Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Authentication Plugin: Manual Authentication
  19   * Just does a simple check against the moodle database.
  20   *
  21   * @package    auth_manual
  22   * @copyright  1999 onwards Martin Dougiamas (http://dougiamas.com)
  23   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24   */
  25  
  26  defined('MOODLE_INTERNAL') || die();
  27  
  28  require_once($CFG->libdir.'/authlib.php');
  29  
  30  /**
  31   * Manual authentication plugin.
  32   *
  33   * @package    auth
  34   * @subpackage manual
  35   * @copyright  1999 onwards Martin Dougiamas (http://dougiamas.com)
  36   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  37   */
  38  class auth_plugin_manual extends auth_plugin_base {
  39  
  40      /**
  41       * The name of the component. Used by the configuration.
  42       */
  43      const COMPONENT_NAME = 'auth_manual';
  44      const LEGACY_COMPONENT_NAME = 'auth/manual';
  45  
  46      /**
  47       * Constructor.
  48       */
  49      public function __construct() {
  50          $this->authtype = 'manual';
  51          $config = get_config(self::COMPONENT_NAME);
  52          $legacyconfig = get_config(self::LEGACY_COMPONENT_NAME);
  53          $this->config = (object)array_merge((array)$legacyconfig, (array)$config);
  54      }
  55  
  56      /**
  57       * Old syntax of class constructor. Deprecated in PHP7.
  58       *
  59       * @deprecated since Moodle 3.1
  60       */
  61      public function auth_plugin_manual() {
  62          debugging('Use of class name as constructor is deprecated', DEBUG_DEVELOPER);
  63          self::__construct();
  64      }
  65  
  66      /**
  67       * Returns true if the username and password work and false if they are
  68       * wrong or don't exist. (Non-mnet accounts only!)
  69       *
  70       * @param string $username The username
  71       * @param string $password The password
  72       * @return bool Authentication success or failure.
  73       */
  74      function user_login($username, $password) {
  75          global $CFG, $DB, $USER;
  76          if (!$user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) {
  77              return false;
  78          }
  79          if (!validate_internal_user_password($user, $password)) {
  80              return false;
  81          }
  82          if ($password === 'changeme') {
  83              // force the change - this is deprecated and it makes sense only for manual auth,
  84              // because most other plugins can not change password easily or
  85              // passwords are always specified by users
  86              set_user_preference('auth_forcepasswordchange', true, $user->id);
  87          }
  88          return true;
  89      }
  90  
  91      /**
  92       * Updates the user's password.
  93       *
  94       * Called when the user password is updated.
  95       *
  96       * @param  object  $user        User table object
  97       * @param  string  $newpassword Plaintext password
  98       * @return boolean result
  99       */
 100      function user_update_password($user, $newpassword) {
 101          $user = get_complete_user_data('id', $user->id);
 102          set_user_preference('auth_manual_passwordupdatetime', time(), $user->id);
 103          // This will also update the stored hash to the latest algorithm
 104          // if the existing hash is using an out-of-date algorithm (or the
 105          // legacy md5 algorithm).
 106          return update_internal_user_password($user, $newpassword);
 107      }
 108  
 109      function prevent_local_passwords() {
 110          return false;
 111      }
 112  
 113      /**
 114       * Returns true if this authentication plugin is 'internal'.
 115       *
 116       * @return bool
 117       */
 118      function is_internal() {
 119          return true;
 120      }
 121  
 122      /**
 123       * Returns true if this authentication plugin can change the user's
 124       * password.
 125       *
 126       * @return bool
 127       */
 128      function can_change_password() {
 129          return true;
 130      }
 131  
 132      /**
 133       * Returns the URL for changing the user's pw, or empty if the default can
 134       * be used.
 135       *
 136       * @return moodle_url
 137       */
 138      function change_password_url() {
 139          return null;
 140      }
 141  
 142      /**
 143       * Returns true if plugin allows resetting of internal password.
 144       *
 145       * @return bool
 146       */
 147      function can_reset_password() {
 148          return true;
 149      }
 150  
 151      /**
 152       * Returns true if plugin can be manually set.
 153       *
 154       * @return bool
 155       */
 156      function can_be_manually_set() {
 157          return true;
 158      }
 159  
 160      /**
 161       * Return number of days to user password expires.
 162       *
 163       * If user password does not expire, it should return 0 or a positive value.
 164       * If user password is already expired, it should return negative value.
 165       *
 166       * @param mixed $username username (with system magic quotes)
 167       * @return integer
 168       */
 169      public function password_expire($username) {
 170          $result = 0;
 171  
 172          if (!empty($this->config->expirationtime)) {
 173              $user = core_user::get_user_by_username($username, 'id,timecreated');
 174              $lastpasswordupdatetime = get_user_preferences('auth_manual_passwordupdatetime', $user->timecreated, $user->id);
 175              $expiretime = $lastpasswordupdatetime + $this->config->expirationtime * DAYSECS;
 176              $now = time();
 177              $result = ($expiretime - $now) / DAYSECS;
 178              if ($expiretime > $now) {
 179                  $result = ceil($result);
 180              } else {
 181                  $result = floor($result);
 182              }
 183          }
 184  
 185          return $result;
 186      }
 187  
 188     /**
 189      * Confirm the new user as registered. This should normally not be used,
 190      * but it may be necessary if the user auth_method is changed to manual
 191      * before the user is confirmed.
 192      *
 193      * @param string $username
 194      * @param string $confirmsecret
 195      */
 196      function user_confirm($username, $confirmsecret = null) {
 197          global $DB;
 198  
 199          $user = get_complete_user_data('username', $username);
 200  
 201          if (!empty($user)) {
 202              if ($user->confirmed) {
 203                  return AUTH_CONFIRM_ALREADY;
 204              } else {
 205                  $DB->set_field("user", "confirmed", 1, array("id"=>$user->id));
 206                  return AUTH_CONFIRM_OK;
 207              }
 208          } else  {
 209              return AUTH_CONFIRM_ERROR;
 210          }
 211      }
 212  
 213  }
 214  
 215