Commit bd4ed10d authored by Penny Leach's avatar Penny Leach
Browse files
parents 83292e6c a2e40e00
......@@ -25,6 +25,10 @@
*/
define('INTERNAL',1);
// uncomment if this page is public (doesn't require login)
// defined('PUBLIC', 1);
// uncomment and set if this page isn't public
// defined('MENUITEM', 'TODO');
require('init.php');
// Your code here
......
<?php
/**
* This program is part of Mahara
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
* @package mahara
* @subpackage admin
* @author Richard Mansfield <richard@catalyst.net.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006,2007 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
require(dirname(dirname(__FILE__)) . '/init.php');
$pagename = clean_requestdata('pagename', PARAM_ALPHAEXT, REQUEST_EITHER);
$data['pagename'] = $pagename;
try {
$page = get_record('site_content','name',$pagename);
$data['content'] = $page->content;
$data['success'] = 1;
}
catch (Exception $e) {
$data['success'] = 0;
$data['errormessage'] = $e->getMessage();
}
echo json_encode($data);
?>
<?php
/**
* This program is part of Mahara
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
* @package mahara
* @subpackage admin
* @author Richard Mansfield <richard.mansfield@catalyst.net.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006,2007 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL',1);
require(dirname(dirname(__FILE__)).'/init.php');
require_once('form.php');
$sitepages = get_records('site_content');
$pageoptions = array();
foreach ($sitepages as $page) {
$pageoptions[$page->name] = get_string($page->name);
}
asort($pageoptions);
$f = array(
'name' => 'editsitepage',
'method' => 'post',
'onsubmit' => 'return submitForm(\'editsitepage\',\'savesitepage.json.php\');',
'action' => '',
'elements' => array(
'pagename' => array(
'type' => 'select',
'title' => get_string('pagename'),
'value' => 'home',
'options' => $pageoptions
),
'pagetext' => array(
'name' => 'pagetext',
'type' => 'wysiwyg',
'rows' => 25,
'cols' => 85,
'title' => get_string('pagecontent'),
'description' => get_string('textdesc'),
'value' => 'blah',
'rules' => array(
'required' => true
)
),
'submit' => array(
'value' => get_string('savechanges'),
'type' => 'submit',
)
)
);
$form = form($f);
$js = array('mochikit','mahara');
if (use_html_editor()) {
array_unshift($js,'tinymce');
}
$ijs = <<< EOJS
setEditorContent = function(content) { $('pagetext').innerHTML = content; };
function onLoad() {
requestPageText();
connect('pagename', 'onchange', requestPageText);
if (typeof(tinyMCE) != 'undefined') {
setEditorContent = tinyMCE.setContent;
}
}
function requestPageText() {
var d = loadJSONDoc('editchangepage.json.php',{'pagename':$('pagename').value});
d.addCallback(function(data) {
if (data.success) {
setEditorContent(data.content);
}
else {
displayMessage({'message':get_string('failedloadingpagecontent', $('pagename').value),
'type':'error'});
}
});
}
addLoadEvent(onLoad);
EOJS;
$jsstrings = array('requiredfieldempty','noresponse');
$smarty = smarty($js,array(),$jsstrings);
$smarty->assign('pageeditform', $form);
$smarty->assign('INLINEJAVASCRIPT', $ijs);
$smarty->display('admin/editsitepage.tpl');
?>
<?php
/**
* This program is part of mahara
* This program is part of Mahara
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
......
