1
|
|
|
<?php |
2
|
|
|
/** |
3
|
|
|
* Elgg user settings functions. |
4
|
|
|
* Functions for adding and manipulating options on the user settings panel. |
5
|
|
|
* |
6
|
|
|
* @package Elgg.Core |
7
|
|
|
* @subpackage Settings.User |
8
|
|
|
*/ |
9
|
|
|
|
10
|
|
|
/** |
11
|
|
|
* Set a user's password |
12
|
|
|
* Returns null if no change is required |
13
|
|
|
* Returns true or false indicating success or failure if change was needed |
14
|
|
|
* |
15
|
|
|
* @return bool|void |
16
|
|
|
* @since 1.8.0 |
17
|
|
|
* @access private |
18
|
|
|
*/ |
19
|
|
View Code Duplication |
function _elgg_set_user_password() { |
20
|
|
|
$current_password = get_input('current_password', null, false); |
21
|
|
|
$password = get_input('password', null, false); |
22
|
|
|
$password2 = get_input('password2', null, false); |
23
|
|
|
$user_guid = get_input('guid'); |
24
|
|
|
|
25
|
|
|
if ($user_guid) { |
26
|
|
|
$user = get_user($user_guid); |
27
|
|
|
} else { |
28
|
|
|
$user = elgg_get_logged_in_user_entity(); |
29
|
|
|
} |
30
|
|
|
|
31
|
|
|
if ($user && $password) { |
32
|
|
|
// let admin user change anyone's password without knowing it except his own. |
33
|
|
|
if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { |
34
|
|
|
$credentials = array( |
35
|
|
|
'username' => $user->username, |
36
|
|
|
'password' => $current_password |
37
|
|
|
); |
38
|
|
|
|
39
|
|
|
try { |
40
|
|
|
pam_auth_userpass($credentials); |
41
|
|
|
} catch (LoginException $e) { |
42
|
|
|
register_error(elgg_echo('LoginException:ChangePasswordFailure')); |
43
|
|
|
return false; |
44
|
|
|
} |
45
|
|
|
} |
46
|
|
|
|
47
|
|
|
try { |
48
|
|
|
$result = validate_password($password); |
49
|
|
|
} catch (RegistrationException $e) { |
50
|
|
|
register_error($e->getMessage()); |
51
|
|
|
return false; |
52
|
|
|
} |
53
|
|
|
|
54
|
|
|
if ($result) { |
55
|
|
|
if ($password == $password2) { |
56
|
|
|
$user->setPassword($password); |
57
|
|
|
_elgg_services()->persistentLogin->handlePasswordChange($user, elgg_get_logged_in_user_entity()); |
|
|
|
|
58
|
|
|
|
59
|
|
|
if ($user->save()) { |
60
|
|
|
system_message(elgg_echo('user:password:success')); |
61
|
|
|
return true; |
62
|
|
|
} else { |
63
|
|
|
register_error(elgg_echo('user:password:fail')); |
64
|
|
|
} |
65
|
|
|
} else { |
66
|
|
|
register_error(elgg_echo('user:password:fail:notsame')); |
67
|
|
|
} |
68
|
|
|
} else { |
69
|
|
|
register_error(elgg_echo('user:password:fail:tooshort')); |
70
|
|
|
} |
71
|
|
|
} else { |
72
|
|
|
// no change |
73
|
|
|
return; |
74
|
|
|
} |
75
|
|
|
|
76
|
|
|
return false; |
77
|
|
|
} |
78
|
|
|
|
79
|
|
|
/** |
80
|
|
|
* Set a user's display name |
81
|
|
|
* Returns null if no change is required or input is not present in the form |
82
|
|
|
* Returns true or false indicating success or failure if change was needed |
83
|
|
|
* |
84
|
|
|
* @return bool|void |
85
|
|
|
* @since 1.8.0 |
86
|
|
|
* @access private |
87
|
|
|
*/ |
88
|
|
|
function _elgg_set_user_name() { |
89
|
|
|
$name = get_input('name'); |
90
|
|
|
