/**
* Constructor
*
* @since 1.0
*/
function __construct()
{
parent::__construct();
$array = JRequest::getVar('cid', array(0), '', 'array');
$array = is_array($array) ? $array : array($array);
$id = $array[0];
if (!$id) {
$post = JRequest::get('post');
$data = FLEXI_J16GE ? @$post['jform'] : $post;
$id = @$data['id'];
}
$this->setId((int) $id);
}
/**
* Method to get a single record.
*
* @param integer $pk The id of the primary key.
*
* @return mixed Object on success, false on failure.
*
* @since 1.6
*/
public function getItem($pk = null)
{
return parent::getItem(JFactory::getUser()->id);
}
/**
* This method should handle any authentication and report back to the subject
*
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
* @param object &$response Authentication response object
*
* @return boolean
*
* @since 1.5
*/
public function onUserAuthenticate($credentials, $options, &$response)
{
$response->type = 'Joomla';
// Joomla does not like blank passwords
if (empty($credentials['password'])) {
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
return false;
}
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true)->select('id, password')->from('#__users')->where('username='******'username']));
$db->setQuery($query);
$result = $db->loadObject();
if ($result) {
$match = JUserHelper::verifyPassword($credentials['password'], $result->password, $result->id);
if ($match === true) {
// Bring this in line with the rest of the system
$user = JUser::getInstance($result->id);
$response->email = $user->email;
$response->fullname = $user->name;
if (JFactory::getApplication()->isAdmin()) {
$response->language = $user->getParam('admin_language');
} else {
$response->language = $user->getParam('language');
}
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
} else {
// Invalid password
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
} else {
// Invalid user
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
}
// Check the two factor authentication
if ($response->status == JAuthentication::STATUS_SUCCESS) {
require_once JPATH_ADMINISTRATOR . '/components/com_users/helpers/users.php';
$methods = UsersHelper::getTwoFactorMethods();
if (count($methods) <= 1) {
// No two factor authentication method is enabled
return;
}
require_once JPATH_ADMINISTRATOR . '/components/com_users/models/user.php';
$model = new UsersModelUser();
// Load the user's OTP (one time password, a.k.a. two factor auth) configuration
if (!array_key_exists('otp_config', $options)) {
$otpConfig = $model->getOtpConfig($result->id);
$options['otp_config'] = $otpConfig;
} else {
$otpConfig = $options['otp_config'];
}
// Check if the user has enabled two factor authentication
if (empty($otpConfig->method) || $otpConfig->method == 'none') {
// Warn the user if he's using a secret code but he has not
// enabed two factor auth in his account.
if (!empty($credentials['secretkey'])) {
try {
$app = JFactory::getApplication();
$this->loadLanguage();
$app->enqueueMessage(JText::_('PLG_AUTH_JOOMLA_ERR_SECRET_CODE_WITHOUT_TFA'), 'warning');
} catch (Exception $exc) {
// This happens when we are in CLI mode. In this case
// no warning is issued
return;
}
}
return;
}
// Load the Joomla! RAD layer
if (!defined('FOF_INCLUDED')) {
include_once JPATH_LIBRARIES . '/fof/include.php';
}
// Try to validate the OTP
FOFPlatform::getInstance()->importPlugin('twofactorauth');
$otpAuthReplies = FOFPlatform::getInstance()->runPlugins('onUserTwofactorAuthenticate', array($credentials, $options));
$check = false;
/*
* This looks like noob code but DO NOT TOUCH IT and do not convert
* to in_array(). During testing in_array() inexplicably returned
* null when the OTEP begins with a zero! o_O
*/
if (!empty($otpAuthReplies)) {
foreach ($otpAuthReplies as $authReply) {
$check = $check || $authReply;
}
}
// Fall back to one time emergency passwords
if (!$check) {
// Did the user use an OTEP instead?
if (empty($otpConfig->otep)) {
if (empty($otpConfig->method) || $otpConfig->method == 'none') {
// Two factor authentication is not enabled on this account.
// Any string is assumed to be a valid OTEP.
return true;
} else {
/*
* Two factor authentication enabled and no OTEPs defined. The
* user has used them all up. Therefore anything he enters is
* an invalid OTEP.
*/
return false;
}
}
// Clean up the OTEP (remove dashes, spaces and other funny stuff
// our beloved users may have unwittingly stuffed in it)
$otep = $credentials['secretkey'];
$otep = filter_var($otep, FILTER_SANITIZE_NUMBER_INT);
$otep = str_replace('-', '', $otep);
$check = false;
// Did we find a valid OTEP?
if (in_array($otep, $otpConfig->otep)) {
// Remove the OTEP from the array
$otpConfig->otep = array_diff($otpConfig->otep, array($otep));
$model->setOtpConfig($result->id, $otpConfig);
// Return true; the OTEP was a valid one
$check = true;
}
}
if (!$check) {
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_SECRETKEY');
}
}
}
/**
* Method to get a single record.
