Example #1
0
 /**
  * Gets the request filters and returns them
  *
  * @param  string $namespace the application state variable namespace
  * @return array
  **/
 public static function getFilters($namespace)
 {
     // Process query filters
     $q = User::getState("{$namespace}.query");
     if ($incoming = Request::getVar('q', false)) {
         $q[] = $incoming;
     }
     // Set some defaults for the filters, if not set otherwise
     if (!is_array($q)) {
         $q[0]['column'] = $namespace == 'com_time.tasks' ? 'assignee_id' : 'user_id';
         $q[0]['operator'] = 'e';
         $q[0]['value'] = User::get('id');
     }
     // Translate operators and augment query filters with human-friendly text
     $query = self::filtersMap($q);
     // Turn search into array of results, if not already
     $search = Request::getVar('search', User::getState("{$namespace}.search", ''));
     // If we have a search and it's not an array (i.e. it's coming in fresh with this request)
     if ($search && !is_array($search)) {
         // Explode multiple words into array
         $search = explode(" ", $search);
         // Only allow alphabetical characters for search
         $search = preg_replace("/[^a-zA-Z]/", "", $search);
     }
     // Set some values in the session
     User::setState("{$namespace}.search", $search);
     User::setState("{$namespace}.query", $query);
     return array('search' => $search, 'q' => $query);
 }
Example #2
0
 /**
  * Method to auto-populate the model state.
  *
  * Note. Calling getState in this method will result in recursion.
  *
  * @since	1.6
  */
 protected function populateState()
 {
     // Load the User state.
     $id = User::getState('com_templates.edit.source.id');
     // Parse the template id out of the compound reference.
     $temp = explode(':', base64_decode($id));
     $this->setState('extension.id', (int) array_shift($temp));
     $fileName = array_shift($temp);
     $this->setState('filename', $fileName);
     // Save the syntax for later use
     User::setState('editor.source.syntax', Filesystem::extension($fileName));
     // Load the parameters.
     $params = Component::params('com_templates');
     $this->setState('params', $params);
 }
    /**
     * @param	JForm	$form	The form to be altered.
     * @param	array	$data	The associated data for the form.
     *
     * @return	boolean
     * @since	2.5
     */
    public function onContentPrepareForm($form, $data)
    {
        // Check we have a form
        if (!$form instanceof JForm) {
            $this->_subject->setError('JERROR_NOT_A_FORM');
            return false;
        }
        // Check we are manipulating a valid form.
        if ($form->getName() != 'com_plugins.plugin' || isset($data->name) && $data->name != 'plg_system_languagecode' || empty($data) && !User::getState('plg_system_language_code.edit')) {
            return true;
        }
        // Mark the plugin as being edited
        User::setState('plg_system_language_code.edit', $data->name == 'plg_system_languagecode');
        // Get site languages
        $languages = Lang::getKnownLanguages(JPATH_SITE);
        // Inject fields into the form
        foreach ($languages as $tag => $language) {
            $form->load('
<form>
	<fields name="params">
		<fieldset
			name="languagecode"
			label="PLG_SYSTEM_LANGUAGECODE_FIELDSET_LABEL"
			description="PLG_SYSTEM_LANGUAGECODE_FIELDSET_DESC"
		>
			<field
				name="' . strtolower($tag) . '"
				type="text"
				description="' . htmlspecialchars(Lang::txt('PLG_SYSTEM_LANGUAGECODE_FIELD_DESC', $language['name']), ENT_COMPAT, 'UTF-8') . '"
				translate_description="false"
				label="' . $tag . '"
				translate_label="false"
				size="7"
				filter="cmd"
			/>
		</fieldset>
	</fields>
</form>
			');
        }
        return true;
    }
Example #4
0
 /**
  * Save a comment
  *
  * @return  void
  */
 protected function postAction()
 {
     // Check for request forgeries
     Request::checkToken();
     // Incoming
     $comment = Request::getVar('activity', array(), 'post', 'none', 2);
     // Instantiate a new object and bind data
     $row = Hubzero\Activity\Log::oneOrNew($comment['id'])->set($comment);
     // Process attachment
     $upload = Request::getVar('activity_file', '', 'files', 'array');
     if (!empty($upload) && $upload['name']) {
         if ($upload['error']) {
             $this->setError(\Lang::txt('PLG_GROUPS_ACTIVITY_ERROR_UPLOADING_FILE'));
         }
         $file = new Plugins\Groups\Activity\Models\Attachment();
         $file->setUploadDir('/site/groups/' . $this->group->get('gidNumber') . '/uploads');
         if (!$file->upload($upload['name'], $upload['tmp_name'], $upload['size'])) {
             App::redirect(Route::url($this->base . '&active=' . $this->_name), $file->getError(), 'error');
         } else {
             $row->details->set('attachments', array($file->toArray()));
             $row->set('details', $row->details->toString());
         }
     }
     // Store new content
     if (!$row->save()) {
         User::setState('failed_comment', $row->get('description'));
         App::redirect(Route::url($this->base . '&active=' . $this->_name), $row->getError(), 'error');
     }
     // Record the activity
     $recipients = array(['group', $this->group->get('gidNumber')], ['user', $row->get('created_by')]);
     if ($row->get('parent')) {
         $recipients[] = ['user', $row->parent()->get('created_by')];
     }
     Event::trigger('system.logActivity', ['activity' => ['id' => $row->get('id'), 'action' => $comment['id'] ? 'updated' : 'created', 'scope' => $row->get('scope'), 'scope_id' => $row->get('scope_id'), 'anonymous' => $row->get('anonymous', 0), 'description' => $row->get('description'), 'details' => array('url' => Route::url($this->base . '&active=' . $this->_name . '#activity' . $row->get('id')), 'attachments' => $row->details->get('attachments'))], 'recipients' => $recipients]);
     // Redirect
     App::redirect(Route::url($this->base . '&active=' . $this->_name), Lang::txt('PLG_GROUPS_ACTIVITY_COMMENTS_SAVED'));
 }
Example #5
0
 /**
  * Remove (uninstall) an extension
  *
  * @param	array	An array of identifiers
  * @return	boolean	True on success
  * @since	1.5
  */
 public function remove($eid = array())
 {
     // Initialise variables.
     if (User::authorise('core.delete', 'com_installer')) {
         // Initialise variables.
