/** * Constructor * * @since 1.0 */ function __construct() { parent::__construct(); $array = JRequest::getVar('cid', array(0), '', 'array'); $array = is_array($array) ? $array : array($array); $id = $array[0]; if (!$id) { $post = JRequest::get('post'); $data = FLEXI_J16GE ? @$post['jform'] : $post; $id = @$data['id']; } $this->setId((int) $id); }
/** * Method to get a single record. * * @param integer $pk The id of the primary key. * * @return mixed Object on success, false on failure. * * @since 1.6 */ public function getItem($pk = null) { return parent::getItem(JFactory::getUser()->id); }
/** * This method should handle any authentication and report back to the subject * * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object &$response Authentication response object * * @return boolean * * @since 1.5 */ public function onUserAuthenticate($credentials, $options, &$response) { $response->type = 'Joomla'; // Joomla does not like blank passwords if (empty($credentials['password'])) { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED'); return false; } // Get a database object $db = JFactory::getDbo(); $query = $db->getQuery(true)->select('id, password')->from('#__users')->where('username='******'username'])); $db->setQuery($query); $result = $db->loadObject(); if ($result) { $match = JUserHelper::verifyPassword($credentials['password'], $result->password, $result->id); if ($match === true) { // Bring this in line with the rest of the system $user = JUser::getInstance($result->id); $response->email = $user->email; $response->fullname = $user->name; if (JFactory::getApplication()->isAdmin()) { $response->language = $user->getParam('admin_language'); } else { $response->language = $user->getParam('language'); } $response->status = JAuthentication::STATUS_SUCCESS; $response->error_message = ''; } else { // Invalid password $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS'); } } else { // Invalid user $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_NO_USER'); } // Check the two factor authentication if ($response->status == JAuthentication::STATUS_SUCCESS) { require_once JPATH_ADMINISTRATOR . '/components/com_users/helpers/users.php'; $methods = UsersHelper::getTwoFactorMethods(); if (count($methods) <= 1) { // No two factor authentication method is enabled return; } require_once JPATH_ADMINISTRATOR . '/components/com_users/models/user.php'; $model = new UsersModelUser(); // Load the user's OTP (one time password, a.k.a. two factor auth) configuration if (!array_key_exists('otp_config', $options)) { $otpConfig = $model->getOtpConfig($result->id); $options['otp_config'] = $otpConfig; } else { $otpConfig = $options['otp_config']; } // Check if the user has enabled two factor authentication if (empty($otpConfig->method) || $otpConfig->method == 'none') { // Warn the user if he's using a secret code but he has not // enabed two factor auth in his account. if (!empty($credentials['secretkey'])) { try { $app = JFactory::getApplication(); $this->loadLanguage(); $app->enqueueMessage(JText::_('PLG_AUTH_JOOMLA_ERR_SECRET_CODE_WITHOUT_TFA'), 'warning'); } catch (Exception $exc) { // This happens when we are in CLI mode. In this case // no warning is issued return; } } return; } // Load the Joomla! RAD layer if (!defined('FOF_INCLUDED')) { include_once JPATH_LIBRARIES . '/fof/include.php'; } // Try to validate the OTP FOFPlatform::getInstance()->importPlugin('twofactorauth'); $otpAuthReplies = FOFPlatform::getInstance()->runPlugins('onUserTwofactorAuthenticate', array($credentials, $options)); $check = false; /* * This looks like noob code but DO NOT TOUCH IT and do not convert * to in_array(). During testing in_array() inexplicably returned * null when the OTEP begins with a zero! o_O */ if (!empty($otpAuthReplies)) { foreach ($otpAuthReplies as $authReply) { $check = $check || $authReply; } } // Fall back to one time emergency passwords if (!