*
* @param integer $pk The id of the primary key.
*
* @return mixed Object on success, false on failure.
*
* @since 1.6
*/
public function getItem($pk = null)
{
$user = JFactory::getUser();
return parent::getItem($user->get('id'));
}
public function getOtpConfig($user_id = null)
{
$user_id = !empty($user_id) ? $user_id : (int) $this->getState('user.id');
$model = new UsersModelUser();
return $model->getOtpConfig($user_id);
}
/**
* Checks if the Two Factor Authentication method is globally enabled and if the
* user has enabled a specific TFA method on their account. Only if both conditions
* are met will this method return true;
*
* @param integer $userId The user ID to check. Skip to use the current user.
*
* @return boolean True if TFA is enabled for this user
*/
public function isTFAEnabled($userId = null)
{
if (!version_compare(JVERSION, '3.2', '>=')) {
return false;
}
// Include the necessary user model and helper
require_once JPATH_ADMINISTRATOR . '/components/com_users/helpers/users.php';
require_once JPATH_ADMINISTRATOR . '/components/com_users/models/user.php';
// Is TFA globally turned off?
$twoFactorMethods = UsersHelper::getTwoFactorMethods();
if (count($twoFactorMethods) <= 1) {
return false;
}
// Do we need to get the User ID?
if (empty($userId)) {
$userId = JFactory::getUser()->id;
}
// Has this user turned on TFA on their account?
$model = new UsersModelUser();
$otpConfig = $model->getOtpConfig($userId);
return !(empty($otpConfig->method) || $otpConfig->method == 'none');
}
/**
* Method to get a single record.
*
* @return mixed Object on success, false on failure.
* @since 1.6
*/
public function getItem($pk = null)
{
return parent::getItem(User::get('id'));
}
function display($tpl = null)
{
// @rule: Test for user access if on 1.6 and above
if (EasyBlogHelper::getJoomlaVersion() >= '1.6') {
if (!JFactory::getUser()->authorise('easyblog.manage.user', 'com_easyblog')) {
JFactory::getApplication()->redirect('index.php', JText::_('JERROR_ALERTNOAUTHOR'), 'error');
JFactory::getApplication()->close();
}
}
//initialise variables
$document = JFactory::getDocument();
$mainframe = JFactory::getApplication();
$config = EasyBlogHelper::getConfig();
$id = JRequest::getInt('id');
$blogger = EasyBlogHelper::getTable('Profile', 'Table');
$blogger->load($id);
$post = EasyBlogHelper::getSession('EASYBLOG_REGISTRATION_POST');
$avatarIntegration = $config->get('layout_avatarIntegration', 'default');
$user = JFactory::getUser($id);
$isNew = $user->id == 0 ? true : false;
if ($isNew && !empty($post)) {
unset($post['id']);
$pwd = $post['password'];
unset($post['password']);
unset($post['password2']);
$user->bind($post);
$post['password'] = $pwd;
$blogger->bind($post);
}
jimport('joomla.html.pane');
$feedburner = EasyBlogHelper::getTable('Feedburner', 'Table');
$feedburner->load($id);
JTable::addIncludePath(EBLOG_TABLES);
//twitter
$twitter = EasyBlogHelper::getTable('Oauth', 'Table');
$twitter->loadByUser($user->id, EBLOG_OAUTH_TWITTER);
//linkedin
$linkedin = EasyBlogHelper::getTable('Oauth', 'Table');
$linkedin->loadByUser($user->id, EBLOG_OAUTH_LINKEDIN);
//facebook
$facebook = EasyBlogHelper::getTable('Oauth', 'Table');
$facebook->loadByUser($user->id, EBLOG_OAUTH_FACEBOOK);
$adsense = EasyBlogHelper::getTable('Adsense', 'Table');
$adsense->load($id);
if ($isNew && !empty($post)) {
$feedburner->url = $post['feedburner_url'];
$twitter->message = $post['integrations_twitter_message'];
$twitter->auto = $post['integrations_twitter_auto'];
$linkedin->auto = $post['integrations_linkedin_auto'];
