ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilPasswordAssistanceGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2013 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
13 {
17  protected $ctrl;
18 
22  protected $lng;
23 
27  protected $rbacreview;
28 
32  protected $tpl;
33 
37  protected $settings;
38 
42  protected $ilias;
43 
47  protected $https;
48 
52  public function __construct()
53  {
64 
65  $this->ctrl = $ilCtrl;
66  $this->lng = $lng;
67  $this->rbacreview = $rbacreview;
68  $this->tpl = $tpl;
69  $this->settings = $ilSetting;
70  $this->ilias = $ilias;
71  $this->https = $https;
72  }
73 
77  public function executeCommand()
78  {
79  // check hack attempts
80  if(!$this->settings->get('password_assistance')) // || AUTH_DEFAULT != AUTH_LOCAL)
81  {
82  if(empty($_SESSION['AccountId']) && $_SESSION['AccountId'] !== false)
83  {
84  $this->ilias->error_obj->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->WARNING);
85  }
86  }
87 
88  // check correct setup
89  if(!$this->settings->get('setup_ok'))
90  {
91  die('Setup is not completed. Please run setup routine again.');
92  }
93 
94  // Change the language, if necessary.
95  // And load the 'pwassist' language module
96  $lang = $_GET['lang'];
97  if($lang != null && $lang != '' && $this->lng->getLangKey() != $lang)
98  {
99  $lng = new ilLanguage($lang);
100  }
101  $this->lng->loadLanguageModule('pwassist');
102 
103  $cmd = $this->ctrl->getCmd();
104  $next_class = $this->ctrl->getNextClass($this);
105 
106  switch($next_class)
107  {
108  default:
109  if($cmd != '')
110  {
111  return $this->$cmd();
112  }
113  else
114  {
115  if(!empty($_GET['key']))
116  {
117  $this->showAssignPasswordForm();
118  }
119  else
120  {
121  $this->showAssistanceForm();
122  }
123  }
124  break;
125  }
126  }
127 
131  protected function getAssistanceForm()
132  {
133  require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
134  $form = new ilPropertyFormGUI();
135 
136  $form->setFormAction($this->ctrl->getFormAction($this, 'submitAssistanceForm'));
137  $form->setTarget('_parent');
138 
139  $username = new ilTextInputGUI($this->lng->txt('username'), 'username');
140  $username->setRequired(true);
141  $form->addItem($username);
142 
143  $email = new ilTextInputGUI($this->lng->txt('email'), 'email');
144  $email->setRequired(true);
145  $form->addItem($email);
146 
147  $form->addCommandButton('submitAssistanceForm', $this->lng->txt('submit'));
148 
149  return $form;
150  }
151 
155  public function showAssistanceForm(ilPropertyFormGUI $form = null)
156  {
157  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_assistance.html', true);
158  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
159  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
160 
161  $this->tpl->setVariable
162  (
163  'TXT_ENTER_USERNAME_AND_EMAIL',
164  str_replace
165  (
166  "\\n", '<br />',
167  sprintf
168  (
169  $this->lng->txt('pwassist_enter_username_and_email'),
170  '<a href="mailto:' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '">' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '</a>'
171  )
172  )
173  );
174 
175  if(!$form)
176  {
177  $form = $this->getAssistanceForm();
178  }
179  $this->tpl->setVariable('FORM', $form->getHTML());
180  $this->tpl->show();
181  }
182 
194  public function submitAssistanceForm()
195  {
196  $form = $this->getAssistanceForm();
197  if(!$form->checkInput())
198  {
199  $form->setValuesByPost();
200  $this->showAssistanceForm($form);
201  return;
202  }
203 
204  $username = $form->getInput('username');
205  $email = $form->getInput('email');
206 
207  $userObj = null;
208  $userid = ilObjUser::getUserIdByLogin($username);
209  $txt_key = 'pwassist_invalid_username_or_email';
210  if($userid != 0)
211  {
212  $userObj = new ilObjUser($userid);
213  if(strcasecmp($userObj->getEmail(), $email) != 0)
214  {
215  $userObj = null;
216  }
217  elseif(!strlen($email))
218  {
219  $userObj = null;
220  $txt_key = 'pwassist_no_email_found';
221  }
222  else if(
223  $userObj->getAuthMode(true) != AUTH_LOCAL ||
224  ($userObj->getAuthMode(true) == AUTH_DEFAULT && AUTH_DEFAULT != AUTH_LOCAL)
225  )
226  {
227  $userObj = null;
228  $txt_key = 'pwassist_invalid_auth_mode';
229  }
230  }
231 
232  // No matching user object found?
