/**
* The event which runs when we are displaying the record list JSON view
*
* @param string $tpl The view sub-template to use
*
* @return boolean True to allow display of the view
*/
protected function onDisplay($tpl = null)
{
$document = FOFPlatform::getInstance()->getDocument();
if ($document instanceof JDocument) {
$document->setMimeEncoding('application/json');
}
// Load the model
$model = $this->getModel();
$items = $model->getItemList();
$categories = $model->getCategories();
$publicFields = array("babioonevent_event_id", "name", "organiser", "sdate", "stime", "stimeset", "edate", "etime", "etimeset", "contact", "tel", "website", "address", "ainfo", "street", "pcode", "city", "state", "country", "geo_b", "geo_l", "teaser", "text", "isfreeofcharge", "charge", "picturefile", "created", "modified", "customfield1", "customfield2", "customfield3", "customfield4", "link");
$publicData = array();
foreach ($items as $item) {
$data = array();
foreach ($publicFields as $field) {
$data[$field] = $item->{$field};
}
$data['category'] = '';
if (array_key_exists($item->catid, $categories)) {
$data['category'] = $categories[$item->catid]->title;
}
if ($item->showemail == 1) {
$data['email'] = $item->email;
}
$publicData[] = $data;
}
$json = json_encode($publicData);
echo $json;
return false;
}
protected function loadView($view)
{
if ('images' == $view || 'imagesList' == $view) {
$overridePath = FOFPlatform::getInstance()->getTemplateOverridePath('com_media', true) . '/' . $view;
require_once $overridePath . '/view.html.php';
}
}
/**
* Create objects for the options
*
* @return array The array of option objects
*/
protected function getOptions()
{
$options = array();
// Initialize some field attributes.
$key = $this->element['key_field'] ? (string) $this->element['key_field'] : 'value';
$value = $this->element['value_field'] ? (string) $this->element['value_field'] : (string) $this->element['name'];
$translate = $this->element['translate'] ? (string) $this->element['translate'] : false;
$query = (string) $this->element['query'];
// Get the database object.
$db = FOFPlatform::getInstance()->getDbo();
// Set the query and get the result list.
$db->setQuery($query);
$items = $db->loadObjectlist();
// Build the field options.
if (!empty($items)) {
foreach ($items as $item) {
if ($translate == true) {
$options[] = JHtml::_('select.option', $item->{$key}, JText::_($item->{$value}));
} else {
$options[] = JHtml::_('select.option', $item->{$key}, $item->{$value});
}
}
}
// Merge any additional options in the XML definition.
$options = array_merge(parent::getOptions(), $options);
return $options;
}
/**
* Shows the configuration page for this two factor authentication method.
*
* @param object $otpConfig The two factor auth configuration object
* @param integer $user_id The numeric user ID of the user whose form we'll display
*
* @return boolean|string False if the method is not ours, the HTML of the configuration page otherwise
*
* @see UsersModelUser::getOtpConfig
* @since 3.2
*/
public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null)
{
if ($otpConfig->method == $this->methodName) {
// This method is already activated. Reuse the same Yubikey ID.
$yubikey = $otpConfig->config['yubikey'];
} else {
// This methods is not activated yet. We'll need a Yubikey TOTP to setup this Yubikey.
$yubikey = '';
}
// Is this a new TOTP setup? If so, we'll have to show the code validation field.
$new_totp = $otpConfig->method != $this->methodName;
// Start output buffering
@ob_start();
// Include the form.php from a template override. If none is found use the default.
$path = FOFPlatform::getInstance()->getTemplateOverridePath('plg_twofactorauth_yubikey', true);
JLoader::import('joomla.filesystem.file');
if (JFile::exists($path . '/form.php')) {
include_once $path . '/form.php';
} else {
include_once __DIR__ . '/tmpl/form.php';
}
// Stop output buffering and get the form contents
$html = @ob_get_clean();
// Return the form contents
return array('method' => $this->methodName, 'form' => $html);
}
/**
* Checks out the current item
*
* @return boolean
*/
public function checkout()
{
$table = $this->getTable($this->table);
$status = $table->checkout(FOFPlatform::getInstance()->getUser()->id, $this->id);
if (!$status) {
$this->setError($table->getError());
}
return $status;
}
/**
* Method to get a list of tags
*
* @return array The field option objects.