$linkedin->private = isset($post['integrations_linkedin_private']) ? $post['integrations_linkedin_private'] : false;
$facebook->auto = $post['integrations_facebook_auto'];
$adsense->published = $post['adsense_published'];
$adsense->code = $post['adsense_code'];
$adsense->display = $post['adsense_display'];
}
if (EasyBlogHelper::getJoomlaVersion() >= '1.6') {
require_once JPATH_ROOT . DIRECTORY_SEPARATOR . 'administrator' . DIRECTORY_SEPARATOR . 'components' . DIRECTORY_SEPARATOR . 'com_users' . DIRECTORY_SEPARATOR . 'models' . DIRECTORY_SEPARATOR . 'user.php';
$jUserModel = new UsersModelUser();
$form = $jUserModel->getForm();
$form->setValue('password', null);
$form->setValue('password2', null);
$this->assignRef('form', $form);
}
$joomla_date = EasyBlogHelper::getJoomlaVersion() <= '1.5' ? '%Y-%m-%d %H:%M:%S' : 'Y-m-d H:i:s';
$editor = JFactory::getEditor($config->get('layout_editor', 'tinymce'));
$userParams = $user->getParameters(true);
$bloggerRawParams = $blogger->getParams();
if (is_array($bloggerRawParams)) {
$bloggerRawParams = '';
}
$bloggerParams = EasyBlogHelper::getRegistry($bloggerRawParams);
$this->assignRef('bloggerParams', $bloggerParams);
$this->assignRef('editor', $editor);
$this->assignRef('dateFormat', $joomla_date);
$this->assignRef('config', $config);
$this->assignRef('pane', $pane);
$this->assignRef('feedburner', $feedburner);
$this->assignRef('adsense', $adsense);
$this->assignRef('twitter', $twitter);
$this->assignRef('facebook', $facebook);
$this->assignRef('linkedin', $linkedin);
$this->assignRef('blogger', $blogger);
$this->assignRef('user', $user);
$this->assignRef('isNew', $isNew);
$this->assignRef('params', $userParams);
$this->assignRef('avatarIntegration', $avatarIntegration);
$this->assignRef('post', $post);
parent::display($tpl);
}
public function save()
{
// Check for request forgeries
$mainframe = JFactory::getApplication();
$jinput = $mainframe->input;
JRequest::checkToken() or jexit(JText::_('COM_COMMUNITY_INVALID_TOKEN'));
JFactory::getLanguage()->load(COM_USER_NAME);
$user = JFactory::getUser();
$userid = $jinput->post->get('id', 0, 'int');
// preform security checks
if ($user->get('id') == 0 || $userid == 0 || $userid != $user->get('id')) {
echo $this->blockUnregister();
return;
}
$username = $user->get('username');
//if joomla settings allow change login name
if (JComponentHelper::getParams('com_users')->get('change_login_name')) {
$username = $jinput->get('username');
}
//clean request
$post = JRequest::get('post');
$post['username'] = $username;
$post['password'] = JRequest::getVar('password', '', 'post', 'string', JREQUEST_ALLOWRAW);
$post['password2'] = JRequest::getVar('password2', '', 'post', 'string', JREQUEST_ALLOWRAW);
//check email
$post['email'] = $post['jsemail'];
$email = $post['email'];
$emailPass = $post['emailpass'];
$modelReg = $this->getModel('register');
//CFactory::load( 'helpers', 'validate' );
if (!CValidateHelper::email($email)) {
$msg = JText::sprintf('COM_COMMUNITY_INVITE_EMAIL_INVALID', $email);
$mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error');
return false;
}
if (!empty($email) && $email != $emailPass && $modelReg->isEmailExists(array('email' => $email))) {
$msg = JText::sprintf('COM_COMMUNITY_EMAIL_EXIST', $email);
$msg = stripslashes($msg);
$mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error');
return false;
}
// get the redirect
$return = CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false);
// do a password safety check
$changePassword = false;
if (JString::strlen($post['jspassword']) || JString::strlen($post['jspassword2'])) {
// so that "0" can be used as password e.g.
