/**
* Method to get the data that should be injected in the form.
*
* @return array The default data is an empty array.
* @since 1.6
*/
protected function loadFormData()
{
// Check the session for previously entered login form data.
$app = JFactory::getApplication();
$data = $app->getUserState('users.login.form.data', array());
// check for return URL from the request first
if ($return = JRequest::getVar('return', '', 'method', 'base64'))
{
$data['return'] = base64_decode($return);
if (!JURI::isInternal($data['return']))
{
$data['return'] = '';
}
}
// Set the return URL if empty.
if (!isset($data['return']) || empty($data['return']))
{
$data['return'] = 'index.php?option=com_users&view=profile';
}
$app->setUserState('users.login.form.data', $data);
$this->preprocessData('com_users.login', $data);
return $data;
}
/**
* Returns the server
*
* @return JTable A database object
*
* @since 2.0.0
*/
public function getItem()
{
// Load the server
$id = $this->getState('server.id');
$item = $this->getTable();
if (!$item->load($id) || $item->published != 1) {
$this->setError(JText::_('COM_EXTERNALLOGIN_ERROR_SERVER_UNPUBLISHED'));
return false;
}
// Compute the url
$app = JFactory::getApplication();
$url = $app->input->server->getString('HTTP_REFERER');
if (empty($url) || !JURI::isInternal($url)) {
$redirect = JFactory::getApplication()->getParams('com_externallogin')->get('redirect');
$url = JURI::getInstance()->toString(array('scheme', 'user', 'pass', 'host', 'port')) . JRoute::_('index.php?Itemid=' . $redirect, true);
}
// Compute the URI
$uri = JFactory::getURI($url);
// Return the service/URL
if (JFactory::getUser()->guest) {
$uri->setVar('server', $item->id);
$results = $app->triggerEvent('onGetLoginUrl', array($item, $uri));
if (!empty($results)) {
return $results[0];
} else {
$this->setError(JText::_('COM_EXTERNALLOGIN_ERROR_OCCURS'));
}
} else {
return $uri;
}
}
/**
* Retrieve path to file in hard disk based from file URL
*
* @param string $file URL to the file
* @return string
*/
public static function getFilePath($file)
{
// Located file from root
if (strpos($file, '/') === 0) {
if (file_exists($tmp = realpath(str_replace(JUri::root(true), JPATH_ROOT, $file)))) {
return $tmp;
} elseif (file_exists($tmp = realpath($_SERVER['DOCUMENT_ROOT'] . '/' . $file))) {
return $tmp;
} elseif (file_exists($tmp = realpath(JPATH_ROOT . '/' . $file))) {
return $tmp;
}
}
if (strpos($file, '://') !== false && JURI::isInternal($file)) {
$path = parse_url($file, PHP_URL_PATH);
if (file_exists($tmp = realpath($_SERVER['DOCUMENT_ROOT'] . '/' . $path))) {
return $tmp;
} elseif (file_exists($tmp = realpath(JPATH_ROOT . '/' . $path))) {
return $tmp;
}
}
$rootURL = JUri::root();
$currentURL = JUri::current();
$currentPath = JPATH_ROOT . '/' . substr($currentURL, strlen($rootURL));
$currentPath = str_replace(DIRECTORY_SEPARATOR, '/', $currentPath);
$currentPath = dirname($currentPath);
return JPath::clean($currentPath . '/' . $file);
}
/**
* Saves a category
*
* @return void
* @since 1.5.5
*/
public function save()
{
$model = $this->getModel('editcategory');
// Get limitstart from request to set the correct limitstart (page) for redirect url
$slimitstart = '';
if (JRequest::getVar('limitstart', null) != null) {
$slimitstart = '&limitstart=' . JRequest::getInt('limitstart', 0);
}
// Set default redirect URL
$redirect = 'index.php?view=usercategories' . $slimitstart;
// Check whether a redirect is requested
if ($url = JRequest::getVar('redirect', '', '', 'base64')) {
$url = base64_decode($url);
if (JURI::isInternal($url)) {
$redirect = $url;
}
}
if ($id = $model->store()) {
$msg = JText::_('COM_JOOMGALLERY_COMMON_MSG_CATEGORY_SAVED');
$this->setRedirect(JRoute::_($redirect, false), $msg);
} else {
$msg = $model->getError();
$this->setRedirect(JRoute::_($redirect, false), $msg, 'error');
}
}
/**
* Method to get the login form.
*
* The base form is loaded from XML and then an event is fired
* for users plugins to extend the form with extra fields.
*
* @access public
* @param string $type The type of form to load (view, model);
* @return mixed JForm object on success, false on failure.