         $failed = array();
         // Ensure eid is an array of extension ids in the form id => client_id
         // TODO: If it isn't an array do we want to set an error and fail?
         if (!is_array($eid)) {
             $eid = array($eid => 0);
         }
         // Get a database connector
         $db = \App::get('db');
         // Get an installer object for the extension type
         $installer = \JInstaller::getInstance();
         $row = \JTable::getInstance('extension');
         // Uninstall the chosen extensions
         foreach ($eid as $id) {
             $id = trim($id);
             $row->load($id);
             if ($row->type) {
                 $result = $installer->uninstall($row->type, $id);
                 // Build an array of extensions that failed to uninstall
                 if ($result === false) {
                     $failed[] = $id;
                 }
             } else {
                 $failed[] = $id;
             }
         }
         $langstring = 'COM_INSTALLER_TYPE_TYPE_' . strtoupper($row->type);
         $rowtype = Lang::txt($langstring);
         if (strpos($rowtype, $langstring) !== false) {
             $rowtype = $row->type;
         }
         if (count($failed)) {
             // There was an error in uninstalling the package
             Notify::error(Lang::txt('COM_INSTALLER_UNINSTALL_ERROR', $rowtype));
             $result = false;
         } else {
             // Package uninstalled sucessfully
             Notify::success(Lang::txt('COM_INSTALLER_UNINSTALL_SUCCESS', $rowtype));
             $result = true;
         }
         $this->setState('action', 'remove');
         $this->setState('name', $installer->get('name'));
         User::setState('com_installer.message', $installer->message);
         User::setState('com_installer.extension_message', $installer->get('extension_message'));
         return $result;
     } else {
         $result = false;
         App::abort(403, Lang::txt('JERROR_CORE_DELETE_NOT_PERMITTED'));
     }
 }
Example #6
0
 /**
  * Sets state vars on the model namespace
  *
  * @param   string  $key    The key under which the value will go
  * @param   mixed   $value  The value to assign to the key
  * @return  void
  * @since   2.0.0
  **/
 public function setState($key, $value)
 {
     $key = str_replace('\\', '.', $this->getModelNamespace()) . '.' . $this->getModelName() . ".{$key}";
     User::setState($key, $value);
 }
// Check mail
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
    sendMessage(ERR, 'The format of the given email is invalid: [' . $email . ']');
    return;
}
// Check if the mail already exists
$db = acquireDatabase();
$loader = new User($db);
try {
    $res = $loader->loadWhere('email=?', [$email]);
    if (sizeof($res) > 0) {
        $db->close();
        sendMessage(ERR, 'This email is already in use. Did you forget your password?');
        return;
    }
    $user = new User($db);
    $user->setEmail($email);
    $user->setAndEncryptPassword($password);
    //	$user->setState('CONF_MAIL');
    $user->setState('FILLDATA');
    // Next step is to fill the missing data like name
    $user->save();
    session_start();
    $user->reload(['email']);
    $_SESSION['uid'] = $user->getId();
    $_SESSION['email'] = $user->getEmail();
    sendMessage(OK, 'User ' . $user->getEmail() . ' registered successfully. Please complete your registration.');
} catch (DbException $e) {
    sendMessage(ERR, $e->getMessage());
}
$db->close();
Example #8
0
 /**
  * Save a category record and redirects to listing
  *
  * @return     void
  */
 public function saveTask()
 {
     // Check for request forgeries
     Request::checkToken();
     \User::setState('com_forum.edit.category.data', null);
     // Incoming
     $fields = Request::getVar('fields', array(), 'post');
     $fields = array_map('trim', $fields);
     // Bind the rules.
     $data = Request::getVar('jform', array(), 'post');
     if (isset($data['rules']) && is_array($data['rules'])) {
         $model = new AdminCategory();
         $form = $model->getForm($data, false);
         $validData = $model->validate($form, $data);
         $fields['rules'] = $validData['rules'];
     }
     // Initiate extended database class
     $model = new Category($this->database);
     if (!$model->bind($fields)) {
         Notify::error($model->getError());
         return $this->editTask($model);
     }
     if (!$model->scope) {
         $section = new Section($this->database);
         $section->load($fields['section_id']);
         $model->scope = $section->scope;
         $model->scope_id = $section->scope_id;
     }
     // Check content
     if (!$model->check()) {
         Notify::error($model->getError());
         return $this->editTask($model);
     }
     // Store new content
     if (!$model->store()) {
         Notify::error($model->getError());
         return $this->editTask($model);
     }
     // Redirect
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&section_id=' . $fields['section_id'], false), Lang::txt('COM_FORUM_CATEGORY_SAVED'));
 }
Example #9
0
 /**
  * Method to delete tmp folder
  *
  * @return	boolean   true if delete successful, false otherwise
  * @since	2.5
  */
 public function cleanup()
 {
     // Clear installation messages
     User::setState('com_installer.message', '');
     User::setState('com_installer.extension_message', '');
     // Delete temporary directory
     return Filesystem::deleteDirectory($this->getState('to_path'));
 }
Example #10
0
 /**
  * Method to edit an existing record.
  *
  * @param   string  $key     The name of the primary key of the URL variable.
  * @param   string  $urlVar  The name of the URL variable if different from the primary key
  * (sometimes required to avoid router collisions).
  *
  * @return  boolean  True if access level check and checkout passes, false otherwise.
  *
  * @since   1.6
  */
 public function edit($key = null, $urlVar = null)
 {
     // Initialise variables.
     $result = parent::edit();
     if ($result) {
         // Push the new ancillary data into the session.
         User::setState('com_menus.edit.item.type', null);
         User::setState('com_menus.edit.item.link', null);
     }
     return true;
 }
Example #11
0
 /**
  * Save a post and redirects to listing
  *
  * @return     void
  */
 public function saveTask()
 {
     // Check for request forgeries
     Request::checkToken();
     \User::setState('com_forum.edit.thread.data', null);
     // Incoming
     $fields = Request::getVar('fields', array(), 'post', 'none', 2);
     $fields = array_map('trim', $fields);
     // Bind the rules.
     $data = Request::getVar('jform', array(), 'post');
     if (isset($data['rules']) && is_array($data['rules'])) {
         $model = new AdminThread();
         $form = $model->getForm($data, false);
         $validData = $model->validate($form, $data);
         $fields['rules'] = $validData['rules'];
     }
     if ($fields['id']) {
         $old = new Post($this->database);
         $old->load(intval($fields['id']));
     }
     $fields['sticky'] = isset($fields['sticky']) ? $fields['sticky'] : 0;
     $fields['closed'] = isset($fields['closed']) ? $fields['closed'] : 0;
     $fields['anonymous'] = isset($fields['anonymous']) ? $fields['anonymous'] : 0;
     // Initiate extended database class
     $model = new Post($this->database);
     if (!$model->bind($fields)) {
         Notify::error($model->getError());
         return $this->editTask($model);
     }
     // Check content
     if (!$model->check()) {
         Notify::error($model->getError());
         return $this->editTask($model);
     }
     // Store new content
     if (!$model->store()) {
         Notify::error($model->getError());
         return $this->editTask($model);
     }
     if ($fields['id']) {
         if ($old->category_id != $fields['category_id']) {
             $model->updateReplies(array('category_id' => $fields['category_id']), $model->id);
         }
     }
     $this->uploadTask($model->thread ? $model->thread : $model->id, $model->id);
     $msg = Lang::txt('COM_FORUM_THREAD_SAVED');
     $p = '';
     if ($parent = Request::getInt('parent', 0)) {
         $msg = Lang::txt('COM_FORUM_POST_SAVED');
         $p = '&task=thread&parent=' . $parent;
     }
     // Redirect
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . $p, false), $msg, 'message');
 }
Example #12
0
 /**
  * Method to save a menu item.
  *
  * @return	void
  */
 public function save($key = null, $urlVar = null)
 {
     // Check for request forgeries.
     Session::checkToken() or exit(Lang::txt('JINVALID_TOKEN'));
     // Initialise variables.
     $data = Request::getVar('jform', array(), 'post', 'array');
     $context = 'com_menus.edit.menu';
     $task = $this->getTask();
     $recordId = Request::getInt('id');
     if (!$this->checkEditId($context, $recordId)) {
         // Somehow the person just went to the form and saved it - we don't allow that.
         $this->setError(Lang::txt('JLIB_APPLICATION_ERROR_UNHELD_ID', $recordId));
         $this->setMessage($this->getError(), 'error');
         $this->setRedirect(Route::url('index.php?option=' . $this->option . '&view=' . $this->view_list . $this->getRedirectToListAppend(), false));
         return false;
     }
     // Make sure we are not trying to modify an administrator menu.
     if (isset($data['client_id']) && $data['client_id'] == 1 || strtolower($data['menutype']) == 'menu' || strtolower($data['menutype']) == 'main') {
         Notify::warning(Lang::txt('COM_MENUS_MENU_TYPE_NOT_ALLOWED'));
         // Redirect back to the edit screen.
         $this->setRedirect(Route::url('index.php?option=com_menus&view=menu&layout=edit', false));
         return false;
     }
     // Populate the row id from the session.
     $data['id'] = $recordId;
     // Get the model and attempt to validate the posted data.
     $model = $this->getModel('Menu');
     $form = $model->getForm();
     if (!$form) {
         throw new Exception($model->getError(), 500);
         return false;
     }
     $data = $model->validate($form, $data);
     // Check for validation errors.
     if ($data === false) {
         // Get the validation messages.
         $errors = $model->getErrors();
         // Push up to three validation messages out to the user.
         for ($i = 0, $n = count($errors); $i < $n && $i < 3; $i++) {
             if ($errors[$i] instanceof Exception) {
                 Notify::warning($errors[$i]->getMessage());
             } else {
                 Notify::warning($errors[$i]);
             }
         }
         // Save the data in the session.
         User::setState('com_menus.edit.menu.data', $data);
         // Redirect back to the edit screen.
         $this->setRedirect(Route::url('index.php?option=com_menus&view=menu&layout=edit', false));
         return false;
     }
     // Attempt to save the data.
     if (!$model->save($data)) {
         // Save the data in the session.
         User::setState('com_menus.edit.menu.data', $data);
         // Redirect back to the edit screen.
         $this->setMessage(Lang::txt('JLIB_APPLICATION_ERROR_SAVE_FAILED', $model->getError()), 'warning');
         $this->setRedirect(Route::url('index.php?option=com_menus&view=menu&layout=edit', false));
         return false;
     }
     $this->setMessage(Lang::txt('COM_MENUS_MENU_SAVE_SUCCESS'));
     // Redirect the user and adjust session state based on the chosen task.
     switch ($task) {
         case 'apply':
             // Set the record data in the session.
             $recordId = $model->getState($this->context . '.id');
             $this->holdEditId($context, $recordId);
             // Redirect back to the edit screen.
             $this->setRedirect(Route::url('index.php?option=com_menus&view=menu&layout=edit' . $this->getRedirectToItemAppend($recordId), false));
             break;
         case 'save2new':
             // Clear the record id and data from the session.
             $this->releaseEditId($context, $recordId);
             User::setState($context . '.data', null);
             // Redirect back to the edit screen.
             $this->setRedirect(Route::url('index.php?option=com_menus&view=menu&layout=edit', false));
             break;
         default:
             // Clear the record id and data from the session.
             $this->releaseEditId($context, $recordId);
             User::setState($context . '.data', null);
             // Redirect to the list screen.
