/**
* @deprecated 2.0 No use anymore for such functionality, since we have Permissions for that and we should not be depending on groups
*
* @param array $user_ids
* @param string $action
* @param boolean $allow_myself
* @return null|string
*/
public function get_users_permission($user_ids, $action, $allow_myself = false)
{
global $_CB_framework, $_PLUGINS;
$msg = null;
if (is_array($user_ids) && count($user_ids)) {
$obj = new UserTable($this->_db);
foreach ($user_ids as $user_id) {
if ($user_id != 0) {
if ($obj->load((int) $user_id)) {
/** @noinspection PhpDeprecationInspection */
$groups = $this->get_object_groups($user_id);
if (isset($groups[0])) {
$this_group = strtolower(Application::CmsPermissions()->getGroupName($groups[0]));
} else {
$this_group = 'Registered';
}
} else {
$msg .= 'User not found. ';
$this_group = null;
}
} else {
$this_group = 'Registered';
}
if ($user_id == $_CB_framework->myId()) {
if (!$allow_myself) {
$msg .= "You cannot {$action} Yourself! ";
}
} else {
if (!Application::MyUser()->isSuperAdmin()) {
/** @noinspection PhpDeprecationInspection */
$userGroups = $this->get_object_groups($user_id);
/** @noinspection PhpDeprecationInspection */
$myGroups = $this->get_object_groups($_CB_framework->myId());
$iAmAdmin = Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.manage', 'com_users') && Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.edit', 'com_users');
$exactGids = !$iAmAdmin;
/** @noinspection PhpDeprecationInspection */
$myGidsTree = $this->get_groups_below_me($_CB_framework->myId(), true, $exactGids);
$isHeSAdmin = Application::User((int) $user_id)->isSuperAdmin();
if (array_values($userGroups) == array_values($myGroups) && !$iAmAdmin || $user_id && $userGroups && !array_intersect($userGroups, $myGidsTree) || $isHeSAdmin) {
$msg .= "You cannot {$action} a `{$this_group}`. Only higher-level users have this power. ";
}
}
}
}
} else {
if ($user_ids == $_CB_framework->myId()) {
if (!$allow_myself) {
$msg .= "You cannot {$action} Yourself! ";
}
} else {
if (!Application::MyUser()->isSuperAdmin()) {
/** @noinspection PhpDeprecationInspection */
$userGroups = $this->get_object_groups($user_ids);
/** @noinspection PhpDeprecationInspection */
$myGroups = $this->get_object_groups($_CB_framework->myId());
$iAmAdmin = Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.manage', 'com_users') && Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.edit', 'com_users');
$exactGids = !$iAmAdmin;
/** @noinspection PhpDeprecationInspection */
$myGidsTree = $this->get_groups_below_me($_CB_framework->myId(), true, $exactGids);
$isHeSAdmin = Application::User((int) $user_ids)->isSuperAdmin();
if (array_values($userGroups) == array_values($myGroups) && !$iAmAdmin || $user_ids && $userGroups && !array_intersect($userGroups, $myGidsTree) || $isHeSAdmin) {
$msg .= "You cannot {$action} a user. Only higher-level users have this power. ";
}
}
}
}
if ($_PLUGINS) {
$_PLUGINS->trigger('onUsersPermission', array($user_ids, $action, $allow_myself, &$msg));
}
return $msg;
}
/**
* Send an email to all global moderators
*
* @param string $subject Subject
* @param string $message HTML message for PMS
* @param boolean|int $replaceVariables Should we replace variables ?
* @param int $mode false = plain text, true = HTML
* @param null|string $cc Email CC address
* @param null|string $bcc Email BCC address
* @param null|string $attachment Email attachment files
* @param array $extraStrings Extra replacement strings to use if $replaceVariables = true
* @return boolean Result
*/
public function sendToModerators($subject, $message, $replaceVariables = false, $mode = 0, $cc = null, $bcc = null, $attachment = null, $extraStrings = array())
{
global $_CB_database;
$moderators = Application::CmsPermissions()->getGroupsOfViewAccessLevel(Application::Config()->get('moderator_viewaccesslevel', 3, \CBLib\Registry\GetterInterface::INT), true);
if ($moderators) {
$query = 'SELECT u.id' . "\n FROM #__users u" . "\n INNER JOIN #__comprofiler c" . ' ON u.id = c.id';
$query .= "\n INNER JOIN #__user_usergroup_map g" . ' ON c.id = g.user_id' . "\n WHERE g.group_id IN " . $_CB_database->safeArrayOfIntegers($moderators);
$query .= "\n AND u.block = 0" . "\n AND c.confirmed = 1" . "\n AND c.approved = 1" . "\n AND u.sendEmail = 1";
$_CB_database->setQuery($query);
$mods = $_CB_database->loadObjectList();
if ($mods) {
foreach ($mods as $mod) {
$this->sendFromSystem($mod->id, $subject, $message, $replaceVariables, $mode, $cc, $bcc, $attachment, $extraStrings);
}
}
}
}
function plug_cbgroupjive_install()
{
global $_CB_database, $_PLUGINS;
// Uninstall the old integrations to avoid conflicts:
$integrations = array( 'cbgroupjiveabout', 'cbgroupjiveevents', 'cbgroupjivefile',
'cbgroupjiveforums', 'cbgroupjivephoto', 'cbgroupjivevideo',
'cbgroupjivewall', 'cbgroupjiveauto'
);
foreach ( $integrations as $integration ) {
$plugin = new PluginTable();
$plugin->load( array( 'element' => $integration ) );
if ( $plugin->get( 'id' ) && ( ! is_dir( $_PLUGINS->getPluginPath( $plugin ) . '/xml' ) ) ) {
$plugin->delete();
}
}
// Migrate categories:
$table = '#__groupjive_categories';
$fields = $_CB_database->getTableFields( $table );
$migrate = false;
if ( isset( $fields[$table]['parent'] ) ) {
$migrate = true;
$query = 'SELECT *'
. "\n FROM " . $_CB_database->NameQuote( '#__groupjive_categories' );
$_CB_database->setQuery( $query );
$categories = $_CB_database->loadObjectList( null, '\CBLib\Database\Table\Table', array( $_CB_database, '#__groupjive_categories', 'id' ) );
/** @var $categories Table[] */
foreach ( $categories as $category ) {
$category->set( 'access', ( $category->get( 'access' ) == -2 ? 1 : ( $category->get( 'access' ) == -1 ? 2 : Application::CmsPermissions()->convertOldGroupToViewAccessLevel( $category->get( 'access' ), 'CB GroupJive: Category Access - ' . (int) $category->get( 'id' ) ) ) ) );
$category->set( 'create_access', ( ! $category->get( 'create' ) ? -1 : ( $category->get( 'create_access' ) == -1 ? 2 : Application::CmsPermissions()->convertOldGroupToViewAccessLevel( $category->get( 'create_access' ), 'CB GroupJive: Category Create Access - ' . (int) $category->get( 'id' ) ) ) ) );
$categoryParams = new Registry( $category->get( 'params' ) );
// CB GroupJive Forums:
$categoryParams->set( 'forums', $categoryParams->get( 'forum_show' ) );
$category->set( 'params', $categoryParams->asJson() );
$category->store();
}
// Remove the old columns:
$_CB_database->dropColumn( $table, 'parent' );
$_CB_database->dropColumn( $table, 'create' );
$_CB_database->dropColumn( $table, 'nested' );
$_CB_database->dropColumn( $table, 'nested_access' );
}
// Migrate groups:
$table = '#__groupjive_groups';
$fields = $_CB_database->getTableFields( $table );
if ( isset( $fields[$table]['parent'] ) ) {
$migrate = true;
$query = 'SELECT *'
. "\n FROM " . $_CB_database->NameQuote( '#__groupjive_groups' );
