Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
- Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
- PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.
/auth/manual/ -> auth.php (source)
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Authentication Plugin: Manual Authentication 19 * Just does a simple check against the moodle database. 20 * 21 * @package auth_manual 22 * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com) 23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 24 */ 25 26 defined('MOODLE_INTERNAL') || die(); 27 28 require_once($CFG->libdir.'/authlib.php'); 29 30 /** 31 * Manual authentication plugin. 32 * 33 * @package auth 34 * @subpackage manual 35 * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com) 36 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 37 */ 38 class auth_plugin_manual extends auth_plugin_base { 39 40 /** 41 * The name of the component. Used by the configuration. 42 */ 43 const COMPONENT_NAME = 'auth_manual'; 44 const LEGACY_COMPONENT_NAME = 'auth/manual'; 45 46 /** 47 * Constructor. 48 */ 49 public function __construct() { 50 $this->authtype = 'manual'; 51 $config = get_config(self::COMPONENT_NAME); 52 $legacyconfig = get_config(self::LEGACY_COMPONENT_NAME); 53 $this->config = (object)array_merge((array)$legacyconfig, (array)$config); 54 } 55 56 /** 57 * Old syntax of class constructor. Deprecated in PHP7. 58 * 59 * @deprecated since Moodle 3.1 60 */ 61 public function auth_plugin_manual() { 62 debugging('Use of class name as constructor is deprecated', DEBUG_DEVELOPER); 63 self::__construct(); 64 } 65 66 /** 67 * Returns true if the username and password work and false if they are 68 * wrong or don't exist. (Non-mnet accounts only!) 69 * 70 * @param string $username The username 71 * @param string $password The password 72 * @return bool Authentication success or failure. 73 */ 74 function user_login($username, $password) { 75 global $CFG, $DB, $USER; 76 if (!$user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) { 77 return false; 78 } 79 if (!validate_internal_user_password($user, $password)) { 80 return false; 81 } 82 if ($password === 'changeme') { 83 // force the change - this is deprecated and it makes sense only for manual auth, 84 // because most other plugins can not change password easily or 85 // passwords are always specified by users 86 set_user_preference('auth_forcepasswordchange', true, $user->id); 87 } 88 return true; 89 } 90 91 /** 92 * Updates the user's password. 93 * 94 * Called when the user password is updated. 95 * 96 * @param object $user User table object 97 * @param string $newpassword Plaintext password 98 * @return boolean result 99 */ 100 function user_update_password($user, $newpassword) { 101 $user = get_complete_user_data('id', $user->id); 102 set_user_preference('auth_manual_passwordupdatetime', time(), $user->id); 103 // This will also update the stored hash to the latest algorithm 104 // if the existing hash is using an out-of-date algorithm (or the 105 // legacy md5 algorithm). 106 return update_internal_user_password($user, $newpassword); 107 } 108 109 function prevent_local_passwords() { 110 return false; 111 } 112 113 /** 114 * Returns true if this authentication plugin is 'internal'. 115 * 116 * @return bool 117 */ 118 function is_internal() { 119 return true; 120 } 121 122 /** 123 * Returns true if this authentication plugin can change the user's 124 * password. 125 * 126 * @return bool 127 */ 128 function can_change_password() { 129 return true; 130 } 131 132 /** 133 * Returns the URL for changing the user's pw, or empty if the default can 134 * be used. 135 * 136 * @return moodle_url 137 */ 138 function change_password_url() { 139 return null; 140 } 141 142 /** 143 * Returns true if plugin allows resetting of internal password. 144 * 145 * @return bool 146 */ 147 function can_reset_password() { 148 return true; 149 } 150 151 /** 152 * Returns true if plugin can be manually set. 153 * 154 * @return bool 155 */ 156 function can_be_manually_set() { 157 return true; 158 } 159 160 /** 161 * Return number of days to user password expires. 162 * 163 * If user password does not expire, it should return 0 or a positive value. 164 * If user password is already expired, it should return negative value. 165 * 166 * @param mixed $username username (with system magic quotes) 167 * @return integer 168 */ 169 public function password_expire($username) { 170 $result = 0; 171 172 if (!empty($this->config->expirationtime)) { 173 $user = core_user::get_user_by_username($username, 'id,timecreated'); 174 $lastpasswordupdatetime = get_user_preferences('auth_manual_passwordupdatetime', $user->timecreated, $user->id); 175 $expiretime = $lastpasswordupdatetime + $this->config->expirationtime * DAYSECS; 176 $now = time(); 177 $result = ($expiretime - $now) / DAYSECS; 178 if ($expiretime > $now) { 179 $result = ceil($result); 180 } else { 181 $result = floor($result); 182 } 183 } 184 185 return $result; 186 } 187 188 /** 189 * Confirm the new user as registered. This should normally not be used, 190 * but it may be necessary if the user auth_method is changed to manual 191 * before the user is confirmed. 192 * 193 * @param string $username 194 * @param string $confirmsecret 195 */ 196 function user_confirm($username, $confirmsecret = null) { 197 global $DB; 198 199 $user = get_complete_user_data('username', $username); 200 201 if (!empty($user)) { 202 if ($user->confirmed) { 203 return AUTH_CONFIRM_ALREADY; 204 } else { 205 $DB->set_field("user", "confirmed", 1, array("id"=>$user->id)); 206 return AUTH_CONFIRM_OK; 207 } 208 } else { 209 return AUTH_CONFIRM_ERROR; 210 } 211 } 212 213 } 214 215
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
