/** * @deprecated 2.0 No use anymore for such functionality, since we have Permissions for that and we should not be depending on groups * * @param array $user_ids * @param string $action * @param boolean $allow_myself * @return null|string */ public function get_users_permission($user_ids, $action, $allow_myself = false) { global $_CB_framework, $_PLUGINS; $msg = null; if (is_array($user_ids) && count($user_ids)) { $obj = new UserTable($this->_db); foreach ($user_ids as $user_id) { if ($user_id != 0) { if ($obj->load((int) $user_id)) { /** @noinspection PhpDeprecationInspection */ $groups = $this->get_object_groups($user_id); if (isset($groups[0])) { $this_group = strtolower(Application::CmsPermissions()->getGroupName($groups[0])); } else { $this_group = 'Registered'; } } else { $msg .= 'User not found. '; $this_group = null; } } else { $this_group = 'Registered'; } if ($user_id == $_CB_framework->myId()) { if (!$allow_myself) { $msg .= "You cannot {$action} Yourself! "; } } else { if (!Application::MyUser()->isSuperAdmin()) { /** @noinspection PhpDeprecationInspection */ $userGroups = $this->get_object_groups($user_id); /** @noinspection PhpDeprecationInspection */ $myGroups = $this->get_object_groups($_CB_framework->myId()); $iAmAdmin = Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.manage', 'com_users') && Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.edit', 'com_users'); $exactGids = !$iAmAdmin; /** @noinspection PhpDeprecationInspection */ $myGidsTree = $this->get_groups_below_me($_CB_framework->myId(), true, $exactGids); $isHeSAdmin = Application::User((int) $user_id)->isSuperAdmin(); if (array_values($userGroups) == array_values($myGroups) && !$iAmAdmin || $user_id && $userGroups && !array_intersect($userGroups, $myGidsTree) || $isHeSAdmin) { $msg .= "You cannot {$action} a `{$this_group}`. Only higher-level users have this power. "; } } } } } else { if ($user_ids == $_CB_framework->myId()) { if (!$allow_myself) { $msg .= "You cannot {$action} Yourself! "; } } else { if (!Application::MyUser()->isSuperAdmin()) { /** @noinspection PhpDeprecationInspection */ $userGroups = $this->get_object_groups($user_ids); /** @noinspection PhpDeprecationInspection */ $myGroups = $this->get_object_groups($_CB_framework->myId()); $iAmAdmin = Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.manage', 'com_users') && Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.edit', 'com_users'); $exactGids = !$iAmAdmin; /** @noinspection PhpDeprecationInspection */ $myGidsTree = $this->get_groups_below_me($_CB_framework->myId(), true, $exactGids); $isHeSAdmin = Application::User((int) $user_ids)->isSuperAdmin(); if (array_values($userGroups) == array_values($myGroups) && !$iAmAdmin || $user_ids && $userGroups && !array_intersect($userGroups, $myGidsTree) || $isHeSAdmin) { $msg .= "You cannot {$action} a user. Only higher-level users have this power. "; } } } } if ($_PLUGINS) { $_PLUGINS->trigger('onUsersPermission', array($user_ids, $action, $allow_myself, &$msg)); } return $msg; }
/** * Send an email to all global moderators * * @param string $subject Subject * @param string $message HTML message for PMS * @param boolean|int $replaceVariables Should we replace variables ? * @param int $mode false = plain text, true = HTML * @param null|string $cc Email CC address * @param null|string $bcc Email BCC address * @param null|string $attachment Email attachment files * @param array $extraStrings Extra replacement strings to use if $replaceVariables = true * @return boolean Result */ public function sendToModerators($subject, $message, $replaceVariables = false, $mode = 0, $cc = null, $bcc = null, $attachment = null, $extraStrings = array()) { global $_CB_database; $moderators = Application::CmsPermissions()->getGroupsOfViewAccessLevel(Application::Config()->get('moderator_viewaccesslevel', 3, \CBLib\Registry\GetterInterface::INT), true); if ($moderators) { $query = 'SELECT u.id' . "\n FROM #__users u" . "\n INNER JOIN #__comprofiler c" . ' ON u.id = c.id'; $query .= "\n INNER JOIN #__user_usergroup_map g" . ' ON c.id = g.user_id' . "\n WHERE g.group_id IN " . $_CB_database->safeArrayOfIntegers($moderators); $query .= "\n AND u.block = 0" . "\n AND c.confirmed = 1" . "\n AND c.approved = 1" . "\n AND u.sendEmail = 1"; $_CB_database->setQuery($query); $mods = $_CB_database->loadObjectList(); if ($mods) { foreach ($mods as $mod) { $this->sendFromSystem($mod->id, $subject, $message, $replaceVariables, $mode, $cc, $bcc, $attachment, $extraStrings); } } } }
function plug_cbgroupjive_install() { global $_CB_database, $_PLUGINS; // Uninstall the old integrations to avoid conflicts: $integrations = array( 'cbgroupjiveabout', 'cbgroupjiveevents', 'cbgroupjivefile', 'cbgroupjiveforums', 'cbgroupjivephoto', 'cbgroupjivevideo', 'cbgroupjivewall', 'cbgroupjiveauto' ); foreach ( $integrations as $integration ) { $plugin = new PluginTable(); $plugin->load( array( 'element' => $integration ) ); if ( $plugin->get( 'id' ) && ( ! is_dir( $_PLUGINS->getPluginPath( $plugin ) . '/xml' ) ) ) { $plugin->delete(); } } // Migrate categories: $table = '#__groupjive_categories'; $fields = $_CB_database->getTableFields( $table ); $migrate = false; if ( isset( $fields[$table]['parent'] ) ) { $migrate = true; $query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote( '#__groupjive_categories' ); $_CB_database->setQuery( $query ); $categories = $_CB_database->loadObjectList( null, '\CBLib\Database\Table\Table', array( $_CB_database, '#__groupjive_categories', 'id' ) ); /** @var $categories Table[] */ foreach ( $categories as $category ) { $category->set( 'access', ( $category->get( 'access' ) == -2 ? 1 : ( $category->get( 'access' ) == -1 ? 2 : Application::CmsPermissions()->convertOldGroupToViewAccessLevel( $category->get( 'access' ), 'CB GroupJive: Category Access - ' . (int) $category->get( 'id' ) ) ) ) ); $category->set( 'create_access', ( ! $category->get( 'create' ) ? -1 : ( $category->get( 'create_access' ) == -1 ? 2 : Application::CmsPermissions()->convertOldGroupToViewAccessLevel( $category->get( 'create_access' ), 'CB GroupJive: Category Create Access - ' . (int) $category->get( 'id' ) ) ) ) ); $categoryParams = new Registry( $category->get( 'params' ) ); // CB GroupJive Forums: $categoryParams->set( 'forums', $categoryParams->get( 'forum_show' ) ); $category->set( 'params', $categoryParams->asJson() ); $category->store(); } // Remove the old columns: $_CB_database->dropColumn( $table, 'parent' ); $_CB_database->dropColumn( $table, 'create' ); $_CB_database->dropColumn( $table, 'nested' ); $_CB_database->dropColumn( $table, 'nested_access' ); } // Migrate groups: $table = '#__groupjive_groups'; $fields = $_CB_database->getTableFields( $table ); if ( isset( $fields[$table]['parent'] ) ) { $migrate = true; $query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote( '#__groupjive_groups' ); $_CB_database->setQuery( $query ); $groups = $_CB_database->loadObjectList( null, '\CBLib\Database\Table\Table', array( $_CB_database, '#__groupjive_groups', 'id' ) ); /** @var $groups Table[] */ foreach ( $groups as $group ) { $groupParams = new Registry( $group->get( 'params' ) ); // Core: $groupParams->set( 'invites', ( $group->get( 'invite' ) > 0 ? 