233  // Show the password assistance form again, and display an error message.
234  if($userObj == null)
235  {
236  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt($txt_key)));
237  $form->setValuesByPost();
238  $this->showAssistanceForm($form);
239  }
240  else
241  {
242  // Matching user object found?
243  // Check if the user is permitted to use the password assistance function,
244  // and then send a password assistance mail to the email address.
245  // FIXME: Extend this if-statement to check whether the user
246  // has the permission to use the password assistance function.
247  // The anonymous user and users who are system administrators are
248  // not allowed to use this feature
249  if(
250  $this->rbacreview->isAssigned($userObj->getId(), ANONYMOUS_ROLE_ID) ||
251  $this->rbacreview->isAssigned($userObj->getId(), SYSTEM_ROLE_ID)
252  )
253  {
254  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_not_permitted')));
255  $form->setValuesByPost();
256  $this->showAssistanceForm($form);
257  }
258  else
259  {
260  $this->sendPasswordAssistanceMail($userObj);
261  $this->showMessageForm(sprintf($this->lng->txt('pwassist_mail_sent'), $email));
262  }
263  }
264  }
265 
277  public function sendPasswordAssistanceMail(ilObjUser $userObj)
278  {
279  require_once 'Services/Mail/classes/class.ilMailbox.php';
280  require_once 'Services/Mail/classes/class.ilMail.php';
281  require_once 'Services/Mail/classes/class.ilMimeMail.php';
282  require_once 'include/inc.pwassist_session_handler.php';
283 
284  // Check if we need to create a new session
285  $pwassist_session = db_pwassist_session_find($userObj->getId());
286  if(
287  count($pwassist_session) == 0 ||
288  $pwassist_session['expires'] < time() ||
289  true // comment by mjansen: wtf? :-)
290  )
291  {
292  // Create a new session id
293  // #9700 - this didn't do anything before?!
294  // db_set_save_handler();
295  session_start();
296  $pwassist_session['pwassist_id'] = db_pwassist_create_id();
297  session_destroy();
299  $pwassist_session['pwassist_id'],
300  3600,
301  $userObj->getId()
302  );
303  }
304  $protocol = $this->https->isDetected() ? 'https://' : 'http://';
305  // Compose the mail
306  $server_url = $protocol . $_SERVER['HTTP_HOST'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')) . '/';
307  // XXX - Werner Randelshofer - Insert code here to dynamically get the
308  // the delimiter. For URL's that are sent by e-mail to a user,
309  // it is best to use semicolons as parameter delimiter
310  $delimiter = '&';
311  $pwassist_url = $protocol . $_SERVER['HTTP_HOST']
312  . str_replace('ilias.php', 'pwassist.php', $_SERVER['PHP_SELF'])
313  . '?client_id=' . $this->ilias->getClientId()
314  . $delimiter . 'lang=' . $this->lng->getLangKey()
315  . $delimiter . 'key=' . $pwassist_session['pwassist_id'];
316  $alternative_pwassist_url = $protocol . $_SERVER['HTTP_HOST']
317  . str_replace('ilias.php', 'pwassist.php', $_SERVER['PHP_SELF'])
318  . '?client_id=' . $this->ilias->getClientId()
319  . $delimiter . 'lang=' . $this->lng->getLangKey()
320  . $delimiter . 'key=' . $pwassist_session['pwassist_id'];
321 
322  $contact_address = ilMail::getIliasMailerAddress();
323 
324  $mm = new ilMimeMail();
325  $mm->Subject($this->lng->txt('pwassist_mail_subject'));
326  $mm->From($contact_address);
327  $mm->To($userObj->getEmail());
328  $mm->Body
329  (
330  str_replace
331  (
332  array("\\n", "\\t"),
333  array("\n", "\t"),
334  sprintf
335  (
336  $this->lng->txt('pwassist_mail_body'),
337  $pwassist_url,
