/**
* Up
**/
public function up()
{
$query = "describe #__citations uid";
$this->db->setQuery($query);
$uidField = $this->db->loadObject();
// if we have an INT already, were good to go
if (strtolower($uidField->Type) == 'int(11)') {
return;
}
// load all citations
$query = "SELECT id, uid FROM `#__citations`";
$this->db->setQuery($query);
$citations = $this->db->loadObjectList();
foreach ($citations as $citation) {
if (!is_numeric($citation->uid)) {
$newId = 62;
$profile = \Hubzero\User\User::oneOrNew($citation->uid);
if ($profile->get('id')) {
$newId = $profile->get('id');
}
$query = "UPDATE `#__citations` SET uid=" . $this->db->quote($newId) . " WHERE id=" . $this->db->quote($citation->id);
$this->db->setQuery($query);
$this->db->query();
}
}
// change column name
$query = "ALTER TABLE `#__citations` CHANGE uid uid INT(11);";
$this->db->setQuery($query);
$this->db->query();
}
/**
* Constructor
*
* @param integer $scope_id Scope ID (group, course, etc.)
* @return void
*/
public function __construct($referenceid = 0)
{
$this->set('referenceid', $referenceid)->set('category', 'user')->set('option', $this->_segments['option']);
$this->_segments['id'] = $referenceid;
$this->_segments['active'] = 'wishlist';
$this->_item = \Hubzero\User\User::oneOrNew($this->get('scope_id'));
}
/**
* Constructor
*
* @param integer $scope_id Scope ID (group, course, etc.)
* @return void
*/
public function __construct($scope_id = 0)
{
$this->set('scope_id', $scope_id);
$this->_segments['id'] = $scope_id;
$this->_segments['active'] = 'blog';
$this->_item = User::oneOrNew($scope_id);
$config = Plugin::params('members', 'blog');
$id = String::pad($this->get('scope_id'));
$this->set('path', str_replace('{{uid}}', $id, $config->get('uploadpath', '/site/members/{{uid}}/blog')));
$this->set('scope', $this->get('scope_id') . '/blog');
$this->set('option', $this->_segments['option']);
}
/**
* Display module contents
*
* @return void
*/
public function displaySite()
{
// Get all sessions
$sessions = SessionHelper::getAllSessions(array('distinct' => 1, 'client' => 0));
// Vars to hold guests & logged in members
$this->guestCount = 0;
$this->loggedInCount = 0;
$this->loggedInList = array();
// Get guest and logged in counts/list
foreach ($sessions as $session) {
if ($session->guest == 1) {
$this->guestCount++;
} else {
$this->loggedInCount++;
$profile = User::oneOrNew($session->userid);
if ($profile->get('id')) {
$this->loggedInList[] = $profile;
}
}
}
// Render view
require $this->getLayoutPath('default');
}
/**
* Get Profile Object from user id
*
* @return object Profile object
*/
public function getProfile()
{
return User::oneOrNew($this->get('uidNumber'));
}
/**
* Get the creator of this entry
*
* Accepts an optional property name. If provided
* it will return that property value. Otherwise,
* it returns the entire User object
*
* @param string $property What data to return
* @param mixed $default Default value
* @return mixed
*/
public function creator($property = null, $default = null)
{
if (!$this->_creator instanceof \Hubzero\User\User) {
$this->_creator = \Hubzero\User\User::oneOrNew($this->get('created_by'));
}
if ($property) {
$property = $property == 'uidNumber' ? 'id' : $property;
if ($property == 'picture') {
return $this->_creator->picture($this->get('anonymous'));
}
return $this->_creator->get($property, $default);
}
return $this->_creator;
}
/**
* Check data
*
* @param string $task
* @param integer $id
* @return boolean
*/
public function check($task = 'create', $id = 0, $field_to_check = array())
{
$sitename = Config::get('sitename');
if ($id == 0) {
$id = User::get('id');
}
$registration = $this->_registration;
if ($task == 'proxy') {
$task = 'proxycreate';
}
$this->_missing = array();
$this->_invalid = array();
$registrationUsername = $this->registrationField('registrationUsername', 'RROO', $task);
$registrationPassword = $this->registrationField('registrationPassword', 'RRHH', $task);
$registrationConfirmPassword = $this->registrationField('registrationConfirmPassword', 'RRHH', $task);
$registrationFullname = $this->registrationField('registrationFullname', 'RRRR', $task);
$registrationEmail = $this->registrationField('registrationEmail', 'RRRR', $task);
$registrationConfirmEmail = $this->registrationField('registrationConfirmEmail', 'RRRR', $task);
$registrationOptIn = $this->registrationField('registrationOptIn', 'HHHH', $task);
$registrationCAPTCHA = $this->registrationField('registrationCAPTCHA', 'HHHH', $task);
$registrationTOU = $this->registrationField('registrationTOU', 'HHHH', $task);
if ($task == 'update') {
if (empty($registration['login'])) {
$registrationUsername = REG_REQUIRED;
} else {
$registrationUsername = REG_READONLY;
}
$registrationPassword = REG_HIDE;
$registrationConfirmPassword = REG_HIDE;
if (empty($registration['email'])) {
$registrationEmail = REG_REQUIRED;
}
}
if ($task == 'edit') {
$registrationUsername = REG_READONLY;
$registrationPassword = REG_HIDE;
$registrationConfirmPassword = REG_HIDE;
}
if (User::get('auth_link_id') && $task == 'create') {
$registrationPassword = REG_HIDE;
$registrationConfirmPassword = REG_HIDE;
}
$login = $registration['login'];
$email = $registration['email'];
$confirmEmail = $registration['confirmEmail'];
if ($registrationUsername == REG_REQUIRED) {
if (empty($login)) {
$this->_missing['login'] = '******';
$this->_invalid['login'] = '******';
}
}
if ($registrationUsername != REG_HIDE) {
$allowNumericFirstCharacter = $task == 'update' ? true : false;
if (!empty($login) && !Helpers\Utility::validlogin($login, $allowNumericFirstCharacter)) {
$this->_invalid['login'] = '******';
}
}
if (!empty($login) && ($task == 'create' || $task == 'proxycreate' || $task == 'update')) {
$uid = User::getInstance($login)->get('id');
if ($uid && $uid != $id) {
$this->_invalid['login'] = '******' . htmlentities($login) . '" already exists. Please try another.';
}
if (\Hubzero\Utility\Validate::reserved('username', $login)) {
$this->_invalid['login'] = '******' . htmlentities($login) . '" already exists. Please try another.';
}
// system username check
$puser = posix_getpwnam($login);
if (!empty($puser) && $uid && $uid != $puser['uid']) {
// log error and display error to user
\Log::error('System username/userid does not match DB username/password for user: '******'login'] = '******';
}
}
if ($registrationPassword == REG_REQUIRED) {
if (empty($registration['password'])) {
$this->_missing['password'] = '******';
$this->_invalid['password'] = '******';
}
}
/*
if ($registrationPassword != REG_HIDE)
{
if (!empty($registration['password']))
{
$result = Helpers\Utility::valid_password($registration['password']);
if ($result)
$this->_invalid['password'] = $result;
}
}
*/
if ($registrationConfirmPassword == REG_REQUIRED) {
if (empty($registration['confirmPassword'])) {
$this->_missing['confirmPassword'] = '******';
$this->_invalid['confirmPassword'] = '******';
}
}
if ($registrationPassword != REG_HIDE && $registrationConfirmPassword != REG_HIDE) {
if ($registration['password'] != $registration['confirmPassword']) {
$this->_invalid['confirmPassword'] = '******';
}
}
if ($registrationPassword == REG_REQUIRED) {
$score = $this->scorePassword($registration['password'], $registration['login']);
if ($score < PASS_SCORE_MEDIOCRE) {
$this->_invalid['password'] = '******';
} else {
if ($score >= PASS_SCORE_MEDIOCRE && $score < PASS_SCORE_GOOD) {
// Mediocre pass
} else {
if ($score >= PASS_SCORE_GOOD && $score < PASS_SCORE_STRONG) {
// Good pass
} else {
if ($score >= PASS_SCORE_STRONG) {
// Strong pass
}
}
}
}
$rules = \Hubzero\Password\Rule::all()->whereEquals('enabled', 1)->rows();
$msg = \Hubzero\Password\Rule::verify($registration['password'], $rules, $login, $registration['name']);
if (!empty($msg)) {
$this->_invalid['password'] = $msg;
}
}
if ($registrationFullname == REG_REQUIRED) {
if (empty($registration['name'])) {
$this->_missing['name'] = 'Full Name';
$this->_invalid['name'] = 'Please provide a name.';
} else {
$bits = explode(' ', $registration['name']);
$surname = null;
$middleName = null;
$givenName = null;
if (count($bits) == 1) {
$givenName = array_shift($bits);
} else {
$surname = array_pop($bits);
if (count($bits) >= 1) {
$givenName = array_shift($bits);
}
if (count($bits) >= 1) {
$middleName = implode(' ', $bits);
}
}
if (!$givenName || !$surname) {
$this->_missing['name'] = 'Full Name';
$this->_invalid['name'] = 'Please provide a name.';
}
}
}
if ($registrationFullname != REG_HIDE) {
if (!empty($registration['name']) && !Helpers\Utility::validname($registration['name'])) {
$this->_invalid['name'] = 'Invalid name. You may be using characters that are not allowed.';
}
}
if ($registrationEmail == REG_REQUIRED) {
if (empty($email)) {
$this->_missing['email'] = 'Valid Email';
$this->_invalid['email'] = 'Please provide a valid e-mail address.';
}
}
if ($registrationEmail != REG_HIDE) {
if (empty($email)) {
$this->_missing['email'] = 'Valid Email';
} elseif (!Helpers\Utility::validemail($email)) {
$this->_invalid['email'] = 'Invalid email address. Please correct and try again.';
} else {
$usersConfig = \Component::params('com_users');
$allow_duplicate_emails = $usersConfig->get('allow_duplicate_emails');
// Check if the email is already in use
$row = \Hubzero\User\User::all()->whereEquals('email', $email)->where('id', '!=', (int) $id)->row();
$xid = intval($row->get('id'));
// 0 = not allowed
// 1 = allowed (i.e. no check needed)
// 2 = only existing accounts (grandfathered)
if ($xid && ($allow_duplicate_emails == 0 || $allow_duplicate_emails == 2)) {
if ($allow_duplicate_emails == 0) {
$this->_invalid['email'] = 'An existing account is already using this e-mail address.';
} else {
if ($allow_duplicate_emails == 2) {
// If duplicates are only allowed in grandfathered accounts,
// then new accounts shouldn't be created with the same email.
if ($task == 'create' || $task == 'proxycreate') {
$this->_invalid['email'] = 'An existing account is already using this e-mail address.';
} else {
// We also need to catch existing users who might try to change their
// email to an existing email address on the hub. For that, we need to
// check and see if their email address is changing with this save.