<?php
/**
* This program is part of Mahara
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
* @package mahara
* @subpackage admin
* @author Richard Mansfield <richard.mansfield@catalyst.net.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006,2007 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
require(dirname(dirname(__FILE__)) . '/init.php');
$pagename = clean_requestdata('pagename', PARAM_ALPHAEXT, REQUEST_EITHER);
$pagetext = clean_requestdata('pagetext', PARAM_CLEANHTML, REQUEST_EITHER);
$result = array();
global $USER;
$data = new StdClass;
$data->name = $pagename;
$data->content = $pagetext;
$data->mtime = db_format_timestamp(time());
try {
$user = get_record('usr','username',$USER->username);
$data->muser = $user->id;
update_record('site_content',$data,'name');
$result['success'] = 'ok';
$result['message'] = get_string('savedsuccessfully');
}
catch (Exception $e) {
$result['success'] = 'error';
$result['message'] = $e->getMessage();
}
echo json_encode($result);
?>
<?php
/**
* This program is part of mahara
* This program is part of Mahara
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
......@@ -33,10 +33,38 @@ $name = clean_requestdata('name', PARAM_ALPHAEXT, REQUEST_EITHER);
$install = clean_requestdata('install', PARAM_BOOL, REQUEST_EITHER);
if ($install) {
// @todo should probably report errors. Also see upgrade.php to make the js detect any errors
if (!get_config('installed')) {
set_config('installed', true);
try {
// Install the default institution
$institution = new StdClass;
$institution->name = 'mahara';
$institution->displayname = 'No Institution';
$institution->authplugin = 'internal';
insert_record('institution', $institution);
// Insert the root user
$user = new StdClass;
$user->username = 'root';
$user->password = 'mahara';
$user->institution = 'mahara';
$user->passwordchange = 1;
$user->firstname = 'Admin';
$user->lastname = 'User';
$user->email = 'admin@example.org';
insert_record('usr', $user);
set_config('installed', true);
}
catch (SQLException $e) {
echo json_encode(array(
'success' => 0,
'errormessage' => $e->getMessage()
));
exit;
}
}
echo json_encode(array('success' => 1));
exit;
}
......
<?php
/**
* This program is part of mahara
* This program is part of Mahara
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
......@@ -30,6 +30,8 @@ define('INSTALLER', 1);
require(dirname(dirname(__FILE__)).'/init.php');
require(get_config('libroot') . 'upgrade.php');
$smarty = smarty(array('mochikit'));
$upgrades = check_upgrades();
if (!$upgrades) {
die_info(get_string('noupgrades', 'admin'));
......@@ -44,18 +46,47 @@ $loadingstring = get_string('upgradeloading', 'admin');
$successstring = get_string('upgradesuccess', 'admin');
$failurestring = get_string('upgradefailure', 'admin');
// Check if Mahara is being installed. An extra hook is required to insert core
// data if so.
if (!empty($upgrades['core']->install)) {
$smarty->assign('install', true);
$installjs =<<< EOJS
var d = loadJSONDoc('upgrade.json.php', { 'install' : 1 });
$('coredata').innerHTML = '<img src="{$loadingicon}" alt="{$loadingstring}" />';
d.addCallback(function (data) {
if ( data.success ) {
var message = 'Successfully installed core data';
$('coredata').innerHTML = '<img src="{$successicon}" alt=":)" /> ' + message;
}
else {
var message = '';
if (data.errormessage) {
message = data.errormessage;
}
else {
message = '{$failurestring}';
}
$('coredata').innerHTML = '<img src="{$failureicon}" alt=":(" /> ' + message;
}
});
d.addErrback(function () {
$('coredata').innerHTML = '<img src="{$failureicon}" alt=":(" /> {$failurestring}';
});
EOJS;
}
else {
$installjs = '';
}
$js .= <<< EOJS
function processNext() {
var element = todo.shift();
if ( ! element ) {
// we're done
// @todo this needs work:
// - should only hit upgrade.json.php with install message
// if we are actually installing - can check $upgrades
// in this file for that
loadJSONDoc('upgrade.json.php', { 'install' : 1 });
// @todo do as a deferred on the above call
$installjs
$('finished').style.display = 'block';
return;
}
......@@ -89,7 +120,6 @@ $js .= <<< EOJS
addLoadEvent( processNext );
EOJS;
$smarty = smarty(array('mochikit'));
$smarty->assign('INLINEJAVASCRIPT', $js);
$smarty->assign_by_ref('upgrades', $upgrades);
......
<?php
/**
* This program is part of Mahara
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
* @package mahara
* @subpackage artefact/internal
* @author Martyn Smith <martyn@catalyst.net.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006,2007 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('MENUITEM', 'myfiles');
require(dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php');
$smarty = smarty();
$smarty->display('artefact:internal:files/index.tpl');
?>
<?php
/**
* This program is part of Mahara
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
* @package mahara
* @subpackage lang
* @author Martyn Smith <martyn@catalyst.net.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006,2007 Catalyst IT Ltd http://catalyst.net.nz
*
*/
defined('INTERNAL') || die();
$string['myprofile'] = 'My Profile';
$string['myfiles'] = 'My Files';
......@@ -38,6 +38,19 @@ class PluginArtefactInternal extends PluginArtefact {
return 'internal';
}
public static function menu_items() {
return array(
array(
'name' => 'myprofile',
'link' => 'profile/',
),
array(
'name' => 'myfiles',
'link' => 'files/',
),
);
}
public static function postinst() {
$types = self::get_artefact_types();
$plugin = self::get_plugin_name();
......
