/** * Up **/ public function up() { $query = "describe #__citations uid"; $this->db->setQuery($query); $uidField = $this->db->loadObject(); // if we have an INT already, were good to go if (strtolower($uidField->Type) == 'int(11)') { return; } // load all citations $query = "SELECT id, uid FROM `#__citations`"; $this->db->setQuery($query); $citations = $this->db->loadObjectList(); foreach ($citations as $citation) { if (!is_numeric($citation->uid)) { $newId = 62; $profile = \Hubzero\User\User::oneOrNew($citation->uid); if ($profile->get('id')) { $newId = $profile->get('id'); } $query = "UPDATE `#__citations` SET uid=" . $this->db->quote($newId) . " WHERE id=" . $this->db->quote($citation->id); $this->db->setQuery($query); $this->db->query(); } } // change column name $query = "ALTER TABLE `#__citations` CHANGE uid uid INT(11);"; $this->db->setQuery($query); $this->db->query(); }
/** * Constructor * * @param integer $scope_id Scope ID (group, course, etc.) * @return void */ public function __construct($referenceid = 0) { $this->set('referenceid', $referenceid)->set('category', 'user')->set('option', $this->_segments['option']); $this->_segments['id'] = $referenceid; $this->_segments['active'] = 'wishlist'; $this->_item = \Hubzero\User\User::oneOrNew($this->get('scope_id')); }
/** * Constructor * * @param integer $scope_id Scope ID (group, course, etc.) * @return void */ public function __construct($scope_id = 0) { $this->set('scope_id', $scope_id); $this->_segments['id'] = $scope_id; $this->_segments['active'] = 'blog'; $this->_item = User::oneOrNew($scope_id); $config = Plugin::params('members', 'blog'); $id = String::pad($this->get('scope_id')); $this->set('path', str_replace('{{uid}}', $id, $config->get('uploadpath', '/site/members/{{uid}}/blog'))); $this->set('scope', $this->get('scope_id') . '/blog'); $this->set('option', $this->_segments['option']); }
/** * Display module contents * * @return void */ public function displaySite() { // Get all sessions $sessions = SessionHelper::getAllSessions(array('distinct' => 1, 'client' => 0)); // Vars to hold guests & logged in members $this->guestCount = 0; $this->loggedInCount = 0; $this->loggedInList = array(); // Get guest and logged in counts/list foreach ($sessions as $session) { if ($session->guest == 1) { $this->guestCount++; } else { $this->loggedInCount++; $profile = User::oneOrNew($session->userid); if ($profile->get('id')) { $this->loggedInList[] = $profile; } } } // Render view require $this->getLayoutPath('default'); }
/** * Get Profile Object from user id * * @return object Profile object */ public function getProfile() { return User::oneOrNew($this->get('uidNumber')); }
/** * Get the creator of this entry * * Accepts an optional property name. If provided * it will return that property value. Otherwise, * it returns the entire User object * * @param string $property What data to return * @param mixed $default Default value * @return mixed */ public function creator($property = null, $default = null) { if (!$this->_creator instanceof \Hubzero\User\User) { $this->_creator = \Hubzero\User\User::oneOrNew($this->get('created_by')); } if ($property) { $property = $property == 'uidNumber' ? 'id' : $property; if ($property == 'picture') { return $this->_creator->picture($this->get('anonymous')); } return $this->_creator->get($property, $default); } return $this->_creator; }
/** * Check data * * @param string $task * @param integer $id * @return boolean */ public function check($task = 'create', $id = 0, $field_to_check = array()) { $sitename = Config::get('sitename'); if ($id == 0) { $id = User::get('id'); } $registration = $this->_registration; if ($task == 'proxy') { $task = 'proxycreate'; } $this->_missing = array(); $this->_invalid = array(); $registrationUsername = $this->registrationField('registrationUsername', 'RROO', $task); $registrationPassword = $this->registrationField('registrationPassword', 'RRHH', $task); $registrationConfirmPassword = $this->registrationField('registrationConfirmPassword', 'RRHH', $task); $registrationFullname = $this->registrationField('registrationFullname', 'RRRR', $task); $registrationEmail = $this->registrationField('registrationEmail', 'RRRR', $task); $registrationConfirmEmail = $this->registrationField('registrationConfirmEmail', 'RRRR', $task); $registrationOptIn = $this->registrationField('registrationOptIn', 'HHHH', $task); $registrationCAPTCHA = $this->registrationField('registrationCAPTCHA', 'HHHH', $task); $registrationTOU = $this->registrationField('registrationTOU', 'HHHH', $task); if ($task == 'update') { if (empty($registration['login'])) { $registrationUsername = REG_REQUIRED; } else { $registrationUsername = REG_READONLY; } $registrationPassword = REG_HIDE; $registrationConfirmPassword = REG_HIDE; if (empty($registration['email'])) { $registrationEmail = REG_REQUIRED; } } if ($task == 'edit') { $registrationUsername = REG_READONLY; $registrationPassword = REG_HIDE; $registrationConfirmPassword = REG_HIDE; } if (User::get('auth_link_id') && $task == 'create') { $registrationPassword = REG_HIDE; $registrationConfirmPassword = REG_HIDE; } $login = $registration['login']; $email = $registration['email']; $confirmEmail = $registration['confirmEmail']; if ($registrationUsername == REG_REQUIRED) { if (empty($login)) { $this->_missing['login'] = '******'; $this->_invalid['login'] = '******'; } } if ($registrationUsername != REG_HIDE) { $allowNumericFirstCharacter = $task == 'update' ? true : false; if (!empty($login) && !Helpers\Utility::validlogin($login, $allowNumericFirstCharacter)) { $this->_invalid['login'] = '******'; } } if (!empty($login) && ($task == 'create' || $task == 'proxycreate' || $task == 'update')) { $uid = User::getInstance($login)->get('id'); if ($uid && $uid != $id) { $this->_invalid['login'] = '******' . htmlentities($login) . '" already exists. Please try another.'; } if (\Hubzero\Utility\Validate::reserved('username', $login)) { $this->_invalid['login'] = '******' . htmlentities($login) . '" already exists. Please try another.'; } // system username check $puser = posix_getpwnam($login); if (!empty($puser) && $uid && $uid != $puser['uid']) { // log error and display error to user \Log::error('System username/userid does not match DB username/password for user: '******'login'] = '******'; } } if ($registrationPassword == REG_REQUIRED) { if (empty($registration['password'])) { $this->_missing['password'] = '******'; $this->_invalid['password'] = '******'; } } /* if ($registrationPassword != REG_HIDE) { if (!empty($registration['password'])) { $result = Helpers\Utility::valid_password($registration['password']); if ($result) $this->_invalid['password'] = $result; } } */ if ($registrationConfirmPassword == REG_REQUIRED) { if (empty($registration['confirmPassword'])) { $this->_missing['confirmPassword'] = '******'; $this->_invalid['confirmPassword'] = '******'; } } if ($registrationPassword != REG_HIDE && $registrationConfirmPassword != REG_HIDE) { if ($registration['password'] != $registration['confirmPassword']) { $this->_invalid['confirmPassword'] = '******'; } } if ($registrationPassword == REG_REQUIRED) { $score = $this->scorePassword($registration['password'], $registration['login']); if ($score < PASS_SCORE_MEDIOCRE) { $this->_invalid['password'] = '******'; } else { if ($score >= PASS_SCORE_MEDIOCRE && $score < PASS_SCORE_GOOD) { // Mediocre pass } else { if ($score >= PASS_SCORE_GOOD && $score < PASS_SCORE_STRONG) { // Good pass } else { if ($score >= PASS_SCORE_STRONG) { // Strong pass } } } } $rules = \Hubzero\Password\Rule::all()->whereEquals('enabled', 1)->rows(); $msg = \Hubzero\Password\Rule::verify($registration['password'], $rules, $login, $registration['name']); if (!empty($msg)) { $this->_invalid['password'] = $msg; } } if ($registrationFullname == REG_REQUIRED) { if (empty($registration['name'])) { $this->_missing['name'] = 'Full Name'; $this->_invalid['name'] = 'Please provide a name.'; } else { $bits = explode(' ', $registration['name']); $surname = null; $middleName = null; $givenName = null; if (count($bits) == 1) { $givenName = array_shift($bits); } else { $surname = array_pop($bits); if (count($bits) >= 1) { $givenName = array_shift($bits); } if (count($bits) >= 1) { $middleName = implode(' ', $bits); } } if (!$givenName || !$surname) { $this->_missing['name'] = 'Full Name'; $this->_invalid['name'] = 'Please provide a name.'; } } } if ($registrationFullname != REG_HIDE) { if (!empty($registration['name']) && !Helpers\Utility::validname($registration['name'])) { $this->_invalid['name'] = 'Invalid name. You may be using characters that are not allowed.'; } } if ($registrationEmail == REG_REQUIRED) { if (empty($email)) { $this->_missing['email'] = 'Valid Email'; $this->_invalid['email'] = 'Please provide a valid e-mail address.'; } } if ($registrationEmail != REG_HIDE) { if (empty($email)) { $this->_missing['email'] = 'Valid Email'; } elseif (!Helpers\Utility::validemail($email)) { $this->_invalid['email'] = 'Invalid email address. Please correct and try again.'; } else { $usersConfig = \Component::params('com_users'); $allow_duplicate_emails = $usersConfig->get('allow_duplicate_emails'); // Check if the email is already in use $row = \Hubzero\User\User::all()->whereEquals('email', $email)->where('id', '!=', (int) $id)->row(); $xid = intval($row->get('id')); // 0 = not allowed // 1 = allowed (i.e. no check needed) // 2 = only existing accounts (grandfathered) if ($xid && ($allow_duplicate_emails == 0 || $allow_duplicate_emails == 2)) { if ($allow_duplicate_emails == 0) { $this->_invalid['email'] = 'An existing account is already using this e-mail address.'; } else { if ($allow_duplicate_emails == 2) { // If duplicates are only allowed in grandfathered accounts, // then new accounts shouldn't be created with the same email. if ($task == 'create' || $task == 'proxycreate') { $this->_invalid['email'] = 'An existing account is already using this e-mail address.'; } else { // We also need to catch existing users who might try to change their // email to an existing email address on the hub. For that, we need to // check and see if their email address is changing with this save. $row = \Hubzero\User\User::oneOrNew((int) $id); $currentEmail = $row->get('email'); if ($currentEmail != $email) { $this->_invalid['email'] = 'An existing account is already using this e-mail address.'; } } } } } } } if ($registrationConfirmEmail == REG_REQUIRED) { if (empty($confirmEmail) && empty($this->_invalid['email'])) { $this->_missing['confirmEmail'] = 'Valid Email Confirmation'; $this->_invalid['confirmEmail'] = 'Please provide a valid e-mail address again.'; } } if ($registrationConfirmEmail != REG_HIDE) { if ($email != $confirmEmail) { if (empty($this->_invalid['email'])) { $this->_invalid['confirmEmail'] = 'Email addresses do not match. Please correct and try again.'; $this->_invalid['email'] = 'Email addresses do not match. Please correct and try again.'; } } } if ($registrationOptIn == REG_REQUIRED) { if (is_null($registration['sendEmail']) || intval($registration['sendEmail']) < 0) { $this->_missing['sendEmail'] = 'Receive Email Updates'; $this->_invalid['sendEmail'] = 'Receive Email Updates has not been selected'; } } if ($registrationCAPTCHA == REG_REQUIRED) { $botcheck = Request::getVar('botcheck', ''); if ($botcheck) { $this->_invalid['captcha'] = 'Error: Invalid CAPTCHA response.'; } $validcaptchas = Event::trigger('captcha.onCheckAnswer'); if (count($validcaptchas) > 0) { foreach ($validcaptchas as $validcaptcha) { if (!$validcaptcha) { $this->_invalid['captcha'] = 'Error: Invalid CAPTCHA response.'; } } } } if ($registrationTOU == REG_REQUIRED) { if (empty($registration['usageAgreement'])) { $this->_missing['usageAgreement'] = 'Usage Agreement'; $this->_invalid['usageAgreement'] = 'Registration requires acceptance of the usage agreement'; } } /* Everything below is currently done elsewhere @TODO Move code to here or refactor? if ($registrationAddress == REG_REQUIRED) { if (count($registration['address']) == 0) { $this->_missing['address'] = 'Member Address'; $this->_invalid['address'] = 'Member Address'; } } // Load all fields not hidden $fields = Field::all() ->including(['options', function ($option){ $option ->select('*') ->ordered(); }]) ->where('action_' . $task, '!=', Field::STATE_HIDDEN) ->ordered() ->rows(); if (!isset($registration['_profile'])) { $registration['_profile'] = array(); } // Find missing required fields foreach ($fields as $field) { if ($field->get('type') != 'hidden') { if (!isset($registration['_profile'][$field->get('name')])) { continue; } $value = $registration['_profile'][$field->get('name')]; if (empty($value) && $field->get('action_' . $task) == Field::STATE_REQUIRED) { $this->_missing[$field->get('name')] = $field->get('label'); } } } // Validate input $form = new \Hubzero\Form\Form('profile', array('control' => 'profile')); $form->load(Field::toXml($fields, $action)); $form->bind(new \Hubzero\Config\Registry($registration['_profile'])); if (!$form->validate($registration['_profile'])) { foreach ($form->getErrors() as $error) { $this->_invalid[] = $error; } }*/ // Filter out fields if (!empty($field_to_check)) { if ($this->_missing) { foreach ($this->_missing as $k => $v) { if (!in_array($k, $field_to_check)) { unset($this->_missing[$k]); } } } if ($this->_invalid) { foreach ($this->_invalid as $k => $v) { if (!in_array($k, $field_to_check)) { unset($this->_invalid[$k]); } } } } if (empty($this->_missing) && empty($this->_invalid)) { return true; } return false; }
/** * Map Resource Contributors * * @return void */ private function _mapContributorData() { // get any contributors $contributors = isset($this->raw->contributors) ? $this->raw->contributors : new stdClass(); // get roles for resource type $contributorRoles = new Tables\Contributor\RoleType($this->_database); $rolesForType = $contributorRoles->getRolesForType($this->record->resource->type); $rolesForType = is_array($rolesForType) ? $rolesForType : array(); // get valid role aliases $existingRoles = array_map(function ($role) { return $role->alias; }, $rolesForType); // handle contributors as string if (is_string($contributors)) { $contributors = array_map("trim", explode(';', $contributors)); $contributors = array_values(array_filter($contributors)); $contributors = array_map(function ($c) { $cc = new stdClass(); $cc->name = $c; return $cc; }, $contributors); } // loop through each contributor foreach ($contributors as $contributor) { // create resource contributor object $resourceContributor = new Tables\Contributor($this->_database); // check to see if we have an author id $authorid = isset($contributor->authorid) ? $contributor->authorid : null; // load name if ($authorid != null) { if ($profile = \Hubzero\User\User::oneOrNew($authorid)) { $resourceContributor->authorid = $profile->get('id'); } } $resourceContributor->name = isset($contributor->name) ? $contributor->name : ''; $resourceContributor->organization = isset($contributor->organization) ? $contributor->organization : ''; $resourceContributor->role = isset($contributor->role) && in_array($contributor->role, $existingRoles) ? $contributor->role : ''; $resourceContributor->subtable = 'resources'; array_push($this->record->contributors, $resourceContributor); } }
/** * Validates incoming request via OAuth2 specification * * @param array $params Oauth server request parameters * @param array $options OAuth server configuration options * @return array */ public function authenticate($params = array(), $options = array()) { // Placeholder response $response = ['user_id' => null]; // Fire before auth event Event::trigger('before_auth'); // Load oauth server $oauthServer = new Server(new MysqlStorage(), $options); $oauthRequest = \OAuth2\Request::createFromGlobals(); $oauthResponse = new \OAuth2\Response(); // Validate request via oauth $oauthServer->verifyResourceRequest($oauthRequest, $oauthResponse); // Store our token locally $this->token = $oauthServer->getAccessTokenData($oauthRequest); // See if we have a valid user if (isset($this->token['uidNumber'])) { $response['user_id'] = $this->token['uidNumber']; $user = User::oneOrNew($response['user_id']); if ($user->get('id')) { $user->set('guest', false); } $this->app['session']->set('user', $user); } // Fire after auth event Event::trigger('after_auth'); // Return the response return $response; }
/** * Parse the URI * * @param object The URI * * @return array */ public function parse(&$uri) { $vars = array(); // Get the application $app = JApplication::getInstance('site'); if ($app->getCfg('force_ssl') == 2 && strtolower($uri->getScheme()) != 'https') { //forward to https $uri->setScheme('https'); $app->redirect((string) $uri); } // Get the path $path = $uri->getPath(); // Remove the base URI path. $path = substr_replace($path, '', 0, strlen(JURI::base(true))); // Check to see if a request to a specific entry point has been made. if (preg_match("#.*?\\.php#u", $path, $matches)) { // Get the current entry point path relative to the site path. $scriptPath = realpath($_SERVER['SCRIPT_FILENAME'] ? $_SERVER['SCRIPT_FILENAME'] : str_replace('\\\\', '\\', $_SERVER['PATH_TRANSLATED'])); $relativeScriptPath = str_replace('\\', '/', str_replace(JPATH_SITE, '', $scriptPath)); // If a php file has been found in the request path, check to see if it is a valid file. // Also verify that it represents the same file from the server variable for entry script. if (file_exists(JPATH_SITE . $matches[0]) && $matches[0] == $relativeScriptPath) { // Remove the entry point segments from the request path for proper routing. $path = str_replace($matches[0], '', $path); } } // Identify format if ($this->_mode == JROUTER_MODE_SEF) { if ($app->getCfg('sef_suffix') && !(substr($path, -9) == 'index.php' || substr($path, -1) == '/')) { if ($suffix = pathinfo($path, PATHINFO_EXTENSION)) { $vars['format'] = $suffix; } } } //Remove prefix $path = str_replace('index.php', '', $path); //Set the route $uri->setPath(trim($path, '/')); $vars += parent::parse($uri); if (empty($vars['option']) && isset($_POST['option'])) { $vars['option'] = JRequest::getCmd('option', '', 'post'); } if (empty($vars['option'])) { JError::raiseError(404, JText::_('JGLOBAL_RESOURCE_NOT_FOUND')); } /* START: HUBzero Extensions Follow to force registration and email confirmation */ $juser = JFactory::getUser(); if (!$juser->get('guest')) { $session = JFactory::getSession(); $registration_incomplete = $session->get('registration.incomplete'); if ($registration_incomplete) { if ($vars['option'] == 'com_users') { if ($vars['view'] == 'logout' || $vars['task'] == 'logout') { return $vars; } } if ($vars['option'] == 'com_members' && (isset($vars['controller']) && $vars['controller'] == 'register' || isset($vars['view']) && $vars['view'] == 'register')) { $session->set('linkaccount', false); return $vars; } if ($uri->getPath() != 'legal/terms') { $originalVars = $vars; $vars = array(); if ($juser->get('tmp_user')) { $vars['option'] = 'com_members'; $vars['controller'] = 'register'; $vars['task'] = 'create'; $vars['act'] = ''; } else { if (substr($juser->get('email'), -8) == '@invalid') { // First, allow ticket creation if ($originalVars['option'] == 'com_support' && $originalVars['controller'] == 'tickets' && $originalVars['task'] == 'save') { // Do