eddydesigner/conservatorio-tomadini
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

primo commit

Browse Source
This commit is contained in:
Eddy Prosperi
2024-12-17 17:34:10 +01:00
commit e650f8df99
16435 changed files with 2451012 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
components/com_users/src/Controller/CallbackController.php Normal file
View File

@ -0,0 +1,26 @@
<?php
/**
* @package Joomla.Administrator
* @subpackage com_users
*
* @copyright (C) 2022 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Component\Users\Site\Controller;
use Joomla\Component\Users\Administrator\Controller\CallbackController as AdminCallbackController;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Multi-factor Authentication plugins' AJAX callback controller
*
* @since 4.2.0
*/
class CallbackController extends AdminCallbackController
{
}

55
components/com_users/src/Controller/CaptiveController.php Normal file
View File

@ -0,0 +1,55 @@
<?php
/**
* @package Joomla.Administrator
* @subpackage com_users
*
* @copyright (C) 2022 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Component\Users\Site\Controller;
use Joomla\CMS\Router\Route;
use Joomla\Component\Users\Administrator\Controller\CaptiveController as AdminCaptiveController;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Captive Multi-factor Authentication page controller
*
* @since 4.2.0
*/
class CaptiveController extends AdminCaptiveController
{
/**
* Execute a task by triggering a Method in the derived class.
*
* @param string $task The task to perform.
*
* @return mixed The value returned by the called Method.
*
* @throws \Exception
* @since 4.2.0
*/
public function execute($task)
{
try {
return parent::execute($task);
} catch (\Exception $e) {
if ($e->getCode() !== 403) {
throw $e;
}
if ($this->app->getIdentity()->guest) {
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
return null;
}
}
return null;
}
}

139
components/com_users/src/Controller/DisplayController.php Normal file
View File

@ -0,0 +1,139 @@
<?php
/**
* @package Joomla.Site
* @subpackage com_users
*
* @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Component\Users\Site\Controller;
use Joomla\CMS\Component\ComponentHelper;
use Joomla\CMS\MVC\Controller\BaseController;
use Joomla\CMS\Router\Route;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Base controller class for Users.
*
* @since 1.5
*/
class DisplayController extends BaseController
{
/**
* Method to display a view.
*
* @param boolean $cachable If true, the view output will be cached
* @param array|boolean $urlparams An array of safe URL parameters and their variable types.
* @see \Joomla\CMS\Filter\InputFilter::clean() for valid values.
*
* @return void
*
* @since 1.5
* @throws \Exception
*/
public function display($cachable = false, $urlparams = false)
{
// Get the document object.
$document = $this->app->getDocument();
// Set the default view name and format from the Request.
$vName = $this->input->getCmd('view', 'login');
$vFormat = $document->getType();
$lName = $this->input->getCmd('layout', 'default');
if ($view = $this->getView($vName, $vFormat)) {
// Do any specific processing by view.
switch ($vName) {
case 'registration':
// If the user is already logged in, redirect to the profile page.
$user = $this->app->getIdentity();
if ($user->guest != 1) {
// Redirect to profile page.
$this->setRedirect(Route::_('index.php?option=com_users&view=profile', false));
return;
}
// Check if user registration is enabled
if (ComponentHelper::getParams('com_users')->get('allowUserRegistration') == 0) {
// Registration is disabled - Redirect to login page.
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
return;
}
// The user is a guest, load the registration model and show the registration page.
$model = $this->getModel('Registration');
break;
case 'profile':
// Handle view specific models.
// If the user is a guest, redirect to the login page.
$user = $this->app->getIdentity();
if ($user->guest == 1) {
// Redirect to login page.
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
return;
}
$model = $this->getModel($vName);
break;
case 'login':
// Handle the default views.
$model = $this->getModel($vName);
break;
case 'remind':
case 'reset':
// If the user is already logged in, redirect to the profile page.
$user = $this->app->getIdentity();
if ($user->guest != 1) {
// Redirect to profile page.
$this->setRedirect(Route::_('index.php?option=com_users&view=profile', false));
return;
}
$model = $this->getModel($vName);
break;
case 'captive':
case 'methods':
case 'method':
$controller = $this->factory->createController($vName, 'Site', [], $this->app, $this->input);
$task = $this->input->get('task', '');
return $controller->execute($task);
default:
$model = $this->getModel('Login');
break;
}
// Make sure we don't send a referer
if (\in_array($vName, ['remind', 'reset'])) {
$this->app->setHeader('Referrer-Policy', 'no-referrer', true);
}
// Push the model into the view (as default).
$view->setModel($model, true);
$view->setLayout($lName);
// Push document object into the view.
$view->document = $document;
$view->display();
}
}
}