*
* @since 3.1
*/
protected function getOptions()
{
$options = array();
$published = $this->element['published'] ? $this->element['published'] : array(0, 1);
$db = FOFPlatform::getInstance()->getDbo();
$query = $db->getQuery(true)->select('a.id AS value, a.path, a.title AS text, a.level, a.published')->from('#__tags AS a')->join('LEFT', $db->quoteName('#__tags') . ' AS b ON a.lft > b.lft AND a.rgt < b.rgt');
if ($this->item instanceof FOFTable) {
$item = $this->item;
} else {
$item = $this->form->getModel()->getItem();
}
if ($item instanceof FOFTable) {
// Fake value for selected tags
$keyfield = $item->getKeyName();
$content_id = $item->{$keyfield};
$type = $item->getContentType();
$selected_query = $db->getQuery(true);
$selected_query->select('tag_id')->from('#__contentitem_tag_map')->where('content_item_id = ' . (int) $content_id)->where('type_alias = ' . $db->quote($type));
$db->setQuery($selected_query);
$this->value = $db->loadColumn();
}
// Ajax tag only loads assigned values
if (!$this->isNested()) {
// Only item assigned values
$values = (array) $this->value;
FOFUtilsArray::toInteger($values);
$query->where('a.id IN (' . implode(',', $values) . ')');
}
// Filter language
if (!empty($this->element['language'])) {
$query->where('a.language = ' . $db->quote($this->element['language']));
}
$query->where($db->quoteName('a.alias') . ' <> ' . $db->quote('root'));
// Filter to only load active items
// Filter on the published state
if (is_numeric($published)) {
$query->where('a.published = ' . (int) $published);
} elseif (is_array($published)) {
FOFUtilsArray::toInteger($published);
$query->where('a.published IN (' . implode(',', $published) . ')');
}
$query->group('a.id, a.title, a.level, a.lft, a.rgt, a.parent_id, a.published, a.path')->order('a.lft ASC');
// Get the options.
$db->setQuery($query);
try {
$options = $db->loadObjectList();
} catch (RuntimeException $e) {
return false;
}
// Prepare nested data
if ($this->isNested()) {
$this->prepareOptionsNested($options);
} else {
$options = JHelperTags::convertPathsToNames($options);
}
return $options;
}
/**
* Returns a new database query class
*
* @param JDatabaseDriver $db The DB driver which will provide us with a query object
*
* @return FOFQueryAbstract
*/
public static function &getNew($db = null)
{
FOFPlatform::getInstance()->logDeprecated('FOFQueryAbstract is deprecated. Use JDatabaseQuery instead.');
if (is_null($db)) {
$ret = FOFPlatform::getInstance()->getDbo()->getQuery(true);
} else {
$ret = $db->getQuery(true);
}
return $ret;
}
/**
* Create objects for the options
*
* @return array The array of option objects
*/
protected function getOptions()
{
$options = array();
// Get the field $options
foreach ($this->element->children() as $option) {
// Only add <option /> elements.
if ($option->getName() != 'option') {
continue;
}
// Create a new option object based on the <option /> element.
$options[] = JHtml::_('select.option', (string) $option['value'], JText::alt(trim((string) $option), preg_replace('/[^a-zA-Z0-9_\\-]/', '_', $this->fieldname)), 'value', 'text', (string) $option['disabled'] == 'true');
}
// Do we have a class and method source for our options?
$source_file = empty($this->element['source_file']) ? '' : (string) $this->element['source_file'];
$source_class = empty($this->element['source_class']) ? '' : (string) $this->element['source_class'];
$source_method = empty($this->element['source_method']) ? '' : (string) $this->element['source_method'];
$source_key = empty($this->element['source_key']) ? '*' : (string) $this->element['source_key'];
$source_value = empty($this->element['source_value']) ? '*' : (string) $this->element['source_value'];
$source_translate = empty($this->element['source_translate']) ? 'true' : (string) $this->element['source_translate'];
$source_translate = in_array(strtolower($source_translate), array('true', 'yes', '1', 'on')) ? true : false;
$source_format = empty($this->element['source_format']) ? '' : (string) $this->element['source_format'];
if ($source_class && $source_method) {
// Maybe we have to load a file?
if (!empty($source_file)) {
$source_file = FOFTemplateUtils::parsePath($source_file, true);
if (FOFPlatform::getInstance()->getIntegrationObject('filesystem')->fileExists($source_file)) {
include_once $source_file;
}
}
// Make sure the class exists
if (class_exists($source_class, true)) {
// ...and so does the option
if (in_array($source_method, get_class_methods($source_class))) {
// Get the data from the class
if ($source_format == 'optionsobject') {
$options = array_merge($options, $source_class::$source_method());
} else {
$source_data = $source_class::$source_method();
// Loop through the data and prime the $options array
foreach ($source_data as $k => $v) {
$key = empty($source_key) || $source_key == '*' ? $k : $v[$source_key];
$value = empty($source_value) || $source_value == '*' ? $v : $v[$source_value];
if ($source_translate) {
$value = JText::_($value);
}
$options[] = JHtml::_('select.option', $key, $value, 'value', 'text');
}
}
}
}
}
reset($options);
return $options;
}
/**
* When a user saves their profile, we need to set the two factor data
*
* @since 1.3
* @access public
* @param string
* @return
*/
public function onEditBeforeSave(&$data, SocialUser &$user)
{
// This feature is only available if the totp plugins are enabled
if (!SocialTwoFactorHelper::isEnabled()) {
return;
}
// Determines if the user wants to enable two factor authentication
$enabled = isset($data[$this->inputName]) ? $data[$this->inputName] : false;
// Ensure that the user selects a two factor authentication method
$method = isset($data['twofactor_method']) ? $data['twofactor_method'] : false;
// If the method is not totp, we don't wan't to do anything
if ($method != 'totp' || !$enabled) {
// We also want to make sure the user's OTP and OTEP is cleared
$user->otpKey = '';
$user->otep = '';
return;
}
$twofactor = isset($data['jform']) ? $data['jform'] : false;
if (!$twofactor) {
return;
}
$twofactor = json_decode($twofactor);
// Get the user's otp configuration
$otpConfig = $user->getOtpConfig();
// If user has already configured.
if ($otpConfig->method && $otpConfig->method != 'none') {
return;
}
// Trigger Joomla's twofactorauth plugin to process the configuration since we do not want to handle those encryption stuffs.
