PageRenderTime 25ms CodeModel.GetById 15ms RepoModel.GetById 1ms app.codeStats 0ms

/new_account.php

https://github.com/atutor/mahara
PHP | 244 lines | 157 code | 41 blank | 46 comment | 23 complexity | b2469bf4ba68e009f55aefe0fc1f4cad MD5 | raw file
    

  1. <?php

    2. 

  2. 

    3. 

  3. /*

    4. 

  4.     This belongs to the ATutor+Mahara module. It is called from index.php when

    5. 

  5.     the user does not have a Mahara account associated with ATutor.  This script

    6. 

  6.     automatically creates a new Mahara account for the user and saves the login

    7. 

  7.     information with ATutor.  If the user already has a Mahara account, the script

    8. 

  8.     simply adds the login information to ATutor and reassigns an automatically

    9. 

  9.     generated password for Mahara.

    10. 

  10. 

    11. 

  11.     Most of the necessary code is copied and modified from init.php and

    12. 

  12.     register.php of Mahara.

    13. 

  13. 

    14. 

  14.     by: Boon-Hau Teh

    15. 

  15. */

    16. 

  16. 

    17. 

  17. $_user_location	= 'public';

    18. 

  18. 

    19. 

  19. if (!defined('new_account')) { exit; }

    20. 

  20. if (!defined('AT_INCLUDE_PATH')) { exit; }

    21. 

  21. 

    22. 

  22. $sql = 'SELECT * FROM '.TABLE_PREFIX.'members WHERE member_id="'.$_SESSION['member_id'].'"';

    23. 

  23. $result = mysql_query($sql, $db);

    24. 

  24. $row = mysql_fetch_assoc($result);

    25. 

  25. 

    26. 

  26. $registration->username     = $row['login'];

    27. 

  27. $registration->firstname    = $row['first_name'];

    28. 

  28. $registration->lastname     = $row['last_name'];

    29. 

  29. $registration->password     = $row['password'];

    30. 

  30. $registration->email        = $row['email'];

    31. 

  31. 

    32. 

  32. define (MAHARA_PATH, $_config['mahara']);

    33. 

  33. 

    34. 

  34. /******************from init.php*************************/

    35. 

  35. define('INTERNAL', 1);

    36. 

  36. define('PUBLIC', 1);

    37. 

  37. define('SECTION_PLUGINTYPE', 'core');

    38. 

  38. define('SECTION_PLUGINNAME', 'site');

    39. 

  39. define('SECTION_PAGE', 'register');

    40. 

  40. 

    41. 

  41. $CFG = new StdClass;

    42. 

  42. $CFG->docroot = MAHARA_PATH;

    43. 

  43. 

    44. 

  44. // Figure out our include path

    45. 

  45. if (!empty($_SERVER['MAHARA_LIBDIR'])) {

    46. 

  46.     $CFG->libroot = $_SERVER['MAHARA_LIBDIR'];

    47. 

  47. } else {

    48. 

  48.     $CFG->libroot = MAHARA_PATH. 'lib/';

    49. 

  49. }

    50. 

  50. set_include_path($CFG->libroot . PATH_SEPARATOR . $CFG->libroot . 'pear/' . PATH_SEPARATOR . get_include_path());

    51. 

  51. 

    52. 

  52. // Set up error handling

    53. 

  53. require(MAHARA_PATH.'lib/errors.php');

    54. 

  54. 

    55. 

  55. if (!is_readable($CFG->docroot . 'config.php')) {

    56. 

  56.     // @todo Later, this will redirect to the installer script. For now, we

    57. 

  57.     // just log and exit.

    58. 

  58.     log_environ(_AT('MAHARA_ERROR_INSTALL'));

    59. 

  59.     header('Location: '.AT_BASE_HREF);

    60. 

  60. }

    61. 

  61. 

    62. 

  62. require(MAHARA_PATH.'config.php');

    63. 

  63. $CFG = (object)array_merge((array)$cfg, (array)$CFG);

    64. 

  64. 

    65. 

  65. // Fix up paths in $CFG

    66. 

  66. foreach (array('docroot', 'dataroot') as $path) {

    67. 

  67.     $CFG->{$path} = (substr($CFG->{$path}, -1) != DIRECTORY_SEPARATOR) ? $CFG->{$path} . DIRECTORY_SEPARATOR : $CFG->{$path};

    68. 

  68. }

    69. 

  69. 

    70. 

  70. // xmldb stuff

    71. 

  71. $CFG->xmldbdisablenextprevchecking = true;

    72. 

  72. $CFG->xmldbdisablecommentchecking = true;

    73. 

  73. 

    74. 

  74. // ensure directorypermissions is set

    75. 

  75. if (empty($CFG->directorypermissions)) {

    76. 

  76.     $CFG->directorypermissions = 0700;

    77. 