<?php
/**
* This program is part of Mahara
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
* @package mahara
* @subpackage artefact/internal
* @author Martyn Smith <martyn@catalyst.net.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006,2007 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('MENUITEM', 'myprofile');
require(dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php');
$smarty = smarty();
$smarty->display('artefact:internal:profile/index.tpl');
?>
{include file="header.tpl"}
{include file="adminmenu.tpl"}
<div class="content">
Files page
</div>
{include file="footer.tpl"}
{include file="header.tpl"}
{include file="adminmenu.tpl"}
<div class="content">
Profile page
</div>
{include file="footer.tpl"}
<?php
/**
* This program is part of mahara
* This program is part of Mahara
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
......@@ -30,4 +30,4 @@ $config = new StdClass;
$config->version = 2006100500;
$config->release = '0.1';
?>
\ No newline at end of file
?>
......@@ -49,8 +49,8 @@ class AuthInternal extends Auth {
* Given a user that we know about, return an array of information about them
*/
public static function get_user_info($username) {
$user = new StdClass;
$user->username = $username;
// @todo: only select the information the session requires
$user = get_record('usr', 'username', $username);
return $user;
}
......@@ -78,7 +78,44 @@ class AuthInternal extends Auth {
// $form->set_error('foo', 'WTF man!');
//}
}
/**
* For internal authentication, usernames can only contain alphanumeric
* characters, and the symbols underscore, full stop and the @ symbol.
*
* The username must also be between three and thirty characters in length.
*
* @param string $username The username to check
* @return bool Whether the username is valid
*/
public static function is_username_valid($username) {
return preg_match('/^[a-zA-Z0-9\._@]{3,30}$/', $username);
}
/**
* For internal authentication, passwords can contain a range of letters,
* numbers and symbols. There is a minimum limit of six characters allowed
* for the password, and no upper limit
*
* @param string $password The password to check
* @return bool Whether the password is valid
*/
public static function is_password_valid($password) {
if (!preg_match('/^[a-zA-Z0-9 ~!#\$%\^&\*\(\)_\-=\+\,\.<>\/\?;:"\[\]\{\}\\\|`\']{6,}$/', $password)) {
return false;
}
// The password must have at least one digit and two letters in it
if (!preg_match('/[0-9]/', $password)) {
return false;
}
$password = preg_replace('/[a-zA-Z]/', "\0", $password);
if (substr_count($password, "\0") < 2) {
return false;
}
return true;
}
/*
The following two functions are inspired by Andrew McMillan's salted md5
functions in AWL, adapted with his kind permission. Changed to use sha1
......@@ -92,8 +129,9 @@ class AuthInternal extends Auth {
*
* @param string $password The password to encrypt
* @param string $salt The salt to use to encrypt the password
* @todo salt mandatory
*/
private static function encrypt_password($password, $salt='') {
public static function encrypt_password($password, $salt='') {
if ($salt == '') {
$salt = substr(md5(rand(1000000, 9999999)), 2, 8);
}
......@@ -122,7 +160,7 @@ class AuthInternal extends Auth {
}
// The main type - a salted sha1
$sha1sent = Auth_Internal::encrypt_password($theysent, $salt);
$sha1sent = self::encrypt_password($theysent, $salt);
return $sha1sent == $wehave;
}
......
......@@ -26,6 +26,8 @@
defined('INTERNAL') || die();
require('session.php');
/**
* Unknown user exception
*/
......@@ -194,6 +196,7 @@ function auth_setup () {
// If the system is not installed, let the user through in the hope that
// they can fix this little problem :)
if (!get_config('installed')) {
$SESSION->logout();
log_debug('system not installed, letting user through');
return;
}
......@@ -210,14 +213,15 @@ function auth_setup () {
}
// The session is still active, so continue it.
log_debug('session still active from previous time');
return $SESSION->renew();
$USER = $SESSION->renew();
auth_check_password_change();