55
components/com_users/src/Controller/MethodController.php Normal file
View File

@ -0,0 +1,55 @@
<?php
/**
* @package Joomla.Administrator
* @subpackage com_users
*
* @copyright (C) 2022 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Component\Users\Site\Controller;
use Joomla\CMS\Router\Route;
use Joomla\Component\Users\Administrator\Controller\MethodController as AdminMethodController;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Multi-factor Authentication method controller
*
* @since 4.2.0
*/
class MethodController extends AdminMethodController
{
/**
* Execute a task by triggering a Method in the derived class.
*
* @param string $task The task to perform.
*
* @return mixed The value returned by the called Method.
*
* @throws \Exception
* @since 4.2.0
*/
public function execute($task)
{
try {
return parent::execute($task);
} catch (\Exception $e) {
if ($e->getCode() !== 403) {
throw $e;
}
if ($this->app->getIdentity()->guest) {
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
return null;
}
}
return null;
}
}

55
components/com_users/src/Controller/MethodsController.php Normal file
View File

@ -0,0 +1,55 @@
<?php
/**
* @package Joomla.Administrator
* @subpackage com_users
*
* @copyright (C) 2022 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Component\Users\Site\Controller;
use Joomla\CMS\Router\Route;
use Joomla\Component\Users\Administrator\Controller\MethodsController as AdminMethodsController;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Multi-factor Authentication methods selection and management controller
*
* @since 4.2.0
*/
class MethodsController extends AdminMethodsController
{
/**
* Execute a task by triggering a Method in the derived class.
*
* @param string $task The task to perform.
*
* @return mixed The value returned by the called Method.
*
* @throws \Exception
* @since 4.2.0
*/
public function execute($task)
{
try {
return parent::execute($task);
} catch (\Exception $e) {
if ($e->getCode() !== 403) {
throw $e;
}
if ($this->app->getIdentity()->guest) {
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
return null;
}
}
return null;
}
}

232
components/com_users/src/Controller/ProfileController.php Normal file
View File