$check) { // Did the user use an OTEP instead? if (empty($otpConfig->otep)) { if (empty($otpConfig->method) || $otpConfig->method == 'none') { // Two factor authentication is not enabled on this account. // Any string is assumed to be a valid OTEP. return true; } else { /* * Two factor authentication enabled and no OTEPs defined. The * user has used them all up. Therefore anything he enters is * an invalid OTEP. */ return false; } } // Clean up the OTEP (remove dashes, spaces and other funny stuff // our beloved users may have unwittingly stuffed in it) $otep = $credentials['secretkey']; $otep = filter_var($otep, FILTER_SANITIZE_NUMBER_INT); $otep = str_replace('-', '', $otep); $check = false; // Did we find a valid OTEP? if (in_array($otep, $otpConfig->otep)) { // Remove the OTEP from the array $otpConfig->otep = array_diff($otpConfig->otep, array($otep)); $model->setOtpConfig($result->id, $otpConfig); // Return true; the OTEP was a valid one $check = true; } } if (!$check) { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_INVALID_SECRETKEY'); } } }
/** * Method to get a single record. * * @param integer $pk The id of the primary key. * * @return mixed Object on success, false on failure. * * @since 1.6 */ public function getItem($pk = null) { $user = JFactory::getUser(); return parent::getItem($user->get('id')); }
public function getOtpConfig($user_id = null) { $user_id = !empty($user_id) ? $user_id : (int) $this->getState('user.id'); $model = new UsersModelUser(); return $model->getOtpConfig($user_id); }
/** * Checks if the Two Factor Authentication method is globally enabled and if the * user has enabled a specific TFA method on their account. Only if both conditions * are met will this method return true; * * @param integer $userId The user ID to check. Skip to use the current user. * * @return boolean True if TFA is enabled for this user */ public function isTFAEnabled($userId = null) { if (!version_compare(JVERSION, '3.2', '>=')) { return false; } // Include the necessary user model and helper require_once JPATH_ADMINISTRATOR . '/components/com_users/helpers/users.php'; require_once JPATH_ADMINISTRATOR . '/components/com_users/models/user.php'; // Is TFA globally turned off? $twoFactorMethods = UsersHelper::getTwoFactorMethods(); if (count($twoFactorMethods) <= 1) { return false; } // Do we need to get the User ID? if (empty($userId)) { $userId = JFactory::getUser()->id; } // Has this user turned on TFA on their account? $model = new UsersModelUser(); $otpConfig = $model->getOtpConfig($userId); return !(empty($otpConfig->method) || $otpConfig->method == 'none'); }
/** * Method to get a single record. * * @return mixed Object on success, false on failure. * @since 1.6 */ public function getItem($pk = null) { return parent::getItem(User::get('id')); }
function display($tpl = null) { // @rule: Test for user access if on 1.6 and above if (EasyBlogHelper::getJoomlaVersion() >= '1.6') { if (!JFactory::getUser()->authorise('easyblog.manage.user', 'com_easyblog')) { JFactory::getApplication()->redirect('index.php', JText::_('JERROR_ALERTNOAUTHOR'), 'error'); JFactory::getApplication()->close(); } } //initialise variables $document = JFactory::getDocument(); $mainframe = JFactory::getApplication(); $config = EasyBlogHelper::getConfig(); $id = JRequest::getInt('id'); $blogger = EasyBlogHelper::getTable('Profile', 'Table'); $blogger->load($id); $post = EasyBlogHelper::getSession('EASYBLOG_REGISTRATION_POST'); $avatarIntegration = $config->get('layout_avatarIntegration', 'default'); $user = JFactory::getUser($id); $isNew = $user->id == 0 ? true : false; if ($isNew && !empty($post)) { unset($post['id']); $pwd = $post['password']; unset($post['password']); unset($post['password2']); $user->bind($post); $post['password'] = $pwd; $blogger->bind($post); } jimport('joomla.html.pane'); $feedburner = EasyBlogHelper::getTable('Feedburner', 'Table'); $feedburner->load($id); JTable::addIncludePath(EBLOG_TABLES); //twitter $twitter = EasyBlogHelper::getTable('Oauth', 'Table'); $twitter->loadByUser($user->id, EBLOG_OAUTH_TWITTER); //linkedin $linkedin = EasyBlogHelper::getTable('Oauth', 'Table'); $linkedin->loadByUser($user->id, EBLOG_OAUTH_LINKEDIN); //facebook $facebook = EasyBlogHelper::getTable('Oauth', 'Table'); $facebook->loadByUser($user->id, EBLOG_OAUTH_FACEBOOK); $adsense = EasyBlogHelper::getTable('Adsense', 'Table'); $adsense->load($id); if ($isNew && !empty($post)) { $feedburner->url = $post['feedburner_url']; $twitter->message = $post['integrations_twitter_message']; $twitter->auto = $post['integrations_twitter_auto']; $linkedin->auto = $post['integrations_linkedin_auto']; $linkedin->private = isset($post['integrations_linkedin_private']) ? $post['integrations_linkedin_private'] : false; $facebook->auto = $post['integrations_facebook_auto']; $adsense->published = $post['adsense_published']; $adsense->code = $post['adsense_code']; $adsense->display = $post['adsense_display']; } if (EasyBlogHelper::getJoomlaVersion() >= '1.6') { require_once JPATH_ROOT . DIRECTORY_SEPARATOR . 