$row = \Hubzero\User\User::oneOrNew((int) $id);
$currentEmail = $row->get('email');
if ($currentEmail != $email) {
$this->_invalid['email'] = 'An existing account is already using this e-mail address.';
}
}
}
}
}
}
}
if ($registrationConfirmEmail == REG_REQUIRED) {
if (empty($confirmEmail) && empty($this->_invalid['email'])) {
$this->_missing['confirmEmail'] = 'Valid Email Confirmation';
$this->_invalid['confirmEmail'] = 'Please provide a valid e-mail address again.';
}
}
if ($registrationConfirmEmail != REG_HIDE) {
if ($email != $confirmEmail) {
if (empty($this->_invalid['email'])) {
$this->_invalid['confirmEmail'] = 'Email addresses do not match. Please correct and try again.';
$this->_invalid['email'] = 'Email addresses do not match. Please correct and try again.';
}
}
}
if ($registrationOptIn == REG_REQUIRED) {
if (is_null($registration['sendEmail']) || intval($registration['sendEmail']) < 0) {
$this->_missing['sendEmail'] = 'Receive Email Updates';
$this->_invalid['sendEmail'] = 'Receive Email Updates has not been selected';
}
}
if ($registrationCAPTCHA == REG_REQUIRED) {
$botcheck = Request::getVar('botcheck', '');
if ($botcheck) {
$this->_invalid['captcha'] = 'Error: Invalid CAPTCHA response.';
}
$validcaptchas = Event::trigger('captcha.onCheckAnswer');
if (count($validcaptchas) > 0) {
foreach ($validcaptchas as $validcaptcha) {
if (!$validcaptcha) {
$this->_invalid['captcha'] = 'Error: Invalid CAPTCHA response.';
}
}
}
}
if ($registrationTOU == REG_REQUIRED) {
if (empty($registration['usageAgreement'])) {
$this->_missing['usageAgreement'] = 'Usage Agreement';
$this->_invalid['usageAgreement'] = 'Registration requires acceptance of the usage agreement';
}
}
/* Everything below is currently done elsewhere
@TODO Move code to here or refactor?
if ($registrationAddress == REG_REQUIRED)
{
if (count($registration['address']) == 0)
{
$this->_missing['address'] = 'Member Address';
$this->_invalid['address'] = 'Member Address';
}
}
// Load all fields not hidden
$fields = Field::all()
->including(['options', function ($option){
$option
->select('*')
->ordered();
}])
->where('action_' . $task, '!=', Field::STATE_HIDDEN)
->ordered()
->rows();
if (!isset($registration['_profile']))
{
$registration['_profile'] = array();
}
// Find missing required fields
foreach ($fields as $field)
{
if ($field->get('type') != 'hidden')
{
if (!isset($registration['_profile'][$field->get('name')]))
{
continue;
}
$value = $registration['_profile'][$field->get('name')];
if (empty($value) && $field->get('action_' . $task) == Field::STATE_REQUIRED)
{
$this->_missing[$field->get('name')] = $field->get('label');
}
}
}
// Validate input
$form = new \Hubzero\Form\Form('profile', array('control' => 'profile'));
$form->load(Field::toXml($fields, $action));
$form->bind(new \Hubzero\Config\Registry($registration['_profile']));
if (!$form->validate($registration['_profile']))
{
foreach ($form->getErrors() as $error)
{
$this->_invalid[] = $error;
}
}*/
// Filter out fields
if (!empty($field_to_check)) {
if ($this->_missing) {
foreach ($this->_missing as $k => $v) {
if (!in_array($k, $field_to_check)) {
unset($this->_missing[$k]);
}
}
}
if ($this->_invalid) {
foreach ($this->_invalid as $k => $v) {
if (!in_array($k, $field_to_check)) {
unset($this->_invalid[$k]);
}
}
}
}
if (empty($this->_missing) && empty($this->_invalid)) {
return true;
}
return false;
}
/**
* Map Resource Contributors
*
* @return void
*/
private function _mapContributorData()
{
// get any contributors
$contributors = isset($this->raw->contributors) ? $this->raw->contributors : new stdClass();
// get roles for resource type
$contributorRoles = new Tables\Contributor\RoleType($this->_database);
$rolesForType = $contributorRoles->getRolesForType($this->record->resource->type);
$rolesForType = is_array($rolesForType) ? $rolesForType : array();
// get valid role aliases
$existingRoles = array_map(function ($role) {
return $role->alias;
}, $rolesForType);
// handle contributors as string
if (is_string($contributors)) {
$contributors = array_map("trim", explode(';', $contributors));
$contributors = array_values(array_filter($contributors));
$contributors = array_map(function ($c) {
$cc = new stdClass();
$cc->name = $c;
return $cc;
}, $contributors);
}
// loop through each contributor
foreach ($contributors as $contributor) {
// create resource contributor object
$resourceContributor = new Tables\Contributor($this->_database);
// check to see if we have an author id
$authorid = isset($contributor->authorid) ? $contributor->authorid : null;
// load name
if ($authorid != null) {
if ($profile = \Hubzero\User\User::oneOrNew($authorid)) {
$resourceContributor->authorid = $profile->get('id');
}
}
$resourceContributor->name = isset($contributor->name) ? $contributor->name : '';