@ -0,0 +1,232 @@
<?php
/**
* @package Joomla.Site
* @subpackage com_users
*
* @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Component\Users\Site\Controller;
use Joomla\CMS\Application\CMSWebApplicationInterface;
use Joomla\CMS\Event\Model;
use Joomla\CMS\Language\Text;
use Joomla\CMS\MVC\Controller\BaseController;
use Joomla\CMS\Router\Route;
use Joomla\CMS\Uri\Uri;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Profile controller class for Users.
*
* @since 1.6
*/
class ProfileController extends BaseController
{
/**
* Method to check out a user for editing and redirect to the edit form.
*
* @return boolean
*
* @since 1.6
*/
public function edit()
{
$app = $this->app;
$user = $this->app->getIdentity();
$loginUserId = (int) $user->id;
// Get the current user id.
$userId = $this->input->getInt('user_id');
// Check if the user is trying to edit another users profile.
if ($userId != $loginUserId) {
$app->enqueueMessage(Text::_('JERROR_ALERTNOAUTHOR'), 'error');
$app->setHeader('status', 403, true);
return false;
}
$cookieLogin = $user->get('cookieLogin');
// Check if the user logged in with a cookie
if (!empty($cookieLogin)) {
// If so, the user must login to edit the password and other data.
$app->enqueueMessage(Text::_('JGLOBAL_REMEMBER_MUST_LOGIN'), 'message');
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
return false;
}
// Set the user id for the user to edit in the session.
$app->setUserState('com_users.edit.profile.id', $userId);
// Redirect to the edit screen.
$this->setRedirect(Route::_('index.php?option=com_users&view=profile&layout=edit', false));
return true;
}
/**
* Method to save a user's profile data.
*
* @return void|boolean
*
* @since 1.6
* @throws \Exception
*/
public function save()
{
// Check for request forgeries.
$this->checkToken();
$app = $this->app;
/** @var \Joomla\Component\Users\Site\Model\ProfileModel $model */
$model = $this->getModel('Profile', 'Site');
$user = $this->app->getIdentity();
$userId = (int) $user->id;
// Get the user data.
$requestData = $app->getInput()->post->get('jform', [], 'array');
// Force the ID to this user.
$requestData['id'] = $userId;
// Validate the posted data.
$form = $model->getForm();
if (!$form) {
throw new \Exception($model->getError(), 500);
}
// Send an object which can be modified through the plugin event
$objData = (object) $requestData;
$this->getDispatcher()->dispatch(
'onContentNormaliseRequestData',
new Model\NormaliseRequestDataEvent('onContentNormaliseRequestData', [
'context' => 'com_users.user',
'data' => $objData,
'subject' => $form,
])
);
$requestData = (array) $objData;
// Validate the posted data.
$data = $model->validate($form, $requestData);
// Check for errors.
if ($data === false) {
// Get the validation messages.
$errors = $model->getErrors();
// Push up to three validation messages out to the user.
for ($i = 0, $n = \count($errors); $i < $n && $i < 3; $i++) {
if ($errors[$i] instanceof \Exception) {
$app->enqueueMessage($errors[$i]->getMessage(), CMSWebApplicationInterface::MSG_ERROR);
} else {
$app->enqueueMessage($errors[$i], CMSWebApplicationInterface::MSG_ERROR);
}
}
// Unset the passwords.
unset($requestData['password1'], $requestData['password2']);
// Save the data in the session.
$app->setUserState('com_users.edit.profile.data', $requestData);
// Redirect back to the edit screen.
$userId = (int) $app->getUserState('com_users.edit.profile.id');
$this->setRedirect(Route::_('index.php?option=com_users&view=profile&layout=edit&user_id=' . $userId, false));
return false;
}
// Attempt to save the data.
$return = $model->save($data);
// Check for errors.
if ($return === false) {
// Save the data in the session.
$app->setUserState('com_users.edit.profile.data', $data);
// Redirect back to the edit screen.
$userId = (int) $app->getUserState('com_users.edit.profile.id');
$this->setMessage(Text::sprintf('COM_USERS_PROFILE_SAVE_FAILED', $model->getError()), 'warning');
$this->setRedirect(Route::_('index.php?option=com_users&view=profile&layout=edit&user_id=' . $userId, false));
return false;
}
// Redirect the user and adjust session state based on the chosen task.
switch ($this->getTask()) {
case 'apply':
// Check out the profile.
$app->setUserState('com_users.edit.profile.id', $return);
// Redirect back to the edit screen.
$this->setMessage(Text::_('COM_USERS_PROFILE_SAVE_SUCCESS'));
$redirect = $app->getUserState('com_users.edit.profile.redirect', '');
// Don't redirect to an external URL.
if (!Uri::isInternal($redirect)) {
$redirect = null;
}
if (!$redirect) {
$redirect = 'index.php?option=com_users&view=profile&layout=edit&hidemainmenu=1';
}
$this->setRedirect(Route::_($redirect, false));
break;
default:
// Clear the profile id from the session.
$app->setUserState('com_users.edit.profile.id', null);
$redirect = $app->getUserState('com_users.edit.profile.redirect', '');
// Don't redirect to an external URL.
if (!Uri::isInternal($redirect)) {
$redirect = null;
}
if (!$redirect) {
$redirect = 'index.php?option=com_users&view=profile&user_id=' . $return;
}
// Redirect to the list screen.
$this->setMessage(Text::_('COM_USERS_PROFILE_SAVE_SUCCESS'));
$this->setRedirect(Route::_($redirect, false));
break;
}
// Flush the data from the session.
$app->setUserState('com_users.edit.profile.data', null);
}
/**
* Method to cancel an edit.
*
* @return void
*
* @since 4.0.0
*/
public function cancel()
{
// Check for request forgeries.
$this->checkToken();
// Flush the data from the session.
$this->app->setUserState('com_users.edit.profile', null);
// Redirect to user profile.
$this->setRedirect(Route::_('index.php?option=com_users&view=profile', false));
}
}

251
components/com_users/src/Controller/RegistrationController.php Normal file
View File

