/** * Gets an array of the authorised user-groups for this entity * * @param boolean $inheritedOnesToo True to include inherited user groups. * @return array */ public function getAuthorisedGroups($inheritedOnesToo = true) { if ($inheritedOnesToo) { return $this->cmsOwnUser->getAuthorisedGroups($inheritedOnesToo); } else { return JAccess::getGroupsByUser($this->cmsOwnUser->id, false); } }
/** * process the plugin, called when form is submitted * * @param object $params * @param object form model */ function onBeforeStore(&$params, &$formModel) { $app = JFactory::getApplication(); $config = JFactory::getConfig(); $lang = JFactory::getLanguage(); //load up com_users lang - used in email text $lang->load('com_users'); //if the fabrik table is set to be jos_users and the this plugin is used //we need to alter the form model to tell it not to store the main row // but to still store any joined rows $ftable = str_replace('#__', $app->getCfg('dbprefix'), $formModel->getlistModel()->getTable()->db_table_name); $jos_users = $app->getCfg('dbprefix') . 'users'; if ($ftable == $jos_users) { $formModel->_storeMainRow = false; } $usersConfig = JComponentHelper::getParams('com_users'); // Initialize some variables $me = JFactory::getUser(); $acl = JFactory::getACL(); //$mailFrom = $app->getCfg('mailfrom'); //$FromName = $app->getCfg('fromname'); //$SiteName = $app->getCfg('sitename'); $siteURL = JURI::base(); $bypassActivation = $params->get('juser_bypass_activation', false); $bypassRegistration = $params->get('juser_bypass_registration', true); // load in the com_user language file $lang = JFactory::getLanguage(); $lang->load('com_user'); $data = $formModel->_formData; // Check for request forgeries JRequest::checkToken() or jexit('Invalid Token'); $option = JRequest::getCmd('option'); $original_id = 0; if ($params->get('juser_field_userid') != '') { $this->useridfield = $this->getFieldName($params, 'juser_field_userid'); if (!empty($formModel->_rowId)) { $original_id = (int) $formModel->_formData[$this->useridfield]; } } else { $original_id = 0; $this->useridfield = ''; } // Create a new JUser object $user = new JUser($original_id); $originalGroups = $user->getAuthorisedGroups(); // Are we dealing with a new user which we need to create? $isNew = $user->get('id') < 1; if ($isNew && $usersConfig->get('allowUserRegistration') == '0' && !$bypassRegistration) { JError::raiseError(403, JText::_('Access Forbidden - Registration not enabled')); return false; } $data = array(); $this->passwordfield = $this->getFieldName($params, 'juser_field_password'); $this->passwordvalue = $this->getFieldValue($params, 'juser_field_password', $formModel->_formData); $this->namefield = $this->getFieldName($params, 'juser_field_name'); $this->namevalue = $this->getFieldValue($params, 'juser_field_name', $formModel->_formData); $this->usernamefield = $this->getFieldName($params, 'juser_field_username'); $this->usernamevalue = $this->getFieldValue($params, 'juser_field_username', $formModel->_formData); $this->emailfield = $this->getFieldName($params, 'juser_field_email'); $this->emailvalue = $this->getFieldValue($params, 'juser_field_email', $formModel->_formData); $data['id'] = $original_id; $this->gidfield = $this->getFieldName($params, 'juser_field_usertype'); $defaultGroup = (int) $params->get('juser_field_default_group'); $groupId = JArrayHelper::getValue($formModel->_formData, $this->gidfield, $defaultGroup); if (is_array($groupId)) { $groupId = $groupId[0]; } $groupId = (int) $groupId; if (!$isNew) { if ($params->get('juser_field_usertype') != '') { if (in_array($groupId, $me->getAuthorisedGroups()) || $me->authorise('core.admin')) { $data['gid'] = $groupId; } else { JError::raiseNotice(500, "could not alter user group to {$groupId} as you are not assigned to that group"); } } else { // if editing an existing user and no gid field being used, // use default group id $data['gid'] = $defaultGroup; } } else { $data['gid'] = $params->get('juser_field_usertype') != '' ? $groupId : $defaultGroup; } if ($data['gid'] === 0) { $data['gid'] = $defaultGroup; } $user->groups = (array) $data['gid']; if ($params->get('juser_field_block') != '') { $this->blockfield = $this->getFieldName($params, 'juser_field_block'); $blocked = JArrayHelper::getValue($formModel->_formData, $this->blockfield, ''); if (is_array($blocked)) { // probably a dropdown $data['block'] = (int) $blocked[0]; } else { $data['block'] = (int) $blocked; } } else { $data['block'] = 0; } //$$$tom get password field to use in $origdata object if editing user and not changing password $origdata = $formModel->_origData; $pwfield = $this->passwordfield; $data['username'] = $this->usernamevalue; $data['password'] = $this->passwordvalue; $data['password2'] = $this->passwordvalue; $data['name'] = $this->namevalue; $name = $this->namevalue; $data['email'] = $this->emailvalue; $ok = $this->check($data, $formModel, $params); if (!$ok) { // @TODO - add some error reporting return false; } // Set the registration timestamp if ($isNew) { $now = JFactory::getDate(); $user->set('registerDate', $now->toSql()); } if ($isNew) { // If user activation is turned on, we need to set the activation information $useractivation = $usersConfig->get('useractivation'); if ($useractivation == '1' && !