File manager

File manager - Edit - /home/opticamezl/www/newok/User.php.tar

Back
home/opticamezl/www/newok/libraries/src/Table/User.php��0000644��00000042410�15173000157�0017033 0��ustar�00��<?php /** * Joomla! Content Management System * * @copyright (C) 2005 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\CMS\Table; use Joomla\CMS\Factory; use Joomla\CMS\Filter\InputFilter; use Joomla\CMS\Language\Text; use Joomla\CMS\Mail\MailHelper; use Joomla\CMS\String\PunycodeHelper; use Joomla\Database\DatabaseDriver; use Joomla\Database\ParameterType; use Joomla\Registry\Registry; use Joomla\String\StringHelper; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('JPATH_PLATFORM') or die; // phpcs:enable PSR1.Files.SideEffects /* * Users table * * @since 1.7.0 / class User extends Table { /* * Indicates that columns fully support the NULL value in the database * * @var boolean * @since 4.0.0 / protected $_supportNullValue = true; /* * Associative array of group ids => group ids for the user * * @var array * @since 1.7.0 / public $groups; /* * Constructor * * @param DatabaseDriver $db Database driver object. * * @since 1.7.0 / public function __construct(DatabaseDriver $db) { parent::__construct('#__users', 'id', $db); // Initialise. $this->id = 0; $this->sendEmail = 0; } /* * Method to load a user, user groups, and any other necessary data * from the database so that it can be bound to the user object. * * @param integer $userId An optional user id. * @param boolean $reset False if row not found or on error * (internal error state set in that case). * * @return boolean True on success, false on failure. * * @since 1.7.0 / public function load($userId = null, $reset = true) { // Get the id to load. if ($userId !== null) { $this->id = $userId; } else { $userId = $this->id; } // Check for a valid id to load. if ($userId === null) { return false; } // Reset the table. $this->reset(); $userId = (int) $userId; // Load the user data. $query = $this->_db->getQuery(true) ->select('') ->from($this->_db->quoteName('#__users')) ->where($this->_db->quoteName('id') . ' = :userid') ->bind(':userid', $userId, ParameterType::INTEGER); $this->_db->setQuery($query); $data = (array) $this->_db->loadAssoc(); if (!\count($data)) { return false; } // Convert email from punycode $data['email'] = PunycodeHelper::emailToUTF8($data['email']); // Bind the data to the table. $return = $this->bind($data); if ($return !== false) { // Load the user groups. $query->clear() ->select($this->_db->quoteName('g.id')) ->select($this->_db->quoteName('g.title')) ->from($this->_db->quoteName('#__usergroups', 'g')) ->join( 'INNER', $this->_db->quoteName('#__user_usergroup_map', 'm'), $this->_db->quoteName('m.group_id') . ' = ' . $this->_db->quoteName('g.id') ) ->where($this->_db->quoteName('m.user_id') . ' = :muserid') ->bind(':muserid', $userId, ParameterType::INTEGER); $this->_db->setQuery($query); // Add the groups to the user data. $this->groups = $this->_db->loadAssocList('id', 'id'); } return $return; } /** * Method to bind the user, user groups, and any other necessary data. * * @param array $array The data to bind. * @param mixed $ignore An array or space separated list of fields to ignore. * * @return boolean True on success, false on failure. * * @since 1.7.0 / public function bind($array, $ignore = '') { if (\array_key_exists('params', $array) && \is_array($array['params'])) { $registry = new Registry($array['params']); $array['params'] = (string) $registry; } // Attempt to bind the data. $return = parent::bind($array, $ignore); // Load the real group data based on the bound ids. if ($return && !empty($this->groups)) { // Set the group ids. $this->groups = ArrayHelper::toInteger($this->groups); // Get the titles for the user groups. $query = $this->_db->getQuery(true) ->select($this->_db->quoteName('id')) ->select($this->_db->quoteName('title')) ->from($this->_db->quoteName('#__usergroups')) ->whereIn($this->_db->quoteName('id'), array_values($this->groups)); $this->_db->setQuery($query); // Set the titles for the user groups. $this->groups = $this->_db->loadAssocList('id', 'id'); } return $return; } /* * Validation and filtering * * @return boolean True if satisfactory * * @since 1.7.0 / public function check() { try { parent::check(); } catch (\Exception $e) { $this->setError($e->getMessage()); return false; } // Set user id to null instead of 0, if needed if ($this->id === 0) { $this->id = null; } $filterInput = InputFilter::getInstance(); // Validate user information if ($filterInput->clean($this->name, 'TRIM') == '') { $this->setError(Text::_('JLIB_DATABASE_ERROR_PLEASE_ENTER_YOUR_NAME')); return false; } if ($filterInput->clean($this->username, 'TRIM') == '') { $this->setError(Text::_('JLIB_DATABASE_ERROR_PLEASE_ENTER_A_USER_NAME')); return false; } if ( preg_match('#[<>"\'%;()&\\\\]\|\\.