/** * Display whose online * * @return void */ public function displayTask() { // get all sessions $this->view->rows = SessionHelper::getAllSessions(array('guest' => 0, 'distinct' => 1)); // Output the HTML $this->view->display(); }
/** * Get project owners * * @param integer $projectid * @param array $filters * @return object */ public function getOwners($projectid = NULL, $filters = array()) { if ($projectid === NULL) { return false; } $online = isset($filters['online']) ? $filters['online'] : 0; $status = isset($filters['status']) ? $filters['status'] : 'active'; $sortby = isset($filters['sortby']) ? $filters['sortby'] : 'name'; $sortdir = isset($filters['sortdir']) && strtoupper($filters['sortdir']) == 'DESC' ? 'DESC' : 'ASC'; $limit = isset($filters['limit']) ? $filters['limit'] : 0; $limitstart = isset($filters['start']) ? $filters['start'] : 0; $select = isset($filters['select']) ? $filters['select'] : ''; $native = isset($filters['native']) ? $filters['native'] : '-'; $pub = isset($filters['pub_versionid']) && intval($filters['pub_versionid']) ? $filters['pub_versionid'] : ''; $connected = isset($filters['connected']) ? $filters['connected'] : 0; $query = "SELECT DISTINCT "; if (!$select) { $query .= " o.*, x.name, x.username, x.organization, x.picture, g.cn as groupname, g.description as groupdesc, p.created_by_user "; $query .= ", if (o.userid = 0, o.invited_name, x.name) as fullname "; if ($pub) { $query .= " , pa.organization as a_organization, pa.name as a_name, pa.credit "; } } else { $query .= $select; } $query .= " FROM {$this->_tbl} AS o "; $query .= " JOIN #__projects as p ON o.projectid=p.id"; if ($pub) { $query .= " LEFT JOIN #__publication_authors as pa ON o.id=pa.project_owner_id AND pa.publication_version_id=" . $this->_db->quote($pub); } $query .= " LEFT JOIN #__xprofiles as x ON o.userid=x.uidNumber "; $query .= " LEFT JOIN #__xgroups as g ON o.groupid=g.gidNumber "; if (is_numeric($projectid)) { $query .= " WHERE o.projectid=" . $this->_db->quote($projectid); } else { $query .= " WHERE p.alias=" . $this->_db->quote($projectid); } $query .= " AND (o.userid > 0 OR o.invited_email IS NOT NULL OR o.invited_name IS NOT NULL) "; if (is_numeric($status)) { $query .= " AND o.status=" . $this->_db->quote($status); } elseif ($status == 'active') { $query .= " AND o.status!=2 "; } if ($native != '-') { $query .= " AND o.native=" . $this->_db->quote($native); } if (isset($filters['role'])) { $query .= " AND o.role=" . intval($filters['role']); } if ($connected) { $query .= " AND o.userid > 0"; $query .= " AND o.params LIKE '%google_token=%'"; } if ($pub) { $query .= " GROUP BY o.id "; } $query .= " ORDER BY "; switch ($sortby) { case 'status': default: $query .= " o.status {$sortdir}, o.added DESC "; break; case 'group': $query .= " g.cn {$sortdir}, fullname ASC "; break; case 'added': $query .= " o.added DESC "; break; case 'date': $query .= " o.added {$sortdir}, fullname ASC "; break; case 'role': $query .= " o.role {$sortdir}, fullname ASC "; break; } if (isset($limit) && $limit != 0) { $query .= " LIMIT " . intval($limitstart) . ", " . intval($limit); } $this->_db->setQuery($query); $owners = $this->_db->loadObjectList(); // if we want online owners // use session helper class if ($online) { foreach ($owners as $k => $owner) { $online = SessionHelper::getSessionWithUserId($owner->userid); $owners[$k]->online = count($online); } } return $owners; }
/** * Download a file * Runs through various permissions checks to ensure user has access * * @return void */ public function downloadTask() { // Incoming $id = Request::getInt('id', 0); $alias = Request::getVar('alias', ''); $d = Request::getVar('d', 'inline'); //make sure we have a proper disposition if ($d != "inline" && $d != "attachment") { $d = "inline"; } // Load the resource $resource = new Resource($this->database); if ($alias && !$resource->loadAlias($alias)) { App::abort(404, Lang::txt('COM_RESOURCES_RESOURCE_NOT_FOUND')); return; } elseif (substr($id, 0, 4) == '9999') { $resource->id = $id; $resource->standalone = 1; $resource->path = null; $resource->created = Date::of('now')->format('Y-m-d 00:00:00'); } elseif (!$resource->load($id)) { App::abort(404, Lang::txt('COM_RESOURCES_RESOURCE_NOT_FOUND')); return; } // Check if the resource is for logged-in users only and the user is logged-in if ($token = Request::getVar('token', '', 'get')) { $token = base64_decode($token); $key = App::hash(@$_SERVER['HTTP_USER_AGENT']); $crypter = new \Hubzero\Encryption\Encrypter(new \Hubzero\Encryption\Cipher\Simple(), new \Hubzero\Encryption\Key('simple', $key, $key)); $session_id = $crypter->decrypt($token); $session = \Hubzero\Session\Helper::getSession($session_id); $user = User::getInstance($session->userid); $user->guest = 0; $user->id = $session->userid; $user->usertype = $session->usertype; } else { $user = User::getRoot(); } if ($resource->access == 1 && $user->get('guest')) { App::abort(403, Lang::txt('COM_RESOURCES_ALERTNOTAUTH')); return; } // Check if the resource is "private" and the user is allowed to view it if ($resource->access == 4 || $resource->access == 3 || !$resource->standalone) { if ($this->checkGroupAccess($resource, $user)) { App::abort(403, Lang::txt('COM_RESOURCES_ALERTNOTAUTH')); return; } } if ($resource->standalone && !$resource->path) { $resource->path = DS . trim($this->config->get('uploadpath', '/site/resources'), DS) . Html::build_path($resource->created, $resource->id, '') . DS . 'media' . DS . Request::getVar('file'); } $resource->path = trim($resource->path); // Ensure we have a path // Ensure resource is published - stemedhub #472 if (empty($resource->path) && $resource->published != 1) { App::abort(404, Lang::txt('COM_RESOURCES_FILE_NOT_FOUND')); return; } // Get the configured upload path $base_path = $this->config->get('uploadpath', '/site/resources'); if ($base_path) { $base_path = DS . trim($base_path, DS); } // Does the path start with a slash? if (substr($resource->path, 0, 1) != DS) { $resource->path = DS . $resource->path; // Does the beginning of the $resource->path match the config path? if (substr($resource->path, 0, strlen($base_path)) == $base_path) { // Yes - this means the full path got saved at some point } else { // No - append it $resource->path = $base_path . $resource->path; } } // Add root path $filename = PATH_APP . $resource->path; // Ensure the file exist if (!file_exists($filename)) { App::abort(404, Lang::txt('COM_RESOURCES_FILE_NOT_FOUND') . ' ' . $filename); return; } $ext = strtolower(\Filesystem::extension($filename)); if (!in_array($ext, array('jpg', 'jpeg', 'jpe', 'gif', 'png', 'pdf', 'htm', 'html', 'txt', 'json', 'xml'))) { $d = 'attachment'; } // Initiate a new content server and serve up the file $xserver = new \Hubzero\Content\Server(); $xserver->filename($filename); $xserver->disposition($d); $xserver->acceptranges(false); // @TODO fix byte range support if (!$xserver->serve()) { // Should only get here on error throw new Exception(Lang::txt('COM_RESOURCES_SERVER_ERROR'), 500); } else { exit; } return; }
/** * Generate a Windows tool invoke URL to redirect to * * @param string $option Name of the component * @return void */ public function invoke($option) { $no_html = Request::getInt('no_html', 0); $response = new StdClass(); $response->success = false; $response->message = Lang::txt('No invoke URL found.'); // Check for an imconing token. if ($token = Request::getVar('token', '', 'get')) { $dtoken = base64_decode($token); $key = App::hash(@$_SERVER['HTTP_USER_AGENT']); $crypter = new \Hubzero\Encryption\Encrypter(new \Hubzero\Encryption\Cipher\Simple(), new \Hubzero\Encryption\Key('simple', $key, $key)); $session_id = $crypter->decrypt($dtoken); $session = \Hubzero\Session\Helper::getSession($session_id); $user = User::getInstance($session->userid); $user->set('guest', 0); $user->set('id', $session->userid); $user->set('username', $session->username); $ip = $session->ip; } else { $user = User::getInstance(); $ip = Request::ip(); } // Is the user validated? if ($user->isGuest()) { $response->message = Lang::txt('Login is required to perform this action.'); } else { $appid = Request::getVar('appid'); // Generate the URL $url = $this->generateInvokeUrl($option, $appid, $user, $ip); if ($url) { if (!$token) { $session = App::get('session'); $session_id = $session->getId(); $key = App::hash(@$_SERVER['HTTP_USER_AGENT']); $crypter = new \Hubzero\Encryption\Encrypter(new \Hubzero\Encryption\Cipher\Simple(), new \Hubzero\Encryption\Key('simple', $key, $key)); $token = base64_encode($crypter->encrypt($session_id)); } $rurl = rtrim($this->params->get('invoke_url', 'http://wapps.hubzero.org'), '/') . '/v1?'; //standaloneUrl=' . $url; $params = array(); $params[] = 'token=' . $token; if ($appid) { $params[] = 'appid=' . $appid; } $params[] = 'standaloneUrl=' . $url; $rurl .= implode('&', $params); $response->success = true; $response->message = $rurl; if (!$no_html) { $this->view('invoke', 'display')->set('url', $rurl)->set('rurl', $_SERVER['HTTP_REFERER'])->display(); exit; App::redirect($url); } } } if (!$no_html) { App::abort(404, Lang::txt('No invoke URL found.')); } $response = json_encode($response); if ($callback = Request::getVar('callback')) { $response = $callback . '(' . $response . ')'; } echo $response; exit; }
/** * Display module contents for Admin * * @return void */ public function displayAdmin() { if (!\App::isAdmin()) { return; } // get active sessions (users online) $this->rows = SessionHelper::getAllSessions(array('guest' => 0, 'distinct' => 1)); // Get the view require $this->getLayoutPath('default_admin'); }
/** * Show the current user activity * * @return void */ public function activityTask() { // Set the page title Document::setTitle(Lang::txt(strtoupper($this->_option)) . ': ' . Lang::txt(strtoupper($this->_task))); // Set the pathway if (Pathway::count() <= 0) { Pathway::append(Lang::txt(strtoupper($this->_option)), 'index.php?option=' . $this->_option); } Pathway::append(Lang::txt(strtoupper($this->_task)), 'index.php?option=' . $this->_option . '&task=' . $this->_task); // Check if they're logged in if (User::isGuest()) { $rtrn = Request::getVar('REQUEST_URI', Route::url('index.php?option=' . $this->_controller . '&task=activity', false, true), 'server'); App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($rtrn), false)); } // Check authorization if (!User::authorise('core.manage', $this->_option)) { App::redirect(Route::url('index.php?option=' . $this->_option)); } // Get logged-in users $prevuser = ''; $user = array(); $users = array(); $guests = array(); // get sessions $result = SessionHelper::getAllSessions(array('guest' => 0)); if ($result && count($result) > 0) { foreach ($result as $row) { $row->idle = time() - $row->time; if ($prevuser != $row->username) { if ($user) { $profile = Member::oneOrNew($prevuser); $users[$prevuser] = $user; $users[$prevuser]['uidNumber'] = $profile->get('id'); $users[$prevuser]['name'] = $profile->get('name'); $users[$prevuser]['org'] = $profile->get('organization'); $users[$prevuser]['orgtype'] = $profile->get('orgtype'); $users[$prevuser]['countryresident'] = $profile->get('countryresident'); } $prevuser = $row->username; $user = array(); } array_push($user, array('ip' => $row->ip, 'idle' => $row->idle)); } if ($user) { $profile = Member::oneOrNew($prevuser); $users[$prevuser] = $user; $users[$prevuser]['uidNumber'] = $profile->get('id'); $users[$prevuser]['name'] = $profile->get('name'); $users[$prevuser]['org'] = $profile->get('organization'); $users[$prevuser]['orgtype'] = $profile->get('orgtype'); $users[$prevuser]['countryresident'] = $profile->get('countryresident'); } } // get sessions $result = SessionHelper::getAllSessions(array('guest' => 1)); if (count($result) > 0) { foreach ($result as $row) { $row->idle = time() - $row->time; array_push($guests, array('ip' => $row->ip, 'idle' => $row->idle)); } } // Output View $this->view->set('title', Lang::txt('Active Users and Guests'))->set('users', $users)->set('guests', $guests)->setErrors($this->getErrors())->display(); }