ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
Public Member Functions | Protected Member Functions | Protected Attributes
ilPasswordAssistanceGUI Class Reference
Services/Init

Password assistance facility for users who have forgotten their password or for users for whom no password has been assigned yet. More...

+ Collaboration diagram for ilPasswordAssistanceGUI:

Public Member Functions

 executeCommand ()
 
 showAssistanceForm (ilPropertyFormGUI $form=null)
 
 submitAssistanceForm ()
 Reads the submitted data from the password assistance form. More...
 
 sendPasswordAssistanceMail (ilObjUser $userObj)
 Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user. More...
 
 showAssignPasswordForm (ilPropertyFormGUI $form=null, $pwassist_id='')
 Assign password form. More...
 
 submitAssignPasswordForm ()
 Reads the submitted data from the password assistance form. More...
 
 showUsernameAssistanceForm (ilPropertyFormGUI $form=null)
 Shows the password assistance form. More...
 
 submitUsernameAssistanceForm ()
 Reads the submitted data from the password assistance form. More...
 
 sendUsernameAssistanceMail ($email, array $logins)
 Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user. More...
 
 showMessageForm ($text)
 This form is used to show a message to the user. More...
 

Protected Member Functions

 getAssistanceForm ()
 
 getAssignPasswordForm ($pwassist_id)
 
 getUsernameAssistanceForm ()
 

Protected Attributes

 $ctrl
 
 $lng
 
 $rbacreview
 
 $tpl
 
 $settings
 
 $ilias
 
 $https
 

Detailed Description

Password assistance facility for users who have forgotten their password or for users for whom no password has been assigned yet.

Author
Werner Randelshofer wrand.nosp@m.els@.nosp@m.hsw.f.nosp@m.hz.c.nosp@m.h
Michael Jansen mjans.nosp@m.en@d.nosp@m.ataba.nosp@m.y.de
Version
$Id$

Definition at line 12 of file class.ilPasswordAssistanceGUI.php.

Member Function Documentation

◆ executeCommand()

ilPasswordAssistanceGUI::executeCommand ( )
Returns
mixed

Definition at line 77 of file class.ilPasswordAssistanceGUI.php.

References $_GET, $cmd, $lang, $lng, settings(), showAssignPasswordForm(), and showAssistanceForm().

78  {
79  // check hack attempts
80  if(!$this->settings->get('password_assistance')) // || AUTH_DEFAULT != AUTH_LOCAL)
81  {
82  //
83  #if(empty($_SESSION['AccountId']) && $_SESSION['AccountId'] !== false)
84  {
85  #$this->ilias->error_obj->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->WARNING);
86  }
87  }
88 
89  // check correct setup
90  if(!$this->settings->get('setup_ok'))
91  {
92  die('Setup is not completed. Please run setup routine again.');
93  }
94 
95  // Change the language, if necessary.
96  // And load the 'pwassist' language module
97  $lang = $_GET['lang'];
98  if($lang != null && $lang != '' && $this->lng->getLangKey() != $lang)
99  {
100  $lng = new ilLanguage($lang);
101  }
102  $this->lng->loadLanguageModule('pwassist');
103 
104  $cmd = $this->ctrl->getCmd();
105  $next_class = $this->ctrl->getNextClass($this);
106 
107  switch($next_class)
108  {
109  default:
110  if($cmd != '')
111  {
112  return $this->$cmd();
113  }
114  else
115  {
116  if(!empty($_GET['key']))
117  {
118  $this->showAssignPasswordForm();
119  }
120  else
121  {
122  $this->showAssistanceForm();
123  }
124  }
125  break;
126  }
127  }
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$cmd
$cmd
Definition: sahs_server.php:35
ilPasswordAssistanceGUI\showAssignPasswordForm
showAssignPasswordForm(ilPropertyFormGUI $form=null, $pwassist_id='')
Assign password form.
Definition: class.ilPasswordAssistanceGUI.php:393
ilPasswordAssistanceGUI\showAssistanceForm
showAssistanceForm(ilPropertyFormGUI $form=null)
Definition: class.ilPasswordAssistanceGUI.php:156
settings
settings()
Definition: settings.php:2
$lang
for($i=1; $i<=count($kw_cases_sel); $i+=1) $lang
Definition: langwiz.php:349
ilLanguage
language handling
Definition: class.ilLanguage.php:26
+ Here is the call graph for this function:

◆ getAssignPasswordForm()

ilPasswordAssistanceGUI::getAssignPasswordForm (   $pwassist_id)
protected
Parameters
string$pwassist_id
Returns
ilPropertyFormGUI

Definition at line 356 of file class.ilPasswordAssistanceGUI.php.

