Commit 374177c3 authored by Richard Mansfield's avatar Richard Mansfield Committed by Gerrit Code Review
Browse files

Merge "Add verification to username change on admin page"

parents 19b36f01 28739500
......@@ -88,7 +88,10 @@ $elements = array(
'username' => array(
'type' => 'text',
'title' => get_string('username'),
'rules' => array('required' => true),
'rules' => array(
'required' => true,
'maxlength' => 236,
),
),
'password' => array(
'type' => 'text',
......@@ -172,8 +175,15 @@ function adduser_validate(Pieform $form, $values) {
$email = $values['email'];
$password = $values['password'];
if (method_exists($authobj, 'is_username_valid') && !$authobj->is_username_valid($username)) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
if (method_exists($authobj, 'is_username_valid_admin')) {
if (!$authobj->is_username_valid_admin($username)) {
$form->set_error('username', get_string('usernameinvalidadminform', 'auth.internal'));
}
}
else if (method_exists($authobj, 'is_username_valid')) {
if (!$authobj->is_username_valid($username)) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($username))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
......
......@@ -61,6 +61,9 @@ if (method_exists($authobj, 'change_username')) {
'title' => get_string('changeusername', 'admin'),
'description' => get_string('changeusernamedescription', 'admin'),
'defaultvalue' => $user->username,
'rules' => array(
'maxlength' => 236,
),
);
}
......@@ -184,6 +187,40 @@ function edituser_site_validate(Pieform $form, $values) {
$SESSION->add_error_msg(get_string('maxquotaexceeded', 'artefact.file', display_size($maxquota)));
}
$userobj = new User();
$userobj = $userobj->find_by_id($user->id);
if (isset($values['username']) && !empty($values['username']) && $values['username'] != $userobj->username) {
if (!isset($values['authinstance'])) {
$authobj = AuthFactory::create($userobj->authinstance);
}
else {
$authobj = AuthFactory::create($values['authinstance']);
}
if (method_exists($authobj, 'change_username')) {
if (method_exists($authobj, 'is_username_valid_admin')) {
if (!$authobj->is_username_valid_admin($values['username'])) {
$form->set_error('username', get_string('usernameinvalidadminform', 'auth.internal'));
}
}
else if (method_exists($authobj, 'is_username_valid')) {
if (!$authobj->is_username_valid($values['username'])) {
$form->set_error('username', get_string('usernameinvalidform', 'auth.internal'));
}
}
if (!$form->get_error('username') && record_exists_select('usr', 'LOWER(username) = ?', strtolower($values['username']))) {
$form->set_error('username', get_string('usernamealreadytaken', 'auth.internal'));
}
}
else {
$form->set_error('username', get_string('usernamechangenotallowed', 'admin'));
}
}
// Check that the external username isn't already in use
if (isset($values['remoteusername']) &&
$usedby = get_record_select('auth_remote_user',
......
......@@ -208,8 +208,15 @@ function uploadcsv_validate(Pieform $form, $values) {
$authobj = AuthFactory::create($authinstance);
if (method_exists($authobj, 'is_username_valid') && !$authobj->is_username_valid($username)) {
$CSVERRORS[] = get_string('uploadcsverrorinvalidusername', 'admin', $i);
if (method_exists($authobj, 'is_username_valid_admin')) {
if (!$authobj->is_username_valid_admin($username)) {
$CSVERRORS[] = get_string('uploadcsverrorinvalidusername', 'admin', $i);
}
}
else if (method_exists($authobj, 'is_username_valid')) {
if (!$authobj->is_username_valid($username)) {
$CSVERRORS[] = get_string('uploadcsverrorinvalidusername', 'admin', $i);
}
}
if (record_exists_select('usr', 'LOWER(username) = ?', strtolower($username)) || isset($usernames[strtolower($username)])) {
$CSVERRORS[] = get_string('uploadcsverroruseralreadyexists', 'admin', $i, $username);
......
......@@ -63,4 +63,5 @@ $string['registrationnosuchkey'] = 'Sorry, there does not seem to be a registrat
$string['registrationunsuccessful'] = 'Sorry, your registration attempt was unsuccessful. This is our fault, not yours. Please try again later.';
$string['usernamealreadytaken'] = 'Sorry, this username is already taken';
$string['usernameinvalidform'] = 'Usernames may contain letters, numbers and most common symbols, and must be from 3 to 30 characters in length. Spaces are not allowed.';
$string['usernameinvalidadminform'] = 'Usernames may contain letters, numbers and most common symbols, and must be from 3 to 236 characters in length. Spaces are not allowed.';
$string['youmaynotregisterwithouttandc'] = 'You may not register unless you agree to abide by the <a href="terms.php">Terms and Conditions</a>';
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment