/**
* Method to display a view.
*
* @param boolean If true, the view output will be cached
* @param array An array of safe url parameters and their variable types, for valid values see {@link JFilterInput::clean()}.
*
* @return JController This object to support chaining.
* @since 1.5
*/
public function display($cachable = false, $urlparams = false)
{
Plugin::import('content');
$vName = Request::getCmd('view', 'images');
switch ($vName) {
case 'imagesList':
$mName = 'list';
$vLayout = Request::getCmd('layout', 'default');
break;
case 'images':
default:
$vLayout = Request::getCmd('layout', 'default');
$mName = 'manager';
$vName = 'images';
break;
}
$vType = Document::getType();
// Get/Create the view
$view = $this->getView($vName, $vType);
$view->addTemplatePath(JPATH_COMPONENT_ADMINISTRATOR . '/views/' . strtolower($vName) . '/tmpl');
// Get/Create the model
if ($model = $this->getModel($mName)) {
// Push the model into the view (as default)
$view->setModel($model, true);
}
// Set the layout
$view->setLayout($vLayout);
// Display the view
$view->display();
return $this;
}
function display($tpl = null)
{
$user = User::getRoot();
// If this is an auth_link account update, carry on, otherwise raise an error
if (!is_object($user) || !array_key_exists('auth_link_id', $user) || !is_numeric($user->get('username')) || !$user->get('username') < 0) {
App::abort('405', 'Method not allowed');
return;
}
// Get and add the js and extra css to the page
\Hubzero\Document\Assets::addComponentStylesheet('com_users', 'link.css');
\Hubzero\Document\Assets::addComponentStylesheet('com_users', 'providers.css');
\Hubzero\Document\Assets::addComponentScript('com_users', 'link');
// Import a few things
jimport('joomla.user.helper');
// Look up a few things
$hzal = \Hubzero\Auth\Link::find_by_id($user->get("auth_link_id"));
$hzad = \Hubzero\Auth\Domain::find_by_id($hzal->auth_domain_id);
$plugins = Plugin::byType('authentication');
// Get the display name for the current plugin being used
Plugin::import('authentication', $hzad->authenticator);
$plugin = Plugin::byType('authentication', $hzad->authenticator);
$pparams = new \Hubzero\Config\Registry($plugin->params);
$refl = new ReflectionClass("plgAuthentication{$plugin->name}");
$display_name = $pparams->get('display_name', $refl->hasMethod('onGetLinkDescription') ? $refl->getMethod('onGetLinkDescription')->invoke(NULL) : ucfirst($plugin->name));
// Look for conflicts - first check in the hub accounts
$profile_conflicts = \Hubzero\User\Profile\Helper::find_by_email($hzal->email);
// Now check the auth_link table
$link_conflicts = \Hubzero\Auth\Link::find_by_email($hzal->email, array($hzad->id));
$conflict = array();
if ($profile_conflicts) {
foreach ($profile_conflicts as $p) {
$user_id = JUserHelper::getUserId($p);
$juser = User::getInstance($user_id);
$auth_link = \Hubzero\Auth\Link::find_by_user_id($juser->id);
$dname = is_object($auth_link) && $auth_link->auth_domain_name ? $auth_link->auth_domain_name : 'hubzero';
$conflict[] = array("auth_domain_name" => $dname, "name" => $juser->name, "email" => $juser->email);
}
}
if ($link_conflicts) {
foreach ($link_conflicts as $l) {
$juser = User::getInstance($l['user_id']);
$conflict[] = array("auth_domain_name" => $l['auth_domain_name'], "name" => $juser->name, "email" => $l['email']);
}
}
// Make sure we don't somehow have any duplicate conflicts
$conflict = array_map("unserialize", array_unique(array_map("serialize", $conflict)));
// @TODO: Could also check for high probability of name matches???
// Get the site name
$sitename = Config::get('sitename');
// Assign variables to the view
$this->assign('hzal', $hzal);
$this->assign('hzad', $hzad);
$this->assign('plugins', $plugins);
$this->assign('display_name', $display_name);
$this->assign('conflict', $conflict);
$this->assign('sitename', $sitename);
$this->assignref('juser', $user);
parent::display($tpl);
}
/**
* Constructor.
* @param $argv array task arguments
*/
function UsageStatsLoader($args)
{
parent::FileLoader($args);
$this->_geoLocationTool = new GeoLocationTool();
$plugin = PluginRegistry::getPlugin('generic', 'usagestatsplugin');
// Load the metric type constant.
PluginRegistry::loadCategory('reports');
$this->_plugin = $plugin;
$this->_plugin->import('UsageStatsTemporaryRecordDAO');
$statsDao = new UsageStatsTemporaryRecordDAO();
DAORegistry::registerDAO('UsageStatsTemporaryRecordDAO', $statsDao);
$this->_counterRobotsListFile = $this->_getCounterRobotListFile();
$journalDao = DAORegistry::getDAO('JournalDAO');
/* @var $journalDao JournalDAO */
$journalFactory = $journalDao->getAll();
/* @var $journalFactory DAOResultFactory */
$journalsByPath = array();
while ($journal = $journalFactory->next()) {
/* @var $journal Journal */
$journalsByPath[$journal->getPath()] = $journal;
}
$this->_journalsByPath = $journalsByPath;
$this->checkFolderStructure(true);
}
/**
* Method to display a view.
*
* @param boolean If true, the view output will be cached
* @param array An array of safe url parameters and their variable types, for valid values see {@link JFilterInput::clean()}.
*
* @return JController This object to support chaining.
* @since 1.5
*/
public function display($cachable = false, $urlparams = false)
{
Plugin::import('content');
$vName = Request::getCmd('view', 'media');
switch ($vName) {
case 'images':
$vLayout = Request::getCmd('layout', 'default');
$mName = 'manager';
break;
case 'imagesList':
$mName = 'list';
$vLayout = Request::getCmd('layout', 'default');
break;
case 'mediaList':
$mName = 'list';
$vLayout = Request::getState('media.list.layout', 'layout', 'thumbs', 'word');
break;
case 'media':
default:
$vName = 'media';
$vLayout = Request::getCmd('layout', 'default');
$mName = 'manager';
break;
}
$vType = Document::getType();
// Get/Create the view
$view = $this->getView($vName, $vType);
// Get/Create the model
if ($model = $this->getModel($mName)) {
// Push the model into the view (as default)
$view->setModel($model, true);
}
// Set the layout
$view->setLayout($vLayout);
// Display the view
$view->display();
return $this;
}
/**
* Save group settings
*
* @return void
*/
public function saveTask()
{
// Check if they're logged in
if (User::isGuest()) {
$this->loginTask(Lang::txt('COM_GROUPS_CREATE_MUST_BE_LOGGED_IN'));
return;
}
Request::checkToken();
// Incoming
$g_gidNumber = Request::getInt('gidNumber', 0, 'post');
$c_gidNumber = Request::getVar('gidNumber', 0, 'post');
if ((string) $g_gidNumber !== (string) $c_gidNumber) {
App::abort(404, Lang::txt('COM_GROUPS_ERROR_NO_ID'));
}
if (!$g_gidNumber && !User::authorise('core.create', $this->_option) || $g_gidNumber && !User::authorise('core.edit', $this->_option)) {
return App::redirect(Route::url('index.php?option=' . $this->_option), Lang::txt('COM_GROUPS_ERROR_NOT_AUTH'), 'warning');
}
$g_cn = trim(Request::getVar('cn', '', 'post'));
$g_description = preg_replace('/\\s+/', ' ', trim(Request::getVar('description', Lang::txt('NONE'), 'post')));
$g_discoverability = Request::getInt('discoverability', 0, 'post');
$g_public_desc = Sanitize::stripScripts(trim(Request::getVar('public_desc', '', 'post', 'none', 2)));
$g_private_desc = Sanitize::stripScripts(trim(Request::getVar('private_desc', '', 'post', 'none', 2)));
$g_restrict_msg = Sanitize::stripScripts(trim(Request::getVar('restrict_msg', '', 'post', 'none', 2)));
$g_join_policy = Request::getInt('join_policy', 0, 'post');
$tags = trim(Request::getVar('tags', ''));
$lid = Request::getInt('lid', 0, 'post');
$customization = Request::getVar('group', '', 'POST', 'none', 2);
$plugins = Request::getVar('group_plugin', '', 'POST');
$params = Request::getVar('params', array(), 'POST');
$g_discussion_email_autosubscribe = Request::getInt('discussion_email_autosubscribe', 0, 'post');
//Check authorization
if ($this->_authorize() != 'manager' && $g_gidNumber != 0 && !$this->_authorizedForTask('group.edit')) {
$this->_errorHandler(403, Lang::txt('COM_GROUPS_ERROR_NOT_AUTH'));
}
//are we editing or creating
if ($g_gidNumber) {
$group = Group::getInstance($g_gidNumber);
$this->_task = 'edit';
$before = Group::getInstance($g_gidNumber);
} else {
$this->_task = 'new';
$group = new Group();
$before = new Group();
}
// Check for any missing info
if (!$g_cn) {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_MISSING_INFORMATION') . ': ' . Lang::txt('COM_GROUPS_DETAILS_FIELD_CN'), 'error');
}
if (!$g_description) {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_MISSING_INFORMATION') . ': ' . Lang::txt('COM_GROUPS_DETAILS_FIELD_DESCRIPTION'), 'error');
}
// Ensure the data passed is valid
if ($g_cn == 'new' || $g_cn == 'browse') {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_INVALID_ID'), 'error');
}
if (!$this->_validCn($g_cn)) {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_INVALID_ID'), 'error');
}
if ($this->_task == 'new' && Group::exists($g_cn, true)) {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_ID_TAKEN'), 'error');
}
// Get the logo
$logo = '';
if (isset($customization['logo'])) {
$logo_parts = explode("/", $customization['logo']);
$logo = array_pop($logo_parts);
}
// Plugin settings
$plugin_access = '';
foreach ($plugins as $plugin) {
$plugin_access .= $plugin['name'] . '=' . $plugin['access'] . ',' . "\n";
}
// Run content through validation and spam filters
if (trim($g_public_desc)) {
$results = Event::trigger('content.onContentBeforeSave', array('com_groups.group.public_desc', &$g_public_desc, $this->_task == 'new'));
foreach ($results as $result) {
if ($result === false) {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_FAILED_VALIDATION'), 'error');
break;
}
}
}
// Push back into edit mode if any errors
if ($this->getNotifications()) {
$group->set('cn', $g_cn);
$group->set('description', $g_description);
$group->set('public_desc', $g_public_desc);
$group->set('private_desc', $g_private_desc);
$group->set('join_policy', $g_join_policy);
$group->set('restrict_msg', $g_restrict_msg);