$user_guid = get_input('guid'); |
91
|
|
|
|
92
|
|
|
if (!isset($name)) { |
93
|
|
|
return; |
94
|
|
|
} |
95
|
|
|
|
96
|
|
|
$name = strip_tags($name); |
97
|
|
|
if ($user_guid) { |
98
|
|
|
$user = get_user($user_guid); |
99
|
|
|
} else { |
100
|
|
|
$user = elgg_get_logged_in_user_entity(); |
101
|
|
|
} |
102
|
|
|
|
103
|
|
|
if (elgg_strlen($name) > 50) { |
104
|
|
|
register_error(elgg_echo('user:name:fail')); |
105
|
|
|
return false; |
106
|
|
|
} |
107
|
|
|
|
108
|
|
|
if ($user && $user->canEdit() && $name) { |
109
|
|
|
if ($name != $user->name) { |
110
|
|
|
$user->name = $name; |
111
|
|
|
if ($user->save()) { |
112
|
|
|
system_message(elgg_echo('user:name:success')); |
113
|
|
|
return true; |
114
|
|
|
} else { |
115
|
|
|
register_error(elgg_echo('user:name:fail')); |
116
|
|
|
} |
117
|
|
|
} else { |
118
|
|
|
// no change |
119
|
|
|
return; |
120
|
|
|
} |
121
|
|
|
} else { |
122
|
|
|
register_error(elgg_echo('user:name:fail')); |
123
|
|
|
} |
124
|
|
|
return false; |
125
|
|
|
} |
126
|
|
|
|
127
|
|
|
/** |
128
|
|
|
* Set a user's language |
129
|
|
|
* Returns null if no change is required or input is not present in the form |
130
|
|
|
* Returns true or false indicating success or failure if change was needed |
131
|
|
|
* |
132
|
|
|
* @return bool|void |
133
|
|
|
* @since 1.8.0 |
134
|
|
|
* @access private |
135
|
|
|
*/ |
136
|
|
View Code Duplication |
function _elgg_set_user_language() { |
137
|
|
|
$language = get_input('language'); |
138
|
|
|
$user_guid = get_input('guid'); |
139
|
|
|
|
140
|
|
|
if (!isset($language)) { |
141
|
|
|
return; |
142
|
|
|
} |
143
|
|
|
|
144
|
|
|
if ($user_guid) { |
145
|
|
|
$user = get_user($user_guid); |
146
|
|
|
} else { |
147
|
|
|
$user = elgg_get_logged_in_user_entity(); |
148
|
|
|
} |
149
|
|
|
|
150
|
|
|
if ($user && $language) { |
151
|
|
|
if (strcmp($language, $user->language) != 0) { |
152
|
|
|
$user->language = $language; |
153
|
|
|
if ($user->save()) { |
154
|
|
|
system_message(elgg_echo('user:language:success')); |
155
|
|
|
return true; |
156
|
|
|
} else { |
157
|
|
|
register_error(elgg_echo('user:language:fail')); |
158
|
|
|
} |
159
|
|
|
} else { |
160
|
|
|
// no change |
161
|
|
|
return; |
162
|
|
|
} |
163
|
|
|
} else { |
164
|
|
|
register_error(elgg_echo('user:language:fail')); |
165
|
|
|
} |
166
|
|
|
return false; |
167
|
|
|
} |
168
|
|
|
|
169
|
|
|
|
170
|
|
|
/* CYU - CHECKS IF THE EMAIL THE USER ENTERS IN THE SYSTEM IS VALID OR NOT */ |
171
|
|
View Code Duplication |
function domainNotValid($dom) |
172
|
|
|
{ |
173
|
|
|
//elgg_log('cyu - checkInvalidDomain invoked | domain:'.$dom, 'NOTICE'); |
174
|
|
|
elgg_load_library('c_ext_lib'); |
175
|
|
|
$isNotValid = true; |
176
|
|
|
|
177
|
|
|
$result = getExtension(); |
178
|
|
|
if (count($result) > 0) |
179
|
|
|
{ |
180
|
|
|
while ($row = mysqli_fetch_array($result)) |
181
|
|
|
{ |
182
|
|
|
if ($row['ext'] === $dom) |
183
|
|
|
{ |
184
|
|
|
//elgg_log('cyu - domain found in database!', 'NOTICE'); |
185
|
|
|
$isNotValid = false; |