'administrator' . DIRECTORY_SEPARATOR . 'components' . DIRECTORY_SEPARATOR . 'com_users' . DIRECTORY_SEPARATOR . 'models' . DIRECTORY_SEPARATOR . 'user.php'; $jUserModel = new UsersModelUser(); $form = $jUserModel->getForm(); $form->setValue('password', null); $form->setValue('password2', null); $this->assignRef('form', $form); } $joomla_date = EasyBlogHelper::getJoomlaVersion() <= '1.5' ? '%Y-%m-%d %H:%M:%S' : 'Y-m-d H:i:s'; $editor = JFactory::getEditor($config->get('layout_editor', 'tinymce')); $userParams = $user->getParameters(true); $bloggerRawParams = $blogger->getParams(); if (is_array($bloggerRawParams)) { $bloggerRawParams = ''; } $bloggerParams = EasyBlogHelper::getRegistry($bloggerRawParams); $this->assignRef('bloggerParams', $bloggerParams); $this->assignRef('editor', $editor); $this->assignRef('dateFormat', $joomla_date); $this->assignRef('config', $config); $this->assignRef('pane', $pane); $this->assignRef('feedburner', $feedburner); $this->assignRef('adsense', $adsense); $this->assignRef('twitter', $twitter); $this->assignRef('facebook', $facebook); $this->assignRef('linkedin', $linkedin); $this->assignRef('blogger', $blogger); $this->assignRef('user', $user); $this->assignRef('isNew', $isNew); $this->assignRef('params', $userParams); $this->assignRef('avatarIntegration', $avatarIntegration); $this->assignRef('post', $post); parent::display($tpl); }
public function save() { // Check for request forgeries $mainframe = JFactory::getApplication(); $jinput = $mainframe->input; JRequest::checkToken() or jexit(JText::_('COM_COMMUNITY_INVALID_TOKEN')); JFactory::getLanguage()->load(COM_USER_NAME); $user = JFactory::getUser(); $userid = $jinput->post->get('id', 0, 'int'); // preform security checks if ($user->get('id') == 0 || $userid == 0 || $userid != $user->get('id')) { echo $this->blockUnregister(); return; } $username = $user->get('username'); //if joomla settings allow change login name if (JComponentHelper::getParams('com_users')->get('change_login_name')) { $username = $jinput->get('username'); } //clean request $post = JRequest::get('post'); $post['username'] = $username; $post['password'] = JRequest::getVar('password', '', 'post', 'string', JREQUEST_ALLOWRAW); $post['password2'] = JRequest::getVar('password2', '', 'post', 'string', JREQUEST_ALLOWRAW); //check email $post['email'] = $post['jsemail']; $email = $post['email']; $emailPass = $post['emailpass']; $modelReg = $this->getModel('register'); //CFactory::load( 'helpers', 'validate' ); if (!CValidateHelper::email($email)) { $msg = JText::sprintf('COM_COMMUNITY_INVITE_EMAIL_INVALID', $email); $mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error'); return false; } if (!empty($email) && $email != $emailPass && $modelReg->isEmailExists(array('email' => $email))) { $msg = JText::sprintf('COM_COMMUNITY_EMAIL_EXIST', $email); $msg = stripslashes($msg); $mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error'); return false; } // get the redirect $return = CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false); // do a password safety check $changePassword = false; if (JString::strlen($post['jspassword']) || JString::strlen($post['jspassword2'])) { // so that "0" can be used as password e.g. if ($post['jspassword'] != $post['jspassword2']) { $msg = JText::_('PASSWORDS_DO_NOT_MATCH'); $mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=editDetails', false), $msg, 'error'); return false; } else { $changePassword = true; //Jooomla 3.2.0 fix. TO be remove in future if (version_compare(JVERSION, '3.2.0', '>=')) { $salt = JUserHelper::genRandomPassword(32); $crypt = JUserHelper::getCryptedPassword($post['jspassword'], $salt); $password = $crypt . ':' . $salt; } else { // Don't re-encrypt the password // JUser bind has encrypted the password if (class_exists(JUserHelper) && method_exists(JUserHelper, 'hashpassword')) { $password = JUserHelper::hashPassword($post['jspassword']); } else { $password = $post['jspassword']; } } } } // Handle the two factor authentication setup $data = $post['jform']; if (array_key_exists('twofactor', $data)) { if (!class_exists('UsersModelUser')) { require JPATH_ROOT . '/administrator/components/com_users/models/user.php'; } $model = new UsersModelUser(); $twoFactorMethod = $data['twofactor']['method']; $userId = CFactory::getUser()->id; // Get the current One Time Password (two factor auth) configuration $otpConfig = $model->getOtpConfig($userId); if ($twoFactorMethod != 'none') { // Run the plugins FOFPlatform::getInstance()->importPlugin('twofactorauth'); $otpConfigReplies = FOFPlatform::getInstance()->runPlugins('onUserTwofactorApplyConfiguration', array($twoFactorMethod)); // Look for a valid reply foreach ($otpConfigReplies as $reply) { if (!is_object($reply) || empty($reply->method) || $reply->method != $twoFactorMethod) { continue; } $otpConfig->method = $reply->method; $otpConfig->config = $reply->config; break; } // Save OTP configuration. $model->setOtpConfig($userId, $otpConfig); // Generate one time emergency passwords if required (depleted or not set) if (empty($otpConfig->otep)) { $oteps = $model->generateOteps($userId); } } else { $otpConfig->method = 'none'; $otpConfig->config = array(); $model->setOtpConfig($userId, $otpConfig); } // Unset the raw data unset($data['twofactor']); } // we don't want users to edit certain fields so we will unset them unset($post['gid']); unset($post['block']); unset($post['usertype']); unset($post['registerDate']); unset($post['activation']); //update CUser param 1st so that the new value will not be replace wif the old one. $my = CFactory::getUser(); $params = $my->getParams(); $postvars = $post['daylightsavingoffset']; $params->set('daylightsavingoffset', $postvars); // Store FB prefernce o ly FB connect data $connectModel = CFactory::getModel('Connect'); if ($connectModel->isAssociated($user->id)) { $postvars = !empty($post['postFacebookStatus']) ? 1 : 0; $my->_cparams->set('postFacebookStatus', $postvars); } if ($changePassword) { $my->set('password', $password); } /* Save for CUser */ $my->save(); $model = CFactory::getModel('profile'); $editSuccess = true; $msg = JText::_('COM_COMMUNITY_SETTINGS_SAVED'); $jUser = JFactory::getUser(); // Bind the form fields to the user table if (!$jUser->bind($post)) { $msg = $jUser->getError(); $editSuccess = false; } // Store the web link table to the database if (!$jUser->save()) { $msg = $jUser->getError(); $editSuccess = false; } if ($editSuccess) { /* Update Joomla! User session */ $session = JFactory::getSession(); $session->set('user', $jUser); // User with FB Connect, store post preference //execute the trigger $appsLib = CAppPlugins::getInstance(); $appsLib->loadApplications(); $userRow = array(); $userRow[] = $jUser; $appsLib->triggerEvent('onUserDetailsUpdate', $userRow); } $mainframe->redirect(CRoute::_('index.php?option=com_community&view=profile&task=edit', false), $msg); }
/** * Displays the author's form * * @since 4.0 * @access public * @param string * @return */ public function form() { // Check for access $this->checkAccess('easyblog.manage.user'); // Get the author's id $id = $this->input->get('id', 0, 'int'); $author = EB::user($id); // Get the session data $post = EB::getSession('EASYBLOG_REGISTRATION_POST'); // Set heading $title = 'COM_EASYBLOG_TITLE_EDIT_AUTHOR'; if (!$id) { $title = 'COM_EASYBLOG_TITLE_CREATE_AUTHOR'; } JToolBarHelper::title(JText::_($title), 'users'); $this->setHeading($title, '', 'fa-user'); $user = JFactory::getUser($id); // Determines if this is a new user or not $isNew = $user->id == 0 ? true : false; if ($isNew && !empty($post)) { unset($post['id']); $pwd = $post['password']; unset($post['password']); unset($post['password2']); $user->bind($post); $post['password'] = $pwd; $author->bind($post); } // Load up feedburner data $feedburner = EB::table('Feedburner'); $feedburner->load($author->id); // Load up twitter oauth client $twitter = EB::table('OAuth'); $twitter->load(array('user_id' => $user->id, 'type' => EBLOG_OAUTH_TWITTER, 'system' => false)); // Load up linkedin oauth table $linkedin = EB::table('OAuth'); $linkedin->load(array('user_id' => $user->id, 'type' => EBLOG_OAUTH_LINKEDIN, 'system' => false)); // Load up facebook oauth table $facebook = EB::table('OAuth'); $facebook->load(array('user_id' => $user->id, 'type' => EBLOG_OAUTH_FACEBOOK, 'system' => false)); $facebookClient = EB::oauth()->getClient(EBLOG_OAUTH_FACEBOOK); $twitterClient = EB::oauth()->getClient(EBLOG_OAUTH_TWITTER); $linkedinClient = EB::oauth()->getClient(EBLOG_OAUTH_LINKEDIN); // Load up adsense data $adsense = EB::table('Adsense'); $adsense->load($author->id); // If this is a new author and the post was submitted before if ($isNew && $post) { $feedburner->url = $post['feedburner_url']; $twitter->message = $post['integrations_twitter_message']; $twitter->auto = $post['integrations_twitter_auto']; $linkedin->auto = $post['integrations_linkedin_auto']; $linkedin->private = isset($post['integrations_linkedin_private']) ? $post['integrations_linkedin_private'] : false; $facebook->auto = $post['integrations_facebook_auto']; $adsense->published = $post['adsense_published']; $adsense->code = $post['adsense_code']; $adsense->display = $post['adsense_display']; } // Get the WYSIWYG editor $editor = JFactory::getEditor(); // Get the user params $params = $user->getParameters(true); // Get the params $bloggerParams = $author->getParams(); // Load up joomla's user forms require_once JPATH_ADMINISTRATOR . '/components/com_users/models/user.php'; $language = JFactory::getLanguage(); $language->load('com_users', JPATH_ADMINISTRATOR); JForm::addFormPath(JPATH_ADMINISTRATOR . '/components/com_users/models/forms'); JForm::addFieldPath(JPATH_ADMINISTRATOR . '/components/com_users/models/fields'); JForm::addFormPath(JPATH_ADMINISTRATOR . '/components/com_users/model/form'); JForm::addFieldPath(JPATH_ADMINISTRATOR . '/components/com_users/model/field'); $jUserModel = new UsersModelUser(); $form = $jUserModel->getForm(); $form->setValue('password', null); $form->setValue('password2', null); $this->set('linkedinClient', $linkedinClient); $this->set('twitterClient', $twitterClient); $this->set('facebookClient', $facebookClient); $this->set('form', $form); $this->set('editor', $editor); $this->set('bloggerParams', $bloggerParams); $this->set('user', $user); $this->set('author', $author); $this->set('params', $params); $this->set('feedburner', $feedburner); $this->set('adsense', $adsense); $this->set('twitter', $twitter); $this->set('facebook', $facebook); $this->set('linkedin', $linkedin); $this->set('isNew', $isNew); $this->set('post', $post); parent::display('bloggers/form'); }
public function getTwofactorform($user_id = null) { if (!class_exists('UsersModelUser')) { require JPATH_ROOT . '/administrator/components/com_users/models/user.php'; } $user_id = CFactory::getUser()->id; $userModel = new UsersModelUser(); $otpConfig = $userModel->getOtpConfig($user_id); FOFPlatform::getInstance()->importPlugin('twofactorauth'); return FOFPlatform::getInstance()->runPlugins('onUserTwofactorShowConfiguration', array($otpConfig, $user_id)); }
/** * Generate the hashed/salted/encoded password for the database * and to check the password at login: * if $row provided, it is checking the existing password (and update if needed) * if not provided, it will generate a new hashed password * * @param string $passwd cleartext * @return boolean TRUE/FALSE on password check */ public function verifyPassword($passwd) { global $_CB_framework; jimport('joomla.user.authentication'); $authenticate = \JAuthentication::getInstance(); // We're just checking the password so we need to make sure two step authentication is off: if (checkJversion('3.2+')) { /** @noinspection PhpIncludeInspection */ require_once $_CB_framework->getCfg('absolute_path') . '/administrator/components/com_users/models/user.php'; $userModel = new \UsersModelUser(); $twoStep = $userModel->getOtpConfig(0); $twoStep->model = 'none'; $options = array('otp_config' => $twoStep); } else { $options = array(); } $response = $authenticate->authenticate(array('username' => $this->username, 'password' => $passwd), $options); if ($response->status === \JAuthentication::STATUS_SUCCESS) { return true; } else { return false; } }