@ -0,0 +1,251 @@
<?php
/**
* @package Joomla.Site
* @subpackage com_users
*
* @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Component\Users\Site\Controller;
use Joomla\CMS\Application\CMSWebApplicationInterface;
use Joomla\CMS\Component\ComponentHelper;
use Joomla\CMS\Language\Text;
use Joomla\CMS\MVC\Controller\BaseController;
use Joomla\CMS\Router\Route;
use Joomla\CMS\User\UserFactoryAwareInterface;
use Joomla\CMS\User\UserFactoryAwareTrait;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Registration controller class for Users.
*
* @since 1.6
*/
class RegistrationController extends BaseController implements UserFactoryAwareInterface
{
use UserFactoryAwareTrait;
/**
* Method to activate a user.
*
* @return boolean True on success, false on failure.
*
* @since 1.6
* @throws \Exception
*/
public function activate()
{
$user = $this->app->getIdentity();
$input = $this->input;
$uParams = ComponentHelper::getParams('com_users');
// Check for admin activation. Don't allow non-super-admin to delete a super admin
if ($uParams->get('useractivation') != 2 && $user->id) {
$this->setRedirect('index.php');
return true;
}
// If user registration or account activation is disabled, throw a 403.
if ($uParams->get('useractivation') == 0 || $uParams->get('allowUserRegistration') == 0) {
throw new \Exception(Text::_('JLIB_APPLICATION_ERROR_ACCESS_FORBIDDEN'), 403);
}
/** @var \Joomla\Component\Users\Site\Model\RegistrationModel $model */
$model = $this->getModel('Registration', 'Site');
$token = $input->getAlnum('token');
// Check that the token is in a valid format.
if ($token === null || \strlen($token) !== 32) {
throw new \Exception(Text::_('JINVALID_TOKEN'), 403);
}
// Get the User ID
$userIdToActivate = $model->getUserIdFromToken($token);
if (!$userIdToActivate) {
$this->setMessage(Text::_('COM_USERS_ACTIVATION_TOKEN_NOT_FOUND'));
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
return false;
}
// Get the user we want to activate
$userToActivate = $this->getUserFactory()->loadUserById($userIdToActivate);
// Admin activation is on and admin is activating the account
if (($uParams->get('useractivation') == 2) && $userToActivate->getParam('activate', 0)) {
// If a user admin is not logged in, redirect them to the login page with an error message
if (!$user->authorise('core.create', 'com_users') || !$user->authorise('core.manage', 'com_users')) {
$activationUrl = 'index.php?option=com_users&task=registration.activate&token=' . $token;
$loginUrl = 'index.php?option=com_users&view=login&return=' . base64_encode($activationUrl);
// In case we still run into this in the second step the user does not have the right permissions
$message = Text::_('COM_USERS_REGISTRATION_ACL_ADMIN_ACTIVATION_PERMISSIONS');
// When we are not logged in we should login
if ($user->guest) {
$message = Text::_('COM_USERS_REGISTRATION_ACL_ADMIN_ACTIVATION');
}
$this->setMessage($message);
$this->setRedirect(Route::_($loginUrl, false));
return false;
}
}
// Attempt to activate the user.
$return = $model->activate($token);
// Check for errors.
if ($return === false) {
// Redirect back to the home page.
$this->setMessage(Text::sprintf('COM_USERS_REGISTRATION_SAVE_FAILED', $model->getError()), 'error');
$this->setRedirect('index.php');
return false;
}
$useractivation = $uParams->get('useractivation');
// Redirect to the login screen.
if ($useractivation == 0) {
$this->setMessage(Text::_('COM_USERS_REGISTRATION_SAVE_SUCCESS'));
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
} elseif ($useractivation == 1) {
$this->setMessage(Text::_('COM_USERS_REGISTRATION_ACTIVATE_SUCCESS'));
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
} elseif ($return->getParam('activate')) {
$this->setMessage(Text::_('COM_USERS_REGISTRATION_VERIFY_SUCCESS'));
$this->setRedirect(Route::_('index.php?option=com_users&view=registration&layout=complete', false));
} else {
$this->setMessage(Text::_('COM_USERS_REGISTRATION_ADMINACTIVATE_SUCCESS'));
$this->setRedirect(Route::_('index.php?option=com_users&view=registration&layout=complete', false));
}
return true;
}
/**
* Method to register a user.
*
* @return boolean True on success, false on failure.
*
* @since 1.6
* @throws \Exception
*/
public function register()
{
// Check for request forgeries.
$this->checkToken();
// If registration is disabled - Redirect to login page.
if (ComponentHelper::getParams('com_users')->get('allowUserRegistration') == 0) {
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
return false;
}
$app = $this->app;
/** @var \Joomla\Component\Users\Site\Model\RegistrationModel $model */
$model = $this->getModel('Registration', 'Site');
// Get the user data.
$requestData = $this->input->post->get('jform', [], 'array');
// Validate the posted data.
$form = $model->getForm();
if (!$form) {
throw new \Exception($model->getError(), 500);
}
$data = $model->validate($form, $requestData);
// Check for validation errors.
if ($data === false) {
// Get the validation messages.
$errors = $model->getErrors();
// Push up to three validation messages out to the user.
for ($i = 0, $n = \count($errors); $i < $n && $i < 3; $i++) {
if ($errors[$i] instanceof \Exception) {
$app->enqueueMessage($errors[$i]->getMessage(), CMSWebApplicationInterface::MSG_ERROR);
} else {
$app->enqueueMessage($errors[$i], CMSWebApplicationInterface::MSG_ERROR);
}
}
/**
* We need the filtered value of calendar fields because the UTC normalisation is
* done in the filter and on output. This would apply the Timezone offset on
* reload. We set the calendar values we save to the processed date.
*/
$filteredData = $form->filter($requestData);
foreach ($form->getFieldset() as $field) {
if ($field->type === 'Calendar') {
$fieldName = $field->fieldname;
if ($field->group) {
if (isset($filteredData[$field->group][$fieldName])) {
$requestData[$field->group][$fieldName] = $filteredData[$field->group][$fieldName];
}
} else {
if (isset($filteredData[$fieldName])) {
$requestData[$fieldName] = $filteredData[$fieldName];
}
}
}
}
// Save the data in the session.
$app->setUserState('com_users.registration.data', $requestData);
// Redirect back to the registration screen.
$this->setRedirect(Route::_('index.php?option=com_users&view=registration', false));
return false;
}
// Attempt to save the data.
$return = $model->register($data);
// Check for errors.
if ($return === false) {
// Save the data in the session.
$app->setUserState('com_users.registration.data', $data);
// Redirect back to the edit screen.
$this->setMessage($model->getError(), 'error');
$this->setRedirect(Route::_('index.php?option=com_users&view=registration', false));
return false;
}
// Flush the data from the session.
$app->setUserState('com_users.registration.data', null);
// Redirect to the profile screen.
if ($return === 'adminactivate') {
$this->setMessage(Text::_('COM_USERS_REGISTRATION_COMPLETE_VERIFY'));
$this->setRedirect(Route::_('index.php?option=com_users&view=registration&layout=complete', false));
} elseif ($return === 'useractivate') {
$this->setMessage(Text::_('COM_USERS_REGISTRATION_COMPLETE_ACTIVATE'));
$this->setRedirect(Route::_('index.php?option=com_users&view=registration&layout=complete', false));
} else {
$this->setMessage(Text::_('COM_USERS_REGISTRATION_SAVE_SUCCESS'));
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false));
}
return true;
}
}

