/** * Method to display a view. * * @param boolean If true, the view output will be cached * @param array An array of safe url parameters and their variable types, for valid values see {@link JFilterInput::clean()}. * * @return JController This object to support chaining. * @since 1.5 */ public function display($cachable = false, $urlparams = false) { Plugin::import('content'); $vName = Request::getCmd('view', 'images'); switch ($vName) { case 'imagesList': $mName = 'list'; $vLayout = Request::getCmd('layout', 'default'); break; case 'images': default: $vLayout = Request::getCmd('layout', 'default'); $mName = 'manager'; $vName = 'images'; break; } $vType = Document::getType(); // Get/Create the view $view = $this->getView($vName, $vType); $view->addTemplatePath(JPATH_COMPONENT_ADMINISTRATOR . '/views/' . strtolower($vName) . '/tmpl'); // Get/Create the model if ($model = $this->getModel($mName)) { // Push the model into the view (as default) $view->setModel($model, true); } // Set the layout $view->setLayout($vLayout); // Display the view $view->display(); return $this; }
function display($tpl = null) { $user = User::getRoot(); // If this is an auth_link account update, carry on, otherwise raise an error if (!is_object($user) || !array_key_exists('auth_link_id', $user) || !is_numeric($user->get('username')) || !$user->get('username') < 0) { App::abort('405', 'Method not allowed'); return; } // Get and add the js and extra css to the page \Hubzero\Document\Assets::addComponentStylesheet('com_users', 'link.css'); \Hubzero\Document\Assets::addComponentStylesheet('com_users', 'providers.css'); \Hubzero\Document\Assets::addComponentScript('com_users', 'link'); // Import a few things jimport('joomla.user.helper'); // Look up a few things $hzal = \Hubzero\Auth\Link::find_by_id($user->get("auth_link_id")); $hzad = \Hubzero\Auth\Domain::find_by_id($hzal->auth_domain_id); $plugins = Plugin::byType('authentication'); // Get the display name for the current plugin being used Plugin::import('authentication', $hzad->authenticator); $plugin = Plugin::byType('authentication', $hzad->authenticator); $pparams = new \Hubzero\Config\Registry($plugin->params); $refl = new ReflectionClass("plgAuthentication{$plugin->name}"); $display_name = $pparams->get('display_name', $refl->hasMethod('onGetLinkDescription') ? $refl->getMethod('onGetLinkDescription')->invoke(NULL) : ucfirst($plugin->name)); // Look for conflicts - first check in the hub accounts $profile_conflicts = \Hubzero\User\Profile\Helper::find_by_email($hzal->email); // Now check the auth_link table $link_conflicts = \Hubzero\Auth\Link::find_by_email($hzal->email, array($hzad->id)); $conflict = array(); if ($profile_conflicts) { foreach ($profile_conflicts as $p) { $user_id = JUserHelper::getUserId($p); $juser = User::getInstance($user_id); $auth_link = \Hubzero\Auth\Link::find_by_user_id($juser->id); $dname = is_object($auth_link) && $auth_link->auth_domain_name ? $auth_link->auth_domain_name : 'hubzero'; $conflict[] = array("auth_domain_name" => $dname, "name" => $juser->name, "email" => $juser->email); } } if ($link_conflicts) { foreach ($link_conflicts as $l) { $juser = User::getInstance($l['user_id']); $conflict[] = array("auth_domain_name" => $l['auth_domain_name'], "name" => $juser->name, "email" => $l['email']); } } // Make sure we don't somehow have any duplicate conflicts $conflict = array_map("unserialize", array_unique(array_map("serialize", $conflict))); // @TODO: Could also check for high probability of name matches??? // Get the site name $sitename = Config::get('sitename'); // Assign variables to the view $this->assign('hzal', $hzal); $this->assign('hzad', $hzad); $this->assign('plugins', $plugins); $this->assign('display_name', $display_name); $this->assign('conflict', $conflict); $this->assign('sitename', $sitename); $this->assignref('juser', $user); parent::display($tpl); }
/** * Constructor. * @param $argv array task arguments */ function UsageStatsLoader($args) { parent::FileLoader($args); $this->_geoLocationTool = new GeoLocationTool(); $plugin = PluginRegistry::getPlugin('generic', 'usagestatsplugin'); // Load the metric type constant. PluginRegistry::loadCategory('reports'); $this->_plugin = $plugin; $this->_plugin->import('UsageStatsTemporaryRecordDAO'); $statsDao = new UsageStatsTemporaryRecordDAO(); DAORegistry::registerDAO('UsageStatsTemporaryRecordDAO', $statsDao); $this->_counterRobotsListFile = $this->_getCounterRobotListFile(); $journalDao = DAORegistry::getDAO('JournalDAO'); /* @var $journalDao JournalDAO */ $journalFactory = $journalDao->getAll(); /* @var $journalFactory DAOResultFactory */ $journalsByPath = array(); while ($journal = $journalFactory->next()) { /* @var $journal Journal */ $journalsByPath[$journal->getPath()] = $journal; } $this->_journalsByPath = $journalsByPath; $this->checkFolderStructure(true); }