* @since 1.0
*/
function &getLoginForm()
{
// Set the form loading options.
$options = array('array' => false, 'event' => 'onPrepareUsersLoginForm', 'group' => 'users');
// Get the form.
$form = $this->getForm('login', 'com_users.login', $options);
// Check for an error.
if (JError::isError($form)) {
return $form;
}
// Check the session for previously entered login form data.
$app =& JFactory::getApplication();
$data = $app->getUserState('users.login.form.data', array());
// check for return URL from the request first
if ($return = JRequest::getVar('return', '', 'method', 'base64')) {
$data['return'] = base64_decode($return);
if (!JURI::isInternal($data['return'])) {
$data['return'] = '';
}
}
// Set the return URL if empty.
if (!isset($data['return']) || empty($data['return'])) {
$data['return'] = 'index.php?option=com_users&view=profile';
}
$app->setUserState('users.login.form.data', $data);
// Bind the form data if present.
if (!empty($data)) {
$form->bind($data);
}
return $form;
}
/**
* Uploads the selected images
*
* @return void
* @since 1.5.5
*/
public function upload()
{
$this->_mainframe = JFactory::getApplication();
$type = $this->_mainframe->getUserStateFromRequest('joom.upload.type', 'type', 'single', 'post', 'cmd');
// If the applet in JAVA upload checks for the serverProtocol,
// it issues a HEAD request
// Simply return an empty doc to send a HTTP 200
if ($type == 'java' && $_SERVER['REQUEST_METHOD'] == 'HEAD') {
jexit();
}
require_once JPATH_COMPONENT_ADMINISTRATOR . '/helpers/upload.php';
$uploader = new JoomUpload();
if ($uploader->upload($type)) {
$msg = JText::_('COM_JOOMGALLERY_UPLOAD_MSG_SUCCESSFULL');
// Set redirect if we are asked for that
if ($redirect = JRequest::getVar('redirect', '', '', 'base64')) {
$url = base64_decode($redirect);
if (JURI::isInternal($url)) {
$this->setRedirect(JRoute::_($url, false), $msg);
return;
}
}
// Set a redirect according to the correspondent setting in configuration manager
$model = $this->getModel('upload');
$url = $model->getRedirectUrlAfterUpload($type);
if (!empty($url)) {
$this->setRedirect($url, $msg);
}
} else {
if ($error = $uploader->getError()) {
$this->setRedirect(JRoute::_('index.php?view=upload&tab=' . $type, false), $error, 'error');
}
}
}
/**
* Method to call when redirected back from google after authentication
* Grab the return URL if set and handle denial of app privileges from google
*
* @param object $credentials
* @param object $options
* @return void
*/
public function login(&$credentials, &$options)
{
$b64dreturn = '';
// Check the state for our return variable
if ($return = Request::getVar('state', '', 'method', 'base64')) {
$b64dreturn = base64_decode($return);
if (!JURI::isInternal($b64dreturn)) {
$b64dreturn = '';
}
}
$options['return'] = $b64dreturn;
// Set up the config for the google api instance
$client = new Google_Client();
$client->setClientId($this->params->get('app_id'));
$client->setClientSecret($this->params->get('app_secret'));
$client->setRedirectUri(self::getRedirectUri('google'));
// If we have a code comeing back, the user has authorized our app, and we can authenticate
if ($code = Request::getVar('code', NULL)) {
// Authenticate the user
$client->authenticate($code);
// Add the access token to the session
$session = App::get('session');
$session->set('google.token', $client->getAccessToken());
} else {
// User didn't authorize our app or clicked cancel
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return), Lang::txt('PLG_AUTHENTICATION_GOOGLE_MUST_AUTHORIZE_TO_LOGIN', Config::get('sitename')), 'error');
}
}
function save($apply = false)
{
jimport('joomla.version');
$version = new JVersion();
if (JFactory::getApplication()->isSite() && JRequest::getInt('Itemid', 0)) {
if (version_compare($version->getShortVersion(), '1.6', '>=')) {
$menu = JSite::getMenu();
$item = $menu->getActive();
if (is_object($item)) {
JRequest::setVar('cb_controller', $item->params->get('cb_controller', null));
JRequest::setVar('cb_category_id', $item->params->get('cb_category_id', null));
}
} else {
$params = JComponentHelper::getParams('com_contentbuilder');
JRequest::setVar('cb_controller', $params->get('cb_controller', null));
JRequest::setVar('cb_category_id', $params->get('cb_category_id', null));
}
}
JRequest::setVar('cbIsNew', 0);
JRequest::setVar('cbInternalCheck', 1);
if (JRequest::getCmd('record_id', '')) {
contentbuilder::checkPermissions('edit', JText::_('COM_CONTENTBUILDER_PERMISSIONS_EDIT_NOT_ALLOWED'), class_exists('cbFeMarker') ? '_fe' : '');
} else {
JRequest::setVar('cbIsNew', 1);
contentbuilder::checkPermissions('new', JText::_('COM_CONTENTBUILDER_PERMISSIONS_NEW_NOT_ALLOWED'), class_exists('cbFeMarker') ? '_fe' : '');
}
$model = $this->getModel('edit');
$id = $model->store();
$submission_failed = JRequest::getBool('cb_submission_failed', false);
$cb_submit_msg = JRequest::setVar('cb_submit_msg', '');
$type = 'message';
if ($id && !$submission_failed) {
$msg = JText::_('COM_CONTENTBUILDER_SAVED');
$return = JRequest::getVar('return', '');
if ($return) {
$return = base64_decode($return);
if (!JRequest::getBool('cbInternalCheck', 1)) {
JFactory::getApplication()->redirect($return, $msg);
}
if (JURI::isInternal($return)) {
JFactory::getApplication()->redirect($return, $msg);
}
}
} else {
$apply = true;
// forcing to stay in form on errors
$type = 'error';
}
if (JRequest::getVar('cb_controller') == 'edit') {
$link = JRoute::_('index.php?option=com_contentbuilder&title=' . JRequest::getVar('title', '') . (JRequest::getVar('tmpl', '') != '' ? '&tmpl=' . JRequest::getVar('tmpl', '') : '') . (JRequest::getVar('layout', '') != '' ? '&layout=' . JRequest::getVar('layout', '') : '') . '&controller=edit&return=' . JRequest::getVar('return', '') . '&Itemid=' . JRequest::getInt('Itemid', 0), false);
} else {
if ($apply) {
$link = JRoute::_('index.php?option=com_contentbuilder&title=' . JRequest::getVar('title', '') . (JRequest::getVar('tmpl', '') != '' ? '&tmpl=' . JRequest::getVar('tmpl', '') : '') . (JRequest::getVar('layout', '') != '' ? '&layout=' . JRequest::getVar('layout', '') : '') . '&controller=edit&return=' . JRequest::getVar('return', '') . '&backtolist=' . JRequest::getInt('backtolist', 0) . '&id=' . JRequest::getInt('id', 0) . '&record_id=' . $id . '&Itemid=' . JRequest::getInt('Itemid', 0) . '&limitstart=' . JRequest::getInt('limitstart', 0) . '&filter_order=' . JRequest::getCmd('filter_order'), false);
} else {
$link = JRoute::_('index.php?option=com_contentbuilder&title=' . JRequest::getVar('title', '') . (JRequest::getVar('tmpl', '') != '' ? '&tmpl=' . JRequest::getVar('tmpl', '') : '') . (JRequest::getVar('layout', '') != '' ? '&layout=' . JRequest::getVar('layout', '') : '') . '&controller=list&id=' . JRequest::getInt('id', 0) . '&limitstart=' . JRequest::getInt('limitstart', 0) . '&filter_order=' . JRequest::getCmd('filter_order') . '&Itemid=' . JRequest::getInt('Itemid', 0), false);
}
}
$this->setRedirect($link, $msg, $type);
}
public function getRequestReturnUrl()
{
if ($return = JRequest::getVar('return', '', 'method', 'base64')) {
$return = base64_decode($return);
if (!JURI::isInternal($return)) {
$return = '';
}
}
return $return;
}
/**
* Actions to perform when logging in a user session
*
* @param array $credentials login credentials
* @param array $options login options
* @return void
*/
public function login(&$credentials, &$options)
{
// Check for return param
if ($return = Request::getVar('return', '', 'method', 'base64')) {
$return = base64_decode($return);
if (!JURI::isInternal($return)) {
$return = '';
}
}
$options['return'] = $return;
}
protected function _getReturnPage()
{
$app =& JFactory::getApplication();
$context = $this->_context . '.';
if (!($return = $app->getUserState($context . '.return'))) {
$return = JRequest::getVar('return', base64_encode(JURI::base()));
}
$return = JFilterInput::getInstance()->clean($return, 'base64');
$return = base64_decode($return);
if (!JURI::isInternal($return)) {
$return = JURI::base();
}
return $return;
}
/**
* Return HTML, subitems in menu
*
* @param: Array items
* @param: int $menuid
*/
protected function renderItems($mItems, $moduleid)
{
$items = '';
if (count($mItems)) {