63
components/com_users/src/Controller/RemindController.php Normal file
View File

@ -0,0 +1,63 @@
<?php
/**
* @package Joomla.Site
* @subpackage com_users
*
* @copyright (C) 2010 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Component\Users\Site\Controller;
use Joomla\CMS\Language\Text;
use Joomla\CMS\MVC\Controller\BaseController;
use Joomla\CMS\Router\Route;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Reset controller class for Users.
*
* @since 1.6
*/
class RemindController extends BaseController
{
/**
* Method to request a username reminder.
*
* @return boolean
*
* @since 1.6
*/
public function remind()
{
// Check the request token.
$this->checkToken('post');
/** @var \Joomla\Component\Users\Site\Model\RemindModel $model */
$model = $this->getModel('Remind', 'Site');
$data = $this->input->post->get('jform', [], 'array');
// Submit the password reset request.
$return = $model->processRemindRequest($data);
// Check for a hard error.
if ($return == false && JDEBUG) {
// The request failed.
// Go back to the request form.
$message = Text::sprintf('COM_USERS_REMIND_REQUEST_FAILED', $model->getError());
$this->setRedirect(Route::_('index.php?option=com_users&view=remind', false), $message, 'notice');
return false;
}
// To not expose if the user exists or not we send a generic message.
$message = Text::_('COM_USERS_REMIND_REQUEST');
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false), $message, 'notice');
return true;
}
}

185
components/com_users/src/Controller/ResetController.php Normal file
View File

