index.php 11.3 KB
Newer Older
1 2
<?php
/**
Francois Marier's avatar
Francois Marier committed
3
 * Mahara: Electronic portfolio, weblog, resume builder and social networking
4 5
 * Copyright (C) 2006-2009 Catalyst IT Ltd and others; see:
 *                         http://wiki.mahara.org/Contributors
6
 *
Francois Marier's avatar
Francois Marier committed
7 8 9 10
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
11
 *
Francois Marier's avatar
Francois Marier committed
12 13 14 15
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
16
 *
Francois Marier's avatar
Francois Marier committed
17 18
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
19 20 21
 *
 * @package    mahara
 * @subpackage core
22
 * @author     Catalyst IT Ltd
23
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL
24
 * @copyright  (C) 2006-2009 Catalyst IT Ltd http://catalyst.net.nz
25 26 27 28
 *
 */

define('INTERNAL', 1);
29
define('MENUITEM', 'settings/account');
30 31 32
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'account');
define('SECTION_PAGE', 'preferences');
33 34

require(dirname(dirname(__FILE__)) . '/init.php');
35
define('TITLE', get_string('account'));
36
require_once('pieforms/pieform.php');
37

Penny Leach's avatar
Penny Leach committed
38
// load up user preferences
39
$prefs = (object) load_account_preferences($USER->id);
Penny Leach's avatar
Penny Leach committed
40

41
$authobj = AuthFactory::create($USER->authinstance);
42 43

// @todo auth preference for a password change screen for all auth methods other than internal
44
if (method_exists($authobj, 'change_password')) {
45 46
    $elements = array(
        'changepassworddesc' => array(
47
            'value' => '<tr><td colspan="2"><h3>' . get_string('changepassworddesc', 'account') . '</h3></td></tr>'
48 49 50
        ),
        'oldpassword' => array( 'type' => 'password',
            'title' => get_string('oldpassword'),
51
            'help'  => true,
52
            'autocomplete' => 'off',
53 54 55 56 57 58 59 60 61 62 63
        ),
        'password1' => array(
            'type' => 'password',
            'title' => get_string('newpassword'),
        ),
        'password2' => array(
            'type' => 'password',
            'title' => get_string('confirmpassword')
        ),
    );
}
64
else if ($url = get_config_plugin_instance('auth', $USER->authinstance, 'changepasswordurl')) {
65
    // @todo contextual help
66 67
    $elements = array(
        'changepasswordotherinterface' => array(
68
            'value' => '<tr><td colspan="2"><h3>' . get_string('changepasswordotherinterface', 'account', $url) . '</h3></td></tr>'
69 70 71 72 73 74 75
        )
    );
}
else {
    $elements = array();
}

76 77
if ($authobj->authname == 'internal') {
    $elements['changeusernameheading'] = array(
78
        'value' => '<tr><td colspan="2"><h3>' . get_string('changeusernameheading', 'account') . '</h3></td></tr>'
79 80 81 82 83
    );
    $elements['username'] = array(
        'type' => 'text',
        'defaultvalue' => $USER->get('username'),
        'title' => get_string('changeusername', 'account'),
84
        'description' => get_string('changeusernamedesc', 'account', hsc(get_config('sitename'))),
85 86 87
    );
}

88
if (get_config('cleanurls') && get_config('cleanurlusereditable')) {
89 90 91
    $elements['changeprofileurl'] = array(
        'value' => '<tr><td colspan="2"><h3>' . get_string('changeprofileurl', 'account') . '</h3></td></tr>'
    );
92 93 94 95 96 97 98 99 100
    if (get_config('cleanurlusersubdomains')) {
        list($proto, $rest) = explode('://', get_config('wwwroot'));
        $prehtml = $proto . ':// ';
        $posthtml = ' .' . $rest;
    }
    else {
        $prehtml = get_config('wwwroot') . get_config('cleanurluserdefault') . '/ ';
        $posthtml = '';
    }
101 102 103 104
    $elements['urlid'] = array(
        'type'         => 'text',
        'defaultvalue' => $USER->get('urlid'),
        'title'        => get_string('profileurl', 'account'),
105 106
        'prehtml'      => '<span class="description">' . $prehtml . '</span>',
        'posthtml'     => '<span class="description">' . $posthtml . '</span>',
107 108 109 110 111
        'description'  => get_string('profileurldescription', 'account') . ' ' . get_string('cleanurlallowedcharacters'),
        'rules'        => array('maxlength' => 30, 'regex' => get_config('cleanurlvalidate')),
    );
}

