/** * Method to get the data that should be injected in the form. * * @return array The default data is an empty array. * @since 1.6 */ protected function loadFormData() { // Check the session for previously entered login form data. $app = JFactory::getApplication(); $data = $app->getUserState('users.login.form.data', array()); // check for return URL from the request first if ($return = JRequest::getVar('return', '', 'method', 'base64')) { $data['return'] = base64_decode($return); if (!JURI::isInternal($data['return'])) { $data['return'] = ''; } } // Set the return URL if empty. if (!isset($data['return']) || empty($data['return'])) { $data['return'] = 'index.php?option=com_users&view=profile'; } $app->setUserState('users.login.form.data', $data); $this->preprocessData('com_users.login', $data); return $data; }
/** * Returns the server * * @return JTable A database object * * @since 2.0.0 */ public function getItem() { // Load the server $id = $this->getState('server.id'); $item = $this->getTable(); if (!$item->load($id) || $item->published != 1) { $this->setError(JText::_('COM_EXTERNALLOGIN_ERROR_SERVER_UNPUBLISHED')); return false; } // Compute the url $app = JFactory::getApplication(); $url = $app->input->server->getString('HTTP_REFERER'); if (empty($url) || !JURI::isInternal($url)) { $redirect = JFactory::getApplication()->getParams('com_externallogin')->get('redirect'); $url = JURI::getInstance()->toString(array('scheme', 'user', 'pass', 'host', 'port')) . JRoute::_('index.php?Itemid=' . $redirect, true); } // Compute the URI $uri = JFactory::getURI($url); // Return the service/URL if (JFactory::getUser()->guest) { $uri->setVar('server', $item->id); $results = $app->triggerEvent('onGetLoginUrl', array($item, $uri)); if (!empty($results)) { return $results[0]; } else { $this->setError(JText::_('COM_EXTERNALLOGIN_ERROR_OCCURS')); } } else { return $uri; } }
/** * Retrieve path to file in hard disk based from file URL * * @param string $file URL to the file * @return string */ public static function getFilePath($file) { // Located file from root if (strpos($file, '/') === 0) { if (file_exists($tmp = realpath(str_replace(JUri::root(true), JPATH_ROOT, $file)))) { return $tmp; } elseif (file_exists($tmp = realpath($_SERVER['DOCUMENT_ROOT'] . '/' . $file))) { return $tmp; } elseif (file_exists($tmp = realpath(JPATH_ROOT . '/' . $file))) { return $tmp; } } if (strpos($file, '://') !== false && JURI::isInternal($file)) { $path = parse_url($file, PHP_URL_PATH); if (file_exists($tmp = realpath($_SERVER['DOCUMENT_ROOT'] . '/' . $path))) { return $tmp; } elseif (file_exists($tmp = realpath(JPATH_ROOT . '/' . $path))) { return $tmp; } } $rootURL = JUri::root(); $currentURL = JUri::current(); $currentPath = JPATH_ROOT . '/' . substr($currentURL, strlen($rootURL)); $currentPath = str_replace(DIRECTORY_SEPARATOR, '/', $currentPath); $currentPath = dirname($currentPath); return JPath::clean($currentPath . '/' . $file); }
/** * Saves a category * * @return void * @since 1.5.5 */ public function save() { $model = $this->getModel('editcategory'); // Get limitstart from request to set the correct limitstart (page) for redirect url $slimitstart = ''; if (JRequest::getVar('limitstart', null) != null) { $slimitstart = '&limitstart=' . JRequest::getInt('limitstart', 0); } // Set default redirect URL $redirect = 'index.php?view=usercategories' . $slimitstart; // Check whether a redirect is requested if ($url = JRequest::getVar('redirect', '', '', 'base64')) { $url = base64_decode($url); if (JURI::isInternal($url)) { $redirect = $url; } } if ($id = $model->store()) { $msg = JText::_('COM_JOOMGALLERY_COMMON_MSG_CATEGORY_SAVED'); $this->setRedirect(JRoute::_($redirect, false), $msg); } else { $msg = $model->getError(); $this->setRedirect(JRoute::_($redirect, false), $msg, 'error'); } }