nothing...allow it to pass through $vars = $originalVars; } elseif ($session->get('linkaccount', true)) { $vars['option'] = 'com_users'; $vars['view'] = 'link'; } else { $vars['option'] = 'com_members'; $vars['controller'] = 'register'; $vars['task'] = 'update'; $vars['act'] = ''; } } else { $o = JRequest::getVar('option', ''); $t = JRequest::getVar('task', ''); $nh = JRequest::getInt('no_html', 0); //are we trying to use the tag autocompletor when forcing registration update? if ($o == 'com_tags' && $t == 'autocomplete' && $nh) { $vars['option'] = 'com_tags'; } else { $vars['option'] = 'com_members'; $vars['id'] = $juser->get("id"); $vars['active'] = 'profile'; } } } $this->setVars($vars); JRequest::set($vars, 'get', true); // overwrite existing return $vars; } } $xprofile = \Hubzero\User\User::oneOrNew($juser->get('id')); if (is_object($xprofile) && $xprofile->get('activation') != 1 && $xprofile->get('activation') != 3) { if ($vars['option'] == 'com_users') { if (isset($vars['view']) && $vars['view'] == 'logout' || isset($vars['task']) && $vars['task'] == 'logout') { return $vars; } } else { if ($uri->getPath() == 'legal/terms') { return $vars; } else { if ($vars['option'] == 'com_members' && (isset($vars['controller']) && $vars['controller'] == 'register' || isset($vars['view']) && $vars['view'] == 'register')) { if (!empty($vars['task'])) { if ($vars['task'] == 'unconfirmed' || $vars['task'] == 'change' || $vars['task'] == 'resend' || $vars['task'] == 'confirm') { return $vars; } } } else { if ($vars['option'] == 'com_members' && (isset($vars['task']) && $vars['task'] == 'download') && (isset($vars['active']) && strpos($vars['active'], 'Image:') !== false) && JFactory::getSession()->get('userchangedemail', 0) == 1) { return $vars; } } } } $vars = array(); $vars['option'] = 'com_members'; $vars['controller'] = 'register'; $vars['task'] = 'unconfirmed'; $this->setVars($vars); JRequest::set($vars, 'get', true); // overwrite existing return $vars; } if (!$juser->get('approved')) { if ($vars['option'] == 'com_users') { if ($vars['view'] == 'logout' || $vars['task'] == 'logout') { return $vars; } } else { if ($uri->getPath() == 'legal/terms') { return $vars; } else { if ($vars['option'] == 'com_support' && $vars['controller'] == 'tickets' && $vars['task'] == 'save') { return $vars; } else { if ($vars['option'] == 'com_support' && $vars['controller'] == 'tickets' && $vars['task'] == 'new') { return $vars; } } } } $vars = array(); $vars['option'] = 'com_users'; $vars['view'] = 'unapproved'; $this->setVars($vars); JRequest::set($vars, 'get', true); // overwrite existing return $vars; } $badpassword = $session->get('badpassword', false); $expiredpassword = $session->get('expiredpassword', false); if ($badpassword || $expiredpassword) { if ($vars['option'] == 'com_members' && isset($vars['task']) && $vars['task'] == 'changepassword') { return $vars; } if ($vars['option'] == 'com_users' && ($vars['view'] == 'logout' || $vars['task'] == 'logout' || JRequest::getWord('task') == 'logout')) { return $vars; } if ($vars['option'] == 'com_support' && $vars['task'] == 'save') { return $vars; } if ($uri->getPath() == 'legal/terms') { return $vars; } // @FIXME: should double check shadowFlag here in case password gets chanegd // out of band. // @FIXME: should we clear POST and GET data $vars = array(); $vars['option'] = 'com_members'; $vars['task'] = 'changepassword'; if ($badpassword) { $vars['message'] = "Your password does not meet current site requirements. Please change your password now."; } if ($expiredpassword) { $vars['message'] = "Your password has expired. Please change your password now."; } $this->setVars($vars); JRequest::set($vars, 'get', true); // overwrite existing } } // Call system plugins for parsing routes if ($responses = JDispatcher::getInstance()->trigger('onParseRoute', array($vars))) { // We're assuming here that if a plugin returns vars, we'll take them wholesale. // This also means that plugins need to be ordered in terms of priority, as we'll // return the first response that isn't empty. foreach ($responses as $response) { if (is_array($response) && !empty($response)) { $this->setVars($response); JRequest::set($response, 'get', true); return $response; } } } /* END: HUBzero Extensions Follow to force registration and email confirmation */ return $vars; }
/** * Function to return profile object * * @param integer $user_id User identifier * @return object User object */ private function profileExpander($user_id) { return User::oneOrNew($user_id); }