for ($i = 0; $i < count($mItems); $i++) {
$publish = $mItems[$i]->published == 1 ? 'Unpublish' : 'Publish';
$class_unpublish = $mItems[$i]->published == 0 ? ' unpublish' : '';
$default = $mItems[$i]->home == 1 ? ' default' : '';
$uri = new JURI($mItems[$i]->link);
$link = $uri->toString();
//if external link
if (!JURI::isInternal($link)) {
$link = $mItems[$i]->link;
} else {
$link = JURI::root() . $link;
}
//if default item
if ($mItems[$i]->home == 1) {
$link = JURI::root();
}
$attributes = $this->getCheckboxAttributes($mItems[$i]->id, $moduleid);
if ($mItems[$i]->type == 'alias') {
$aliasparams = new JRegistry();
$aliasparams->loadString($mItems[$i]->params);
$address_itemid = $aliasparams->get('aliasoptions');
if ((int) $address_itemid > 0) {
$address_item = $this->getMenuItem($address_itemid);
if (!$address_item) {
continue;
}
$link = $address_item->link;
if (strpos($link, '?') === false) {
$link .= '?aliasoptions=' . $address_itemid . '&Itemid=' . $mItems[$i]->id;
} else {
$link .= '&aliasoptions=' . $address_itemid . '&Itemid=' . $mItems[$i]->id;
}
$mItems[$i]->link = $link;
}
}
if ($this->hasChild($mItems[$i]->id)) {
$subItems = $this->getItems($mItems[$i]->menutype, $mItems[$i]->id);
//Render item
$items .= JSNHtmlHelper::openTag('li') . JSNHtmlHelper::addInputTag('checkbox', $attributes) . JSNHtmlHelper::openTag('a', array('conClick' => 'javascript:void(0);', 'class' => $default . $class_unpublish, 'href' => $link, 'title' => $this->getMenuItemType($mItems[$i]->link))) . $mItems[$i]->title . JSNHtmlHelper::closeTag('a') . JSNHtmlHelper::openTag('ul', array('class' => 'jsn-menu-items', 'id' => 'item-' + $mItems[$i]->id)) . $this->renderItems($subItems, $moduleid) . JSNHtmlHelper::closeTag('ul') . JSNHtmlHelper::closeTag('li');
} else {
$items .= JSNHtmlHelper::openTag('li') . JSNHtmlHelper::addInputTag('checkbox', $attributes) . JSNHtmlHelper::openTag('a', array('onClick' => 'javascript:void(0);', 'class' => $default . $class_unpublish, 'href' => $link, 'title' => $this->getMenuItemType($mItems[$i]->link))) . $mItems[$i]->title . JSNHtmlHelper::closeTag('a') . JSNHtmlHelper::closeTag('li');
}
}
}
return $items;
}
/**
* Get a return URL for the current page
*
* @return string Return page
*/
public static function getReturn()
{
$module = JModuleHelper::getModule("itpconnect");
$return = "";
if (!empty($module->params)) {
$params = new JRegistry($module->params);
$type = ItpcHelper::getType();
$return = ItpcHelper::getReturnURL($params, $type);
$return = base64_decode($return);
$return = JRoute::_($return, false);
}
if (!$return or !JURI::isInternal($return)) {
$return = "/";
}
return $return;
}
/**
* Method to call when redirected back from twitter after authentication
* Grab the return URL if set and handle denial of app privileges from twitter
*
* @param object $credentials
* @param object $options
* @return void
*/
public function login(&$credentials, &$options)
{
if ($return = Request::getVar('return', '', 'method', 'base64')) {
$b64dreturn = base64_decode($return);
if (!JURI::isInternal($b64dreturn)) {
$b64dreturn = '';
}
}
$options['return'] = $b64dreturn;
// Check to make sure they didn't deny our application permissions
if (Request::getWord('denied', false)) {
// User didn't authorize our app or clicked cancel
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return), Lang::txt('PLG_AUTHENTICATION_TWITTER_MUST_AUTHORIZE_TO_LOGIN', Config::get('sitename')), 'error');
return;
}
}
/**
* Uploads the selected images
*
* @return void
* @since 1.5.5
*/
public function upload()
{
$this->_mainframe = JFactory::getApplication();
$type = $this->_mainframe->getUserStateFromRequest('joom.upload.type', 'type', 'single', 'post', 'cmd');
// If the applet in JAVA upload checks for the serverProtocol,
// it issues a HEAD request
// Simply return an empty doc to send a HTTP 200
if ($type == 'java' && $_SERVER['REQUEST_METHOD'] == 'HEAD') {
jexit();
}
require_once JPATH_COMPONENT_ADMINISTRATOR . '/helpers/upload.php';
$uploader = new JoomUpload();
if ($uploader->upload($type)) {
//T.Trung
$db = JFactory::getDBO();