             $this->setRedirect(Route::url('index.php?option=com_menus&view=menus', false));
             break;
     }
 }
Example #13
0
         $r->setCreate('1');
         $r->setUpdate('1');
         $r->setRank($rank->getId());
         $r->save();
     }
     $personalities = array('John Travolta', 'Jeff Buckley', 'Tom Cruise', 'John Lennon', 'Emmet Brown', 'Geo trouvetou', 'Luke Skywalker', 'Mac Gyver', 'Marty McFly');
     $im = $personalities[rand(0, count($personalities) - 1)];
     list($fn, $n) = explode(' ', $im);
     //Creation du premier compte et assignation en admin
     $user->setMail($_POST['email']);
     $user->setPassword($_POST['password']);
     $user->setLogin($_POST['login']);
     $user->setFirstName($fn);
     $user->setName($n);
     $user->setToken(sha1(time() . rand(0, 1000)));
     $user->setState(1);
     $user->setRank($rank->getId());
     $user->save();
     global $myUser;
     $myUser = $user;
     Plugin::enabled('relay-relay');
     Plugin::enabled('wireRelay-relay');
     Plugin::enabled('vocal_infos-vocalinfo');
     Plugin::enabled('room-room');
     Plugin::enabled('eventManager-eventmanager');
     Plugin::enabled('profile-profile');
     Plugin::enabled('dashboard-dashboard');
     Plugin::enabled('dashboard-monitoring-dashboard-monitoring');
 } else {
     ?>
     <div id="body" class="container">
Example #14
0
 /**
  * Saves a template source file.
  */
 public function save()
 {
     // Check for request forgeries.
     Session::checkToken() or exit(Lang::txt('JINVALID_TOKEN'));
     // Initialise variables.
     $data = Request::getVar('jform', array(), 'post', 'array');
     $context = 'com_templates.edit.source';
     $task = $this->getTask();
     $model = $this->getModel();
     // Access check.
     if (!$this->allowSave()) {
         return new Exception(Lang::txt('JERROR_SAVE_NOT_PERMITTED'), 403);
     }
     // Match the stored id's with the submitted.
     if (empty($data['extension_id']) || empty($data['filename'])) {
         throw new Exception(Lang::txt('COM_TEMPLATES_ERROR_SOURCE_ID_FILENAME_MISMATCH'), 500);
     } elseif ($data['extension_id'] != $model->getState('extension.id')) {
         throw new Exception(Lang::txt('COM_TEMPLATES_ERROR_SOURCE_ID_FILENAME_MISMATCH'));
     } elseif ($data['filename'] != $model->getState('filename')) {
         throw new Exception(Lang::txt('COM_TEMPLATES_ERROR_SOURCE_ID_FILENAME_MISMATCH'));
     }
     // Validate the posted data.
     $form = $model->getForm();
     if (!$form) {
         throw new Exception($model->getError(), 500);
         return false;
     }
     $data = $model->validate($form, $data);
     // Check for validation errors.
     if ($data === false) {
         // Get the validation messages.
         $errors = $model->getErrors();
         // Push up to three validation messages out to the user.
         for ($i = 0, $n = count($errors); $i < $n && $i < 3; $i++) {
             if ($errors[$i] instanceof Exception) {
                 Notify::warning($errors[$i]->getMessage());
             } else {
                 Notify::warning($errors[$i]);
             }
         }
         // Save the data in the session.
         User::setState($context . '.data', $data);
         // Redirect back to the edit screen.
         $this->setRedirect(Route::url('index.php?option=com_templates&view=source&layout=edit', false));
         return false;
     }
     // Attempt to save the data.
     if (!$model->save($data)) {
         // Save the data in the session.
         User::setState($context . '.data', $data);
         // Redirect back to the edit screen.
         $this->setMessage(Lang::txt('JERROR_SAVE_FAILED', $model->getError()), 'warning');
         $this->setRedirect(Route::url('index.php?option=com_templates&view=source&layout=edit', false));
         return false;
     }
     $this->setMessage(Lang::txt('COM_TEMPLATES_FILE_SAVE_SUCCESS'));
     // Redirect the user and adjust session state based on the chosen task.
     switch ($task) {
         case 'apply':
             // Reset the record data in the session.
             User::setState($context . '.data', null);
             // Redirect back to the edit screen.
             $this->setRedirect(Route::url('index.php?option=com_templates&view=source&layout=edit', false));
             break;
         default:
             // Clear the record id and data from the session.
             User::setState($context . '.id', null);
             User::setState($context . '.data', null);
             // Redirect to the list screen.
             $this->setRedirect(Route::url('index.php?option=com_templates&view=template&id=' . $model->getState('extension.id'), false));
             break;
     }
 }
Example #15
0
 /**
  * Gets the value of a user state variable.
  *
  * @param   string  $key      The key of the user state variable.
  * @param   string  $request  The name of the variable passed in a request.
  * @param   string  $default  The default value for the variable if not found. Optional.
  * @param   string  $type     Filter for the variable. Optional.
  * @return  The request user state.
  */
 public static function getState($key, $request, $default = null, $type = 'none')
 {
     $cur_state = \User::getState($key, $default);
     $new_state = self::getVar($request, null, 'default', $type);
     // Save the new value only if it was set in this request.
     if ($new_state !== null) {
         switch ($type) {
             case 'int':
                 $new_state = intval($new_state);
                 break;
             case 'word':
                 $new_state = preg_replace('/[^A-Z_]/i', '', $new_state);
                 break;
             case 'cmd':
                 $new_state = preg_replace('/[^A-Z0-9_\\.-]/i', '', $new_state);
                 break;
             case 'bool':
                 $new_state = (bool) $new_state;
                 break;
             case 'float':
                 $new_state = preg_replace('/-?[0-9]+(\\.[0-9]+)?/', '', $new_state);
                 break;
             case 'string':
                 $new_state = (string) $new_state;
                 break;
             case 'array':
                 $new_state = (array) $new_state;
                 break;
         }
         \User::setState($key, $new_state);
     } else {
         $new_state = $cur_state;
     }
     return $new_state;
 }
Example #16
0
 /**
  * Method to log in a user.