/** * Method to display a view. * * @param boolean If true, the view output will be cached * @param array An array of safe url parameters and their variable types, for valid values see {@link JFilterInput::clean()}. * * @return JController This object to support chaining. * @since 1.5 */ public function display($cachable = false, $urlparams = false) { Plugin::import('content'); $vName = Request::getCmd('view', 'media'); switch ($vName) { case 'images': $vLayout = Request::getCmd('layout', 'default'); $mName = 'manager'; break; case 'imagesList': $mName = 'list'; $vLayout = Request::getCmd('layout', 'default'); break; case 'mediaList': $mName = 'list'; $vLayout = Request::getState('media.list.layout', 'layout', 'thumbs', 'word'); break; case 'media': default: $vName = 'media'; $vLayout = Request::getCmd('layout', 'default'); $mName = 'manager'; break; } $vType = Document::getType(); // Get/Create the view $view = $this->getView($vName, $vType); // Get/Create the model if ($model = $this->getModel($mName)) { // Push the model into the view (as default) $view->setModel($model, true); } // Set the layout $view->setLayout($vLayout); // Display the view $view->display(); return $this; }
/** * Save group settings * * @return void */ public function saveTask() { // Check if they're logged in if (User::isGuest()) { $this->loginTask(Lang::txt('COM_GROUPS_CREATE_MUST_BE_LOGGED_IN')); return; } Request::checkToken(); // Incoming $g_gidNumber = Request::getInt('gidNumber', 0, 'post'); $c_gidNumber = Request::getVar('gidNumber', 0, 'post'); if ((string) $g_gidNumber !== (string) $c_gidNumber) { App::abort(404, Lang::txt('COM_GROUPS_ERROR_NO_ID')); } if (!$g_gidNumber && !User::authorise('core.create', $this->_option) || $g_gidNumber && !User::authorise('core.edit', $this->_option)) { return App::redirect(Route::url('index.php?option=' . $this->_option), Lang::txt('COM_GROUPS_ERROR_NOT_AUTH'), 'warning'); } $g_cn = trim(Request::getVar('cn', '', 'post')); $g_description = preg_replace('/\\s+/', ' ', trim(Request::getVar('description', Lang::txt('NONE'), 'post'))); $g_discoverability = Request::getInt('discoverability', 0, 'post'); $g_public_desc = Sanitize::stripScripts(trim(Request::getVar('public_desc', '', 'post', 'none', 2))); $g_private_desc = Sanitize::stripScripts(trim(Request::getVar('private_desc', '', 'post', 'none', 2))); $g_restrict_msg = Sanitize::stripScripts(trim(Request::getVar('restrict_msg', '', 'post', 'none', 2))); $g_join_policy = Request::getInt('join_policy', 0, 'post'); $tags = trim(Request::getVar('tags', '')); $lid = Request::getInt('lid', 0, 'post'); $customization = Request::getVar('group', '', 'POST', 'none', 2); $plugins = Request::getVar('group_plugin', '', 'POST'); $params = Request::getVar('params', array(), 'POST'); $g_discussion_email_autosubscribe = Request::getInt('discussion_email_autosubscribe', 0, 'post'); //Check authorization if ($this->_authorize() != 'manager' && $g_gidNumber != 0 && !$this->_authorizedForTask('group.edit')) { $this->_errorHandler(403, Lang::txt('COM_GROUPS_ERROR_NOT_AUTH')); } //are we editing or creating if ($g_gidNumber) { $group = Group::getInstance($g_gidNumber); $this->_task = 'edit'; $before = Group::getInstance($g_gidNumber); } else { $this->_task = 'new'; $group = new Group(); $before = new Group(); } // Check for any missing info if (!$g_cn) { $this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_MISSING_INFORMATION') . ': ' . Lang::txt('COM_GROUPS_DETAILS_FIELD_CN'), 'error'); } if (!$g_description) { $this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_MISSING_INFORMATION') . ': ' . Lang::txt('COM_GROUPS_DETAILS_FIELD_DESCRIPTION'), 'error'); } // Ensure the data passed is valid if ($g_cn == 'new' || $g_cn == 'browse') { $this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_INVALID_ID'), 'error'); } if (!$this->_validCn($g_cn)) { $this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_INVALID_ID'), 'error'); } if ($this->_task == 'new' && Group::exists($g_cn, true)) { $this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_ID_TAKEN'), 'error'); } // Get the logo $logo = ''; if (isset($customization['logo'])) { $logo_parts = explode("/", $customization['logo']); $logo = array_pop($logo_parts); } // Plugin settings $plugin_access = ''; foreach ($plugins as $plugin) { $plugin_access .= $plugin['name'] . '=' . $plugin['access'] . ',' . "\n"; } // Run content through validation and spam filters if (trim($g_public_desc)) { $results = Event::trigger('content.onContentBeforeSave', array('com_groups.group.public_desc', &$g_public_desc, $this->_task == 'new')); foreach ($results as $result) { if ($result === false) { $this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_FAILED_VALIDATION'), 'error'); break; } } } // Push back into edit mode if any errors if ($this->getNotifications()) { $group->set('cn', $g_cn); $group->set('description', $g_description); $group->set('public_desc', $g_public_desc); $group->set('private_desc', $g_private_desc); $group->set('join_policy', $g_join_policy); $group->set('restrict_msg', $g_restrict_msg); $group->set('discoverability', $g_discoverability); $group->set('discussion_email_autosubscribe', $g_discussion_email_autosubscribe); $group->set('logo', $logo); $group->set('plugins', $plugin_access); $this->lid = $lid; $this->group = $group; $this->tags = $tags; $this->editTask(); return; } // Build the e-mail message if ($this->_task == 'new') { $subject = Lang::txt('COM_GROUPS_SAVE_EMAIL_REQUESTED_SUBJECT', $g_cn); $type = 'groups_created'; } else { $subject = Lang::txt('COM_GROUPS_SAVE_EMAIL_UPDATED_SUBJECT', $g_cn); $type = 'groups_changed'; } if ($this->_task == 'new') { $group->set('cn', $g_cn); $group->set('type', 1); $group->set('published', 1); $group->set('approved', $this->config->get('auto_approve', 1)); $group->set('created', Date::toSql()); $group->set('created_by', User::get('id')); $group->add('managers', array(User::get('id'))); $group->add('members', array(User::get('id'))); $group->create(); } // merge incoming settings with existing params $params = new Registry($params); $gParams = new Registry($group->get('params')); $gParams->merge($params); //set group vars & Save group $group->set('description', $g_description); $group->set('public_desc', $g_public_desc); $group->set('private_desc', $g_private_desc); $group->set('join_policy', $g_join_policy); $group->set('restrict_msg', $g_restrict_msg); $group->set('discoverability', $g_discoverability); $group->set('logo', $logo); $group->set('plugins', $plugin_access); $group->set('discussion_email_autosubscribe', $g_discussion_email_autosubscribe); $group->set('params', $gParams->toString()); $group->update(); // Process tags $gt = new Tags($group->get('gidNumber')); $gt->setTags($tags, User::get('id')); // Rename the temporary upload directory if it exist $log_comments = ''; Event::trigger('groups.onGroupAfterSave', array($before, $group)); if ($this->_task == 'new') { if ($lid != $group->get('gidNumber')) { $config = $this->config; $bp = PATH_APP . DS . trim($this->config->get('uploadpath', '/site/groups'), DS); if (is_dir($bp . DS . $lid)) { rename($bp . DS . $lid, $bp . DS . $group->get('gidNumber')); } } $log_action = 'group_created'; // Trigger the functions that delete associated content // Should return logs of what was deleted $logs = Event::trigger('groups.onGroupNew', array($group)); if (count($logs) > 0) { $log_comments .= implode('', $logs); } } else { $log_action = 'group_edited'; } // log invites Log::log(array('gidNumber' => $group->get('gidNumber'), 'action' => $log_action, 'comments' => $log_comments)); // Build the e-mail message // Note: this is done *before* pushing the changes to the group so we can show, in the message, what was changed $eview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'saved')); $eview->option = $this->_option; $eview->user = User::getRoot(); $eview->group = $group; $message['plaintext'] = $eview->loadTemplate(); $message['plaintext'] = str_replace("\n", "\r\n", $message['plaintext']); $eview->setLayout('saved'); $message['multipart'] = $eview->loadTemplate(); $message['multipart'] = str_replace("\n", "\r\n", $message['multipart']); // Get the administrator e-mail $emailadmin = Config::get('mailfrom'); // Get the "from" info $from = array('name' => Config::get('sitename') . ' ' . Lang::txt(strtoupper($this->_name)), 'email' => Config::get('mailfrom')); //only email managers if updating group if ($type == 'groups_changed') { // build array of managers $managers = $group->get('managers'); // create new message Plugin::import('xmessage'); if (!Event::trigger('onSendMessage', array($type, $subject, $message, $from, $managers, $this->_option))) { $this->setNotification(Lang::txt('GROUPS_ERROR_EMAIL_MANAGERS_FAILED'), 'error'); } } //only inform site admin if the group wasn't auto-approved if (!$this->config->get('auto_approve', 1) && $group->get('approved') == 0) { // create approval subject $subject = Lang::txt('COM_GROUPS_SAVE_WAITING_APPROVAL', Config::get('sitename')); // build approval message $link = 'https://' . trim($_SERVER['HTTP_HOST'], DS) . DS . 'groups' . DS . $group->get('cn'); $link2 = 'https://' . trim($_SERVER['HTTP_HOST'], DS) . DS . 'administrator'; $html = Lang::txt('COM_GROUPS_SAVE_WAITING_APPROVAL_DESC', $group->get('description'), $link, $link2); $plain = Lang::txt('COM_GROUPS_SAVE_WAITING_APPROVAL_DESC', $group->get('description'), $link, $link2); // create new message $message = new \Hubzero\Mail\Message(); // build message object and send $message->setSubject($subject)->addFrom($from['email'], $from['name'])->setTo($emailadmin)->addHeader('X-Mailer', 'PHP/' . phpversion())->addHeader('X-Component', 'com_groups')->addHeader('X-Component-Object', 'group_pending_approval')->addHeader('X-Component-ObjectId', $group->get('gidNumber'))->addPart($plain, 'text/plain')->addPart($html, 'text/html')->send(); } // create home page if ($this->_task == 'new') { // create page $page = new Page(array('gidNumber' => $group->get('gidNumber'), 'parent' => 0, 'lft' => 1, 'rgt' => 2, 'depth' => 0, 'alias' => 'overview', 'title' => 'Overview', 'state' => 1, 'privacy' => 'default', 'home' => 1)); $page->store(false); // create page version $version = new Page\Version(array('pageid' => $page->get('id'), 'version' => 1, 'content' => "<!-- {FORMAT:HTML} -->\n<p>[[Group.DefaultHomePage()]]</p>", 'created' => Date::toSql(), 'created_by' => User::get('id'), 'approved' => 1)); $version->store(false); } // Show success message to user if ($this->_task == 'new') { $this->setNotification(Lang::txt('COM_GROUPS_CREATED_SUCCESS', $group->get('description')), 'passed'); } else { $this->setNotification(Lang::txt('COM_GROUPS_UPDATED_SUCCESS', $group->get('description')), 'passed'); } // Redirect back to the group page App::redirect(Route::url('index.php?option=' . $this->_option . '&cn=' . $group->get('cn'))); return; }