References ilFormPropertyGUI\setRequired().

Referenced by showAssignPasswordForm(), and submitAssignPasswordForm().

357  {
358  require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
359  $form = new ilPropertyFormGUI();
360 
361  $form->setFormAction($this->ctrl->getFormAction($this, 'submitAssignPasswordForm'));
362  $form->setTarget('_parent');
363 
364  $username = new ilTextInputGUI($this->lng->txt('username'), 'username');
365  $username->setRequired(true);
366  $form->addItem($username);
367 
368  $password = new ilPasswordInputGUI($this->lng->txt('password'), 'password');
369  $password->setRequired(true);
370  $form->addItem($password);
371 
372  $key = new ilHiddenInputGUI('key');
373  $key->setValue($pwassist_id);
374  $form->addItem($key);
375 
376  $form->addCommandButton('submitAssignPasswordForm', $this->lng->txt('submit'));
377 
378  return $form;
379  }
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:32
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilPasswordInputGUI
This class represents a password property in a property form.
Definition: class.ilPasswordInputGUI.php:11
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:171
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssistanceForm()

ilPasswordAssistanceGUI::getAssistanceForm ( )
protected
Returns
ilPropertyFormGUI

Definition at line 132 of file class.ilPasswordAssistanceGUI.php.

References ilFormPropertyGUI\setRequired().

Referenced by showAssistanceForm(), and submitAssistanceForm().

133  {
134  require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
135  $form = new ilPropertyFormGUI();
136 
137  $form->setFormAction($this->ctrl->getFormAction($this, 'submitAssistanceForm'));
138  $form->setTarget('_parent');
139 
140  $username = new ilTextInputGUI($this->lng->txt('username'), 'username');
141  $username->setRequired(true);
142  $form->addItem($username);
143 
144  $email = new ilTextInputGUI($this->lng->txt('email'), 'email');
145  $email->setRequired(true);
146  $form->addItem($email);
147 
148  $form->addCommandButton('submitAssistanceForm', $this->lng->txt('submit'));
149 
150  return $form;
151  }
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:171
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getUsernameAssistanceForm()

ilPasswordAssistanceGUI::getUsernameAssistanceForm ( )
protected
Returns
ilPropertyFormGUI

Definition at line 548 of file class.ilPasswordAssistanceGUI.php.

References ilFormPropertyGUI\setRequired().

Referenced by showUsernameAssistanceForm(), and submitUsernameAssistanceForm().

549  {
550  require_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
551  $form = new ilPropertyFormGUI();
552 
553  $form->setFormAction($this->ctrl->getFormAction($this, 'submitUsernameAssistanceForm'));
554  $form->setTarget('_parent');
555 
556  $email = new ilTextInputGUI($this->lng->txt('email'), 'email');
557  $email->setRequired(true);
558  $form->addItem($email);
559 
560  $form->addCommandButton('submitUsernameAssistanceForm', $this->lng->txt('submit'));
561 
562  return $form;
563  }
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:171
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ sendPasswordAssistanceMail()

ilPasswordAssistanceGUI::sendPasswordAssistanceMail ( ilObjUser  $userObj)

Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user.

Note: To prevent DOS attacks, a new session is created only, if no session exists, or if the existing session has been expired. The password assistance mail contains an URL, which points to this script and contains the following URL parameters: client_id key

Parameters
$userObjilObjUser

Definition at line 278 of file class.ilPasswordAssistanceGUI.php.

References $_SERVER, $DIC, array, db_pwassist_create_id(), db_pwassist_session_find(), db_pwassist_session_write(), ilObjUser\getEmail(), ilObject\getId(), ilObjUser\getLogin(), https, and time.

Referenced by submitAssistanceForm().