0 : 1 ) ); // CB GroupJive Events: $groupParams->set( 'events', ( $groupParams->get( 'events_approve' ) ? 2 : $groupParams->get( 'events_show' ) ) ); // CB GroupJive File: $groupParams->set( 'file', ( $groupParams->get( 'file_approve' ) ? 2 : $groupParams->get( 'file_show' ) ) ); // CB GroupJive Forums: $groupParams->set( 'forums', $groupParams->get( 'forum_show' ) ); // CB GroupJive Photo: $groupParams->set( 'photo', ( $groupParams->get( 'photo_approve' ) ? 2 : $groupParams->get( 'photo_show' ) ) ); // CB GroupJive Video: $groupParams->set( 'video', ( $groupParams->get( 'video_approve' ) ? 2 : $groupParams->get( 'video_show' ) ) ); // CB GroupJive Wall: $groupParams->set( 'wall', ( $groupParams->get( 'wall_approve' ) ? 2 : $groupParams->get( 'wall_show' ) ) ); $group->set( 'params', $groupParams->asJson() ); $group->store(); } // Remove the old columns: $_CB_database->dropColumn( $table, 'parent' ); $_CB_database->dropColumn( $table, 'access' ); $_CB_database->dropColumn( $table, 'invite' ); $_CB_database->dropColumn( $table, 'users' ); $_CB_database->dropColumn( $table, 'nested' ); $_CB_database->dropColumn( $table, 'nested_access' ); } // Migrate notifications: $table = '#__groupjive_notifications'; $fields = $_CB_database->getTableFields( $table ); if ( isset( $fields[$table]['type'] ) ) { $migrate = true; // Delete notification types no longer supported: $query = 'DELETE' . "\n FROM " . $_CB_database->NameQuote( '#__groupjive_notifications' ) . "\n WHERE " . $_CB_database->NameQuote( 'type' ) . " != " . $_CB_database->Quote( 'group' ); $_CB_database->setQuery( $query ); $_CB_database->query(); // Migration notification parameters: $query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote( '#__groupjive_notifications' ); $_CB_database->setQuery( $query ); $notifications = $_CB_database->loadObjectList( null, '\CBLib\Database\Table\Table', array( $_CB_database, '#__groupjive_notifications', 'id' ) ); /** @var $notifications Table[] */ foreach ( $notifications as $notification ) { if ( ( $notification->get( 'type' ) == 'group' ) && $notification->get( 'item' ) ) { $notification->set( 'group', (int) $notification->get( 'item' ) ); $notificationParams = new Registry( $notification->get( 'params' ) ); // Core: $notificationParams->set( 'user_join', $notificationParams->get( 'group_userjoin' ) ); $notificationParams->set( 'user_leave', $notificationParams->get( 'group_userleave' ) ); $notificationParams->set( 'user_approve', $notificationParams->get( 'group_userapprove' ) ); $notificationParams->set( 'invite_accept', $notificationParams->get( 'group_inviteaccept' ) ); // CB GroupJive Events: $notificationParams->set( 'event_new', $notificationParams->get( 'group_eventnew' ) ); $notificationParams->set( 'event_approve', $notificationParams->get( 'group_eventapprove' ) ); $notificationParams->set( 'event_attend', $notificationParams->get( 'group_eventyes' ) ); $notificationParams->set( 'event_unattend', $notificationParams->get( 'group_eventno' ) ); // CB GroupJive File: $notificationParams->set( 'file_new', $notificationParams->get( 'group_filenew' ) ); $notificationParams->set( 'file_approve', $notificationParams->get( 'group_fileapprove' ) ); // CB GroupJive Photo: $notificationParams->set( 'photo_new', $notificationParams->get( 'group_photonew' ) ); $notificationParams->set( 'photo_approve', $notificationParams->get( 'group_photoapprove' ) ); // CB GroupJive Video: $notificationParams->set( 'video_new', $notificationParams->get( 'group_videonew' ) ); $notificationParams->set( 'video_approve', $notificationParams->get( 'group_videoapprove' ) ); // CB GroupJive Wall: $notificationParams->set( 'wall_new', $notificationParams->get( 'group_wallnew' ) ); $notificationParams->set( 'wall_approve', $notificationParams->get( 'group_wallapprove' ) ); $notificationParams->set( 'wall_reply', $notificationParams->get( 'group_wallreply' ) ); $notification->set( 'params', $notificationParams->asJson() ); $notification->store(); } } // Remove the old columns: $_CB_database->dropColumn( $table, 'type' ); $_CB_database->dropColumn( $table, 'item' ); } if ( $migrate ) { // Migrate global parameters: $plugin = new PluginTable(); $plugin->load( array( 'element' => 'cbgroupjive' ) ); $pluginParams = new Registry( $plugin->get( 'params' ) ); // Logos: $pluginParams->set( 'logo_max_size', $pluginParams->get( 'logo_size' ) ); $pluginParams->set( 'logo_image_width', $pluginParams->get( 'logo_width' ) ); $pluginParams->set( 'logo_image_height', $pluginParams->get( 'logo_height' ) ); $pluginParams->set( 'logo_thumbnail_width', $pluginParams->get( 'logo_thumbwidth' ) ); $pluginParams->set( 'logo_thumbnail_height', $pluginParams->get( 'logo_thumbheight' ) ); // Notifications: $pluginParams->set( 'notifications', $pluginParams->get( 'general_notifications' ) ); $pluginParams->set( 'notifications_notifyby', ( $pluginParams->get( 'general_notifyby' ) < 4 ? 2 : 1 ) ); $pluginParams->set( 'notifications_default_user_join', $pluginParams->get( 'notifications_group_userjoin' ) ); $pluginParams->set( 'notifications_default_user_leave', $pluginParams->get( 'notifications_group_userleave' ) ); $pluginParams->set( 'notifications_default_user_approve', $pluginParams->get( 'notifications_group_userapprove' ) ); $pluginParams->set( 'notifications_default_invite_accept', $pluginParams->get( 'notifications_group_inviteaccept' ) ); // Categories: $pluginParams->set( 'categories_paging', $pluginParams->get( 'overview_paging' ) ); $pluginParams->set( 'categories_limit', $pluginParams->get( 'overview_limit' ) ); $pluginParams->set( 'categories_search', $pluginParams->get( 'overview_search' ) ); switch( (int) $pluginParams->get( 'overview_orderby' ) ) { case 7: $orderBy = 5; break; case 8: $orderBy = 6; break; case 5: $orderBy = 3; break; case 6: $orderBy = 4; break; case 1: case 2: $orderBy = (int) $pluginParams->get( 'overview_orderby' ); break; case 3: case 4: case 9: case 10: default: $orderBy = 1; break; } $pluginParams->set( 'categories_orderby', $orderBy ); $pluginParams->set( 'categories_groups_paging', $pluginParams->get( 'category_groups_paging' ) ); $pluginParams->set( 'categories_groups_limit', $pluginParams->get( 'category_groups_limit' ) ); $pluginParams->set( 'categories_groups_search', $pluginParams->get( 'category_groups_search' ) ); $pluginParams->set( 'categories_groups_orderby', ( $pluginParams->get( 'category_groups_orderby' ) > 8 ? 