/** * Method to get the login form. * * The base form is loaded from XML and then an event is fired * for users plugins to extend the form with extra fields. * * @access public * @param string $type The type of form to load (view, model); * @return mixed JForm object on success, false on failure. * @since 1.0 */ function &getLoginForm() { // Set the form loading options. $options = array('array' => false, 'event' => 'onPrepareUsersLoginForm', 'group' => 'users'); // Get the form. $form = $this->getForm('login', 'com_users.login', $options); // Check for an error. if (JError::isError($form)) { return $form; } // Check the session for previously entered login form data. $app =& JFactory::getApplication(); $data = $app->getUserState('users.login.form.data', array()); // check for return URL from the request first if ($return = JRequest::getVar('return', '', 'method', 'base64')) { $data['return'] = base64_decode($return); if (!JURI::isInternal($data['return'])) { $data['return'] = ''; } } // Set the return URL if empty. if (!isset($data['return']) || empty($data['return'])) { $data['return'] = 'index.php?option=com_users&view=profile'; } $app->setUserState('users.login.form.data', $data); // Bind the form data if present. if (!empty($data)) { $form->bind($data); } return $form; }
/** * Uploads the selected images * * @return void * @since 1.5.5 */ public function upload() { $this->_mainframe = JFactory::getApplication(); $type = $this->_mainframe->getUserStateFromRequest('joom.upload.type', 'type', 'single', 'post', 'cmd'); // If the applet in JAVA upload checks for the serverProtocol, // it issues a HEAD request // Simply return an empty doc to send a HTTP 200 if ($type == 'java' && $_SERVER['REQUEST_METHOD'] == 'HEAD') { jexit(); } require_once JPATH_COMPONENT_ADMINISTRATOR . '/helpers/upload.php'; $uploader = new JoomUpload(); if ($uploader->upload($type)) { $msg = JText::_('COM_JOOMGALLERY_UPLOAD_MSG_SUCCESSFULL'); // Set redirect if we are asked for that if ($redirect = JRequest::getVar('redirect', '', '', 'base64')) { $url = base64_decode($redirect); if (JURI::isInternal($url)) { $this->setRedirect(JRoute::_($url, false), $msg); return; } } // Set a redirect according to the correspondent setting in configuration manager $model = $this->getModel('upload'); $url = $model->getRedirectUrlAfterUpload($type); if (!empty($url)) { $this->setRedirect($url, $msg); } } else { if ($error = $uploader->getError()) { $this->setRedirect(JRoute::_('index.php?view=upload&tab=' . $type, false), $error, 'error'); } } }
/** * Method to call when redirected back from google after authentication * Grab the return URL if set and handle denial of app privileges from google * * @param object $credentials * @param object $options * @return void */ public function login(&$credentials, &$options) { $b64dreturn = ''; // Check the state for our return variable if ($return = Request::getVar('state', '', 'method', 'base64')) { $b64dreturn = base64_decode($return); if (!JURI::isInternal($b64dreturn)) { $b64dreturn = ''; } } $options['return'] = $b64dreturn; // Set up the config for the google api instance $client = new Google_Client(); $client->setClientId($this->params->get('app_id')); $client->setClientSecret($this->params->get('app_secret')); $client->setRedirectUri(self::getRedirectUri('google')); // If we have a code comeing back, the user has authorized our app, and we can authenticate if ($code = Request::getVar('code', NULL)) { // Authenticate the user $client->authenticate($code); // Add the access token to the session $session = App::get('session'); $session->set('google.token', $client->getAccessToken()); } else { // User didn't authorize our app or clicked cancel App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return), Lang::txt('PLG_AUTHENTICATION_GOOGLE_MUST_AUTHORIZE_TO_LOGIN', Config::get('sitename')), 'error'); } }
function save($apply = false) { jimport('joomla.version'); $version = new JVersion(); if (JFactory::getApplication()->isSite() && JRequest::getInt('Itemid', 0)) { if (version_compare($version->getShortVersion(), '1.6', '>=')) { $menu = JSite::getMenu(); $item = $menu->getActive(); if (is_object($item)) { JRequest::setVar('cb_controller', $item->params->get('cb_controller', null)); JRequest::setVar('cb_category_id', $item->params->get('cb_category_id', null)); } } else { $params = JComponentHelper::getParams('com_contentbuilder'); JRequest::setVar('cb_controller', $params->get('cb_controller', null)); JRequest::setVar('cb_category_id', $params->get('cb_category_id', null)); } } JRequest::setVar('cbIsNew', 0); JRequest::setVar('cbInternalCheck', 1); if (JRequest::getCmd('record_id', '')) { contentbuilder::checkPermissions('edit', JText::_('COM_CONTENTBUILDER_PERMISSIONS_EDIT_NOT_ALLOWED'), class_exists('cbFeMarker') ? '_fe' : ''); } else { JRequest::setVar('cbIsNew', 1); contentbuilder::checkPermissions('new', JText::_('COM_CONTENTBUILDER_PERMISSIONS_NEW_NOT_ALLOWED'), class_exists('cbFeMarker') ? '_fe' : ''); } $model = $this->getModel('edit'); $id = $model->store(); $submission_failed = JRequest::getBool('cb_submission_failed', false); $cb_submit_msg = JRequest::setVar('cb_submit_msg', ''); $type = 'message'; if ($id && !$submission_failed) { $msg = JText::_('COM_CONTENTBUILDER_SAVED'); $return = JRequest::getVar('return', ''); if ($return) { $return = base64_decode($return); if (!JRequest::getBool('cbInternalCheck', 1)) { JFactory::getApplication()->redirect($return, $msg); } if (JURI::isInternal($return)) { JFactory::getApplication()->redirect($return, $msg); } } } else { $apply = true; // forcing to stay in form on errors $type = 'error'; } if (JRequest::getVar('cb_controller') == 'edit') { $link = JRoute::_('index.php?option=com_contentbuilder&title=' . JRequest::getVar('title', '') . (JRequest::getVar('tmpl', '') != '' ? '&tmpl=' . JRequest::getVar('tmpl', '') : '') . (JRequest::getVar('layout', '') != '' ? '&layout=' . JRequest::getVar('layout', '') : '') . '&controller=edit&return=' . JRequest::getVar('return', '') . '&Itemid=' . JRequest::getInt('Itemid', 0), false); } else { if ($apply) { $link = JRoute::_('index.php?option=com_contentbuilder&title=' . JRequest::getVar('title', '') . (JRequest::getVar('tmpl', '') != '' ? '&tmpl=' . JRequest::getVar('tmpl', '') : '') . (JRequest::getVar('layout', '') != '' ? '&layout=' . JRequest::getVar('layout', '') : '') . '&controller=edit&return=' . JRequest::getVar('return', '') . '&backtolist=' . JRequest::getInt('backtolist', 0) . '&id=' . JRequest::getInt('id', 0) . '&record_id=' . $id . '&Itemid=' . JRequest::getInt('Itemid', 0) . '&limitstart=' . JRequest::getInt('limitstart', 0) . '&filter_order=' . JRequest::getCmd('filter_order'), false); } else { $link = JRoute::_('index.php?option=com_contentbuilder&title=' . JRequest::getVar('title', '') . (JRequest::getVar('tmpl', '') != '' ? '&tmpl=' . JRequest::getVar('tmpl', '') : '') . (JRequest::getVar('layout', '') != '' ? '&layout=' . JRequest::getVar('layout', '') : '') . '&controller=list&id=' . JRequest::getInt('id', 0) . '&limitstart=' . JRequest::getInt('limitstart', 0) . '&filter_order=' . JRequest::getCmd('filter_order') . '&Itemid=' . JRequest::getInt('Itemid', 0), false); } } $this->setRedirect($link, $msg, $type); }
public function getRequestReturnUrl() { if ($return = JRequest::getVar('return', '', 'method', 'base64')) { $return = base64_decode($return); if (!JURI::isInternal($return)) { $return = ''; } } return $return; }
/** * Actions to perform when logging in a user session * * @param array $credentials login credentials * @param array $options login options * @return void */ public function login(&$credentials, &$options) { // Check for return param if ($return = Request::getVar('return', '', 'method', 'base64')) { $return = base64_decode($return); if (!JURI::isInternal($return)) { $return = ''; } } $options['return'] = $return; }
protected function _getReturnPage() { $app =& JFactory::getApplication(); $context = $this->_context . '.'; if (!($return = $app->getUserState($context . '.return'))) { $return = JRequest::getVar('return', base64_encode(JURI::base())); } $return = JFilterInput::getInstance()->clean($return, 'base64'); $return = base64_decode($return); if (!JURI::isInternal($return)) { $return = JURI::base(); } return $return; }