279  {
280  global $DIC;
281 
282  require_once 'Services/Mail/classes/class.ilMailbox.php';
283  require_once 'Services/Mail/classes/class.ilMail.php';
284  require_once 'Services/Mail/classes/class.ilMimeMail.php';
285  require_once 'include/inc.pwassist_session_handler.php';
286 
287  // Check if we need to create a new session
288  $pwassist_session = db_pwassist_session_find($userObj->getId());
289  if(
290  count($pwassist_session) == 0 ||
291  $pwassist_session['expires'] < time() ||
292  true // comment by mjansen: wtf? :-)
293  )
294  {
295  // Create a new session id
296  // #9700 - this didn't do anything before?!
297  // db_set_save_handler();
298  session_start();
299  $pwassist_session['pwassist_id'] = db_pwassist_create_id();
300  session_destroy();
301  db_pwassist_session_write(
302  $pwassist_session['pwassist_id'],
303  3600,
304  $userObj->getId()
305  );
306  }
307  $protocol = $this->https->isDetected() ? 'https://' : 'http://';
308  // Compose the mail
309  $server_url = $protocol . $_SERVER['HTTP_HOST'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')) . '/';
310  // XXX - Werner Randelshofer - Insert code here to dynamically get the
311  // the delimiter. For URL's that are sent by e-mail to a user,
312  // it is best to use semicolons as parameter delimiter
313  $delimiter = '&';
314  $pwassist_url = $protocol . $_SERVER['HTTP_HOST']
315  . str_replace('ilias.php', 'pwassist.php', $_SERVER['PHP_SELF'])
316  . '?client_id=' . $this->ilias->getClientId()
317  . $delimiter . 'lang=' . $this->lng->getLangKey()
318  . $delimiter . 'key=' . $pwassist_session['pwassist_id'];
319  $alternative_pwassist_url = $protocol . $_SERVER['HTTP_HOST']
320  . str_replace('ilias.php', 'pwassist.php', $_SERVER['PHP_SELF'])
321  . '?client_id=' . $this->ilias->getClientId()
322  . $delimiter . 'lang=' . $this->lng->getLangKey()
323  . $delimiter . 'key=' . $pwassist_session['pwassist_id'];
324 
325  $contact_address = ilMail::getIliasMailerAddress();
326 
327  $mm = new ilMimeMail();
328  $mm->Subject($this->lng->txt('pwassist_mail_subject'));
329  $mm->From($contact_address);
330  $mm->To($userObj->getEmail());
331  $mm->Body
332  (
333  str_replace
334  (
335  array("\\n", "\\t"),
336  array("\n", "\t"),
337  sprintf
338  (
339  $this->lng->txt('pwassist_mail_body'),
340  $pwassist_url,
341  $server_url,
342  $_SERVER['REMOTE_ADDR'],
343  $userObj->getLogin(),
344  'mailto:' . $DIC['ilSetting']->get("admin_email"),
345  $alternative_pwassist_url
346  )
347  )
348  );
349  $mm->Send();
350  }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
ilObjUser\getLogin
getLogin()
get login / username public
Definition: class.ilObjUser.php:1472
db_pwassist_create_id
db_pwassist_create_id()
Definition: inc.pwassist_session_handler.php:67
ilObjUser\getEmail
getEmail()
get email address public
Definition: class.ilObjUser.php:1871
db_pwassist_session_find
db_pwassist_session_find($user_id)
Definition: inc.pwassist_session_handler.php:106
ilMimeMail
this class encapsulates the PHP mail() function.
Definition: class.ilMimeMail.php:28
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:290
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
https
foreach( $name as $i=> $nameSection)( $i==count( $name) - 1)( $nameSection) ?></span ><?php else from https
Definition: header.html.php:3
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$DIC
global $DIC
Definition: imagemanager.php:32
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
db_pwassist_session_write
db_pwassist_session_write($pwassist_id, $maxlifetime, $user_id)
Writes serialized session data to the database.
Definition: inc.pwassist_session_handler.php:125
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ sendUsernameAssistanceMail()

ilPasswordAssistanceGUI::sendUsernameAssistanceMail (   $email,
array  $logins 
)

Creates (or reuses) a password assistance session, and sends a password assistance mail to the specified user.

Note: To prevent DOS attacks, a new session is created only, if no session exists, or if the existing session has been expired. The password assistance mail contains an URL, which points to this script and contains the following URL parameters: client_id key

Parameters
$email
$logins

Definition at line 682 of file class.ilPasswordAssistanceGUI.php.