\\./#', $this->username) \|\| StringHelper::strlen($this->username) < 2 \|\| $filterInput->clean($this->username, 'TRIM') !== $this->username \|\| StringHelper::strlen($this->username) > 150 ) { $this->setError(Text::sprintf('JLIB_DATABASE_ERROR_VALID_AZ09', 2)); return false; } if ( ($filterInput->clean($this->email, 'TRIM') == '') \|\| !MailHelper::isEmailAddress($this->email) \|\| StringHelper::strlen($this->email) > 100 ) { $this->setError(Text::_('JLIB_DATABASE_ERROR_VALID_MAIL')); return false; } // Convert email to punycode for storage $this->email = PunycodeHelper::emailToPunycode($this->email); // Set the registration timestamp if (empty($this->registerDate)) { $this->registerDate = Factory::getDate()->toSql(); } // Set the lastvisitDate timestamp if (empty($this->lastvisitDate)) { $this->lastvisitDate = null; } // Set the lastResetTime timestamp if (empty($this->lastResetTime)) { $this->lastResetTime = null; } $uid = (int) $this->id; // Check for existing username $query = $this->_db->getQuery(true) ->select($this->_db->quoteName('id')) ->from($this->_db->quoteName('#__users')) ->where($this->_db->quoteName('username') . ' = :username') ->where($this->_db->quoteName('id') . ' != :userid') ->bind(':username', $this->username) ->bind(':userid', $uid, ParameterType::INTEGER); $this->_db->setQuery($query); $xid = (int) $this->_db->loadResult(); if ($xid && $xid != (int) $this->id) { $this->setError(Text::_('JLIB_DATABASE_ERROR_USERNAME_INUSE')); return false; } // Check for existing email $query->clear() ->select($this->_db->quoteName('id')) ->from($this->_db->quoteName('#__users')) ->where('LOWER(' . $this->_db->quoteName('email') . ') = LOWER(:mail)') ->where($this->_db->quoteName('id') . ' != :muserid') ->bind(':mail', $this->email) ->bind(':muserid', $uid, ParameterType::INTEGER); $this->_db->setQuery($query); $xid = (int) $this->_db->loadResult(); if ($xid && $xid != (int) $this->id) { $this->setError(Text::_('JLIB_DATABASE_ERROR_EMAIL_INUSE')); return false; } // Check for root_user != username $rootUser = Factory::getApplication()->get('root_user'); if (!is_numeric($rootUser)) { $query->clear() ->select($this->_db->quoteName('id')) ->from($this->_db->quoteName('#__users')) ->where($this->_db->quoteName('username') . ' = :username') ->bind(':username', $rootUser); $this->_db->setQuery($query); $xid = (int) $this->_db->loadResult(); if ( $rootUser == $this->username && (!$xid \|\| $xid && $xid != (int) $this->id) \|\| $xid && $xid == (int) $this->id && $rootUser != $this->username ) { $this->setError(Text::_('JLIB_DATABASE_ERROR_USERNAME_CANNOT_CHANGE')); return false; } } // Set an empty string value to the legacy otpKey and otep columns if empty $this->otpKey = $this->otpKey ?: ''; $this->otep = $this->otep ?: ''; return true; } /* * Method to store a row in the database from the Table instance properties. * * If a primary key value is set the row with that primary key value will be updated with the instance property values. * If no primary key value is set a new row will be inserted into the database with the properties from the Table instance. * * @param boolean $updateNulls True to update fields even if they are null. * * @return boolean True on success. * * @since 1.7.0 / public function store($updateNulls = true) { // Get the table key and key value. $k = $this->_tbl_key; $key = $this->$k; // @todo: This is a dumb way to handle the groups. // Store groups locally so as to not update directly. $groups = $this->groups; unset($this->groups); // Insert or update the object based on presence of a key value. if ($key) { // Already have a table key, update the row. $this->_db->updateObject($this->_tbl, $this, $this->_tbl_key, $updateNulls); } else { // Don't have a table key, insert the row. $this->_db->insertObject($this->_tbl, $this, $this->_tbl_key); } // Reset groups to the local object. $this->groups = $groups; $query = $this->_db->getQuery(true); // Store the group data if the user