public function link() { $user = User::getInstance(); // First, they should already be logged in, so check for that if ($user->get('guest')) { App::abort(403, Lang::txt('You must be logged in to perform this function')); return; } // Do we have a return $return = ''; $options = array(); if ($return = Request::getVar('return', '', 'method', 'base64')) { $return = base64_decode($return); if (!JURI::isInternal($return)) { $return = ''; } else { $options['return'] = base64_encode($return); } } $authenticator = Request::getVar('authenticator', '', 'method'); // If a specific authenticator is specified try to call the link method for that plugin if (!empty($authenticator)) { Plugin::import('authentication'); $plugin = Plugin::byType('authentication', $authenticator); $className = 'plg' . $plugin->type . $plugin->name; if (class_exists($className)) { if (method_exists($className, 'link')) { $myplugin = new $className($this, (array) $plugin); $myplugin->link($options); } else { // No Link method is availble App::redirect(Route::url('index.php?option=com_members&id=' . $user->get('id') . '&active=account'), 'Linked accounts are not currently available for this provider.', 'error'); } } } else { // No authenticator provided... App::abort(400, Lang::txt('Missing authenticator')); return; } // Success! Redict with message App::redirect(Route::url('index.php?option=com_members&id=' . $user->get('id') . '&active=account'), 'Your account has been successfully linked!'); }
/** * Primary/default view function * * @return object Return */ private function _view() { // Setup our view $view = $this->view('default', 'overview'); // Get linked accounts, if any Plugin::import('authentication'); $view->domains_avail = Plugin::byType('authentication'); $view->hzalaccounts = \Hubzero\Auth\Link::find_by_user_id($this->user->get("id")); // Put the used domains into an array with details available from the providers (if applicable) $view->domains_used = array(); $view->domain_names = array(); if ($view->hzalaccounts) { Plugin::import('authentication'); $i = 0; foreach ($view->hzalaccounts as $authenticators) { $plugin = Plugin::byType('authentication', $authenticators['auth_domain_name']); // Make sure we got the plugin if (!is_object($plugin)) { unset($view->hzalaccounts[$i]); continue; } $className = 'plg' . $plugin->type . $plugin->name; $details = array(); if (class_exists($className)) { if (method_exists($className, 'getInfo')) { $details = $className::getInfo($plugin->params); } } $view->domains_used[] = array('name' => $authenticators['auth_domain_name'], 'details' => $details); $view->domain_names[] = $authenticators['auth_domain_name']; // Increment index $i++; } } // Get unused domains $view->domains_unused = array(); foreach ($view->domains_avail as $domain) { if ($domain->name != 'hubzero' && !in_array($domain->name, $view->domain_names)) { $view->domains_unused[] = $domain; } } // Determine what type of password change the user needs $hzup = \Hubzero\User\Password::getInstance($this->member->get('uidNumber')); if (!empty($hzup->passhash)) { // A password has already been set, now check if they're logged in with a linked account if (array_key_exists('auth_link_id', $this->user)) { // Logged in with linked account $view->passtype = 'changelocal'; } else { // Logged in with hub $view->passtype = 'changehub'; } } else { // No password has been set... $view->passtype = 'set'; } // Get password expiration information $view->passinfo = $this->getPassInfo(); // Get the ssh key if it exists $view->key = $this->readKey(); // Get the password rules $password_rules = \Hubzero\Password\Rule::getRules(); // Get the password rule descriptions $view->password_rules = array(); foreach ($password_rules as $rule) { if (!empty($rule['description'])) { $view->password_rules[] = $rule['description']; } } // A few more things... $view->option = $this->option; $view->member = $this->member; $view->params = $this->params; $view->notifications = $this->getPluginMessage() ? $this->getPluginMessage() : array(); // Set any errors foreach ($this->getErrors() as $error) { $view->setError($error); } return $view->loadTemplate(); }
require_once PATH_CORE . DS . 'bootstrap' . DS . 'site' . DS . 'framework.php'; $time_start = microtime(true); /** * CREATE THE APPLICATION * * NOTE : */ $mainframe = JFactory::getApplication('site'); /** * INITIALISE THE APPLICATION * * NOTE : */ // set the language $mainframe->initialise(); Plugin::import('system'); // trigger the onAfterInitialise events Event::trigger('onAfterInitialise'); if (0) { /** * ROUTE THE APPLICATION * * NOTE : */ $mainframe->route(); // authorization $Itemid = Request::getInt('Itemid'); $mainframe->authorize($Itemid); // trigger the onAfterRoute events Event::trigger('onAfterRoute'); /**