References $_SERVER, $DIC, array, and https.

Referenced by submitUsernameAssistanceForm().

683  {
684  global $DIC;
685 
686  require_once 'Services/Mail/classes/class.ilMailbox.php';
687  require_once 'Services/Mail/classes/class.ilMail.php';
688  require_once 'Services/Mail/classes/class.ilMimeMail.php';
689  require_once 'include/inc.pwassist_session_handler.php';
690 
691  $protocol = $this->https->isDetected() ? 'https://' : 'http://';
692 
693  $server_url = $protocol . $_SERVER['HTTP_HOST'] . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')) . '/';
694  $login_url = $server_url . 'pwassist.php' . '?client_id=' . $this->ilias->getClientId() . '&lang=' . $this->lng->getLangKey();
695  $contact_address = ilMail::getIliasMailerAddress();
696 
697  $mm = new ilMimeMail();
698  $mm->Subject($this->lng->txt('pwassist_mail_subject'));
699  $mm->From($contact_address);
700  $mm->To($email);
701  $mm->Body
702  (
703  str_replace
704  (
705  array("\\n", "\\t"),
706  array("\n", "\t"),
707  sprintf
708  (
709  $this->lng->txt('pwassist_username_mail_body'),
710  join($logins, ",\n"),
711  $server_url,
712  $_SERVER['REMOTE_ADDR'],
713  $email,
714  'mailto:' . $DIC['ilSetting']->get("admin_email"),
715  $login_url
716  )
717  )
718  );
719  $mm->Send();
720  }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
ilMimeMail
this class encapsulates the PHP mail() function.
Definition: class.ilMimeMail.php:28
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
https
foreach( $name as $i=> $nameSection)( $i==count( $name) - 1)( $nameSection) ?></span ><?php else from https
Definition: header.html.php:3
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$DIC
global $DIC
Definition: imagemanager.php:32
+ Here is the caller graph for this function:

◆ showAssignPasswordForm()

ilPasswordAssistanceGUI::showAssignPasswordForm ( ilPropertyFormGUI  $form = null,
  $pwassist_id = '' 
)

Assign password form.

This form is used to assign a password to a username. To use this form, the following data must be provided as HTTP GET parameter, or in argument pwassist_id: key The key is used to retrieve the password assistance session. If the key is missing, or if the password assistance session has expired, the password assistance form will be shown instead of this form.

Parameters
ilPropertyFormGUI$form
string$pwassist_id

Definition at line 393 of file class.ilPasswordAssistanceGUI.php.

References $_GET, db_pwassist_session_read(), getAssignPasswordForm(), ilUtil\getImagePath(), ilUtil\sendFailure(), showAssistanceForm(), and time.

Referenced by executeCommand(), and submitAssignPasswordForm().

394  {
395  require_once 'include/inc.pwassist_session_handler.php';
396  require_once 'Services/Language/classes/class.ilLanguage.php';
397 
398  // Retrieve form data
399  if(!$pwassist_id)
400  {
401  $pwassist_id = $_GET['key'];
402  }
403 
404  // Retrieve the session, and check if it is valid
405  $pwassist_session = db_pwassist_session_read($pwassist_id);
406  if(
407  count($pwassist_session) == 0 ||
408  $pwassist_session['expires'] < time()
409  )
410  {
411  ilUtil::sendFailure($this->lng->txt('pwassist_session_expired'));
412  $this->showAssistanceForm(null);
413  }
414  else
415  {
416  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_assignpassword.html', true);
417  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
418  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
419 
420  $this->tpl->setVariable('TXT_ENTER_USERNAME_AND_NEW_PASSWORD', $this->lng->txt('pwassist_enter_username_and_new_password'));
421 
422  if(!$form)
423  {
424  $form = $this->getAssignPasswordForm($pwassist_id);
425  }
426  $this->tpl->setVariable('FORM', $form->getHTML());
427  $this->tpl->show();
428  }
429  }
db_pwassist_session_read
db_pwassist_session_read($pwassist_id)
Definition: inc.pwassist_session_handler.php:86
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:71
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4771
ilPasswordAssistanceGUI\showAssistanceForm
showAssistanceForm(ilPropertyFormGUI $form=null)
Definition: class.ilPasswordAssistanceGUI.php:156
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ showAssistanceForm()

ilPasswordAssistanceGUI::showAssistanceForm ( ilPropertyFormGUI  $form = null)
Parameters
ilPropertyFormGUI$form

Definition at line 156 of file class.ilPasswordAssistanceGUI.php.