FOFPlatform::getInstance()->importPlugin('twofactorauth');
$otpConfigReplies = FOFPlatform::getInstance()->runPlugins('onUserTwofactorApplyConfiguration', array($method));
// Look for a valid reply
foreach ($otpConfigReplies as $reply) {
if (!is_object($reply) || empty($reply->method) || $reply->method != $method) {
continue;
}
$otpConfig->method = $reply->method;
$otpConfig->config = $reply->config;
break;
}
// If the method is still none, we need to disable this
if ($otpConfig->method == 'none') {
$data[$this->inputName] = false;
}
// If the method is still false, we need to ensure that twofactor is disabled
// Generate one time emergency passwords if required (depleted or not set)
if (empty($otpConfig->otep)) {
$otpConfig->otep = SocialTwoFactorHelper::generateOteps($otpConfig);
}
// Save OTP configuration.
$user->setOtpConfig($otpConfig);
return true;
}
/**
* Runs before rendering the view template, echoing HTML to put before the
* view template's generated HTML
*
* @return void
*/
protected function preRender()
{
$view = $this->input->getCmd('view', 'cpanel');
$task = $this->getModel()->getState('task', 'browse');
// Don't load the toolbar on CLI
if (!FOFPlatform::getInstance()->isCli()) {
$toolbar = FOFToolbar::getAnInstance($this->input->getCmd('option', 'com_foobar'), $this->config);
$toolbar->perms = $this->perms;
$toolbar->renderToolbar($view, $task, $this->input);
}
$renderer = $this->getRenderer();
$renderer->preRender($view, $task, $this->input, $this->config);
}
/**
* Method to get the list of access levels
*
* @return array A list of access levels.
*
* @since 2.0
*/
protected function getOptions()
{
$db = FOFPlatform::getInstance()->getDbo();
$query = $db->getQuery(true);
$query->select('a.id AS value, a.title AS text');
$query->from('#__viewlevels AS a');
$query->group('a.id, a.title, a.ordering');
$query->order('a.ordering ASC');
$query->order($query->qn('title') . ' ASC');
// Get the options.
$db->setQuery($query);
$options = $db->loadObjectList();
return $options;
}
/**
* Retrieves the two factor plugin forms
*
* @since 1.3
* @access public
* @param string
* @return
*/
public static function getForm($userId = '')
{
FOFPlatform::getInstance()->importPlugin('twofactorauth');
if (!$userId) {
$otpConfig = new stdClass();
$otpConfig->method = 'none';
$otpConfig->config = array();
$otpConfig->otep = array();
} else {
$user = FD::user($userId);
$otpConfig = $user->getOtpConfig();
}
return FOFPlatform::getInstance()->runPlugins('onUserTwofactorShowConfiguration', array($otpConfig, $userId));
}
/**
* The event runs after FOFModel has called FOFTable and retrieved a single
* item from the database. It is used to apply automatic filters.
*
* @param FOFModel &$model The model which was called
* @param FOFTable &$record The record loaded from the databae
*
* @return void
*/
public function onAfterGetItem(&$model, &$record)
{
if ($record instanceof FOFTable) {
$fieldName = $record->getColumnAlias('created_by');
// Make sure the field actually exists
if (!in_array($fieldName, $record->getKnownFields())) {
return;
}
$user_id = FOFPlatform::getInstance()->getUser()->id;
if ($record->{$fieldName} != $user_id) {
$record = null;
}
}
}
public function buildQuery($overrideLimits = false)
{
$table = $this->getTable();
$tableName = $table->getTableName();
$tableKey = $table->getKeyName();
$db = $this->getDbo();
$query = $db->getQuery(true);
// Call the behaviors
$this->modelDispatcher->trigger('onBeforeBuildQuery', array(&$this, &$query));
$alias = $this->getTableAlias();
if ($alias) {
$alias = ' AS ' . $db->qn($alias);
} else {
$alias = '';
}
$select = $this->getTableAlias() ? $db->qn($this->getTableAlias()) . '.*' : $db->qn($tableName) . '.*';
$query->select($select)->from($db->qn($tableName) . $alias);
//Frontend
if (FOFPlatform::getInstance()->isFrontend()) {
//Enabled
$query->where($db->qn('enabled') . " = " . $db->quote('1'));
//Access
$query->where($db->quoteName('access') . " IN (" . implode(',', JFactory::getUser()->getAuthorisedViewLevels()) . ")");
}
if (!$overrideLimits) {
if (FOFPlatform::getInstance()->isFrontend()) {
$order = 'ordering';
} else {
$order = $this->getState('filter_order', null, 'cmd');
}
if (!in_array($order, array_keys($table->getData()))) {
$order = $tableKey;
}
$order = $db->qn($order);
if ($alias) {
$order = $db->qn($this->getTableAlias()) . '.' . $order;
}
if (FOFPlatform::getInstance()->isFrontend()) {
$dir = 'ASC';
} else {
$dir = $this->getState('filter_order_Dir', 'ASC', 'cmd');
}
$query->order($order . ' ' . $dir);
}
// Call the behaviors
$this->modelDispatcher->trigger('onAfterBuildQuery', array(&$this, &$query));
return $query;
}
/**
* The event runs after FOFModel has called FOFTable and retrieved a single
* item from the database. It is used to apply automatic filters.