$resourceContributor->organization = isset($contributor->organization) ? $contributor->organization : '';
$resourceContributor->role = isset($contributor->role) && in_array($contributor->role, $existingRoles) ? $contributor->role : '';
$resourceContributor->subtable = 'resources';
array_push($this->record->contributors, $resourceContributor);
}
}
/**
* Validates incoming request via OAuth2 specification
*
* @param array $params Oauth server request parameters
* @param array $options OAuth server configuration options
* @return array
*/
public function authenticate($params = array(), $options = array())
{
// Placeholder response
$response = ['user_id' => null];
// Fire before auth event
Event::trigger('before_auth');
// Load oauth server
$oauthServer = new Server(new MysqlStorage(), $options);
$oauthRequest = \OAuth2\Request::createFromGlobals();
$oauthResponse = new \OAuth2\Response();
// Validate request via oauth
$oauthServer->verifyResourceRequest($oauthRequest, $oauthResponse);
// Store our token locally
$this->token = $oauthServer->getAccessTokenData($oauthRequest);
// See if we have a valid user
if (isset($this->token['uidNumber'])) {
$response['user_id'] = $this->token['uidNumber'];
$user = User::oneOrNew($response['user_id']);
if ($user->get('id')) {
$user->set('guest', false);
}
$this->app['session']->set('user', $user);
}
// Fire after auth event
Event::trigger('after_auth');
// Return the response
return $response;
}
/**
* Parse the URI
*
* @param object The URI
*
* @return array
*/
public function parse(&$uri)
{
$vars = array();
// Get the application
$app = JApplication::getInstance('site');
if ($app->getCfg('force_ssl') == 2 && strtolower($uri->getScheme()) != 'https') {
//forward to https
$uri->setScheme('https');
$app->redirect((string) $uri);
}
// Get the path
$path = $uri->getPath();
// Remove the base URI path.
$path = substr_replace($path, '', 0, strlen(JURI::base(true)));
// Check to see if a request to a specific entry point has been made.
if (preg_match("#.*?\\.php#u", $path, $matches)) {
// Get the current entry point path relative to the site path.
$scriptPath = realpath($_SERVER['SCRIPT_FILENAME'] ? $_SERVER['SCRIPT_FILENAME'] : str_replace('\\\\', '\\', $_SERVER['PATH_TRANSLATED']));
$relativeScriptPath = str_replace('\\', '/', str_replace(JPATH_SITE, '', $scriptPath));
// If a php file has been found in the request path, check to see if it is a valid file.
// Also verify that it represents the same file from the server variable for entry script.
if (file_exists(JPATH_SITE . $matches[0]) && $matches[0] == $relativeScriptPath) {
// Remove the entry point segments from the request path for proper routing.
$path = str_replace($matches[0], '', $path);
}
}
// Identify format
if ($this->_mode == JROUTER_MODE_SEF) {
if ($app->getCfg('sef_suffix') && !(substr($path, -9) == 'index.php' || substr($path, -1) == '/')) {
if ($suffix = pathinfo($path, PATHINFO_EXTENSION)) {
$vars['format'] = $suffix;
}
}
}
//Remove prefix
$path = str_replace('index.php', '', $path);
//Set the route
$uri->setPath(trim($path, '/'));
$vars += parent::parse($uri);
if (empty($vars['option']) && isset($_POST['option'])) {
$vars['option'] = JRequest::getCmd('option', '', 'post');
}
if (empty($vars['option'])) {
JError::raiseError(404, JText::_('JGLOBAL_RESOURCE_NOT_FOUND'));
}
/* START: HUBzero Extensions Follow to force registration and email confirmation */
$juser = JFactory::getUser();
if (!$juser->get('guest')) {
$session = JFactory::getSession();
$registration_incomplete = $session->get('registration.incomplete');
if ($registration_incomplete) {
if ($vars['option'] == 'com_users') {
if ($vars['view'] == 'logout' || $vars['task'] == 'logout') {
return $vars;
}
}
if ($vars['option'] == 'com_members' && (isset($vars['controller']) && $vars['controller'] == 'register' || isset($vars['view']) && $vars['view'] == 'register')) {
$session->set('linkaccount', false);
return $vars;
}
if ($uri->getPath() != 'legal/terms') {
$originalVars = $vars;
$vars = array();
if ($juser->get('tmp_user')) {
$vars['option'] = 'com_members';
$vars['controller'] = 'register';
$vars['task'] = 'create';
$vars['act'] = '';
} else {
if (substr($juser->get('email'), -8) == '@invalid') {
// First, allow ticket creation
if ($originalVars['option'] == 'com_support' && $originalVars['controller'] == 'tickets' && $originalVars['task'] == 'save') {
// Do nothing...allow it to pass through
$vars = $originalVars;
} elseif ($session->get('linkaccount', true)) {
$vars['option'] = 'com_users';
$vars['view'] = 'link';
} else {
$vars['option'] = 'com_members';
$vars['controller'] = 'register';
$vars['task'] = 'update';
$vars['act'] = '';
}
} else {
$o = JRequest::getVar('option', '');
$t = JRequest::getVar('task', '');
$nh = JRequest::getInt('no_html', 0);
//are we trying to use the tag autocompletor when forcing registration update?