/** * Register View for Event * * @return string */ private function register() { //create the view $view = $this->view('register', 'calendar'); //get request varse $eventId = Request::getVar('event_id', ''); //load event data $view->event = new \Components\Events\Models\Event($eventId); //get registrants count $eventsRespondent = new \Components\Events\Tables\Respondent(array('id' => $eventId)); $view->registrants = $eventsRespondent->getCount(); //do we have a registration deadline if ($view->event->get('registerby') == '' || $view->event->get('registerby') == '0000-00-00 00:00:00') { App::redirect(Route::url('index.php?option=' . $this->option . '&cn=' . $this->group->get('cn') . '&active=calendar&action=details&event_id=' . $view->event->get('id')), Lang::txt('This event does not have registration.'), 'warning'); return; } //make sure registration is open $now = Date::toUnix(); $registerby = Date::of($view->event->get('registerby'))->toUnix(); if ($registerby >= $now) { //get the password $password = Request::getVar('passwrd', '', 'post'); //is the event restricted if ($view->event->get('restricted') != '' && $view->event->get('restricted') != $password && !isset($this->register)) { //if we entered a password and it was bad lets tell the user if (isset($password) && $password != '') { $this->setError('The password entered is incorrect.'); } $view->setLayout('register_restricted'); } } else { $view->setLayout('register_closed'); } //push some vars to the view $view->month = $this->month; $view->year = $this->year; $view->group = $this->group; $view->option = $this->option; $view->authorized = $this->authorized; $view->user = $this->user; $view->register = isset($this->register) ? $this->register : null; $view->arrival = isset($this->arrival) ? $this->arrival : null; $view->departure = isset($this->departure) ? $this->departure : null; $view->dietary = isset($this->dietary) ? $this->dietary : null; $view->dinner = isset($this->dinner) ? $this->dinner : null; $view->disability = isset($this->disability) ? $this->disability : null; $view->race = isset($this->race) ? $this->race : null; //add params to view $view->params = new \Hubzero\Config\Registry($view->event->get('params')); if (!$this->user->get('guest')) { $profile = \Hubzero\User\User::oneOrNew($this->user->get('id')); $view->register['first_name'] = $profile->get('givenName'); $view->register['last_name'] = $profile->get('surname'); $view->register['affiliation'] = $profile->get('organization'); $view->register['email'] = $profile->get('email'); $view->register['telephone'] = $profile->get('phone'); $view->register['website'] = $profile->get('url'); } //get any errors if there are any foreach ($this->getErrors() as $error) { $view->setError($error); } //load the view return $view->loadTemplate(); }
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * HUBzero is a registered trademark of Purdue University. * * @package hubzero-cms * @author Alissa Nedossekina <*****@*****.**> * @copyright Copyright 2005-2015 HUBzero Foundation, LLC. * @license http://opensource.org/licenses/MIT MIT */ defined('_HZEXEC_') or die; $cls = isset($this->cls) ? $this->cls : 'odd'; $name = Lang::txt('PLG_PUBLICATIONS_REVIEWS_ANONYMOUS'); $huser = \Hubzero\User\User::oneOrNew($this->comment->get('created_by')); if (!$this->comment->get('anonymous')) { $name = $this->escape(stripslashes($huser->get('name'))); if (in_array($huser->get('access'), User::getAuthorisedviewLevels())) { $name = '<a href="' . Route::url('index.php?option=com_members&id=' . $huser->get('uidNumber')) . '">' . $name . '</a>'; } } $this->comment->set('item_type', 'pubreview'); if ($this->comment->isReported()) { $comment = '<p class="warning">' . Lang::txt('PLG_PUBLICATIONS_REVIEWS_NOTICE_POSTING_REPORTED') . '</p>'; } else { $comment = $this->comment->content('parsed'); } if ($this->comment->get('publication_id')) { $this->comment->set('item_id', $this->comment->get('id')); $this->comment->set('parent', 0);
/** * Short description for 'parse' * * Long description (if any) ... * * @param object &$uri Parameter description (if any) ... * @return array Return description (if any) ... */ function parse(&$uri) { $vars = array(); // Get the application $app = JFactory::getApplication(); if ($app->getCfg('force_ssl') == 2 && strtolower($uri->getScheme()) != 'https') { //forward to https $uri->setScheme('https'); $app->redirect($uri->toString()); } // Get the path $path = $uri->getPath(); //Remove the suffix if ($this->_mode == JROUTER_MODE_SEF) { // Get the application $app = JFactory::getApplication(); if ($app->getCfg('sef_suffix') && !(substr($path, -9) == 'index.php' || substr($path, -1) == '/')) { if ($suffix = pathinfo($path, PATHINFO_EXTENSION)) { $path = str_replace('.' . $suffix, '', $path); $vars['format'] = $suffix; } } } //Remove basepath $path = substr_replace($path, '', 0, strlen(JURI::base(true))); //Remove prefix $path = str_replace('index.php', '', $path); //Set the route $uri->setPath(trim($path, '/')); $vars += parent::parse($uri); /* HUBzero Extensions Follow to force registration and email confirmation */ $juser = JFactory::getUser(); if (!