*
* @param FOFModel &$model The model which was called
* @param FOFTable &$record The record loaded from the databae
*
* @return void
*/
public function onAfterGetItem(&$model, &$record)
{
if ($record instanceof FOFTable) {
$fieldName = $record->getColumnAlias('access');
// Make sure the field actually exists
if (!in_array($fieldName, $record->getKnownFields())) {
return;
}
// Get the user
$user = FOFPlatform::getInstance()->getUser();
// Filter by authorised access levels
if (!in_array($record->{$fieldName}, $user->getAuthorisedViewLevels())) {
$record = null;
}
}
}
/**
* This event runs after we have built the query used to fetch a record
* list in a model. It is used to apply automatic query filters.
*
* @param FOFModel &$model The model which calls this event
* @param JDatabaseQuery &$query The model which calls this event
*
* @return void
*/
public function onAfterBuildQuery(&$model, &$query)
{
// This behavior only applies to the front-end.
if (!FOFPlatform::getInstance()->isFrontend()) {
return;
}
// Get the name of the enabled field
$table = $model->getTable();
$enabledField = $table->getColumnAlias('enabled');
// Make sure the field actually exists
if (!in_array($enabledField, $table->getKnownFields())) {
return;
}
// Filter by enabled fields only
$db = FOFPlatform::getInstance()->getDbo();
$query->where($db->qn($enabledField) . ' = ' . $db->q(1));
}
/**
* Public constructor
*
* @param array $config The configuration array
*/
public function __construct($config = array())
{
// Make sure $config is an array
if (is_object($config)) {
$config = (array) $config;
} elseif (!is_array($config)) {
$config = array();
}
// Get the input
if (array_key_exists('input', $config)) {
if ($config['input'] instanceof FOFInput) {
$this->input = $config['input'];
} else {
$this->input = new FOFInput($config['input']);
}
} else {
$this->input = new FOFInput();
}
// Set the database object
if (array_key_exists('dbo', $config)) {
$this->db = $config['dbo'];
} else {
$this->db = FOFPlatform::getInstance()->getDbo();
}
// Set the $name/$_name variable
$component = $this->input->getCmd('option', 'com_foobar');
if (array_key_exists('option', $config)) {
$component = $config['option'];
}
// Figure out where the XML schema files are stored
if (array_key_exists('dbinstaller_directory', $config)) {
$this->xmlDirectory = $config['dbinstaller_directory'];
} else {
// Nothing is defined, assume the files are stored in the sql/xml directory inside the component's administrator section
$directories = FOFPlatform::getInstance()->getComponentBaseDirs($component);
$this->setXmlDirectory($directories['admin'] . '/sql/xml');
}
// Do we have a set of XML files to look for?
if (array_key_exists('dbinstaller_files', $config)) {
$files = $config['dbinstaller_files'];
if (!is_array($files)) {
$files = explode(',', $files);
}
$this->xmlFiles = $files;
}
}
/**
* Create and initialise the object
*
* @param string $option Component name, e.g. com_foobar
* @param string $version The current component version, as reported by the component
* @param string $date The current component release date, as reported by the component
*/
public function __construct($option, $version, $date)
{
// Initialise from parameters
$this->option = $option;
$this->version = $version;
$this->date = $date;
// Retrieve the date and version from the #__extensions table
$db = FOFPlatform::getInstance()->getDbo();
$query = $db->getQuery(true)->select('*')->from($db->qn('#__extensions'))->where($db->qn('element') . ' = ' . $db->q($this->option))->where($db->qn('type') . ' = ' . $db->q('component'));
$extension = $db->setQuery($query)->loadObject();
// Check the version and date against those from #__extensions. I hate heavily nested IFs as much as the next
// guy, but what can you do...