if ($o == 'com_tags' && $t == 'autocomplete' && $nh) {
$vars['option'] = 'com_tags';
} else {
$vars['option'] = 'com_members';
$vars['id'] = $juser->get("id");
$vars['active'] = 'profile';
}
}
}
$this->setVars($vars);
JRequest::set($vars, 'get', true);
// overwrite existing
return $vars;
}
}
$xprofile = \Hubzero\User\User::oneOrNew($juser->get('id'));
if (is_object($xprofile) && $xprofile->get('activation') != 1 && $xprofile->get('activation') != 3) {
if ($vars['option'] == 'com_users') {
if (isset($vars['view']) && $vars['view'] == 'logout' || isset($vars['task']) && $vars['task'] == 'logout') {
return $vars;
}
} else {
if ($uri->getPath() == 'legal/terms') {
return $vars;
} else {
if ($vars['option'] == 'com_members' && (isset($vars['controller']) && $vars['controller'] == 'register' || isset($vars['view']) && $vars['view'] == 'register')) {
if (!empty($vars['task'])) {
if ($vars['task'] == 'unconfirmed' || $vars['task'] == 'change' || $vars['task'] == 'resend' || $vars['task'] == 'confirm') {
return $vars;
}
}
} else {
if ($vars['option'] == 'com_members' && (isset($vars['task']) && $vars['task'] == 'download') && (isset($vars['active']) && strpos($vars['active'], 'Image:') !== false) && JFactory::getSession()->get('userchangedemail', 0) == 1) {
return $vars;
}
}
}
}
$vars = array();
$vars['option'] = 'com_members';
$vars['controller'] = 'register';
$vars['task'] = 'unconfirmed';
$this->setVars($vars);
JRequest::set($vars, 'get', true);
// overwrite existing
return $vars;
}
if (!$juser->get('approved')) {
if ($vars['option'] == 'com_users') {
if ($vars['view'] == 'logout' || $vars['task'] == 'logout') {
return $vars;
}
} else {
if ($uri->getPath() == 'legal/terms') {
return $vars;
} else {
if ($vars['option'] == 'com_support' && $vars['controller'] == 'tickets' && $vars['task'] == 'save') {
return $vars;
} else {
if ($vars['option'] == 'com_support' && $vars['controller'] == 'tickets' && $vars['task'] == 'new') {
return $vars;
}
}
}
}
$vars = array();
$vars['option'] = 'com_users';
$vars['view'] = 'unapproved';
$this->setVars($vars);
JRequest::set($vars, 'get', true);
// overwrite existing
return $vars;
}
$badpassword = $session->get('badpassword', false);
$expiredpassword = $session->get('expiredpassword', false);
if ($badpassword || $expiredpassword) {
if ($vars['option'] == 'com_members' && isset($vars['task']) && $vars['task'] == 'changepassword') {
return $vars;
}
if ($vars['option'] == 'com_users' && ($vars['view'] == 'logout' || $vars['task'] == 'logout' || JRequest::getWord('task') == 'logout')) {
return $vars;
}
if ($vars['option'] == 'com_support' && $vars['task'] == 'save') {
return $vars;
}
if ($uri->getPath() == 'legal/terms') {
return $vars;
}
// @FIXME: should double check shadowFlag here in case password gets chanegd
// out of band.
// @FIXME: should we clear POST and GET data
$vars = array();
$vars['option'] = 'com_members';
$vars['task'] = 'changepassword';
if ($badpassword) {
$vars['message'] = "Your password does not meet current site requirements. Please change your password now.";
}
if ($expiredpassword) {
$vars['message'] = "Your password has expired. Please change your password now.";
}
$this->setVars($vars);
JRequest::set($vars, 'get', true);
// overwrite existing
}
}
// Call system plugins for parsing routes
if ($responses = JDispatcher::getInstance()->trigger('onParseRoute', array($vars))) {
// We're assuming here that if a plugin returns vars, we'll take them wholesale.