338  $server_url,
339  $_SERVER['REMOTE_ADDR'],
340  $userObj->getLogin(),
341  'mailto:' . $contact_address[0],
342  $alternative_pwassist_url
343  )
344  )
345  );
346  $mm->Send();
347  }
348 
353  protected function getAssignPasswordForm($pwassist_id)
354  {
355  require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
356  $form = new ilPropertyFormGUI();
357 
358  $form->setFormAction($this->ctrl->getFormAction($this, 'submitAssignPasswordForm'));
359  $form->setTarget('_parent');
360 
361  $username = new ilTextInputGUI($this->lng->txt('username'), 'username');
362  $username->setRequired(true);
363  $form->addItem($username);
364 
365  $password = new ilPasswordInputGUI($this->lng->txt('password'), 'password');
366  $password->setRequired(true);
367  $form->addItem($password);
368 
369  $key = new ilHiddenInputGUI('key');
370  $key->setValue($pwassist_id);
371  $form->addItem($key);
372 
373  $form->addCommandButton('submitAssignPasswordForm', $this->lng->txt('submit'));
374 
375  return $form;
376  }
377 
390  public function showAssignPasswordForm(ilPropertyFormGUI $form = null, $pwassist_id = '')
391  {
392  require_once 'include/inc.pwassist_session_handler.php';
393  require_once 'Services/Language/classes/class.ilLanguage.php';
394 
395  // Retrieve form data
396  if(!$pwassist_id)
397  {
398  $pwassist_id = $_GET['key'];
399  }
400 
401  // Retrieve the session, and check if it is valid
402  $pwassist_session = db_pwassist_session_read($pwassist_id);
403  if(
404  count($pwassist_session) == 0 ||
405  $pwassist_session['expires'] < time()
406  )
407  {
408  ilUtil::sendFailure($this->lng->txt('pwassist_session_expired'));
409  $this->showAssistanceForm(null);
410  }
411  else
412  {
413  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_assignpassword.html', true);
414  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
415  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
416 
417  $this->tpl->setVariable('TXT_ENTER_USERNAME_AND_NEW_PASSWORD', $this->lng->txt('pwassist_enter_username_and_new_password'));
418 
419  if(!$form)
420  {
421  $form = $this->getAssignPasswordForm($pwassist_id);
422  }
423  $this->tpl->setVariable('FORM', $form->getHTML());
424  $this->tpl->show();
425  }
426  }
427 
444  public function submitAssignPasswordForm()
445  {
446 
447  require_once 'include/inc.pwassist_session_handler.php';
448 
449  // We need to fetch this before form instantiation
450  $pwassist_id = ilUtil::stripSlashes($_POST['key']);
451 
452  $form = $this->getAssignPasswordForm($pwassist_id);
453  if(!$form->checkInput())
454  {
455  $form->setValuesByPost();
456  $this->showAssistanceForm($form);
457  return;
458  }
459 
460  $username = $form->getInput('username');
461  $password = $form->getInput('password');
462  $pwassist_id = $form->getInput('key');
463 
464  // Retrieve the session
465  $pwassist_session = db_pwassist_session_read($pwassist_id);
466 
467  if(
468  count($pwassist_session) == 0 ||
469  $pwassist_session['expires'] < time()
470  )
471  {
472  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_session_expired')));
473  $form->setValuesByPost();
474  $this->showAssistanceForm($form);
475  return;
476  }
477  else
478  {
479  $is_successful = true;
480  $message = '';
481 
482  $userObj = new ilObjUser($pwassist_session['user_id']);
483  if($userObj == null)
484  {
485  $message = $this->lng->txt('user_does_not_exist');
486  $is_successful = false;
487  }
488 
489  // check if the username entered by the user matches the
490  // one of the user object.