if (!is_null($extension)) {
$manifestCache = $extension->manifest_cache;
if (!empty($manifestCache)) {
$manifestCache = json_decode($manifestCache, true);
if (is_array($manifestCache) && isset($manifestCache['creationDate']) && isset($manifestCache['version'])) {
// Make sure the fileslist.php version and date match the component's version
if ($this->version != $manifestCache['version']) {
$this->wrongComponentVersion = true;
}
if ($this->date != $manifestCache['creationDate']) {
$this->wrongComponentVersion = true;
}
}
}
}
// Try to load the fileslist.php file from the component's back-end root
$filePath = JPATH_ADMINISTRATOR . '/components/' . $this->option . '/fileslist.php';
if (!file_exists($filePath)) {
return;
}
include $filePath;
// Make sure the fileslist.php version and date match the component's version
if ($this->version != $phpFileChecker['version']) {
$this->wrongFilesVersion = true;
}
if ($this->date != $phpFileChecker['date']) {
$this->wrongFilesVersion = true;
}
// Initialise the files and directories lists
$this->fileList = $phpFileChecker['files'];
$this->dirList = $phpFileChecker['directories'];
}
/**
* Displays the view
*
* @param string $tpl The template to use
*
* @return boolean|null False if we can't render anything
*/
public function display($tpl = null)
{
$model = $this->getModel();
// Get the form
$this->form = $model->getForm();
$this->form->setModel($model);
$this->form->setView($this);
// Get the task set in the model
$task = $model->getState('task', 'browse');
// Call the relevant method
$method_name = 'on' . ucfirst($task);
if (method_exists($this, $method_name)) {
$result = $this->{$method_name}($tpl);
} else {
$result = $this->onDisplay();
}
// Bail out if we're told not to render anything
if ($result === false) {
return;
}
// Show the view
// -- Output HTML before the view template
$this->preRender();
// -- Try to load a view template; if not exists render the form directly
$basePath = FOFPlatform::getInstance()->isBackend() ? 'admin:' : 'site:';
$basePath .= $this->config['option'] . '/';
$basePath .= $this->config['view'] . '/';
$path = $basePath . $this->getLayout();
if ($tpl) {
$path .= '_' . $tpl;
}
$viewTemplate = $this->loadAnyTemplate($path);
// If there was no template file found, display the form
if ($viewTemplate instanceof Exception) {
$viewTemplate = $this->getRenderedForm();
}
// -- Output the view template
echo $viewTemplate;
// -- Output HTML after the view template
$this->postRender();
}
/**
* Method to finds the full real file path, checking possible overrides
*
* @return string The full path to the layout file
*/
protected function getPath()
{
$filesystem = FOFPlatform::getInstance()->getFilesystem();
if (is_null($this->fullPath) && !empty($this->layoutId)) {
$parts = explode('.', $this->layoutId);
$file = array_pop($parts);
$filePath = implode('/', $parts);
$suffixes = FOFPlatform::getInstance()->getTemplateSuffixes();
foreach ($suffixes as $suffix) {
$files[] = $file . $suffix . '.php';
}
$files[] = $file . '.php';
$possiblePaths = array(JPATH_THEMES . '/' . JFactory::getApplication()->getTemplate() . '/html/layouts/' . $filePath, $this->basePath . '/' . $filePath);
reset($files);
while ((list(, $fileName) = each($files)) && is_null($this->fullPath)) {
$r = $filesystem->pathFind($possiblePaths, $fileName);
$this->fullPath = $r === false ? null : $r;
}
}
return $this->fullPath;
}
/**
* Loads the component's configuration parameters so they can be accessed by getComponentConfigurationValue
*
* @param string $component The component for loading the parameters
* @param bool $force Should I force-reload the configuration information?
*/
public static final function loadComponentConfig($component, $force = false)
{
if (isset(self::$componentParams[$component]) && !is_null(self::$componentParams[$component]) && !$force) {
return;
}
$db = FOFPlatform::getInstance()->getDbo();
$sql = $db->getQuery(true)->select($db->qn('params'))->from($db->qn('#__extensions'))->where($db->qn('type') . ' = ' . $db->q('component'))->where($db->qn('element') . " = " . $db->q($component));
$db->setQuery($sql);
$config_ini = $db->loadResult();
// OK, Joomla! 1.6 stores values JSON-encoded so, what do I do? Right!
$config_ini = trim($config_ini);
if (substr($config_ini, 0, 1) == '{' && substr($config_ini, -1) == '}') {
$config_ini = json_decode($config_ini, true);
} else {
$config_ini = FOFUtilsIniParser::parse_ini_file($config_ini, false, true);
}
if (is_null($config_ini) || empty($config_ini)) {
$config_ini = array();
}
self::$componentParams[$component] = $config_ini;
}
/**
* Creates a new download object and assigns it the most fitting download adapter
*/
public function __construct()
{
// Find the best fitting adapter
$allAdapters = self::getFiles(__DIR__ . '/adapter', array(), array('abstract.php'));
$priority = 0;
foreach ($allAdapters as $adapterInfo) {
if (!class_exists($adapterInfo['classname'], true)) {
continue;
}
/** @var FOFDownloadAdapterAbstract $adapter */
$adapter = new $adapterInfo['classname']();
if (!$adapter->isSupported()) {
continue;
}
if ($adapter->priority > $priority) {
$this->adapter = $adapter;
$priority = $adapter->priority;
}
}
// Load the language strings
FOFPlatform::getInstance()->loadTranslations('lib_fof');
}
/**
* This event runs after we have built the query used to fetch a record
* list in a model. It is used to apply automatic query filters.
