Merge branch 'MDL-64173-master' of git://github.com/bmbrands/moodle
[moodle.git] / login / unlock_account.php
blob087729a3de9fa553ef6625faacfdfa2b0058544b
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17 /**
18 * Reset locked-out accounts.
20 * @package core_auth
21 * @copyright 2012 Petr Skoda {@link http://skodak.org}
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
25 require('../config.php');
26 require_once($CFG->libdir.'/authlib.php');
28 $userid = optional_param('u', 0, PARAM_INT);
29 $secret = optional_param('s', '', PARAM_RAW);
31 $PAGE->set_url('/login/unlock_account.php');
32 $PAGE->set_context(context_system::instance());
34 // Override wanted URL, we do not want to end up here again after login!
35 $SESSION->wantsurl = "$CFG->wwwroot/";
37 // Do not disclose details about existence or status of user accounts here.
39 if (!$user = $DB->get_record('user', array('id'=>$userid, 'deleted'=>0, 'suspended'=>0))) {
40 print_error('lockouterrorunlock', 'admin', get_login_url());
43 $usersecret = get_user_preferences('login_lockout_secret', false, $user);
45 if ($secret === $usersecret) {
46 login_unlock_account($user);
47 if ($USER->id == $user->id) {
48 redirect("$CFG->wwwroot/");
49 } else {
50 redirect(get_login_url());
54 print_error('lockouterrorunlock', 'admin', get_login_url());