// This also means that plugins need to be ordered in terms of priority, as we'll
// return the first response that isn't empty.
foreach ($responses as $response) {
if (is_array($response) && !empty($response)) {
$this->setVars($response);
JRequest::set($response, 'get', true);
return $response;
}
}
}
/* END: HUBzero Extensions Follow to force registration and email confirmation */
return $vars;
}
/**
* Function to return profile object
*
* @param integer $user_id User identifier
* @return object User object
*/
private function profileExpander($user_id)
{
return User::oneOrNew($user_id);
}
/**
* Register View for Event
*
* @return string
*/
private function register()
{
//create the view
$view = $this->view('register', 'calendar');
//get request varse
$eventId = Request::getVar('event_id', '');
//load event data
$view->event = new \Components\Events\Models\Event($eventId);
//get registrants count
$eventsRespondent = new \Components\Events\Tables\Respondent(array('id' => $eventId));
$view->registrants = $eventsRespondent->getCount();
//do we have a registration deadline
if ($view->event->get('registerby') == '' || $view->event->get('registerby') == '0000-00-00 00:00:00') {
App::redirect(Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=calendar&action=details&event_id=' . $view->event->get('id')), Lang::txt('This event does not have registration.'), 'warning');
return;
}
//make sure registration is open
$now = Date::toUnix();
$registerby = Date::of($view->event->get('registerby'))->toUnix();
if ($registerby >= $now) {
//get the password
$password = Request::getVar('passwrd', '', 'post');
//is the event restricted
if ($view->event->get('restricted') != '' && $view->event->get('restricted') != $password && !isset($this->register)) {
//if we entered a password and it was bad lets tell the user
if (isset($password) && $password != '') {
$this->setError('The password entered is incorrect.');
}
$view->setLayout('register_restricted');
}
} else {
$view->setLayout('register_closed');
}
//push some vars to the view
$view->month = $this->month;
$view->year = $this->year;
$view->group = $this->group;
$view->option = $this->option;
$view->authorized = $this->authorized;
$view->user = $this->user;
$view->register = isset($this->register) ? $this->register : null;
$view->arrival = isset($this->arrival) ? $this->arrival : null;
$view->departure = isset($this->departure) ? $this->departure : null;
$view->dietary = isset($this->dietary) ? $this->dietary : null;
$view->dinner = isset($this->dinner) ? $this->dinner : null;
$view->disability = isset($this->disability) ? $this->disability : null;
$view->race = isset($this->race) ? $this->race : null;
//add params to view
$view->params = new \Hubzero\Config\Registry($view->event->get('params'));
if (!$this->user->get('guest')) {
$profile = \Hubzero\User\User::oneOrNew($this->user->get('id'));
$view->register['first_name'] = $profile->get('givenName');
$view->register['last_name'] = $profile->get('surname');
$view->register['affiliation'] = $profile->get('organization');
$view->register['email'] = $profile->get('email');
$view->register['telephone'] = $profile->get('phone');
$view->register['website'] = $profile->get('url');
}
//get any errors if there are any
foreach ($this->getErrors() as $error) {
$view->setError($error);
}
//load the view
return $view->loadTemplate();
}
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* HUBzero is a registered trademark of Purdue University.
*
* @package hubzero-cms
* @author Alissa Nedossekina <*****@*****.**>
* @copyright Copyright 2005-2015 HUBzero Foundation, LLC.
* @license http://opensource.org/licenses/MIT MIT
*/
defined('_HZEXEC_') or die;
$cls = isset($this->cls) ? $this->cls : 'odd';
$name = Lang::txt('PLG_PUBLICATIONS_REVIEWS_ANONYMOUS');
$huser = \Hubzero\User\User::oneOrNew($this->comment->get('created_by'));
if (!$this->comment->get('anonymous')) {
$name = $this->escape(stripslashes($huser->get('name')));
if (in_array($huser->get('access'), User::getAuthorisedviewLevels())) {
$name = '<a href="' . Route::url('index.php?option=com_members&id=' . $huser->get('uidNumber')) . '">' . $name . '</a>';
}
}
$this->comment->set('item_type', 'pubreview');
if ($this->comment->isReported()) {
$comment = '<p class="warning">' . Lang::txt('PLG_PUBLICATIONS_REVIEWS_NOTICE_POSTING_REPORTED') . '</p>';
} else {
$comment = $this->comment->content('parsed');
}
if ($this->comment->get('publication_id')) {
$this->comment->set('item_id', $this->comment->get('id'));
$this->comment->set('parent', 0);
/**
* Short description for 'parse'
*
* Long description (if any) ...
*
* @param object &$uri Parameter description (if any) ...
* @return array Return description (if any) ...