  *
  * @return  void
  */
 public function loginTask()
 {
     $model = new Model();
     $model->setState('task', $this->_task);
     $credentials = $model->getState('credentials');
     $return = $model->getState('return');
     // If a specific authenticator is specified try to call the login method for that plugin
     if ($authenticator = Request::getVar('authenticator', false, 'method')) {
         Plugin::import('authentication');
         $plugins = Plugin::byType('authentication');
         foreach ($plugins as $plugin) {
             $className = 'plg' . $plugin->type . $plugin->name;
             if ($plugin->name != $authenticator) {
                 continue;
             }
             if (class_exists($className)) {
                 if (method_exists($className, 'login')) {
                     $myplugin = new $className($this, (array) $plugin);
                     $myplugin->login($credentials, $options);
                     if (isset($options['return'])) {
                         $return = $options['return'];
                     }
                 }
                 $options['authenticator'] = $authenticator;
                 break;
             }
         }
     }
     $options = array('action' => 'core.login.admin', 'authenticator' => $authenticator, 'group' => 'Public Backend', 'autoregister' => false, 'action' => 'core.login.admin');
     // Set the application login entry point
     if (!array_key_exists('entry_url', $options)) {
         $options['entry_url'] = Request::base() . 'index.php?option=com_users&task=login';
     }
     $result = App::get('auth')->login($credentials, $options);
     if (!$result instanceof Exception) {
         $lang = preg_replace('/[^A-Z-]/i', '', Request::getCmd('lang'));
         User::setState('application.lang', $lang);
     } else {
         Notify::error($result->getMessage());
     }
     App::redirect($return);
 }
Example #17
0
 function getUsers($order = "login", $sort = "ASC", $offset = 0, $count = 0, $filter = array())
 {
     $users = false;
     $order = in_array($order, array('id', 'login', 'email', 'firstname', 'lastname', 'fullname', 'birthdate', 'registeredmoment')) ? $order : "login";
     $sort = in_array($sort, array('ASC', 'DESC')) ? $sort : "ASC";
     $sql = "SELECT \tid, \n\t\t\t\t\t\tlogin, \n\t\t\t\t\t\t'' AS pwd, \n\t\t\t\t\t\tIF(login = '******' AND pwd = MD5('" . $this->fDevPassword . "'), 1, 0) AS is_dev, \n\t\t\t\t\t\tIF(login = '******', 1, 0) AS is_defaultuser, \n\t\t\t\t\t\temail, \n\t\t\t\t\t\tfirstname, \n\t\t\t\t\t\tmiddlename, \n\t\t\t\t\t\tlastname, \n\t\t\t\t\t\tCONCAT(firstname, ' ', middlename, ' ', lastname) AS fullname, \n\t\t\t\t\t\tDATE_FORMAT(birthdate, '%m/%d/%Y') AS f_birthdate, \n\t\t\t\t\t\tphone, \n\t\t\t\t\t\taddress, \n\t\t\t\t\t\tcity, \n\t\t\t\t\t\tstate, \n\t\t\t\t\t\tpostalcode, \n\t\t\t\t\t\tcountry, \n\t\t\t\t\t\tDATE_FORMAT(registeredmoment, '%m/%d/%Y') AS f_registeredmoment, \n\t\t\t\t\t\tDATE_FORMAT(previousvisitmoment, '%m/%d/%Y') AS f_previousvisitmoment, \n\t\t\t\t\t\tINET_NTOA(previousvisitip) AS f_previousvisitip, \n\t\t\t\t\t\tDATE_FORMAT(currentvisitmoment, '%m/%d/%Y') AS f_currentvisitmoment, \n\t\t\t\t\t\tINET_NTOA(currentvisitip) AS f_currentvisitip \n\t\t\t\t\tFROM " . $this->fUsersTable . " ORDER BY " . $order . " " . $sort;
     if ($count > 0 && $offset > 0) {
         $sql .= " LIMIT " . (int) $offset . ", " . (int) $count;
     } elseif ($count > 0) {
         $sql .= " LIMIT " . (int) $count;
     }
     if ($arrUsers = $this->fDB->getQueryRecordSet($sql)) {
         $users = array();
         foreach ($arrUsers as $arrUser) {
             $user = new User($arrUser['id'], $arrUser['login'], $arrUser['pwd'], $arrUser['email'], $arrUser['firstname'], $arrUser['middlename'], $arrUser['lastname']);
             $user->setBirthDate($arrUser['f_birthdate']);
             $user->setPhone($arrUser['phone']);
             $user->setAddress($arrUser['address']);
             $user->setCity($arrUser['city']);
             $user->setState($arrUser['state']);
             $user->setPostalCode($arrUser['postalcode']);
             $user->setCountry($arrUser['country']);
             $user->setRegisteredDate($arrUser['f_registeredmoment']);
             $user->setPreviousVisitMoment($arrUser['f_previousvisitmoment']);
             $user->setPreviousVisitIP($arrUser['f_previousvisitip']);
             $user->setCurrentVisitMoment($arrUser['f_currentvisitmoment']);
             $user->setCurrentVisitIP($arrUser['f_currentvisitip']);
             $user->setIsDev($arrUser['is_dev']);
             $user->setIsDefaultUser($arrUser['is_defaultuser']);
             $users[] = $user;
         }
     }
     return $users;
 }
Example #18
0
 /**
  * Save an entry
  *
  * @return  void
  */
 protected function _save()
 {
     // Ensure the user is logged in
     if (User::isGuest()) {
         return $this->_login();
     }
     // Check for request forgeries
     Request::checkToken();
     // Incoming
     $comment = Request::getVar('comment', array(), 'post', 'none', 2);
     // Instantiate a new comment object
     $row = \Plugins\Hubzero\Comments\Models\Comment::oneOrNew($comment['id'])->set($comment);
     if ($row->get('id') && !$this->params->get('access-edit-comment')) {