if ($post['jspassword'] != $post['jspassword2']) {
$msg = JText::_('PASSWORDS_DO_NOT_MATCH');
$mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error');
return false;
} else {
$changePassword = true;
//Jooomla 3.2.0 fix. TO be remove in future
if (version_compare(JVERSION, '3.2.0', '>=')) {
$salt = JUserHelper::genRandomPassword(32);
$crypt = JUserHelper::getCryptedPassword($post['jspassword'], $salt);
$password = $crypt . ':' . $salt;
} else {
// Don't re-encrypt the password
// JUser bind has encrypted the password
if (class_exists(JUserHelper) && method_exists(JUserHelper, 'hashpassword')) {
$password = JUserHelper::hashPassword($post['jspassword']);
} else {
$password = $post['jspassword'];
}
}
}
}
// Handle the two factor authentication setup
$data = $post['jform'];
if (array_key_exists('twofactor', $data)) {
if (!class_exists('UsersModelUser')) {
require JPATH_ROOT . '/administrator/components/com_users/models/user.php';
}
$model = new UsersModelUser();
$twoFactorMethod = $data['twofactor']['method'];
$userId = CFactory::getUser()->id;
// Get the current One Time Password (two factor auth) configuration
$otpConfig = $model->getOtpConfig($userId);
if ($twoFactorMethod != 'none') {
// Run the plugins
FOFPlatform::getInstance()->importPlugin('twofactorauth');
$otpConfigReplies = FOFPlatform::getInstance()->runPlugins('onUserTwofactorApplyConfiguration', array($twoFactorMethod));
// Look for a valid reply
foreach ($otpConfigReplies as $reply) {
if (!is_object($reply) || empty($reply->method) || $reply->method != $twoFactorMethod) {
continue;
}
$otpConfig->method = $reply->method;
$otpConfig->config = $reply->config;
break;
}
// Save OTP configuration.
$model->setOtpConfig($userId, $otpConfig);
// Generate one time emergency passwords if required (depleted or not set)
if (empty($otpConfig->otep)) {
$oteps = $model->generateOteps($userId);
}
} else {
$otpConfig->method = 'none';
$otpConfig->config = array();
$model->setOtpConfig($userId, $otpConfig);
}
// Unset the raw data
unset($data['twofactor']);
}
// we don't want users to edit certain fields so we will unset them
unset($post['gid']);
unset($post['block']);
unset($post['usertype']);
unset($post['registerDate']);
unset($post['activation']);
//update CUser param 1st so that the new value will not be replace wif the old one.
$my = CFactory::getUser();
$params = $my->getParams();
$postvars = $post['daylightsavingoffset'];
$params->set('daylightsavingoffset', $postvars);
// Store FB prefernce o ly FB connect data
$connectModel = CFactory::getModel('Connect');
if ($connectModel->isAssociated($user->id)) {
$postvars = !empty($post['postFacebookStatus']) ? 1 : 0;
$my->_cparams->set('postFacebookStatus', $postvars);
}
if ($changePassword) {
$my->set('password', $password);
}
/* Save for CUser */
$my->save();
$model = CFactory::getModel('profile');
$editSuccess = true;
$msg = JText::_('COM_COMMUNITY_SETTINGS_SAVED');
$jUser = JFactory::getUser();
// Bind the form fields to the user table
if (!$jUser->bind($post)) {
$msg = $jUser->getError();
$editSuccess = false;
}
// Store the web link table to the database
if (!$jUser->save()) {
$msg = $jUser->getError();
$editSuccess = false;
}
if ($editSuccess) {
/* Update Joomla! User session */
$session = JFactory::getSession();
$session->set('user', $jUser);
// User with FB Connect, store post preference
//execute the trigger
$appsLib = CAppPlugins::getInstance();
$appsLib->loadApplications();
$userRow = array();
$userRow[] = $jUser;
$appsLib->triggerEvent('onUserDetailsUpdate', $userRow);
}
$mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=edit', false), $msg);
}
/**
* Displays the author's form
*
* @since 4.0
* @access public
* @param string
* @return
*/
public function form()
{
// Check for access
$this->checkAccess('easyblog.manage.user');
// Get the author's id
$id = $this->input->get('id', 0, 'int');
$author = EB::user($id);
// Get the session data
$post = EB::getSession('EASYBLOG_REGISTRATION_POST');
// Set heading
$title = 'COM_EASYBLOG_TITLE_EDIT_AUTHOR';
if (!$id) {
$title = 'COM_EASYBLOG_TITLE_CREATE_AUTHOR';
}
JToolBarHelper::title(JText::_($title), 'users');
$this->setHeading($title, '', 'fa-user');
$user = JFactory::getUser($id);
// Determines if this is a new user or not
$isNew = $user->id == 0 ? true : false;
if ($isNew && !empty($post)) {
unset($post['id']);
$pwd = $post['password'];
unset($post['password']);
unset($post['password2']);
$user->bind($post);
$post['password'] = $pwd;
$author->bind($post);
}