*/
function parse(&$uri)
{
$vars = array();
// Get the application
$app = JFactory::getApplication();
if ($app->getCfg('force_ssl') == 2 && strtolower($uri->getScheme()) != 'https') {
//forward to https
$uri->setScheme('https');
$app->redirect($uri->toString());
}
// Get the path
$path = $uri->getPath();
//Remove the suffix
if ($this->_mode == JROUTER_MODE_SEF) {
// Get the application
$app = JFactory::getApplication();
if ($app->getCfg('sef_suffix') && !(substr($path, -9) == 'index.php' || substr($path, -1) == '/')) {
if ($suffix = pathinfo($path, PATHINFO_EXTENSION)) {
$path = str_replace('.' . $suffix, '', $path);
$vars['format'] = $suffix;
}
}
}
//Remove basepath
$path = substr_replace($path, '', 0, strlen(JURI::base(true)));
//Remove prefix
$path = str_replace('index.php', '', $path);
//Set the route
$uri->setPath(trim($path, '/'));
$vars += parent::parse($uri);
/* HUBzero Extensions Follow to force registration and email confirmation */
$juser = JFactory::getUser();
if (!$juser->get('guest')) {
$session = JFactory::getSession();
$registration_incomplete = $session->get('registration.incomplete');
if ($registration_incomplete) {
if ($vars['option'] == 'com_user') {
if ($vars['view'] == 'logout' || $vars['task'] == 'logout') {
return $vars;
}
}
if ($vars['option'] == 'com_members' && (isset($vars['controller']) && $vars['controller'] == 'register' || isset($vars['view']) && $vars['view'] == 'register')) {
return $vars;
}
if ($uri->getPath() != 'legal/terms') {
$vars = array();
/*
$vars['option'] = 'com_members';
$vars['controller'] = 'register';
if ($juser->get('tmp_user'))
$vars['task'] = 'create';
else
$vars['task'] = 'update';
$vars['act'] = '';
*/
$vars['option'] = 'com_members';
$vars['id'] = $juser->get("id");
$vars['active'] = 'profile';
$this->setVars($vars);
JRequest::set($vars, 'get', true);
// overwrite existing
return $vars;
}
}
$xprofile = \Hubzero\User\User::oneOrNew($juser->get('id'));
if (is_object($xprofile) && $xprofile->get('activation') != 1 && $xprofile->get('activation') != 3) {
if ($vars['option'] == 'com_user') {
if ($vars['view'] == 'logout' || $vars['task'] == 'logout') {
return $vars;
}
} else {
if ($uri->getPath() == 'legal/terms') {
return $vars;
} else {
if ($vars['option'] == 'com_members' && (isset($vars['controller']) && $vars['controller'] == 'register' || isset($vars['view']) && $vars['view'] == 'register')) {
if (!empty($vars['task'])) {
if ($vars['task'] == 'unconfirmed' || $vars['task'] == 'change' || $vars['task'] == 'resend' || $vars['task'] == 'confirm') {
return $vars;
}
}
}
}
}
$vars = array();
$vars['option'] = 'com_members';
$vars['controller'] = 'register';
$vars['task'] = 'unconfirmed';
$this->setVars($vars);
JRequest::set($vars, 'get', true);
// overwrite existing
return $vars;
}
}
return $vars;
}
/**
* Save an entry
*
* @return void
*/
public function saveTask()
{
// [SECURITY] Check for request forgeries
Request::checkToken();
if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option)) {
App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
}
// Incoming
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
$team = Request::getVar('team', '', 'post', 2, 'none');
// Bind the incoming data to our mdoel
$row = Application::oneOrNew($fields['id'])->set($fields);
// Validate and save the data
if (!$row->save()) {
Notify::error($row->getError());
return $this->editTask($row);
}
// parse incoming team
$team = array_map('trim', explode(',', $team));
// clean up team
foreach ($team as $k => $t) {
// handle usernames & emails
if (!is_numeric($t)) {
// handle emails
if (strpos($t, '@')) {
// load profile by email
$profile = \Hubzero\User\User::oneByEmail($t);
} else {
// load profile by username
$profile = \Hubzero\User\User::oneOrNew($t);
}
// swap usernames for uidnumbers
if ($profile) {
$team[$k] = $profile->get('id');
} else {
unset($team[$k]);
}
}
}
// add creator if new
// will only ever get added once
$team[] = User::get('id');
// get current team
$currentTeam = $row->team()->rows();
$found = array();
// Remove members not included now
foreach ($currentTeam as $member) {
if (!in_array($member->get('uidNumber'), $team)) {
$member->destroy();
}
$found[] = $member->get('uidNumber');
}
// Add each non-team member to team
foreach ($team as $uidNumber) {
if (!in_array($uidNumber, $found)) {
$member = Member::blank();
$member->set('uidNumber', $uidNumber);
$member->set('application_id', $row->get('id'));
$member->save();
}
}
Notify::success(Lang::txt('COM_DEVELOPER_APPLICATION_SAVED'));
if ($this->getTask() == 'apply') {
return $this->editTask($row);
}
$this->cancelTask();
}
/**
* Save developer application details
*
* @return void
*/
public function saveTask()
{
// CSRF check
Request::checkToken();
// get request vars
$data = Request::getVar('application', array(), 'post', 2, 'none');
$team = Request::getVar('team', array(), 'post', 2, 'none');
// must be logged in
if (User::isGuest()) {
$return = Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=edit&id=' . $data['id'], false, true);
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($return)));
return;
}
// bind data to model
$model = Application::oneOrNew($data['id'])->set($data);
// is the app available
if ($model->isDeleted()) {
App::redirect(Route::url('index.php?option=com_developer&controller=applications'), Lang::txt('COM_DEVELOPER_API_APPLICATION_DOES_NOT_EXIST'), 'warning');