$_CB_database->setQuery( $query );
$groups = $_CB_database->loadObjectList( null, '\CBLib\Database\Table\Table', array( $_CB_database, '#__groupjive_groups', 'id' ) );
/** @var $groups Table[] */
foreach ( $groups as $group ) {
$groupParams = new Registry( $group->get( 'params' ) );
// Core:
$groupParams->set( 'invites', ( $group->get( 'invite' ) > 0 ? 0 : 1 ) );
// CB GroupJive Events:
$groupParams->set( 'events', ( $groupParams->get( 'events_approve' ) ? 2 : $groupParams->get( 'events_show' ) ) );
// CB GroupJive File:
$groupParams->set( 'file', ( $groupParams->get( 'file_approve' ) ? 2 : $groupParams->get( 'file_show' ) ) );
// CB GroupJive Forums:
$groupParams->set( 'forums', $groupParams->get( 'forum_show' ) );
// CB GroupJive Photo:
$groupParams->set( 'photo', ( $groupParams->get( 'photo_approve' ) ? 2 : $groupParams->get( 'photo_show' ) ) );
// CB GroupJive Video:
$groupParams->set( 'video', ( $groupParams->get( 'video_approve' ) ? 2 : $groupParams->get( 'video_show' ) ) );
// CB GroupJive Wall:
$groupParams->set( 'wall', ( $groupParams->get( 'wall_approve' ) ? 2 : $groupParams->get( 'wall_show' ) ) );
$group->set( 'params', $groupParams->asJson() );
$group->store();
}
// Remove the old columns:
$_CB_database->dropColumn( $table, 'parent' );
$_CB_database->dropColumn( $table, 'access' );
$_CB_database->dropColumn( $table, 'invite' );
$_CB_database->dropColumn( $table, 'users' );
$_CB_database->dropColumn( $table, 'nested' );
$_CB_database->dropColumn( $table, 'nested_access' );
}
// Migrate notifications:
$table = '#__groupjive_notifications';
$fields = $_CB_database->getTableFields( $table );
if ( isset( $fields[$table]['type'] ) ) {
$migrate = true;
// Delete notification types no longer supported:
$query = 'DELETE'
. "\n FROM " . $_CB_database->NameQuote( '#__groupjive_notifications' )
. "\n WHERE " . $_CB_database->NameQuote( 'type' ) . " != " . $_CB_database->Quote( 'group' );
$_CB_database->setQuery( $query );
$_CB_database->query();
// Migration notification parameters:
$query = 'SELECT *'
. "\n FROM " . $_CB_database->NameQuote( '#__groupjive_notifications' );
$_CB_database->setQuery( $query );
$notifications = $_CB_database->loadObjectList( null, '\CBLib\Database\Table\Table', array( $_CB_database, '#__groupjive_notifications', 'id' ) );
/** @var $notifications Table[] */
foreach ( $notifications as $notification ) {
if ( ( $notification->get( 'type' ) == 'group' ) && $notification->get( 'item' ) ) {
$notification->set( 'group', (int) $notification->get( 'item' ) );
$notificationParams = new Registry( $notification->get( 'params' ) );
// Core:
$notificationParams->set( 'user_join', $notificationParams->get( 'group_userjoin' ) );
$notificationParams->set( 'user_leave', $notificationParams->get( 'group_userleave' ) );
$notificationParams->set( 'user_approve', $notificationParams->get( 'group_userapprove' ) );
$notificationParams->set( 'invite_accept', $notificationParams->get( 'group_inviteaccept' ) );
// CB GroupJive Events:
$notificationParams->set( 'event_new', $notificationParams->get( 'group_eventnew' ) );
$notificationParams->set( 'event_approve', $notificationParams->get( 'group_eventapprove' ) );
$notificationParams->set( 'event_attend', $notificationParams->get( 'group_eventyes' ) );
$notificationParams->set( 'event_unattend', $notificationParams->get( 'group_eventno' ) );
// CB GroupJive File:
$notificationParams->set( 'file_new', $notificationParams->get( 'group_filenew' ) );
$notificationParams->set( 'file_approve', $notificationParams->get( 'group_fileapprove' ) );
// CB GroupJive Photo:
$notificationParams->set( 'photo_new', $notificationParams->get( 'group_photonew' ) );
$notificationParams->set( 'photo_approve', $notificationParams->get( 'group_photoapprove' ) );
// CB GroupJive Video:
$notificationParams->set( 'video_new', $notificationParams->get( 'group_videonew' ) );
$notificationParams->set( 'video_approve', $notificationParams->get( 'group_videoapprove' ) );
// CB GroupJive Wall:
$notificationParams->set( 'wall_new', $notificationParams->get( 'group_wallnew' ) );
$notificationParams->set( 'wall_approve', $notificationParams->get( 'group_wallapprove' ) );
$notificationParams->set( 'wall_reply', $notificationParams->get( 'group_wallreply' ) );
$notification->set( 'params', $notificationParams->asJson() );
$notification->store();
}
}
// Remove the old columns:
$_CB_database->dropColumn( $table, 'type' );
$_CB_database->dropColumn( $table, 'item' );
}
if ( $migrate ) {
// Migrate global parameters:
$plugin = new PluginTable();
$plugin->load( array( 'element' => 'cbgroupjive' ) );
$pluginParams = new Registry( $plugin->get( 'params' ) );
// Logos:
$pluginParams->set( 'logo_max_size', $pluginParams->get( 'logo_size' ) );
$pluginParams->set( 'logo_image_width', $pluginParams->get( 'logo_width' ) );
$pluginParams->set( 'logo_image_height', $pluginParams->get( 'logo_height' ) );
$pluginParams->set( 'logo_thumbnail_width', $pluginParams->get( 'logo_thumbwidth' ) );
$pluginParams->set( 'logo_thumbnail_height', $pluginParams->get( 'logo_thumbheight' ) );
// Notifications:
$pluginParams->set( 'notifications', $pluginParams->get( 'general_notifications' ) );
$pluginParams->set( 'notifications_notifyby', ( $pluginParams->get( 'general_notifyby' ) < 4 ? 2 : 1 ) );
$pluginParams->set( 'notifications_default_user_join', $pluginParams->get( 'notifications_group_userjoin' ) );
$pluginParams->set( 'notifications_default_user_leave', $pluginParams->get( 'notifications_group_userleave' ) );
$pluginParams->set( 'notifications_default_user_approve', $pluginParams->get( 'notifications_group_userapprove' ) );
$pluginParams->set( 'notifications_default_invite_accept', $pluginParams->get( 'notifications_group_inviteaccept' ) );
// Categories:
$pluginParams->set( 'categories_paging', $pluginParams->get( 'overview_paging' ) );
$pluginParams->set( 'categories_limit', $pluginParams->get( 'overview_limit' ) );
$pluginParams->set( 'categories_search', $pluginParams->get( 'overview_search' ) );
switch( (int) $pluginParams->get( 'overview_orderby' ) ) {
case 7:
$orderBy = 5;
break;
case 8:
$orderBy = 6;
break;
case 5:
$orderBy = 3;
break;
case 6:
$orderBy = 4;
break;
case 1:
case 2:
$orderBy = (int) $pluginParams->get( 'overview_orderby' );
break;
case 3:
case 4:
case 9:
case 10:
default:
$orderBy = 1;
break;
}
$pluginParams->set( 'categories_orderby', $orderBy );
$pluginParams->set( 'categories_groups_paging', $pluginParams->get( 'category_groups_paging' ) );
$pluginParams->set( 'categories_groups_limit', $pluginParams->get( 'category_groups_limit' ) );
$pluginParams->set( 'categories_groups_search', $pluginParams->get( 'category_groups_search' ) );
$pluginParams->set( 'categories_groups_orderby', ( $pluginParams->get( 'category_groups_orderby' ) > 8 ? 4 : $pluginParams->get( 'category_groups_orderby' ) ) );
// Groups:
$pluginParams->set( 'groups_create_access', ( ! $pluginParams->get( 'group_create' ) ? -1 : ( $pluginParams->get( 'group_create_access' ) == -1 ? 2 : Application::CmsPermissions()->convertOldGroupToViewAccessLevel( $pluginParams->get( 'group_create_access' ), 'CB GroupJive: Groups Create Access' ) ) ) );
$pluginParams->set( 'groups_create_limit', $pluginParams->get( 'group_limit' ) );
$pluginParams->set( 'groups_create_approval', $pluginParams->get( 'group_approve' ) );
$pluginParams->set( 'groups_create_captcha', $pluginParams->get( 'group_captcha' ) );
$pluginParams->set( 'groups_message', $pluginParams->get( 'group_message' ) );
$pluginParams->set( 'groups_message_captcha', $pluginParams->get( 'group_message_captcha' ) );
$pluginParams->set( 'groups_users_paging', $pluginParams->get( 'group_users_paging' ) );
$pluginParams->set( 'groups_users_limit', $pluginParams->get( 'group_users_limit' ) );
$pluginParams->set( 'groups_users_search', $pluginParams->get( 'group_users_search' ) );
$pluginParams->set( 'groups_invites_display', $pluginParams->get( 'group_invites_display' ) );
$pluginParams->set( 'groups_invites_by', $pluginParams->get( 'group_invites_by' ) );
$pluginParams->set( 'groups_invites_list', $pluginParams->get( 'group_invites_list' ) );
$pluginParams->set( 'groups_invites_accept', $pluginParams->get( 'group_invites_accept' ) );
$pluginParams->set( 'groups_invites_captcha', $pluginParams->get( 'group_invites_captcha' ) );
$pluginParams->set( 'groups_invites_paging', $pluginParams->get( 'group_invites_paging' ) );
$pluginParams->set( 'groups_invites_limit', $pluginParams->get( 'group_invites_limit' ) );
$pluginParams->set( 'groups_invites_search', $pluginParams->get( 'group_invites_search' ) );
$pluginParams->set( 'groups_paging', $pluginParams->get( 'group_all_paging' ) );
$pluginParams->set( 'groups_limit', $pluginParams->get( 'group_all_limit' ) );
$pluginParams->set( 'groups_search', $pluginParams->get( 'group_all_search' ) );
$pluginParams->set( 'groups_orderby', ( $pluginParams->get( 'group_all_orderby' ) > 8 ? 4 : $pluginParams->get( 'group_all_orderby' ) ) );
$plugin->set( 'params', $pluginParams->asJson() );
$plugin->store();
// Migrate the old auto fields to core GJ:
$query = 'UPDATE '. $_CB_database->NameQuote( '#__comprofiler_fields' )
. "\n SET " . $_CB_database->NameQuote( 'type' ) . " = " . $_CB_database->Quote( 'groupautojoin' )
. ', ' . $_CB_database->NameQuote( 'pluginid' ) . ' = ' . (int) $plugin->get( 'id' )
. "\n WHERE " . $_CB_database->NameQuote( 'type' ) . " = " . $_CB_database->Quote( 'cbgjautojoin' );
$_CB_database->setQuery( $query );
$_CB_database->query();
// Migrate tab parameters:
$tab = new TabTable();
$tab->load( array( 'pluginclass' => 'cbgjTab' ) );
$tabParams = new Registry( $tab->get( 'params' ) );
$tabParams->set( 'tab_paging', $pluginParams->get( 'group_tab_paging' ) );
$tabParams->set( 'tab_limit', $pluginParams->get( 'group_tab_limit' ) );
$tabParams->set( 'tab_search', $pluginParams->get( 'group_tab_search' ) );
$tabParams->set( 'tab_orderby', ( $pluginParams->get( 'group_tab_orderby' ) > 8 ? 4 : $pluginParams->get( 'group_tab_orderby' ) ) );
$tab->set( 'params', $tabParams->asJson() );
$tab->store();
}
// Migrate gj auto to cb auto actions if possible:
$table = '#__groupjive_plugin_auto';
if ( $_CB_database->getTableStatus( $table ) ) {
$fields = $_CB_database->getTableFields( $table );
if ( isset( $fields[$table]['trigger'] ) ) {
$autoActions = new PluginTable();
$autoActions->load( array( 'element' => 'cbautoactions' ) );
if ( $autoActions->get( 'id' ) ) {
$table = '#__comprofiler_plugin_autoactions';
$fields = $_CB_database->getTableFields( $table );
if ( ! isset( $fields[$table]['conditions'] ) ) {
return;
}
$query = 'SELECT *'
. "\n FROM " . $_CB_database->NameQuote( '#__groupjive_plugin_auto' );
$_CB_database->setQuery( $query );
$autos = $_CB_database->loadObjectList( null, '\CBLib\Database\Table\Table', array( $_CB_database, '#__groupjive_plugin_auto', 'id' ) );
/** @var $autos Table[] */
foreach ( $autos as $auto ) {
$oldParams = new Registry( $auto->get( 'params' ) );
if ( $oldParams->get( 'migrated' ) ) {
continue;
}
$newParams = new Registry();
$newConditions = null;
if ( $auto->get( 'field' ) ) {
$fields = new Registry( $auto->get( 'field' ) );
$operators = new Registry( $auto->get( 'operator' ) );
$values = new Registry( $auto->get( 'value' ) );
$conditionals = count( $fields );
if ( $conditionals ) {
$conditions = array();
for ( $i = 0, $n = $conditionals; $i < $n; $i++ ) {
$field = $fields->get( "field$i" );
$operator = $operators->get( "operator$i" );
$value = $values->get( "value$i" );
if ( $operator ) {
$conditions[] = array( 'field' => $field, 'operator' => $operator, 'value' => $value, 'translate' => 0 );
}
}
if ( $conditions ) {
$newConditionals = new Registry( $conditions );
$newConditions = $newConditionals->asJson();
}
}
}
$mode = $oldParams->get( 'auto' );
$join = array( 'mode' => $mode,
'groups' => $oldParams->get( 'groups' ),
'status' => $oldParams->get( 'status' ),
'name' => ( $mode == 2 ? $oldParams->get( 'grp_name' ) : $oldParams->get( 'cat_name' ) ),
'category' => $oldParams->get( 'category' ),
'category_name' => $oldParams->get( 'cat_name' ),
'category_parent' => $oldParams->get( 'cat_parent' ),
'category_types' => $oldParams->get( 'types' ),
'category_description' => $oldParams->get( 'cat_description' ),
'category_unique' => $oldParams->get( 'cat_unique' ),
'group_parent' => $oldParams->get( 'grp_parent' ),
'type' => $oldParams->get( 'type' ),
'parent' => $oldParams->get( 'cat_parent' ),
'types' => $oldParams->get( 'types' ),
'description' => ( $mode == 2 ? $oldParams->get( 'grp_description' ) : $oldParams->get( 'cat_description' ) ),
'owner' => ( $mode == 2 ? $oldParams->get( 'grp_owner' ) : $oldParams->get( 'cat_owner' ) ),
'unique' => ( $mode == 2 ? $oldParams->get( 'grp_unique' ) : $oldParams->get( 'cat_unique' ) ),
'autojoin' => $oldParams->get( 'grp_autojoin' ),
'group_status' => $oldParams->get( 'status' )
);
$newParams->set( 'groupjive', array( $join ) );
$newParams->set( 'exclude', $auto->get( 'exclude' ) );
$query = 'INSERT IGNORE INTO '. $_CB_database->NameQuote( '#__comprofiler_plugin_autoactions' )
. ' ( '
. $_CB_database->NameQuote( 'published' )
. ', ' . $_CB_database->NameQuote( 'title' )
. ', ' . $_CB_database->NameQuote( 'description' )
. ', ' . $_CB_database->NameQuote( 'type' )
. ', ' . $_CB_database->NameQuote( 'trigger' )
. ', ' . $_CB_database->NameQuote( 'object' )
. ', ' . $_CB_database->NameQuote( 'variable' )
. ', ' . $_CB_database->NameQuote( 'access' )
. ', ' . $_CB_database->NameQuote( 'conditions' )
. ', ' . $_CB_database->NameQuote( 'params' )
. ' ) VALUES ( '
. (int) $auto->get( 'published' )
. ', ' . $_CB_database->Quote( $auto->get( 'title' ) )
. ', ' . $_CB_database->Quote( $auto->get( 'description' ) )
. ', ' . $_CB_database->Quote( 'groupjive' )
. ', ' . $_CB_database->Quote( str_replace( ',', '|*|', $auto->get( 'trigger' ) ) )