4 : $pluginParams->get( 'category_groups_orderby' ) ) ); // Groups: $pluginParams->set( 'groups_create_access', ( ! $pluginParams->get( 'group_create' ) ? -1 : ( $pluginParams->get( 'group_create_access' ) == -1 ? 2 : Application::CmsPermissions()->convertOldGroupToViewAccessLevel( $pluginParams->get( 'group_create_access' ), 'CB GroupJive: Groups Create Access' ) ) ) ); $pluginParams->set( 'groups_create_limit', $pluginParams->get( 'group_limit' ) ); $pluginParams->set( 'groups_create_approval', $pluginParams->get( 'group_approve' ) ); $pluginParams->set( 'groups_create_captcha', $pluginParams->get( 'group_captcha' ) ); $pluginParams->set( 'groups_message', $pluginParams->get( 'group_message' ) ); $pluginParams->set( 'groups_message_captcha', $pluginParams->get( 'group_message_captcha' ) ); $pluginParams->set( 'groups_users_paging', $pluginParams->get( 'group_users_paging' ) ); $pluginParams->set( 'groups_users_limit', $pluginParams->get( 'group_users_limit' ) ); $pluginParams->set( 'groups_users_search', $pluginParams->get( 'group_users_search' ) ); $pluginParams->set( 'groups_invites_display', $pluginParams->get( 'group_invites_display' ) ); $pluginParams->set( 'groups_invites_by', $pluginParams->get( 'group_invites_by' ) ); $pluginParams->set( 'groups_invites_list', $pluginParams->get( 'group_invites_list' ) ); $pluginParams->set( 'groups_invites_accept', $pluginParams->get( 'group_invites_accept' ) ); $pluginParams->set( 'groups_invites_captcha', $pluginParams->get( 'group_invites_captcha' ) ); $pluginParams->set( 'groups_invites_paging', $pluginParams->get( 'group_invites_paging' ) ); $pluginParams->set( 'groups_invites_limit', $pluginParams->get( 'group_invites_limit' ) ); $pluginParams->set( 'groups_invites_search', $pluginParams->get( 'group_invites_search' ) ); $pluginParams->set( 'groups_paging', $pluginParams->get( 'group_all_paging' ) ); $pluginParams->set( 'groups_limit', $pluginParams->get( 'group_all_limit' ) ); $pluginParams->set( 'groups_search', $pluginParams->get( 'group_all_search' ) ); $pluginParams->set( 'groups_orderby', ( $pluginParams->get( 'group_all_orderby' ) > 8 ? 4 : $pluginParams->get( 'group_all_orderby' ) ) ); $plugin->set( 'params', $pluginParams->asJson() ); $plugin->store(); // Migrate the old auto fields to core GJ: $query = 'UPDATE '. $_CB_database->NameQuote( '#__comprofiler_fields' ) . "\n SET " . $_CB_database->NameQuote( 'type' ) . " = " . $_CB_database->Quote( 'groupautojoin' ) . ', ' . $_CB_database->NameQuote( 'pluginid' ) . ' = ' . (int) $plugin->get( 'id' ) . "\n WHERE " . $_CB_database->NameQuote( 'type' ) . " = " . $_CB_database->Quote( 'cbgjautojoin' ); $_CB_database->setQuery( $query ); $_CB_database->query(); // Migrate tab parameters: $tab = new TabTable(); $tab->load( array( 'pluginclass' => 'cbgjTab' ) ); $tabParams = new Registry( $tab->get( 'params' ) ); $tabParams->set( 'tab_paging', $pluginParams->get( 'group_tab_paging' ) ); $tabParams->set( 'tab_limit', $pluginParams->get( 'group_tab_limit' ) ); $tabParams->set( 'tab_search', $pluginParams->get( 'group_tab_search' ) ); $tabParams->set( 'tab_orderby', ( $pluginParams->get( 'group_tab_orderby' ) > 8 ? 4 : $pluginParams->get( 'group_tab_orderby' ) ) ); $tab->set( 'params', $tabParams->asJson() ); $tab->store(); } // Migrate gj auto to cb auto actions if possible: $table = '#__groupjive_plugin_auto'; if ( $_CB_database->getTableStatus( $table ) ) { $fields = $_CB_database->getTableFields( $table ); if ( isset( $fields[$table]['trigger'] ) ) { $autoActions = new PluginTable(); $autoActions->load( array( 'element' => 'cbautoactions' ) ); if ( $autoActions->get( 'id' ) ) { $table = '#__comprofiler_plugin_autoactions'; $fields = $_CB_database->getTableFields( $table ); if ( ! isset( $fields[$table]['conditions'] ) ) { return; } $query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote( '#__groupjive_plugin_auto' ); $_CB_database->setQuery( $query ); $autos = $_CB_database->loadObjectList( null, '\CBLib\Database\Table\Table', array( $_CB_database, '#__groupjive_plugin_auto', 'id' ) ); /** @var $autos Table[] */ foreach ( $autos as $auto ) { $oldParams = new Registry( $auto->get( 'params' ) ); if ( $oldParams->get( 'migrated' ) ) { continue; } $newParams = new Registry(); $newConditions = null; if ( $auto->get( 'field' ) ) { $fields = new Registry( $auto->get( 'field' ) ); $operators = new Registry( $auto->get( 'operator' ) ); $values = new Registry( $auto->get( 'value' ) ); $conditionals = count( $fields ); if ( $conditionals ) { $conditions = array(); for ( $i = 0, $n = $conditionals; $i < $n; $i++ ) { $field = $fields->get( "field$i" ); $operator = $operators->get( "operator$i" ); $value = $values->get( "value$i" ); if ( $operator ) { $conditions[] = array( 'field' => $field, 'operator' => $operator, 'value' => $value, 'translate' => 0 ); } } if ( $conditions ) { $newConditionals = new Registry( $conditions ); $newConditions = $newConditionals->asJson(); } } } $mode = $oldParams->get( 'auto' ); $join = array( 'mode' => $mode, 'groups' => $oldParams->get( 'groups' ), 'status' => $oldParams->get( 'status' ), 'name' => ( $mode == 2 ? $oldParams->get( 'grp_name' ) : $oldParams->get( 'cat_name' ) ), 'category' => $oldParams->get( 'category' ), 'category_name' => $oldParams->get( 'cat_name' ), 'category_parent' => $oldParams->get( 'cat_parent' ), 'category_types' => $oldParams->get( 'types' ), 'category_description' => $oldParams->get( 'cat_description' ), 'category_unique' => $oldParams->get( 'cat_unique' ), 'group_parent' => $oldParams->get( 'grp_parent' ), 'type' => $oldParams->get( 'type' ), 'parent' => $oldParams->get( 'cat_parent' ), 'types' => $oldParams->get( 'types' ), 'description' => ( $mode == 2 ? $oldParams->get( 'grp_description' ) : $oldParams->get( 'cat_description' ) ), 'owner' => ( $mode == 2 ? $oldParams->get( 'grp_owner' ) : $oldParams->get( 'cat_owner' ) ), 'unique' => ( $mode == 2 ? $oldParams->get( 'grp_unique' ) : $oldParams->get( 'cat_unique' ) ), 'autojoin' => $oldParams->get( 'grp_autojoin' ), 'group_status' => $oldParams->get( 'status' ) ); $newParams->set( 'groupjive', array( $join ) ); $newParams->set( 'exclude', $auto->get( 'exclude' ) ); $query = 'INSERT IGNORE INTO '. $_CB_database->NameQuote( '#__comprofiler_plugin_autoactions' ) . ' ( ' . $_CB_database->NameQuote( 'published' ) . ', ' . $_CB_database->NameQuote( 'title' ) . ', ' . $_CB_database->NameQuote( 'description' ) . ', ' . $_CB_database->NameQuote( 'type' ) . ', ' . $_CB_database->NameQuote( 'trigger' ) . ', ' . $_CB_database->NameQuote( 'object' ) . ', ' . $_CB_database->NameQuote( 'variable' ) . ', ' . $_CB_database->NameQuote( 'access' ) . ', ' . $_CB_database->NameQuote( 'conditions' ) . ', ' . $_CB_database->NameQuote( 'params' ) . ' ) VALUES ( ' . (int) $auto->get( 'published' ) . ', ' . $_CB_database->Quote( $auto->get( 'title' ) ) . ', ' . $_CB_database->Quote( $auto->get( 'description' ) ) . ', ' . $_CB_database->Quote( 'groupjive' ) . ', ' . $_CB_database->Quote( str_replace( ',', '|*|', $auto->get( 'trigger' ) ) ) . ', ' . $_CB_database->Quote( $auto->get( 'object' ) ) . ', ' . $_CB_database->Quote( $auto->get( 'variable' ) ) . ', ' . $_CB_database->Quote( $auto->get( 'access' ) ) . ', ' . $_CB_database->Quote( $newConditions ) . ', ' . $_CB_database->Quote( $newParams->asJson() ) . ' )'; $_CB_database->setQuery( $query ); $_CB_database->query(); $oldParams->set( 'migrated', true ); $auto->set( 'params', $oldParams->asJson() ); $auto->store(); } } } } }