/** * Method to stop tool session * * @apiMethod DELETE * @apiUri /tools/{session} * @return void */ public function deleteTask() { //get the userid and attempt to load user profile $userid = App::get('authn')['user_id']; $result = User::getInstance($userid); //make sure we have a user if (!$result->get('id')) { throw new Exception(Lang::txt('Unable to find user.'), 404); } //include needed libraries require_once dirname(dirname(__DIR__)) . '/models/middleware/session.php'; //instantiate middleware database object $mwdb = \Components\Tools\Helpers\Utils::getMWDBO(); //get request vars $sessionid = Request::getVar('sessionid', ''); //make sure we have the session if (!$sessionid) { throw new Exception('Missing session ID.', 400); } //load the session we are trying to stop $ms = new \Components\Tools\Models\Middleware\Session($mwdb); $ms->load($sessionid, $result->get("username")); //check to make sure session exists and it belongs to the user if (!$ms->username || $ms->username != $result->get("username")) { throw new Exception('Session Doesn\'t Exist or Does Not Belong to User', 400); } //get middleware plugins Plugin::import('mw', $ms->appname); // Trigger any events that need to be called before session stop Event::trigger('mw.onBeforeSessionStop', array($ms->appname)); //run command to stop session $status = \Components\Tools\Helpers\Utils::middleware("stop {$sessionid}", $out); // Trigger any events that need to be called after session stop Event::trigger('mw.onAfterSessionStop', array($ms->appname)); // was the session stopped successfully if ($status == 1) { $object = new stdClass(); $object->session = array('session' => $sessionid, 'status' => 'stopped', 'stopped' => with(new Date())->toSql()); $this->send($object); } }
/** * Method to save the form data. * * @param array The form data. * @return mixed The user id on success, false on failure. * @since 1.6 */ public function register($temp) { $db = $this->getDbo(); $params = Component::params('com_users'); // Initialise the table with JUser. $user = new JUser(); $data = (array) $this->getData(); // Merge in the registration data. foreach ($temp as $k => $v) { $data[$k] = $v; } // Prepare the data for the user object. $data['email'] = $data['email1']; $data['password'] = $data['password1']; $useractivation = $params->get('useractivation'); $sendpassword = $params->get('sendpassword', 1); // Check if the user needs to activate their account. if ($useractivation == 1 || $useractivation == 2) { $data['activation'] = App::hash(JUserHelper::genRandomPassword()); $data['block'] = 1; } // Bind the data. if (!$user->bind($data)) { $this->setError(Lang::txt('COM_USERS_REGISTRATION_BIND_FAILED', $user->getError())); return false; } // Load the users plugin group. Plugin::import('user'); // Store the data. if (!$user->save()) { $this->setError(Lang::txt('COM_USERS_REGISTRATION_SAVE_FAILED', $user->getError())); return false; } // Compile the notification mail values. $data = $user->getProperties(); $data['fromname'] = Config::get('fromname'); $data['mailfrom'] = Config::get('mailfrom'); $data['sitename'] = Config::get('sitename'); $data['siteurl'] = Request::root(); // Handle account activation/confirmation emails. if ($useractivation == 2) { // Set the link to confirm the user email. $uri = JURI::getInstance(); $base = $uri->toString(array('scheme', 'user', 'pass', 'host', 'port')); $data['activate'] = $base . Route::url('index.php?option=com_users&task=registration.activate&token=' . $data['activation'], false); $emailSubject = Lang::txt('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']); if ($sendpassword) { $emailBody = Lang::txt('COM_USERS_EMAIL_REGISTERED_WITH_ADMIN_ACTIVATION_BODY', $data['name'], $data['sitename'], $data['activate'], $data['siteurl'], $data['username'], $data['password_clear']); } else { $emailBody = Lang::txt('COM_USERS_EMAIL_REGISTERED_WITH_ADMIN_ACTIVATION_BODY_NOPW', $data['name'], $data['sitename'], $data['activate'], $data['siteurl'], $data['username']); } } elseif ($useractivation == 1) { // Set the link to activate the user account. $uri = JURI::getInstance(); $base = $uri->toString(array('scheme', 'user', 'pass', 'host', 'port')); $data['activate'] = $base . Route::url('index.php?option=com_users&task=registration.activate&token=' . $data['activation'], false); $emailSubject = Lang::txt('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']); if ($sendpassword) { $emailBody = Lang::txt('COM_USERS_EMAIL_REGISTERED_WITH_ACTIVATION_BODY', $data['name'], $data['sitename'], $data['activate'], $data['siteurl'], $data['username'], $data['password_clear']); } else { $emailBody = Lang::txt('COM_USERS_EMAIL_REGISTERED_WITH_ACTIVATION_BODY_NOPW', $data['name'], $data['sitename'], $data['activate'], $data['siteurl'], $data['username']); } } else { $emailSubject = Lang::txt('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']); $emailBody = Lang::txt('COM_USERS_EMAIL_REGISTERED_BODY', $data['name'], $data['sitename'], $data['siteurl']); } // Send the registration email. $return = JFactory::getMailer()->sendMail($data['mailfrom'], $data['fromname'], $data['email'], $emailSubject, $emailBody); //Send Notification mail to administrators if ($params->get('useractivation') < 2 && $params->get('mail_to_admin') == 1) { $emailSubject = Lang::txt('COM_USERS_EMAIL_ACCOUNT_DETAILS', $data['name'], $data['sitename']); $emailBodyAdmin = Lang::txt('COM_USERS_EMAIL_REGISTERED_NOTIFICATION_TO_ADMIN_BODY', $data['name'], $data['username'], $data['siteurl']); // get all admin users $query = 'SELECT name, email, sendEmail' . ' FROM #__users' . ' WHERE sendEmail=1'; $db->setQuery($query); $rows = $db->loadObjectList(); // Send mail to all superadministrators id foreach ($rows as $row) { $return = JFactory::getMailer()->sendMail($data['mailfrom'], $data['fromname'], $row->email, $emailSubject, $emailBodyAdmin); // Check for an error. if ($return !