AAAAhome/academiac/www/administrator/components/com_virtuemart/models/user.php000060400000141265151372160750023302 0ustar00setMainTable('vmusers'); $this->setToggleName('user_is_vendor'); $this->addvalidOrderingFieldName(array('ju.username','ju.name','sg.virtuemart_shoppergroup_id','shopper_group_name','shopper_group_desc') ); array_unshift($this->_validOrderingFieldName,'ju.id'); // $user = JFactory::getUser(); // $this->_id = $user->id; } /** * public function Resets the user id and data * * * @author Max Milbers */ public function setId($cid){ $user = JFactory::getUser(); //anonymous sets to 0 for a new entry if(empty($user->id)){ $userId = 0; //echo($this->_id,'Recognized anonymous case'); } else { //not anonymous, but no cid means already registered user edit own data if(empty($cid)){ $userId = $user->id; // vmdebug('setId setCurrent $user',$user->get('id')); } else { if($cid != $user->id){ if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR.DS.'helpers'.DS.'permissions.php'); if(Permissions::getInstance()->check("admin")) { $userId = $cid; // vmdebug('Admin watches user, setId '.$cid); } else { JError::raiseWarning(1,'Hacking attempt'); $userId = $user->id; } }else { $userId = $user->id; } } } $this->setUserId($userId); return $userId; } /** * Internal function * * @param unknown_type $id */ private function setUserId($id){ $app = JFactory::getApplication(); // if($app->isAdmin()){ if($this->_id!=$id){ $this->_id = (int)$id; $this->_data = null; $this->customer_number = 0; } // } } public function getCurrentUser(){ $user = JFactory::getUser(); $this->setUserId($user->id); return $this->getUser(); } private $_defaultShopperGroup = 0; /** * Sets the internal user id with given vendor Id * * @author Max Milbers * @param int $vendorId */ function getVendor($vendorId=1,$return=TRUE){ $vendorModel = VmModel::getModel('vendor'); $userId = VirtueMartModelVendor::getUserIdByVendorId($vendorId); if($userId){ $this->setUserId($userId); if($return){ return $this->getUser(); } } else { return false; } } /** * Retrieve the detail record for the current $id if the data has not already been loaded. * @author Max Milbers */ function getUser(){ if(!empty($this->_data)) return $this->_data; if(empty($this->_db)) $this->_db = JFactory::getDBO(); $this->_data = $this->getTable('vmusers'); $this->_data->load((int)$this->_id); // vmdebug('$this->_data->vmusers',$this->_data); $this->_data->JUser = JUser::getInstance($this->_id); // vmdebug('$this->_data->JUser',$this->_data->JUser); if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR.DS.'helpers'.DS.'permissions.php'); $this->_data->perms = Permissions::getInstance()->getPermissions((int)$this->_id); // Add the virtuemart_shoppergroup_ids $xrefTable = $this->getTable('vmuser_shoppergroups'); $this->_data->shopper_groups = $xrefTable->load($this->_id); $shoppergroupmodel = VmModel::getModel('ShopperGroup'); $site = JFactory::getApplication ()->isSite (); if($site){ if(empty($this->_data->shopper_groups)) $this->_data->shopper_groups = array(); $shoppergroupmodel->appendShopperGroups($this->_data->shopper_groups,$this->_data->JUser,$site); } if(!empty($this->_id)) { $q = 'SELECT `virtuemart_userinfo_id` FROM `#__virtuemart_userinfos` WHERE `virtuemart_user_id` = "' . (int)$this->_id.'"'; $this->_db->setQuery($q); $userInfo_ids = $this->_db->loadResultArray(0); } else { $userInfo_ids = array(); } // vmdebug('my query',$this->_db->getQuery()); //vmdebug('my $_ui',$userInfo_ids,$this->_id); $this->_data->userInfo = array (); $BTuid = 0; foreach($userInfo_ids as $uid){ $this->_data->userInfo[$uid] = $this->getTable('userinfos'); $this->_data->userInfo[$uid]->load($uid); if ($this->_data->userInfo[$uid]->address_type == 'BT') { $BTuid = $uid; $this->_data->userInfo[$BTuid]->name = $this->_data->JUser->name; $this->_data->userInfo[$BTuid]->email = $this->_data->JUser->email; $this->_data->userInfo[$BTuid]->username = $this->_data->JUser->username; $this->_data->userInfo[$BTuid]->address_type = 'BT'; // vmdebug('$this->_data->vmusers',$this->_data); } } // vmdebug('user_is_vendor ?',$this->_data->user_is_vendor); if($this->_data->user_is_vendor){ $vendorModel = VmModel::getModel('vendor'); if(Vmconfig::get('multix','none')=='none'){ $this->_data->virtuemart_vendor_id = 1; //vmdebug('user model, single vendor',$this->_data->virtuemart_vendor_id); } $vendorModel->setId($this->_data->virtuemart_vendor_id); $this->_data->vendor = $vendorModel->getVendor(); } return $this->_data; } /** * Retrieve contact info for a user if any * * @return array of null */ function getContactDetails() { if ($this->_id) { $this->_db->setQuery('SELECT * FROM #__contact_details WHERE user_id = ' . $this->_id); $_contacts = $this->_db->loadObjectList(); if (count($_contacts) > 0) { return $_contacts[0]; } } return null; } /** * Functions belonging to get_groups_below_me Taken with correspondence from CommunityBuilder * adjusted to the our needs * @version $Id: user.php 6543 2012-10-16 06:41:27Z Milbo $ * @package Community Builder * @subpackage cb.acl.php * @author Beat and mambojoe * @author Max Milbers * @copyright (C) Beat, www.joomlapolis.com * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU/GPL version 2 */ function get_object_id( $var_1 = null, $var_2 = null, $var_3 = null ) { if ( JVM_VERSION === 2) { $return = $var_2; } else { $return = $this->_acl->get_object_id( $var_1, $var_2, $var_3 ); } return $return; } /** * Taken with correspondence from CommunityBuilder * adjusted to the our needs * @version $Id: user.php 6543 2012-10-16 06:41:27Z Milbo $ * @package Community Builder * @subpackage cb.acl.php * @author Beat and mambojoe * @author Max Milbers * @copyright (C) Beat, www.joomlapolis.com * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU/GPL version 2 */ function get_object_groups( $var_1 = null, $var_2 = null, $var_3 = null ) { if ( version_compare(JVERSION,'1.6.0','ge') ) { $user_id = ( is_integer( $var_1 ) ? $var_1 : $var_2 ); $recurse = ( $var_3 == 'RECURSE' ? true : false ); $return = $this->_acl->getGroupsByUser( $user_id, $recurse ); } else { if ( ! $var_2 ) { $var_2 = 'ARO'; } if ( ! $var_3 ) { $var_3 = 'NO_RECURSE'; } $return = $this->_acl->get_object_groups( $var_1, $var_2, $var_3 ); } return $return; } /** * Remap literal groups (such as in default values) to the hardcoded CMS values * * @param string|array $name of int|string * @return int|array of int */ function mapGroupNamesToValues( $name ) { static $ps = null; $selected = (array) $name; foreach ( $selected as $k => $v ) { if ( ! is_numeric( $v ) ) { if ( ! $ps ) { if ( JVM_VERSION === 2 ) { $ps = array( 'Root' => 0 , 'Users' => 0 , 'Public' => 1, 'Registered' => 2, 'Author' => 3, 'Editor' => 4, 'Publisher' => 5, 'Backend' => 0 , 'Manager' => 6, 'Administrator' => 7, 'Superadministrator' => 8 ); } else { $ps = array( 'Root' => 17, 'Users' => 28, 'Public' => 29, 'Registered' => 18, 'Author' => 19, 'Editor' => 20, 'Publisher' => 21, 'Backend' => 30, 'Manager' => 23, 'Administrator' => 24, 'Superadministrator' => 25 ); } } if ( array_key_exists( $v, $ps ) ) { if ( $ps[$v] != 0 ) { $selected[$k] = $ps[$v]; } else { unset( $selected[$k] ); } } else { $selected[$k] = (int) $v; } } } if ( ! is_array( $name ) ) { $selected = $selected[0]; } return $selected; } function get_group_children_tree( $var_1 = null, $var_2 = null, $var_3 = null, $var_4 = null ) { $_CB_database = &$this->getDbo(); if ( ! $var_4 ) { $var_4 = true; } if ( JVM_VERSION === 2 ) { $query = 'SELECT a.' . $_CB_database->NameQuote( 'id' ) . ' AS value' . ', a.' . $_CB_database->NameQuote( 'title' ) . ' AS text' . ', COUNT( DISTINCT b.' . $_CB_database->NameQuote( 'id' ) . ' ) AS level' . "\n FROM " . $_CB_database->NameQuote( '#__usergroups' ) . " AS a" . "\n LEFT JOIN " . $_CB_database->NameQuote( '#__usergroups' ) . " AS b" . ' ON a.' . $_CB_database->NameQuote( 'lft' ) . ' > b.' . $_CB_database->NameQuote( 'lft' ) . ' AND a.' . $_CB_database->NameQuote( 'rgt' ) . ' < b.' . $_CB_database->NameQuote( 'rgt' ) . "\n GROUP BY a." . $_CB_database->NameQuote( 'id' ) . "\n ORDER BY a." . $_CB_database->NameQuote( 'lft' ) . " ASC"; $_CB_database->setQuery( $query ); $groups = $_CB_database->loadObjectList(); $user_groups = array(); for ( $i = 0, $n = count( $groups ); $i < $n; $i++ ) { $groups[$i]->text = str_repeat( '- ', $groups[$i]->level ) . JText::_( $groups[$i]->text ); if ( $var_4 ) { $user_groups[$i] = JHtml::_( 'select.option', $groups[$i]->value, $groups[$i]->text ); } else { $user_groups[$i] = array( 'value' => $groups[$i]->value, 'text' => $groups[$i]->text ); } } $return = $user_groups; } else { if ( ! $var_3 ) { $var_3 = true; } $return = $this->_acl->get_group_children_tree( $var_1, $var_2, $var_3, $var_4 ); } return $return; } /** * Return a list with groups that can be set by the current user * * @return mixed Array with groups that can be set, or the groupname (string) if it cannot be changed. */ function getGroupList() { if(JVM_VERSION === 2) { //hm CB thing also not help // $_grpList = $this->get_groups_below_me(); // return $_grpList; /* if(!class_exists('UsersModelUser')) require(JPATH_ROOT.DS.'administrator'.DS.'components'.DS.'com_users'.DS.'models'.DS.'user.php'); $jUserModel = new UsersModelUser(); $list = $jUserModel->getGroups(); $user = JFactory::getUser(); if ($user->authorise('core.edit', 'com_users') && $user->authorise('core.manage', 'com_users')) { $model = JModel::getInstance('Groups', 'UsersModel', array('ignore_request' => true)); return $model->getItems(); } else { return null; }*/ $user = JFactory::getUser(); $authGroups = JAccess::getGroupsByUser($user->id); // $authGroups = $user->getAuthorisedGroups(); // vmdebug('getGroupList j17',$authGroups); $db = $this->getDbo(); $where = implode($authGroups,'" OR `id` = "').'"'; $q = 'SELECT `id` as value,`title` as text FROM #__usergroups WHERE `id` = "'.