/** * Parses for users set to receive a notification and sends it to them * * @param string $notification The notification to send * @param string $subject * @param string $body * @param GroupTable $group Group for this notification * @param UserTable|int|null $from UserTable|int: Specific user to notify from (used for substitutions), Null: Notify from self * @param UserTable|int|null $to UserTable|int: Specific user to notify, Null: Notify everyone elegible * @param array $skip Array of user ids to skip * @param int $status Group status restriction for notifications (e.g. 2: Group Moderators and above) * @param array $extra * @return bool */ static public function sendNotifications( $notification, $subject, $body, $group, $from = null, $to = null, $skip = array(), $status = 1, $extra = array() ) { global $_CB_database, $_PLUGINS; if ( is_int( $from ) ) { $from = \CBuser::getUserDataInstance( $from ); } if ( is_int( $to ) ) { $to = \CBuser::getUserDataInstance( $to ); } $myId = Application::MyUser()->getUserId(); if ( ( ! $notification ) || ( ! $subject ) || ( ! $body ) ) { return false; } elseif ( $to && ( $to->get( 'id' ) == $myId ) ) { return false; } elseif ( $from && $to && ( $from->get( 'id' ) == $to->get( 'id' ) ) ) { return false; } elseif ( ( ! $group->get( 'id' ) ) || ( $group->get( 'published' ) != 1 ) ) { return false; } elseif ( $group->category()->get( 'id' ) && ( ! $group->category()->get( 'published' ) ) ) { return false; } static $params = null; if ( ! $params ) { $plugin = $_PLUGINS->getLoadedPlugin( 'user', 'cbgroupjive' ); $params = $_PLUGINS->getPluginParams( $plugin ); } if ( ( ! $group->category()->get( 'id' ) ) && ( ! $params->get( 'groups_uncategorized', 1 ) ) ) { return false; } elseif ( ! $params->get( 'notifications', 1 ) ) { return false; } if ( ! $status ) { $status = 1; } if ( ! is_array( $skip ) ) { $skip = array( $skip ); } if ( $from ) { $skip[] = $from->get( 'id' ); } $moderators = Application::CmsPermissions()->getGroupsOfViewAccessLevel( Application::Config()->get( 'moderator_viewaccesslevel', 3, GetterInterface::INT ), true ); $query = 'SELECT DISTINCT n.*' . ', u.' . $_CB_database->NameQuote( 'status' ) . "\n FROM " . $_CB_database->NameQuote( '#__groupjive_notifications' ) . " AS n" . "\n LEFT JOIN " . $_CB_database->NameQuote( '#__groupjive_users' ) . " AS u" . ' ON u.' . $_CB_database->NameQuote( 'user_id' ) . ' = n.' . $_CB_database->NameQuote( 'user_id' ) . ' AND u.' . $_CB_database->NameQuote( 'group' ) . ' = n.' . $_CB_database->NameQuote( 'group' ) . "\n LEFT JOIN " . $_CB_database->NameQuote( '#__comprofiler' ) . " AS cb" . ' ON cb.' . $_CB_database->NameQuote( 'id' ) . ' = u.' . $_CB_database->NameQuote( 'user_id' ) . "\n LEFT JOIN " . $_CB_database->NameQuote( '#__users' ) . " AS j" . ' ON j.' . $_CB_database->NameQuote( 'id' ) . ' = cb.' . $_CB_database->NameQuote( 'id' ) . "\n LEFT JOIN " . $_CB_database->NameQuote( '#__user_usergroup_map' ) . " AS g" . ' ON g.' . $_CB_database->NameQuote( 'user_id' ) . ' = j.' . $_CB_database->NameQuote( 'id' ) . "\n WHERE n." . $_CB_database->NameQuote( 'group' ) . " = " . (int) $group->get( 'id' ); if ( $to ) { $query .= "\n AND n." . $_CB_database->NameQuote( 'user_id' ) . " = " . (int) $to->get( 'id' ); } else { $query .= "\n AND n." . $_CB_database->NameQuote( 'user_id' ) . " != " . (int) $myId; } if ( $skip ) { $query .= "\n AND n." . $_CB_database->NameQuote( 'user_id' ) . " NOT IN " . $_CB_database->safeArrayOfIntegers( $skip ); } $query .= "\n AND cb." . $_CB_database->NameQuote( 'approved' ) . " = 1" . "\n AND cb." . $_CB_database->NameQuote( 'confirmed' ) . " = 1" . "\n AND j." . $_CB_database->NameQuote( 'block' ) . " = 0" . "\n AND ( n." . $_CB_database->NameQuote( 'user_id' ) . " = " . (int) $group->get( 'user_id' ) . ' OR u.' . $_CB_database->NameQuote( 'status' ) . " >= " . (int) $status . ' OR g.' . $_CB_database->NameQuote( 'group_id' ) . " IN " . $_CB_database->safeArrayOfIntegers( $moderators ) . ' )'; $_CB_database->setQuery( $query ); $rows = $_CB_database->loadObjectList( null, '\CB\Plugin\GroupJive\Table\NotificationTable', array( $_CB_database ) ); self::preFetchUsers( $rows ); /** @var NotificationTable[] $rows */ foreach ( $rows as $row ) { if ( ! $row->params()->get( $notification, 0 ) ) { continue; } if ( $to ) { $notifyUser = $to; } else { $notifyUser = \CBuser::getUserDataInstance( (int) $row->get( 'user_id' ) ); } $group->set( '_user_status', $row->get( 'status' ) ); if ( ! self::canAccessGroup( $group, $notifyUser ) ) { continue; } self::sendNotification( 4, $from, $notifyUser, $subject, $body, $group, $extra ); } return true; }
/** * @param null|int $id * @param UserTable $user * @param stdClass $model * @param PluginTable $plugin * @param null|string $message * @param null|string $messageType */ public function showBlogEdit( $id, $user, $model, $plugin, $message = null, $messageType = 'error' ) { global $_CB_framework; $blogLimit = (int) $plugin->params->get( 'blog_limit', null ); $blogMode = $plugin->params->get( 'blog_mode', 1 ); $cbModerator = Application::User( (int) $user->get( 'id' ) )->isGlobalModerator(); $row = new cbblogsBlogTable(); $canAccess = false; if ( $row->load( (int) $id ) ) { if ( ! $row->get( 'id' ) ) { if ( $cbModerator ) { $canAccess = true; } elseif ( $user->get( 'id' ) && Application::MyUser()->canViewAccessLevel( $plugin->params->get( 'blog_create_access', 2 ) ) ) { if ( ( ! $blogLimit ) || ( $blogLimit && ( cbblogsModel::getBlogsTotal( null, $user, $user, $plugin ) < $blogLimit ) ) ) { $canAccess = true; } } } elseif ( $cbModerator || ( $row->get( 'user' ) == $user->get( 'id' ) ) ) { $canAccess = true; } } $profileUrl = $_CB_framework->userProfileUrl( $row->get( 'user', $user->get( 'id' ) ), false, 'cbblogsTab' ); if ( $canAccess ) { cbblogsClass::getTemplate( 'blog_edit' ); $input = array(); $publishedTooltip = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Select publish status of the blog. Unpublished blogs will not be visible to the public.' ), null, null, null, null, null, 'data-hascbtooltip="true"' ); $input['published'] = moscomprofilerHTML::yesnoSelectList( 'published', 'class="form-control"' . ( $publishedTooltip ? ' ' . $publishedTooltip : null ), (int) $this->input( 'post/published', $row->get( 'published', ( $cbModerator || ( ! $plugin->params->get( 'blog_approval', 0 ) ) ? 