. ', ' . $_CB_database->Quote( $auto->get( 'object' ) )
. ', ' . $_CB_database->Quote( $auto->get( 'variable' ) )
. ', ' . $_CB_database->Quote( $auto->get( 'access' ) )
. ', ' . $_CB_database->Quote( $newConditions )
. ', ' . $_CB_database->Quote( $newParams->asJson() )
. ' )';
$_CB_database->setQuery( $query );
$_CB_database->query();
$oldParams->set( 'migrated', true );
$auto->set( 'params', $oldParams->asJson() );
$auto->store();
}
}
}
}
}
/**
* Parses for users set to receive a notification and sends it to them
*
* @param string $notification The notification to send
* @param string $subject
* @param string $body
* @param GroupTable $group Group for this notification
* @param UserTable|int|null $from UserTable|int: Specific user to notify from (used for substitutions), Null: Notify from self
* @param UserTable|int|null $to UserTable|int: Specific user to notify, Null: Notify everyone elegible
* @param array $skip Array of user ids to skip
* @param int $status Group status restriction for notifications (e.g. 2: Group Moderators and above)
* @param array $extra
* @return bool
*/
static public function sendNotifications( $notification, $subject, $body, $group, $from = null, $to = null, $skip = array(), $status = 1, $extra = array() )
{
global $_CB_database, $_PLUGINS;
if ( is_int( $from ) ) {
$from = \CBuser::getUserDataInstance( $from );
}
if ( is_int( $to ) ) {
$to = \CBuser::getUserDataInstance( $to );
}
$myId = Application::MyUser()->getUserId();
if ( ( ! $notification ) || ( ! $subject ) || ( ! $body ) ) {
return false;
} elseif ( $to && ( $to->get( 'id' ) == $myId ) ) {
return false;
} elseif ( $from && $to && ( $from->get( 'id' ) == $to->get( 'id' ) ) ) {
return false;
} elseif ( ( ! $group->get( 'id' ) ) || ( $group->get( 'published' ) != 1 ) ) {
return false;
} elseif ( $group->category()->get( 'id' ) && ( ! $group->category()->get( 'published' ) ) ) {
return false;
}
static $params = null;
if ( ! $params ) {
$plugin = $_PLUGINS->getLoadedPlugin( 'user', 'cbgroupjive' );
$params = $_PLUGINS->getPluginParams( $plugin );
}
if ( ( ! $group->category()->get( 'id' ) ) && ( ! $params->get( 'groups_uncategorized', 1 ) ) ) {
return false;
} elseif ( ! $params->get( 'notifications', 1 ) ) {
return false;
}
if ( ! $status ) {
$status = 1;
}
if ( ! is_array( $skip ) ) {
$skip = array( $skip );
}
if ( $from ) {
$skip[] = $from->get( 'id' );
}
$moderators = Application::CmsPermissions()->getGroupsOfViewAccessLevel( Application::Config()->get( 'moderator_viewaccesslevel', 3, GetterInterface::INT ), true );
$query = 'SELECT DISTINCT n.*'
. ', u.' . $_CB_database->NameQuote( 'status' )
. "\n FROM " . $_CB_database->NameQuote( '#__groupjive_notifications' ) . " AS n"
. "\n LEFT JOIN " . $_CB_database->NameQuote( '#__groupjive_users' ) . " AS u"
. ' ON u.' . $_CB_database->NameQuote( 'user_id' ) . ' = n.' . $_CB_database->NameQuote( 'user_id' )
. ' AND u.' . $_CB_database->NameQuote( 'group' ) . ' = n.' . $_CB_database->NameQuote( 'group' )
. "\n LEFT JOIN " . $_CB_database->NameQuote( '#__comprofiler' ) . " AS cb"
. ' ON cb.' . $_CB_database->NameQuote( 'id' ) . ' = u.' . $_CB_database->NameQuote( 'user_id' )
. "\n LEFT JOIN " . $_CB_database->NameQuote( '#__users' ) . " AS j"
. ' ON j.' . $_CB_database->NameQuote( 'id' ) . ' = cb.' . $_CB_database->NameQuote( 'id' )
. "\n LEFT JOIN " . $_CB_database->NameQuote( '#__user_usergroup_map' ) . " AS g"
. ' ON g.' . $_CB_database->NameQuote( 'user_id' ) . ' = j.' . $_CB_database->NameQuote( 'id' )
. "\n WHERE n." . $_CB_database->NameQuote( 'group' ) . " = " . (int) $group->get( 'id' );
if ( $to ) {
$query .= "\n AND n." . $_CB_database->NameQuote( 'user_id' ) . " = " . (int) $to->get( 'id' );
} else {
$query .= "\n AND n." . $_CB_database->NameQuote( 'user_id' ) . " != " . (int) $myId;
}
if ( $skip ) {
$query .= "\n AND n." . $_CB_database->NameQuote( 'user_id' ) . " NOT IN " . $_CB_database->safeArrayOfIntegers( $skip );
}
$query .= "\n AND cb." . $_CB_database->NameQuote( 'approved' ) . " = 1"
. "\n AND cb." . $_CB_database->NameQuote( 'confirmed' ) . " = 1"
. "\n AND j." . $_CB_database->NameQuote( 'block' ) . " = 0"
. "\n AND ( n." . $_CB_database->NameQuote( 'user_id' ) . " = " . (int) $group->get( 'user_id' )
. ' OR u.' . $_CB_database->NameQuote( 'status' ) . " >= " . (int) $status
. ' OR g.' . $_CB_database->NameQuote( 'group_id' ) . " IN " . $_CB_database->safeArrayOfIntegers( $moderators ) . ' )';
$_CB_database->setQuery( $query );
$rows = $_CB_database->loadObjectList( null, '\CB\Plugin\GroupJive\Table\NotificationTable', array( $_CB_database ) );
self::preFetchUsers( $rows );
/** @var NotificationTable[] $rows */
foreach ( $rows as $row ) {
if ( ! $row->params()->get( $notification, 0 ) ) {
continue;
}
if ( $to ) {
$notifyUser = $to;
} else {
$notifyUser = \CBuser::getUserDataInstance( (int) $row->get( 'user_id' ) );
}
$group->set( '_user_status', $row->get( 'status' ) );
if ( ! self::canAccessGroup( $group, $notifyUser ) ) {
continue;
}
self::sendNotification( 4, $from, $notifyUser, $subject, $body, $group, $extra );
}
return true;
}
/**
* @param null|int $id
* @param UserTable $user
* @param stdClass $model
* @param PluginTable $plugin
* @param null|string $message
* @param null|string $messageType
*/
public function showBlogEdit( $id, $user, $model, $plugin, $message = null, $messageType = 'error' )
{
global $_CB_framework;
$blogLimit = (int) $plugin->params->get( 'blog_limit', null );
$blogMode = $plugin->params->get( 'blog_mode', 1 );
$cbModerator = Application::User( (int) $user->get( 'id' ) )->isGlobalModerator();
$row = new cbblogsBlogTable();
$canAccess = false;
if ( $row->load( (int) $id ) ) {
if ( ! $row->get( 'id' ) ) {
if ( $cbModerator ) {
$canAccess = true;
} elseif ( $user->get( 'id' ) && Application::MyUser()->canViewAccessLevel( $plugin->params->get( 'blog_create_access', 2 ) ) ) {
if ( ( ! $blogLimit ) || ( $blogLimit && ( cbblogsModel::getBlogsTotal( null, $user, $user, $plugin ) < $blogLimit ) ) ) {
$canAccess = true;
}
}
} elseif ( $cbModerator || ( $row->get( 'user' ) == $user->get( 'id' ) ) ) {
$canAccess = true;
}
}
$profileUrl = $_CB_framework->userProfileUrl( $row->get( 'user', $user->get( 'id' ) ), false, 'cbblogsTab' );
if ( $canAccess ) {
cbblogsClass::getTemplate( 'blog_edit' );
$input = array();
$publishedTooltip = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Select publish status of the blog. Unpublished blogs will not be visible to the public.' ), null, null, null, null, null, 'data-hascbtooltip="true"' );
$input['published'] = moscomprofilerHTML::yesnoSelectList( 'published', 'class="form-control"' . ( $publishedTooltip ? ' ' . $publishedTooltip : null ), (int) $this->input( 'post/published', $row->get( 'published', ( $cbModerator || ( ! $plugin->params->get( 'blog_approval', 0 ) ) ? 1 : 0 ) ), GetterInterface::INT ) );