return;
}
// make sure its ours
if (!$this->config->get('access-edit-application', 0) && !$this->config->get('access-create-application', 0) && $data['id'] > 0) {
App::redirect(Route::url('index.php?option=com_developer&controller=applications'), Lang::txt('COM_DEVELOPER_API_APPLICATION_NOT_AUTHORIZED'), 'warning');
return;
}
// attempt to save model
if (!$model->save()) {
Notify::error($model->getError());
return $this->editTask($model);
}
// parse incoming team
$team = array_map('trim', explode(',', $team));
// clean up team
foreach ($team as $k => $t) {
// handle usernames & emails
if (!is_numeric($t)) {
// handle emails
if (strpos($t, '@')) {
// load profile by email
$profile = \Hubzero\User\User::oneByEmail($t);
} else {
// load profile by username
$profile = \Hubzero\User\User::oneOrNew($t);
}
// swap usernames for uidnumbers
if ($profile) {
$team[$k] = $profile->get('id');
} else {
unset($team[$k]);
}
}
}
// add creator if new
// will only ever get added once
$team[] = User::get('id');
// get current team
$found = array();
foreach ($model->team()->rows() as $member) {
$found[] = $member->get('uidNumber');
}
// Add each non-team member to team
foreach ($team as $uidNumber) {
if (!in_array($uidNumber, $found)) {
$member = Member::blank();
$member->set('uidNumber', $uidNumber);
$member->set('application_id', $model->get('id'));
$member->save();
}
}
// Redirect back to the main listing with a success message
App::redirect(Route::url($model->link()), Lang::txt('COM_DEVELOPER_API_APPLICATION_SAVED'), 'passed');
}
/**
* Validate a password
*
* @param string $password
* @param array $rules
* @param mixed $user
* @param string $name
* @return array
*/
public static function verify($password, $rules, $user, $name = null)
{
if (empty($rules)) {
return array();
}
$fail = array();
$stats = self::analyze($password);
foreach ($rules as $rule) {
if ($rule['rule'] == 'minCharacterClasses') {
if ($stats['uniqueClasses'] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'maxCharacterClasses') {
if ($stats['uniqueClasses'] > $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'minPasswordLength') {
if ($stats['count'][0] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'maxPasswordLength') {
if ($stats['count'][0] > $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'maxClassCharacters') {
if (empty($rule['class'])) {
continue;
}
$class = $rule['class'];
if (empty($stats['count'][$class])) {
$stats['count'][$class] = 0;
}
if ($stats['count'][$class] > $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'minClassCharacters') {
if (empty($rule['class'])) {
continue;
}
$class = $rule['class'];
if (empty($stats['count'][$class])) {
$stats['count'][$class] = 0;
}
if ($stats['count'][$class] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'minUniqueCharacters') {
if ($stats['uniqueCharacters'] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notBlacklisted') {
if (Blacklist::basedOnBlackList($password)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notNameBased') {
if ($name == null) {
if (is_numeric($user)) {
$xuser = User::oneOrNew($user);
} else {
$xuser = User::oneByUsername($user);
}
if (!is_object($xuser)) {
continue;
}
$givenName = $xuser->get('givenName');
$middleName = $xuser->get('middleName');
$surname = $xuser->get('surname');
$name = $givenName;
if (!empty($middleName)) {
if (empty($name)) {
$name = $middleName;
} else {
$name .= ' ' . $middleName;
}
}
if (!empty($surname)) {
if (empty($name)) {
$name = $surname;
} else {
$name .= ' ' . $surname;
}
}
}
if (self::isBasedOnName($password, $name)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notUsernameBased') {
if (is_numeric($user)) {
$xuser = User::oneOrNew($user);
if (!is_object($xuser)) {
continue;
}
$user = $xuser->get('username');
}
if (self::isBasedOnUsername($password, $user)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notReused') {
$date = new \DateTime('now');
$date->modify("-" . $rule['value'] . "day");
$phist = History::getInstance($user);
if (!is_object($phist)) {
continue;
}
if ($phist->exists($password, $date->format("Y-m-d H:i:s"))) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notRepeat') {
if (Password::passwordMatches($user, $password, true)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] === 'true') {
} else {
if ($rule['rule'] == 'notStale') {
} else {
$fail[] = $rule['failuremsg'];
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
if (empty($fail)) {
$fail = array();
}
return $fail;
}
?>
</span></legend>
<div class="input-wrap" data-hint="<?php
echo Lang::txt('COM_DEVELOPER_FIELD_ADD_TEAM_HINT');
?>
">
<label for="acmembers"><?php
echo Lang::txt('COM_DEVELOPER_FIELD_ADD_TEAM');
?>
:</label><br />
<?php
// get team and format for autocompletor
$currentTeam = array();
foreach ($this->row->team() as $member) {
$profile = \Hubzero\User\User::oneOrNew($member->get('uidNumber'));
$currentTeam[] = $profile->get('name') . ' (' . $profile->get('id') . ')';
}
// output member autocompletor
$mc = Event::trigger('hubzero.onGetMultiEntry', array(array('members', 'team', 'acmembers', '', implode(', ', $currentTeam))));
if (count($mc) > 0) {
echo $mc[0];
} else {
?>
<input type="text" name="team" id="acmembers" value="" size="35" />
<?php
}
?>
</div>
</fieldset>
<?php
