ilias.php', 'pwassist.php', $_SERVER['PHP_SELF'])
313 . '?client_id=' . $this->ilias->getClientId()
314 . $delimiter . 'lang=' . $this->lng->getLangKey()
315 . $delimiter . 'key=' . $pwassist_session['pwassist_id'];
316 $alternative_pwassist_url = $protocol . $_SERVER['HTTP_HOST']
317 . str_replace('ilias.php', 'pwassist.php', $_SERVER['PHP_SELF'])
318 . '?client_id=' . $this->ilias->getClientId()
319 . $delimiter . 'lang=' . $this->lng->getLangKey()
320 . $delimiter . 'key=' . $pwassist_session['pwassist_id'];
321
322 $contact_address = ilMail::getIliasMailerAddress();
323
324 $mm = new ilMimeMail();
325 $mm->Subject($this->lng->txt('pwassist_mail_subject'));
326 $mm->From($contact_address);
327 $mm->To($userObj->getEmail());
328 $mm->Body
329 (
330 str_replace
331 (
332 array("\\n", "\\t"),
333 array("\n", "\t"),
334 sprintf
335 (
336 $this->lng->txt('pwassist_mail_body'),
337 $pwassist_url,
338 $server_url,
339 $_SERVER['REMOTE_ADDR'],
340 $userObj->getLogin(),
341 'mailto:' . $contact_address[0],
342 $alternative_pwassist_url
343 )
344 )
345 );
346 $mm->Send();
347 }
348
353 protected function getAssignPasswordForm($pwassist_id)
354 {
355 require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
356 $form = new ilPropertyFormGUI();
357
358 $form->setFormAction($this->ctrl->getFormAction($this, 'submitAssignPasswordForm'));
359 $form->setTarget('_parent');
360
361 $username = new ilTextInputGUI($this->lng->txt('username'), 'username');
362 $username->setRequired(true);
363 $form->addItem($username);
364
365 $password = new ilPasswordInputGUI($this->lng->txt('password'), 'password');
366 $password->setRequired(true);
367 $form->addItem($password);
368
369 $key = new ilHiddenInputGUI('key');
370 $key->setValue($pwassist_id);
371 $form->addItem($key);
372
373 $form->addCommandButton('submitAssignPasswordForm', $this->lng->txt('submit'));
374
375 return $form;
376 }
377
390 public function showAssignPasswordForm(ilPropertyFormGUI $form = null, $pwassist_id = '')
391 {
392 require_once 'include/inc.pwassist_session_handler.php';
393 require_once 'Services/Language/classes/class.ilLanguage.php';
394
395 // Retrieve form data
396 if(!$pwassist_id)
397 {
398 $pwassist_id = $_GET['key'];
399 }
400
401 // Retrieve the session, and check if it is valid
402 $pwassist_session = db_pwassist_session_read($pwassist_id);
403 if(
404 count($pwassist_session) == 0 ||
405 $pwassist_session['expires'] < time()
406 )
407 {
408 ilUtil::sendFailure($this->lng->txt('pwassist_session_expired'));
409 $this->showAssistanceForm(null);
410 }
411 else
412 {
413 ilStartUpGUI::initStartUpTemplate('tpl.pwassist_assignpassword.html', true);
414 $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
415 $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
416
417 $this->tpl->setVariable('TXT_ENTER_USERNAME_AND_NEW_PASSWORD', $this->lng->txt('pwassist_enter_username_and_new_password'));
418
419 if(!$form)
420 {
421 $form = $this->getAssignPasswordForm($pwassist_id);
422 }
423 $this->tpl->setVariable('FORM', $form->getHTML());
424 $this->tpl->show();
425 }
426 }
427
444 public function submitAssignPasswordForm()
445 {
446
447 require_once 'include/inc.pwassist_session_handler.php';
448
449 // We need to fetch this before form instantiation
450 $pwassist_id = ilUtil::stripSlashes($_POST['key']);
451
452 $form = $this->getAssignPasswordForm($pwassist_id);
453 if(!$form->checkInput())
454 {
455 $form->setValuesByPost();
456 $this->showAssistanceForm($form);
457 return;
458 }
459
460 $username = $form->getInput('username');
461 $password = $form->getInput('password');
462 $pwassist_id = $form->getInput('key');
463
464 // Retrieve the session
465 $pwassist_session = db_pwassist_session_read($pwassist_id);
466
467 if(
468 count($pwassist_session) == 0 ||
469 $pwassist_session['expires'] < time()
470 )
471 {
472 ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_session_expired')));
473 $form->setValuesByPost();
474 $this->showAssistanceForm($form);
475 return;
476 }
477 else
478 {
479 $is_successful = true;
480 $message = '';
481
482 $userObj = new ilObjUser($pwassist_session['user_id']);
483 if($userObj == null)
484 {
485 $message = $this->lng->txt('user_does_not_exist');
486 $is_successful = false;
487 }
488
489 // check if the username entered by the user matches the
490 // one of the user object.