*
* @param FOFModel &$model The model which calls this event
* @param JDatabaseQuery &$query The model which calls this event
*
* @return void
*/
public function onAfterBuildQuery(&$model, &$query)
{
// This behavior only applies to the front-end.
if (!FOFPlatform::getInstance()->isFrontend()) {
return;
}
// Get the name of the language field
$table = $model->getTable();
$languageField = $table->getColumnAlias('language');
// Make sure the access field actually exists
if (!in_array($languageField, $table->getKnownFields())) {
return;
}
// Make sure it is a multilingual site and get a list of languages
$app = JFactory::getApplication();
$hasLanguageFilter = method_exists($app, 'getLanguageFilter');
if ($hasLanguageFilter) {
$hasLanguageFilter = $app->getLanguageFilter();
}
if (!$hasLanguageFilter) {
return;
}
$lang_filter_plugin = JPluginHelper::getPlugin('system', 'languagefilter');
$lang_filter_params = new JRegistry($lang_filter_plugin->params);
$languages = array('*');
if ($lang_filter_params->get('remove_default_prefix')) {
// Get default site language
$lg = JFactory::getLanguage();
$languages[] = $lg->getTag();
} else {
$languages[] = JFactory::getApplication()->input->getCmd('language', '*');
}
// Filter out double languages
$languages = array_unique($languages);
// And filter the query output by these languages
$db = JFactory::getDbo();
$languages = array_map(array($db, 'quote'), $languages);
$query->where($db->qn($languageField) . ' IN (' . implode(',', $languages) . ')');
}
/**
* Method to finds the full real file path, checking possible overrides
*
* @return string The full path to the layout file
*/
protected function getPath()
{
$filesystem = FOFPlatform::getInstance()->getIntegrationObject('filesystem');
if (is_null($this->fullPath) && !empty($this->layoutId)) {
$parts = explode('.', $this->layoutId);
$file = array_pop($parts);
$filePath = implode('/', $parts);
$suffixes = FOFPlatform::getInstance()->getTemplateSuffixes();
foreach ($suffixes as $suffix) {
$files[] = $file . $suffix . '.php';
}
$files[] = $file . '.php';
$platformDirs = FOFPlatform::getInstance()->getPlatformBaseDirs();
$prefix = FOFPlatform::getInstance()->isBackend() ? $platformDirs['admin'] : $platformDirs['root'];
$possiblePaths = array($prefix . '/templates/' . JFactory::getApplication()->getTemplate() . '/html/layouts/' . $filePath, $this->basePath . '/' . $filePath);
reset($files);
while ((list(, $fileName) = each($files)) && is_null($this->fullPath)) {
$r = $filesystem->pathFind($possiblePaths, $fileName);
$this->fullPath = $r === false ? null : $r;
}
}
return $this->fullPath;
}
/**
* Load a class for one of the form's entities of a particular type.
* Currently, it makes sense to use this method for the "field" and "rule" entities
* (but you can support more entities in your subclass).
*
* @param string $entity One of the form entities (field or rule).
* @param string $type Type of an entity.
*
* @return mixed Class name on success or false otherwise.
*
* @since 2.0
*/
public static function loadClass($entity, $type)
{
if (strpos($type, '.')) {
list($prefix, $type) = explode('.', $type);
$altPrefix = $prefix;
} else {
$prefix = 'FOF';
$altPrefix = 'J';
}
$class = JString::ucfirst($prefix, '_') . 'Form' . JString::ucfirst($entity, '_') . JString::ucfirst($type, '_');
$altClass = JString::ucfirst($altPrefix, '_') . 'Form' . JString::ucfirst($entity, '_') . JString::ucfirst($type, '_');
if (class_exists($class)) {
return $class;
} elseif (class_exists($altClass)) {
return $altClass;
}
// Get the field search path array.
$paths = self::addPath($entity);
// If the type is complex, add the base type to the paths.
if ($pos = strpos($type, '_')) {
// Add the complex type prefix to the paths.
for ($i = 0, $n = count($paths); $i < $n; $i++) {
// Derive the new path.
$path = $paths[$i] . '/' . strtolower(substr($type, 0, $pos));
// If the path does not exist, add it.
if (!in_array($path, $paths)) {
$paths[] = $path;
}
}
// Break off the end of the complex type.
$type = substr($type, $pos + 1);
}
// Try to find the class file.
$type = strtolower($type) . '.php';
$filesystem = FOFPlatform::getInstance()->getIntegrationObject('filesystem');
foreach ($paths as $path) {
if ($file = $filesystem->pathFind($path, $type)) {
require_once $file;
if (class_exists($class)) {
break;
} elseif (class_exists($altClass)) {
break;
}
}
}
// Check for all if the class exists.
if (class_exists($class)) {
return $class;
} elseif (class_exists($altClass)) {
return $altClass;
} else {
return false;
}
}
/**
* Shows the configuration page for this two factor authentication method.