data was saved. if (\is_array($this->groups) && \count($this->groups)) { $uid = (int) $this->id; // Grab all usergroup entries for the user $query->clear() ->select($this->_db->quoteName('group_id')) ->from($this->_db->quoteName('#__user_usergroup_map')) ->where($this->_db->quoteName('user_id') . ' = :userid') ->bind(':userid', $uid, ParameterType::INTEGER); $this->_db->setQuery($query); $result = $this->_db->loadObjectList(); // Loop through them and check if database contains something $this->groups does not if (\count($result)) { $mapGroupId = []; foreach ($result as $map) { if (\array_key_exists($map->group_id, $this->groups)) { // It already exists, no action required unset($groups[$map->group_id]); } else { $mapGroupId[] = (int) $map->group_id; } } if (\count($mapGroupId)) { $query->clear() ->delete($this->_db->quoteName('#__user_usergroup_map')) ->where($this->_db->quoteName('user_id') . ' = :uid') ->whereIn($this->_db->quoteName('group_id'), $mapGroupId) ->bind(':uid', $uid, ParameterType::INTEGER); $this->_db->setQuery($query); $this->_db->execute(); } } // If there is anything left in this->groups it needs to be inserted if (\count($groups)) { // Set the new user group maps. $query->clear() ->insert($this->_db->quoteName('#__user_usergroup_map')) ->columns([$this->_db->quoteName('user_id'), $this->_db->quoteName('group_id')]); foreach ($groups as $group) { $query->values( implode( ',', $query->bindArray( [$this->id , $group], [ParameterType::INTEGER, ParameterType::INTEGER] ) ) ); } $this->_db->setQuery($query); $this->_db->execute(); } unset($groups); } // If a user is blocked, delete the cookie login rows if ($this->block == 1) { $query->clear() ->delete($this->_db->quoteName('#__user_keys')) ->where($this->_db->quoteName('user_id') . ' = :user_id') ->bind(':user_id', $this->username); $this->_db->setQuery($query); $this->_db->execute(); } return true; } /* * Method to delete a user, user groups, and any other necessary data from the database. * * @param integer $userId An optional user id. * * @return boolean True on success, false on failure. * * @since 1.7.0 / public function delete($userId = null) { // Set the primary key to delete. $k = $this->_tbl_key; if ($userId) { $this->$k = (int) $userId; } $key = (int) $this->$k; // Delete the user. $query = $this->_db->getQuery(true) ->delete($this->_db->quoteName($this->_tbl)) ->where($this->_db->quoteName($this->_tbl_key) . ' = :key') ->bind(':key', $key, ParameterType::INTEGER); $this->_db->setQuery($query); $this->_db->execute(); // Delete the user group maps. $query->clear() ->delete($this->_db->quoteName('#__user_usergroup_map')) ->where($this->_db->quoteName('user_id') . ' = :key') ->bind(':key', $key, ParameterType::INTEGER); $this->_db->setQuery($query); $this->_db->execute(); / * Clean Up Related Data. / $query->clear() ->delete($this->_db->quoteName('#__messages_cfg')) ->where($this->_db->quoteName('user_id') . ' = :key') ->bind(':key', $key, ParameterType::INTEGER); $this->_db->setQuery($query); $this->_db->execute(); $query->clear() ->delete($this->_db->quoteName('#__messages')) ->where($this->_db->quoteName('user_id_to') . ' = :key') ->bind(':key', $key, ParameterType::INTEGER); $this->_db->setQuery($query); $this->_db->execute(); $query->clear() ->delete($this->_db->quoteName('#__user_keys')) ->where($this->_db->quoteName('user_id') . ' = :username') ->bind(':username', $this->username); $this->_db->setQuery($query); $this->_db->execute(); return true; } /* * Updates last visit time of user * * @param integer $timeStamp The timestamp, defaults to 'now'. * @param integer $userId The user id (optional). * * @return boolean False if an error occurs * * @since 1.7.0 / public function setLastVisit($timeStamp = null, $userId = null) { // Check for User ID if (\is_null($userId)) { if (isset($this)) { $userId = $this->id; } else { jexit('No userid in setLastVisit'); } } // If no timestamp value is passed to function, then current time is used. if ($timeStamp === null) { $timeStamp = 'now'; } $date = Factory::getDate($timeStamp); $userId = (int) $userId; $lastVisit = $date->toSql(); // Update the database row for the user. $db = $this->_db; $query = $db->getQuery(true) ->update($db->quoteName($this->_tbl)) ->set($db->quoteName('lastvisitDate') . ' = :lastvisitDate') ->where($db->quoteName('id') . ' = :id') ->bind(':lastvisitDate', $lastVisit) ->bind(':id', $userId, ParameterType::INTEGER); $db->setQuery($query); $db->execute(); return