$categoryTooltip = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Select blog category. Select the category that best describes your blog.' ), null, null, null, null, null, 'data-hascbtooltip="true"' );
$listCategory = cbblogsModel::getCategoriesList();
$input['category'] = moscomprofilerHTML::selectList( $listCategory, 'category', 'class="form-control"' . ( $categoryTooltip ? ' ' . $categoryTooltip : null ), 'value', 'text', $this->input( 'post/category', $row->get( 'category' ), GetterInterface::STRING ), 1, false, false );
$accessTooltip = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Select access to blog; all groups above that level will also have access to the blog.' ), null, null, null, null, null, 'data-hascbtooltip="true"' );
$listAccess = Application::CmsPermissions()->getAllViewAccessLevels( true, Application::MyUser() );
$input['access'] = moscomprofilerHTML::selectList( $listAccess, 'access', 'class="form-control"' . ( $accessTooltip ? ' ' . $accessTooltip : null ), 'value', 'text', (int) $this->input( 'post/access', $row->get( 'access', $plugin->params->get( 'blog_access_default', 1 ) ), GetterInterface::INT ), 1, false, false );
$titleTooltip = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Input blog title. This is the title that will distinguish this blog from others. Suggested to input something unique and intuitive.' ), null, null, null, null, null, 'data-hascbtooltip="true"' );
$input['title'] = '<input type="text" id="title" name="title" value="' . htmlspecialchars( $this->input( 'post/title', $row->get( 'title' ), GetterInterface::STRING ) ) . '" class="required form-control" size="30"' . ( $titleTooltip ? ' ' . $titleTooltip : null ) . ' />';
if ( in_array( $blogMode, array( 1, 2 ) ) ) {
$blogIntro = $_CB_framework->displayCmsEditor( 'blog_intro', $this->input( 'post/blog_intro', $row->get( 'blog_intro' ), GetterInterface::HTML ), 400, 200, 40, 7 );
$input['blog_intro'] = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Input HTML supported blog intro contents. Suggested to use minimal but well formatting for easy readability.' ), null, null, null, $blogIntro, null, 'style="display:block;"' );
}
if ( in_array( $blogMode, array( 1, 3 ) ) ) {
$blogFull = $_CB_framework->displayCmsEditor( 'blog_full', $this->input( 'post/blog_full', $row->get( 'blog_full' ), GetterInterface::HTML ), 400, 200, 40, 7 );
$input['blog_full'] = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Input HTML supported blog contents. Suggested to use minimal but well formatting for easy readability.' ), null, null, null, $blogFull, null, 'style="display:block;"' );
}
$userTooltip = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Input owner of blog as single integer user_id.' ), null, null, null, null, null, 'data-hascbtooltip="true"' );
$input['user'] = '******' . (int) ( $cbModerator ? $this->input( 'post/user', $row->get( 'user', $user->get( 'id' ) ), GetterInterface::INT ) : $user->get( 'id' ) ) . '" class="digits required form-control" size="4"' . ( $userTooltip ? ' ' . $userTooltip : null ) . ' />';
if ( $message ) {
$_CB_framework->enqueueMessage( $message, $messageType );
}
HTML_cbblogsBlogEdit::showBlogEdit( $row, $input, $user, $model, $plugin );
} else {
cbRedirect( $profileUrl, CBTxt::T( 'Not authorized.' ), 'error' );
}
}
/**
* Implements a form viewaccesslevel selection
*
* @param string $name The name of the form element
* @param string $value The value of the element
* @param SimpleXMLElement $node The xml element for the parameter
* @param string $control_name The control name
* @return string The html for the element
*/
function _form_viewaccesslevel( $name, $value, &$node, $control_name ) {
$size = 0;
$cols = $node->attributes( 'cols' );
$rows = $node->attributes( 'rows' );
$multi = ( $node->attributes( 'multiple' ) == 'true' );
if ( $value === null ) {
$selected = array();
} else {
if ( $multi && ( ! is_array( $value ) ) ) {
$selected = explode( '|*|', $value );
} else {
$selected = array( $value );
}
}
if ( $this->_view ) {
$allAccessLevels = Application::CmsPermissions()->getAllViewAccessLevels();
$contentOptions = $this->_list_options_selected( $name, $node, $control_name, $node->children(), $selected );
$contentTexts = array();
$contentValues = array();
foreach ( $contentOptions as $contentOption ) {
$contentValues[] = $contentOption->value;
$contentTexts[] = htmlspecialchars( $contentOption->text );
}
foreach ( $selected as $v ) {
if ( ( ! in_array( $v, $contentValues ) ) && isset( $allAccessLevels[$v] ) ) {
$text = $allAccessLevels[$v];
switch ( $v ) {
case 1:
$class = 'text-success';
break;
case 2:
$class = 'text-warning';
break;
case 3:
$class = 'text-default';
break;
default:
$class = 'text-primary';
break;
}
$contentTexts[] = '<span class="' . $class . '">' . htmlspecialchars( $text ) . '</span>';
}
}
if ( count( $contentTexts ) > 0 ) {
if ( $cols || $rows ) {
$content = moscomprofilerHTML::list2Table( $contentTexts, $cols, $rows, $size );
} else {
$content = implode( ', ', $contentTexts );
}
} else {
$content = ' - ';
}
return $content;
} else {
$options = array();
if ( is_array( $value ) ) {
$value = implode( '|*|', $value );
}
$defaults = array( '', '--- ' . ( $multi ? CBTxt::T( 'Select View Access Level (CTR/CMD-Click: Multiple)' ) : CBTxt::T( 'Select View Access Level' ) ) . ' ---' );
$this->_list_options_default( $node, $options, $value, $defaults );
$this->_list_options( $name, $node, $control_name, $options, $node->children(), true, $value );
$hideChoices = trim( $node->attributes( 'hidechoices' ) );
// All View Access Levels:
$sqlOptions = Application::CmsPermissions()->getAllViewAccessLevels( true );
// View Access Levels that I can see:
$myAccessTree = Application::CmsPermissions()->getAllViewAccessLevels( false, Application::MyUser() );
foreach ( $sqlOptions as $k => $opt ) {
if ( ! ( isset( $myAccessTree[$opt->value] ) || in_array( $opt->value, $selected ) ) ) {
// Remove options which are not accessible by me, but keep them if they are already selected to not loose them, e.g. if permissions changed:
unset ( $sqlOptions[$k] );
break;
}
}
if ( $hideChoices !== '' ) {
$choicesNo = explode( ',', $hideChoices );
foreach ( $choicesNo as $choice ) {
foreach ( $sqlOptions as $k => $opt ) {
if ( (string) $opt->text === (string) $choice ) {
unset ( $sqlOptions[$k] );
break;
}
}
}
}
$this->_list_options_data( $node, $options, $sqlOptions, false );
$selected = explode( '|*|', $value );
if ( ( checkJversion() >= 2 ) && ( $node->attributes( 'managelevels' ) != 'false' ) ) {
$htmlManageLevels = ' <a target="_blank" class="cbAdminSmallLink" href="' . htmlspecialchars( 'index.php?option=com_users&view=levels' ) . '">' . CBTxt::Th( 'Manage View Access Levels' ) . '</a>';
} else {
$htmlManageLevels = '';
}
return $this->selectList( $options, $node, $control_name, $name, $selected, $multi, false ) . $htmlManageLevels;
}
}
/**
* Installs a tab into database, finding already existing one if needed.