186
|
|
|
break; |
187
|
|
|
} |
188
|
|
|
} |
189
|
|
|
} |
190
|
|
|
|
191
|
|
|
if ($isNotValid) |
192
|
|
|
{ |
193
|
|
|
$domain_addr = explode('.', $dom); |
194
|
|
|
$domain_len = count($domain_addr) - 1; |
195
|
|
|
|
196
|
|
|
if ($domain_addr[$domain_len - 1].'.'.$domain_addr[$domain_len] === 'gc.ca') |
197
|
|
|
{ |
198
|
|
|
//elgg_log('cyu - domain:'.$dom. ' this is a valid domain', 'NOTICE'); |
199
|
|
|
$isNotValid = false; |
200
|
|
|
} else { |
201
|
|
|
//elgg_log('cyu - domain:'.$dom. ' this is an invalid domain', 'NOTICE'); |
202
|
|
|
$isNotValid = true; |
203
|
|
|
} |
204
|
|
|
} |
205
|
|
|
|
206
|
|
|
return $isNotValid; |
207
|
|
|
} |
208
|
|
|
|
209
|
|
|
/** |
210
|
|
|
* Set a user's email address |
211
|
|
|
* Returns null if no change is required or input is not present in the form |
212
|
|
|
* Returns true or false indicating success or failure if change was needed |
213
|
|
|
* |
214
|
|
|
* @return bool|void |
215
|
|
|
* @since 1.8.0 |
216
|
|
|
* @access private |
217
|
|
|
*/ |
218
|
|
View Code Duplication |
function _elgg_set_user_email() { |
219
|
|
|
$email = get_input('email'); |
220
|
|
|
$user_guid = get_input('guid'); |
221
|
|
|
|
222
|
|
|
if (!isset($email)) { |
223
|
|
|
return; |
224
|
|
|
} |
225
|
|
|
|
226
|
|
|
if ($user_guid) { |
227
|
|
|
$user = get_user($user_guid); |
228
|
|
|
} else { |
229
|
|
|
$user = elgg_get_logged_in_user_entity(); |
230
|
|
|
} |
231
|
|
|
|
232
|
|
|
if (!is_email_address($email)) { |
233
|
|
|
register_error(elgg_echo('email:save:fail')); |
234
|
|
|
return false; |
235
|
|
|
} |
236
|
|
|
|
237
|
|
|
|
238
|
|
|
$domain = explode('@', $email); |
239
|
|
|
|
240
|
|
|
// cyu - we want the 2nd half of the email |
241
|
|
|
//elgg_log('cyu - checking email...'.$domain[1], 'NOTICE'); |
242
|
|
|
if (domainNotValid($domain[1])) |
243
|
|
|
{ |
244
|
|
|
//elgg_log('cyu - this domain is not valid...', 'NOTICE'); |
245
|
|
|
//throw new RegistrationException(elgg_echo('Not a Government Email Address')); |
246
|
|
|
register_error('Not a Government email address...'); |
247
|
|
|
return false; |
248
|
|
|
} |
249
|
|
|
|
250
|
|
|
|
251
|
|
|
|
252
|
|
|
if ($user) { |
253
|
|
|
if (strcmp($email, $user->email) != 0) { |
254
|
|
|
if (!get_user_by_email($email)) { |
255
|
|
|
if ($user->email != $email) { |
256
|
|
|
|
257
|
|
|
$user->email = $email; |
258
|
|
|
if ($user->save()) { |
259
|
|
|
system_message(elgg_echo('email:save:success')); |
260
|
|
|
return true; |
261
|
|
|
} else { |
262
|
|
|
register_error(elgg_echo('email:save:fail')); |
263
|
|
|
} |
264
|
|
|
} |
265
|
|
|
} else { |
266
|
|
|
register_error(elgg_echo('registration:dupeemail')); |
267
|
|
|
} |
268
|
|
|
} else { |
269
|
|
|
// no change |
270
|
|
|
return; |
271
|
|
|
} |
272
|
|
|
} else { |
273
|
|
|
register_error(elgg_echo('email:save:fail')); |
274
|
|
|
} |
275
|
|
|
return false; |
276
|
|
|
} |
277
|
|
|
|
278
|
|
|
/** |
279
|
|
|
* Set a user's default access level |
280
|
|
|
* Returns null if no change is required or input is not present in the form |