         App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($this->url)), Lang::txt('PLG_HUBZERO_COMMENTS_NOTAUTH'), 'warning');
     }
     // Store new content
     if (!$row->save()) {
         User::setState('failed_comment', $row->get('content'));
         App::redirect($this->url, $row->getError(), 'error');
     }
     $upload = Request::getVar('comment_file', '', 'files', 'array');
     if (!empty($upload) && $upload['name']) {
         if ($upload['error']) {
             $this->setError(\Lang::txt('PLG_HUBZERO_COMMENTS_ERROR_UPLOADING_FILE'));
         }
         $file = new \Plugins\Hubzero\Comments\Models\File();
         $file->set('comment_id', $row->get('id'));
         $file->setUploadDir($this->params->get('comments_uploadpath', '/site/comments'));
         $fileName = $upload['name'];
         $fileTemp = $upload['tmp_name'];
         if (!$file->upload($fileName, $fileTemp)) {
             $this->setError($file->getError());
         } else {
             $file->save();
         }
     }
     App::redirect($this->url, Lang::txt('PLG_HUBZERO_COMMENTS_SAVED'), 'message');
 }
Example #19
0
 /**
  * Sets state vars on the model namespace
  *
  * @param   string  $key    The key under which the value will go
  * @param   mixed   $value  The value to assign to the key
  * @return  void
  * @since   2.0.0
  **/
 public function setState($key, $value)
 {
     User::setState($this->getModelName() . ".{$key}", $value);
 }
Example #20
0
 /**
  * Saves an entry and redirects to listing
  *
  * @return  void
  */
 public function saveTask()
 {
     // Check for request forgeries
     Request::checkToken();
     \User::setState('com_forum.edit.section.data', null);
     // Incoming
     $fields = Request::getVar('fields', array(), 'post');
     $fields = array_map('trim', $fields);
     // Bind the rules.
     $data = Request::getVar('jform', array(), 'post');
     if (isset($data['rules']) && is_array($data['rules'])) {
         $model = new AdminSection();
         $form = $model->getForm($data, false);
         $validData = $model->validate($form, $data);
         $fields['rules'] = $validData['rules'];
     }
     // Initiate extended database class
     $row = new Section($fields['id']);
     if (!$row->bind($fields)) {
         Notify::error($row->getError());
         return $this->editTask($row);
     }
     // Store content
     if (!$row->store(true)) {
         Notify::error($row->getError());
         return $this->editTask($row);
     }
     Notify::success(Lang::txt('COM_FORUM_SECTION_SAVED'));
     if ($this->_task == 'apply') {
         return $this->editTask($row);
     }
     // Redirect
     App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false));
 }
Example #21
0
 /**
  * Method to check whether an ID is in the edit list.
  *
  * @param   string   $context  The context for the session storage.
  * @param   integer  $id       The ID of the record to add to the edit list.
  * @return  void
  */
 protected function releaseEditId($context, $id)
 {
     $values = (array) User::getState($context . '.id');
     // Do a strict search of the edit list values.
     $index = array_search((int) $id, $values, true);
     if (is_int($index)) {
         unset($values[$index]);
         User::setState($context . '.id', $values);
     }
 }
 /**
  * This method should handle any login logic and report back to the subject
  *
  * @param	array	$user		Holds the user data
  * @param	array	$options	Array holding options (remember, autoregister, group)
  *
  * @return	boolean	True on success
  * @since	1.5
  */
 public function onUserLogin($user, $options = array())
 {
     $app = JFactory::getApplication();
     $menu = App::get('menu');
     if (App::isSite() && $this->params->get('automatic_change', 1)) {
         // Load associations
         $assoc = isset($app->menu_associations) ? $app->menu_associations : 0;
         if ($assoc) {
             $active = $menu->getActive();
             if ($active) {
                 $associations = MenusHelper::getAssociations($active->id);
             }
         }
         $lang_code = $user['language'];
         if (empty($lang_code)) {
             $lang_code = self::$default_lang;
         }
         if ($lang_code != self::$tag) {
             // Change language
             self::$tag = $lang_code;
             // Create a cookie
             $cookie_domain = Config::get('cookie_domain', '');
             $cookie_path = Config::get('cookie_path', '/');
             setcookie(App::hash('language'), $lang_code, $this->getLangCookieTime(), $cookie_path, $cookie_domain);
             // Change the language code
             Lang::setLanguage($lang_code);
             // Change the redirect (language have changed)
             if (isset($associations[$lang_code]) && $menu->getItem($associations[$lang_code])) {
                 $itemid = $associations[$lang_code];
                 User::setState('users.login.form.return', 'index.php?&Itemid=' . $itemid);
             } else {
                 $itemid = isset(self::$homes[$lang_code]) ? self::$homes[$lang_code]->id : self::$homes['*']->id;
                 User::setState('users.login.form.return', 'index.php?&Itemid=' . $itemid);
             }
         }
     }
 }
Example #23
0
 /**
  * Method to cancel an edit
  *
  * @param		string	$key	The name of the primary key of the URL variable (not used here).