*
* @param int $pluginId Plugin id
* @param SimpleXMLElement $tab XML element of Tab
* @return int|boolean Id of tab or FALSE in case of error (error saved with $this->setError() ).
*/
function installTab($pluginId, $tab)
{
global $_CB_database;
// Check to see if plugin tab already exists in db
if (!$tab->attributes('tabid')) {
if ($tab->attributes('class')) {
$query = "SELECT tabid FROM #__comprofiler_tabs WHERE " . "pluginclass = " . $_CB_database->Quote($tab->attributes('class'));
} else {
$query = "SELECT tabid FROM #__comprofiler_tabs WHERE pluginid = " . (int) $pluginId . " AND pluginclass = ''";
}
$_CB_database->setQuery($query);
$tabId = $_CB_database->loadResult();
} else {
$tabId = $tab->attributes('tabid');
}
if ($tab->attributes('type') == 'existingSytemTab') {
if ($tabId == null) {
$this->setError(1, 'installTab error: existingSystemTab' . ': ' . $tab->attributes('class') . ' ' . 'not found' . '.');
return false;
}
} else {
$row = new TabTable();
if ($tabId) {
$row->load((int) $tabId);
}
if (!$row->tabid) {
$row->title = $tab->attributes('name');
$row->description = trim($tab->attributes('description'));
$row->ordering = 99;
$row->position = $tab->attributes('position');
$row->displaytype = $tab->attributes('displaytype');
$row->ordering_register = $tab->attributes('ordering_register');
$row->enabled = $tab->attributes('enabled');
$row->viewaccesslevel = 1;
$viewAccessLevelName = $tab->attributes('viewaccesslevel');
if ($viewAccessLevelName) {
$accessLevels = Application::CmsPermissions()->getAllViewAccessLevels();
$viewAccessLevelId = array_search($viewAccessLevelName, $accessLevels);
if ($viewAccessLevelId !== false) {
$row->viewaccesslevel = $viewAccessLevelId;
}
}
}
$row->width = $tab->attributes('width');
$row->pluginclass = $tab->attributes('class');
$row->pluginid = $pluginId;
$row->fields = $tab->attributes('fields');
$row->sys = $tab->attributes('sys');
if (!$row->store()) {
$this->setError(1, 'SQL error' . ': ' . $row->getError());
return false;
}
$tabId = (int) $row->tabid;
}
return $tabId;
}
/**
* Fix old 1.x usergroups-based permissions to 2.x access-levels in lists and in tabs
*
* @param \CB\Database\Table\TabTable|\CB\Database\Table\ListTable $loaderTabOrList
* @param string $titleIfCreate Title for newly created access levels if needed (e.g. 'CB Tab access')
* @return void
*
* @throws \RuntimeException
*/
private function convertUserGroupsToViewAccessLevels($loaderTabOrList, $titleIfCreate)
{
$loaderTabOrList->getDbo()->setQuery('SELECT * FROM ' . $loaderTabOrList->getDbo()->NameQuote($loaderTabOrList->getTableName()));
$allTabsOrLists = $loaderTabOrList->loadTrueObjects();
foreach ($allTabsOrLists as $tabOrList) {
if (isset($tabOrList->useraccessgroupid)) {
if ((int) $tabOrList->useraccessgroupid == 0) {
// Already converted or new in 2.x+:
continue;
}
$alreadyConvertedButNotZeroed = (int) $tabOrList->useraccessgroupid == -2 && $tabOrList->viewaccesslevel;
if ((int) $tabOrList->viewaccesslevel <= 1 && !$alreadyConvertedButNotZeroed) {
// Still database default: Convert:
$tabOrList->viewaccesslevel = Application::CmsPermissions()->convertOldGroupToViewAccessLevel($tabOrList->useraccessgroupid, $titleIfCreate);
}
// Always set to 0 after conversion:
$tabOrList->useraccessgroupid = 0;
$tabOrList->store();
}
}
}
function userProfile($option, $uid, $submitvalue)
{
global $_REQUEST, $ueConfig, $_CB_framework, $_PLUGINS;
$msg = null;
if (isset($_REQUEST['user'])) {
if (!CBuser::getMyInstance()->authoriseView('profile', $uid)) {
$canRegister = !isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1';
// Can the guest access once registered with default User Group ? (and doing the check only if he even can register to avoid unneeded checks)
$canAccess = $canRegister && Application::CmsPermissions()->checkGroupsForViewAccessLevel($_CB_framework->getCfg('new_usertype'), Application::Config()->get('profile_viewaccesslevel', 3));
if ($_CB_framework->myId() < 1 && !($_CB_framework->getCfg('allowUserRegistration') == '0' && $canRegister) && $canAccess) {
$msg = CBTxt::Th('UE_REGISTERFORPROFILEVIEW', 'Please log in or sign up to view user profiles.');
} else {
$msg = CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!');
}
}
} else {
if ($uid == 0) {
$msg = CBTxt::Th('UE_REGISTERFORPROFILE', 'Please log in or sign up to view or modify your profile.');
}
}
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger('onBeforeUserProfileAccess', array($uid, &$msg, 1));
if ($msg) {
$_CB_framework->enqueueMessage($msg, 'error');
return;
}
$user =& loadComprofilerUser($uid);
if ($user === null) {
$_CB_framework->enqueueMessage(CBTxt::Th('UE_NOSUCHPROFILE', 'This profile does not exist or is no longer available'), 'error');
return;
}
if (cbGetParam($_GET, 'reason') == 'canceledit') {
if ($uid == 0) {
$Euid = $_CB_framework->myId();
} else {
$Euid = $uid;
}
$msg = cbCheckIfUserCanPerformUserTask($Euid, 'allowModeratorsUserEdit');
if ($Euid != $_CB_framework->myId() && $msg === null) {
// safeguard against missconfiguration of the above: also avoids lower-level users editing higher level ones:
$msg = checkCBpermissions(array((int) $Euid), 'edit', true);
}
$_PLUGINS->trigger('onBeforeUserProfileEditRequest', array($Euid, &$msg, 1));
if ($msg) {
$_CB_framework->enqueueMessage($msg, 'error');
return;
}
$_PLUGINS->trigger('onAfterUserProfileEditCancel', array(&$user));
if ($_PLUGINS->is_errors()) {
echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n";
exit;
}
}
HTML_comprofiler::userProfile($user, $option, $submitvalue);
}
/**
* Saves a new or existing CB+CMS user
* WARNINGS:
* - You must verify authorization of user to perform this (user checkCBpermissions() )
* - You must $this->load() existing user first
*
* @param array $array Raw unfiltered input, typically $_POST
* @param int $ui 1 = Front-end (limitted rights), 2 = Backend (almost unlimitted), 0 = automated (full)
* @param string $reason 'edit' or 'register'
* @return boolean
*/
public function saveSafely(&$array, $ui, $reason)
{
global $_CB_framework, $ueConfig, $_PLUGINS;
// Get current user state and store it into $oldUserComplete:
$oldUserComplete = new UserTable($this->_db);
foreach (array_keys(get_object_vars($this)) as $k) {
if (substr($k, 0, 1) != '_') {
// ignore internal vars
$oldUserComplete->{$k} = $this->{$k};
}
}
if ($oldUserComplete->gids === null) {
$oldUserComplete->gids = array();
}
// 1) Process and validate the fields in form by CB field plugins:
// 2) Bind the fields to CMS User:
$bindResults = $this->bindSafely($array, $ui, $reason, $oldUserComplete);
if ($bindResults) {
// It's ok to use raw fields below as we've already validated in bindSafely with saveTabContents
// Check if username is missing:
if ($this->username == '') {
// We don't have a username! Lets try to find one based off configured fallback:
$fallbackField = isset($ueConfig['usernamefallback']) && $ueConfig['usernamefallback'] ? $ueConfig['usernamefallback'] : 'name';