281
|
|
|
* Returns true or false indicating success or failure if change was needed |
282
|
|
|
* |
283
|
|
|
* @return bool|void |
284
|
|
|
* @since 1.8.0 |
285
|
|
|
* @access private |
286
|
|
|
*/ |
287
|
|
View Code Duplication |
function _elgg_set_user_default_access() { |
288
|
|
|
|
289
|
|
|
if (!elgg_get_config('allow_user_default_access')) { |
290
|
|
|
return; |
291
|
|
|
} |
292
|
|
|
|
293
|
|
|
$default_access = get_input('default_access'); |
294
|
|
|
$user_guid = get_input('guid'); |
295
|
|
|
|
296
|
|
|
if ($user_guid) { |
297
|
|
|
$user = get_user($user_guid); |
298
|
|
|
} else { |
299
|
|
|
$user = elgg_get_logged_in_user_entity(); |
300
|
|
|
} |
301
|
|
|
|
302
|
|
|
if ($user) { |
303
|
|
|
$current_default_access = $user->getPrivateSetting('elgg_default_access'); |
304
|
|
|
if ($default_access !== $current_default_access) { |
305
|
|
|
if ($user->setPrivateSetting('elgg_default_access', $default_access)) { |
306
|
|
|
system_message(elgg_echo('user:default_access:success')); |
307
|
|
|
return true; |
308
|
|
|
} else { |
309
|
|
|
register_error(elgg_echo('user:default_access:failure')); |
310
|
|
|
} |
311
|
|
|
} else { |
312
|
|
|
// no change |
313
|
|
|
return; |
314
|
|
|
} |
315
|
|
|
} else { |
316
|
|
|
register_error(elgg_echo('user:default_access:failure')); |
317
|
|
|
} |
318
|
|
|
|
319
|
|
|
return false; |
320
|
|
|
} |
321
|
|
|
|
322
|
|
|
/** |
323
|
|
|
* Set up the menu for user settings |
324
|
|
|
* |
325
|
|
|
* @return void |
326
|
|
|
* @access private |
327
|
|
|
*/ |
328
|
|
|
function _elgg_user_settings_menu_setup() { |
329
|
|
|
$user = elgg_get_page_owner_entity(); |
330
|
|
|
|
331
|
|
|
if (!$user) { |
332
|
|
|
return; |
333
|
|
|
} |
334
|
|
|
|
335
|
|
|
if (!elgg_in_context("settings")) { |
336
|
|
|
return; |
337
|
|
|
} |
338
|
|
|
|
339
|
|
|
$params = array( |
340
|
|
|
'name' => '1_account', |
341
|
|
|
'text' => elgg_echo('usersettings:user:opt:linktext'), |
342
|
|
|
'href' => "settings/user/{$user->username}", |
343
|
|
|
'section' => 'configure', |
344
|
|
|
); |
345
|
|
|
elgg_register_menu_item('page', $params); |
346
|
|
|
$params = array( |
347
|
|
|
'name' => '1_plugins', |
348
|
|
|
'text' => elgg_echo('usersettings:plugins:opt:linktext'), |
349
|
|
|
'href' => '#', |
350
|
|
|
'section' => 'configure', |
351
|
|
|
); |
352
|
|
|
elgg_register_menu_item('page', $params); |
353
|
|
|
$params = array( |
354
|
|
|
'name' => '1_statistics', |
355
|
|
|
'text' => elgg_echo('usersettings:statistics:opt:linktext'), |
356
|
|
|
'href' => "settings/statistics/{$user->username}", |
357
|
|
|
'section' => 'configure', |
358
|
|
|
); |
359
|
|
|
elgg_register_menu_item('page', $params); |
360
|
|
|
$params = array( |
361
|
|
|
'name' => '2_a_user_notify', |
362
|
|
|
'text' => elgg_echo('notifications:subscriptions:changesettings'), |
363
|
|
|
'href' => "notifications/personal/{$user->username}", |
364
|
|
|
'section' => "configure", |
365
|
|
|
); |
366
|
|
|
|
367
|
|
|
elgg_register_menu_item('page', $params); |