*
* @param object $otpConfig The two factor auth configuration object
* @param integer $user_id The numeric user ID of the user whose form we'll display
*
* @return boolean|string False if the method is not ours, the HTML of the configuration page otherwise
*
* @see UsersModelUser::getOtpConfig
* @since 3.2
*/
public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null)
{
// Create a new TOTP class with Google Authenticator compatible settings
$totp = new FOFEncryptTotp(30, 6, 10);
if ($otpConfig->method == $this->methodName) {
// This method is already activated. Reuse the same secret key.
$secret = $otpConfig->config['code'];
} else {
// This methods is not activated yet. Create a new secret key.
$secret = $totp->generateSecret();
}
// These are used by Google Authenticator to tell accounts apart
$username = JFactory::getUser($user_id)->username;
$hostname = JFactory::getURI()->getHost();
// This is the URL to the QR code for Google Authenticator
$url = $totp->getUrl($username, $hostname, $secret);
// Is this a new TOTP setup? If so, we'll have to show the code validation field.
$new_totp = $otpConfig->method != 'totp';
// Start output buffering
@ob_start();
// Include the form.php from a template override. If none is found use the default.
$path = FOFPlatform::getInstance()->getTemplateOverridePath('plg_twofactorauth_totp', true);
JLoader::import('joomla.filesystem.file');
if (JFile::exists($path . 'form.php')) {
include_once $path . 'form.php';
} else {
include_once __DIR__ . '/tmpl/form.php';
}
// Stop output buffering and get the form contents
$html = @ob_get_clean();
// Return the form contents
return array('method' => $this->methodName, 'form' => $html);
}
/**
* Creates a list of two factor authentication methods used in com_users
* on user view
*
* @return array
*
* @since 3.2.0
*/
public static function getTwoFactorMethods()
{
// Load the Joomla! RAD layer
if (!defined('FOF_INCLUDED')) {
include_once JPATH_LIBRARIES . '/fof/include.php';
}
FOFPlatform::getInstance()->importPlugin('twofactorauth');
$identities = FOFPlatform::getInstance()->runPlugins('onUserTwofactorIdentify', array());
$options = array(JHtml::_('select.option', 'none', JText::_('JGLOBAL_OTPMETHOD_NONE'), 'value', 'text'));
if (!empty($identities)) {
foreach ($identities as $identity) {
if (!is_object($identity)) {
continue;
}
$options[] = JHtml::_('select.option', $identity->method, $identity->title, 'value', 'text');
}
}
return $options;
}
/**
* Autoload Helpers
*
* @param string $class_name The name of the class to load
*
* @return void
*/
public function autoload_fof_helper($class_name)
{
JLog::add(__METHOD__ . "() autoloading {$class_name}", JLog::DEBUG, 'fof');
static $isCli = null, $isAdmin = null;
if (is_null($isCli) && is_null($isAdmin)) {
list($isCli, $isAdmin) = FOFDispatcher::isCliAdmin();
}
if (strpos($class_name, 'Helper') === false) {
return;
}
// Change from camel cased into a lowercase array
$class_modified = preg_replace('/(\\s)+/', '_', $class_name);
$class_modified = strtolower(preg_replace('/(?<=\\w)([A-Z])/', '_\\1', $class_modified));
$parts = explode('_', $class_modified);
// We need three parts in the name
if (count($parts) != 3) {
return;
}
// We need the second part to be "model"
if ($parts[1] != 'helper') {
return;
}
// Get the information about this class
$component_raw = $parts[0];
$component = 'com_' . $parts[0];
$view = $parts[2];
// Is this an FOF 2.1 or later component?