112
$elements['accountoptionsdesc'] = array(
113
    'value' => '<tr><td colspan="2"><h3>' . get_string('accountoptionsdesc', 'account') . '</h3></td></tr>'
114
);
115 116 117 118

// Add general account options
$elements = array_merge($elements, general_account_prefs_form_elements($prefs));

119 120
$blogcount = count_records('artefact', 'artefacttype', 'blog', 'owner', $USER->get('id')) ;
if ($blogcount != 1 && $prefs->multipleblogs == 1) {
121
    $elements['multipleblogs']['disabled'] = true;
122
}
123

124 125 126 127 128
$elements['submit'] = array(
    'type' => 'submit',
    'value' => get_string('save')
);

Penny Leach's avatar
Penny Leach committed
129 130
$prefsform = array(
    'name'        => 'accountprefs',
131
    'renderer'    => 'table',
Penny Leach's avatar
Penny Leach committed
132
    'method'      => 'post',
133
    'jsform'      => true,
134
    'plugintype'  => 'core',
Penny Leach's avatar
Penny Leach committed
135
    'pluginname'  => 'account',
136
    'jssuccesscallback' => 'clearPasswords',
137
    'elements'    => $elements
Penny Leach's avatar
Penny Leach committed
138
);
139

140
function accountprefs_validate(Pieform $form, $values) {
141 142 143 144
    global $USER;

    $authobj = AuthFactory::create($USER->authinstance);

145 146 147
    if (isset($values['oldpassword'])) {
        if ($values['oldpassword'] !== '') {
            global $USER, $authtype, $authclass;
148 149 150 151 152 153 154 155 156 157 158
            try {
                if (!$authobj->authenticate_user_account($USER, $values['oldpassword'])) {
                    $form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account'));
                    return;
                }
            }
            // propagate error correctly for User validation issues - this should
            // be catching AuthUnknownUserException and AuthInstanceException
             catch  (UserException $e) {
                 $form->set_error('oldpassword', $e->getMessage());
                 return;
159 160 161 162 163
            }
            password_validate($form, $values, $USER);
        }
        else if ($values['password1'] !== '' || $values['password2'] !== '') {
            $form->set_error('oldpassword', get_string('mustspecifyoldpassword'));
164 165
        }
    }
166 167 168 169 170 171 172 173 174

    if ($authobj->authname == 'internal' && $values['username'] != $USER->get('username')) {
        if (!AuthInternal::is_username_valid($values['username'])) {
            $form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
        }
        if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
            $form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
        }
    }
175

176
    if (isset($values['urlid']) && get_config('cleanurls') && $values['urlid'] != $USER->get('urlid')) {
177 178 179 180 181 182 183
        if (strlen($values['urlid']) < 3) {
            $form->set_error('urlid', get_string('rule.minlength.minlength', 'pieforms', 3));
        }
        else if (record_exists('usr', 'urlid', $values['urlid'])) {
            $form->set_error('urlid', get_string('urlalreadytaken', 'account'));
        }
    }
184

185 186 187 188 189
    if (get_config('allowmobileuploads')) {
        foreach ($values['mobileuploadtoken'] as $k => $text) {
            if (strlen($text) > 0 && !preg_match('/^[a-zA-Z0-9 !@#$%^&*()\-_=+\[{\]};:\'",<\.>\/?]{6,}$/', $text)) {
                $form->set_error('mobileuploadtoken', get_string('badmobileuploadtoken', 'account'));
            }
190 191
        }
    }
192 193
}

194
function accountprefs_submit(Pieform $form, $values) {
195
    global $USER, $SESSION;
196

197 198
    $authobj = AuthFactory::create($USER->authinstance);

199
    db_begin();
200
    if (isset($values['password1']) && $values['password1'] !== '') {
201
        global $authclass;
202 203 204 205
        $password = $authobj->change_password($USER, $values['password1']);
        $USER->password = $password;
        $USER->passwordchange = 0;
        $USER->commit();
206 207
    }