368
|
|
|
|
369
|
|
View Code Duplication |
if (elgg_is_active_plugin('groups')) { |
370
|
|
|
$params = array( |
371
|
|
|
'name' => '2_group_notify', |
372
|
|
|
'text' => elgg_echo('notifications:subscriptions:changesettings:groups'), |
373
|
|
|
'href' => "notifications/group/{$user->username}", |
374
|
|
|
'section' => "configure", |
375
|
|
|
); |
376
|
|
|
elgg_register_menu_item('page', $params); |
377
|
|
|
} |
378
|
|
|
// register plugin user settings menu items |
379
|
|
|
$active_plugins = elgg_get_plugins(); |
380
|
|
|
|
381
|
|
View Code Duplication |
foreach ($active_plugins as $plugin) { |
382
|
|
|
$plugin_id = $plugin->getID(); |
383
|
|
|
if (elgg_view_exists("usersettings/$plugin_id/edit") || elgg_view_exists("plugins/$plugin_id/usersettings")) { |
384
|
|
|
$params = array( |
385
|
|
|
'name' => $plugin_id, |
386
|
|
|
'text' => $plugin->getFriendlyName(), |
387
|
|
|
'href' => "settings/plugins/{$user->username}/$plugin_id", |
388
|
|
|
'parent_name' => '1_plugins', |
389
|
|
|
'section' => 'configure', |
390
|
|
|
); |
391
|
|
|
elgg_register_menu_item('page', $params); |
392
|
|
|
} |
393
|
|
|
} |
394
|
|
|
|
395
|
|
|
elgg_register_plugin_hook_handler("prepare", "menu:page", "_elgg_user_settings_menu_prepare"); |
396
|
|
|
} |
397
|
|
|
|
398
|
|
|
/** |
399
|
|
|
* Prepares the page menu to strip out empty plugins menu item for user settings |
400
|
|
|
* |
401
|
|
|
* @param string $hook prepare |
402
|
|
|
* @param string $type menu:page |
403
|
|
|
* @param array $value array of menu items |
404
|
|
|
* @param array $params menu related parameters |
405
|
|
|
* |
406
|
|
|
* @return array |
407
|
|
|
* @access private |
408
|
|
|
*/ |
409
|
|
View Code Duplication |
function _elgg_user_settings_menu_prepare($hook, $type, $value, $params) { |
410
|
|
|
if (empty($value)) { |
411
|
|
|
return $value; |
412
|
|
|
} |
413
|
|
|
|
414
|
|
|
if (!elgg_in_context("settings")) { |
415
|
|
|
return $value; |
416
|
|
|
} |
417
|
|
|
|
418
|
|
|
$configure = elgg_extract("configure", $value); |
419
|
|
|
if (empty($configure)) { |
420
|
|
|
return $value; |
421
|
|
|
} |
422
|
|
|
|
423
|
|
|
foreach ($configure as $index => $menu_item) { |
424
|
|
|
if (!($menu_item instanceof ElggMenuItem)) { |
425
|
|
|
continue; |
426
|
|
|
} |
427
|
|
|
|
428
|
|
|
if ($menu_item->getName() == "1_plugins") { |
429
|
|
|
if (!$menu_item->getChildren()) { |
430
|
|
|
// no need for this menu item if it has no children |
431
|
|
|
unset($value["configure"][$index]); |
432
|
|
|
} |
433
|
|
|
} |
434
|
|
|
} |
435
|
|
|
|
436
|
|
|
return $value; |
437
|
|
|
} |
438
|
|
|
|
439
|
|
|
/** |
440
|
|
|
* Page handler for user settings |
441
|
|
|
* |
442
|
|
|
* @param array $page Pages array |
443
|
|
|
* |
444
|
|
|
* @return bool |
445
|
|
|
* @access private |
446
|
|
|
*/ |
447
|
|
|
function _elgg_user_settings_page_handler($page) { |
448
|
|
|
global $CONFIG; |
449
|
|
|
|
450
|
|
|
if (!isset($page[0])) { |
451
|
|
|
$page[0] = 'user'; |
452
|
|
|
} |
453
|
|
|
|
454
|
|