$group->set('discoverability', $g_discoverability);
$group->set('discussion_email_autosubscribe', $g_discussion_email_autosubscribe);
$group->set('logo', $logo);
$group->set('plugins', $plugin_access);
$this->lid = $lid;
$this->group = $group;
$this->tags = $tags;
$this->editTask();
return;
}
// Build the e-mail message
if ($this->_task == 'new') {
$subject = Lang::txt('COM_GROUPS_SAVE_EMAIL_REQUESTED_SUBJECT', $g_cn);
$type = 'groups_created';
} else {
$subject = Lang::txt('COM_GROUPS_SAVE_EMAIL_UPDATED_SUBJECT', $g_cn);
$type = 'groups_changed';
}
if ($this->_task == 'new') {
$group->set('cn', $g_cn);
$group->set('type', 1);
$group->set('published', 1);
$group->set('approved', $this->config->get('auto_approve', 1));
$group->set('created', Date::toSql());
$group->set('created_by', User::get('id'));
$group->add('managers', array(User::get('id')));
$group->add('members', array(User::get('id')));
$group->create();
}
// merge incoming settings with existing params
$params = new Registry($params);
$gParams = new Registry($group->get('params'));
$gParams->merge($params);
//set group vars & Save group
$group->set('description', $g_description);
$group->set('public_desc', $g_public_desc);
$group->set('private_desc', $g_private_desc);
$group->set('join_policy', $g_join_policy);
$group->set('restrict_msg', $g_restrict_msg);
$group->set('discoverability', $g_discoverability);
$group->set('logo', $logo);
$group->set('plugins', $plugin_access);
$group->set('discussion_email_autosubscribe', $g_discussion_email_autosubscribe);
$group->set('params', $gParams->toString());
$group->update();
// Process tags
$gt = new Tags($group->get('gidNumber'));
$gt->setTags($tags, User::get('id'));
// Rename the temporary upload directory if it exist
$log_comments = '';
Event::trigger('groups.onGroupAfterSave', array($before, $group));
if ($this->_task == 'new') {
if ($lid != $group->get('gidNumber')) {
$config = $this->config;
$bp = PATH_APP . DS . trim($this->config->get('uploadpath', '/site/groups'), DS);
if (is_dir($bp . DS . $lid)) {
rename($bp . DS . $lid, $bp . DS . $group->get('gidNumber'));
}
}
$log_action = 'group_created';
// Trigger the functions that delete associated content
// Should return logs of what was deleted
$logs = Event::trigger('groups.onGroupNew', array($group));
if (count($logs) > 0) {
$log_comments .= implode('', $logs);
}
} else {
$log_action = 'group_edited';
}
// log invites
Log::log(array('gidNumber' => $group->get('gidNumber'), 'action' => $log_action, 'comments' => $log_comments));
// Build the e-mail message
// Note: this is done *before* pushing the changes to the group so we can show, in the message, what was changed
$eview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'saved'));
$eview->option = $this->_option;
$eview->user = User::getRoot();
$eview->group = $group;
$message['plaintext'] = $eview->loadTemplate();
$message['plaintext'] = str_replace("\n", "\r\n", $message['plaintext']);
$eview->setLayout('saved');
$message['multipart'] = $eview->loadTemplate();
$message['multipart'] = str_replace("\n", "\r\n", $message['multipart']);
// Get the administrator e-mail
$emailadmin = Config::get('mailfrom');
// Get the "from" info
$from = array('name' => Config::get('sitename') . ' ' . Lang::txt(strtoupper($this->_name)), 'email' => Config::get('mailfrom'));
//only email managers if updating group
if ($type == 'groups_changed') {
// build array of managers
$managers = $group->get('managers');
// create new message
Plugin::import('xmessage');
if (!Event::trigger('onSendMessage', array($type, $subject, $message, $from, $managers, $this->_option))) {
$this->setNotification(Lang::txt('GROUPS_ERROR_EMAIL_MANAGERS_FAILED'), 'error');
}
}
//only inform site admin if the group wasn't auto-approved
if (!$this->config->get('auto_approve', 1) && $group->get('approved') == 0) {
// create approval subject
$subject = Lang::txt('COM_GROUPS_SAVE_WAITING_APPROVAL', Config::get('sitename'));
// build approval message
$link = 'https://' . trim($_SERVER['HTTP_HOST'], DS) . DS . 'groups' . DS . $group->get('cn');
$link2 = 'https://' . trim($_SERVER['HTTP_HOST'], DS) . DS . 'administrator';
$html = Lang::txt('COM_GROUPS_SAVE_WAITING_APPROVAL_DESC', $group->get('description'), $link, $link2);
$plain = Lang::txt('COM_GROUPS_SAVE_WAITING_APPROVAL_DESC', $group->get('description'), $link, $link2);
// create new message
$message = new \Hubzero\Mail\Message();
// build message object and send
$message->setSubject($subject)->addFrom($from['email'], $from['name'])->setTo($emailadmin)->addHeader('X-Mailer', 'PHP/' . phpversion())->addHeader('X-Component', 'com_groups')->addHeader('X-Component-Object', 'group_pending_approval')->addHeader('X-Component-ObjectId', $group->get('gidNumber'))->addPart($plain, 'text/plain')->addPart($html, 'text/html')->send();
}
// create home page