$db->setQuery("SELECT MAX(id) FROM #__joomgallery");
$img_id = $db->loadResult();
$db->setQuery("INSERT INTO #__joomgallery_image_details (id, details_key, details_value, ordering) VALUES ('" . $img_id . "', 'additional.tags', '" . JRequest::getVar('tags') . "', 4)");
$db->query();
$db->setQuery("INSERT INTO #__joomgallery_image_details (id, details_key, details_value, ordering) VALUES ('" . $img_id . "', 'additional.price', '" . JRequest::getVar('price') . "', 1)");
$db->query();
$db->setQuery("INSERT INTO #__joomgallery_image_details (id, details_key, details_value, ordering) VALUES ('" . $img_id . "', 'additional.code', '" . $this->generateRandomString() . "', 3)");
$db->query();
$db->setQuery("INSERT INTO #__joomgallery_image_details (id, details_key, details_value, ordering) VALUES ('" . $img_id . "', 'additional.like', 0, 2)");
$db->query();
//T.Trung end
$msg = JText::_('COM_JOOMGALLERY_UPLOAD_MSG_SUCCESSFULL');
// Set redirect if we are asked for that
if ($redirect = JRequest::getVar('redirect', '', '', 'base64')) {
$url = base64_decode($redirect);
if (JURI::isInternal($url)) {
$this->setRedirect(JRoute::_($url, false), $msg);
return;
}
}
// Set a redirect according to the correspondent setting in configuration manager
$model = $this->getModel('upload');
$url = $model->getRedirectUrlAfterUpload($type);
if (!empty($url)) {
$this->setRedirect($url, $msg);
}
} else {
if ($error = $uploader->getError()) {
$this->setRedirect(JRoute::_('index.php?view=upload&tab=' . $type, false), $error, 'error');
}
}
}
/**
* Method to call when redirected back from ORCID after authentication
* Grab the return URL if set and handle denial of app privileges from ORCID
*
* @param object $credentials
* @param object $options
* @return void
*/
public function login(&$credentials, &$options)
{
$b64dreturn = '';
// Check the state for our return variable
if ($return = Request::getVar('state', '', 'method', 'base64')) {
$b64dreturn = base64_decode($return);
if (!JURI::isInternal($b64dreturn)) {
$b64dreturn = '';
}
}
$options['return'] = $b64dreturn;
// If we have a code coming back, the user has authorized our app, and we can authenticate
if (!Request::getVar('code', NULL)) {
// User didn't authorize our app or clicked cancel
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return), Lang::txt('PLG_AUTHENTICATION_ORCID_MUST_AUTHORIZE_TO_LOGIN', Config::get('sitename')), 'error');
}
}
/**
* check if we are at the login page & there is a return URI set.
* if so, check if the return was to com_content (regarless of the view) & redirect to NotAllowed.
*/
public function handleLoginRedirect()
{
$uri = JFactory::getURI();
$task = $uri->getVar('task');
$option = $uri->getVar('option');
$view = $uri->getVar('view');
$return = $uri->getVar('return');
if (empty($task)) {
$task = JRequest::getVar('task', null);
}
if (empty($option)) {
$option = JRequest::getVar('option', null);
}
if (empty($view)) {
$view = JRequest::getVar('view', null);
}
if (empty($return)) {
$return = JRequest::getVar('return', '', 'method', 'base64');
$return = base64_decode($return);
if (function_exists('JURI::isInternal')) {
if (!JURI::isInternal($return)) {
$return = '';
}
} else {
// Copied for pre-1.5.7 compatibility
$uri = JURI::getInstance($return);
$base = $uri->toString(array('scheme', 'host', 'port', 'path'));
$host = $uri->toString(array('scheme', 'host', 'port'));
if (strpos(strtolower($base), strtolower(JURI::base())) !== 0 && !empty($host)) {
$return = '';
}
}
} else {
$return = base64_decode($return);
}
if (($option == 'com_user' || $option == 'com_users') && ($view == 'login' || strpos($task, 'login') != false) && strpos($task, 'logout') == false && !empty($return) && $return != 'index.php' && (empty($_REQUEST['username']) && empty($_REQUEST['password']))) {
$uri = new JURI($return);
$option = $uri->getVar('option');
$cr = array('com_content', 'com_mailto', 'com_newsfeeds', 'com_poll', 'com_weblinks');
if (in_array($option, $cr) || empty($option)) {
$error = new stdClass();
$error->code = 403;
$this->redirectNotAllowed($error);
}
}
}
/**
* Method to auto-populate the model state.
*
* Note. Calling getState in this method will result in recursion.
*
* @since 1.6
*/
protected function populateState()
{
$credentials = array('username' => JRequest::getVar('username', '', 'method', 'username'), 'password' => JRequest::getVar('passwd', '', 'post', 'string', JREQUEST_ALLOWRAW));
$this->setState('credentials', $credentials);
// check for return URL from the request first
if ($return = JRequest::getVar('return', '', 'method', 'base64')) {
$return = base64_decode($return);
if (!JURI::isInternal($return)) {
$return = '';
}
}
// Set the return URL if empty.
if (empty($return)) {
$return = 'index.php';
}
$this->setState('return', $return);
}
public function getList()
{
$items = parent::getList();
foreach (@$items as $item) {
$item->link = 'index.php?option=com_mysite&controller=items&view=items&task=edit&id=' . $item->item_id;
$item->id = $item->item_id;
// JHTML::_('menu.treerecurse') needs $item->id to be set
$item->name = $item->title;
if (strpos($item->url, 'Itemid') !== false || empty($item->itemid) || !JURI::isInternal($item->url) || empty($item->url)) {
// is a menulink or an external URL
$item->url_itemid = $item->url;
} else {
$item->url_itemid = $item->url . "&Itemid=" . $item->itemid;
}
}
return $items;
}
protected function loadFormData()
{
$app = JFactory::getApplication();
$data = $app->getUserState('users.login.form.data', array());
$jinput = JFactory::getApplication()->input;
// check for return URL from the request first
if ($return = $jinput->get('return', '', 'base64')) {
$data['return'] = base64_decode($return);
if (!JURI::isInternal($data['return'])) {
$data['return'] = '';
}
}
if (!isset($data['return']) || empty($data['return'])) {
$data['return'] = 'index.php?option=com_bt_socialconnect&view=profile';
}
$app->setUserState('users.login.form.data', $data);
return $data;
}
/**
* Method to get the data that should be injected in the form.
*
* @return array The default data is an empty array.
* @since 1.6
*/
protected function loadFormData()
{
// Check the session for previously entered login form data.
$app = JFactory::getApplication();
$data = $app->getUserState('users.login.form.data', array());
// check for return URL from the request first
if ($return = Request::getVar('return', '', 'method', 'base64')) {
$data['return'] = base64_decode($return);
if (!JURI::isInternal($data['return'])) {
$data['return'] = '';
}
}
// Set the return URL if empty or if it doesn't look anything like an URL (which will happen thanks to shibd setting it to encrypted data).
if (!isset($data['return']) || empty($data['return']) || !preg_match('#^(/|index[.]php|https?://)#', $data['return'])) {
$data['return'] = 'index.php?option=com_members&task=myaccount';
}
$app->setUserState('users.login.form.data', $data);
return $data;
}
/**
* Method to log out a user.
*
* @access public
* @since 1.0
*/
function logout()
{
$app =& JFactory::getApplication();
// Perform the log in.
$error = $app->logout();
// Check if the log out succeeded.
if (!JError::isError($error)) {
// Get the return url from the request and validate that it is internal.
$return = JRequest::getVar('return', '', 'method', 'base64');
$return = base64_decode($return);
if (!JURI::isInternal($return)) {
$return = '';
}
// Redirect the user.