  *
  * @return	void
  *
  * @since		2.5
  */
 public function cancel($key = null, $test = null)
 {
     Session::checkToken() or exit(Lang::txt('JINVALID_TOKEN'));
     // Initialize variables
     $context = "{$this->option}.edit.{$this->context}";
     User::setState($context . '.data', null);
     $this->setRedirect(Route::url('index.php?option=' . $this->option . '&view=' . $this->view_list . $this->getRedirectToListAppend(), false));
 }
Example #24
0
 /**
  * Save an entry
  *
  * @return    void
  */
 protected function _save()
 {
     // Ensure the user is logged in
     if (User::isGuest()) {
         return $this->_login();
     }
     // Check for request forgeries
     Request::checkToken();
     // Incoming
     $comment = Request::getVar('comment', array(), 'post', 'none', 2);
     // Instantiate a new comment object
     $row = new \Plugins\Hubzero\Comments\Models\Comment($comment['id']);
     // pass data to comment object
     if (!$row->bind($comment)) {
         App::redirect($this->url, $row->getError(), 'error');
         return;
     }
     $row->set('uploadDir', $this->params->get('comments_uploadpath', '/site/comments'));
     $row->set('created', Date::toSql());
     if ($row->exists() && !$this->params->get('access-edit-comment')) {
         App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($this->url)), Lang::txt('PLG_HUBZERO_COMMENTS_NOTAUTH'), 'warning');
         return;
     }
     // Store new content
     if (!$row->store(true)) {
         $key = 'failed_comment';
         $value = $row->content('raw');
         User::setState($key, $value);
         App::redirect($this->url, $row->getError(), 'error');
         return;
     }
     App::redirect($this->url, Lang::txt('PLG_HUBZERO_COMMENTS_SAVED'), 'message');
 }
Example #25
0
 /**
  * Method to save a user's profile data.
  *
  * @return	void
  * @since	1.6
  */
 public function save()
 {
     // Check for request forgeries.
     Session::checkToken() or exit(Lang::txt('JINVALID_TOKEN'));
     // Initialise variables.
     $app = JFactory::getApplication();
     $model = $this->getModel('Profile', 'UsersModel');
     $user = User::getRoot();
     $userId = (int) $user->get('id');
     // Get the user data.
     $data = Request::getVar('jform', array(), 'post', 'array');
     // Force the ID to this user.
     $data['id'] = $userId;
     // Validate the posted data.
     $form = $model->getForm();
     if (!$form) {
         App::abort(500, $model->getError());
         return false;
     }
     // Validate the posted data.
     $data = $model->validate($form, $data);
     // Check for errors.
     if ($data === false) {
         // Get the validation messages.
         $errors = $model->getErrors();
         // Push up to three validation messages out to the user.
         for ($i = 0, $n = count($errors); $i < $n && $i < 3; $i++) {
             if ($errors[$i] instanceof Exception) {
                 Notify::warning($errors[$i]->getMessage());
             } else {
                 Notify::warning($errors[$i]);
             }
         }
         // Save the data in the session.
         $app->setUserState('com_users.edit.profile.data', $data);
         // Redirect back to the edit screen.
         $userId = (int) User::setState('com_users.edit.profile.id');
         $this->setRedirect(Route::url('index.php?option=com_users&view=profile&layout=edit&user_id=' . $userId, false));
         return false;
     }
     // Attempt to save the data.
     $return = $model->save($data);
     // Check for errors.
     if ($return === false) {
         // Save the data in the session.
         User::setState('com_users.edit.profile.data', $data);
         // Redirect back to the edit screen.
         $userId = (int) User::getState('com_users.edit.profile.id');
         $this->setMessage(Lang::txt('COM_USERS_PROFILE_SAVE_FAILED', $model->getError()), 'warning');
         $this->setRedirect(Route::url('index.php?option=com_users&view=profile&layout=edit&user_id=' . $userId, false));
         return false;
     }
     // Redirect the user and adjust session state based on the chosen task.
     switch ($this->getTask()) {
         case 'apply':
             // Check out the profile.
             User::setState('com_users.edit.profile.id', $return);
             $model->checkout($return);
             // Redirect back to the edit screen.
             $this->setMessage(Lang::txt('COM_USERS_PROFILE_SAVE_SUCCESS'));
             $this->setRedirect(Route::url(($redirect = User::getState('com_users.edit.profile.redirect')) ? $redirect : 'index.php?option=com_users&view=profile&layout=edit&hidemainmenu=1', false));
             break;
         default:
             // Check in the profile.
             $userId = (int) User::getState('com_users.edit.profile.id');
             if ($userId) {
                 $model->checkin($userId);
             }
             // Clear the profile id from the session.
             User::setState('com_users.edit.profile.id', null);
             // Redirect to the list screen.
             $this->setMessage(Lang::txt('COM_USERS_PROFILE_SAVE_SUCCESS'));
             $this->setRedirect(Route::url(($redirect = User::getState('com_users.edit.profile.redirect')) ? $redirect : 'index.php?option=com_users&view=profile&user_id=' . $return, false));
             break;
     }
     // Flush the data from the session.
     User::setState('com_users.edit.profile.data', null);
 }
Example #26
0
 /**
  * Set local password
  *
  * @return void - redirect to members account page
  */
 private function setlocalpass()
 {
     // Logged in?