// Load up feedburner data
$feedburner = EB::table('Feedburner');
$feedburner->load($author->id);
// Load up twitter oauth client
$twitter = EB::table('OAuth');
$twitter->load(array('user_id' => $user->id, 'type' => EBLOG_OAUTH_TWITTER, 'system' => false));
// Load up linkedin oauth table
$linkedin = EB::table('OAuth');
$linkedin->load(array('user_id' => $user->id, 'type' => EBLOG_OAUTH_LINKEDIN, 'system' => false));
// Load up facebook oauth table
$facebook = EB::table('OAuth');
$facebook->load(array('user_id' => $user->id, 'type' => EBLOG_OAUTH_FACEBOOK, 'system' => false));
$facebookClient = EB::oauth()->getClient(EBLOG_OAUTH_FACEBOOK);
$twitterClient = EB::oauth()->getClient(EBLOG_OAUTH_TWITTER);
$linkedinClient = EB::oauth()->getClient(EBLOG_OAUTH_LINKEDIN);
// Load up adsense data
$adsense = EB::table('Adsense');
$adsense->load($author->id);
// If this is a new author and the post was submitted before
if ($isNew && $post) {
$feedburner->url = $post['feedburner_url'];
$twitter->message = $post['integrations_twitter_message'];
$twitter->auto = $post['integrations_twitter_auto'];
$linkedin->auto = $post['integrations_linkedin_auto'];
$linkedin->private = isset($post['integrations_linkedin_private']) ? $post['integrations_linkedin_private'] : false;
$facebook->auto = $post['integrations_facebook_auto'];
$adsense->published = $post['adsense_published'];
$adsense->code = $post['adsense_code'];
$adsense->display = $post['adsense_display'];
}
// Get the WYSIWYG editor
$editor = JFactory::getEditor();
// Get the user params
$params = $user->getParameters(true);
// Get the params
$bloggerParams = $author->getParams();
// Load up joomla's user forms
require_once JPATH_ADMINISTRATOR . '/components/com_users/models/user.php';
$language = JFactory::getLanguage();
$language->load('com_users', JPATH_ADMINISTRATOR);
JForm::addFormPath(JPATH_ADMINISTRATOR . '/components/com_users/models/forms');
JForm::addFieldPath(JPATH_ADMINISTRATOR . '/components/com_users/models/fields');
JForm::addFormPath(JPATH_ADMINISTRATOR . '/components/com_users/model/form');
JForm::addFieldPath(JPATH_ADMINISTRATOR . '/components/com_users/model/field');
$jUserModel = new UsersModelUser();
$form = $jUserModel->getForm();
$form->setValue('password', null);
$form->setValue('password2', null);
$this->set('linkedinClient', $linkedinClient);
$this->set('twitterClient', $twitterClient);
$this->set('facebookClient', $facebookClient);
$this->set('form', $form);
$this->set('editor', $editor);
$this->set('bloggerParams', $bloggerParams);
$this->set('user', $user);
$this->set('author', $author);
$this->set('params', $params);
$this->set('feedburner', $feedburner);
$this->set('adsense', $adsense);
$this->set('twitter', $twitter);
$this->set('facebook', $facebook);
$this->set('linkedin', $linkedin);
$this->set('isNew', $isNew);
$this->set('post', $post);
parent::display('bloggers/form');
}
public function getTwofactorform($user_id = null)
{
if (!class_exists('UsersModelUser')) {
require JPATH_ROOT . '/administrator/components/com_users/models/user.php';
}
$user_id = CFactory::getUser()->id;
$userModel = new UsersModelUser();
$otpConfig = $userModel->getOtpConfig($user_id);
FOFPlatform::getInstance()->importPlugin('twofactorauth');
return FOFPlatform::getInstance()->runPlugins('onUserTwofactorShowConfiguration', array($otpConfig, $user_id));
}
/**
* Generate the hashed/salted/encoded password for the database
* and to check the password at login:
* if $row provided, it is checking the existing password (and update if needed)
* if not provided, it will generate a new hashed password
*
* @param string $passwd cleartext
* @return boolean TRUE/FALSE on password check
*/
public function verifyPassword($passwd)
{
global $_CB_framework;
jimport('joomla.user.authentication');
$authenticate = \JAuthentication::getInstance();
// We're just checking the password so we need to make sure two step authentication is off:
if (checkJversion('3.2+')) {
/** @noinspection PhpIncludeInspection */
require_once $_CB_framework->getCfg('absolute_path') . '/administrator/components/com_users/models/user.php';
$userModel = new \UsersModelUser();
$twoStep = $userModel->getOtpConfig(0);
$twoStep->model = 'none';
$options = array('otp_config' => $twoStep);
} else {
$options = array();
}
$response = $authenticate->authenticate(array('username' => $this->username, 'password' => $passwd), $options);
if ($response->status === \JAuthentication::STATUS_SUCCESS) {
return true;
} else {
return false;
}
}