208 209
    // use this as looping through values is not safe.
    $expectedprefs = expected_account_preferences(); 
210 211 212 213 214 215 216 217 218 219
    if ($values['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) {
        // Reset the sent and bounce counts otherwise mail will be disabled
        // on the next send attempt
        $u = new StdClass;
        $u->email = $USER->get('email');
        $u->id = $USER->get('id');
        update_bounce_count($u,true);
        update_send_count($u,true);
    }

220
    // Remember the user's language & theme prefs, so we can reload the page if they change them
221
    $oldlang = $USER->get_account_preference('lang');
222
    $oldtheme = $USER->get_account_preference('theme');
223

224 225 226 227 228 229 230
    if (get_config('allowmobileuploads')) {
        // Make sure the mobile token is formatted / saved correctly
        $values['mobileuploadtoken'] = array_filter($values['mobileuploadtoken']);
        $new_token_pref = empty($values['mobileuploadtoken']) ? null : ('|' . join('|', $values['mobileuploadtoken']) . '|');
        $USER->set_account_preference('mobileuploadtoken', $new_token_pref);
        unset($values['mobileuploadtoken']);
    }
231

232 233 234 235
    // Set user account preferences
    foreach ($expectedprefs as $eprefkey => $epref) {
        if (isset($values[$eprefkey]) && $values[$eprefkey] != get_account_preference($USER->get('id'), $eprefkey)) {
            $USER->set_account_preference($eprefkey, $values[$eprefkey]);
236
        }
237
    }
238

239 240
    $returndata = array();

241 242 243
    if (isset($values['username']) && $values['username'] != $USER->get('username')) {
        $USER->username = $values['username'];
        $USER->commit();
244
        $returndata['username'] = $values['username'];
245 246
    }

247 248 249
    if (get_config('cleanurls') && isset($values['urlid']) && $values['urlid'] != $USER->get('urlid')) {
        $USER->urlid = $values['urlid'];
        $USER->commit();
250
        $reload = true;
251 252
    }

253
    db_commit();
254

255
    $returndata['message'] = get_string('prefssaved', 'account');
256

257
    if (isset($values['theme']) && $values['theme'] != $oldtheme) {
258
        $USER->update_theme();
259
        $reload = true;
260
    }
261 262

    if (isset($values['lang']) && $values['lang'] != $oldlang) {
263 264 265
        // The session language pref is used when the user has no user pref,
        // and when logged out.
        $SESSION->set('lang', $values['lang']);
266 267
        $returndata['message'] = get_string_from_language($values['lang'], 'prefssaved', 'account');
        $reload = true;
268
    }
269 270

    if (!empty($reload)) {
271 272
        // Use PIEFORM_CANCEL here to force a page reload and show the new language.
        $returndata['location'] = get_config('wwwroot') . 'account/index.php';
273
        $SESSION->add_ok_msg($returndata['message']);
274 275 276
        $form->json_reply(PIEFORM_CANCEL, $returndata);
    }

277
    $form->json_reply(PIEFORM_OK, $returndata);
Penny Leach's avatar
Penny Leach committed
278 279 280
}


281

Richard Mansfield's avatar
Richard Mansfield committed
282
$prefsform = pieform($prefsform);
283 284

$smarty = smarty();
Richard Mansfield's avatar
Richard Mansfield committed
285
$smarty->assign('form', $prefsform);
286
$smarty->assign('candeleteself', $USER->can_delete_self());
287
$smarty->assign('INLINEJAVASCRIPT', "
288
function clearPasswords(form, data) {
289
    formSuccess(form, data);
290 291 292 293 294
    if ($('accountprefs_oldpassword')) {
        $('accountprefs_oldpassword').value = '';
        $('accountprefs_password1').value = '';
        $('accountprefs_password2').value = '';
    }
295 296
    if (data.username) {
        var username = getFirstElementByTagAndClassName('a', null, 'profile-sideblock-username');
297 298 299
        if (username) {
            replaceChildNodes(username, data.username);
        }
300 301 302
    }
}
");
303
$smarty->assign('PAGEHEADING', TITLE);
304
$smarty->display('account/index.tpl');