     if ($this->user->get('guest')) {
         App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode(Route::url('index.php?option=' . $this->option . '&task=myaccount&active=account&action=setlocalpass'))), Lang::txt('You must be a logged in to access this area.'), 'warning');
         return;
     }
     // Get the token from the user state variable
     $token = User::getState($this->option . 'token');
     // First check to make sure they're not trying to jump to this page without first verifying their token
     if (is_null($token)) {
         // Tsk tsk, no sneaky business
         App::redirect(Route::url('index.php?option=' . $this->option . '&id=' . $this->user->get('id') . '&active=account&task=sendtoken'), Lang::txt('You must first verify your email address by inputting the token.'), 'error');
         return;
     }
     // Get the password input
     $password1 = Request::getVar('password1', null, 'post', 'string', JREQUEST_ALLOWRAW);
     $password2 = Request::getVar('password2', null, 'post', 'string', JREQUEST_ALLOWRAW);
     $change = Request::getVar('change', '', 'post');
     // Create the view
     $view = new \Hubzero\Plugin\View(array('folder' => 'members', 'element' => 'account', 'name' => 'setlocalpassword', 'layout' => 'setlocalpass'));
     // Add a few more variables to the view
     $view->option = $this->option;
     $view->id = $this->user->get('id');
     // Get the password rules
     $password_rules = \Hubzero\Password\Rule::getRules();
     // Get the password rule descriptions
     $view->password_rules = array();
     foreach ($password_rules as $rule) {
         if (!empty($rule['description'])) {
             $view->password_rules[] = $rule['description'];
         }
     }
     // Blank form request (no data submitted)
     if (empty($change)) {
         $view->notifications = $this->getPluginMessage() ? $this->getPluginMessage() : array();
         return $view->loadTemplate();
     }
     // Check for request forgeries
     Request::checkToken();
     // Load some needed libraries
     jimport('joomla.user.helper');
     // Initiate profile classs
     $profile = new \Hubzero\User\Profile();
     $profile->load($this->user->get('id'));
     // Fire the onBeforeStoreUser trigger
     Event::trigger('user.onBeforeStoreUser', array($this->user->getProperties(), false));
     // Validate the password against password rules
     if (!empty($password1)) {
         $msg = \Hubzero\Password\Rule::validate($password1, $password_rules, $profile->get('username'));
     } else {
         $msg = array();
     }
     // Verify password
     $passrules = false;
     if (!$password1 || !$password2) {
         $this->setError(Lang::txt('MEMBERS_PASS_MUST_BE_ENTERED_TWICE'));
     } elseif ($password1 != $password2) {
         $this->setError(Lang::txt('MEMBERS_PASS_NEW_CONFIRMATION_MISMATCH'));
     } elseif (!empty($msg)) {
         $this->setError(Lang::txt('Password does not meet site password requirements. Please choose a password meeting all the requirements listed.'));
         $passrules = true;
     }
     // Were there any errors?
     if ($this->getError()) {
         $change = array();
         $change['_missing']['password'] = $this->getError();
         if (!empty($msg) && $passrules) {
             //$change = $msg;
         }
         if (Request::getInt('no_html', 0)) {
             echo json_encode($change);
             exit;
         } else {
             $view->setError($this->getError());
             return $view->loadTemplate();
         }
     }
     // No errors, so let's move on - encrypt the password and update the profile
     $result = \Hubzero\User\Password::changePassword($profile->get('uidNumber'), $password1);
     // Save the changes
     if (!$result) {
         $view->setError(Lang::txt('MEMBERS_PASS_CHANGE_FAILED'));
         return $view->loadTemplate();
     }
     // Fire the onAfterStoreUser trigger
     Event::trigger('user.onAfterStoreUser', array($this->user->getProperties(), false, null, $this->getError()));
     // Flush the variables from the session
     User::setState($this->option . 'token', null);
     // Redirect
     if (Request::getInt('no_html', 0)) {
         echo json_encode(array("success" => true, "redirect" => Route::url($this->member->getLink() . '&active=account')));
         exit;
     } else {
         // Redirect user to confirm view page
         App::redirect(Route::url($this->member->getLink() . '&active=account'), Lang::txt('Password reset successful'), 'passed');
     }
     return;
 }
Example #27
0
 /**
  * Method to register a user.
  *
  * @since	1.6
  */
 public function register()
 {
     Session::checkToken('post');
     // Get the form data.
     $data = Request::getVar('user', array(), 'post', 'array');
     // Get the model and validate the data.
     $model = $this->getModel('Registration', 'UsersModel');
     $return = $model->validate($data);
     // Check for errors.
     if ($return === false) {
         // Get the validation messages.
         $errors = $model->getErrors();
         // Push up to three validation messages out to the user.
         for ($i = 0, $n = count($errors); $i < $n && $i < 3; $i++) {
             if ($errors[$i] instanceof Exception) {
                 Notify::warning($errors[$i]->getMessage());
             } else {
                 Notify::warning($errors[$i]);
             }
         }
         // Save the data in the session.
         User::setState('users.registration.form.data', $data);
         // Redirect back to the registration form.
         $this->setRedirect('index.php?option=com_users&view=registration');
         return false;
     }
     // Finish the registration.
     $return = $model->register($data);
     // Check for errors.
     if ($return === false) {
         // Save the data in the session.
         User::setState('users.registration.form.data', $data);
         // Redirect back to the registration form.
         $message = Lang::txt('COM_USERS_REGISTRATION_SAVE_FAILED', $model->getError());
         $this->setRedirect('index.php?option=com_users&view=registration', $message, 'error');
         return false;
     }
     // Flush the data from the session.
     User::setState('users.registration.form.data', null);
     exit;
 }
Example #28
0
 /**
  * Initializes pagination object
  *
  * @param   string  $namespace  The session state variable namespace
  * @param   int     $total      Total number of records
  * @param   string  $start      The variable name representing the pagination start number
  * @param   string  $limit      The variable name representing the pagination limit number
  * @return  object
  * @since   2.0.0
  **/
 public static function init($namespace, $total, $start = 'start', $limit = 'limit')
 {
     $instance = new self();
     $instance->total = $total;
     $instance->start = \Request::getInt($start, 0);
     $instance->limit = \Request::getInt($limit, User::getState($namespace . '.limit', \Config::get('list_limit')));
     User::setState($namespace . '.start', $instance->start);
     User::setState($namespace . '.limit', $instance->limit);
     return $instance;
 }
Example #29
0
 /**
  * Update a set of extensions.
  *
  * @since	1.6
  */
 public function update()
 {
     // Check for request forgeries
     Session::checkToken() or exit(Lang::txt('JINVALID_TOKEN'));
     $model = new Models\Update();
     $uid = Request::getVar('cid', array(), '', 'array');
     \Hubzero\Utility\Arr::toInteger($uid, array());
     if ($model->update($uid)) {
         App::get('cache')->clean('mod_menu');
     }
     $redirect_url = User::getState('com_installer.redirect_url');
     if (empty($redirect_url)) {
         $redirect_url = Route::url('index.php?option=com_installer&view=update', false);
     } else {
         // wipe out the user state when we're going to redirect
         User::setState('com_installer.redirect_url', '');
         User::setState('com_installer.message', '');
         User::setState('com_installer.extension_message', '');
     }
     App::redirect($redirect_url);
 }