Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.2.x will end 22 April 2024 (12 months).
  • Bug fixes for security issues in 4.2.x will end 7 October 2024 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.1.x is supported too.

Differences Between: [Versions 310 and 402] [Versions 311 and 402] [Versions 39 and 402] [Versions 400 and 402]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Endpoint for the verification email link.
  19   *
  20   * @package    core
  21   * @subpackage badges
  22   * @copyright  2016 Jake Dallimore <jrhdallimore@gmail.com>
  23   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24   */
  25  require_once(__DIR__ . '/../config.php');
  26  require_once($CFG->libdir . '/badgeslib.php');
  27  
  28  $data = optional_param('data', '', PARAM_RAW);
  29  require_login();
  30  $PAGE->set_url('/badges/backpackemailverify.php');
  31  $PAGE->set_context(context_user::instance($USER->id));
  32  $redirect = '/badges/mybackpack.php';
  33  
  34  // Confirm the secret and create the backpack connection.
  35  $storedsecret = get_user_preferences('badges_email_verify_secret');
  36  if (!is_null($storedsecret)) {
  37      if ($data === $storedsecret) {
  38          $storedemail = get_user_preferences('badges_email_verify_address');
  39          $backpackid = get_user_preferences('badges_email_verify_backpackid');
  40          $password = get_user_preferences('badges_email_verify_password');
  41  
  42          $backpack = badges_get_site_backpack($backpackid);
  43  
  44          $data = new stdClass();
  45          $data->email = $storedemail;
  46          $data->password = $password;
  47          $data->externalbackpackid = $backpackid;
  48          $bp = new \core_badges\backpack_api($backpack, $data);
  49  
  50          // Make sure we have all the required information before trying to save the connection.
  51          $backpackuid = $bp->authenticate();
  52          if (empty($backpackuid) || !empty($backpackuid->error)) {
  53              redirect(new moodle_url($redirect), get_string('backpackconnectionunexpectedresult', 'badges', $backpackuid->error),
  54                  null, \core\output\notification::NOTIFY_ERROR);
  55          }
  56  
  57          $values = [
  58              'userid' => $USER->id,
  59              'backpackemail' => $data->email,
  60              'externalbackpackid' => $backpackid,
  61              'backpackuid' => $backpackuid,
  62              'autosync' => 0,
  63              'password' => $password
  64          ];
  65          badges_save_backpack_credentials((object) $values);
  66  
  67          // Remove the verification vars and redirect to the mypackpack page.
  68          unset_user_preference('badges_email_verify_secret');
  69          unset_user_preference('badges_email_verify_address');
  70          unset_user_preference('badges_email_verify_backpackid');
  71          unset_user_preference('badges_email_verify_password');
  72          redirect(new moodle_url($redirect), get_string('backpackemailverifysuccess', 'badges'),
  73              null, \core\output\notification::NOTIFY_SUCCESS);
  74      } else {
  75          // Stored secret doesn't match the supplied secret. Take user back to the mybackpack page and present a warning message.
  76          redirect(new moodle_url($redirect), get_string('backpackemailverifytokenmismatch', 'badges'),
  77              null, \core\output\notification::NOTIFY_ERROR);
  78      }
  79  } else {
  80      // Stored secret is null. Either the email address has already been verified, or there is no record of a verification attempt
  81      // for the current user. Either way, just redirect to the mybackpack page.
  82      redirect(new moodle_url($redirect));
  83  }