View Code Duplication |
if (isset($page[1])) { |
455
|
|
|
$user = get_user_by_username($page[1]); |
456
|
|
|
elgg_set_page_owner_guid($user->guid); |
457
|
|
|
} else { |
458
|
|
|
$user = elgg_get_logged_in_user_entity(); |
459
|
|
|
elgg_set_page_owner_guid($user->guid); |
460
|
|
|
} |
461
|
|
|
|
462
|
|
|
elgg_push_breadcrumb(elgg_echo('settings'), "settings/user/$user->username"); |
463
|
|
|
|
464
|
|
|
switch ($page[0]) { |
465
|
|
|
case 'statistics': |
466
|
|
|
elgg_push_breadcrumb(elgg_echo('usersettings:statistics:opt:linktext')); |
467
|
|
|
$path = $CONFIG->path . "pages/settings/statistics.php"; |
468
|
|
|
break; |
469
|
|
|
case 'plugins': |
470
|
|
|
if (isset($page[2])) { |
471
|
|
|
set_input("plugin_id", $page[2]); |
472
|
|
|
elgg_push_breadcrumb(elgg_echo('usersettings:plugins:opt:linktext')); |
473
|
|
|
$path = $CONFIG->path . "pages/settings/tools.php"; |
474
|
|
|
} |
475
|
|
|
break; |
476
|
|
|
case 'user': |
477
|
|
|
$path = $CONFIG->path . "pages/settings/account.php"; |
478
|
|
|
break; |
479
|
|
|
} |
480
|
|
|
|
481
|
|
|
if (isset($path)) { |
482
|
|
|
require $path; |
483
|
|
|
return true; |
484
|
|
|
} |
485
|
|
|
return false; |
486
|
|
|
} |
487
|
|
|
|
488
|
|
|
/** |
489
|
|
|
* Initialize the user settings library |
490
|
|
|
* |
491
|
|
|
* @return void |
492
|
|
|
* @access private |
493
|
|
|
*/ |
494
|
|
View Code Duplication |
function _elgg_user_settings_init() { |
495
|
|
|
elgg_register_page_handler('settings', '_elgg_user_settings_page_handler'); |
496
|
|
|
|
497
|
|
|
elgg_register_event_handler('pagesetup', 'system', '_elgg_user_settings_menu_setup'); |
498
|
|
|
|
499
|
|
|
elgg_register_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_language'); |
500
|
|
|
elgg_register_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_password'); |
501
|
|
|
elgg_register_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_default_access'); |
502
|
|
|
elgg_register_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_name'); |
503
|
|
|
elgg_register_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_email'); |
504
|
|
|
|
505
|
|
|
elgg_register_action("usersettings/save"); |
506
|
|
|
|
507
|
|
|
// extend the account settings form |
508
|
|
|
elgg_extend_view('forms/account/settings', 'core/settings/account/name', 100); |
509
|
|
|
elgg_extend_view('forms/account/settings', 'core/settings/account/password', 100); |
510
|
|
|
elgg_extend_view('forms/account/settings', 'core/settings/account/email', 100); |
511
|
|
|
elgg_extend_view('forms/account/settings', 'core/settings/account/language', 100); |
512
|
|
|
elgg_extend_view('forms/account/settings', 'core/settings/account/default_access', 100); |
513
|
|
|
} |
514
|
|
|
|
515
|
|
|
return function(\Elgg\EventsService $events, \Elgg\HooksRegistrationService $hooks) { |
516
|
|
|
$events->registerHandler('init', 'system', '_elgg_user_settings_init'); |
517
|
|
|
}; |
518
|
|
|
|
This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass.
Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type.