$juser->get('guest')) { $session = JFactory::getSession(); $registration_incomplete = $session->get('registration.incomplete'); if ($registration_incomplete) { if ($vars['option'] == 'com_user') { if ($vars['view'] == 'logout' || $vars['task'] == 'logout') { return $vars; } } if ($vars['option'] == 'com_members' && (isset($vars['controller']) && $vars['controller'] == 'register' || isset($vars['view']) && $vars['view'] == 'register')) { return $vars; } if ($uri->getPath() != 'legal/terms') { $vars = array(); /* $vars['option'] = 'com_members'; $vars['controller'] = 'register'; if ($juser->get('tmp_user')) $vars['task'] = 'create'; else $vars['task'] = 'update'; $vars['act'] = ''; */ $vars['option'] = 'com_members'; $vars['id'] = $juser->get("id"); $vars['active'] = 'profile'; $this->setVars($vars); JRequest::set($vars, 'get', true); // overwrite existing return $vars; } } $xprofile = \Hubzero\User\User::oneOrNew($juser->get('id')); if (is_object($xprofile) && $xprofile->get('activation') != 1 && $xprofile->get('activation') != 3) { if ($vars['option'] == 'com_user') { if ($vars['view'] == 'logout' || $vars['task'] == 'logout') { return $vars; } } else { if ($uri->getPath() == 'legal/terms') { return $vars; } else { if ($vars['option'] == 'com_members' && (isset($vars['controller']) && $vars['controller'] == 'register' || isset($vars['view']) && $vars['view'] == 'register')) { if (!empty($vars['task'])) { if ($vars['task'] == 'unconfirmed' || $vars['task'] == 'change' || $vars['task'] == 'resend' || $vars['task'] == 'confirm') { return $vars; } } } } } $vars = array(); $vars['option'] = 'com_members'; $vars['controller'] = 'register'; $vars['task'] = 'unconfirmed'; $this->setVars($vars); JRequest::set($vars, 'get', true); // overwrite existing return $vars; } } return $vars; }
/** * Save an entry * * @return void */ public function saveTask() { // [SECURITY] Check for request forgeries Request::checkToken(); if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option)) { App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR')); } // Incoming $fields = Request::getVar('fields', array(), 'post', 'none', 2); $team = Request::getVar('team', '', 'post', 2, 'none'); // Bind the incoming data to our mdoel $row = Application::oneOrNew($fields['id'])->set($fields); // Validate and save the data if (!$row->save()) { Notify::error($row->getError()); return $this->editTask($row); } // parse incoming team $team = array_map('trim', explode(',', $team)); // clean up team foreach ($team as $k => $t) { // handle usernames & emails if (!is_numeric($t)) { // handle emails if (strpos($t, '@')) { // load profile by email $profile = \Hubzero\User\User::oneByEmail($t); } else { // load profile by username $profile = \Hubzero\User\User::oneOrNew($t); } // swap usernames for uidnumbers if ($profile) { $team[$k] = $profile->get('id'); } else { unset($team[$k]); } } } // add creator if new // will only ever get added once $team[] = User::get('id'); // get current team $currentTeam = $row->team()->rows(); $found = array(); // Remove members not included now foreach ($currentTeam as $member) { if (!in_array($member->get('uidNumber'), $team)) { $member->destroy(); } $found[] = $member->get('uidNumber'); } // Add each non-team member to team foreach ($team as $uidNumber) { if (!in_array($uidNumber, $found)) { $member = Member::blank(); $member->set('uidNumber', $uidNumber); $member->set('application_id', $row->get('id')); $member->save(); } } Notify::success(Lang::txt('COM_DEVELOPER_APPLICATION_SAVED')); if ($this->getTask() == 'apply') { return $this->editTask($row); } $this->cancelTask(); }
/** * Save developer application details * * @return void */ public function saveTask() { // CSRF check Request::checkToken(); // get request vars $data = Request::getVar('application', array(), 'post', 2, 'none'); $team = Request::getVar('team', array(), 'post', 2, 'none'); // must be logged in if (User::isGuest()) { $return = Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=edit&id=' . $data['id'], false, true); App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($return))); return; } // bind data to model $model = Application::oneOrNew($data['id'])->set($data); // is the app available if ($model->isDeleted()) { App::redirect(Route::url('index.php?option=com_developer&controller=applications'), Lang::txt('COM_DEVELOPER_API_APPLICATION_DOES_NOT_EXIST'), 'warning'); return; } // make sure its ours if (!$this->config->get('access-edit-application', 0) && !$this->config->get('access-create-application', 0) && $data['id'] > 0) { App::redirect(Route::url('index.php?option=com_developer&controller=applications'), Lang::txt('COM_DEVELOPER_API_APPLICATION_NOT_AUTHORIZED'), 'warning'); return; } // attempt to save model if (!