1 : 0 ) ), GetterInterface::INT ) ); $categoryTooltip = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Select blog category. Select the category that best describes your blog.' ), null, null, null, null, null, 'data-hascbtooltip="true"' ); $listCategory = cbblogsModel::getCategoriesList(); $input['category'] = moscomprofilerHTML::selectList( $listCategory, 'category', 'class="form-control"' . ( $categoryTooltip ? ' ' . $categoryTooltip : null ), 'value', 'text', $this->input( 'post/category', $row->get( 'category' ), GetterInterface::STRING ), 1, false, false ); $accessTooltip = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Select access to blog; all groups above that level will also have access to the blog.' ), null, null, null, null, null, 'data-hascbtooltip="true"' ); $listAccess = Application::CmsPermissions()->getAllViewAccessLevels( true, Application::MyUser() ); $input['access'] = moscomprofilerHTML::selectList( $listAccess, 'access', 'class="form-control"' . ( $accessTooltip ? ' ' . $accessTooltip : null ), 'value', 'text', (int) $this->input( 'post/access', $row->get( 'access', $plugin->params->get( 'blog_access_default', 1 ) ), GetterInterface::INT ), 1, false, false ); $titleTooltip = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Input blog title. This is the title that will distinguish this blog from others. Suggested to input something unique and intuitive.' ), null, null, null, null, null, 'data-hascbtooltip="true"' ); $input['title'] = '<input type="text" id="title" name="title" value="' . htmlspecialchars( $this->input( 'post/title', $row->get( 'title' ), GetterInterface::STRING ) ) . '" class="required form-control" size="30"' . ( $titleTooltip ? ' ' . $titleTooltip : null ) . ' />'; if ( in_array( $blogMode, array( 1, 2 ) ) ) { $blogIntro = $_CB_framework->displayCmsEditor( 'blog_intro', $this->input( 'post/blog_intro', $row->get( 'blog_intro' ), GetterInterface::HTML ), 400, 200, 40, 7 ); $input['blog_intro'] = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Input HTML supported blog intro contents. Suggested to use minimal but well formatting for easy readability.' ), null, null, null, $blogIntro, null, 'style="display:block;"' ); } if ( in_array( $blogMode, array( 1, 3 ) ) ) { $blogFull = $_CB_framework->displayCmsEditor( 'blog_full', $this->input( 'post/blog_full', $row->get( 'blog_full' ), GetterInterface::HTML ), 400, 200, 40, 7 ); $input['blog_full'] = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Input HTML supported blog contents. Suggested to use minimal but well formatting for easy readability.' ), null, null, null, $blogFull, null, 'style="display:block;"' ); } $userTooltip = cbTooltip( $_CB_framework->getUi(), CBTxt::T( 'Input owner of blog as single integer user_id.' ), null, null, null, null, null, 'data-hascbtooltip="true"' ); $input['user'] = '******' . (int) ( $cbModerator ? $this->input( 'post/user', $row->get( 'user', $user->get( 'id' ) ), GetterInterface::INT ) : $user->get( 'id' ) ) . '" class="digits required form-control" size="4"' . ( $userTooltip ? ' ' . $userTooltip : null ) . ' />'; if ( $message ) { $_CB_framework->enqueueMessage( $message, $messageType ); } HTML_cbblogsBlogEdit::showBlogEdit( $row, $input, $user, $model, $plugin ); } else { cbRedirect( $profileUrl, CBTxt::T( 'Not authorized.' ), 'error' ); } }
/** * Implements a form viewaccesslevel selection * * @param string $name The name of the form element * @param string $value The value of the element * @param SimpleXMLElement $node The xml element for the parameter * @param string $control_name The control name * @return string The html for the element */ function _form_viewaccesslevel( $name, $value, &$node, $control_name ) { $size = 0; $cols = $node->attributes( 'cols' ); $rows = $node->attributes( 'rows' ); $multi = ( $node->attributes( 'multiple' ) == 'true' ); if ( $value === null ) { $selected = array(); } else { if ( $multi && ( ! is_array( $value ) ) ) { $selected = explode( '|*|', $value ); } else { $selected = array( $value ); } } if ( $this->_view ) { $allAccessLevels = Application::CmsPermissions()->getAllViewAccessLevels(); $contentOptions = $this->_list_options_selected( $name, $node, $control_name, $node->children(), $selected ); $contentTexts = array(); $contentValues = array(); foreach ( $contentOptions as $contentOption ) { $contentValues[] = $contentOption->value; $contentTexts[] = htmlspecialchars( $contentOption->text ); } foreach ( $selected as $v ) { if ( ( ! in_array( $v, $contentValues ) ) && isset( $allAccessLevels[$v] ) ) { $text = $allAccessLevels[$v]; switch ( $v ) { case 1: $class = 'text-success'; break; case 2: $class = 'text-warning'; break; case 3: $class = 'text-default'; break; default: $class = 'text-primary'; break; } $contentTexts[] = '<span class="' . $class . '">' . htmlspecialchars( $text ) . '</span>'; } } if ( count( $contentTexts ) > 0 ) { if ( $cols || $rows ) { $content = moscomprofilerHTML::list2Table( $contentTexts, $cols, $rows, $size ); } else { $content = implode( ', ', $contentTexts ); } } else { $content = ' - '; } return $content; } else { $options = array(); if ( is_array( $value ) ) { $value = implode( '|*|', $value ); } $defaults = array( '', '--- ' . ( $multi ? CBTxt::T( 'Select View Access Level (CTR/CMD-Click: Multiple)' ) : CBTxt::T( 'Select View Access Level' ) ) . ' ---' ); $this->_list_options_default( $node, $options, $value, $defaults ); $this->_list_options( $name, $node, $control_name, $options, $node->children(), true, $value ); $hideChoices = trim( $node->attributes( 'hidechoices' ) ); // All View Access Levels: $sqlOptions = Application::CmsPermissions()->getAllViewAccessLevels( true ); // View Access Levels that I can see: $myAccessTree = Application::CmsPermissions()->getAllViewAccessLevels( false, Application::MyUser() ); foreach ( $sqlOptions as $k => $opt ) { if ( ! ( isset( $myAccessTree[$opt->value] ) || in_array( $opt->value, $selected ) ) ) { // Remove options which are not accessible by me, but keep them if they are already selected to not loose them, e.g. if permissions changed: unset ( $sqlOptions[$k] ); break; } } if ( $hideChoices !== '' ) { $choicesNo = explode( ',', $hideChoices ); foreach ( $choicesNo as $choice ) { foreach ( $sqlOptions as $k => $opt ) { if ( (string) $opt->text === (string) $choice ) { unset ( $sqlOptions[$k] ); break; } } } } $this->_list_options_data( $node, $options, $sqlOptions, false ); $selected = explode( '|*|', $value ); if ( ( checkJversion() >= 2 ) && ( $node->attributes( 'managelevels' ) != 'false' ) ) { $htmlManageLevels = ' <a target="_blank" class="cbAdminSmallLink" href="' . htmlspecialchars( 'index.php?option=com_users&view=levels' ) . '">' . CBTxt::Th( 'Manage View Access Levels' ) . '</a>'; } else { $htmlManageLevels = ''; } return $this->selectList( $options, $node, $control_name, $name, $selected, $multi, false ) . $htmlManageLevels; } }