491  if($is_successful && strcasecmp($userObj->getLogin(), $username) != 0)
492  {
493  $message = $this->lng->txt('pwassist_login_not_match');
494  $is_successful = false;
495  }
496 
497  $error_lng_var = '';
498  if(!ilUtil::isPasswordValidForUserContext($password, $userObj, $error_lng_var))
499  {
500  $message = $this->lng->txt($error_lng_var);
501  $is_successful = false;
502  }
503 
504  // End of validation
505  // If the validation was successful, we change the password of the
506  // user.
507  // ------------------
508  if($is_successful)
509  {
510  $is_successful = $userObj->resetPassword($password, $password);
511  if(!$is_successful)
512  {
513  $message = $this->lng->txt('passwd_invalid');
514  }
515  }
516 
517  // If we are successful so far, we update the user object.
518  // ------------------
519  if($is_successful)
520  {
521  $userObj->update();
522  }
523 
524  // If we are successful, we destroy the password assistance
525  // session and redirect to the login page.
526  // Else we display the form again along with an error message.
527  // ------------------
528  if($is_successful)
529  {
530  db_pwassist_session_destroy($pwassist_id);
531  $this->showMessageForm(sprintf($this->lng->txt('pwassist_password_assigned'), $username));
532  }
533  else
534  {
535  ilUtil::sendFailure(str_replace("\\n", '', $message));
536  $form->setValuesByPost();
537  $this->showAssignPasswordForm($form, $pwassist_id);
538  }
539  }
540  }
541 
545  protected function getUsernameAssistanceForm()
546  {
547  require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
548  $form = new ilPropertyFormGUI();
549 
550  $form->setFormAction($this->ctrl->getFormAction($this, 'submitUsernameAssistanceForm'));
551  $form->setTarget('_parent');
552 
553  $email = new ilTextInputGUI($this->lng->txt('email'), 'email');
554  $email->setRequired(true);
555  $form->addItem($email);
556 
557  $form->addCommandButton('submitUsernameAssistanceForm', $this->lng->txt('submit'));
558 
559  return $form;
560  }
561 
572  public function showUsernameAssistanceForm(ilPropertyFormGUI $form = null)
573  {
574  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_username_assistance.html', true);
575  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
576  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
577 
578  $this->tpl->setVariable
579  (
580  'TXT_ENTER_USERNAME_AND_EMAIL',
581  str_replace
582  (
583  "\\n", '<br />',
584  sprintf
585  (
586  $this->lng->txt('pwassist_enter_email'),
587  '<a href="mailto:' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '">' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '</a>'
588  )
589  )
590  );
591 
592  if(!$form)
593  {
594  $form = $this->getUsernameAssistanceForm();
595  }
596  $this->tpl->setVariable('FORM', $form->getHTML());
597  $this->tpl->show();
598  }
599 
612  {
613  require_once 'Services/User/classes/class.ilObjUser.php';
614  require_once 'Services/Utilities/classes/class.ilUtil.php';
615 
616  $form = $this->getUsernameAssistanceForm();
617  if(!$form->checkInput())
618  {
619  $form->setValuesByPost();
620  $this->showUsernameAssistanceForm($form);
621  return;
622  }
623 
624  // Retrieve form data
625  $email = $form->getInput('email');
626 
627  // Retrieve a user object with matching user name and email address.
628  $logins = ilObjUser::_getUserIdsByEmail($email);
629 
630  // No matching user object found?
631  // Show the password assistance form again, and display an error message.
632  if(!is_array($logins) || count($logins) < 1)
633  {
634  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_invalid_email')));
635  $form->setValuesByPost();
636  $this->showUsernameAssistanceForm($form);
637  }
638  else
639  {
640  // Matching user object found?
641  // Check if the user is permitted to use the password assistance function,
642  // and then send a password assistance mail to the email address.
643 
644  // FIXME: Extend this if-statement to check whether the user
645  // has the permission to use the password assistance function.