// Lets see if our fallback exists and that it's a valid string that has a value:
if (isset($this->{$fallbackField}) && is_string($this->{$fallbackField}) && $this->{$fallbackField} != '') {
$this->username = $this->{$fallbackField};
$this->_cmsUser->username = $this->username;
}
// Check if we have a username now:
if ($this->username == '' && $this->email != '') {
// Oh no! We still don't have one! Force to email as backup:
$this->username = $this->email;
$this->_cmsUser->username = $this->username;
}
// Ok, one more try; lets see if we have a username now:
if ($this->username == '' && $this->name != '') {
// What in the world! We still don't have one! Force to name as backup:
$this->username = $this->name;
$this->_cmsUser->username = $this->username;
}
// Now lets see if we finally have a username:
if ($this->username != '') {
// We do! Awesome! Now lets format it so it'll validate in Joomla by removing disallowed characters, all duplicate spacing, and replacing spaces with underscore:
$this->username = preg_replace('/[<>\\\\"%();&\']+/', '', trim($this->username));
$this->_cmsUser->username = $this->username;
}
}
// Check if name is missing:
if ($this->name == '') {
// Yup, it's missing; lets force it to username as backup:
$this->name = $this->username;
$this->_cmsUser->name = $this->name;
}
if (!$this->checkSafely()) {
$bindResults = false;
}
}
// For new registrations or backend user creations, set registration date and password if neeeded:
$isNew = !$this->id;
$newCBuser = $oldUserComplete->user_id == null;
if ($isNew) {
$this->registerDate = $this->_db->getUtcDateTime();
}
if ($bindResults) {
if ($isNew) {
if ($this->password == null) {
$this->setRandomPassword();
$ueConfig['emailpass'] = 1;
// set this global to 1 to force password to be sent to new users.
}
}
// In backend only: if group has been changed and where original group was a Super Admin: check if there is at least a super-admin left:
if ($ui == 2) {
$myGids = $_CB_framework->acl->get_groups_below_me(null, true);
$i_am_super_admin = Application::MyUser()->isSuperAdmin();
if (!$isNew) {
// Joomla-ACL checks:
if ($i_am_super_admin && $_CB_framework->myId() == $this->id) {
// Check that a fool Super User does not block himself:
if ($this->block && !$oldUserComplete->block) {
$this->_error = 'Super Users can not block themselves';
return false;
}
// Check that a fool Super User does not demote himself from Super-User rights:
if ($this->gids != $oldUserComplete->gids) {
$staysSuperUser = Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.admin', null);
if (!$staysSuperUser) {
$this->_error = 'You cannot demote yourself from your Super User permission';
return false;
}
}
}
// Check that a non-Super User/non-admin does not demote an admin or a Super user:
if ($this->gids != $oldUserComplete->gids) {
if (!$i_am_super_admin && !(Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.admin', 'com_comprofiler') || Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.manage', 'com_users') && Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.edit', 'com_users') && Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.edit.state', 'com_users'))) {
// I am not a Super User and not an Users administrator:
$userIsSuperUser = Application::User((int) $this->id)->isSuperAdmin();
// User is super-user: Check if he stays so:
if ($userIsSuperUser) {
$staysSuperUser = Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.admin', null);
if (!$staysSuperUser) {
$this->_error = 'You cannot remove a Super User permission. Only Super Users can do that.';
return false;
}
}
$userCanAdminUsers = (Application::User((int) $this->id)->isAuthorizedToPerformActionOnAsset('core.manage', 'com_users') || Application::User((int) $this->id)->isAuthorizedToPerformActionOnAsset('core.manage', 'com_comprofiler')) && Application::User((int) $this->id)->isAuthorizedToPerformActionOnAsset('core.edit', 'com_users') && Application::User((int) $this->id)->isAuthorizedToPerformActionOnAsset('core.edit.state', 'com_users');
// User is users-administrator: check if he can stay so:
if ($userCanAdminUsers) {
$staysUserAdmin = (Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.manage', 'com_users') || Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.manage', null)) && Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.edit', 'com_users') && Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.edit.state', 'com_users');
if (!$staysUserAdmin) {
$this->_error = 'An users manager cannot be demoted by a non-administrator';
return false;
}
}
}
}
}
// Security check to avoid creating/editing user to higher level than himself: CB response to artf4529.
if (!$i_am_super_admin && $this->gids != $oldUserComplete->gids) {
// Does user try to edit a user that has higher groups ?
if (count(array_diff($this->gids, $myGids)) != 0) {
$this->_error = 'Unauthorized attempt to change an user at higher level than allowed !';
return false;
}
// Does the user try to demote higher levels ?
if (array_diff($this->gids, $myGids) != array_diff($oldUserComplete->gids, $myGids)) {
$this->_error = 'Unauthorized attempt to change higher groups of an user than allowed !';
return false;
}
}
}
}
if ($reason == 'edit') {
if ($ui == 1) {
$_PLUGINS->trigger('onBeforeUserUpdate', array(&$this, &$this, &$oldUserComplete, &$oldUserComplete));
} elseif ($ui == 2) {
if ($isNew || $newCBuser) {
$_PLUGINS->trigger('onBeforeNewUser', array(&$this, &$this, false));
} else {
$_PLUGINS->trigger('onBeforeUpdateUser', array(&$this, &$this, &$oldUserComplete));
}
}
} elseif ($reason == 'register') {
$_PLUGINS->trigger('onBeforeUserRegistration', array(&$this, &$this));
}
$beforeResult = !$_PLUGINS->is_errors();
if (!$beforeResult) {
$this->_error = $_PLUGINS->getErrorMSG(false);
// $_PLUGIN collects all error messages, incl. previous ones.
}
// Saves tab plugins:
// on edits, user params and block/email/approved/confirmed are done in cb.core predefined fields.
// So now calls this and more (CBtabs are already created in $this->bindSafely() ).
$pluginTabsResult = true;
if ($reason == 'edit') {
$this->_cbTabs->savePluginTabs($this, $array);
$pluginTabsResult = !$_PLUGINS->is_errors();
if (!$pluginTabsResult) {
$this->_error = $_PLUGINS->getErrorMSG(false);
// $_PLUGIN collects all error messages, incl. previous ones.
}
}
$clearTextPassword = $this->password;
if ($bindResults && $beforeResult && $pluginTabsResult) {
// Hashes password for CMS storage:
if ($clearTextPassword) {
$hashedPassword = $this->hashAndSaltPassword($clearTextPassword);
$this->password = $hashedPassword;
}
// Stores user if it's a new user:
if ($isNew) {
if (!$this->store()) {
return false;
}
}
// Restores cleartext password for the saveRegistrationPluginTabs:
$this->password = $clearTextPassword;
if ($isNew) {
// Sets the instance of user, to avoid reload from database, and loss of the cleartext password.