/** * Installs a tab into database, finding already existing one if needed. * * @param int $pluginId Plugin id * @param SimpleXMLElement $tab XML element of Tab * @return int|boolean Id of tab or FALSE in case of error (error saved with $this->setError() ). */ function installTab($pluginId, $tab) { global $_CB_database; // Check to see if plugin tab already exists in db if (!$tab->attributes('tabid')) { if ($tab->attributes('class')) { $query = "SELECT tabid FROM #__comprofiler_tabs WHERE " . "pluginclass = " . $_CB_database->Quote($tab->attributes('class')); } else { $query = "SELECT tabid FROM #__comprofiler_tabs WHERE pluginid = " . (int) $pluginId . " AND pluginclass = ''"; } $_CB_database->setQuery($query); $tabId = $_CB_database->loadResult(); } else { $tabId = $tab->attributes('tabid'); } if ($tab->attributes('type') == 'existingSytemTab') { if ($tabId == null) { $this->setError(1, 'installTab error: existingSystemTab' . ': ' . $tab->attributes('class') . ' ' . 'not found' . '.'); return false; } } else { $row = new TabTable(); if ($tabId) { $row->load((int) $tabId); } if (!$row->tabid) { $row->title = $tab->attributes('name'); $row->description = trim($tab->attributes('description')); $row->ordering = 99; $row->position = $tab->attributes('position'); $row->displaytype = $tab->attributes('displaytype'); $row->ordering_register = $tab->attributes('ordering_register'); $row->enabled = $tab->attributes('enabled'); $row->viewaccesslevel = 1; $viewAccessLevelName = $tab->attributes('viewaccesslevel'); if ($viewAccessLevelName) { $accessLevels = Application::CmsPermissions()->getAllViewAccessLevels(); $viewAccessLevelId = array_search($viewAccessLevelName, $accessLevels); if ($viewAccessLevelId !== false) { $row->viewaccesslevel = $viewAccessLevelId; } } } $row->width = $tab->attributes('width'); $row->pluginclass = $tab->attributes('class'); $row->pluginid = $pluginId; $row->fields = $tab->attributes('fields'); $row->sys = $tab->attributes('sys'); if (!$row->store()) { $this->setError(1, 'SQL error' . ': ' . $row->getError()); return false; } $tabId = (int) $row->tabid; } return $tabId; }
/** * Fix old 1.x usergroups-based permissions to 2.x access-levels in lists and in tabs * * @param \CB\Database\Table\TabTable|\CB\Database\Table\ListTable $loaderTabOrList * @param string $titleIfCreate Title for newly created access levels if needed (e.g. 'CB Tab access') * @return void * * @throws \RuntimeException */ private function convertUserGroupsToViewAccessLevels($loaderTabOrList, $titleIfCreate) { $loaderTabOrList->getDbo()->setQuery('SELECT * FROM ' . $loaderTabOrList->getDbo()->NameQuote($loaderTabOrList->getTableName())); $allTabsOrLists = $loaderTabOrList->loadTrueObjects(); foreach ($allTabsOrLists as $tabOrList) { if (isset($tabOrList->useraccessgroupid)) { if ((int) $tabOrList->useraccessgroupid == 0) { // Already converted or new in 2.x+: continue; } $alreadyConvertedButNotZeroed = (int) $tabOrList->useraccessgroupid == -2 && $tabOrList->viewaccesslevel; if ((int) $tabOrList->viewaccesslevel <= 1 && !$alreadyConvertedButNotZeroed) { // Still database default: Convert: $tabOrList->viewaccesslevel = Application::CmsPermissions()->convertOldGroupToViewAccessLevel($tabOrList->useraccessgroupid, $titleIfCreate); } // Always set to 0 after conversion: $tabOrList->useraccessgroupid = 0; $tabOrList->store(); } } }
function userProfile($option, $uid, $submitvalue) { global $_REQUEST, $ueConfig, $_CB_framework, $_PLUGINS; $msg = null; if (isset($_REQUEST['user'])) { if (!CBuser::getMyInstance()->authoriseView('profile', $uid)) { $canRegister = !isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1'; // Can the guest access once registered with default User Group ? (and doing the check only if he even can register to avoid unneeded checks) $canAccess = $canRegister && Application::CmsPermissions()->checkGroupsForViewAccessLevel($_CB_framework->getCfg('new_usertype'), Application::Config()->get('profile_viewaccesslevel', 3)); if ($_CB_framework->myId() < 1 && !($_CB_framework->getCfg('allowUserRegistration') == '0' && $canRegister) && $canAccess) { $msg = CBTxt::Th('UE_REGISTERFORPROFILEVIEW', 'Please log in or sign up to view user profiles.'); } else { $msg = CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!'); } } } else { if ($uid == 0) { $msg = CBTxt::Th('UE_REGISTERFORPROFILE', 'Please log in or sign up to view or modify your profile.'); } } $_PLUGINS->loadPluginGroup('user'); $_PLUGINS->trigger('onBeforeUserProfileAccess', array($uid, &$msg, 1)); if ($msg) { $_CB_framework->enqueueMessage($msg, 'error'); return; } $user =& loadComprofilerUser($uid); if ($user === null) { $_CB_framework->enqueueMessage(CBTxt::Th('UE_NOSUCHPROFILE', 'This profile does not exist or is no longer available'), 'error'); return; } if (cbGetParam($_GET, 'reason') == 'canceledit') { if ($uid == 0) { $Euid = $_CB_framework->myId(); } else { $Euid = $uid; } $msg = cbCheckIfUserCanPerformUserTask($Euid, 'allowModeratorsUserEdit'); if ($Euid != $_CB_framework->myId() && $msg === null) { // safeguard against missconfiguration of the above: also avoids lower-level users editing higher level ones: $msg = checkCBpermissions(array((int) $Euid), 'edit', true); } $_PLUGINS->trigger('onBeforeUserProfileEditRequest', array($Euid, &$msg, 1)); if ($msg) { $_CB_framework->enqueueMessage($msg, 'error'); return; } $_PLUGINS->trigger('onAfterUserProfileEditCancel', array(&$user)); if ($_PLUGINS->is_errors()) { echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n"; exit; } } HTML_comprofiler::userProfile($user, $option, $submitvalue); }
/** * Saves a new or existing CB+CMS user * WARNINGS: * - You must verify authorization of user to perform this (user checkCBpermissions() ) * - You must $this->load() existing user first * * @param array $array Raw unfiltered input, typically $_POST * @param int $ui 1 = Front-end (limitted rights), 2 = Backend (almost unlimitted), 0 = automated (full) * @param string $reason 'edit' or 'register' * @return boolean */ public function saveSafely(&$array, $ui, $reason) { global $_CB_framework, $ueConfig, $_PLUGINS; // Get current user state and store it into $oldUserComplete: $oldUserComplete = new UserTable($this->_db); foreach (array_keys(get_object_vars($this)) as $k) { if (substr($k, 0, 1) != '_') { // ignore internal vars $oldUserComplete->{$k} = $this->{$k}; } } if ($oldUserComplete->gids === null) { $oldUserComplete->gids = array(); } // 1) Process and validate the fields in form by CB field plugins: // 2) Bind the fields to CMS User: $bindResults = $this->bindSafely($array, $ui, $reason, $oldUserComplete); if ($bindResults) { // It's ok to use raw fields below as we've already validated