== true) { $this->setError(Lang::txt('COM_USERS_REGISTRATION_ACTIVATION_NOTIFY_SEND_MAIL_FAILED')); return false; } } } // Check for an error. if ($return !== true) { $this->setError(Lang::txt('COM_USERS_REGISTRATION_SEND_MAIL_FAILED')); // Send a system message to administrators receiving system mails $db = App::get('db'); $q = "SELECT id\n\t\t\t\tFROM #__users\n\t\t\t\tWHERE block = 0\n\t\t\t\tAND sendEmail = 1"; $db->setQuery($q); $sendEmail = $db->loadColumn(); if (count($sendEmail) > 0) { $jdate = new \Hubzero\Utility\Date(); // Build the query to add the messages $q = "INSERT INTO " . $db->quoteName('#__messages') . " (" . $db->quoteName('user_id_from') . ", " . $db->quoteName('user_id_to') . ", " . $db->quoteName('date_time') . ", " . $db->quoteName('subject') . ", " . $db->quoteName('message') . ") VALUES "; $messages = array(); foreach ($sendEmail as $userid) { $messages[] = "(" . $userid . ", " . $userid . ", '" . $jdate->toSql() . "', '" . Lang::txt('COM_USERS_MAIL_SEND_FAILURE_SUBJECT') . "', '" . Lang::txt('COM_USERS_MAIL_SEND_FAILURE_BODY', $return, $data['username']) . "')"; } $q .= implode(',', $messages); $db->setQuery($q); $db->query(); } return false; } if ($useractivation == 1) { return "useractivate"; } elseif ($useractivation == 2) { return "adminactivate"; } else { return $user->id; } }
<?php break; default: break; } ?> <form action="<?php echo Route::url('index.php?option=' . $this->option . '&' . ($this->task == 'create' ? 'return=' . $form_redirect : 'task=' . $this->task)); ?> " method="post" id="hubForm"> <?php if ($this->task == 'create' && empty($this->xregistration->_invalid) && empty($this->xregistration->_missing)) { // Check to see if third party auth plugins are enabled Plugin::import('authentication'); $plugins = Plugin::byType('authentication'); $authenticators = array(); foreach ($plugins as $p) { if ($p->name != 'hubzero') { $pparams = new \Hubzero\Config\Registry($p->params); $display = $pparams->get('display_name', ucfirst($p->name)); $authenticators[] = array('name' => $p->name, 'display' => $display); } } // There are third party plugins, so show them on the registration form if (!empty($authenticators)) { $this->css('providers.css', 'com_users'); ?> <div class="explaination"> <p class="info">You can choose to log in via one of these services, and we'll help you fill in the info below!</p>
/** * Loads all the plugin files for a particular type if no specific plugin is specified * otherwise only the specific plugin is loaded. * * @param string $type The plugin type, relates to the sub-directory in the plugins directory. * @param string $plugin The plugin name. * @param boolean $autocreate Autocreate the plugin. * @param JDispatcher $dispatcher Optionally allows the plugin to use a different dispatcher. * * @return boolean True on success. * * @since 11.1 */ public static function importPlugin($type, $plugin = null, $autocreate = true, $dispatcher = null) { // [!] Hubzero if (class_exists('\\Plugin')) { return \Plugin::import($type, $plugin, $autocreate, $dispatcher); } static $loaded = array(); // check for the default args, if so we can optimise cheaply $defaults = false; if (is_null($plugin) && $autocreate == true && is_null($dispatcher)) { $defaults = true; } if (!isset($loaded[$type]) || !$defaults) { $results = null; // Load the plugins from the database. $plugins = self::_load(); // Get the specified plugin(s). for ($i = 0, $t = count($plugins); $i < $t; $i++) { if ($plugins[$i]->type == $type && ($plugin === null || $plugins[$i]->name == $plugin)) { self::_import($plugins[$i], $autocreate, $dispatcher); $results = true; } } // Bail out early if we're not using default args if (!$defaults) { return $results; } $loaded[$type] = $results; } return $loaded[$type]; }
/** * Returns the appropriate adapter * * @param string $name The adapter name to instantiate * @param array $params Any initialization parameters * @param string $key A custom key under which to store the adapter * @return object **/ public static function adapter($name, $params = [], $key = null) { $key = $key ?: $name . '.' . md5(serialize($params)); if (!isset(self::$adapters[$key])) { // Import filesystem plugins Plugin::import('filesystem'); // Get the adapter $plugin = 'plgFilesystem' . ucfirst($name); $adapter = $plugin::init($params); self::$adapters[$key] = new Flysystem($adapter); } // Return the filesystem connection return self::$adapters[$key]; }