  77. }

    78. 

  78. 

    79. 

  79. // core libraries

    80. 

  80. require(MAHARA_PATH.'lib/mahara.php');

    81. 

  81. ensure_sanity();

    82. 

  82. require(MAHARA_PATH.'auth/internal/lib.php');

    83. 

  83. require(MAHARA_PATH.'lib/dml.php');

    84. 

  84. require(MAHARA_PATH.'lib/ddl.php');

    85. 

  85. require(MAHARA_PATH.'lib/activity.php');

    86. 

  86. require(MAHARA_PATH.'lib/user.php');

    87. 

  87. require(MAHARA_PATH.'lib/web.php');

    88. 

  88. 

    89. 

  89. // Database access functions

    90. 

  90. require(MAHARA_PATH.'lib/adodb/adodb-exceptions.inc.php');

    91. 

  91. require(MAHARA_PATH.'lib/adodb/adodb.inc.php');

    92. 

  92. 

    93. 

  93. try {

    94. 

  94.     // ADODB does not provide the raw driver error message if the connection

    95. 

  95.     // fails for some reason, so we use output buffering to catch whatever

    96. 

  96.     // the error is instead.

    97. 

  97.     ob_start();

    98. 

  98.     

    99. 

  99.     $db = &ADONewConnection($CFG->dbtype);

    100. 

  100.     $dbgenerator = null;

    101. 

  101.     if (empty($CFG->dbhost)) {

    102. 

  102.         $CFG->dbhost = '';

    103. 

  103.     }

    104. 

  104.     else if (!empty($CFG->dbport)) {

    105. 

  105.         $CFG->dbhost .= ':'.$CFG->dbport;

    106. 

  106.     }

    107. 

  107.     if (!empty($CFG->dbpersist)) {    // Use persistent connection (default)

    108. 

  108.         $dbconnected = $db->PConnect($CFG->dbhost,$CFG->dbuser,$CFG->dbpass,$CFG->dbname);

    109. 

  109.     } 

    110. 

  110.     else {                                                     // Use single connection

    111. 

  111.         $dbconnected = $db->Connect($CFG->dbhost,$CFG->dbuser,$CFG->dbpass,$CFG->dbname);

    112. 

  112.     }

    113. 

  113. 

    114. 

  114.     $db->SetFetchMode(ADODB_FETCH_ASSOC);

    115. 

  115.     configure_dbconnection();

    116. 

  116.     ensure_internal_plugins_exist();

    117. 

  117. 

    118. 

  118.     ob_end_clean();

    119. 

  119. }

    120. 

  120. catch (Exception $e) {

    121. 

  121.     $errormessage = ob_get_contents();

    122. 

  122.     if (!$errormessage) {

    123. 

  123.         $errormessage = $e->getMessage();

    124. 

  124.     }

    125. 

  125.     ob_end_clean();

    126. 

  126.     $errormessage = get_string('dbconnfailed', 'error') . $errormessage;

    127. 

  127.     throw new ConfigSanityException($errormessage);

    128. 

  128. }

    129. 

  129. try {

    130. 

  130.     db_ignore_sql_exceptions(true);

    131. 

  131.     load_config();

    132. 

  132.     db_ignore_sql_exceptions(false);

    133. 

  133. } 

    134. 

  134. catch (SQLException $e) {

    135. 

  135.     db_ignore_sql_exceptions(false);

    136. 

  136. }

    137. 

  137. 

    138. 

  138. 

    139. 

  139. // Only do authentication once we know the page theme, so that the login form

    140. 

  140. // can have the correct theming.

    141. 

  141. require_once(MAHARA_PATH.'auth/lib.php');

    142. 

  142. $USER    = new LiveUser();

    143. 

  143. /***************end from init.php*************************/

    144. 

  144. 

    145. 

  145. 

    146. 

  146. /*~~~~~~~~~modified from register.php~~~~~~~~~~*/

    147. 

  147. $random_password = substr(md5($registration->password.rand(100000, 999999)), 2, 8);

    148. 

  148. 

    149. 

  149. /*-- from register_submit function --*/

    150. 

  150. $registration->salt         = substr(md5(rand(1000000, 9999999)), 2, 8);

    151. 

  151. $registration->password     = AuthInternal::encrypt_password($random_password, $registration->salt);

    152. 

  152. $registration->expiry       = NULL;

    153. 

  153. /*-----------------------------------*/

    154. 

  154. 

    155. 

  155. 

    156. 

  156. // Check if user already exists in Mahara

    157. 

  157. if ($data_record = get_record('usr', 'username', $registration->username)) {

    158. 

  158.     $registration -> id = $data_record -> id;

    159. 

  159.     update_record('usr', $registration, 'username');

    160. 

  160. } else {

    161. 

  161.     create_registered_user();   // Send register info to create a new account

    162. 