References getAssistanceForm(), ilUtil\getImagePath(), ilUtil\prepareFormOutput(), and settings().

Referenced by executeCommand(), showAssignPasswordForm(), submitAssignPasswordForm(), and submitAssistanceForm().

157  {
158  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_assistance.html', true);
159  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
160  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
161 
162  $this->tpl->setVariable
163  (
164  'TXT_ENTER_USERNAME_AND_EMAIL',
165  str_replace
166  (
167  "\\n", '<br />',
168  sprintf
169  (
170  $this->lng->txt('pwassist_enter_username_and_email'),
171  '<a href="mailto:' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '">' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '</a>'
172  )
173  )
174  );
175 
176  if(!$form)
177  {
178  $form = $this->getAssistanceForm();
179  }
180  $this->tpl->setVariable('FORM', $form->getHTML());
181  $this->tpl->show();
182  }
ilUtil\prepareFormOutput
static prepareFormOutput($a_str, $a_strip=false)
prepares string output for html forms public
Definition: class.ilUtil.php:3060
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:71
settings
settings()
Definition: settings.php:2
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ showMessageForm()

ilPasswordAssistanceGUI::showMessageForm (   $text)

This form is used to show a message to the user.

Parameters
string$text

Definition at line 726 of file class.ilPasswordAssistanceGUI.php.

References $text, and ilUtil\getImagePath().

Referenced by submitAssignPasswordForm(), submitAssistanceForm(), and submitUsernameAssistanceForm().

727  {
728  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_message.html', true);
729  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
730  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
731 
732  $this->tpl->setVariable('TXT_TEXT', str_replace("\\n", '<br />', $text));
733  $this->tpl->show();
734  }
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:71
$text
$text
Definition: example_020.php:127
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ showUsernameAssistanceForm()

ilPasswordAssistanceGUI::showUsernameAssistanceForm ( ilPropertyFormGUI  $form = null)

Shows the password assistance form.

This form is used to request a password assistance mail from ILIAS. This form contains the following fields: username email When the user submits the form, then this script is invoked with the cmd 'submitAssistanceForm'.

Parameters
ilPropertyFormGUI$form

Definition at line 575 of file class.ilPasswordAssistanceGUI.php.

References ilUtil\getImagePath(), getUsernameAssistanceForm(), ilUtil\prepareFormOutput(), and settings().

Referenced by submitUsernameAssistanceForm().

576  {
577  ilStartUpGUI::initStartUpTemplate('tpl.pwassist_username_assistance.html', true);
578  $this->tpl->setVariable('IMG_PAGEHEADLINE', ilUtil::getImagePath('icon_auth.svg'));
579  $this->tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
580 
581  $this->tpl->setVariable
582  (
583  'TXT_ENTER_USERNAME_AND_EMAIL',
584  str_replace
585  (
586  "\\n", '<br />',
587  sprintf
588  (
589  $this->lng->txt('pwassist_enter_email'),
590  '<a href="mailto:' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '">' . ilUtil::prepareFormOutput($this->settings->get('admin_email')) . '</a>'
591  )
592  )
593  );
594 
595  if(!$form)
596  {
597  $form = $this->getUsernameAssistanceForm();
598  }
599  $this->tpl->setVariable('FORM', $form->getHTML());
600  $this->tpl->show();
601  }
ilUtil\prepareFormOutput
static prepareFormOutput($a_str, $a_strip=false)
prepares string output for html forms public
Definition: class.ilUtil.php:3060
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:71
settings
settings()
Definition: settings.php:2
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ submitAssignPasswordForm()

ilPasswordAssistanceGUI::submitAssignPasswordForm ( )

Reads the submitted data from the password assistance form.

The following form fields are read as HTTP POST parameters: key username password1 password2 The key is used to retrieve the password assistance session. If the key is missing, or if the password assistance session has expired, the password assistance form will be shown instead of this form. If the password assistance session is valid, and if the username matches the username, for which the password assistance has been requested, and if the new password is valid, ILIAS assigns the password to the user. Note: To prevent replay attacks, the session is deleted when the password has been assigned successfully.