/** * Return HTML, subitems in menu * * @param: Array items * @param: int $menuid */ protected function renderItems($mItems, $moduleid) { $items = ''; if (count($mItems)) { for ($i = 0; $i < count($mItems); $i++) { $publish = $mItems[$i]->published == 1 ? 'Unpublish' : 'Publish'; $class_unpublish = $mItems[$i]->published == 0 ? ' unpublish' : ''; $default = $mItems[$i]->home == 1 ? ' default' : ''; $uri = new JURI($mItems[$i]->link); $link = $uri->toString(); //if external link if (!JURI::isInternal($link)) { $link = $mItems[$i]->link; } else { $link = JURI::root() . $link; } //if default item if ($mItems[$i]->home == 1) { $link = JURI::root(); } $attributes = $this->getCheckboxAttributes($mItems[$i]->id, $moduleid); if ($mItems[$i]->type == 'alias') { $aliasparams = new JRegistry(); $aliasparams->loadString($mItems[$i]->params); $address_itemid = $aliasparams->get('aliasoptions'); if ((int) $address_itemid > 0) { $address_item = $this->getMenuItem($address_itemid); if (!$address_item) { continue; } $link = $address_item->link; if (strpos($link, '?') === false) { $link .= '?aliasoptions=' . $address_itemid . '&Itemid=' . $mItems[$i]->id; } else { $link .= '&aliasoptions=' . $address_itemid . '&Itemid=' . $mItems[$i]->id; } $mItems[$i]->link = $link; } } if ($this->hasChild($mItems[$i]->id)) { $subItems = $this->getItems($mItems[$i]->menutype, $mItems[$i]->id); //Render item $items .= JSNHtmlHelper::openTag('li') . JSNHtmlHelper::addInputTag('checkbox', $attributes) . JSNHtmlHelper::openTag('a', array('conClick' => 'javascript:void(0);', 'class' => $default . $class_unpublish, 'href' => $link, 'title' => $this->getMenuItemType($mItems[$i]->link))) . $mItems[$i]->title . JSNHtmlHelper::closeTag('a') . JSNHtmlHelper::openTag('ul', array('class' => 'jsn-menu-items', 'id' => 'item-' + $mItems[$i]->id)) . $this->renderItems($subItems, $moduleid) . JSNHtmlHelper::closeTag('ul') . JSNHtmlHelper::closeTag('li'); } else { $items .= JSNHtmlHelper::openTag('li') . JSNHtmlHelper::addInputTag('checkbox', $attributes) . JSNHtmlHelper::openTag('a', array('onClick' => 'javascript:void(0);', 'class' => $default . $class_unpublish, 'href' => $link, 'title' => $this->getMenuItemType($mItems[$i]->link))) . $mItems[$i]->title . JSNHtmlHelper::closeTag('a') . JSNHtmlHelper::closeTag('li'); } } } return $items; }
/** * Get a return URL for the current page * * @return string Return page */ public static function getReturn() { $module = JModuleHelper::getModule("itpconnect"); $return = ""; if (!empty($module->params)) { $params = new JRegistry($module->params); $type = ItpcHelper::getType(); $return = ItpcHelper::getReturnURL($params, $type); $return = base64_decode($return); $return = JRoute::_($return, false); } if (!$return or !JURI::isInternal($return)) { $return = "/"; } return $return; }
/** * Method to call when redirected back from twitter after authentication * Grab the return URL if set and handle denial of app privileges from twitter * * @param object $credentials * @param object $options * @return void */ public function login(&$credentials, &$options) { if ($return = Request::getVar('return', '', 'method', 'base64')) { $b64dreturn = base64_decode($return); if (!JURI::isInternal($b64dreturn)) { $b64dreturn = ''; } } $options['return'] = $b64dreturn; // Check to make sure they didn't deny our application permissions if (Request::getWord('denied', false)) { // User didn't authorize our app or clicked cancel App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return), Lang::txt('PLG_AUTHENTICATION_TWITTER_MUST_AUTHORIZE_TO_LOGIN', Config::get('sitename')), 'error'); return; } }
/** * Uploads the selected images * * @return void * @since 1.5.5 */ public function upload() { $this->_mainframe = JFactory::getApplication(); $type = $this->_mainframe->getUserStateFromRequest('joom.upload.type', 'type', 'single', 'post', 'cmd'); // If the applet in JAVA upload checks for the serverProtocol, // it issues a HEAD request // Simply return an empty doc to send a HTTP 200 if ($type == 'java' && $_SERVER['REQUEST_METHOD'] == 'HEAD') { jexit(); } require_once JPATH_COMPONENT_ADMINISTRATOR . '/helpers/upload.php'; $uploader = new JoomUpload(); if ($uploader->upload($type)) { //T.Trung $db = JFactory::getDBO(); $db->setQuery("SELECT MAX(id) FROM #__joomgallery"); $img_id = $db->loadResult(); $db->setQuery("INSERT INTO #__joomgallery_image_details (id, details_key, details_value, ordering) VALUES ('" . $img_id . "', 'additional.tags', '" . JRequest::getVar('tags') . "', 