/** * Method to display the view. * * @param string The template file to include * @since 1.5 */ public function display($tpl = null) { // Get the view data. $this->user = User::getInstance(); $this->form = $this->get('Form'); $this->state = $this->get('State'); $this->params = $this->state->get('params'); // Make sure we're using a secure connection if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') { App::redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); die('insecure connection and redirection failed'); } // Check for errors. if (count($errors = $this->get('Errors'))) { App::abort(500, implode('<br />', $errors)); return false; } // Check for layout override $active = \App::get('menu')->getActive(); if (isset($active->query['layout'])) { $this->setLayout($active->query['layout']); } //Escape strings for HTML output $this->pageclass_sfx = htmlspecialchars($this->params->get('pageclass_sfx')); $this->prepareDocument(); $furl = base64_encode(Request::current(true)); $this->freturn = $furl; // HUBzero: If we have a return set with an authenticator in it, we're linking an existing account // Parse the return to retrive the authenticator, and remove it from the list below $auth = ''; if ($return = Request::getVar('return', null, 'GET', 'BASE64')) { $decoded_return = base64_decode($return); $query = parse_url($decoded_return); if (is_array($query) && isset($query['query'])) { $query = $query['query']; $query = explode('&', $query); $auth = ''; foreach ($query as $q) { $n = explode('=', $q); if ($n[0] == 'authenticator') { $auth = $n[1]; } } } } // Set return if is isn't already if (is_null($return) && is_object($active)) { $return = $active->params->get('login_redirect_url', Route::url('index.php?option=com_members&task=myaccount')); $return = base64_encode($return); } // Figure out whether or not any of our third party auth plugins are turned on // Don't include the 'hubzero' plugin, or the $auth plugin as described above $multiAuth = false; $plugins = Plugin::byType('authentication'); $authenticators = array(); $remember_me_default = 0; foreach ($plugins as $p) { $client = App::get('client')->alias . '_login'; $pparams = new \Hubzero\Config\Registry($p->params); // Make sure plugin is enabled for a given client if (!$pparams->get($client, false)) { continue; } if ($p->name != 'hubzero' && $p->name != $auth) { $display = $pparams->get('display_name', ucfirst($p->name)); $authenticators[$p->name] = array('name' => $p->name, 'display' => $display); $multiAuth = true; } else { if ($p->name == 'hubzero') { $remember_me_default = $pparams->get('remember_me_default', 0); $this->site_display = $pparams->get('display_name', Config::get('sitename')); $this->local = true; } } } // Override $multiAuth if authenticator is set to hubzero if (Request::getWord('authenticator') == 'hubzero') { $multiAuth = false; } // Set the return if we have it... $this->returnQueryString = !empty($return) ? "&return={$return}" : ''; $this->multiAuth = $multiAuth; $this->return = $return; $this->authenticators = $authenticators; $this->totalauths = count($plugins); $this->remember_me_default = $remember_me_default; // if authenticator is specified call plugin display method, otherwise (or if method does not exist) use default $authenticator = Request::getVar('authenticator', '', 'method'); Plugin::import('authentication'); foreach ($plugins as $plugin) { $className = 'plg' . $plugin->type . $plugin->name; if (class_exists($className)) { $myplugin = new $className($this, (array) $plugin); if (method_exists($className, 'status')) { $status[$plugin->name] = $myplugin->status(); $this->status = $status; } if ($plugin->name != $authenticator) { continue; } if (method_exists($className, 'display')) { $result = $myplugin->display($this, $tpl); return $result; } } } parent::display($tpl); }
/** * Method to save the form data. * * @param array The form data. * @return boolean True on success. * @since 1.6 */ public function save($data) { Plugin::import('user'); // Check the super admin permissions for group // We get the parent group permissions and then check the group permissions manually // We have to calculate the group permissions manually because we haven't saved the group yet $parentSuperAdmin = JAccess::checkGroup($data['parent_id'], 'core.admin'); // Get core.admin rules from the root asset $rules = JAccess::getAssetRules('root.1')->getData('core.admin'); // Get the value for the current group (will be true (allowed), false (denied), or null (inherit) $groupSuperAdmin = $rules['core.admin']->allow($data['id']); // We only need to change the $groupSuperAdmin if the parent is true or false. Otherwise, the value set in the rule takes effect. if ($parentSuperAdmin === false) { // If parent is false (Denied), effective value will always be false $groupSuperAdmin = false; } elseif ($parentSuperAdmin === true) { // If parent is true (allowed), group is true unless explicitly set to false $groupSuperAdmin = $groupSuperAdmin === false ? false : true; } // Check for non-super admin trying to save with super admin group $iAmSuperAdmin = User::authorise('core.admin'); if (!