Definition at line 447 of file class.ilPasswordAssistanceGUI.php.

References $_POST, db_pwassist_session_destroy(), db_pwassist_session_read(), getAssignPasswordForm(), ilUtil\isPasswordValidForUserContext(), ilUtil\sendFailure(), showAssignPasswordForm(), showAssistanceForm(), showMessageForm(), ilUtil\stripSlashes(), and time.

448  {
449 
450  require_once 'include/inc.pwassist_session_handler.php';
451 
452  // We need to fetch this before form instantiation
453  $pwassist_id = ilUtil::stripSlashes($_POST['key']);
454 
455  $form = $this->getAssignPasswordForm($pwassist_id);
456  if(!$form->checkInput())
457  {
458  $form->setValuesByPost();
459  $this->showAssistanceForm($form);
460  return;
461  }
462 
463  $username = $form->getInput('username');
464  $password = $form->getInput('password');
465  $pwassist_id = $form->getInput('key');
466 
467  // Retrieve the session
468  $pwassist_session = db_pwassist_session_read($pwassist_id);
469 
470  if(
471  count($pwassist_session) == 0 ||
472  $pwassist_session['expires'] < time()
473  )
474  {
475  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_session_expired')));
476  $form->setValuesByPost();
477  $this->showAssistanceForm($form);
478  return;
479  }
480  else
481  {
482  $is_successful = true;
483  $message = '';
484 
485  $userObj = new ilObjUser($pwassist_session['user_id']);
486  if($userObj == null)
487  {
488  $message = $this->lng->txt('user_does_not_exist');
489  $is_successful = false;
490  }
491 
492  // check if the username entered by the user matches the
493  // one of the user object.
494  if($is_successful && strcasecmp($userObj->getLogin(), $username) != 0)
495  {
496  $message = $this->lng->txt('pwassist_login_not_match');
497  $is_successful = false;
498  }
499 
500  $error_lng_var = '';
501  if(!ilUtil::isPasswordValidForUserContext($password, $userObj, $error_lng_var))
502  {
503  $message = $this->lng->txt($error_lng_var);
504  $is_successful = false;
505  }
506 
507  // End of validation
508  // If the validation was successful, we change the password of the
509  // user.
510  // ------------------
511  if($is_successful)
512  {
513  $is_successful = $userObj->resetPassword($password, $password);
514  if(!$is_successful)
515  {
516  $message = $this->lng->txt('passwd_invalid');
517  }
518  }
519 
520  // If we are successful so far, we update the user object.
521  // ------------------
522  if($is_successful)
523  {
524  $userObj->update();
525  }
526 
527  // If we are successful, we destroy the password assistance
528  // session and redirect to the login page.
529  // Else we display the form again along with an error message.
530  // ------------------
531  if($is_successful)
532  {
533  db_pwassist_session_destroy($pwassist_id);
534  $this->showMessageForm(sprintf($this->lng->txt('pwassist_password_assigned'), $username));
535  }
536  else
537  {
538  ilUtil::sendFailure(str_replace("\\n", '', $message));
539  $form->setValuesByPost();
540  $this->showAssignPasswordForm($form, $pwassist_id);
541  }
542  }
543  }
db_pwassist_session_destroy
db_pwassist_session_destroy($pwassist_id)
destroy session
Definition: inc.pwassist_session_handler.php:150
db_pwassist_session_read
db_pwassist_session_read($pwassist_id)
Definition: inc.pwassist_session_handler.php:86
ilUtil\isPasswordValidForUserContext
static isPasswordValidForUserContext($clear_text_password, $user, &$error_language_variable=null)
Definition: class.ilUtil.php:1287
ilPasswordAssistanceGUI\showAssignPasswordForm
showAssignPasswordForm(ilPropertyFormGUI $form=null, $pwassist_id='')
Assign password form.
Definition: class.ilPasswordAssistanceGUI.php:393
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2639
ilPasswordAssistanceGUI\showMessageForm
showMessageForm($text)
This form is used to show a message to the user.
Definition: class.ilPasswordAssistanceGUI.php:726
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4771
ilPasswordAssistanceGUI\showAssistanceForm
showAssistanceForm(ilPropertyFormGUI $form=null)
Definition: class.ilPasswordAssistanceGUI.php:156
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
+ Here is the call graph for this function:

◆ submitAssistanceForm()

ilPasswordAssistanceGUI::submitAssistanceForm ( )

Reads the submitted data from the password assistance form.