4)"); $db->query(); $db->setQuery("INSERT INTO #__joomgallery_image_details (id, details_key, details_value, ordering) VALUES ('" . $img_id . "', 'additional.price', '" . JRequest::getVar('price') . "', 1)"); $db->query(); $db->setQuery("INSERT INTO #__joomgallery_image_details (id, details_key, details_value, ordering) VALUES ('" . $img_id . "', 'additional.code', '" . $this->generateRandomString() . "', 3)"); $db->query(); $db->setQuery("INSERT INTO #__joomgallery_image_details (id, details_key, details_value, ordering) VALUES ('" . $img_id . "', 'additional.like', 0, 2)"); $db->query(); //T.Trung end $msg = JText::_('COM_JOOMGALLERY_UPLOAD_MSG_SUCCESSFULL'); // Set redirect if we are asked for that if ($redirect = JRequest::getVar('redirect', '', '', 'base64')) { $url = base64_decode($redirect); if (JURI::isInternal($url)) { $this->setRedirect(JRoute::_($url, false), $msg); return; } } // Set a redirect according to the correspondent setting in configuration manager $model = $this->getModel('upload'); $url = $model->getRedirectUrlAfterUpload($type); if (!empty($url)) { $this->setRedirect($url, $msg); } } else { if ($error = $uploader->getError()) { $this->setRedirect(JRoute::_('index.php?view=upload&tab=' . $type, false), $error, 'error'); } } }
/** * Method to call when redirected back from ORCID after authentication * Grab the return URL if set and handle denial of app privileges from ORCID * * @param object $credentials * @param object $options * @return void */ public function login(&$credentials, &$options) { $b64dreturn = ''; // Check the state for our return variable if ($return = Request::getVar('state', '', 'method', 'base64')) { $b64dreturn = base64_decode($return); if (!JURI::isInternal($b64dreturn)) { $b64dreturn = ''; } } $options['return'] = $b64dreturn; // If we have a code coming back, the user has authorized our app, and we can authenticate if (!Request::getVar('code', NULL)) { // User didn't authorize our app or clicked cancel App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return), Lang::txt('PLG_AUTHENTICATION_ORCID_MUST_AUTHORIZE_TO_LOGIN', Config::get('sitename')), 'error'); } }
/** * check if we are at the login page & there is a return URI set. * if so, check if the return was to com_content (regarless of the view) & redirect to NotAllowed. */ public function handleLoginRedirect() { $uri = JFactory::getURI(); $task = $uri->getVar('task'); $option = $uri->getVar('option'); $view = $uri->getVar('view'); $return = $uri->getVar('return'); if (empty($task)) { $task = JRequest::getVar('task', null); } if (empty($option)) { $option = JRequest::getVar('option', null); } if (empty($view)) { $view = JRequest::getVar('view', null); } if (empty($return)) { $return = JRequest::getVar('return', '', 'method', 'base64'); $return = base64_decode($return); if (function_exists('JURI::isInternal')) { if (!JURI::isInternal($return)) { $return = ''; } } else { // Copied for pre-1.5.7 compatibility $uri = JURI::getInstance($return); $base = $uri->toString(array('scheme', 'host', 'port', 'path')); $host = $uri->toString(array('scheme', 'host', 'port')); if (strpos(strtolower($base), strtolower(JURI::base())) !== 0 && !empty($host)) { $return = ''; } } } else { $return = base64_decode($return); } if (($option == 'com_user' || $option == 'com_users') && ($view == 'login' || strpos($task, 'login') != false) && strpos($task, 'logout') == false && !empty($return) && $return != 'index.php' && (empty($_REQUEST['username']) && empty($_REQUEST['password']))) { $uri = new JURI($return); $option = $uri->getVar('option'); $cr = array('com_content', 'com_mailto', 'com_newsfeeds', 'com_poll', 'com_weblinks'); if (in_array($option, $cr) || empty($option)) { $error = new stdClass(); $error->code = 403; $this->redirectNotAllowed($error); } } }
/** * Method to auto-populate the model state. * * Note. Calling getState in this method will result in recursion. * * @since 1.6 */ protected function populateState() { $credentials = array('username' => JRequest::getVar('username', '', 'method', 'username'), 'password' => JRequest::getVar('passwd', '', 'post', 'string', JREQUEST_ALLOWRAW)); $this->setState('credentials', $credentials); // check for return URL from the request first if ($return = JRequest::getVar('return', '', 'method', 'base64')) { $return = base64_decode($return); if (!JURI::isInternal($return)) { $return = ''; } } // Set the return URL if empty. if (empty($return)) { $return = 'index.php'; } $this->setState('return', $return); }