  162. }

    163. 

  163. 

    164. 

  164. // Reconnect to ATutor Database

    165. 

  165. $db_atutor = @mysql_connect(DB_HOST . ':' . DB_PORT, DB_USER, DB_PASSWORD);

    166. 

  166. if (!$db_atutor) {

    167. 

  167.     /* AT_ERROR_NO_DB_CONNECT */

    168. 

  168.     require_once(AT_INCLUDE_PATH . 'classes/ErrorHandler/ErrorHandler.class.php');

    169. 

  169.     $err =& new ErrorHandler();

    170. 

  170.     trigger_error('VITAL#Unable to connect to db.', E_USER_ERROR);

    171. 

  171.     exit;

    172. 

  172. }

    173. 

  173. if (!@mysql_select_db(DB_NAME, $db_atutor)) {

    174. 

  174.     require_once(AT_INCLUDE_PATH . 'classes/ErrorHandler/ErrorHandler.class.php');

    175. 

  175.     $err =& new ErrorHandler();

    176. 

  176.     trigger_error('VITAL#DB connection established, but database "'.DB_NAME.'" cannot be selected.',

    177. 

  177.                     E_USER_ERROR);

    178. 

  178.     exit;

    179. 

  179. }

    180. 

  180. 

    181. 

  181. // Store data into ATutor Databse

    182. 

  182. $sql = "INSERT INTO ".TABLE_PREFIX."mahara SET at_login='".$_SESSION['login']."', username='".$registration->username."', password='".$random_password."'";

    183. 

  183. if (!mysql_query($sql, $db_atutor))

    184. 

  184.     exit;              // in case there's some external error; prevent being caught in an infinite loop

    185. 

  185. 

    186. 

  186. 

    187. 

  187. /**

    188. 

  188.  * This function is copied and modified from register.php of Mahara

    189. 

  189.  *

    190. 

  190.  * @param array profilefields    Array of values from registration form. In this module, we're not using a form so we don't pass anything

    191. 

  191.  * @return boolean               Returns true if function exits without any problems

    192. 

  192.  */

    193. 

  193. function create_registered_user($profilefields=array()) {

    194. 

  194.     global $registration, $USER;

    195. 

  195. 

    196. 

  196.     db_begin();

    197. 

  197. 

    198. 

  198.     // Move the user record to the usr table from the registration table

    199. 

  199.     $registrationid = $registration->id;

    200. 

  200.     unset($registration->id);

    201. 

  201.     unset($registration->expiry);

    202. 

  202.     if ($expirytime = get_config('defaultaccountlifetime')) {

    203. 

  203.         $registration->expiry = db_format_timestamp(time() + $expirytime);

    204. 

  204.     }

    205. 

  205.     $registration->lastlogin = db_format_timestamp(time());

    206. 

  206. 

    207. 

  207.     $user = new User();

    208. 

  208.     $user->username         = $registration->username;

    209. 

  209.     $user->password         = $registration->password;

    210. 

  210.     $user->salt             = $registration->salt;

    211. 

  211.     $user->passwordchange   = 0;

    212. 

  212.     $user->active           = 1;

    213. 

  213.     $user->authinstance     = $authinstance->id;

    214. 

  214.     $user->firstname        = $registration->firstname;

    215. 

  215.     $user->lastname         = $registration->lastname;

    216. 

  216.     $user->email            = $registration->email;

    217. 

  217.     $user->commit();

    218. 

  218. 

    219. 

  219.     $registration->id = $user->id;

    220. 

  220. 

    221. 

  221.     // Insert standard stuff as artefacts

    222. 

  222.     set_profile_field($user->id, 'email', $registration->email);

    223. 

  223.     set_profile_field($user->id, 'firstname', $registration->firstname);

    224. 

  224.     set_profile_field($user->id, 'lastname', $registration->lastname);

    225. 

  225.     if (!empty($registration->lang) && $registration->lang != 'default') {

    226. 

  226.         set_account_preference($user->id, 'lang', $registration->lang);

    227. 

  227.     }

    228. 

  228. 

    229. 

  229.     // Set mandatory profile fields 

    230. 

  230.     foreach(ArtefactTypeProfile::get_mandatory_fields() as $field => $type) {

    231. 

  231.         // @todo here and above, use the method for getting "always mandatory" fields

    232. 

  232.         if (in_array($field, array('firstname', 'lastname', 'email'))) {

    233. 

  233.             continue;

    234. 

  234.         }

    235. 

  235.         set_profile_field($user->id, $field, $profilefields[$field]);

    236. 

  236.     }

    237. 

  237. 

    238. 

  238.     db_commit();

    239. 

  239.     handle_event('createuser', $registration);

    240. 

  240. 

    241. 

  241.     return true;

    242. 

  242. }

    243. 

  243. 

    244. 

  244. ?>
    245.