The following form fields are read as HTTP POST parameters: username email If the submitted username and email address matches an entry in the user data table, then ILIAS creates a password assistance session for the user, and sends a password assistance mail to the email address. For details about the creation of the session and the e-mail see function sendPasswordAssistanceMail().

Definition at line 195 of file class.ilPasswordAssistanceGUI.php.

References AUTH_LOCAL, getAssistanceForm(), ilObjUser\getUserIdByLogin(), ilUtil\sendFailure(), sendPasswordAssistanceMail(), showAssistanceForm(), and showMessageForm().

196  {
197  $form = $this->getAssistanceForm();
198  if(!$form->checkInput())
199  {
200  $form->setValuesByPost();
201  $this->showAssistanceForm($form);
202  return;
203  }
204 
205  $username = $form->getInput('username');
206  $email = $form->getInput('email');
207 
208  $userObj = null;
209  $userid = ilObjUser::getUserIdByLogin($username);
210  $txt_key = 'pwassist_invalid_username_or_email';
211  if($userid != 0)
212  {
213  $userObj = new ilObjUser($userid);
214  if(strcasecmp($userObj->getEmail(), $email) != 0)
215  {
216  $userObj = null;
217  }
218  elseif(!strlen($email))
219  {
220  $userObj = null;
221  $txt_key = 'pwassist_no_email_found';
222  }
223  else if(
224  $userObj->getAuthMode(true) != AUTH_LOCAL ||
225  ($userObj->getAuthMode(true) == AUTH_DEFAULT && AUTH_DEFAULT != AUTH_LOCAL)
226  )
227  {
228  $userObj = null;
229  $txt_key = 'pwassist_invalid_auth_mode';
230  }
231  }
232 
233  // No matching user object found?
234  // Show the password assistance form again, and display an error message.
235  if($userObj == null)
236  {
237  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt($txt_key)));
238  $form->setValuesByPost();
239  $this->showAssistanceForm($form);
240  }
241  else
242  {
243  // Matching user object found?
244  // Check if the user is permitted to use the password assistance function,
245  // and then send a password assistance mail to the email address.
246  // FIXME: Extend this if-statement to check whether the user
247  // has the permission to use the password assistance function.
248  // The anonymous user and users who are system administrators are
249  // not allowed to use this feature
250  if(
251  $this->rbacreview->isAssigned($userObj->getId(), ANONYMOUS_ROLE_ID) ||
252  $this->rbacreview->isAssigned($userObj->getId(), SYSTEM_ROLE_ID)
253  )
254  {
255  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_not_permitted')));
256  $form->setValuesByPost();
257  $this->showAssistanceForm($form);
258  }
259  else
260  {
261  $this->sendPasswordAssistanceMail($userObj);
262  $this->showMessageForm(sprintf($this->lng->txt('pwassist_mail_sent'), $email));
263  }
264  }
265  }
ilObjUser\getUserIdByLogin
static getUserIdByLogin($a_login)
Definition: class.ilObjUser.php:2556
ilPasswordAssistanceGUI\sendPasswordAssistanceMail
sendPasswordAssistanceMail(ilObjUser $userObj)
Creates (or reuses) a password assistance session, and sends a password assistance mail to the specif...
Definition: class.ilPasswordAssistanceGUI.php:278
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
ilPasswordAssistanceGUI\showMessageForm
showMessageForm($text)
This form is used to show a message to the user.
Definition: class.ilPasswordAssistanceGUI.php:726
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4771
ilPasswordAssistanceGUI\showAssistanceForm
showAssistanceForm(ilPropertyFormGUI $form=null)
Definition: class.ilPasswordAssistanceGUI.php:156
+ Here is the call graph for this function:

◆ submitUsernameAssistanceForm()

ilPasswordAssistanceGUI::submitUsernameAssistanceForm ( )

Reads the submitted data from the password assistance form.

The following form fields are read as HTTP POST parameters: username email If the submitted username and email address matches an entry in the user data table, then ILIAS creates a password assistance session for the user, and sends a password assistance mail to the email address. For details about the creation of the session and the e-mail see function sendPasswordAssistanceMail().