if ($this->_task == 'new') {
// create page
$page = new Page(array('gidNumber' => $group->get('gidNumber'), 'parent' => 0, 'lft' => 1, 'rgt' => 2, 'depth' => 0, 'alias' => 'overview', 'title' => 'Overview', 'state' => 1, 'privacy' => 'default', 'home' => 1));
$page->store(false);
// create page version
$version = new Page\Version(array('pageid' => $page->get('id'), 'version' => 1, 'content' => "<!-- {FORMAT:HTML} -->\n<p>[[Group.DefaultHomePage()]]</p>", 'created' => Date::toSql(), 'created_by' => User::get('id'), 'approved' => 1));
$version->store(false);
}
// Show success message to user
if ($this->_task == 'new') {
$this->setNotification(Lang::txt('COM_GROUPS_CREATED_SUCCESS', $group->get('description')), 'passed');
} else {
$this->setNotification(Lang::txt('COM_GROUPS_UPDATED_SUCCESS', $group->get('description')), 'passed');
}
// Redirect back to the group page
App::redirect(Route::url('index.php?option=' . $this->_option . '&cn=' . $group->get('cn')));
return;
}
public function link()
{
$user = User::getInstance();
// First, they should already be logged in, so check for that
if ($user->get('guest')) {
App::abort(403, Lang::txt('You must be logged in to perform this function'));
return;
}
// Do we have a return
$return = '';
$options = array();
if ($return = Request::getVar('return', '', 'method', 'base64')) {
$return = base64_decode($return);
if (!JURI::isInternal($return)) {
$return = '';
} else {
$options['return'] = base64_encode($return);
}
}
$authenticator = Request::getVar('authenticator', '', 'method');
// If a specific authenticator is specified try to call the link method for that plugin
if (!empty($authenticator)) {
Plugin::import('authentication');
$plugin = Plugin::byType('authentication', $authenticator);
$className = 'plg' . $plugin->type . $plugin->name;
if (class_exists($className)) {
if (method_exists($className, 'link')) {
$myplugin = new $className($this, (array) $plugin);
$myplugin->link($options);
} else {
// No Link method is availble
App::redirect(Route::url('index.php?option=com_members&id=' . $user->get('id') . '&active=account'), 'Linked accounts are not currently available for this provider.', 'error');
}
}
} else {
// No authenticator provided...
App::abort(400, Lang::txt('Missing authenticator'));
return;
}
// Success! Redict with message
App::redirect(Route::url('index.php?option=com_members&id=' . $user->get('id') . '&active=account'), 'Your account has been successfully linked!');
}
/**
* Primary/default view function
*
* @return object Return
*/
private function _view()
{
// Setup our view
$view = $this->view('default', 'overview');
// Get linked accounts, if any
Plugin::import('authentication');
$view->domains_avail = Plugin::byType('authentication');
$view->hzalaccounts = \Hubzero\Auth\Link::find_by_user_id($this->user->get("id"));
// Put the used domains into an array with details available from the providers (if applicable)
$view->domains_used = array();
$view->domain_names = array();
if ($view->hzalaccounts) {
Plugin::import('authentication');
$i = 0;
foreach ($view->hzalaccounts as $authenticators) {
$plugin = Plugin::byType('authentication', $authenticators['auth_domain_name']);
// Make sure we got the plugin
if (!is_object($plugin)) {
unset($view->hzalaccounts[$i]);
continue;
}
$className = 'plg' . $plugin->type . $plugin->name;
$details = array();
if (class_exists($className)) {
if (method_exists($className, 'getInfo')) {
$details = $className::getInfo($plugin->params);
}
}
$view->domains_used[] = array('name' => $authenticators['auth_domain_name'], 'details' => $details);
$view->domain_names[] = $authenticators['auth_domain_name'];
// Increment index
$i++;
}
}
// Get unused domains
$view->domains_unused = array();
foreach ($view->domains_avail as $domain) {
if ($domain->name != 'hubzero' && !in_array($domain->name, $view->domain_names)) {
$view->domains_unused[] = $domain;
}
}
// Determine what type of password change the user needs
$hzup = \Hubzero\User\Password::getInstance($this->member->get('uidNumber'));
if (!empty($hzup->passhash)) {
// A password has already been set, now check if they're logged in with a linked account
if (array_key_exists('auth_link_id', $this->user)) {
// Logged in with linked account
$view->passtype = 'changelocal';
} else {
// Logged in with hub
$view->passtype = 'changehub';
}
} else {
// No password has been set...
$view->passtype = 'set';
}
// Get password expiration information
$view->passinfo = $this->getPassInfo();
// Get the ssh key if it exists
$view->key = $this->readKey();
// Get the password rules
$password_rules = \Hubzero\Password\Rule::getRules();
// Get the password rule descriptions
$view->password_rules = array();
foreach ($password_rules as $rule) {
if (!empty($rule['description'])) {
$view->password_rules[] = $rule['description'];
}
}
// A few more things...
$view->option = $this->option;
$view->member = $this->member;
$view->params = $this->params;
$view->notifications = $this->getPluginMessage() ? $this->getPluginMessage() : array();
// Set any errors
foreach ($this->getErrors() as $error) {
$view->setError($error);
}
return $view->loadTemplate();
}
require_once PATH_CORE . DS . 'bootstrap' . DS . 'site' . DS . 'framework.php';
$time_start = microtime(true);
/**
* CREATE THE APPLICATION
*
* NOTE :
*/
$mainframe = JFactory::getApplication('site');
/**
* INITIALISE THE APPLICATION
*
* NOTE :
*/
// set the language
$mainframe->initialise();
Plugin::import('system');
// trigger the onAfterInitialise events
Event::trigger('onAfterInitialise');
if (0) {
/**
* ROUTE THE APPLICATION
*
* NOTE :
*/
$mainframe->route();
// authorization
$Itemid = Request::getInt('Itemid');
$mainframe->authorize($Itemid);
// trigger the onAfterRoute events
Event::trigger('onAfterRoute');
/**
/**
* Method to stop tool session
*
* @apiMethod DELETE
* @apiUri /tools/{session}
* @return void
*/
public function deleteTask()
{
//get the userid and attempt to load user profile
$userid = App::get('authn')['user_id'];
$result = User::getInstance($userid);
//make sure we have a user
if (!$result->get('id')) {
throw new Exception(Lang::txt('Unable to find user.'), 404);
}
//include needed libraries
require_once dirname(dirname(__DIR__)) . '/models/middleware/session.php';
//instantiate middleware database object
$mwdb = \Components\Tools\Helpers\Utils::getMWDBO();
//get request vars
$sessionid = Request::getVar('sessionid', '');
//make sure we have the session
if (!$sessionid) {
throw new Exception('Missing session ID.', 400);
}
//load the session we are trying to stop
$ms = new \Components\Tools\Models\Middleware\Session($mwdb);
$ms->load($sessionid, $result->get("username"));
//check to make sure session exists and it belongs to the user
if (!$ms->username || $ms->username != $result->get("username")) {
throw new Exception('Session Doesn\'t Exist or Does Not Belong to User', 400);
}
//get middleware plugins
Plugin::import('mw', $ms->appname);
// Trigger any events that need to be called before session stop
Event::trigger('mw.onBeforeSessionStop', array($ms->appname));
//run command to stop session
$status = \Components\Tools\Helpers\Utils::middleware("stop {$sessionid}", $out);
// Trigger any events that need to be called after session stop
Event::trigger('mw.onAfterSessionStop', array($ms->appname));
// was the session stopped successfully
if ($status == 1) {
$object = new stdClass();
$object->session = array('session' => $sessionid, 'status' => 'stopped', 'stopped' => with(new Date())->toSql());
$this->send($object);
}
}
/**
* Method to save the form data.
*
* @param array The form data.
* @return mixed The user id on success, false on failure.
* @since 1.6
*/
public function register($temp)
{
$db = $this->getDbo();
$params = Component::params('com_users');
// Initialise the table with JUser.
$user = new JUser();
$data = (array) $this->getData();
// Merge in the registration data.
foreach ($temp as $k => $v) {
$data[$k] = $v;
}
// Prepare the data for the user object.
$data['email'] = $data['email1'];
$data['password'] = $data['password1'];
$useractivation = $params->get('useractivation');
$sendpassword = $params->get('sendpassword', 1);
// Check if the user needs to activate their account.
if ($useractivation == 1 || $useractivation == 2) {
$data['activation'] = App::hash(JUserHelper::genRandomPassword());
$data['block'] = 1;
}
// Bind the data.
if (!$user->bind($data)) {
$this->setError(Lang::txt('COM_USERS_REGISTRATION_BIND_FAILED', $user->getError()));
return false;
}
// Load the users plugin group.
Plugin::import('user');
// Store the data.
if (!$user->save()) {
$this->setError(Lang::txt('COM_USERS_REGISTRATION_SAVE_FAILED', $user->getError()));
return false;
}
// Compile the notification mail values.
$data = $user->getProperties();
$data['fromname'] = Config::get('fromname');
$data['mailfrom'] = Config::get('mailfrom');
$data['sitename'] = Config::get('sitename');
$data['siteurl'] = Request::root();
// Handle account activation/confirmation emails.
if ($useractivation == 2) {
// Set the link to confirm the user email.
$uri = JURI::getInstance();
$base = $uri->toString(array('scheme', 'user', 'pass', 'host', 'port'));
$data['activate'] = $base . Route::url('index.php?option=com_users&task=registration.activate&token=' . $data['activation'], false);
$emailSubject = Lang::txt('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']);
if ($sendpassword) {
$emailBody = Lang::txt('COM_USERS_EMAIL_REGISTERED_WITH_ADMIN_ACTIVATION_BODY', $data['name'], $data['sitename'], $data['activate'], $data['siteurl'], $data['username'], $data['password_clear']);
} else {
$emailBody = Lang::txt('COM_USERS_EMAIL_REGISTERED_WITH_ADMIN_ACTIVATION_BODY_NOPW', $data['name'], $data['sitename'], $data['activate'], $data['siteurl'], $data['username']);
}
} elseif ($useractivation == 1) {
// Set the link to activate the user account.
$uri = JURI::getInstance();
$base = $uri->toString(array('scheme', 'user', 'pass', 'host', 'port'));
$data['activate'] = $base . Route::url('index.php?option=com_users&task=registration.activate&token=' . $data['activation'], false);
$emailSubject = Lang::txt('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']);
if ($sendpassword) {
$emailBody = Lang::txt('COM_USERS_EMAIL_REGISTERED_WITH_ACTIVATION_BODY', $data['name'], $data['sitename'], $data['activate'], $data['siteurl'], $data['username'], $data['password_clear']);
} else {
$emailBody = Lang::txt('COM_USERS_EMAIL_REGISTERED_WITH_ACTIVATION_BODY_NOPW', $data['name'], $data['sitename'], $data['activate'], $data['siteurl'], $data['username']);
}
} else {
$emailSubject = Lang::txt('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']);
$emailBody = Lang::txt('COM_USERS_EMAIL_REGISTERED_BODY', $data['name'], $data['sitename'], $data['siteurl']);
}
// Send the registration email.
$return = JFactory::getMailer()->sendMail($data['mailfrom'], $data['fromname'], $data['email'], $emailSubject, $emailBody);
//Send Notification mail to administrators
if ($params->get('useractivation') < 2 && $params->get('mail_to_admin') == 1) {
$emailSubject = Lang::txt('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']);
$emailBodyAdmin = Lang::txt('COM_USERS_EMAIL_REGISTERED_NOTIFICATION_TO_ADMIN_BODY', $data['name'], $data['username'], $data['siteurl']);
// get all admin users
$query = 'SELECT name, email, sendEmail' . ' FROM #__users' . ' WHERE sendEmail=1';
$db->setQuery($query);
$rows = $db->loadObjectList();
// Send mail to all superadministrators id
foreach ($rows as $row) {
$return = JFactory::getMailer()->sendMail($data['mailfrom'], $data['fromname'], $row->email, $emailSubject, $emailBodyAdmin);
// Check for an error.
if ($return !== true) {
$this->setError(Lang::txt('COM_USERS_REGISTRATION_ACTIVATION_NOTIFY_SEND_MAIL_FAILED'));
return false;
}
}
}
// Check for an error.
if ($return !== true) {
$this->setError(Lang::txt('COM_USERS_REGISTRATION_SEND_MAIL_FAILED'));
// Send a system message to administrators receiving system mails
$db = App::get('db');
$q = "SELECT id\n\t\t\t\tFROM #__users\n\t\t\t\tWHERE block = 0\n\t\t\t\tAND sendEmail = 1";
$db->setQuery($q);
$sendEmail = $db->loadColumn();
if (count($sendEmail) > 0) {
$jdate = new \Hubzero\Utility\Date();
// Build the query to add the messages
$q = "INSERT INTO " . $db->quoteName('#__messages') . " (" . $db->quoteName('user_id_from') . ", " . $db->quoteName('user_id_to') . ", " . $db->quoteName('date_time') . ", " . $db->quoteName('subject') . ", " . $db->quoteName('message') . ") VALUES ";
$messages = array();
foreach ($sendEmail as $userid) {
$messages[] = "(" . $userid . ", " . $userid . ", '" . $jdate->toSql() . "', '" . Lang::txt('COM_USERS_MAIL_SEND_FAILURE_SUBJECT') . "', '" . Lang::txt('COM_USERS_MAIL_SEND_FAILURE_BODY', $return, $data['username']) . "')";
}
$q .= implode(',', $messages);
$db->setQuery($q);
$db->query();
}
return false;
}
if ($useractivation == 1) {
return "useractivate";
} elseif ($useractivation == 2) {
return "adminactivate";
} else {
return $user->id;
}
}
<?php
break;
default:
break;
}
?>
<form action="<?php
echo Route::url('index.php?option=' . $this->option . '&' . ($this->task == 'create' ? 'return=' . $form_redirect : 'task=' . $this->task));
?>
" method="post" id="hubForm">
<?php
if ($this->task == 'create' && empty($this->xregistration->_invalid) && empty($this->xregistration->_missing)) {
// Check to see if third party auth plugins are enabled
Plugin::import('authentication');
$plugins = Plugin::byType('authentication');
$authenticators = array();
foreach ($plugins as $p) {
if ($p->name != 'hubzero') {
$pparams = new \Hubzero\Config\Registry($p->params);
$display = $pparams->get('display_name', ucfirst($p->name));
$authenticators[] = array('name' => $p->name, 'display' => $display);
}
}
// There are third party plugins, so show them on the registration form
if (!empty($authenticators)) {
$this->css('providers.css', 'com_users');
?>
<div class="explaination">
<p class="info">You can choose to log in via one of these services, and we'll help you fill in the info below!</p>
/**
* Loads all the plugin files for a particular type if no specific plugin is specified
* otherwise only the specific plugin is loaded.
*
* @param string $type The plugin type, relates to the sub-directory in the plugins directory.
* @param string $plugin The plugin name.
* @param boolean $autocreate Autocreate the plugin.
* @param JDispatcher $dispatcher Optionally allows the plugin to use a different dispatcher.
*
* @return boolean True on success.
*
* @since 11.1
*/
public static function importPlugin($type, $plugin = null, $autocreate = true, $dispatcher = null)
{
// [!] Hubzero
if (class_exists('\\Plugin')) {
return \Plugin::import($type, $plugin, $autocreate, $dispatcher);
}
static $loaded = array();
// check for the default args, if so we can optimise cheaply
$defaults = false;
if (is_null($plugin) && $autocreate == true && is_null($dispatcher)) {
$defaults = true;
}
if (!isset($loaded[$type]) || !$defaults) {
$results = null;
// Load the plugins from the database.
$plugins = self::_load();
// Get the specified plugin(s).
for ($i = 0, $t = count($plugins); $i < $t; $i++) {
if ($plugins[$i]->type == $type && ($plugin === null || $plugins[$i]->name == $plugin)) {
self::_import($plugins[$i], $autocreate, $dispatcher);
$results = true;
}
}
// Bail out early if we're not using default args
if (!$defaults) {
return $results;
}
$loaded[$type] = $results;
}
return $loaded[$type];
}
/**
* Returns the appropriate adapter
*
* @param string $name The adapter name to instantiate
* @param array $params Any initialization parameters
* @param string $key A custom key under which to store the adapter
* @return object
**/
public static function adapter($name, $params = [], $key = null)
{
$key = $key ?: $name . '.' . md5(serialize($params));
if (!isset(self::$adapters[$key])) {
// Import filesystem plugins
Plugin::import('filesystem');
// Get the adapter
$plugin = 'plgFilesystem' . ucfirst($name);
$adapter = $plugin::init($params);
self::$adapters[$key] = new Flysystem($adapter);
}
// Return the filesystem connection
return self::$adapters[$key];
}
/**
* Method to display the view.
*
* @param string The template file to include
* @since 1.5
*/
public function display($tpl = null)
{
// Get the view data.
$this->user = User::getInstance();
$this->form = $this->get('Form');
$this->state = $this->get('State');
$this->params = $this->state->get('params');
// Make sure we're using a secure connection
if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') {
App::redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
die('insecure connection and redirection failed');
}
// Check for errors.
if (count($errors = $this->get('Errors'))) {
App::abort(500, implode('<br />', $errors));
return false;
}
// Check for layout override
$active = \App::get('menu')->getActive();
if (isset($active->query['layout'])) {
$this->setLayout($active->query['layout']);
}
//Escape strings for HTML output
$this->pageclass_sfx = htmlspecialchars($this->params->get('pageclass_sfx'));
$this->prepareDocument();
$furl = base64_encode(Request::current(true));
$this->freturn = $furl;
// HUBzero: If we have a return set with an authenticator in it, we're linking an existing account
// Parse the return to retrive the authenticator, and remove it from the list below
$auth = '';
if ($return = Request::getVar('return', null, 'GET', 'BASE64')) {
$decoded_return = base64_decode($return);
$query = parse_url($decoded_return);
if (is_array($query) && isset($query['query'])) {
$query = $query['query'];
$query = explode('&', $query);
$auth = '';
foreach ($query as $q) {
$n = explode('=', $q);
if ($n[0] == 'authenticator') {
$auth = $n[1];
}
}
}
}
// Set return if is isn't already
if (is_null($return) && is_object($active)) {
$return = $active->params->get('login_redirect_url', Route::url('index.php?option=com_members&task=myaccount'));
$return = base64_encode($return);
}
// Figure out whether or not any of our third party auth plugins are turned on
// Don't include the 'hubzero' plugin, or the $auth plugin as described above
$multiAuth = false;
$plugins = Plugin::byType('authentication');
$authenticators = array();
$remember_me_default = 0;
foreach ($plugins as $p) {
$client = App::get('client')->alias . '_login';
$pparams = new \Hubzero\Config\Registry($p->params);
// Make sure plugin is enabled for a given client
if (!$pparams->get($client, false)) {
continue;
}
if ($p->name != 'hubzero' && $p->name != $auth) {
$display = $pparams->get('display_name', ucfirst($p->name));
$authenticators[$p->name] = array('name' => $p->name, 'display' => $display);
$multiAuth = true;
} else {
if ($p->name == 'hubzero') {
$remember_me_default = $pparams->get('remember_me_default', 0);
$this->site_display = $pparams->get('display_name', Config::get('sitename'));
$this->local = true;
}
}
}
// Override $multiAuth if authenticator is set to hubzero
if (Request::getWord('authenticator') == 'hubzero') {
$multiAuth = false;
}
// Set the return if we have it...
$this->returnQueryString = !empty($return) ? "&return={$return}" : '';
$this->multiAuth = $multiAuth;
$this->return = $return;
$this->authenticators = $authenticators;
$this->totalauths = count($plugins);
$this->remember_me_default = $remember_me_default;
// if authenticator is specified call plugin display method, otherwise (or if method does not exist) use default
$authenticator = Request::getVar('authenticator', '', 'method');
Plugin::import('authentication');
foreach ($plugins as $plugin) {
$className = 'plg' . $plugin->type . $plugin->name;
if (class_exists($className)) {
$myplugin = new $className($this, (array) $plugin);
if (method_exists($className, 'status')) {
$status[$plugin->name] = $myplugin->status();
$this->status = $status;
}
if ($plugin->name != $authenticator) {
continue;
}
if (method_exists($className, 'display')) {
$result = $myplugin->display($this, $tpl);
return $result;
}
}
}
parent::display($tpl);
}
/**
* Method to save the form data.
*
* @param array The form data.
* @return boolean True on success.
* @since 1.6
*/
public function save($data)
{
Plugin::import('user');
// Check the super admin permissions for group
// We get the parent group permissions and then check the group permissions manually
// We have to calculate the group permissions manually because we haven't saved the group yet
$parentSuperAdmin = JAccess::checkGroup($data['parent_id'], 'core.admin');
// Get core.admin rules from the root asset
$rules = JAccess::getAssetRules('root.1')->getData('core.admin');
// Get the value for the current group (will be true (allowed), false (denied), or null (inherit)
$groupSuperAdmin = $rules['core.admin']->allow($data['id']);
// We only need to change the $groupSuperAdmin if the parent is true or false. Otherwise, the value set in the rule takes effect.
if ($parentSuperAdmin === false) {
// If parent is false (Denied), effective value will always be false
$groupSuperAdmin = false;
} elseif ($parentSuperAdmin === true) {
// If parent is true (allowed), group is true unless explicitly set to false
$groupSuperAdmin = $groupSuperAdmin === false ? false : true;
}
// Check for non-super admin trying to save with super admin group
$iAmSuperAdmin = User::authorise('core.admin');
if (!$iAmSuperAdmin && $groupSuperAdmin) {
try {
throw new Exception(Lang::txt('JLIB_USER_ERROR_NOT_SUPERADMIN'));
} catch (Exception $e) {
$this->setError($e->getMessage());
return false;
}
}
// Check for super-admin changing self to be non-super-admin
// First, are we a super admin>
if ($iAmSuperAdmin) {
// Next, are we a member of the current group?
$myGroups = JAccess::getGroupsByUser(User::get('id'), false);
if (in_array($data['id'], $myGroups)) {
// Now, would we have super admin permissions without the current group?
$otherGroups = array_diff($myGroups, array($data['id']));
$otherSuperAdmin = false;
foreach ($otherGroups as $otherGroup) {
$otherSuperAdmin = $otherSuperAdmin ? $otherSuperAdmin : JAccess::checkGroup($otherGroup, 'core.admin');
}
// If we would not otherwise have super admin permissions
// and the current group does not have super admin permissions, throw an exception
if (!$otherSuperAdmin && !$groupSuperAdmin) {
try {
throw new Exception(Lang::txt('JLIB_USER_ERROR_CANNOT_DEMOTE_SELF'));
} catch (Exception $e) {
$this->setError($e->getMessage());
return false;
}
}
}
}
// Proceed with the save
return parent::save($data);
}
/**
* Stops a session and redirects upon success
*
* @return void
*/
public function stopTask()
{
// Check that the user is logged in
if (User::isGuest()) {
$this->loginTask();
return;
}
// Incoming
$sess = Request::getVar('sess', '');
$rtrn = base64_decode(Request::getVar('return', '', 'method', 'base64'));
$rediect = $this->config->get('stopRedirect', 'index.php?option=com_members&task=myaccount');
// Ensure we have a session
if (!$sess) {
App::redirect(Route::url($redirect));
return;
}
// Double-check that the user owns this session.
$mwdb = \Components\Tools\Helpers\Utils::getMWDBO();
$ms = new \Components\Tools\Tables\Session($mwdb);
if ($this->config->get('access-admin-session')) {
$ms->load($sess);
} else {
$ms->load($sess, User::get('username'));
}
// Did we get a result form the database?
if (!$ms->username) {
App::redirect(Route::url($rediect));
return;
}
// Get plugins
Plugin::import('mw', $ms->appname);
// Trigger any events that need to be called before session stop
Event::trigger('mw.onBeforeSessionStop', array($ms->appname));
// Stop the session
$status = $this->middleware("stop {$sess}", $output);
if ($status == 0) {
echo '<p>Stopping ' . $sess . '<br />';
if (is_array($output)) {
foreach ($output as $line) {
echo $line . "\n";
}
} else {
if (is_string($output)) {
echo $output . "\n";
}
}
echo '</p>' . "\n";
}
// Trigger any events that need to be called after session stop
Event::trigger('mw.onAfterSessionStop', array($ms->appname));
// Log activity
Event::trigger('system.logActivity', ['activity' => ['action' => 'deleted', 'scope' => 'tool.session', 'scope_id' => $sess, 'description' => Lang::txt('COM_TOOLS_ACTIVITY_SESSION_DELETED', $sess), 'details' => array('tool' => $ms->appname)], 'recipients' => array(['user', User::get('id')])]);
// Take us back to the main page...
if ($rtrn) {
App::redirect($rtrn);
} else {
App::redirect(Route::url($rediect));
}
}
/**
* Method to save the form data.
*
* @param array The form data.
* @return mixed The user id on success, false on failure.
* @since 1.6
*/
public function save($data)
{
$userId = !empty($data['id']) ? $data['id'] : (int) $this->getState('user.id');
$user = new JUser($userId);
// Prepare the data for the user object.
$data['email'] = $data['email1'];
$data['password'] = $data['password1'];
// Unset the username if it should not be overwritten
$username = $data['username'];
$isUsernameCompliant = $this->getState('user.username.compliant');
if (!Component::params('com_users')->get('change_login_name') && $isUsernameCompliant) {
unset($data['username']);
}
// Unset the block so it does not get overwritten
unset($data['block']);
// Unset the sendEmail so it does not get overwritten
unset($data['sendEmail']);
// Bind the data.
if (!$user->bind($data)) {
$this->setError(Lang::txt('COM_USERS_PROFILE_BIND_FAILED', $user->getError()));
return false;
}
// Load the users plugin group.
Plugin::import('user');
// Null the user groups so they don't get overwritten
$user->groups = null;
// Store the data.
if (!$user->save()) {
$this->setError($user->getError());
return false;
}
return $user->id;
}
/**
* Import a set of plugins
*
* @return object
*/
public function importPlugin($type = '')
{
\Plugin::import($type);
return $this;
}
<?php
Plugin::import('basecamp-contact');
?>
<form method="POST" action="<?php
echo $action;
?>
" id="invoice-create">
<div id="messages"></div>
<fieldset>
<legend>Client</legend>
<label>First Name</label>
<input type="text" name="Invoice[client_first_name]" />
<span class="help"></span><br/>
<label>Last Name</label>
<input type="text" name="Invoice[client_last_name]" />
<span class="help"></span><br/>
<label>E-mail</label>
<input type="text" name="Invoice[client_email]" />
<span class="help"></span><br/>
<label>Company</label>
<input type="text" name="Invoice[company]" />
<span class="help"></span><br/>
</fieldset>
<fieldset>
<legend>Project</legend>
<label>Name</label>
<input type="text" name="Invoice[project]" />
<span class="help"></span><br/>
<label>Description</label>
<textarea name="Invoice[description]"></textarea>