CBuser::setUserGetCBUserInstance($this);
}
}
if ($reason == 'register') {
// call here since we got to have a user id:
$registerResults = array();
$registerResults['tabs'] = $this->_cbTabs->saveRegistrationPluginTabs($this, $array);
if ($_PLUGINS->is_errors()) {
if ($bindResults && $beforeResult && $pluginTabsResult) {
$plugins_error = $_PLUGINS->getErrorMSG(false);
// $_PLUGIN collects all error messages, incl. previous ones.
if ($isNew) {
// if it was a new user, and plugin gave error, revert the creation:
$this->delete();
}
$this->_error = $plugins_error;
} else {
$this->_error = $_PLUGINS->getErrorMSG(false);
// $_PLUGIN collects all error messages, incl. previous ones.
}
$pluginTabsResult = false;
}
}
if ($bindResults && $beforeResult && $pluginTabsResult) {
$this->_cbTabs->commitTabsContents($this, $array, $reason);
$commit_errors = $_PLUGINS->getErrorMSG(false);
if (count($commit_errors) > 0) {
$this->_error = $commit_errors;
$bindResults = false;
}
}
if (!($bindResults && $beforeResult && $pluginTabsResult)) {
$this->_cbTabs->rollbackTabsContents($this, $array, $reason);
// Normal error exit point:
$_PLUGINS->trigger('onSaveUserError', array(&$this, $this->_error, $reason));
if (is_array($this->_error)) {
$this->_error = implode('<br />', $this->_error);
}
return false;
}
// Stores the user (again if it's a new as the plugins might have changed the user record):
if ($clearTextPassword) {
$this->password = $hashedPassword;
}
if (!$this->store()) {
return false;
}
// Restores cleartext password for the onAfter and activation events:
$this->password = $clearTextPassword;
// Triggers onAfter and activateUser events:
if ($reason == 'edit') {
if ($ui == 1) {
$_PLUGINS->trigger('onAfterUserUpdate', array(&$this, &$this, $oldUserComplete));
} elseif ($ui == 2) {
if ($isNew || $newCBuser) {
if ($isNew) {
$ueConfig['emailpass'] = 1;
// set this global to 1 to force password to be sent to new users.
}
$_PLUGINS->trigger('onAfterNewUser', array(&$this, &$this, false, true));
if ($this->block == 0 && $this->approved == 1 && $this->confirmed) {
activateUser($this, 2, 'NewUser', false, $isNew);
}
} else {
if (!(($oldUserComplete->approved == 1 || $oldUserComplete->approved == 2) && $oldUserComplete->confirmed) && ($this->approved == 1 && $this->confirmed)) {
// first time a just registered and confirmed user got approved in backend through save user:
if (isset($ueConfig['emailpass']) && $ueConfig['emailpass'] == "1" && $this->password == '') {
// generate the password is auto-generated and not set by the admin at this occasion:
$this->setRandomPassword();
$pwd = $this->hashAndSaltPassword($this->password);
$this->_db->setQuery("UPDATE #__users SET password="******" WHERE id = " . (int) $this->id);
$this->_db->query();
}
}
$_PLUGINS->trigger('onAfterUpdateUser', array(&$this, &$this, $oldUserComplete));
if (!(($oldUserComplete->approved == 1 || $oldUserComplete->approved == 2) && $oldUserComplete->confirmed) && ($this->approved == 1 && $this->confirmed)) {
// first time a just registered and confirmed user got approved in backend through save user:
activateUser($this, 2, 'UpdateUser', false);
}
}
}
} elseif ($reason == 'register') {
$registerResults['after'] = $_PLUGINS->trigger('onAfterUserRegistration', array(&$this, &$this, true));
$registerResults['ok'] = true;
return $registerResults;
}
return true;
}
/**
* Returns an options array of available privacy values
*
* @return array
*/
static public function getPrivacyOptions()
{
global $_PLUGINS, $ueConfig;
static $cache = null;
$plugin = $_PLUGINS->getLoadedPlugin( 'user', 'cbprivacy' );
if ( ! $plugin ) {
return array();
}
$params = $_PLUGINS->getPluginParams( $plugin );
if ( $cache === null ) {
$cache = array();
$_PLUGINS->trigger( 'privacy_onBeforePrivacyOptions', array( &$cache ) );
if ( $params->get( 'privacy_options_visible', 1 ) ) {
$cache[] = moscomprofilerHTML::makeOption( '0', CBTxt::T( 'Public' ) );
}
if ( ( ( $ueConfig['profile_viewaccesslevel'] == 1 ) && $params->get( 'privacy_options_users', 1 ) ) ) {
$cache[] = moscomprofilerHTML::makeOption( '1', CBTxt::T( 'Users' ) );
}
if ( $params->get( 'privacy_options_invisible', 1 ) ) {
$cache[] = moscomprofilerHTML::makeOption( '99', CBTxt::T( 'Private' ) );
}
if ( $ueConfig['allowConnections'] ) {
if ( $params->get( 'privacy_options_conn', 1 ) ) {
$cache[] = moscomprofilerHTML::makeOption( '2', CBTxt::T( 'Connections' ) );
}
if ( $params->get( 'privacy_options_connofconn', 1 ) ) {
$cache[] = moscomprofilerHTML::makeOption( '3', CBTxt::T( 'Connections of Connections' ) );
}
if ( $ueConfig['connection_categories'] && ( $params->get( 'privacy_options_conntypes', '0' ) != '' ) ) {
$connTypes = explode( '|*|', $params->get( 'privacy_options_conntypes', '0' ) );
$types = self::getConnectionTypes();
if ( $types ) {
$cache[] = moscomprofilerHTML::makeOptGroup( CBTxt::T( 'Connection Types' ) );
foreach ( $types as $type ) {
if ( in_array( '0', $connTypes ) || in_array( $type->value, $connTypes ) ) {
$cache[] = moscomprofilerHTML::makeOption( 'CONN-' . (string) $type->value, $type->text );
}
}
$cache[] = moscomprofilerHTML::makeOptGroup( null );
}
}
}
if ( $params->get( 'privacy_options_viewaccesslevels', '' ) != '' ) {
$viewAccessLevels = explode( '|*|', $params->get( 'privacy_options_viewaccesslevels', '' ) );
$accessLevels = Application::CmsPermissions()->getAllViewAccessLevels( true, Application::MyUser() );
if ( $accessLevels ) {
$cache[] = moscomprofilerHTML::makeOptGroup( CBTxt::T( 'View Access Levels' ) );
foreach ( $accessLevels as $accessLevel ) {
if ( in_array( '0', $viewAccessLevels ) || in_array( $accessLevel->value, $viewAccessLevels ) ) {
$cache[] = moscomprofilerHTML::makeOption( 'ACCESS-' . (string) $accessLevel->value, CBTxt::T( $accessLevel->text ) );
}
}
$cache[] = moscomprofilerHTML::makeOptGroup( null );
}
}
if ( $params->get( 'privacy_options_usergroups', '' ) != '' ) {
$userGroups = explode( '|*|', $params->get( 'privacy_options_usergroups', '' ) );
$groups = Application::CmsPermissions()->getAllGroups( true, '' );
if ( $groups ) {
$cache[] = moscomprofilerHTML::makeOptGroup( CBTxt::T( 'Usergroups' ) );
foreach ( $groups as $group ) {
if ( in_array( '0', $userGroups ) || in_array( $group->value, $userGroups ) ) {
$cache[] = moscomprofilerHTML::makeOption( 'GROUP-' . (string) $group->value, CBTxt::T( $group->text ) );
}
}
$cache[] = moscomprofilerHTML::makeOptGroup( null );
}
}
$_PLUGINS->trigger( 'privacy_onAfterPrivacyOptions', array( &$cache ) );
}
return $cache;
}
