/**
* Get an user object.
*
* Returns the global {@link User} object, only creating it if it doesn't already exist.
*
* @param integer $id The user to load - Can be an integer or string - If string, it is converted to ID automatically.
*
* @return User object
*
* @see JUser
* @since 11.1
*/
public static function getUser($id = null)
{
$instance = self::getSession()->get('user');
if (is_null($id)) {
if (!$instance instanceof User) {
$instance = User::getInstance();
}
} elseif (!$instance instanceof User || $instance->id != $id) {
$instance = User::getInstance($id);
}
return $instance;
}
/**
* Method to save the JUser object to the database
*
* @param boolean $updateOnly Save the object only if not a new user
* Currently only used in the user reset password method.
*
* @return boolean True on success
*
* @since 11.1
* @throws RuntimeException
*/
public function save($updateOnly = false)
{
// Create the user table object
$table = $this->getTable();
$this->params = (string) $this->_params;
$table->bind($this->getProperties());
// Allow an exception to be thrown.
try {
// Check and store the object.
if (!$table->check()) {
$this->setError($table->getError());
return false;
}
// If user is made a Super Admin group and user is NOT a Super Admin
// @todo ACL - this needs to be acl checked
$my = Factory::getUser();
// Are we creating a new user
$isNew = empty($this->id);
// If we aren't allowed to create new users return
if ($isNew && $updateOnly) {
return true;
}
// Get the old user
$oldUser = new User($this->id);
// Access Checks
// The only mandatory check is that only Super Admins can operate on other Super Admin accounts.
// To add additional business rules, use a user plugin and throw an Exception with onUserBeforeSave.
// Check if I am a Super Admin
$iAmSuperAdmin = $my->authorise('core.admin');
// We are only worried about edits to this account if I am not a Super Admin.
if ($iAmSuperAdmin != true) {
if ($isNew) {
// Check if the new user is being put into a Super Admin group.
foreach ($this->groups as $groupId) {
if (Access::checkGroup($groupId, 'core.admin')) {
throw new RuntimeException('User not Super Administrator');
}
}
} else {
// I am not a Super Admin, and this one is, so fail.
if (Access::check($this->id, 'core.admin')) {
throw new RuntimeException('User not Super Administrator');
}
if ($this->groups != null) {
// I am not a Super Admin and I'm trying to make one.
foreach ($this->groups as $groupId) {
if (Access::checkGroup($groupId, 'core.admin')) {
throw new RuntimeException('User not Super Administrator');
}
}
}
}
}
// Fire the onUserBeforeSave event.
PluginHelper::importPlugin('user');
$dispatcher = Dispatcher::getInstance();
$result = $dispatcher->trigger('onUserBeforeSave', array($oldUser->getProperties(), $isNew, $this->getProperties()));
if (in_array(false, $result, true)) {
// Plugin will have to raise its own error or throw an exception.
return false;
}
// Store the user data in the database
$result = $table->store();
// Set the id for the JUser object in case we created a new user.
if (empty($this->id)) {
$this->id = $table->get('id');
}
if ($my->id == $table->id) {
$registry = new Registry();
$registry->loadString($table->params);
$my->setParameters($registry);
}
// Fire the onUserAfterSave event
$dispatcher->trigger('onUserAfterSave', array($this->getProperties(), $isNew, $result, $this->getError()));
} catch (Exception $e) {
$this->setError($e->getMessage());
return false;
}
return $result;
}
/**
* Method to activate a user
*
* @param string $activation Activation string
*
* @return boolean True on success
*
* @since 11.1
*/
public static function activateUser($activation)
{
// Initialize some variables.
$db = Factory::getDbo();
$query = $db->getQuery(true);
// Let's get the id of the user we want to activate
$query->select($db->quoteName('id'));
$query->from($db->quoteName('#__users'));
$query->where($db->quoteName('activation') . ' = ' . $db->quote($activation));
$query->where($db->quoteName('block') . ' = 1');
$query->where($db->quoteName('lastvisitDate') . ' = ' . $db->quote('0000-00-00 00:00:00'));
$db->setQuery($query);
$id = (int) $db->loadResult();
// Is it a valid user to activate?
if ($id) {
$user = User::getInstance((int) $id);
$user->set('block', '0');
$user->set('activation', '');
// Time to take care of business.... store the user.
if (!$user->save()) {
Log::add($user->getError(), Log::WARNING, 'jerror');
return false;
}
} else {
Log::add(Text::_('JLIB_USER_ERROR_UNABLE_TO_FIND_USER'), Log::WARNING, 'jerror');
return false;
}
return true;
}