$where; $db->setQuery($q); $list = $db->loadAssocList(); // foreach($list as $item){ // vmdebug('getGroupList $item ',$item); // } // vmdebug('getGroupList $q '.$list); return $list; } else { $_aclObject = JFactory::getACL(); if(empty($this->_data)) $this->getUser(); if (JVM_VERSION>1){ //TODO fix this latter. It's just an workarround to make it working on 1.6 $gids = $this->_data->JUser->get('groups'); return array_flip($gids); } $_usr = $_aclObject->get_object_id ('users', $this->_data->JUser->get('id'), 'ARO'); $_grp = $_aclObject->get_object_groups ($_usr, 'ARO'); $_grpName = strtolower ($_aclObject->get_group_name($_grp[0], 'ARO')); $_currentUser = JFactory::getUser(); $_my_usr = $_aclObject->get_object_id ('users', $_currentUser->get('id'), 'ARO'); $_my_grp = $_aclObject->get_object_groups ($_my_usr, 'ARO'); $_my_grpName = strtolower ($_aclObject->get_group_name($_my_grp[0], 'ARO')); // administrators can't change each other and frontend-only users can only see groupnames if (( $_grpName == $_my_grpName && $_my_grpName == 'administrator' ) || !$_aclObject->is_group_child_of($_my_grpName, 'Public Backend')) { return $_grpName; } else { $_grpList = $_aclObject->get_group_children_tree(null, 'USERS', false); $_remGroups = $_aclObject->get_group_children( $_my_grp[0], 'ARO', 'RECURSE' ); if (!$_remGroups) { $_remGroups = array(); } // Make sure privs higher than my own can't be granted if (in_array($_grp[0], $_remGroups)) { // nor can privs of users with higher privs be decreased. return $_grpName; } $_i = 0; $_j = count($_grpList); while ($_i < $_j) { if (in_array($_grpList[$_i]->value, $_remGroups)) { array_splice( $_grpList, $_i, 1 ); $_j = count($_grpList); } else { $_i++; } } return $_grpList; } } } /** * Bind the post data to the JUser object and the VM tables, then saves it * It is used to register new users * This function can also change already registered users, this is important when a registered user changes his email within the checkout. * * @author Max Milbers * @author Oscar van Eijk * @return boolean True is the save was successful, false otherwise. */ public function store(&$data,$checkToken = TRUE){ $message = ''; $user = ''; $newId = 0; if($checkToken){ JRequest::checkToken() or jexit( 'Invalid Token, while trying to save user' ); $mainframe = JFactory::getApplication() ; } if(empty($data)){ vmError('Developer notice, no data to store for user'); return false; } //To find out, if we have to register a new user, we take a look on the id of the usermodel object. //The constructor sets automatically the right id. $new = ($this->_id < 1); if(empty($this->_id)){ $user = new JUser(); //thealmega http://forum.virtuemart.net/index.php?topic=99755.msg393758#msg393758 } else { $user = JFactory::getUser($this->_id); } $gid = $user->get('gid'); // Save original gid // Preformat and control user datas by plugin JPluginHelper::importPlugin('vmuserfield'); $dispatcher = JDispatcher::getInstance(); $valid = true ; $dispatcher->trigger('plgVmOnBeforeUserfieldDataSave',array(&$valid,$this->_id,&$data,$user )); // $valid must be false if plugin detect an error if( $valid == false ) { return false; } // Before I used this "if($cart && !$new)" // This construction is necessary, because this function is used to register a new JUser, so we need all the JUser data in $data. // On the other hand this function is also used just for updating JUser data, like the email for the BT address. In this case the // name, username, password and so on is already stored in the JUser and dont need to be entered again. if(empty ($data['email'])){ $email = $user->get('email'); if(!empty($email)){ $data['email'] = $email; } } else { $data['email'] = JRequest::getString('email', '', 'post', 'email'); } $data['email'] = str_replace(array('\'','"',',','%','*','/','\\','?','^','`','{','}','|','~'),array(''),$data['email']); //This is important, when a user changes his email address from the cart, //that means using view user layout edit_address (which is called from the cart) $user->set('email',$data['email']); if(empty ($data['name'])){ $name = $user->get('name'); if(!empty($name)){ $data['name'] = $name; } } else { $data['name'] = JRequest::getString('name', '', 'post', 'name'); } $data['name'] = str_replace(array('\'','"',',','%','*','/','\\','?','^','`','{','}','|','~'),array(''),$data['name']); if(empty ($data['username'])){ $username = $user->get('username'); if(!empty($username)){ $data['username'] = $username; } else { $data['username'] = JRequest::getVar('username', '', 'post', 'username'); } } if(empty ($data['password'])){ $data['password'] = JRequest::getVar('password', '', 'post', 'string' ,JREQUEST_ALLOWRAW); } if(empty ($data['password2'])){ $data['password2'] = JRequest::getVar('password2', '', 'post', 'string' ,JREQUEST_ALLOWRAW); } if(!$new && !empty($data['password']) && empty($data['password2'])){ unset($data['password']); unset($data['password2']); } // Bind Joomla userdata if (!$user->bind($data)) { foreach($user->getErrors() as $error) { // vmError('user bind '.$error); vmError('user bind '.$error,JText::sprintf('COM_VIRTUEMART_USER_STORE_ERROR',$error)); } $message = 'Couldnt bind data to joomla user'; array('user'=>$user,'password'=>$data['password'],'message'=>$message,'newId'=>$newId,'success'=>false); } if($new){ // If user registration is not allowed, show 403 not authorized. // But it is possible for admins and storeadmins to save $usersConfig = JComponentHelper::getParams( 'com_users' ); if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR.DS.'helpers'.DS.'permissions.php'); if (!Permissions::getInstance()->check("admin,storeadmin") && $usersConfig->get('allowUserRegistration') == '0') { VmConfig::loadJLang('com_virtuemart'); JError::raiseError( 403, JText::_('COM_VIRTUEMART_ACCESS_FORBIDDEN')); return; } $authorize = JFactory::getACL(); // Initialize new usertype setting $newUsertype = $usersConfig->get( 'new_usertype' ); if (!$newUsertype) { if ( JVM_VERSION===1){ $newUsertype = 'Registered'; } else { $newUsertype = 2; } } // Set some initial user values $user->set('usertype', $newUsertype); if ( JVM_VERSION===1){ $user->set('gid', $authorize->get_group_id( '', $newUsertype, 'ARO' )); } else { $user->groups[] = $newUsertype; } $date = JFactory::getDate(); $user->set('registerDate', $date->toMySQL()); // If user activation is turned on, we need to set the activation information $useractivation = $usersConfig->get( 'useractivation' ); $doUserActivation=false; if ( JVM_VERSION===1){ if ($useractivation == '1' ) { $doUserActivation=true; } } else { if ($useractivation == '1' or $useractivation == '2') { $doUserActivation=true; } } vmdebug('user',$useractivation , $doUserActivation); if ($doUserActivation ) { jimport('joomla.user.helper'); $user->set('activation', JUtility::getHash( JUserHelper::genRandomPassword()) ); $user->set('block', '1'); //$user->set('lastvisitDate', '0000-00-00 00:00:00'); } } $option = JRequest::getCmd( 'option'); // If an exising superadmin gets a new group, make sure enough admins are left... if (!$new && $user->get('gid') != $gid && $gid == __SUPER_ADMIN_GID) { if ($this->getSuperAdminCount() <= 1) { vmError(JText::_('COM_VIRTUEMART_USER_ERR_ONLYSUPERADMIN')); return false; } } if(isset($data['language'])){ $user->setParam('language',$data['language']); } // Save the JUser object if (!$user->save()) { vmError(JText::_( $user->getError()) , JText::_( $user->getError())); return false; } //vmdebug('my user, why logged in? ',$user); $newId = $user->get('id'); $data['virtuemart_user_id'] = $newId; //We need this in that case, because data is bound to table later $this->setUserId($newId); //Save the VM user stuff if(!$this->saveUserData($data) || !self::storeAddress($data)){ vmError('COM_VIRTUEMART_NOT_ABLE_TO_SAVE_USER_DATA'); // vmError(Jtext::_('COM_VIRTUEMART_NOT_ABLE_TO_SAVE_USERINFO_DATA')); } else { if ($new) { $this->sendRegistrationEmail($user,$user->password_clear, $doUserActivation); if ($doUserActivation ) { vmInfo('COM_VIRTUEMART_REG_COMPLETE_ACTIVATE'); } else { vmInfo('COM_VIRTUEMART_REG_COMPLETE'); $user->set('activation', '' ); $user->set('block', '0'); $user->set('guest', '0'); } } else { vmInfo('COM_VIRTUEMART_USER_DATA_STORED'); } } //The extra check for isset vendor_name prevents storing of the vendor if there is no form (edit address cart) if((int)$data['user_is_vendor']==1 and isset($data['vendor_name'])){ vmdebug('vendor recognised '.$data['virtuemart_vendor_id']); if($this ->storeVendorData($data)){ if ($new) { if ($doUserActivation ) { vmInfo('COM_VIRTUEMART_REG_VENDOR_COMPLETE_ACTIVATE'); } else { vmInfo('COM_VIRTUEMART_REG_VENDOR_COMPLETE'); } } else { vmInfo('COM_VIRTUEMART_VENDOR_DATA_STORED'); } } } return array('user'=>$user,'password'=>$data['password'],'message'=>$message,'newId'=>$newId,'success'=>true); } /** * This function is NOT for anonymous. Anonymous just get the information directly sent by email. * This function saves the vm Userdata for registered JUsers. * TODO, setting of shoppergroup isnt done * * TODO No reason not to use this function for new users, but it requires a Joomla plugin * that gets fired by the onAfterStoreUser. I'll built that (OvE) * * Notice: * As long we do not have the silent registration, an anonymous does not get registered. It is enough to send the virtuemart_order_id * with the email. The order is saved with all information in an extra table, so there is * no need for a silent registration. We may think about if we actually need/want the feature silent registration * The information of anonymous is stored in the order table and has nothing todo with the usermodel! * * @author Max Milbers * @author Oscar van Eijk * return boolean */ public function saveUserData(&$data,$trigger=true){ if(empty($this->_id)){ echo 'This is a notice for developers, you used this function for an anonymous user, but it is only designed for already registered ones'; vmError( 'This is a notice for developers, you used this function for an anonymous user, but it is only designed for already registered ones'); return false; } $noError = true; $usertable = $this->getTable('vmusers'); $alreadyStoredUserData = $usertable->load($this->_id); $app = JFactory::getApplication(); if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR.DS.'helpers'.DS.'permissions.php'); if(!Permissions::getInstance()->check("admin")){ unset($data['virtuemart_vendor_id']); unset($data['user_is_vendor']); $data['user_is_vendor'] = $alreadyStoredUserData->user_is_vendor; $data['virtuemart_vendor_id'] = $alreadyStoredUserData->virtuemart_vendor_id; } else { if(!isset($data['user_is_vendor']) and !empty($alreadyStoredUserData->user_is_vendor)){ $data['user_is_vendor'] = $alreadyStoredUserData->user_is_vendor; } if(!isset($data['virtuemart_vendor_id']) and !empty($alreadyStoredUserData->virtuemart_vendor_id)){ $data['virtuemart_vendor_id'] = $alreadyStoredUserData->virtuemart_vendor_id; } } unset($data['customer_number']); if(empty($alreadyStoredUserData->customer_number)){ //if(!class_exists('vmUserPlugin')) require(JPATH_VM_SITE.DS.'helpers'.DS.'vmuserplugin.php'); ///if(!$returnValues){ $data['customer_number'] = strtoupper(substr($data['username'],0,2)).substr(md5($data['username']),0,9); //We set this data so that vmshopper plugin know if they should set the customer nummer $data['customer_number_bycore'] = 1; //} } else { if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR.DS.'helpers'.DS.'permissions.php'); if(!Permissions::getInstance()->check("admin,storeadmin")) { $data['customer_number'] = $alreadyStoredUserData->customer_number; } } if($app->isSite()){ unset($data['perms']); if(!empty($alreadyStoredUserData->perms)){ $data['perms'] = $alreadyStoredUserData->perms; } else { $data['perms'] = 'shopper'; } } else { } if($trigger){ JPluginHelper::importPlugin('vmshopper'); $dispatcher = JDispatcher::getInstance(); $plg_datas = $dispatcher->trigger('plgVmOnUserStore',array(&$data)); foreach($plg_datas as $plg_data){ // $data = array_merge($plg_data,$data); } } $usertable -> bindChecknStore($data); $errors = $usertable->getErrors(); foreach($errors as $error){ $this->setError($error); vmError('storing user adress data'.$error); $noError = false; } if(Permissions::getInstance()->check("admin,storeadmin")) { $shoppergroupmodel = VmModel::getModel('ShopperGroup'); if(empty($this->_defaultShopperGroup)){ $this->_defaultShopperGroup = $shoppergroupmodel->getDefault(0); } if(empty($data['virtuemart_shoppergroup_id']) or $data['virtuemart_shoppergroup_id']==$this->_defaultShopperGroup->virtuemart_shoppergroup_id){ $data['virtuemart_shoppergroup_id'] = array(); } // Bind the form fields to the table if(!empty($data['virtuemart_shoppergroup_id'])){ $shoppergroupData = array('virtuemart_user_id'=>$this->_id,'virtuemart_shoppergroup_id'=>$data['virtuemart_shoppergroup_id']); $user_shoppergroups_table = $this->getTable('vmuser_shoppergroups'); $shoppergroupData = $user_shoppergroups_table -> bindChecknStore($shoppergroupData); $errors = $user_shoppergroups_table->getErrors(); foreach($errors as $error){ $this->setError($error); vmError('Set shoppergroup '.$error); $noError = false; } } } if($trigger){ $plg_datas = $dispatcher->trigger('plgVmAfterUserStore',array($data)); foreach($plg_datas as $plg_data){ $data = array_merge($plg_data); } } return $noError; } public function storeVendorData($data){ if($data['user_is_vendor']){ $vendorModel = VmModel::getModel('vendor'); //TODO Attention this is set now to virtuemart_vendor_id=1, because using a vendor with different id then 1 is not completly supported and can lead to bugs //So we disable the possibility to store vendors not with virtuemart_vendor_id = 1 if(Vmconfig::get('multix','none')=='none' ){ $data['virtuemart_vendor_id'] = 1; vmdebug('no multivendor, set virtuemart_vendor_id = 1'); } $vendorModel->setId($data['virtuemart_vendor_id']); if(empty($data['vendor_store_name']) and !empty($data['company'])) $data['vendor_store_name'] = $data['company']; if (!$vendorModel->store($data)) { vmError('storeVendorData '.$vendorModel->getError()); vmdebug('Error storing vendor',$vendorModel); return false; } } return true; } /** * Take a data array and save any address info found in the array. * * @author unknown, oscar, max milbers * @param array $data (Posted) user data * @param sting $_table Table name to write to, null (default) not to write to the database * @param boolean $_cart Attention, this was deleted, the address to cart is now done in the controller (True to write to the session (cart)) * @return boolean True if the save was successful, false otherwise. */ function storeAddress(&$data){ // if(empty($data['address_type'])){ // vmError('storeAddress no address_type given'); // return false; // } $user =JFactory::getUser(); $userinfo = $this->getTable('userinfos'); if($data['address_type'] == 'BT'){ if(isset($data['virtuemart_userinfo_id']) and $data['virtuemart_userinfo_id']!=0){ $data['virtuemart_userinfo_id'] = (int)$data['virtuemart_userinfo_id']; if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'); if(!Permissions::getInstance()->check('admin')){ $userinfo->load($data['virtuemart_userinfo_id']); if($userinfo->virtuemart_user_id!=$user->id){ vmError('Hacking attempt as admin?','Hacking attempt storeAddress'); return false; } } } else { if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'); //Todo multi-x, also vendors should be allowed to change the user address. if(!Permissions::getInstance()->check('admin')){ $userId = $user->id; } else { $userId = (int)$data['virtuemart_user_id']; } $q = 'SELECT `virtuemart_userinfo_id` FROM #__virtuemart_userinfos WHERE `virtuemart_user_id` = '.$userId.' AND `address_type` = "BT"'; $this->_db->setQuery($q); $total = $this->_db->loadResultArray(); if (count($total) > 0) { $data['virtuemart_userinfo_id'] = (int)$total[0]; } else { $data['virtuemart_userinfo_id'] = 0;//md5(uniqid($this->virtuemart_user_id)); } $userinfo->load($data['virtuemart_userinfo_id']); //unset($data['virtuemart_userinfo_id']); } if(!$this->validateUserData((array)$data,'BT')){ return false; } $userInfoData = self::_prepareUserFields($data, 'BT',$userinfo); //vmdebug('model user storeAddress',$data); if (!$userinfo->bindChecknStore($userInfoData)) { vmError('storeAddress '.$userinfo->getError()); } } // Check for fields with the the 'shipto_' prefix; that means a (new) shipto address. if($data['address_type'] == 'ST' or isset($data['shipto_address_type_name'])){ $dataST = array(); $_pattern = '/^shipto_/'; foreach ($data as $_k => $_v) { if (preg_match($_pattern, $_k)) { $_new = preg_replace($_pattern, '', $_k); $dataST[$_new] = $_v; } } $userinfo = $this->getTable('userinfos'); if(isset($dataST['virtuemart_userinfo_id']) and $dataST['virtuemart_userinfo_id']!=0){ $dataST['virtuemart_userinfo_id'] = (int)$dataST['virtuemart_userinfo_id']; if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'); if(!Permissions::getInstance()->check('admin')){ $userinfo->load($dataST['virtuemart_userinfo_id']); $user = JFactory::getUser(); if($userinfo->virtuemart_user_id!=$user->id){ vmError('Hacking attempt as admin?','Hacking attempt store address'); return false; } } } if(empty($userinfo->virtuemart_user_id)){ if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR . DS . 'helpers' . DS . 'permissions.php'); if(!Permissions::getInstance()->check('admin')){ $dataST['virtuemart_user_id'] = $user->id; } else { if(isset($data['virtuemart_user_id'])){ $dataST['virtuemart_user_id'] = (int)$data['virtuemart_user_id']; } else { //Disadvantage is that admins should not change the ST address in the FE (what should never happen anyway.) $dataST['virtuemart_user_id'] = $user->id; } } } if(!$this->validateUserData((array)$dataST,'ST')){ return false; } $dataST['address_type'] = 'ST'; $userfielddata = self::_prepareUserFields($dataST, 'ST',$userinfo); if (!$userinfo->bindChecknStore($userfielddata)) { vmError($userinfo->getError()); } } return $userinfo->virtuemart_userinfo_id; } /** * Test userdata if valid * * @author Max Milbers * @param String if BT or ST * @param Object If given, an object with data address data that must be formatted to an array * @return redirectMsg, if there is a redirectMsg, the redirect should be executed after */ public function validateUserData($data,$type='BT') { if (!class_exists('VirtueMartModelUserfields')) require(JPATH_VM_ADMINISTRATOR . DS . 'models' . DS . 'userfields.php'); $userFieldsModel = VmModel::getModel('userfields'); if ($type == 'BT') { $fieldtype = 'account'; }else { $fieldtype = 'shipment'; } $neededFields = $userFieldsModel->getUserFields( $fieldtype , array('required' => true, 'delimiters' => true, 'captcha' => true, 'system' => false) , array('delimiter_userinfo', 'name','username', 'password', 'password2', 'address_type_name', 'address_type', 'user_is_vendor', 'agreed')); $i = 0; $j = 0; $return = true; $required = 0; //$objSize = count($data); $missingFields = array(); foreach ($neededFields as $field) { //This is a special test for the virtuemart_state_id. There is the speciality that the virtuemart_state_id could be 0 but is valid. if ($field->name == 'virtuemart_state_id') { if (!class_exists('VirtueMartModelState')) require(JPATH_VM_ADMINISTRATOR . DS . 'models' . DS . 'state.php'); if(!empty($data['virtuemart_country_id'])){ if(!isset($data['virtuemart_state_id'])) $data['virtuemart_state_id'] = 0; if (!$msg = VirtueMartModelState::testStateCountry($data['virtuemart_country_id'], $data['virtuemart_state_id'])) { //The state is invalid, so we set the state 0 here. $data['virtuemart_state_id'] = 0; vmdebug('State was not fitting to country, set to 0'); } else if(empty($data['virtuemart_state_id'])){ vmdebug('virtuemart_state_id is empty, but valid (country has not states, set to unrequired'); $field->required = false; } else { vmdebug('validateUserData my country '.$data['virtuemart_country_id'].' my state '.$data['virtuemart_state_id']); } } } if($field->required ){ $required++; if(empty($data[$field->name])){ $missingFields[] = JText::_($field->title); $i++; $return = false; } else if($data[$field->name] == $field->default){ $i++; } else { } } } if($i==$required) $return = -1; //vmdebug('my i '.$i.' my data size '.$required,$return,$data); if(!$return){ VmConfig::loadJLang('com_virtuemart_shoppers', true); foreach($missingFields as $fieldname){ vmInfo(JText::sprintf('COM_VIRTUEMART_MISSING_VALUE_FOR_FIELD',$fieldname) ); vmdebug(''); } } return $return; } function _prepareUserFields(&$data, $type,$userinfo = 0) { if(!class_exists('VirtueMartModelUserfields')) require(JPATH_VM_ADMINISTRATOR.DS.'models'.DS.'userfields.php' ); $userFieldsModel = VmModel::getModel('userfields'); if ($type == 'ST') { $prepareUserFields = $userFieldsModel->getUserFields( 'shipment' , array() // Default toggles ); } else { // BT // The user is not logged in (anonymous), so we need tome extra fields $prepareUserFields = $userFieldsModel->getUserFields( 'account' , array() // Default toggles , array('delimiter_userinfo', 'name', 'username', 'password', 'password2', 'user_is_vendor') // Skips ); } $admin = false; if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR.DS.'helpers'.DS.'permissions.php'); if(Permissions::getInstance()->check('admin','storeadmin')){ $admin = true; } // Format the data foreach ($prepareUserFields as $fld) { if(empty($data[$fld->name])) $data[$fld->name] = ''; if(!$admin and $fld->readonly){ $fldName = $fld->name; unset($data[$fldName]); if($userinfo!==0){ if(property_exists($userinfo,$fldName)){ //vmdebug('property_exists userinfo->$fldName '.$fldName,$userinfo); $data[$fldName] = $userinfo->$fldName; } else { vmError('Your tables seem to be broken, you have fields in your form which have no corresponding field in the db'); } } } else { $data[$fld->name] = $userFieldsModel->prepareFieldDataSave($fld, $data); } } return $data; } function getBTuserinfo_id($id = 0){ if(empty($this->_db)) $this->_db = JFactory::getDBO(); if($id == 0){ $id = $this->_id; //vmdebug('getBTuserinfo_id is '.$this->_id); } $q = 'SELECT `virtuemart_userinfo_id` FROM `#__virtuemart_userinfos` WHERE `virtuemart_user_id` = "' .(int)$id .'" AND `address_type`="BT" '; $this->_db->setQuery($q); return $this->_db->loadResult(); } /** * * @author Max Milbers */ function getUserInfoInUserFields($layoutName, $type,$uid,$cart=true,$isVendor=false ){ // if(!class_exists('VirtueMartModelUserfields')) require(JPATH_VM_ADMINISTRATOR.DS.'models'.DS.'userfields.php' ); // $userFieldsModel = new VirtuemartModelUserfields(); $userFieldsModel = VmModel::getModel('userfields'); $prepareUserFields = $userFieldsModel->getUserFieldsFor( $layoutName, $type, $uid ); if($type=='ST'){ $preFix = 'shipto_'; } else { $preFix = ''; } /* * JUser or $this->_id is the logged user */ if(!empty($this->_data->JUser)){ $JUser = $this->_data->JUser; } else { $JUser = JUser::getInstance($this->_id); } $userFields = array(); if(!empty($uid)){ $data = $this->getTable('userinfos'); $data->load($uid); //vmdebug('$data',$data); if($data->virtuemart_user_id!==0 and !$isVendor){ if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR.DS.'helpers'.DS.'permissions.php'); if(!Permissions::getInstance()->check("admin")) { if($data->virtuemart_user_id!=$this->_id){ vmError('Hacking attempt loading userinfo, you got logged'); echo 'Hacking attempt loading userinfo, you got logged'; return false; } } } if ($data->address_type != 'ST' ) { $BTuid = $uid; $data->name = $JUser->name; $data->email = $JUser->email; $data->username = $JUser->username; $data->address_type = 'BT'; } // vmdebug('getUserInfoInUserFields ',$data); } else { //New Address is filled here with the data of the cart (we are in the userview) if($cart){ if (!class_exists('VirtueMartCart')) require(JPATH_VM_SITE . DS . 'helpers' . DS . 'cart.php'); $cart = VirtueMartCart::getCart(); $adType = $type.'address'; if(empty($cart->$adType)){ $data = $cart->$type; if(empty($data)) $data = array(); if($JUser){ if(empty($data['name'])){ $data['name'] = $JUser->name; } if(empty($data['email'])){ $data['email'] = $JUser->email; } if(empty($data['username'])){ $data['username'] = $JUser->username; } if(empty($data['virtuemart_user_id'])){ $data['virtuemart_user_id'] = $JUser->id; } } } $data = (object)$data; } else { if($JUser){ if(empty($data['name'])){ $data['name'] = $JUser->name; } if(empty($data['email'])){ $data['email'] = $JUser->email; } if(empty($data['username'])){ $data['username'] = $JUser->username; } if(empty($data['virtuemart_user_id'])){ $data['virtuemart_user_id'] = $JUser->id; } $data = (object)$data; } else { $data = null; } } } $userFields[$uid] = $userFieldsModel->getUserFieldsFilled( $prepareUserFields ,$data ,$preFix ); return $userFields; } /** * This should store the userdata given in userfields * * @author Max Milbers */ function storeUserDataByFields($data,$type, $toggles, $skips){ if(!class_exists('VirtueMartModelUserfields')) require(JPATH_VM_ADMINISTRATOR.DS.'models'.DS.'userfields.php' ); $userFieldsModel = VmModel::getModel('userfields'); $prepareUserFields = $userFieldsModel->getUserFields( $type, $toggles, $skips ); // Format the data foreach ($prepareUserFields as $_fld) { if(empty($data[$_fld->name])) $data[$_fld->name] = ''; $data[$_fld->name] = $userFieldsModel->prepareFieldDataSave($_fld,$data); } $this->store($data); return true; } /** * This uses the shopFunctionsF::renderAndSendVmMail function, which uses a controller and task to render the content * and sents it then. * * * @author Oscar van Eijk * @author Max Milbers * @author Christopher Roussel * @author Valérie Isaksen */ private function sendRegistrationEmail($user, $password, $doUserActivation){ if(!class_exists('shopFunctionsF')) require(JPATH_VM_SITE.DS.'helpers'.DS.'shopfunctionsf.php'); $vars = array('user' => $user); // Send registration confirmation mail $password = preg_replace('/[\x00-\x1F\x7F]/', '', $password); //Disallow control chars in the email $vars['password'] = $password; if ($doUserActivation) { jimport('joomla.user.helper'); if(JVM_VERSION === 2) { $com_users = 'com_users'; $activationLink = 'index.php?option='.$com_users.'&task=registration.activate&token='.$user->get('activation'); } else { $com_users = 'com_user'; $activationLink = 'index.php?option='.$com_users.'&task=activate&activation='.$user->get('activation'); } $vars['activationLink'] = $activationLink; } $vars['doVendor']=true; // public function renderMail ($viewName, $recipient, $vars=array(),$controllerName = null) shopFunctionsF::renderMail('user', $user->get('email'), $vars); } /** * Delete all record ids selected * * @return boolean True is the remove was successful, false otherwise. */ function remove($userIds) { if(!class_exists('Permissions')) require(JPATH_VM_ADMINISTRATOR.DS.'helpers'.DS.'permissions.php'); if(Permissions::getInstance()->check('admin','storeadmin')) { $userInfo = $this->getTable('userinfos'); $vm_shoppergroup_xref = $this->getTable('vmuser_shoppergroups'); $vmusers = $this->getTable('vmusers'); $_status = true; foreach($userIds as $userId) { $_JUser = JUser::getInstance($userId); if ($this->getSuperAdminCount() <= 1) { // Prevent deletion of the only Super Admin //$_u = JUser::getInstance($userId); if ($_JUser->get('gid') == __SUPER_ADMIN_GID) { vmError(JText::_('COM_VIRTUEMART_USER_ERR_LASTSUPERADMIN')); $_status = false; continue; } } if(Permissions::getInstance()->check('storeadmin')) { if ($_JUser->get('gid') == __SUPER_ADMIN_GID) { vmError(JText::_('COM_VIRTUEMART_USER_ERR_LASTSUPERADMIN')); $_status = false; continue; } } if (!$userInfo->delete($userId)) { vmError($userInfo->getError()); return false; } if (!$vm_shoppergroup_xref->delete($userId)) { vmError($vm_shoppergroup_xref->getError()); // Signal but continue $_status = false; continue; } if (!$vmusers->delete($userId)) { vmError($vmusers->getError()); // Signal but continue $_status = false; continue; } if (!$_JUser->delete()) { vmError($_JUser->getError()); $_status = false; continue; } } } return $_status; } function removeAddress($virtuemart_userinfo_id){ $db = JFactory::getDBO(); if ( isset($virtuemart_userinfo_id) and $this->_id != 0 ) { //$userModel -> deleteAddressST(); $q = 'DELETE FROM #__virtuemart_userinfos WHERE virtuemart_user_id="'. $this->_id .'" AND virtuemart_userinfo_id="'. (int)$virtuemart_userinfo_id .'"'; $db->setQuery($q); if($db->query()){ vmInfo('Address has been successfully deleted.'); return true; } } return false; } /** * Retrieve a list of users from the database. * * @author Max Milbers * @return object List of user objects */ function getUserList() { //$select = ' * '; //$joinedTables = ' FROM #__users AS ju LEFT JOIN #__virtuemart_vmusers AS vmu ON ju.id = vmu.virtuemart_user_id'; $search = JRequest::getString('search', false); $tableToUse = JRequest::getString('searchTable','juser'); $where = ''; if ($search) { $where = ' WHERE '; $searchArray = array('ju.name','username','email','perms','usertype','shopper_group_name'); if($tableToUse!='juser'){ if(!class_exists('TableUserinfos'))require(JPATH_VM_ADMINISTRATOR.DS.'tables'.DS.'userinfos.php'); $db = JFactory::getDbo(); $userfieldTable = new TableUserinfos($db); $userfieldFields = get_object_vars($userfieldTable); $userFieldSearchArray = array('company','first_name','last_name'); //We must validate if the userfields actually exists, they could be removed $userFieldsValid = array(); foreach($userFieldSearchArray as $ufield){ if(array_key_exists($ufield,$userfieldFields)){ $userFieldsValid[] = $ufield; } } $searchArray = array_merge($userFieldsValid,$searchArray); } $search = str_replace(' ','%',$this->_db->getEscaped( $search, true )); foreach($searchArray as $field){ $where.= ' '.$field.' LIKE "%'.$search.'%" OR '; } $where = substr($where,0,-3); } $select = ' ju.id AS id , ju.name AS name , ju.username AS username , ju.email AS email , IFNULL(vmu.user_is_vendor,"0") AS is_vendor , IFNULL(sg.shopper_group_name, "") AS shopper_group_name '; if ($search) { if($tableToUse!='juser'){ $select .= ' , ui.name as uiname '; } foreach($searchArray as $ufield){ $select .= ' , '.$ufield; } } $joinedTables = ' FROM #__users AS ju LEFT JOIN #__virtuemart_vmusers AS vmu ON ju.id = vmu.virtuemart_user_id LEFT JOIN #__virtuemart_vmuser_shoppergroups AS vx ON ju.id = vx.virtuemart_user_id LEFT JOIN #__virtuemart_shoppergroups AS sg ON vx.virtuemart_shoppergroup_id = sg.virtuemart_shoppergroup_id '; if ($search and $tableToUse!='juser') { $joinedTables .= ' LEFT JOIN #__virtuemart_userinfos AS ui ON ui.virtuemart_user_id = vmu.virtuemart_user_id'; } return $this->_data = $this->exeSortSearchListQuery(0,$select,$joinedTables,$where,' GROUP BY ju.id',$this->_getOrdering()); } /** * If a filter was set, get the SQL WHERE clase * * @return string text to add to the SQL statement */ function _getFilter() { if ($search = JRequest::getString('search', false)) { $search = '"%' . $this->_db->getEscaped( $search, true ) . '%"' ; //$search = $this->_db->Quote($search, false); $searchArray = array('name','username','email','perms','usertype','shopper_group_name'); $where = ' WHERE '; foreach($searchArray as $field){ $where.= ' `'.$field.'` LIKE '.$search.' OR '; } $where = substr($where,0,-3); //$where = ' WHERE `name` LIKE '.$search.' OR `username` LIKE ' .$search.' OR `email` LIKE ' .$search.' OR `perms` LIKE ' .$search.' OR `usertype` LIKE ' .$search.' OR `shopper_group_name` LIKE ' .$search; return ($where); } return (''); } /** * Retrieve a single address for a user * * @param $_uid int User ID * @param $_virtuemart_userinfo_id string Optional User Info ID * @param $_type string, addess- type, ST (ShipTo, default) or BT (BillTo). Empty string to ignore */ function getUserAddressList($_uid = 0, $_type = 'ST',$_virtuemart_userinfo_id = -1){ //Todo, add perms, allow admin to see 0 entries. if($_uid==0 and $this->_id==0){ return array(); } $_q = 'SELECT * FROM #__virtuemart_userinfos WHERE virtuemart_user_id="' . (($_uid==0)?$this->_id:(int)$_uid) .'"'; if ($_virtuemart_userinfo_id !== -1) { $_q .= ' AND virtuemart_userinfo_id="'.(int)$_virtuemart_userinfo_id.'"'; } else { if ($_type !== '') { $_q .= ' AND address_type="'.$_type.'"'; } } // vmdebug('getUserAddressList query '.$_q); return ($this->_getList($_q)); } /** * Retrieves the Customer Number of the user specified by ID * * @param int $_id User ID * @return string Customer Number */ private $customer_number = 0; public function getCustomerNumberById() { if($this->customer_number===0){ $_q = "SELECT `customer_number` FROM `#__virtuemart_vmusers` " ."WHERE `virtuemart_user_id`='" . $this->_id . "' "; $_r = $this->_getList($_q); if(!empty($_r[0])){ $this->customer_number = $_r[0]->customer_number; }else { $this->customer_number = false; } } return $this->customer_number; } /** * Get the number of active Super Admins * * @return integer */ function getSuperAdminCount() { $this->_db->setQuery('SELECT COUNT(id) FROM #__users' . ' WHERE usertype = ' . __SUPER_ADMIN_GID . ' AND block = 0'); return ($this->_db->loadResult()); } /** * Return a list of Joomla ACL groups. * * The returned object list includes a group anme and a group name with spaces * prepended to the name for displaying an indented tree. * * @author RickG * @return ObjectList List of acl group objects. */ function getAclGroupIndentedTree() { //TODO check this out if (JVM_VERSION===1) { $name = 'name'; $as = '` AS `title`'; $table = '#__core_acl_aro_groups'; $and = 'AND `parent`.`lft` > 2 '; } else { $name = 'title'; $as = '`'; $table = '#__usergroups'; $and = ''; } //Ugly thing, produces Select_full_join $query = 'SELECT `node`.`' . $name . $as . ', CONCAT(REPEAT("   ", (COUNT(`parent`.`' . $name . '`) - 1)), `node`.`' . $name . '`) AS `text` '; $query .= 'FROM `' . $table . '` AS node, `' . $table . '` AS parent '; $query .= 'WHERE `node`.`lft` BETWEEN `parent`.`lft` AND `parent`.`rgt` '; $query .= $and; $query .= 'GROUP BY `node`.`' . $name . '` '; $query .= ' ORDER BY `node`.`lft`'; $this->_db->setQuery($query); //$app = JFactory::getApplication(); //$app -> enqueueMessage($this->_db->getQuery()); $objlist = $this->_db->loadObjectList(); // vmdebug('getAclGroupIndentedTree',$objlist); return $objlist; } } //No Closing tag home/academiac/www/administrator/components/com_virtuemart/controllers/user.php000060400000011126151372432670024360 0ustar00edit(); } function editshop(){ $user = JFactory::getUser(); //the virtuemart_user_id var gets overriden in the edit function, when not set. So we must set it here JRequest::setVar('virtuemart_user_id', (int)$user->id); $this->edit(); } function cancel(){ $lastTask = JRequest::getWord('last_task'); if ($lastTask == 'edit_shop') $this->setRedirect('index.php?option=com_virtuemart'); else $this->setRedirect('index.php?option=com_virtuemart&view=user'); } /** * Handle the save task * Checks already in the controller the rights todo so and sets the data by filtering the post * * @author Max Milbers */ function save($data = 0){ $document = JFactory::getDocument(); $viewType = $document->getType(); $view = $this->getView('user', $viewType); $_currentUser = JFactory::getUser(); // TODO sortout which check is correctt..... // if (!$_currentUser->authorize('administration', 'manage', 'components', 'com_users')) { if (!$_currentUser->authorize('core.edit', 'com_users')) { $msg = JText::_(_NOT_AUTH); } else { $model = VmModel::getModel('user'); $data = JRequest::get('post'); // Store multiple selectlist entries as a ; separated string if (array_key_exists('vendor_accepted_currencies', $data) && is_array($data['vendor_accepted_currencies'])) { $data['vendor_accepted_currencies'] = implode(',', $data['vendor_accepted_currencies']); } // TODO disallow vendor_store_name as HTML ? $data['vendor_store_name'] = JRequest::getVar('vendor_store_name','','post','STRING',JREQUEST_ALLOWHTML); $data['vendor_store_desc'] = JRequest::getVar('vendor_store_desc','','post','STRING',JREQUEST_ALLOWHTML); $data['vendor_terms_of_service'] = JRequest::getVar('vendor_terms_of_service','','post','STRING',JREQUEST_ALLOWHTML); $data['vendor_legal_info'] = JRequest::getVar('vendor_legal_info','','post','STRING',JREQUEST_ALLOWHTML); $data['vendor_letter_css'] = JRequest::getVar('vendor_letter_css','','post','STRING',JREQUEST_ALLOWHTML); $data['vendor_letter_header_html'] = JRequest::getVar('vendor_letter_header_html','','post','STRING',JREQUEST_ALLOWHTML); $data['vendor_letter_footer_html'] = JRequest::getVar('vendor_letter_footer_html','','post','STRING',JREQUEST_ALLOWHTML); $ret=$model->store($data); if(!$ret){ $msg = ''; } else { $msg = $ret['message']; } } $cmd = JRequest::getCmd('task'); $lastTask = JRequest::getWord('last_task'); if($cmd == 'apply'){ if ($lastTask == 'editshop') $redirection = 'index.php?option=com_virtuemart&view=user&task=editshop'; else $redirection = 'index.php?option=com_virtuemart&view=user&task=edit&virtuemart_user_id[]='.$ret['newId']; } else { if ($lastTask == 'editshop') $redirection = 'index.php?option=com_virtuemart'; else $redirection = 'index.php?option=com_virtuemart&view=user'; } // $this->setRedirect($redirection, $ret['message']); $this->setRedirect($redirection); } } //No Closing tag home/academiac/www/libraries/joomla/user/user.php000064400000050246151372571570016135 0ustar00_params = new JRegistry; // Load the user if it exists if (!empty($identifier)) { $this->load($identifier); } else { //initialise $this->id = 0; $this->sendEmail = 0; $this->aid = 0; $this->guest = 1; } } /** * Returns the global User object, only creating it if it * doesn't already exist. * * @param integer $identifier The user to load - Can be an integer or string - If string, it is converted to ID automatically. * * @return JUser The User object. * * @since 11.1 */ public static function getInstance($identifier = 0) { // Find the user id if (!is_numeric($identifier)) { if (!$id = JUserHelper::getUserId($identifier)) { JError::raiseWarning('SOME_ERROR_CODE', JText::sprintf('JLIB_USER_ERROR_ID_NOT_EXISTS', $identifier)); $retval = false; return $retval; } } else { $id = $identifier; } // If the $id is zero, just return an empty JUser. // Note: don't cache this user because it'll have a new ID on save! if ($id === 0) { return new JUser; } if (empty(self::$instances[$id])) { $user = new JUser($id); self::$instances[$id] = $user; } return self::$instances[$id]; } /** * Method to get a parameter value * * @param string $key Parameter key * @param mixed $default Parameter default value * * @return mixed The value or the default if it did not exist * * @since 11.1 */ public function getParam($key, $default = null) { return $this->_params->get($key, $default); } /** * Method to set a parameter * * @param string $key Parameter key * @param mixed $value Parameter value * * @return mixed Set parameter value * * @since 11.1 */ public function setParam($key, $value) { return $this->_params->set($key, $value); } /** * Method to set a default parameter if it does not exist * * @param string $key Parameter key * @param mixed $value Parameter value * * @return mixed Set parameter value * * @since 11.1 */ public function defParam($key, $value) { return $this->_params->def($key, $value); } /** * Proxy to authorise * * @param string $action The name of the action to check for permission. * @param string $assetname The name of the asset on which to perform the action. * * @return boolean True if authorised * * @deprecated 12.1 * @note Use the authorise method instead. * @since 11.1 */ public function authorize($action, $assetname = null) { // Deprecation warning. JLog::add('JUser::authorize() is deprecated.', JLog::WARNING, 'deprecated'); return $this->authorise($action, $assetname); } /** * Method to check JUser object authorisation against an access control * object and optionally an access extension object * * @param string $action The name of the action to check for permission. * @param string $assetname The name of the asset on which to perform the action. * * @return boolean True if authorised * * @since 11.1 */ public function authorise($action, $assetname = null) { // Make sure we only check for core.admin once during the run. if ($this->isRoot === null) { $this->isRoot = false; // Check for the configuration file failsafe. $config = JFactory::getConfig(); $rootUser = $config->get('root_user'); // The root_user variable can be a numeric user ID or a username. if (is_numeric($rootUser) && $this->id > 0 && $this->id == $rootUser) { $this->isRoot = true; } elseif ($this->username && $this->username == $rootUser) { $this->isRoot = true; } else { // Get all groups against which the user is mapped. $identities = $this->getAuthorisedGroups(); array_unshift($identities, $this->id * -1); if (JAccess::getAssetRules(1)->allow('core.admin', $identities)) { $this->isRoot = true; return true; } } } return $this->isRoot ? true : JAccess::check($this->id, $action, $assetname); } /** * Gets an array of the authorised access levels for the user * * @return array * * @deprecated 12.1 * @note Use the getAuthorisedViewLevels method instead. * @since 11.1 */ public function authorisedLevels() { // Deprecation warning. JLog::add('JUser::authorisedLevels() is deprecated.', JLog::WARNING, 'deprecated'); return $this->getAuthorisedViewLevels(); } /** * Method to return a list of all categories that a user has permission for a given action * * @param string $component The component from which to retrieve the categories * @param string $action The name of the section within the component from which to retrieve the actions. * * @return array List of categories that this group can do this action to (empty array if none). Categories must be published. * * @since 11.1 */ public function getAuthorisedCategories($component, $action) { // Brute force method: get all published category rows for the component and check each one // TODO: Modify the way permissions are stored in the db to allow for faster implementation and better scaling $db = JFactory::getDbo(); $query = $db->getQuery(true)->select('c.id AS id, a.name AS asset_name')->from('#__categories AS c') ->innerJoin('#__assets AS a ON c.asset_id = a.id')->where('c.extension = ' . $db->quote($component))->where('c.published = 1'); $db->setQuery($query); $allCategories = $db->loadObjectList('id'); $allowedCategories = array(); foreach ($allCategories as $category) { if ($this->authorise($action, $category->asset_name)) { $allowedCategories[] = (int) $category->id; } } return $allowedCategories; } /** * Gets an array of the authorised access levels for the user * * @return array * * @since 11.1 */ public function getAuthorisedViewLevels() { if ($this->_authLevels === null) { $this->_authLevels = array(); } if (empty($this->_authLevels)) { $this->_authLevels = JAccess::getAuthorisedViewLevels($this->id); } return $this->_authLevels; } /** * Gets an array of the authorised user groups * * @return array * * @since 11.1 */ public function getAuthorisedGroups() { if ($this->_authGroups === null) { $this->_authGroups = array(); } if (empty($this->_authGroups)) { $this->_authGroups = JAccess::getGroupsByUser($this->id); } return $this->_authGroups; } /** * Pass through method to the table for setting the last visit date * * @param integer $timestamp The timestamp, defaults to 'now'. * * @return boolean True on success. * * @since 11.1 */ public function setLastVisit($timestamp = null) { // Create the user table object $table = $this->getTable(); $table->load($this->id); return $table->setLastVisit($timestamp); } /** * Method to get the user parameters * * This function tries to load an XML file based on the user's usertype. The filename of the xml * file is the same as the usertype. The functionals has a static variable to store the parameters * setup file base path. You can call this function statically to set the base path if needed. * * @param boolean $loadsetupfile If true, loads the parameters setup file. Default is false. * @param path $path Set the parameters setup file base path to be used to load the user parameters. * * @return object The user parameters object. * * @since 11.1 */ public function getParameters($loadsetupfile = false, $path = null) { static $parampath; // Set a custom parampath if defined if (isset($path)) { $parampath = $path; } // Set the default parampath if not set already if (!isset($parampath)) { $parampath = JPATH_ADMINISTRATOR . 'components/com_users/models'; } if ($loadsetupfile) { $type = str_replace(' ', '_', strtolower($this->usertype)); $file = $parampath . '/' . $type . '.xml'; if (!file_exists($file)) { $file = $parampath . '/' . 'user.xml'; } $this->_params->loadSetupFile($file); } return $this->_params; } /** * Method to get the user parameters * * @param object $params The user parameters object * * @return void * * @since 11.1 */ public function setParameters($params) { $this->_params = $params; } /** * Method to get the user table object * * This function uses a static variable to store the table name of the user table to * instantiate. You can call this function statically to set the table name if * needed. * * @param string $type The user table name to be used * @param string $prefix The user table prefix to be used * * @return object The user table object * * @since 11.1 */ public static function getTable($type = null, $prefix = 'JTable') { static $tabletype; // Set the default tabletype; if (!isset($tabletype)) { $tabletype['name'] = 'user'; $tabletype['prefix'] = 'JTable'; } // Set a custom table type is defined if (isset($type)) { $tabletype['name'] = $type; $tabletype['prefix'] = $prefix; } // Create the user table object return JTable::getInstance($tabletype['name'], $tabletype['prefix']); } /** * Method to bind an associative array of data to a user object * * @param array &$array The associative array to bind to the object * * @return boolean True on success * * @since 11.1 */ public function bind(&$array) { // Let's check to see if the user is new or not if (empty($this->id)) { // Check the password and create the crypted password if (empty($array['password'])) { $array['password'] = JUserHelper::genRandomPassword(); $array['password2'] = $array['password']; } // TODO: Backend controller checks the password, frontend doesn't but should. // Hence this code is required: if (isset($array['password2']) && $array['password'] != $array['password2']) { $this->setError(JText::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH')); return false; } $this->password_clear = JArrayHelper::getValue($array, 'password', '', 'string'); $array['password'] = JUserHelper::hashPassword($array['password']); // Set the registration timestamp $this->set('registerDate', JFactory::getDate()->toSql()); // Check that username is not greater than 150 characters $username = $this->get('username'); if (strlen($username) > 150) { $username = substr($username, 0, 150); $this->set('username', $username); } // Check that password is not greater than 100 characters $password = $this->get('password'); if (strlen($password) > 100) { $password = substr($password, 0, 100); $this->set('password', $password); } } else { // Updating an existing user if (!empty($array['password'])) { if ($array['password'] != $array['password2']) { $this->setError(JText::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH')); return false; } $this->password_clear = JArrayHelper::getValue($array, 'password', '', 'string'); $array['password'] = JUserHelper::hashPassword($array['password']); } else { $array['password'] = $this->password; } } // TODO: this will be deprecated as of the ACL implementation // $db = JFactory::getDbo(); if (array_key_exists('params', $array)) { $params = ''; $this->_params->loadArray($array['params']); if (is_array($array['params'])) { $params = (string) $this->_params; } else { $params = $array['params']; } $this->params = $params; } // Bind the array if (!$this->setProperties($array)) { $this->setError(JText::_('JLIB_USER_ERROR_BIND_ARRAY')); return false; } // Make sure its an integer $this->id = (int) $this->id; return true; } /** * Method to save the JUser object to the database * * @param boolean $updateOnly Save the object only if not a new user * Currently only used in the user reset password method. * * @return boolean True on success * * @since 11.1 * @throws exception */ public function save($updateOnly = false) { // Create the user table object $table = $this->getTable(); $this->params = (string) $this->_params; $table->bind($this->getProperties()); // Allow an exception to be thrown. try { // Check and store the object. if (!$table->check()) { $this->setError($table->getError()); return false; } // If user is made a Super Admin group and user is NOT a Super Admin // // @todo ACL - this needs to be acl checked // $my = JFactory::getUser(); //are we creating a new user $isNew = empty($this->id); // If we aren't allowed to create new users return if ($isNew && $updateOnly) { return true; } // Get the old user $oldUser = new JUser($this->id); // // Access Checks // // The only mandatory check is that only Super Admins can operate on other Super Admin accounts. // To add additional business rules, use a user plugin and throw an Exception with onUserBeforeSave. // Check if I am a Super Admin $iAmSuperAdmin = $my->authorise('core.admin'); $iAmRehashingSuperadmin = false; if (($my->id == 0 && !$isNew) && $this->id == $oldUser->id && $oldUser->authorise('core.admin') && $oldUser->password != $this->password) { $iAmRehashingSuperadmin = true; } // We are only worried about edits to this account if I am not a Super Admin. if ($iAmSuperAdmin != true && $iAmRehashingSuperadmin != true) { if ($isNew) { // Check if the new user is being put into a Super Admin group. foreach ($this->groups as $groupId) { if (JAccess::checkGroup($groupId, 'core.admin')) { throw new Exception(JText::_('JLIB_USER_ERROR_NOT_SUPERADMIN')); } } } else { // I am not a Super Admin, and this one is, so fail. if (JAccess::check($this->id, 'core.admin')) { throw new Exception(JText::_('JLIB_USER_ERROR_NOT_SUPERADMIN')); } if ($this->groups != null) { // I am not a Super Admin and I'm trying to make one. foreach ($this->groups as $groupId) { if (JAccess::checkGroup($groupId, 'core.admin')) { throw new Exception(JText::_('JLIB_USER_ERROR_NOT_SUPERADMIN')); } } } } } // Fire the onUserBeforeSave event. JPluginHelper::importPlugin('user'); $dispatcher = JDispatcher::getInstance(); $result = $dispatcher->trigger('onUserBeforeSave', array($oldUser->getProperties(), $isNew, $this->getProperties())); if (in_array(false, $result, true)) { // Plugin will have to raise its own error or throw an exception. return false; } // Store the user data in the database if (!($result = $table->store())) { throw new Exception($table->getError()); } // Set the id for the JUser object in case we created a new user. if (empty($this->id)) { $this->id = $table->get('id'); } if ($my->id == $table->id) { $registry = new JRegistry; $registry->loadString($table->params); $my->setParameters($registry); } // Fire the onUserAfterSave event $dispatcher->trigger('onUserAfterSave', array($this->getProperties(), $isNew, $result, $this->getError())); } catch (Exception $e) { $this->setError($e->getMessage()); return false; } return $result; } /** * Method to delete the JUser object from the database * * @return boolean True on success * * @since 11.1 */ public function delete() { JPluginHelper::importPlugin('user'); // Trigger the onUserBeforeDelete event $dispatcher = JDispatcher::getInstance(); $dispatcher->trigger('onUserBeforeDelete', array($this->getProperties())); // Create the user table object $table = $this->getTable(); $result = false; if (!$result = $table->delete($this->id)) { $this->setError($table->getError()); } // Trigger the onUserAfterDelete event $dispatcher->trigger('onUserAfterDelete', array($this->getProperties(), $result, $this->getError())); return $result; } /** * Method to load a JUser object by user id number * * @param mixed $id The user id of the user to load * * @return boolean True on success * * @since 11.1 */ public function load($id) { // Create the user table object $table = $this->getTable(); // Load the JUserModel object based on the user id or throw a warning. if (!$table->load($id)) { JError::raiseWarning('SOME_ERROR_CODE', JText::sprintf('JLIB_USER_ERROR_UNABLE_TO_LOAD_USER', $id)); return false; } // Set the user parameters using the default XML file. We might want to // extend this in the future to allow for the ability to have custom // user parameters, but for right now we'll leave it how it is. $this->_params->loadString($table->params); // Assuming all is well at this point lets bind the data $this->setProperties($table->getProperties()); return true; } } home/academiac/www/libraries/joomla/html/html/user.php000064400000004607151372620400017052 0ustar00getQuery(true); $query->select('a.id AS value, a.title AS text, COUNT(DISTINCT b.id) AS level'); $query->from($db->quoteName('#__usergroups') . ' AS a'); $query->join('LEFT', $db->quoteName('#__usergroups') . ' AS b ON a.lft > b.lft AND a.rgt < b.rgt'); $query->group('a.id, a.title, a.lft, a.rgt'); $query->order('a.lft ASC'); $db->setQuery($query); $options = $db->loadObjectList(); // Check for a database error. if ($db->getErrorNum()) { JError::raiseNotice(500, $db->getErrorMsg()); return null; } for ($i = 0, $n = count($options); $i < $n; $i++) { $options[$i]->text = str_repeat('- ', $options[$i]->level) . $options[$i]->text; $groups[] = JHtml::_('select.option', $options[$i]->value, $options[$i]->text); } // Exclude super admin groups if requested if (!$includeSuperAdmin) { $filteredGroups = array(); foreach ($groups as $group) { if (!JAccess::checkGroup($group->value, 'core.admin')) { $filteredGroups[] = $group; } } $groups = $filteredGroups; } return $groups; } /** * Get a list of users. * * @return string * * @since 11.4 */ public static function userlist() { // Get the database object and a new query object. $db = JFactory::getDBO(); $query = $db->getQuery(true); // Build the query. $query->select('a.id AS value, a.name AS text'); $query->from('#__users AS a'); $query->where('a.block = 0'); $query->order('a.name'); // Set the query and load the options. $db->setQuery($query); $items = $db->loadObjectList(); // Detect errors if ($db->getErrorNum()) { JError::raiseWarning(500, $db->getErrorMsg()); } return $items; } } home/academiac/www/libraries/joomla/database/table/user.php000064400000031111151372720730017772 0ustar00 group ids * * @var array * @since 11.1 */ public $groups; /** * Constructor * * @param JDatabase &$db A database connector object. * * @since 11.1 */ public function __construct(&$db) { parent::__construct('#__users', 'id', $db); // Initialise. $this->id = 0; $this->sendEmail = 0; } /** * Method to load a user, user groups, and any other necessary data * from the database so that it can be bound to the user object. * * @param integer $userId An optional user id. * @param boolean $reset False if row not found or on error * (internal error state set in that case). * * @return boolean True on success, false on failure. * * @since 11.1 */ public function load($userId = null, $reset = true) { // Get the id to load. if ($userId !== null) { $this->id = $userId; } else { $userId = $this->id; } // Check for a valid id to load. if ($userId === null) { return false; } // Reset the table. $this->reset(); // Load the user data. $query = $this->_db->getQuery(true); $query->select('*'); $query->from($this->_db->quoteName('#__users')); $query->where($this->_db->quoteName('id') . ' = ' . (int) $userId); $this->_db->setQuery($query); $data = (array) $this->_db->loadAssoc(); // Check for an error message. if ($this->_db->getErrorNum()) { $this->setError($this->_db->getErrorMsg()); return false; } if (!count($data)) { return false; } // Bind the data to the table. $return = $this->bind($data); if ($return !== false) { // Load the user groups. $query->clear(); $query->select($this->_db->quoteName('g') . '.' . $this->_db->quoteName('id')); $query->select($this->_db->quoteName('g') . '.' . $this->_db->quoteName('title')); $query->from($this->_db->quoteName('#__usergroups') . ' AS g'); $query->join('INNER', $this->_db->quoteName('#__user_usergroup_map') . ' AS m ON m.group_id = g.id'); $query->where($this->_db->quoteName('m.user_id') . ' = ' . (int) $userId); $this->_db->setQuery($query); // Add the groups to the user data. $this->groups = $this->_db->loadAssocList('id', 'id'); // Check for an error message. if ($this->_db->getErrorNum()) { $this->setError($this->_db->getErrorMsg()); return false; } } return $return; } /** * Method to bind the user, user groups, and any other necessary data. * * @param array $array The data to bind. * @param mixed $ignore An array or space separated list of fields to ignore. * * @return boolean True on success, false on failure. * * @since 11.1 */ public function bind($array, $ignore = '') { if (key_exists('params', $array) && is_array($array['params'])) { $registry = new JRegistry; $registry->loadArray($array['params']); $array['params'] = (string) $registry; } // Attempt to bind the data. $return = parent::bind($array, $ignore); // Load the real group data based on the bound ids. if ($return && !empty($this->groups)) { // Set the group ids. JArrayHelper::toInteger($this->groups); // Get the titles for the user groups. $query = $this->_db->getQuery(true); $query->select($this->_db->quoteName('id')); $query->select($this->_db->quoteName('title')); $query->from($this->_db->quoteName('#__usergroups')); $query->where($this->_db->quoteName('id') . ' = ' . implode(' OR ' . $this->_db->quoteName('id') . ' = ', $this->groups)); $this->_db->setQuery($query); // Set the titles for the user groups. $this->groups = $this->_db->loadAssocList('id', 'id'); // Check for a database error. if ($this->_db->getErrorNum()) { $this->setError($this->_db->getErrorMsg()); return false; } } return $return; } /** * Validation and filtering * * @return boolean True if satisfactory * * @since 11.1 */ public function check() { // Validate user information if (trim($this->name) == '') { $this->setError(JText::_('JLIB_DATABASE_ERROR_PLEASE_ENTER_YOUR_NAME')); return false; } if (trim($this->username) == '') { $this->setError(JText::_('JLIB_DATABASE_ERROR_PLEASE_ENTER_A_USER_NAME')); return false; } if (preg_match('#[<>"\'%;()&\\\\]|\\.\\./#', $this->username) || strlen(utf8_decode($this->username)) < 2 || trim($this->username) != $this->username) { $this->setError(JText::sprintf('JLIB_DATABASE_ERROR_VALID_AZ09', 2)); return false; } if ((trim($this->email) == "") || !JMailHelper::isEmailAddress($this->email)) { $this->setError(JText::_('JLIB_DATABASE_ERROR_VALID_MAIL')); return false; } // Set the registration timestamp if ($this->registerDate == null || $this->registerDate == $this->_db->getNullDate()) { $this->registerDate = JFactory::getDate()->toSql(); } // check for existing username $query = $this->_db->getQuery(true); $query->select($this->_db->quoteName('id')); $query->from($this->_db->quoteName('#__users')); $query->where($this->_db->quoteName('username') . ' = ' . $this->_db->quote($this->username)); $query->where($this->_db->quoteName('id') . ' != ' . (int) $this->id); $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($xid && $xid != intval($this->id)) { $this->setError(JText::_('JLIB_DATABASE_ERROR_USERNAME_INUSE')); return false; } // check for existing email $query->clear(); $query->select($this->_db->quoteName('id')); $query->from($this->_db->quoteName('#__users')); $query->where($this->_db->quoteName('email') . ' = ' . $this->_db->quote($this->email)); $query->where($this->_db->quoteName('id') . ' != ' . (int) $this->id); $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($xid && $xid != intval($this->id)) { $this->setError(JText::_('JLIB_DATABASE_ERROR_EMAIL_INUSE')); return false; } // check for root_user != username $config = JFactory::getConfig(); $rootUser = $config->get('root_user'); if (!is_numeric($rootUser)) { $query->clear(); $query->select($this->_db->quoteName('id')); $query->from($this->_db->quoteName('#__users')); $query->where($this->_db->quoteName('username') . ' = ' . $this->_db->quote($rootUser)); $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($rootUser == $this->username && (!$xid || $xid && $xid != intval($this->id)) || $xid && $xid == intval($this->id) && $rootUser != $this->username) { $this->setError(JText::_('JLIB_DATABASE_ERROR_USERNAME_CANNOT_CHANGE')); return false; } } return true; } /** * Method to store a row in the database from the JTable instance properties. * If a primary key value is set the row with that primary key value will be * updated with the instance property values. If no primary key value is set * a new row will be inserted into the database with the properties from the * JTable instance. * * @param boolean $updateNulls True to update fields even if they are null. * * @return boolean True on success. * * @link http://docs.joomla.org/JTable/store * @since 11.1 */ public function store($updateNulls = false) { // Get the table key and key value. $k = $this->_tbl_key; $key = $this->$k; // TODO: This is a dumb way to handle the groups. // Store groups locally so as to not update directly. $groups = $this->groups; unset($this->groups); // Insert or update the object based on presence of a key value. if ($key) { // Already have a table key, update the row. $return = $this->_db->updateObject($this->_tbl, $this, $this->_tbl_key, $updateNulls); } else { // Don't have a table key, insert the row. $return = $this->_db->insertObject($this->_tbl, $this, $this->_tbl_key); } // Handle error if it exists. if (!$return) { $this->setError(JText::sprintf('JLIB_DATABASE_ERROR_STORE_FAILED', strtolower(get_class($this)), $this->_db->getErrorMsg())); return false; } // Reset groups to the local object. $this->groups = $groups; unset($groups); // Store the group data if the user data was saved. if ($return && is_array($this->groups) && count($this->groups)) { // Delete the old user group maps. $query = $this->_db->getQuery(true); $query->delete(); $query->from($this->_db->quoteName('#__user_usergroup_map')); $query->where($this->_db->quoteName('user_id') . ' = ' . (int) $this->id); $this->_db->setQuery($query); $this->_db->execute(); // Check for a database error. if ($this->_db->getErrorNum()) { $this->setError($this->_db->getErrorMsg()); return false; } // Set the new user group maps. $query->clear(); $query->insert($this->_db->quoteName('#__user_usergroup_map')); $query->columns(array($this->_db->quoteName('user_id'), $this->_db->quoteName('group_id'))); $query->values($this->id . ', ' . implode('), (' . $this->id . ', ', $this->groups)); $this->_db->setQuery($query); $this->_db->execute(); // Check for a database error. if ($this->_db->getErrorNum()) { $this->setError($this->_db->getErrorMsg()); return false; } } return true; } /** * Method to delete a user, user groups, and any other necessary data from the database. * * @param integer $userId An optional user id. * * @return boolean True on success, false on failure. * * @since 11.1 */ public function delete($userId = null) { // Set the primary key to delete. $k = $this->_tbl_key; if ($userId) { $this->$k = intval($userId); } // Delete the user. $query = $this->_db->getQuery(true); $query->delete(); $query->from($this->_db->quoteName($this->_tbl)); $query->where($this->_db->quoteName($this->_tbl_key) . ' = ' . (int) $this->$k); $this->_db->setQuery($query); $this->_db->execute(); // Check for a database error. if ($this->_db->getErrorNum()) { $this->setError($this->_db->getErrorMsg()); return false; } // Delete the user group maps. $query->clear(); $query->delete(); $query->from($this->_db->quoteName('#__user_usergroup_map')); $query->where($this->_db->quoteName('user_id') . ' = ' . (int) $this->$k); $this->_db->setQuery($query); $this->_db->execute(); // Check for a database error. if ($this->_db->getErrorNum()) { $this->setError($this->_db->getErrorMsg()); return false; } /* * Clean Up Related Data. */ $query->clear(); $query->delete(); $query->from($this->_db->quoteName('#__messages_cfg')); $query->where($this->_db->quoteName('user_id') . ' = ' . (int) $this->$k); $this->_db->setQuery($query); $this->_db->execute(); // Check for a database error. if ($this->_db->getErrorNum()) { $this->setError($this->_db->getErrorMsg()); return false; } $query->clear(); $query->delete(); $query->from($this->_db->quoteName('#__messages')); $query->where($this->_db->quoteName('user_id_to') . ' = ' . (int) $this->$k); $this->_db->setQuery($query); $this->_db->execute(); // Check for a database error. if ($this->_db->getErrorNum()) { $this->setError($this->_db->getErrorMsg()); return false; } return true; } /** * Updates last visit time of user * * @param integer $timeStamp The timestamp, defaults to 'now'. * @param integer $userId The user id (optional). * * @return boolean False if an error occurs * * @since 11.1 */ public function setLastVisit($timeStamp = null, $userId = null) { // Check for User ID if (is_null($userId)) { if (isset($this)) { $userId = $this->id; } else { // do not translate jexit(JText::_('JLIB_DATABASE_ERROR_SETLASTVISIT')); } } // If no timestamp value is passed to function, than current time is used. $date = JFactory::getDate($timeStamp); // Update the database row for the user. $db = $this->_db; $query = $db->getQuery(true); $query->update($db->quoteName($this->_tbl)); $query->set($db->quoteName('lastvisitDate') . '=' . $db->quote($date->toSql())); $query->where($db->quoteName('id') . '=' . (int) $userId); $db->setQuery($query); $db->execute(); // Check for a database error. if ($db->getErrorNum()) { $this->setError($db->getErrorMsg()); return false; } return true; } }