$bypassActivation) { jimport('joomla.user.helper'); $data['activation'] = JUtility::getHash(JUserHelper::genRandomPassword()); $data['block'] = 1; } } // Check that username is not greater than 150 characters $username = $data['username']; if (strlen($username) > 150) { $username = substr($username, 0, 150); $user->set('username', $username); } // Check that password is not greater than 100 characters if (strlen($data['password']) > 100) { $data['password'] = substr($data['password'], 0, 100); } // end new if (!$user->bind($data)) { $app->enqueueMessage(JText::_('CANNOT SAVE THE USER INFORMATION'), 'message'); $app->enqueueMessage($user->getError(), 'error'); return false; } /* * Lets save the JUser object */ if (!$user->save()) { $app->enqueueMessage(JText::_('CANNOT SAVE THE USER INFORMATION'), 'message'); $app->enqueueMessage($user->getError(), 'error'); return false; } $session = JFactory::getSession(); JRequest::setVar('newuserid', $user->id); JRequest::setVar('newuserid', $user->id, 'cookie'); $session->set('newuserid', $user->id); JRequest::setVar('newuserid_element', $this->useridfield); JRequest::setVar('newuserid_element', $this->useridfield, 'cookie'); $session->set('newuserid_element', $this->useridfield); /* * Time for the email magic so get ready to sprinkle the magic dust... */ $emailSubject = ''; if ($isNew) { // Compile the notification mail values. $data = $user->getProperties(); $data['fromname'] = $config->get('fromname'); $data['mailfrom'] = $config->get('mailfrom'); $data['sitename'] = $config->get('sitename'); $data['siteurl'] = JUri::base(); $uri = JURI::getInstance(); $base = $uri->toString(array('scheme', 'user', 'pass', 'host', 'port')); // Handle account activation/confirmation emails. if ($useractivation == 2 && !$bypassActivation) { // Set the link to confirm the user email. $data['activate'] = $base . JRoute::_('index.php?option=com_users&task=registration.activate&token=' . $data['activation'], false); $emailSubject = JText::sprintf('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']); $emailBody = JText::sprintf('COM_USERS_EMAIL_REGISTERED_WITH_ADMIN_ACTIVATION_BODY', $data['name'], $data['sitename'], $data['siteurl'] . 'index.php?option=com_users&task=registration.activate&token=' . $data['activation'], $data['siteurl'], $data['username'], $data['password_clear']); } else { if ($useractivation == 1 && !$bypassActivation) { // Set the link to activate the user account. $data['activate'] = $base . JRoute::_('index.php?option=com_users&task=registration.activate&token=' . $data['activation'], false); $emailSubject = JText::sprintf('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']); $emailBody = JText::sprintf('COM_USERS_EMAIL_REGISTERED_WITH_ACTIVATION_BODY', $data['name'], $data['sitename'], $data['siteurl'] . 'index.php?option=com_users&task=registration.activate&token=' . $data['activation'], $data['siteurl'], $data['username'], $data['password_clear']); } elseif ($params->get('juser_bypass_accountdetails') != 1) { $emailSubject = JText::sprintf('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']); $emailBody = JText::sprintf('COM_USERS_EMAIL_REGISTERED_BODY', $data['name'], $data['sitename'], $data['siteurl']); } } // Send the registration email. if ($emailSubject !== '') { $return = JUtility::sendMail($data['mailfrom'], $data['fromname'], $data['email'], $emailSubject, $emailBody); // Check for an error. if ($return !== true) { $this->setError(JText::_('COM_USERS_REGISTRATION_SEND_MAIL_FAILED')); // Send a system message to administrators receiving system mails $db = JFactory::getDBO(); $q = "SELECT id\n\t\t\t\t\t\t\t\tFROM #__users\n\t\t\t\t\t\t\t\tWHERE block = 0\n\t\t\t\t\t\t\t\tAND sendEmail = 1"; $db->setQuery($q); $sendEmail = $db->loadColumn(); if (count($sendEmail) > 0) { $jdate = new JDate(); // Build the query to add the messages $q = "INSERT INTO `#__messages` (`user_id_from`, `user_id_to`, `date_time`, `subject`, `message`)\n\t\t\t\t\t\t\t\t\tVALUES "; $messages = array(); foreach ($sendEmail as $userid) { $messages[] = "(" . $userid . ", " . $userid . ", '" . $jdate->toSql() . "', '" . JText::_('COM_USERS_MAIL_SEND_FAILURE_SUBJECT') . "', '" . JText::sprintf('COM_USERS_MAIL_SEND_FAILURE_BODY', $return, $data['username']) . "')"; } $q .= implode(',', $messages); $db->setQuery($q); $db->query(); } } } } // If updating self, load the new user object into the session // FIXME - doesnt work in J1.7?? /* if ($user->get('id') == $me->get('id')) { // Get an ACL object $acl = &JFactory::getACL(); // Get the user group from the ACL $grp = $acl->getAroGroup($user->get('id')); // Mark the user as logged in $user->set('guest', 0); $user->set('aid', 1); // Fudge Authors, Editors, Publishers and Super Administrators into the special access group if ($acl->is_group_child_of($grp->name, 'Registered') || $acl->is_group_child_of($grp->name, 'Public Backend')) { $user->set('aid', 2); } // Set the usertype based on the ACL group name $user->set('usertype', $grp->name); $session->set('user', $user); } */ if (!empty($this->useridfield)) { $formModel->updateFormData($this->useridfield, $user->get('id'), true); } if ($ftable == $jos_users) { $formModel->_rowId = $user->get('id'); } }