true; } } ��home/opticamezl/www/newok/libraries/regularlabs/src/User.php��0000604��00000006547�15173113465�0020325 0��ustar�00��<?php /* * @package Regular Labs Library * @version 25.7.12430 * * @author Peter van Westen <info@regularlabs.com> * @link https://regularlabs.com * @copyright Copyright © 2025 Regular Labs All Rights Reserved * @license GNU General Public License version 2 or later / namespace RegularLabs\Library; use Joomla\CMS\Factory as JFactory; use Joomla\CMS\User\User as JUser; use Joomla\CMS\User\UserFactoryInterface; defined('_JEXEC') or die; class User { public static function get(?int $id = null): Juser { $cache = new \RegularLabs\Library\Cache(); if ($cache->exists()) { return $cache->get(); } $user = $id ? JFactory::getContainer()->get(UserFactoryInterface::class)->loadUserById($id) : JFactory::getApplication()->getIdentity(); if (!$user) { $user = JFactory::getContainer()->get(UserFactoryInterface::class)->loadUserById(0); } return $cache->set($user); } public static function getByEmail(string $email): ?JUser { return self::getByKey('email', $email); } public static function getById(?int $id = null): ?JUser { if (!$id) { return null; } $user = static::get($id); if ($user->guest) { return null; } return $user; } public static function getByKey(string $key, string $value): ?JUser { $id = self::getIdByKey($key, $value); if (!$id) { return null; } return self::getById($id); } public static function getByUsername(string $username): ?JUser { return self::getByKey('username', $username); } public static function getEmail(?int $id = null): string { return (string) self::getValue('email', $id, ''); } public static function getId(?int $id = null): int { return (int) self::getValue('id', $id, 0); } public static function getName(?int $id = null): string { return (string) self::getValue('name', $id, ''); } public static function getUsername(?int $id = null): string { return (string) self::getValue('username', $id, ''); } public static function getValue(string $key, ?int $id = null, $default = null): mixed { $user = self::get($id); return $user->{$key} ?? $default; } public static function hasId(int $id): bool { return self::getId() === $id; } public static function isAdministrator(?int $id = null): bool { return self::get($id)->authorise('core.admin') ?? \false; } public static function isCurrent(int $id): bool { return self::hasId($id); } public static function isGuest(?int $id = null): bool { return (bool) self::getValue('guest', $id, \true); } private static function getIdByKey(string $key, string $value): int { $cache = new \RegularLabs\Library\Cache(); if ($cache->exists()) { return $cache->get(); } $db = JFactory::getDbo(); $query = $db->getQuery(\true)->select($db->quoteName('id'))->from($db->quoteName('#__users'))->where($db->quoteName($key) . ' = :value')->bind(':value', $value)->setLimit(1); $db->setQuery($query); $id = (int) $db->loadResult(); return $cache->set($id); } } ��home/opticamezl/www/newok/libraries/src/User/User.php��0000644��00000060640�15173463116�0016737 0��ustar�00��<?php /* * Joomla! Content Management System * * @copyright (C) 2006 Open Source Matters, Inc. <https://www.joomla.org> * @license GNU General Public License version 2 or later; see LICENSE.txt / namespace Joomla\CMS\User; use Joomla\CMS\Access\Access; use Joomla\CMS\Factory; use Joomla\CMS\Language\Text; use Joomla\CMS\Log\Log; use Joomla\CMS\Object\CMSObject; use Joomla\CMS\Plugin\PluginHelper; use Joomla\CMS\Table\Table; use Joomla\Registry\Registry; use Joomla\Utilities\ArrayHelper; // phpcs:disable PSR1.Files.SideEffects \defined('JPATH_PLATFORM') or die; // phpcs:enable PSR1.Files.SideEffects /* * User class. Handles all application interaction with a user * * @since 1.7.0 / class User extends CMSObject { /* * A cached switch for if this user has root access rights. * * @var boolean * @since 1.7.0 / protected $isRoot = null; /* * Unique id * * @var integer * @since 1.7.0 / public $id = null; /* * The user's real name (or nickname) * * @var string * @since 1.7.0 / public $name = null; /* * The login name * * @var string * @since 1.7.0 / public $username = null; /* * The email * * @var string * @since 1.7.0 / public $email = null; /* * MD5 encrypted password * * @var string * @since 1.7.0 / public $password = null; /* * Clear password, only available when a new password is set for a user * * @var string * @since 1.7.0 / public $password_clear = ''; /* * Block status * * @var integer * @since 1.7.0 / public $block = null; /* * Should this user receive system email * * @var integer * @since 1.7.0 / public $sendEmail = null; /* * Date the user was registered * * @var string * @since 1.7.0 / public $registerDate = null; /* * Date of last visit * * @var string * @since 1.7.0 / public $lastvisitDate = null; /* * Activation hash * * @var string * @since 1.7.0 / public $activation = null; /* * User parameters * * @var Registry * @since 1.7.0 / public $params = null; /* * Associative array of user names => group ids * * @var array * @since 1.7.0 / public $groups = []; /* * Guest status * * @var integer * @since 1.7.0 / public $guest = null; /* * Last Reset Time * * @var string * @since 3.0.1 / public $lastResetTime = null; /* * Count since last Reset Time * * @var integer * @since 3.0.1 / public $resetCount = null; /* * Flag to require the user's password be reset * * @var integer * @since 3.2 / public $requireReset = null; /* * User parameters * * @var Registry * @since 1.7.0 / protected $_params = null; /* * Authorised access groups * * @var array * @since 1.7.0 / protected $_authGroups = null; /* * Authorised access levels * * @var array * @since 1.7.0 / protected $_authLevels = null; /* * Authorised access actions * * @var array * @since 1.7.0 / protected $_authActions = null; /* * Error message * * @var string * @since 1.7.0 / protected $_errorMsg = null; /* * @var array User instances container. * @since 1.7.3 / protected static $instances = []; /* * The access level id * * @var integer * @since 4.3.0 * * @deprecated 4.4.0 will be removed in 6.0 as this property is not used anymore / public $aid = null; /* * Constructor activating the default information of the language * * @param integer $identifier The primary key of the user to load (optional). * * @since 1.7.0 / public function __construct($identifier = 0) { // Create the user parameters object $this->_params = new Registry(); // Load the user if it exists if (!empty($identifier)) { $this->load($identifier); } else { // Initialise $this->id = 0; $this->sendEmail = 0; $this->aid = 0; $this->guest = 1; } } /* * Returns the global User object, only creating it if it doesn't already exist. * * @param integer $identifier The primary key of the user to load (optional). * * @return User The User object. * * @since 1.7.0 * @deprecated 4.3 will be removed in 6.0 * Load the user service from the dependency injection container or via $app->getIdentity() * Example: Factory::getContainer()->get(UserFactoryInterface::class)->loadUserById($id) / public static function getInstance($identifier = 0) { @trigger_error( sprintf( '%1$s() is deprecated. Load the user from the dependency injection container or via %2$s::getApplication()->getIdentity().', __METHOD__, __CLASS__ ), E_USER_DEPRECATED ); // Find the user id if (!is_numeric($identifier)) { return Factory::getContainer()->get(UserFactoryInterface::class)->loadUserByUsername($identifier); } else { $id = $identifier; } // If the $id is zero, just return an empty User. // Note: don't cache this user because it'll have a new ID on save! if ($id === 0) { return Factory::getContainer()->get(UserFactoryInterface::class)->loadUserById($id); } // Check if the user ID is already cached. if (empty(self::$instances[$id])) { self::$instances[$id] = Factory::getContainer()->get(UserFactoryInterface::class)->loadUserById($id); } return self::$instances[$id]; } /* * Method to get a parameter value * * @param string $key Parameter key * @param mixed $default Parameter default value * * @return mixed The value or the default if it did not exist * * @since 1.7.0 / public function getParam($key, $default = null) { return $this->_params->get($key, $default); } /* * Method to set a parameter * * @param string $key Parameter key * @param mixed $value Parameter value * * @return mixed Set parameter value * * @since 1.7.0 / public function setParam($key, $value) { return $this->_params->set($key, $value); } /* * Method to set a default parameter if it does not exist * * @param string $key Parameter key * @param mixed $value Parameter value * * @return mixed Set parameter value * * @since 1.7.0 / public function defParam($key, $value) { return $this->_params->def($key, $value); } /* * Method to check User object authorisation against an access control * object and optionally an access extension object * * @param string $action The name of the action to check for permission. * @param string $assetname The name of the asset on which to perform the action. * * @return boolean True if authorised * * @since 1.7.0 / public function authorise($action, $assetname = null) { // Make sure we only check for core.admin once during the run. if ($this->isRoot === null) { $this->isRoot = false; // Check for the configuration file failsafe. $rootUser = Factory::getApplication()->get('root_user'); // The root_user variable can be a numeric user ID or a username. if (is_numeric($rootUser) && $this->id > 0 && $this->id == $rootUser) { $this->isRoot = true; } elseif ($this->username && $this->username == $rootUser) { $this->isRoot = true; } elseif ($this->id > 0) { // Get all groups against which the user is mapped. $identities = $this->getAuthorisedGroups(); array_unshift($identities, $this->id -1); if (Access::getAssetRules(1)->allow('core.admin', $identities)) { $this->isRoot = true; return true; } } } return $this->isRoot ? true : (bool) Access::check($this->id, $action, $assetname); } /** * Method to return a list of all categories that a user has permission for a given action * * @param string $component The component from which to retrieve the categories * @param string $action The name of the section within the component from which to retrieve the actions. * * @return array List of categories that this group can do this action to (empty array if none). Categories must be published. * * @since 1.7.0 / public function getAuthorisedCategories($component, $action) { // Brute force method: get all published category rows for the component and check each one // @todo: Modify the way permissions are stored in the db to allow for faster implementation and better scaling $db = Factory::getDbo(); $subQuery = $db->getQuery(true) ->select($db->quoteName(['id', 'asset_id'])) ->from($db->quoteName('#__categories')) ->where( [ $db->quoteName('extension') . ' = :component', $db->quoteName('published') . ' = 1', ] ); $query = $db->getQuery(true) ->select($db->quoteName(['c.id', 'a.name'])) ->from('(' . $subQuery . ') AS ' . $db->quoteName('c')) ->join('INNER', $db->quoteName('#__assets', 'a'), $db->quoteName('c.asset_id') . ' = ' . $db->quoteName('a.id')) ->bind(':component', $component); $db->setQuery($query); $allCategories = $db->loadObjectList('id'); $allowedCategories = []; foreach ($allCategories as $category) { if ($this->authorise($action, $category->name)) { $allowedCategories[] = (int) $category->id; } } return $allowedCategories; } /* * Gets an array of the authorised access levels for the user * * @return array * * @since 1.7.0 / public function getAuthorisedViewLevels() { if ($this->_authLevels === null) { $this->_authLevels = []; } if (empty($this->_authLevels)) { $this->_authLevels = Access::getAuthorisedViewLevels($this->id); } return $this->_authLevels; } /* * Gets an array of the authorised user groups * * @return array * * @since 1.7.0 / public function getAuthorisedGroups() { if ($this->_authGroups === null) { $this->_authGroups = []; } if (empty($this->_authGroups)) { $this->_authGroups = Access::getGroupsByUser($this->id); } return $this->_authGroups; } /* * Clears the access rights cache of this user * * @return void * * @since 3.4.0 / public function clearAccessRights() { $this->_authLevels = null; $this->_authGroups = null; $this->isRoot = null; Access::clearStatics(); } /* * Pass through method to the table for setting the last visit date * * @param integer $timestamp The timestamp, defaults to 'now'. * * @return boolean True on success. * * @since 1.7.0 / public function setLastVisit($timestamp = null) { // Create the user table object /* @var \Joomla\CMS\Table\User $table / $table = $this->getTable(); $table->load($this->id); return $table->setLastVisit($timestamp); } /* * Method to get the user timezone. * * If the user didn't set a timezone, it will return the server timezone * * @return \DateTimeZone * * @since 3.7.0 / public function getTimezone() { $timezone = $this->getParam('timezone', Factory::getApplication()->get('offset', 'GMT')); return new \DateTimeZone($timezone); } /* * Method to get the user parameters * * @param object $params The user parameters object * * @return void * * @since 1.7.0 / public function setParameters($params) { $this->_params = $params; } /* * Method to get the user table object * * This function uses a static variable to store the table name of the user table to * instantiate. You can call this function statically to set the table name if * needed. * * @param string $type The user table name to be used * @param string $prefix The user table prefix to be used * * @return Table The user table object * * @note At 4.0 this method will no longer be static * @since 1.7.0 / public static function getTable($type = null, $prefix = 'JTable') { static $tabletype; // Set the default tabletype; if (!isset($tabletype)) { $tabletype['name'] = 'user'; $tabletype['prefix'] = 'JTable'; } // Set a custom table type is defined if (isset($type)) { $tabletype['name'] = $type; $tabletype['prefix'] = $prefix; } // Create the user table object return Table::getInstance($tabletype['name'], $tabletype['prefix']); } /* * Method to bind an associative array of data to a user object * * @param array &$array The associative array to bind to the object * * @return boolean True on success * * @since 1.7.0 / public function bind(&$array) { // Let's check to see if the user is new or not if (empty($this->id)) { // Check the password and create the crypted password if (empty($array['password'])) { $array['password'] = UserHelper::genRandomPassword(32); $array['password2'] = $array['password']; } // Not all controllers check the password, although they should. // Hence this code is required: if (isset($array['password2']) && $array['password'] != $array['password2']) { Factory::getApplication()->enqueueMessage(Text::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH'), 'error'); return false; } $this->password_clear = ArrayHelper::getValue($array, 'password', '', 'string'); $array['password'] = UserHelper::hashPassword($array['password']); // Set the registration timestamp $this->set('registerDate', Factory::getDate()->toSql()); } else { // Updating an existing user if (!empty($array['password'])) { if ($array['password'] != $array['password2']) { $this->setError(Text::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH')); return false; } $this->password_clear = ArrayHelper::getValue($array, 'password', '', 'string'); // Check if the user is reusing the current password if required to reset their password if ($this->requireReset == 1 && UserHelper::verifyPassword($this->password_clear, $this->password)) { $this->setError(Text::_('JLIB_USER_ERROR_CANNOT_REUSE_PASSWORD')); return false; } $array['password'] = UserHelper::hashPassword($array['password']); // Reset the change password flag $array['requireReset'] = 0; } else { $array['password'] = $this->password; } // Prevent updating internal fields unset($array['registerDate']); unset($array['lastvisitDate']); unset($array['lastResetTime']); unset($array['resetCount']); } if (\array_key_exists('params', $array)) { $this->_params->loadArray($array['params']); if (\is_array($array['params'])) { $params = (string) $this->_params; } else { $params = $array['params']; } $this->params = $params; } // Bind the array if (!$this->setProperties($array)) { $this->setError(Text::_('JLIB_USER_ERROR_BIND_ARRAY')); return false; } // Make sure its an integer $this->id = (int) $this->id; return true; } /* * Method to save the User object to the database * * @param boolean $updateOnly Save the object only if not a new user * Currently only used in the user reset password method. * * @return boolean True on success * * @since 1.7.0 * @throws \RuntimeException / public function save($updateOnly = false) { // Create the user table object $table = $this->getTable(); $this->params = (string) $this->_params; $table->bind($this->getProperties()); // Allow an exception to be thrown. try { // Check and store the object. if (!$table->check()) { $this->setError($table->getError()); return false; } // If user is made a Super Admin group and user is NOT a Super Admin // @todo ACL - this needs to be acl checked $my = Factory::getUser(); // Are we creating a new user $isNew = empty($this->id); // If we aren't allowed to create new users return if ($isNew && $updateOnly) { return true; } // Get the old user $oldUser = new User($this->id); // Access Checks // The only mandatory check is that only Super Admins can operate on other Super Admin accounts. // To add additional business rules, use a user plugin and throw an Exception with onUserBeforeSave. // Check if I am a Super Admin $iAmSuperAdmin = $my->authorise('core.admin'); $iAmRehashingSuperadmin = false; if (($my->id == 0 && !$isNew) && $this->id == $oldUser->id && $oldUser->authorise('core.admin') && $oldUser->password != $this->password) { $iAmRehashingSuperadmin = true; } // Check if we are using a CLI application $isCli = false; if (Factory::getApplication()->isCli()) { $isCli = true; } // We are only worried about edits to this account if I am not a Super Admin. if ($iAmSuperAdmin != true && $iAmRehashingSuperadmin != true && $isCli != true) { // I am not a Super Admin, and this one is, so fail. if (!$isNew && Access::check($this->id, 'core.admin')) { throw new \RuntimeException('User not Super Administrator'); } if ($this->groups != null) { // I am not a Super Admin and I'm trying to make one. foreach ($this->groups as $groupId) { if (Access::checkGroup($groupId, 'core.admin')) { throw new \RuntimeException('User not Super Administrator'); } } } } // Unset the activation token, if the mail address changes - that affects both, activation and PW resets if ($this->email !== $oldUser->email && $this->id !== 0 && !empty($this->activation) && !$this->block) { $table->activation = ''; } // Fire the onUserBeforeSave event. PluginHelper::importPlugin('user'); $result = Factory::getApplication()->triggerEvent('onUserBeforeSave', [$oldUser->getProperties(), $isNew, $this->getProperties()]); if (\in_array(false, $result, true)) { // Plugin will have to raise its own error or throw an exception. return false; } // Store the user data in the database $result = $table->store(); // Set the id for the User object in case we created a new user. if (empty($this->id)) { $this->id = $table->get('id'); } if ($my->id == $table->id) { $registry = new Registry($table->params); $my->setParameters($registry); } // Fire the onUserAfterSave event Factory::getApplication()->triggerEvent('onUserAfterSave', [$this->getProperties(), $isNew, $result, $this->getError()]); } catch (\Exception $e) { $this->setError($e->getMessage()); return false; } return $result; } /* * Method to delete the User object from the database * * @return boolean True on success * * @since 1.7.0 / public function delete() { PluginHelper::importPlugin('user'); // Trigger the onUserBeforeDelete event Factory::getApplication()->triggerEvent('onUserBeforeDelete', [$this->getProperties()]); // Create the user table object $table = $this->getTable(); if (!$result = $table->delete($this->id)) { $this->setError($table->getError()); } // Trigger the onUserAfterDelete event Factory::getApplication()->triggerEvent('onUserAfterDelete', [$this->getProperties(), $result, $this->getError()]); return $result; } /* * Method to load a User object by user id number * * @param mixed $id The user id of the user to load * * @return boolean True on success * * @since 1.7.0 / public function load($id) { // Create the user table object $table = $this->getTable(); // Load the UserModel object based on the user id or throw a warning. if (!$table->load($id)) { // Reset to guest user $this->guest = 1; Log::add(Text::sprintf('JLIB_USER_ERROR_UNABLE_TO_LOAD_USER', $id), Log::WARNING, 'jerror'); return false; } / * Set the user parameters using the default XML file. We might want to * extend this in the future to allow for the ability to have custom * user parameters, but for right now we'll leave it how it is. / if ($table->params) { $this->_params->loadString($table->params); } // Assuming all is well at this point let's bind the data $this->setProperties($table->getProperties()); // The user is no longer a guest if ($this->id != 0) { $this->guest = 0; } else { $this->guest = 1; } return true; } /* * Method to allow serialize the object with minimal properties. * * @return array The names of the properties to include in serialization. * * @since 3.6.0 / public function __sleep() { return ['id']; } /* * Method to recover the full object on unserialize. * * @return void * * @since 3.6.0 */ public function __wakeup() { // Initialise some variables $this->_params = new Registry(); // Load the user if it exists if (!empty($this->id) && $this->load($this->id)) { // Push user into cached instances. self::$instances[$this->id] = $this; } else { // Initialise $this->id = 0; $this->sendEmail = 0; $this->aid = 0; $this->guest = 1; } } } ��

| ver. 1.4 | Github | . | PHP 8.3.23 | Generation time: 0 | proxy | phpinfo | Settings