in bindSafely with saveTabContents // Check if username is missing: if ($this->username == '') { // We don't have a username! Lets try to find one based off configured fallback: $fallbackField = isset($ueConfig['usernamefallback']) && $ueConfig['usernamefallback'] ? $ueConfig['usernamefallback'] : 'name'; // Lets see if our fallback exists and that it's a valid string that has a value: if (isset($this->{$fallbackField}) && is_string($this->{$fallbackField}) && $this->{$fallbackField} != '') { $this->username = $this->{$fallbackField}; $this->_cmsUser->username = $this->username; } // Check if we have a username now: if ($this->username == '' && $this->email != '') { // Oh no! We still don't have one! Force to email as backup: $this->username = $this->email; $this->_cmsUser->username = $this->username; } // Ok, one more try; lets see if we have a username now: if ($this->username == '' && $this->name != '') { // What in the world! We still don't have one! Force to name as backup: $this->username = $this->name; $this->_cmsUser->username = $this->username; } // Now lets see if we finally have a username: if ($this->username != '') { // We do! Awesome! Now lets format it so it'll validate in Joomla by removing disallowed characters, all duplicate spacing, and replacing spaces with underscore: $this->username = preg_replace('/[<>\\\\"%();&\']+/', '', trim($this->username)); $this->_cmsUser->username = $this->username; } } // Check if name is missing: if ($this->name == '') { // Yup, it's missing; lets force it to username as backup: $this->name = $this->username; $this->_cmsUser->name = $this->name; } if (!$this->checkSafely()) { $bindResults = false; } } // For new registrations or backend user creations, set registration date and password if neeeded: $isNew = !$this->id; $newCBuser = $oldUserComplete->user_id == null; if ($isNew) { $this->registerDate = $this->_db->getUtcDateTime(); } if ($bindResults) { if ($isNew) { if ($this->password == null) { $this->setRandomPassword(); $ueConfig['emailpass'] = 1; // set this global to 1 to force password to be sent to new users. } } // In backend only: if group has been changed and where original group was a Super Admin: check if there is at least a super-admin left: if ($ui == 2) { $myGids = $_CB_framework->acl->get_groups_below_me(null, true); $i_am_super_admin = Application::MyUser()->isSuperAdmin(); if (!$isNew) { // Joomla-ACL checks: if ($i_am_super_admin && $_CB_framework->myId() == $this->id) { // Check that a fool Super User does not block himself: if ($this->block && !$oldUserComplete->block) { $this->_error = 'Super Users can not block themselves'; return false; } // Check that a fool Super User does not demote himself from Super-User rights: if ($this->gids != $oldUserComplete->gids) { $staysSuperUser = Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.admin', null); if (!$staysSuperUser) { $this->_error = 'You cannot demote yourself from your Super User permission'; return false; } } } // Check that a non-Super User/non-admin does not demote an admin or a Super user: if ($this->gids != $oldUserComplete->gids) { if (!$i_am_super_admin && !(Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.admin', 'com_comprofiler') || Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.manage', 'com_users') && Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.edit', 'com_users') && Application::MyUser()->isAuthorizedToPerformActionOnAsset('core.edit.state', 'com_users'))) { // I am not a Super User and not an Users administrator: $userIsSuperUser = Application::User((int) $this->id)->isSuperAdmin(); // User is super-user: Check if he stays so: if ($userIsSuperUser) { $staysSuperUser = Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.admin', null); if (!$staysSuperUser) { $this->_error = 'You cannot remove a Super User permission. Only Super Users can do that.'; return false; } } $userCanAdminUsers = (Application::User((int) $this->id)->isAuthorizedToPerformActionOnAsset('core.manage', 'com_users') || Application::User((int) $this->id)->isAuthorizedToPerformActionOnAsset('core.manage', 'com_comprofiler')) && Application::User((int) $this->id)->isAuthorizedToPerformActionOnAsset('core.edit', 'com_users') && Application::User((int) $this->id)->isAuthorizedToPerformActionOnAsset('core.edit.state', 'com_users'); // User is users-administrator: check if he can stay so: if ($userCanAdminUsers) { $staysUserAdmin = (Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.manage', 'com_users') || Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.manage', null)) && Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.edit', 'com_users') && Application::CmsPermissions()->checkGroupsForActionOnAsset($this->gids, 'core.edit.state', 'com_users'); if (!$staysUserAdmin) { $this->_error = 'An users manager cannot be demoted by a non-administrator'; return false; } } } } } // Security check to avoid creating/editing user to higher level than himself: CB response to artf4529. if (!$i_am_super_admin && $this->gids != $oldUserComplete->gids) { // Does user try to edit a user that has higher groups ? if (count(array_diff($this->gids, $myGids)) != 0) { $this->_error = 'Unauthorized attempt to change an user at higher level than allowed !'; return false; } // Does the user try to demote higher levels ? if (array_diff($this->gids, $myGids) != array_diff($oldUserComplete->gids, $myGids)) { $this->_error = 'Unauthorized attempt to change higher groups of an user than allowed !'; return false; } } } } if ($reason == 'edit') { if ($ui == 1) { $_PLUGINS->trigger('onBeforeUserUpdate', array(&$this, &$this, &$oldUserComplete, &$oldUserComplete)); } elseif ($ui == 2) { if ($isNew || $newCBuser) { $_PLUGINS->trigger('onBeforeNewUser', array(&$this, &$this, false)); } else { $_PLUGINS->trigger('onBeforeUpdateUser', array(&$this, &$this, &$oldUserComplete)); } } } elseif ($reason == 'register') { $_PLUGINS->trigger('onBeforeUserRegistration', array(&$this, &$this)); } $beforeResult = !$_PLUGINS->is_errors(); if (!$beforeResult) { $this->_error = $_PLUGINS->getErrorMSG(false); // $_PLUGIN collects all error messages, incl. previous ones. } // Saves tab plugins: // on edits, user params and block/email/approved/confirmed are done in cb.core predefined fields. // So now calls this and more (CBtabs are already created in $this->bindSafely() ). $pluginTabsResult = true; if ($reason == 'edit') { $this->_cbTabs->savePluginTabs($this, $array); $pluginTabsResult = !$_PLUGINS->is_errors(); if (!$pluginTabsResult) { $this->_error = $_PLUGINS->getErrorMSG(false); // $_PLUGIN collects all error messages, incl. previous ones. } } $clearTextPassword = $this->password; if ($bindResults && $beforeResult && $pluginTabsResult) { // Hashes password for CMS storage: if ($clearTextPassword) { $hashedPassword = $this->hashAndSaltPassword($clearTextPassword); $this->password = $hashedPassword; } // Stores user if it's a new user: if ($isNew) { if (!