491 if($is_successful && strcasecmp($userObj->getLogin(), $username) != 0)
492 {
493 $message = $this->lng->txt('pwassist_login_not_match');
494 $is_successful = false;
495 }
496
497 $error_lng_var = '';
498 if(!ilUtil::isPasswordValidForUserContext($password, $userObj, $error_lng_var))
499 {
500 $message = $this->lng->txt($error_lng_var);
501 $is_successful = false;
502 }
503
504 // End of validation
505 // If the validation was successful, we change the password of the
506 // user.
507 // ------------------
508 if($is_successful)
509 {
510 $is_successful = $userObj->resetPassword($password, $password);
511 if(!$is_successful)
512 {
513 $message = $this->lng->txt('passwd_invalid');
514 }
515 }
516
517 // If we are successful so far, we update the user object.
518 // ------------------
519 if($is_successful)
520 {
521 $userObj->update();
522 }
523
524 // If we are successful, we destroy the password assistance
525 // session and redirect to the login page.
526 // Else we display the form again along with an error message.
527 // ------------------
528 if($is_successful)
529 {
530 db_pwassist_session_destroy($pwassist_id);
531 $this->showMessageForm(sprintf($this->lng->txt('pwassist_password_assigned'), $username));
532 }
533 else
534 {
535 ilUtil::sendFailure(str_replace("\\n", '', $message));
536 $form->setValuesByPost();
537 $this->showAssignPasswordForm($form, $pwassist_id);
538 }
539 }
540 }
541
545 protected function getUsernameAssistanceForm()
546 {
547 require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
548 $form = new ilPropertyFormGUI();
549
550 $form->setFormAction($this->ctrl->getFormAction($this, 'submitUsernameAssistanceForm'));
551 $form->setTarget('_parent');
552
553 $email = new ilTextInputGUI($this->lng->txt('email'), 'email');
554 $email->setRequired(true);
555 $form->addItem($email);
556
557 $form->addCommandButton('submitUsernameAssistanceForm', $this->lng->txt('submit'));
558
559 return $form;
560 }
561
572 public function showUsernameAssistanceForm(ilPropertyFormGUI $form = null)
573 {
574 ilStartUpGUI::initStartUpTemplate('tpl.pwassist_username_assistance.html', true);
575 $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
576 $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
577
578 $this->tpl->setVariable
579 (
580 'TXT_ENTER_USERNAME_AND_EMAIL',
581 str_replace
582 (
583 "\\n", '<br />',
584 sprintf
585 (
586 $this->lng->txt('pwassist_enter_email'),
587 '<a href="mailto:' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '">' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '</a>'
588 )
589 )
590 );
591
592 if(!$form)
593 {
594 $form = $this->getUsernameAssistanceForm();
595 }
596 $this->tpl->setVariable('FORM', $form->getHTML());
597 $this->tpl->show();
598 }
599
612 {
613 require_once 'Services/User/classes/class.ilObjUser.php';
614 require_once 'Services/Utilities/classes/class.ilUtil.php';
615
616 $form = $this->getUsernameAssistanceForm();
617 if(!$form->checkInput())
618 {
619 $form->setValuesByPost();
620 $this->showUsernameAssistanceForm($form);
621 return;
622 }
623
624 // Retrieve form data
625 $email = $form->getInput('email');
626
627 // Retrieve a user object with matching user name and email address.
628 $logins = ilObjUser::_getUserIdsByEmail($email);
629
630 // No matching user object found?
631 // Show the password assistance form again, and display an error message.
632 if(!is_array($logins) || count($logins) < 1)
633 {
634 ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_invalid_email')));
635 $form->setValuesByPost();
636 $this->showUsernameAssistanceForm($form);
637 }
638 else
639 {
640 // Matching user object found?
641 // Check if the user is permitted to use the password assistance function,
642 // and then send a password assistance mail to the email address.
643
644 // FIXME: Extend this if-statement to check whether the user
645 // has the permission to use the password assistance function.