$iAmSuperAdmin && $groupSuperAdmin) { try { throw new Exception(Lang::txt('JLIB_USER_ERROR_NOT_SUPERADMIN')); } catch (Exception $e) { $this->setError($e->getMessage()); return false; } } // Check for super-admin changing self to be non-super-admin // First, are we a super admin> if ($iAmSuperAdmin) { // Next, are we a member of the current group? $myGroups = JAccess::getGroupsByUser(User::get('id'), false); if (in_array($data['id'], $myGroups)) { // Now, would we have super admin permissions without the current group? $otherGroups = array_diff($myGroups, array($data['id'])); $otherSuperAdmin = false; foreach ($otherGroups as $otherGroup) { $otherSuperAdmin = $otherSuperAdmin ? $otherSuperAdmin : JAccess::checkGroup($otherGroup, 'core.admin'); } // If we would not otherwise have super admin permissions // and the current group does not have super admin permissions, throw an exception if (!$otherSuperAdmin && !$groupSuperAdmin) { try { throw new Exception(Lang::txt('JLIB_USER_ERROR_CANNOT_DEMOTE_SELF')); } catch (Exception $e) { $this->setError($e->getMessage()); return false; } } } } // Proceed with the save return parent::save($data); }
/** * Stops a session and redirects upon success * * @return void */ public function stopTask() { // Check that the user is logged in if (User::isGuest()) { $this->loginTask(); return; } // Incoming $sess = Request::getVar('sess', ''); $rtrn = base64_decode(Request::getVar('return', '', 'method', 'base64')); $rediect = $this->config->get('stopRedirect', 'index.php?option=com_members&task=myaccount'); // Ensure we have a session if (!$sess) { App::redirect(Route::url($redirect)); return; } // Double-check that the user owns this session. $mwdb = \Components\Tools\Helpers\Utils::getMWDBO(); $ms = new \Components\Tools\Tables\Session($mwdb); if ($this->config->get('access-admin-session')) { $ms->load($sess); } else { $ms->load($sess, User::get('username')); } // Did we get a result form the database? if (!$ms->username) { App::redirect(Route::url($rediect)); return; } // Get plugins Plugin::import('mw', $ms->appname); // Trigger any events that need to be called before session stop Event::trigger('mw.onBeforeSessionStop', array($ms->appname)); // Stop the session $status = $this->middleware("stop {$sess}", $output); if ($status == 0) { echo '<p>Stopping ' . $sess . '<br />'; if (is_array($output)) { foreach ($output as $line) { echo $line . "\n"; } } else { if (is_string($output)) { echo $output . "\n"; } } echo '</p>' . "\n"; } // Trigger any events that need to be called after session stop Event::trigger('mw.onAfterSessionStop', array($ms->appname)); // Log activity Event::trigger('system.logActivity', ['activity' => ['action' => 'deleted', 'scope' => 'tool.session', 'scope_id' => $sess, 'description' => Lang::txt('COM_TOOLS_ACTIVITY_SESSION_DELETED', $sess), 'details' => array('tool' => $ms->appname)], 'recipients' => array(['user', User::get('id')])]); // Take us back to the main page... if ($rtrn) { App::redirect($rtrn); } else { App::redirect(Route::url($rediect)); } }
/** * Method to save the form data. * * @param array The form data. * @return mixed The user id on success, false on failure. * @since 1.6 */ public function save($data) { $userId = !empty($data['id']) ? $data['id'] : (int) $this->getState('user.id'); $user = new JUser($userId); // Prepare the data for the user object. $data['email'] = $data['email1']; $data['password'] = $data['password1']; // Unset the username if it should not be overwritten $username = $data['username']; $isUsernameCompliant = $this->getState('user.username.compliant'); if (!Component::params('com_users')->get('change_login_name') && $isUsernameCompliant) { unset($data['username']); } // Unset the block so it does not get overwritten unset($data['block']); // Unset the sendEmail so it does not get overwritten unset($data['sendEmail']); // Bind the data. if (!$user->bind($data)) { $this->setError(Lang::txt('COM_USERS_PROFILE_BIND_FAILED', $user->getError())); return false; } // Load the users plugin group. Plugin::import('user'); // Null the user groups so they don't get overwritten $user->groups = null; // Store the data. if (!$user->save()) { $this->setError($user->getError()); return false; } return $user->id; }
/** * Import a set of plugins * * @return object */ public function importPlugin($type = '') { \Plugin::import($type); return $this; }
<?php Plugin::import('basecamp-contact'); ?> <form method="POST" action="<?php echo $action; ?> " id="invoice-create"> <div id="messages"></div> <fieldset> <legend>Client</legend> <label>First Name</label> <input type="text" name="Invoice[client_first_name]" /> <span class="help"></span><br/> <label>Last Name</label> <input type="text" name="Invoice[client_last_name]" /> <span class="help"></span><br/> <label>E-mail</label> <input type="text" name="Invoice[client_email]" /> <span class="help"></span><br/> <label>Company</label> <input type="text" name="Invoice[company]" /> <span class="help"></span><br/> </fieldset> <fieldset> <legend>Project</legend> <label>Name</label> <input type="text" name="Invoice[project]" /> <span class="help"></span><br/> <label>Description</label> <textarea name="Invoice[description]"></textarea>