$this->store()) { return false; } } // Restores cleartext password for the saveRegistrationPluginTabs: $this->password = $clearTextPassword; if ($isNew) { // Sets the instance of user, to avoid reload from database, and loss of the cleartext password. CBuser::setUserGetCBUserInstance($this); } } if ($reason == 'register') { // call here since we got to have a user id: $registerResults = array(); $registerResults['tabs'] = $this->_cbTabs->saveRegistrationPluginTabs($this, $array); if ($_PLUGINS->is_errors()) { if ($bindResults && $beforeResult && $pluginTabsResult) { $plugins_error = $_PLUGINS->getErrorMSG(false); // $_PLUGIN collects all error messages, incl. previous ones. if ($isNew) { // if it was a new user, and plugin gave error, revert the creation: $this->delete(); } $this->_error = $plugins_error; } else { $this->_error = $_PLUGINS->getErrorMSG(false); // $_PLUGIN collects all error messages, incl. previous ones. } $pluginTabsResult = false; } } if ($bindResults && $beforeResult && $pluginTabsResult) { $this->_cbTabs->commitTabsContents($this, $array, $reason); $commit_errors = $_PLUGINS->getErrorMSG(false); if (count($commit_errors) > 0) { $this->_error = $commit_errors; $bindResults = false; } } if (!($bindResults && $beforeResult && $pluginTabsResult)) { $this->_cbTabs->rollbackTabsContents($this, $array, $reason); // Normal error exit point: $_PLUGINS->trigger('onSaveUserError', array(&$this, $this->_error, $reason)); if (is_array($this->_error)) { $this->_error = implode('<br />', $this->_error); } return false; } // Stores the user (again if it's a new as the plugins might have changed the user record): if ($clearTextPassword) { $this->password = $hashedPassword; } if (!$this->store()) { return false; } // Restores cleartext password for the onAfter and activation events: $this->password = $clearTextPassword; // Triggers onAfter and activateUser events: if ($reason == 'edit') { if ($ui == 1) { $_PLUGINS->trigger('onAfterUserUpdate', array(&$this, &$this, $oldUserComplete)); } elseif ($ui == 2) { if ($isNew || $newCBuser) { if ($isNew) { $ueConfig['emailpass'] = 1; // set this global to 1 to force password to be sent to new users. } $_PLUGINS->trigger('onAfterNewUser', array(&$this, &$this, false, true)); if ($this->block == 0 && $this->approved == 1 && $this->confirmed) { activateUser($this, 2, 'NewUser', false, $isNew); } } else { if (!(($oldUserComplete->approved == 1 || $oldUserComplete->approved == 2) && $oldUserComplete->confirmed) && ($this->approved == 1 && $this->confirmed)) { // first time a just registered and confirmed user got approved in backend through save user: if (isset($ueConfig['emailpass']) && $ueConfig['emailpass'] == "1" && $this->password == '') { // generate the password is auto-generated and not set by the admin at this occasion: $this->setRandomPassword(); $pwd = $this->hashAndSaltPassword($this->password); $this->_db->setQuery("UPDATE #__users SET password="******" WHERE id = " . (int) $this->id); $this->_db->query(); } } $_PLUGINS->trigger('onAfterUpdateUser', array(&$this, &$this, $oldUserComplete)); if (!(($oldUserComplete->approved == 1 || $oldUserComplete->approved == 2) && $oldUserComplete->confirmed) && ($this->approved == 1 && $this->confirmed)) { // first time a just registered and confirmed user got approved in backend through save user: activateUser($this, 2, 'UpdateUser', false); } } } } elseif ($reason == 'register') { $registerResults['after'] = $_PLUGINS->trigger('onAfterUserRegistration', array(&$this, &$this, true)); $registerResults['ok'] = true; return $registerResults; } return true; }
/** * Returns an options array of available privacy values * * @return array */ static public function getPrivacyOptions() { global $_PLUGINS, $ueConfig; static $cache = null; $plugin = $_PLUGINS->getLoadedPlugin( 'user', 'cbprivacy' ); if ( ! $plugin ) { return array(); } $params = $_PLUGINS->getPluginParams( $plugin ); if ( $cache === null ) { $cache = array(); $_PLUGINS->trigger( 'privacy_onBeforePrivacyOptions', array( &$cache ) ); if ( $params->get( 'privacy_options_visible', 1 ) ) { $cache[] = moscomprofilerHTML::makeOption( '0', CBTxt::T( 'Public' ) ); } if ( ( ( $ueConfig['profile_viewaccesslevel'] == 1 ) && $params->get( 'privacy_options_users', 1 ) ) ) { $cache[] = moscomprofilerHTML::makeOption( '1', CBTxt::T( 'Users' ) ); } if ( $params->get( 'privacy_options_invisible', 1 ) ) { $cache[] = moscomprofilerHTML::makeOption( '99', CBTxt::T( 'Private' ) ); } if ( $ueConfig['allowConnections'] ) { if ( $params->get( 'privacy_options_conn', 1 ) ) { $cache[] = moscomprofilerHTML::makeOption( '2', CBTxt::T( 'Connections' ) ); } if ( $params->get( 'privacy_options_connofconn', 1 ) ) { $cache[] = moscomprofilerHTML::makeOption( '3', CBTxt::T( 'Connections of Connections' ) ); } if ( $ueConfig['connection_categories'] && ( $params->get( 'privacy_options_conntypes', '0' ) != '' ) ) { $connTypes = explode( '|*|', $params->get( 'privacy_options_conntypes', '0' ) ); $types = self::getConnectionTypes(); if ( $types ) { $cache[] = moscomprofilerHTML::makeOptGroup( CBTxt::T( 'Connection Types' ) ); foreach ( $types as $type ) { if ( in_array( '0', $connTypes ) || in_array( $type->value, $connTypes ) ) { $cache[] = moscomprofilerHTML::makeOption( 'CONN-' . (string) $type->value, $type->text ); } } $cache[] = moscomprofilerHTML::makeOptGroup( null ); } } } if ( $params->get( 'privacy_options_viewaccesslevels', '' ) != '' ) { $viewAccessLevels = explode( '|*|', $params->get( 'privacy_options_viewaccesslevels', '' ) ); $accessLevels = Application::CmsPermissions()->getAllViewAccessLevels( true, Application::MyUser() ); if ( $accessLevels ) { $cache[] = moscomprofilerHTML::makeOptGroup( CBTxt::T( 'View Access Levels' ) ); foreach ( $accessLevels as $accessLevel ) { if ( in_array( '0', $viewAccessLevels ) || in_array( $accessLevel->value, $viewAccessLevels ) ) { $cache[] = moscomprofilerHTML::makeOption( 'ACCESS-' . (string) $accessLevel->value, CBTxt::T( $accessLevel->text ) ); } } $cache[] = moscomprofilerHTML::makeOptGroup( null ); } } if ( $params->get( 'privacy_options_usergroups', '' ) != '' ) { $userGroups = explode( '|*|', $params->get( 'privacy_options_usergroups', '' ) ); $groups = Application::CmsPermissions()->getAllGroups( true, '' ); if ( $groups ) { $cache[] = moscomprofilerHTML::makeOptGroup( CBTxt::T( 'Usergroups' ) ); foreach ( $groups as $group ) { if ( in_array( '0', $userGroups ) || in_array( $group->value, $userGroups ) ) { $cache[] = moscomprofilerHTML::makeOption( 'GROUP-' . (string) $group->value, CBTxt::T( $group->text ) ); } } $cache[] = moscomprofilerHTML::makeOptGroup( null ); } } $_PLUGINS->trigger( 'privacy_onAfterPrivacyOptions', array( &$cache ) ); } return $cache; }