if (!$this->isFOFComponent($component)) {
return;
}
// Get the alternate view and class name (opposite singular/plural name)
$alt_view = FOFInflector::isSingular($view) ? FOFInflector::pluralize($view) : FOFInflector::singularize($view);
$alt_class = FOFInflector::camelize($component_raw . '_helper_' . $alt_view);
// Get the proper and alternate paths and file names
$componentPaths = FOFPlatform::getInstance()->getComponentBaseDirs($component);
$file = "/helpers/{$view}.php";
$altFile = "/helpers/{$alt_view}.php";
$path = $componentPaths['main'];
$altPath = $componentPaths['alt'];
// Try to find the proper class in the proper path
if (file_exists($path . $file)) {
@(include_once $path . $file);
}
// Try to find the proper class in the alternate path
if (!class_exists($class_name) && file_exists($altPath . $file)) {
@(include_once $altPath . $file);
}
// Try to find the alternate class in the proper path
if (!class_exists($alt_class) && file_exists($path . $altFile)) {
@(include_once $path . $altFile);
}
// Try to find the alternate class in the alternate path
if (!class_exists($alt_class) && file_exists($altPath . $altFile)) {
@(include_once $altPath . $altFile);
}
// If the alternate class exists just map the class to the alternate
if (!class_exists($class_name) && class_exists($alt_class)) {
$this->class_alias($alt_class, $class_name);
}
}
/**
* Creates a field Object based on the field column type
*
* @param object $field The field informations
* @param array $config The field configuration (like the db object to use)
*
* @return FOFModelField The Field object
*/
public static function getField($field, $config = array())
{
$type = $field->type;
$classType = self::getFieldType($type);
$className = 'FOFModelField' . $classType;
if (class_exists($className)) {
if (isset($config['dbo'])) {
$db = $config['dbo'];
} else {
$db = FOFPlatform::getInstance()->getDbo();
}
if (isset($config['table_alias'])) {
$table_alias = $config['table_alias'];
} else {
$table_alias = false;
}
$field = new $className($db, $field, $table_alias);
return $field;
}
return false;
}
/**
* This method should handle any authentication and report back to the subject
*
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
* @param object &$response Authentication response object
*
* @return boolean
*
* @since 1.5
*/
public function onUserAuthenticate($credentials, $options, &$response)
{
$response->type = 'Joomla';
// Joomla does not like blank passwords
if (empty($credentials['password'])) {
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
return false;
}
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true)->select('id, password')->from('#__users')->where('username='******'username']));
$db->setQuery($query);
$result = $db->loadObject();
if ($result) {
$match = JUserHelper::verifyPassword($credentials['password'], $result->password, $result->id);
if ($match === true) {
// Bring this in line with the rest of the system
$user = JUser::getInstance($result->id);
$response->email = $user->email;
$response->fullname = $user->name;
if (JFactory::getApplication()->isAdmin()) {
$response->language = $user->getParam('admin_language');
} else {
$response->language = $user->getParam('language');
}
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
} else {
// Invalid password
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
} else {
// Invalid user
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
}
// Check the two factor authentication
if ($response->status == JAuthentication::STATUS_SUCCESS) {
require_once JPATH_ADMINISTRATOR . '/components/com_users/helpers/users.php';
$methods = UsersHelper::getTwoFactorMethods();
if (count($methods) <= 1) {
// No two factor authentication method is enabled
return;
}
require_once JPATH_ADMINISTRATOR . '/components/com_users/models/user.php';
$model = new UsersModelUser();
// Load the user's OTP (one time password, a.k.a. two factor auth) configuration
if (!array_key_exists('otp_config', $options)) {
$otpConfig = $model->getOtpConfig($result->id);
$options['otp_config'] = $otpConfig;
} else {
$otpConfig = $options['otp_config'];
}
// Check if the user has enabled two factor authentication
if (empty($otpConfig->method) || $otpConfig->method == 'none') {
// Warn the user if he's using a secret code but he has not
// enabed two factor auth in his account.
if (!empty($credentials['secretkey'])) {
try {
$app = JFactory::getApplication();
$this->loadLanguage();
$app->enqueueMessage(JText::_('PLG_AUTH_JOOMLA_ERR_SECRET_CODE_WITHOUT_TFA'), 'warning');
} catch (Exception $exc) {
// This happens when we are in CLI mode. In this case
// no warning is issued
return;
}
}
return;
}
// Load the Joomla! RAD layer
if (!defined('FOF_INCLUDED')) {
include_once JPATH_LIBRARIES . '/fof/include.php';
}
// Try to validate the OTP
FOFPlatform::getInstance()->importPlugin('twofactorauth');
$otpAuthReplies = FOFPlatform::getInstance()->runPlugins('onUserTwofactorAuthenticate', array($credentials, $options));
$check = false;
/*
* This looks like noob code but DO NOT TOUCH IT and do not convert
* to in_array(). During testing in_array() inexplicably returned
* null when the OTEP begins with a zero! o_O
*/
if (!empty($otpAuthReplies)) {
foreach ($otpAuthReplies as $authReply) {
$check = $check || $authReply;
}
}
// Fall back to one time emergency passwords
if (!$check) {
// Did the user use an OTEP instead?
if (empty($otpConfig->otep)) {
if (empty($otpConfig->method) || $otpConfig->method == 'none') {
// Two factor authentication is not enabled on this account.
// Any string is assumed to be a valid OTEP.
return true;
} else {
/*
* Two factor authentication enabled and no OTEPs defined. The
* user has used them all up. Therefore anything he enters is
* an invalid OTEP.
*/
return false;
}
}
// Clean up the OTEP (remove dashes, spaces and other funny stuff
// our beloved users may have unwittingly stuffed in it)
$otep = $credentials['secretkey'];
$otep = filter_var($otep, FILTER_SANITIZE_NUMBER_INT);
$otep = str_replace('-', '', $otep);
$check = false;
// Did we find a valid OTEP?
if (in_array($otep, $otpConfig->otep)) {
// Remove the OTEP from the array
$otpConfig->otep = array_diff($otpConfig->otep, array($otep));
$model->setOtpConfig($result->id, $otpConfig);
// Return true; the OTEP was a valid one
$check = true;
}
}
if (!$check) {
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_SECRETKEY');
}
}
}