public function getList() { $items = parent::getList(); foreach (@$items as $item) { $item->link = 'index.php?option=com_mysite&controller=items&view=items&task=edit&id=' . $item->item_id; $item->id = $item->item_id; // JHTML::_('menu.treerecurse') needs $item->id to be set $item->name = $item->title; if (strpos($item->url, 'Itemid') !== false || empty($item->itemid) || !JURI::isInternal($item->url) || empty($item->url)) { // is a menulink or an external URL $item->url_itemid = $item->url; } else { $item->url_itemid = $item->url . "&Itemid=" . $item->itemid; } } return $items; }
protected function loadFormData() { $app = JFactory::getApplication(); $data = $app->getUserState('users.login.form.data', array()); $jinput = JFactory::getApplication()->input; // check for return URL from the request first if ($return = $jinput->get('return', '', 'base64')) { $data['return'] = base64_decode($return); if (!JURI::isInternal($data['return'])) { $data['return'] = ''; } } if (!isset($data['return']) || empty($data['return'])) { $data['return'] = 'index.php?option=com_bt_socialconnect&view=profile'; } $app->setUserState('users.login.form.data', $data); return $data; }
/** * Method to get the data that should be injected in the form. * * @return array The default data is an empty array. * @since 1.6 */ protected function loadFormData() { // Check the session for previously entered login form data. $app = JFactory::getApplication(); $data = $app->getUserState('users.login.form.data', array()); // check for return URL from the request first if ($return = Request::getVar('return', '', 'method', 'base64')) { $data['return'] = base64_decode($return); if (!JURI::isInternal($data['return'])) { $data['return'] = ''; } } // Set the return URL if empty or if it doesn't look anything like an URL (which will happen thanks to shibd setting it to encrypted data). if (!isset($data['return']) || empty($data['return']) || !preg_match('#^(/|index[.]php|https?://)#', $data['return'])) { $data['return'] = 'index.php?option=com_members&task=myaccount'; } $app->setUserState('users.login.form.data', $data); return $data; }
/** * Method to log out a user. * * @access public * @since 1.0 */ function logout() { $app =& JFactory::getApplication(); // Perform the log in. $error = $app->logout(); // Check if the log out succeeded. if (!JError::isError($error)) { // Get the return url from the request and validate that it is internal. $return = JRequest::getVar('return', '', 'method', 'base64'); $return = base64_decode($return); if (!JURI::isInternal($return)) { $return = ''; } // Redirect the user. $app->redirect(JRoute::_($return, false)); } else { $app->redirect(JRoute::_('index.php?option=com_users&view=login', false)); } }
function getData() { $this->getPlayer(); //title $this->p_title = JText::_('BLFA_EDITFIPROF'); $this->_params = $this->JS_PageTitle($this->title ? $this->title : JText::_('BLFA_EDITFIPROF')); $this->_lists["post_max_size"] = $this->getValSettingsServ("post_max_size"); //return if ($return = JRequest::getVar('return', '', 'method', 'base64')) { $return = $return; if (!JURI::isInternal($return)) { $return = ''; } } if ($this->_user->get('guest')) { $return_url = $_SERVER['REQUEST_URI']; $return_url = base64_encode($return_url); if (getVer() >= '1.6') { $uopt = "com_users"; } else { $uopt = "com_user"; } $return = 'index.php?option=' . $uopt . '&view=login&return=' . $return_url; // Redirect to a login form $this->mainframe->redirect($return, JText::_('BLMESS_NOT_LOGIN')); } $this->_lists["return"] = $return; $this->getJSreg(); //Player Country registration $this->_lists['country_reg'] = $this->getJS_Config('country_reg'); $this->_lists['country_reg_rq'] = $this->getJS_Config('country_reg_rq'); $this->getCountries(); //Nick registration $this->_lists['nick_reg'] = $this->getJS_Config('nick_reg'); $this->_lists['nick_reg_rq'] = $this->getJS_Config('nick_reg_rq'); //Last Name registration $this->_lists['reg_lastname'] = $this->getJS_Config('reg_lastname'); $this->_lists['reg_lastname_rq'] = $this->getJS_Config('reg_lastname_rq'); $this->_lists["teams_season"] = $this->teamsToModer(); $this->_lists["panel"] = $this->getePanel($this->_lists["teams_season"], 0, 0, 1); //$this->_lists['seas_pl_reg'] = ""; // }