646 // The anonymous user and users who are system administrators are
647 // not allowed to use this feature
648 /* if ($rbacreview->isAssigned($userObj->getID, ANONYMOUS_ROLE_ID)
649 || $rbacreview->isAssigned($userObj->getID, SYSTEM_ROLE_ID)
650 )
651 {
652 $this->showAssistanceForm
653 (
654 $lng->txt("pwassist_not_permitted"),
655 $username,
656 $email
657 );
658 }
659 else */
660 {
661 $this->sendUsernameAssistanceMail($email, $logins);
662 $this->showMessageForm(sprintf($this->lng->txt('pwassist_mail_sent'), $email));
663 }
664 }
665 }
666
679 public function sendUsernameAssistanceMail($email, array $logins)
680 {
681 require_once 'Services/Mail/classes/class.ilMailbox.php';
682 require_once 'Services/Mail/classes/class.ilMail.php';
683 require_once 'Services/Mail/classes/class.ilMimeMail.php';
684 require_once 'include/inc.pwassist_session_handler.php';
685
686 $protocol = $this->https->isDetected() ? 'https://' : 'http://';
687
688 $server_url = $protocol . $_SERVER['HTTP_HOST'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')) . '/';
689 $login_url = $server_url . 'pwassist.php' . '?client_id=' . $this->ilias->getClientId() . '&lang=' . $this->lng->getLangKey();
690 $contact_address = ilMail::getIliasMailerAddress();
691
692 $mm = new ilMimeMail();
693 $mm->Subject($this->lng->txt('pwassist_mail_subject'));
694 $mm->From($contact_address);
695 $mm->To($email);
696 $mm->Body
697 (
698 str_replace
699 (
700 array("\\n", "\\t"),
701 array("\n", "\t"),
702 sprintf
703 (
704 $this->lng->txt('pwassist_username_mail_body'),
705 join($logins, ",\n"),
706 $server_url,
707 $_SERVER['REMOTE_ADDR'],
708 $email,
709 'mailto:' . $contact_address[0],
710 $login_url
711 )
712 )
713 );
714 $mm->Send();
715 }
716
721 public function showMessageForm($text)
722 {
723 ilStartUpGUI::initStartUpTemplate('tpl.pwassist_message.html', true);
724 $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
725 $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
726
727 $this->tpl->setVariable('TXT_TEXT', str_replace("\\n", '<br />', $text));
728 $this->tpl->show();
729 }
730}
$_GET["client_id"]
$_SESSION["AccountId"]
const AUTH_LOCAL
This class represents a hidden form property in a property form.
language handling
static getIliasMailerAddress()
Builds an email address used for system notifications.
this class encapsulates the PHP mail() function.
getEmail()
get email address @access public
getUserIdByLogin($a_login)
_getUserIdsByEmail($a_email)
STATIC METHOD get all user_ids of an email address.
getLogin()
get login / username @access public
getId()
get object id @access public
Password assistance facility for users who have forgotten their password or for users for whom no pas...
showAssistanceForm(ilPropertyFormGUI $form=null)
sendUsernameAssistanceMail($email, array $logins)
Creates (or reuses) a password assistance session, and sends a password assistance mail to the specif...
submitUsernameAssistanceForm()
Reads the submitted data from the password assistance form.
showUsernameAssistanceForm(ilPropertyFormGUI $form=null)
Shows the password assistance form.
submitAssistanceForm()
Reads the submitted data from the password assistance form.
sendPasswordAssistanceMail(ilObjUser $userObj)
Creates (or reuses) a password assistance session, and sends a password assistance mail to the specif...
showAssignPasswordForm(ilPropertyFormGUI $form=null, $pwassist_id='')
Assign password form.
submitAssignPasswordForm()
Reads the submitted data from the password assistance form.
showMessageForm($text)
This form is used to show a message to the user.
This class represents a password property in a property form.
This class represents a property form user interface.
This class represents a text property in a property form.
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static isPasswordValidForUserContext($clear_text_password, $user, &$error_language_variable=null)
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
static prepareFormOutput($a_str, $a_strip=false)
prepares string output for html forms @access public
$_POST['username']
Definition: cron.php:12
$text
global $ilCtrl
Definition: ilias.php:18
db_pwassist_session_destroy($pwassist_id)
destroy session
db_pwassist_session_find($user_id)
db_pwassist_session_write($pwassist_id, $maxlifetime, $user_id)
Writes serialized session data to the database.
db_pwassist_session_read($pwassist_id)
redirection script todo: (a better solution should control the processing via a xml file)
global $ilSetting
Definition: privfeed.php:40
$cmd
Definition: sahs_server.php:35
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']