2 /** library of functions to deal with lms integration
5 // constants for validation
6 define('LMS_NO_SUCH_HOST','NO SUCH LMSHOST');
7 define('LMS_NO_SUCH_USER','NO SUCH USER');
8 define('LMS_INVALID_HASH','INVALID HASH');
9 define('LMS_INVALID_NETWORK','INVALID IP ADDRESS');
10 define('LMS_SNOOPY_USER_AGENT','Elgg/LMS integration');
12 require_once($CFG->dirroot
.'/lib/snoopy/Snoopy.class.inc');
14 function find_lms_user($installid,$username,$signature,$confirmaction=null,$firstname=null,$lastname=null,$email=null) {
16 // find this host from the installid
17 if (empty($CFG->lmshosts
) ||
!is_array($CFG->lmshosts
) ||
!array_key_exists($installid,$CFG->lmshosts
)) {
18 return LMS_NO_SUCH_HOST
;
20 $host = $CFG->lmshosts
[$installid];
22 // validate our md5 hash
23 if ($confirmaction == 'signupconfirmation') {
24 $stringtohash = $installid.'|'.$username.'|'.$firstname.'|'.$lastname.'|'.$email.'|'.$host['token'];
26 $stringtohash = $installid.'|'.$username.'|'.$host['token'];
27 // firstname, lastname and email cannot be relied upon not to change
28 // so we only want to add them to the hash on signup, not for auth or anything else.
30 $checksig = md5($stringtohash);
31 if ($checksig != $signature) {
32 return LMS_INVALID_HASH
;
35 // if we have an ip address, check it.
36 if (array_key_exists('networkaddress',$host) && empty($confirmaction)) {
37 if (!address_in_subnet(getremoteaddr(),$host['networkaddress'])) {
38 return LMS_INVALID_NETWORK
;
42 if (!empty($confirmaction) && !empty($host['confirmurl'])) {
43 $client = new Snoopy();
44 $client->agent
= LMS_SNOOPY_USER_AGENT
;
45 $client->read_timeout
= 5;
46 $client->use_gzip
= true;
47 $postdata = array('action' => $confirmaction, 'username' => $username, 'signature' => $signature);
48 @$client->submit($host['confirmurl'],$postdata);
49 if ($client->results
!= 'OK') {
50 return clean_param($client->results
,PARAM_CLEAN
);
54 // find our user (we only want to check username and installid, the others could potentially change..
55 if (!$user = get_record_sql('SELECT u.* FROM '.$CFG->prefix
.'users u
56 JOIN '.$CFG->prefix
.'users_alias ua ON ua.user_id = u.ident
57 WHERE ua.installid = ? AND ua.username = ?',array($installid,$username))) {
58 return LMS_NO_SUCH_USER
;
63 function lms_get_folder($installid,$foldername,$user) {
65 // look for the installid folder first.
66 if (!$folder = get_record('file_folders','owner',$user->ident
,'name',$installid)) {
67 // we have to make it.
68 $folder = new StdClass
;
69 $folder->name
= $installid;
70 $folder->owner
= $user->ident
;
71 $folder->files_owner
= $user->ident
;
73 $folder->access
= 'user'.$user->ident
; // ew
74 $folder->ident
= insert_record('file_folders',$folder);
77 if (!$subfolder = get_record('file_folders','owner',$user->ident
,'name',$foldername,'parent',$folder->ident
)) {
78 // we have to make it.
79 $subfolder = new StdClass
;
80 $subfolder->name
= $foldername;
81 $subfolder->owner
= $user->ident
;
82 $subfolder->files_owner
= $user->ident
;
83 $subfolder->parent
= $folder->ident
;
84 $subfolder->access
= 'user'.$user->ident
; // ew
85 $subfolder->ident
= insert_record('file_folders',$subfolder);