function changePass() { global $option; $user =& JFactory::getUser(); $userid = JRequest::getVar('id', 0, 'post', 'int'); // preform security checks if ($user->get('id') == 0 || $userid == 0 || $userid != $user->get('id')) { JError::raiseError(403, JText::_('Access Forbidden')); return; } //clean request $post = JRequest::get('post'); $post['username'] = JRequest::getVar('username', '', 'post', 'username'); $post['password'] = JRequest::getVar('password', '', 'post', 'string', JREQUEST_ALLOWRAW); $post['password2'] = JRequest::getVar('password2', '', 'post', 'string', JREQUEST_ALLOWRAW); // get the redirect $return = JURI::base(); // do a password safety check if (strlen($post['password']) || strlen($post['password2'])) { // so that "0" can be used as password e.g. if ($post['password'] != $post['password2']) { $msg = JText::_('PASSWORDS_DO_NOT_MATCH'); // something is wrong. we are redirecting back to edit form. // TODO: HTTP_REFERER should be replaced with a base64 encoded form field in a later release $return = str_replace(array('"', '<', '>', "'"), '', @$_SERVER['HTTP_REFERER']); if (empty($return) || !JURI::isInternal($return)) { $return = JURI::base(); } $this->setRedirect('index.php?option=' . $option, $msg, 'error'); return false; } } // store data $model =& $this->getModel('index', 'ModelWUser'); if ($model->store($post)) { $msg = JText::_('Your settings have been saved.'); } else { //$msg = JText::_( 'Error saving your settings.' ); $msg = $model->getError(); } $this->setRedirect('index.php?option=' . $option, $msg); }
/** * Method to log out a user. * * @since 1.6 */ public function logout() { JSession::checkToken('request') or jexit(JText::_('JInvalid_Token')); $app = JFactory::getApplication(); // Perform the log in. $error = $app->logout(); // Check if the log out succeeded. if (!$error instanceof Exception) { // Get the return url from the request and validate that it is internal. $return = JRequest::getVar('return', '', 'method', 'base64'); $return = base64_decode($return); if (!JURI::isInternal($return)) { $return = ''; } // Redirect the user. $app->redirect(JRoute::_($return, false)); } else { $app->redirect(JRoute::_('index.php?option=com_users&view=login', false)); } }
public static function login() { // Check for request forgeries JRequest::checkToken('request') or jexit('Invalid Token'); $app =& JFactory::getApplication(); if ($return = JRequest::getVar('return', '', 'method', 'base64')) { $return = base64_decode($return); if (!JURI::isInternal($return)) { $return = ''; } } $options = array(); $options['remember'] = JRequest::getBool('remember', false); $options['return'] = $return; if (JDEBUG) { dump($options, "Options"); } $credentials = array(); $credentials['unit'] = JRequest::getVar('unit', '', 'method'); $credentials['username'] = JRequest::getVar('username', '', 'method', 'username'); $credentials['password'] = JRequest::getString('passwd', '', 'post', JREQUEST_ALLOWRAW); if (JDEBUG) { dump($credentials, "Credencials"); } //preform the login action $error = $app->login($credentials, $options); if (!JError::isError($error)) { // Redirect if the return url is not registration or login if (!$return) { $return = 'index.php?option=com_joopoauser'; } $app->redirect($return); } else { // Facilitate third party login forms if (!$return) { $return = 'index.php?option=com_joopoauser&view=login'; } // Redirect to a login form $app->redirect($return); } }