Definition at line 614 of file class.ilPasswordAssistanceGUI.php.

References ilObjUser\_getUserIdsByEmail(), getUsernameAssistanceForm(), ilUtil\sendFailure(), sendUsernameAssistanceMail(), showMessageForm(), and showUsernameAssistanceForm().

615  {
616  require_once 'Services/User/classes/class.ilObjUser.php';
617  require_once 'Services/Utilities/classes/class.ilUtil.php';
618 
619  $form = $this->getUsernameAssistanceForm();
620  if(!$form->checkInput())
621  {
622  $form->setValuesByPost();
623  $this->showUsernameAssistanceForm($form);
624  return;
625  }
626 
627  // Retrieve form data
628  $email = $form->getInput('email');
629 
630  // Retrieve a user object with matching user name and email address.
631  $logins = ilObjUser::_getUserIdsByEmail($email);
632 
633  // No matching user object found?
634  // Show the password assistance form again, and display an error message.
635  if(!is_array($logins) || count($logins) < 1)
636  {
637  ilUtil::sendFailure(str_replace("\\n", '', $this->lng->txt('pwassist_invalid_email')));
638  $form->setValuesByPost();
639  $this->showUsernameAssistanceForm($form);
640  }
641  else
642  {
643  // Matching user object found?
644  // Check if the user is permitted to use the password assistance function,
645  // and then send a password assistance mail to the email address.
646 
647  // FIXME: Extend this if-statement to check whether the user
648  // has the permission to use the password assistance function.
649  // The anonymous user and users who are system administrators are
650  // not allowed to use this feature
651  /* if ($rbacreview->isAssigned($userObj->getID, ANONYMOUS_ROLE_ID)
652  || $rbacreview->isAssigned($userObj->getID, SYSTEM_ROLE_ID)
653  )
654  {
655  $this->showAssistanceForm
656  (
657  $lng->txt("pwassist_not_permitted"),
658  $username,
659  $email
660  );
661  }
662  else */
663  {
664  $this->sendUsernameAssistanceMail($email, $logins);
665  $this->showMessageForm(sprintf($this->lng->txt('pwassist_mail_sent'), $email));
666  }
667  }
668  }
ilPasswordAssistanceGUI\showMessageForm
showMessageForm($text)
This form is used to show a message to the user.
Definition: class.ilPasswordAssistanceGUI.php:726
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4771
ilPasswordAssistanceGUI\sendUsernameAssistanceMail
sendUsernameAssistanceMail($email, array $logins)
Creates (or reuses) a password assistance session, and sends a password assistance mail to the specif...
Definition: class.ilPasswordAssistanceGUI.php:682
ilObjUser\_getUserIdsByEmail
static _getUserIdsByEmail($a_email)
STATIC METHOD get all user_ids of an email address.
Definition: class.ilObjUser.php:2569
ilPasswordAssistanceGUI\showUsernameAssistanceForm
showUsernameAssistanceForm(ilPropertyFormGUI $form=null)
Shows the password assistance form.
Definition: class.ilPasswordAssistanceGUI.php:575
+ Here is the call graph for this function:

Field Documentation

◆ $ctrl

ilPasswordAssistanceGUI::$ctrl
protected

Definition at line 17 of file class.ilPasswordAssistanceGUI.php.

◆ $https

ilPasswordAssistanceGUI::$https
protected

Definition at line 47 of file class.ilPasswordAssistanceGUI.php.

◆ $ilias

ilPasswordAssistanceGUI::$ilias
protected

Definition at line 42 of file class.ilPasswordAssistanceGUI.php.

◆ $lng

ilPasswordAssistanceGUI::$lng
protected

Definition at line 22 of file class.ilPasswordAssistanceGUI.php.

Referenced by executeCommand().

◆ $rbacreview

ilPasswordAssistanceGUI::$rbacreview
protected

Definition at line 27 of file class.ilPasswordAssistanceGUI.php.

◆ $settings

ilPasswordAssistanceGUI::$settings
protected

Definition at line 37 of file class.ilPasswordAssistanceGUI.php.

◆ $tpl

ilPasswordAssistanceGUI::$tpl
protected

Definition at line 32 of file class.ilPasswordAssistanceGUI.php.

The documentation for this class was generated from the following file: