From 3f79afbb782cc83d4e7db6b6afd4e878aba5a8d1 Mon Sep 17 00:00:00 2001
From: Marina Glancy <marina@moodle.com>
Date: Fri, 1 Dec 2017 17:06:47 +0800
Subject: [PATCH] MDL-60926 auth: do not map very long profile fields

---
 admin/auth_config.php |  6 ++++++
 lang/en/auth.php      |  1 +
 lib/authlib.php       | 16 ++++++++++++++--
 lib/moodlelib.php     |  6 +++---
 4 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/admin/auth_config.php b/admin/auth_config.php
index 6c3e3157e5d6d..3ee8ebc8c0f88 100644
--- a/admin/auth_config.php
+++ b/admin/auth_config.php
@@ -165,6 +165,12 @@ function print_auth_lock_options($auth, $user_fields, $helptext, $retrieveopts,
             // If custom field then pick name from database.
             $fieldshortname = str_replace('profile_field_', '', $fieldname);
             $fieldname = $customfieldname[$fieldshortname]->name;
+            if (core_text::strlen($fieldshortname) > 67) {
+                // If custom profile field name is longer than 67 characters we will not be able to store the setting
+                // such as 'field_updateremote_profile_field_NOTSOSHORTSHORTNAME' in the database because the character
+                // limit for the setting name is 100.
+                continue;
+            }
         } elseif ($fieldname == 'url') {
             $fieldname = get_string('webpage');
         } else {
diff --git a/lang/en/auth.php b/lang/en/auth.php
index 2dbef7e4f2b22..d2493b19da7b2 100644
--- a/lang/en/auth.php
+++ b/lang/en/auth.php
@@ -65,6 +65,7 @@
 $string['auth_user_creation'] = 'New (anonymous) users can create user accounts on the external authentication source and confirmed via email. If you enable this , remember to also configure module-specific options for user creation.';
 $string['auth_usernameexists'] = 'Selected username already exists. Please choose a new one.';
 $string['auto_add_remote_users'] = 'Auto add remote users';
+$string['cannotmapfield'] = 'Field "{$a->fieldname}" can not be mapped because its short name "{$a->shortname}" is too long. To enable mapping reduce the profile field short name down to {$a->charlimit} characters. <a href="{$a->link}">Edit user profile fields</a>';
 $string['createpassword'] = 'Generate password and notify user';
 $string['createpasswordifneeded'] = 'Create password if needed and send via email';
 $string['emailchangecancel'] = 'Cancel email change';
diff --git a/lib/authlib.php b/lib/authlib.php
index ae7261958c875..44b3221831026 100644
--- a/lib/authlib.php
+++ b/lib/authlib.php
@@ -1016,16 +1016,22 @@ function display_auth_lock_options($settings, $auth, $userfields, $helptext, $ma
     }
 
     foreach ($userfields as $field) {
-
         // Define the fieldname we display to the  user.
         // this includes special handling for some profile fields.
         $fieldname = $field;
+        $fieldnametoolong = false;
         if ($fieldname === 'lang') {
             $fieldname = get_string('language');
         } else if (!empty($customfields) && in_array($field, $customfields)) {
             // If custom field then pick name from database.
             $fieldshortname = str_replace('profile_field_', '', $fieldname);
             $fieldname = $customfieldname[$fieldshortname]->name;
+            if (core_text::strlen($fieldshortname) > 67) {
+                // If custom profile field name is longer than 67 characters we will not be able to store the setting
+                // such as 'field_updateremote_profile_field_NOTSOSHORTSHORTNAME' in the database because the character
+                // limit for the setting name is 100.
+                $fieldnametoolong = true;
+            }
         } else if ($fieldname == 'url') {
             $fieldname = get_string('webpage');
         } else {
@@ -1033,7 +1039,13 @@ function display_auth_lock_options($settings, $auth, $userfields, $helptext, $ma
         }
 
         // Generate the list of fields / mappings.
-        if ($mapremotefields) {
+        if ($fieldnametoolong) {
+            // Display a message that the field can not be mapped because it's too long.
+            $url = new moodle_url('/user/profile/index.php');
+            $a = (object)['fieldname' => s($fieldname), 'shortname' => s($field), 'charlimit' => 67, 'link' => $url->out()];
+            $settings->add(new admin_setting_heading($auth.'/field_not_mapped_'.sha1($field), '',
+                get_string('cannotmapfield', 'auth', $a)));
+        } else if ($mapremotefields) {
             // We are mapping to a remote field here.
             // Mapping.
             $settings->add(new admin_setting_configtext("auth_{$auth}/field_map_{$field}",
diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 9e5ede0ded3d1..53b067d5c9436 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -3932,11 +3932,11 @@ function update_user_record_by_id($id) {
                 // Unknown or must not be changed.
                 continue;
             }
-            $confval = $userauth->config->{'field_updatelocal_' . $key};
-            $lockval = $userauth->config->{'field_lock_' . $key};
-            if (empty($confval) || empty($lockval)) {
+            if (empty($userauth->config->{'field_updatelocal_' . $key}) || empty($userauth->config->{'field_lock_' . $key})) {
                 continue;
             }
+            $confval = $userauth->config->{'field_updatelocal_' . $key};
+            $lockval = $userauth->config->{'field_lock_' . $key};
             if ($confval === 'onlogin') {
                 // MDL-4207 Don't overwrite modified user profile values with
                 // empty LDAP values when 'unlocked if empty' is set. The purpose