646  // The anonymous user and users who are system administrators are
647  // not allowed to use this feature
648  /* if ($rbacreview->isAssigned($userObj->getID, ANONYMOUS_ROLE_ID)
649  || $rbacreview->isAssigned($userObj->getID, SYSTEM_ROLE_ID)
650  )
651  {
652  $this->showAssistanceForm
653  (
654  $lng->txt("pwassist_not_permitted"),
655  $username,
656  $email
657  );
658  }
659  else */
660  {
661  $this->sendUsernameAssistanceMail($email, $logins);
662  $this->showMessageForm(sprintf($this->lng->txt('pwassist_mail_sent'), $email));
663  }
664  }
665  }
666 
679  public function sendUsernameAssistanceMail($email, array $logins)
680  {
681  require_once 'Services/Mail/classes/class.ilMailbox.php';
682  require_once 'Services/Mail/classes/class.ilMail.php';
683  require_once 'Services/Mail/classes/class.ilMimeMail.php';
684  require_once 'include/inc.pwassist_session_handler.php';
685 
686  $protocol = $this->https->isDetected() ? 'https://' : 'http://';
687 
688  $server_url = $protocol . $_SERVER['HTTP_HOST'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')) . '/';
689  $login_url = $server_url . 'pwassist.php' . '?client_id=' . $this->ilias->getClientId() . '&lang=' . $this->lng->getLangKey();
690  $contact_address = ilMail::getIliasMailerAddress();
691 
692  $mm = new ilMimeMail();
693  $mm->Subject($this->lng->txt('pwassist_mail_subject'));
694  $mm->From($contact_address);
695  $mm->To($email);
696  $mm->Body
697  (
698  str_replace
699  (
700  array("\\n", "\\t"),
701  array("\n", "\t"),
702  sprintf
703  (
704  $this->lng->txt('pwassist_username_mail_body'),
705  join($logins, ",\n"),
706  $server_url,
707  $_SERVER['REMOTE_ADDR'],
708  $email,
709  'mailto:' . $contact_address[0],
710  $login_url
711  )
712  )
713  );
714  $mm->Send();
715  }
716 
721  public function showMessageForm($text)
722  {
723  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_message.html', true);
724  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
725  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
726 
727  $this->tpl->setVariable('TXT_TEXT', str_replace("\\n", '<br />', $text));
728  $this->tpl->show();
729  }
730 }
static prepareFormOutput($a_str, $a_strip=false)
prepares string output for html forms public
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
getLogin()
get login / username public
$_POST['username']
Definition: cron.php:12
db_pwassist_session_destroy($pwassist_id)
destroy session
$_SESSION["AccountId"]
sendPasswordAssistanceMail(ilObjUser $userObj)
Creates (or reuses) a password assistance session, and sends a password assistance mail to the specif...
db_pwassist_session_read($pwassist_id)
This class represents a property form user interface.
$_GET["client_id"]
static isPasswordValidForUserContext($clear_text_password, $user, &$error_language_variable=null)
$cmd
Definition: sahs_server.php:35
getUserIdByLogin($a_login)
global $ilCtrl
Definition: ilias.php:18
showAssignPasswordForm(ilPropertyFormGUI $form=null, $pwassist_id='')
Assign password form.
This class represents a hidden form property in a property form.
getEmail()
get email address public
db_pwassist_session_find($user_id)
this class encapsulates the PHP mail() function.
getId()
get object id public
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
submitUsernameAssistanceForm()
Reads the submitted data from the password assistance form.
This class represents a text property in a property form.
This class represents a password property in a property form.
redirection script todo: (a better solution should control the processing via a xml file) ...
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
const AUTH_LOCAL
showMessageForm($text)
This form is used to show a message to the user.
Password assistance facility for users who have forgotten their password or for users for whom no pas...
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
showAssistanceForm(ilPropertyFormGUI $form=null)
submitAssignPasswordForm()
Reads the submitted data from the password assistance form.
global $ilSetting
Definition: privfeed.php:40
submitAssistanceForm()
Reads the submitted data from the password assistance form.
$text
sendUsernameAssistanceMail($email, array $logins)
Creates (or reuses) a password assistance session, and sends a password assistance mail to the specif...
language handling
db_pwassist_session_write($pwassist_id, $maxlifetime, $user_id)
Writes serialized session data to the database.
setRequired($a_required)
Set Required.
showUsernameAssistanceForm(ilPropertyFormGUI $form=null)
Shows the password assistance form.
_getUserIdsByEmail($a_email)
STATIC METHOD get all user_ids of an email address.
static getIliasMailerAddress()
Builds an email address used for system notifications.