$app->redirect(JRoute::_($return, false));
} else {
$app->redirect(JRoute::_('index.php?option=com_users&view=login', false));
}
}
function getData()
{
$this->getPlayer();
//title
$this->p_title = JText::_('BLFA_EDITFIPROF');
$this->_params = $this->JS_PageTitle($this->title ? $this->title : JText::_('BLFA_EDITFIPROF'));
$this->_lists["post_max_size"] = $this->getValSettingsServ("post_max_size");
//return
if ($return = JRequest::getVar('return', '', 'method', 'base64')) {
$return = $return;
if (!JURI::isInternal($return)) {
$return = '';
}
}
if ($this->_user->get('guest')) {
$return_url = $_SERVER['REQUEST_URI'];
$return_url = base64_encode($return_url);
if (getVer() >= '1.6') {
$uopt = "com_users";
} else {
$uopt = "com_user";
}
$return = 'index.php?option=' . $uopt . '&view=login&return=' . $return_url;
// Redirect to a login form
$this->mainframe->redirect($return, JText::_('BLMESS_NOT_LOGIN'));
}
$this->_lists["return"] = $return;
$this->getJSreg();
//Player Country registration
$this->_lists['country_reg'] = $this->getJS_Config('country_reg');
$this->_lists['country_reg_rq'] = $this->getJS_Config('country_reg_rq');
$this->getCountries();
//Nick registration
$this->_lists['nick_reg'] = $this->getJS_Config('nick_reg');
$this->_lists['nick_reg_rq'] = $this->getJS_Config('nick_reg_rq');
//Last Name registration
$this->_lists['reg_lastname'] = $this->getJS_Config('reg_lastname');
$this->_lists['reg_lastname_rq'] = $this->getJS_Config('reg_lastname_rq');
$this->_lists["teams_season"] = $this->teamsToModer();
$this->_lists["panel"] = $this->getePanel($this->_lists["teams_season"], 0, 0, 1);
//$this->_lists['seas_pl_reg'] = ""; //
}
function changePass()
{
global $option;
$user =& JFactory::getUser();
$userid = JRequest::getVar('id', 0, 'post', 'int');
// preform security checks
if ($user->get('id') == 0 || $userid == 0 || $userid != $user->get('id')) {
JError::raiseError(403, JText::_('Access Forbidden'));
return;
}
//clean request
$post = JRequest::get('post');
$post['username'] = JRequest::getVar('username', '', 'post', 'username');
$post['password'] = JRequest::getVar('password', '', 'post', 'string', JREQUEST_ALLOWRAW);
$post['password2'] = JRequest::getVar('password2', '', 'post', 'string', JREQUEST_ALLOWRAW);
// get the redirect
$return = JURI::base();
// do a password safety check
if (strlen($post['password']) || strlen($post['password2'])) {
// so that "0" can be used as password e.g.
if ($post['password'] != $post['password2']) {
$msg = JText::_('PASSWORDS_DO_NOT_MATCH');
// something is wrong. we are redirecting back to edit form.
// TODO: HTTP_REFERER should be replaced with a base64 encoded form field in a later release
$return = str_replace(array('"', '<', '>', "'"), '', @$_SERVER['HTTP_REFERER']);
if (empty($return) || !JURI::isInternal($return)) {
$return = JURI::base();
}
$this->setRedirect('index.php?option=' . $option, $msg, 'error');
return false;
}
}
// store data
$model =& $this->getModel('index', 'ModelWUser');
if ($model->store($post)) {
$msg = JText::_('Your settings have been saved.');
} else {
//$msg = JText::_( 'Error saving your settings.' );
$msg = $model->getError();
}
$this->setRedirect('index.php?option=' . $option, $msg);
}
/**
* Method to log out a user.
*
* @since 1.6
*/
public function logout()
{
JSession::checkToken('request') or jexit(JText::_('JInvalid_Token'));
$app = JFactory::getApplication();
// Perform the log in.
$error = $app->logout();
// Check if the log out succeeded.
if (!$error instanceof Exception) {
// Get the return url from the request and validate that it is internal.
$return = JRequest::getVar('return', '', 'method', 'base64');
$return = base64_decode($return);
if (!JURI::isInternal($return)) {
$return = '';
}
// Redirect the user.
$app->redirect(JRoute::_($return, false));
} else {
$app->redirect(JRoute::_('index.php?option=com_users&view=login', false));
}
}
public static function login()
{
// Check for request forgeries
JRequest::checkToken('request') or jexit('Invalid Token');
$app =& JFactory::getApplication();
if ($return = JRequest::getVar('return', '', 'method', 'base64')) {
$return = base64_decode($return);
if (!JURI::isInternal($return)) {
$return = '';
}
}
$options = array();
$options['remember'] = JRequest::getBool('remember', false);
$options['return'] = $return;
if (JDEBUG) {
dump($options, "Options");
}
$credentials = array();
$credentials['unit'] = JRequest::getVar('unit', '', 'method');
$credentials['username'] = JRequest::getVar('username', '', 'method', 'username');
$credentials['password'] = JRequest::getString('passwd', '', 'post', JREQUEST_ALLOWRAW);
if (JDEBUG) {
dump($credentials, "Credencials");
}
//preform the login action
$error = $app->login($credentials, $options);
if (!JError::isError($error)) {
