1<?php
2/**
3* script for bulk user force password change
4*/
5
6require_once('../../config.php');
7require_once('lib.php');
8require_once($CFG->libdir.'/adminlib.php');
9
10$confirm = optional_param('confirm', 0, PARAM_BOOL);
11
12admin_externalpage_setup('userbulk');
13require_capability('moodle/user:update', context_system::instance());
14
15$return = $CFG->wwwroot.'/'.$CFG->admin.'/user/user_bulk.php';
16
17if (empty($SESSION->bulk_users)) {
18    redirect($return);
19}
20
21echo $OUTPUT->header();
22
23if ($confirm and confirm_sesskey()) {
24    // only force password change if user may actually change the password
25    $authsavailable = get_enabled_auth_plugins();
26    $changeable = array();
27
28    foreach($authsavailable as $authplugin) {
29        if (!$auth = get_auth_plugin($authplugin)) {
30            continue;
31        }
32        if ($auth->is_internal() and $auth->can_change_password()) {
33            $changeable[$authplugin] = true;
34        }
35    }
36
37    $parts = array_chunk($SESSION->bulk_users, 300);
38    foreach ($parts as $users) {
39        list($in, $params) = $DB->get_in_or_equal($users);
40        $rs = $DB->get_recordset_select('user', "id $in", $params);
41        foreach ($rs as $user) {
42            if (!empty($changeable[$user->auth])) {
43                set_user_preference('auth_forcepasswordchange', 1, $user->id);
44                unset($SESSION->bulk_users[$user->id]);
45            } else {
46                echo $OUTPUT->notification(get_string('forcepasswordchangenot', '', fullname($user, true)));
47            }
48        }
49        $rs->close();
50    }
51    echo $OUTPUT->notification(get_string('changessaved'), 'notifysuccess');
52    echo $OUTPUT->continue_button($return);
53
54} else {
55    list($in, $params) = $DB->get_in_or_equal($SESSION->bulk_users);
56    $userlist = $DB->get_records_select_menu('user', "id $in", $params, 'fullname', 'id,'.$DB->sql_fullname().' AS fullname', 0, MAX_BULK_USERS);
57    $usernames = implode(', ', $userlist);
58    if (count($SESSION->bulk_users) > MAX_BULK_USERS) {
59        $usernames .= ', ...';
60    }
61    echo $OUTPUT->heading(get_string('confirmation', 'admin'));
62    $formcontinue = new single_button(new moodle_url('/admin/user/user_bulk_forcepasswordchange.php', array('confirm' => 1)), get_string('yes'));
63    $formcancel = new single_button(new moodle_url('/admin/user/user_bulk.php'), get_string('no'), 'get');
64    echo $OUTPUT->confirm(get_string('forcepasswordchangecheckfull', '', $usernames), $formcontinue, $formcancel);
65}
66
67echo $OUTPUT->footer();
68