/** * Uploads the selected zip archiv * * @return void * @since 1.5.5 */ public function upload() { require_once JPATH_COMPONENT . '/helpers/upload.php'; $uploader = new JoomUpload(); if ($uploader->upload(JRequest::getCmd('type', 'batch'))) { $msg = JText::_('COM_JOOMGALLERY_UPLOAD_MSG_SUCCESSFULL'); $url = $this->_ambit->getRedirectUrl(); // Set custom redirect if we are asked for that if ($redirect = JRequest::getVar('redirect', '', '', 'base64')) { $url_decoded = base64_decode($redirect); if (JURI::isInternal($url)) { $url = $url_decoded; } } $this->setRedirect(JRoute::_($url, false), $msg); } else { if ($error = $uploader->getError()) { $this->setRedirect($this->_ambit->getRedirectUrl(), $error, 'error'); } } }
protected function _actionLogin(KCommandContext $context) { if($return = KRequest::get('post.return', 'base64')) { $return = base64_decode($return); if(!JURI::isInternal($return)) { $return = ''; } } $options = array( 'return' => $return ); $credentials = array( 'username' => KRequest::get('post.username', 'string'), 'password' => KRequest::get('post.password', 'raw') ); $result = KFactory::get('joomla:application')->login($credentials, $options); if(!JError::isError($result)) { if(!$return) { $return = 'index.php?option=com_users&view=user'; } $this->_redirect = $return; } else { if(!$return) { $return = 'index.php?option=com_users&view=login'; } $this->setRedirect($return, $result->getError(), 'error'); } }
function getData() { $this->getTeamReg(); //title $this->p_title = JText::_('BLFA_NTEAM'); //$this->_params = $this->JS_PageTitle(JText::_('BLFA_NTEAM')); $this->_params = $this->JS_PageTitle($this->title ? $this->title : $this->p_title); $team_reg = $this->getJS_Config('team_reg'); if (!$team_reg) { echo JText::_('BLFA_OPTDISAB'); exit; } //return if ($return = JRequest::getVar('return', '', 'method', 'base64')) { $return = $return; if (!JURI::isInternal($return)) { $return = ''; } } if ($this->_user->get('guest')) { $return_url = $_SERVER['REQUEST_URI']; $return_url = base64_encode($return_url); if (getVer() >= '1.6') { $uopt = "com_users"; } else { $uopt = "com_user"; } $return = 'index.php?option=' . $uopt . '&view=login&return=' . $return_url; // Redirect to a login form $this->session->set('errMess', JText::_('BLMESS_NOT_LOGIN')); $this->session->set('typeMess', 3); $this->mainframe->redirect($return); } $this->_lists["return"] = $return; $this->getJSreg(); $this->_lists["teams_season"] = $this->teamsToModer(); $this->_lists["panel"] = $this->getePanel($this->_lists["teams_season"], 0, 0, 1); }
/** * Method to call when redirected back from linkedin after authentication * Grab the return URL if set and handle denial of app privileges from linkedin * * @param object $credentials * @param object $options * @return void */ public function login(&$credentials, &$options) { $jsession = App::get('session'); $b64dreturn = ''; // Check to see if a return parameter was specified if ($return = Request::getVar('return', '', 'method', 'base64')) { $b64dreturn = base64_decode($return); if (!JURI::isInternal($b64dreturn)) { $b64dreturn = ''; } } // Set the return variable $options['return'] = $b64dreturn; // Set up linkedin configuration $linkedin_config['appKey'] = $this->params->get('api_key'); $linkedin_config['appSecret'] = $this->params->get('app_secret'); $linkedin_config['callbackUrl'] = self::getRedirectUri('linkedin'); // Create Object $linkedin_client = new LinkedIn($linkedin_config); if (!Request::getVar('oauth_verifier', NULL)) { // User didn't authorize our app, or, clicked cancel App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return), Lang::txt('PLG_AUTHENTICATION_LINKEDIN_MUST_AUTHORIZE_TO_LOGIN', Config::get('sitename')), 'error'); } // LinkedIn has sent a response, user has granted permission, take the temp access token, // the user's secret and the verifier to request the user's real secret key $request = $jsession->get('linkedin.oauth.request'); $reply = $linkedin_client->retrieveTokenAccess($request['oauth_token'], $request['oauth_token_secret'], Request::getVar('oauth_verifier')); if ($reply['success'] === TRUE) { // The request went through without an error, gather user's 'access' tokens $jsession->set('linkedin.oauth.access', $reply['linkedin']); // Set the user as authorized for future quick reference $jsession->set('linkedin.oauth.authorized', TRUE); } else { return new Exception(Lang::txt('PLG_AUTHENTICATION_LINKEDIN_ERROR'), 500); } }