// Redirect if the return url is not registration or login
if (!$return) {
$return = 'index.php?option=com_joopoauser';
}
$app->redirect($return);
} else {
// Facilitate third party login forms
if (!$return) {
$return = 'index.php?option=com_joopoauser&view=login';
}
// Redirect to a login form
$app->redirect($return);
}
}
/**
* Uploads the selected zip archiv
*
* @return void
* @since 1.5.5
*/
public function upload()
{
require_once JPATH_COMPONENT . '/helpers/upload.php';
$uploader = new JoomUpload();
if ($uploader->upload(JRequest::getCmd('type', 'batch'))) {
$msg = JText::_('COM_JOOMGALLERY_UPLOAD_MSG_SUCCESSFULL');
$url = $this->_ambit->getRedirectUrl();
// Set custom redirect if we are asked for that
if ($redirect = JRequest::getVar('redirect', '', '', 'base64')) {
$url_decoded = base64_decode($redirect);
if (JURI::isInternal($url)) {
$url = $url_decoded;
}
}
$this->setRedirect(JRoute::_($url, false), $msg);
} else {
if ($error = $uploader->getError()) {
$this->setRedirect($this->_ambit->getRedirectUrl(), $error, 'error');
}
}
}
protected function _actionLogin(KCommandContext $context)
{
if($return = KRequest::get('post.return', 'base64'))
{
$return = base64_decode($return);
if(!JURI::isInternal($return)) {
$return = '';
}
}
$options = array(
'return' => $return
);
$credentials = array(
'username' => KRequest::get('post.username', 'string'),
'password' => KRequest::get('post.password', 'raw')
);
$result = KFactory::get('joomla:application')->login($credentials, $options);
if(!JError::isError($result))
{
if(!$return) {
$return = 'index.php?option=com_users&view=user';
}
$this->_redirect = $return;
}
else
{
if(!$return) {
$return = 'index.php?option=com_users&view=login';
}
$this->setRedirect($return, $result->getError(), 'error');
}
}
function getData()
{
$this->getTeamReg();
//title
$this->p_title = JText::_('BLFA_NTEAM');
//$this->_params = $this->JS_PageTitle(JText::_('BLFA_NTEAM'));
$this->_params = $this->JS_PageTitle($this->title ? $this->title : $this->p_title);
$team_reg = $this->getJS_Config('team_reg');
if (!$team_reg) {
echo JText::_('BLFA_OPTDISAB');
exit;
}
//return
if ($return = JRequest::getVar('return', '', 'method', 'base64')) {
$return = $return;
if (!JURI::isInternal($return)) {
$return = '';
}
}
if ($this->_user->get('guest')) {
$return_url = $_SERVER['REQUEST_URI'];
$return_url = base64_encode($return_url);
if (getVer() >= '1.6') {
$uopt = "com_users";
} else {
$uopt = "com_user";
}
$return = 'index.php?option=' . $uopt . '&view=login&return=' . $return_url;
// Redirect to a login form
$this->session->set('errMess', JText::_('BLMESS_NOT_LOGIN'));
$this->session->set('typeMess', 3);
$this->mainframe->redirect($return);
}
$this->_lists["return"] = $return;
$this->getJSreg();
$this->_lists["teams_season"] = $this->teamsToModer();
$this->_lists["panel"] = $this->getePanel($this->_lists["teams_season"], 0, 0, 1);
}
/**
* Method to call when redirected back from linkedin after authentication
* Grab the return URL if set and handle denial of app privileges from linkedin
*
* @param object $credentials
* @param object $options
* @return void
*/
public function login(&$credentials, &$options)
{
$jsession = App::get('session');
$b64dreturn = '';
// Check to see if a return parameter was specified
if ($return = Request::getVar('return', '', 'method', 'base64')) {
$b64dreturn = base64_decode($return);
if (!JURI::isInternal($b64dreturn)) {
$b64dreturn = '';
}
}
// Set the return variable
$options['return'] = $b64dreturn;
// Set up linkedin configuration
$linkedin_config['appKey'] = $this->params->get('api_key');
$linkedin_config['appSecret'] = $this->params->get('app_secret');
$linkedin_config['callbackUrl'] = self::getRedirectUri('linkedin');
// Create Object
$linkedin_client = new LinkedIn($linkedin_config);
if (!Request::getVar('oauth_verifier', NULL)) {
// User didn't authorize our app, or, clicked cancel
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return), Lang::txt('PLG_AUTHENTICATION_LINKEDIN_MUST_AUTHORIZE_TO_LOGIN', Config::get('sitename')), 'error');
}
// LinkedIn has sent a response, user has granted permission, take the temp access token,
// the user's secret and the verifier to request the user's real secret key
$request = $jsession->get('linkedin.oauth.request');
$reply = $linkedin_client->retrieveTokenAccess($request['oauth_token'], $request['oauth_token_secret'], Request::getVar('oauth_verifier'));
if ($reply['success'] === TRUE) {
// The request went through without an error, gather user's 'access' tokens
$jsession->set('linkedin.oauth.access', $reply['linkedin']);
// Set the user as authorized for future quick reference
$jsession->set('linkedin.oauth.authorized', TRUE);
} else {
return new Exception(Lang::txt('PLG_AUTHENTICATION_LINKEDIN_ERROR'), 500);
}
}