$model->save()) { Notify::error($model->getError()); return $this->editTask($model); } // parse incoming team $team = array_map('trim', explode(',', $team)); // clean up team foreach ($team as $k => $t) { // handle usernames & emails if (!is_numeric($t)) { // handle emails if (strpos($t, '@')) { // load profile by email $profile = \Hubzero\User\User::oneByEmail($t); } else { // load profile by username $profile = \Hubzero\User\User::oneOrNew($t); } // swap usernames for uidnumbers if ($profile) { $team[$k] = $profile->get('id'); } else { unset($team[$k]); } } } // add creator if new // will only ever get added once $team[] = User::get('id'); // get current team $found = array(); foreach ($model->team()->rows() as $member) { $found[] = $member->get('uidNumber'); } // Add each non-team member to team foreach ($team as $uidNumber) { if (!in_array($uidNumber, $found)) { $member = Member::blank(); $member->set('uidNumber', $uidNumber); $member->set('application_id', $model->get('id')); $member->save(); } } // Redirect back to the main listing with a success message App::redirect(Route::url($model->link()), Lang::txt('COM_DEVELOPER_API_APPLICATION_SAVED'), 'passed'); }
/** * Validate a password * * @param string $password * @param array $rules * @param mixed $user * @param string $name * @return array */ public static function verify($password, $rules, $user, $name = null) { if (empty($rules)) { return array(); } $fail = array(); $stats = self::analyze($password); foreach ($rules as $rule) { if ($rule['rule'] == 'minCharacterClasses') { if ($stats['uniqueClasses'] < $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'maxCharacterClasses') { if ($stats['uniqueClasses'] > $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'minPasswordLength') { if ($stats['count'][0] < $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'maxPasswordLength') { if ($stats['count'][0] > $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'maxClassCharacters') { if (empty($rule['class'])) { continue; } $class = $rule['class']; if (empty($stats['count'][$class])) { $stats['count'][$class] = 0; } if ($stats['count'][$class] > $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'minClassCharacters') { if (empty($rule['class'])) { continue; } $class = $rule['class']; if (empty($stats['count'][$class])) { $stats['count'][$class] = 0; } if ($stats['count'][$class] < $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'minUniqueCharacters') { if ($stats['uniqueCharacters'] < $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'notBlacklisted') { if (Blacklist::basedOnBlackList($password)) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'notNameBased') { if ($name == null) { if (is_numeric($user)) { $xuser = User::oneOrNew($user); } else { $xuser = User::oneByUsername($user); } if (!is_object($xuser)) { continue; } $givenName = $xuser->get('givenName'); $middleName = $xuser->get('middleName'); $surname = $xuser->get('surname'); $name = $givenName; if (!empty($middleName)) { if (empty($name)) { $name = $middleName; } else { $name .= ' ' . $middleName; } } if (!empty($surname)) { if (empty($name)) { $name = $surname; } else { $name .= ' ' . $surname; } } } if (self::isBasedOnName($password, $name)) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'notUsernameBased') { if (is_numeric($user)) { $xuser = User::oneOrNew($user); if (!is_object($xuser)) { continue; } $user = $xuser->get('username'); } if (self::isBasedOnUsername($password, $user)) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'notReused') { $date = new \DateTime('now'); $date->modify("-" . $rule['value'] . "day"); $phist = History::getInstance($user); if (!is_object($phist)) { continue; } if ($phist->exists($password, $date->format("Y-m-d H:i:s"))) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'notRepeat') { if (Password::passwordMatches($user, $password, true)) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] === 'true') { } else { if ($rule['rule'] == 'notStale') { } else { $fail[] = $rule['failuremsg']; } } } } } } } } } } } } } } } if (empty($fail)) { $fail = array(); } return $fail; }
?> </span></legend> <div class="input-wrap" data-hint="<?php echo Lang::txt('COM_DEVELOPER_FIELD_ADD_TEAM_HINT'); ?> "> <label for="acmembers"><?php echo Lang::txt('COM_DEVELOPER_FIELD_ADD_TEAM'); ?> :</label><br /> <?php // get team and format for autocompletor $currentTeam = array(); foreach ($this->row->team() as $member) { $profile = \Hubzero\User\User::oneOrNew($member->get('uidNumber')); $currentTeam[] = $profile->get('name') . ' (' . $profile->get('id') . ')'; } // output member autocompletor $mc = Event::trigger('hubzero.onGetMultiEntry', array(array('members', 'team', 'acmembers', '', implode(', ', $currentTeam)))); if (count($mc) > 0) { echo $mc[0]; } else { ?> <input type="text" name="team" id="acmembers" value="" size="35" /> <?php } ?> </div> </fieldset> <?php