@ -0,0 +1,185 @@
<?php
/**
* @package Joomla.Site
* @subpackage com_users
*
* @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Component\Users\Site\Controller;
use Joomla\CMS\Language\Text;
use Joomla\CMS\MVC\Controller\BaseController;
use Joomla\CMS\Router\Route;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Reset controller class for Users.
*
* @since 1.6
*/
class ResetController extends BaseController
{
/**
* Method to request a password reset.
*
* @return boolean
*
* @since 1.6
*/
public function request()
{
// Check the request token.
$this->checkToken('post');
$app = $this->app;
/** @var \Joomla\Component\Users\Site\Model\ResetModel $model */
$model = $this->getModel('Reset', 'Site');
$data = $this->input->post->get('jform', [], 'array');
// Submit the password reset request.
$return = $model->processResetRequest($data);
// Check for a hard error.
if ($return instanceof \Exception && JDEBUG) {
// Get the error message to display.
if ($app->get('error_reporting')) {
$message = $return->getMessage();
} else {
$message = Text::_('COM_USERS_RESET_REQUEST_ERROR');
}
// Go back to the request form.
$this->setRedirect(Route::_('index.php?option=com_users&view=reset', false), $message, 'error');
return false;
}
if ($return === false && JDEBUG) {
// The request failed.
// Go back to the request form.
$message = Text::sprintf('COM_USERS_RESET_REQUEST_FAILED', $model->getError());
$this->setRedirect(Route::_('index.php?option=com_users&view=reset', false), $message, 'notice');
return false;
}
// To not expose if the user exists or not we send a generic message.
$message = Text::_('COM_USERS_RESET_REQUEST');
$this->setRedirect(Route::_('index.php?option=com_users&view=reset&layout=confirm', false), $message, 'notice');
return true;
}
/**
* Method to confirm the password request.
*
* @return boolean
*
* @access public
* @since 1.6
*/
public function confirm()
{
// Check the request token.
$this->checkToken('request');
$app = $this->app;
/** @var \Joomla\Component\Users\Site\Model\ResetModel $model */
$model = $this->getModel('Reset', 'Site');
$data = $this->input->get('jform', [], 'array');
// Confirm the password reset request.
$return = $model->processResetConfirm($data);
// Check for a hard error.
if ($return instanceof \Exception) {
// Get the error message to display.
if ($app->get('error_reporting')) {
$message = $return->getMessage();
} else {
$message = Text::_('COM_USERS_RESET_CONFIRM_ERROR');
}
// Go back to the confirm form.
$this->setRedirect(Route::_('index.php?option=com_users&view=reset&layout=confirm', false), $message, 'error');
return false;
}
if ($return === false) {
// Confirm failed.
// Go back to the confirm form.
$message = Text::sprintf('COM_USERS_RESET_CONFIRM_FAILED', $model->getError());
$this->setRedirect(Route::_('index.php?option=com_users&view=reset&layout=confirm', false), $message, 'notice');
return false;
}
// Confirm succeeded.
// Proceed to step three.
$this->setRedirect(Route::_('index.php?option=com_users&view=reset&layout=complete', false));
return true;
}
/**
* Method to complete the password reset process.
*
* @return boolean
*
* @since 1.6
*/
public function complete()
{
// Check for request forgeries
$this->checkToken('post');
$app = $this->app;
/** @var \Joomla\Component\Users\Site\Model\ResetModel $model */
$model = $this->getModel('Reset', 'Site');
$data = $this->input->post->get('jform', [], 'array');
// Complete the password reset request.
$return = $model->processResetComplete($data);
// Check for a hard error.
if ($return instanceof \Exception) {
// Get the error message to display.
if ($app->get('error_reporting')) {
$message = $return->getMessage();
} else {
$message = Text::_('COM_USERS_RESET_COMPLETE_ERROR');
}
// Go back to the complete form.
$this->setRedirect(Route::_('index.php?option=com_users&view=reset&layout=complete', false), $message, 'error');
return false;
}
if ($return === false) {
// Complete failed.
// Go back to the complete form.
$message = Text::sprintf('COM_USERS_RESET_COMPLETE_FAILED', $model->getError());
$this->setRedirect(Route::_('index.php?option=com_users&view=reset&layout=complete', false), $message, 'notice');
return false;
}
// Complete succeeded.
// Proceed to the login form.
$message = Text::_('COM_USERS_RESET_COMPLETE_SUCCESS');
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false), $message);
return true;
}
}

270
components/com_users/src/Controller/UserController.php Normal file
View File

@ -0,0 +1,270 @@
<?php
/**
* @package Joomla.Site
* @subpackage com_users
*
* @copyright (C) 2009 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Component\Users\Site\Controller;
use Joomla\CMS\Application\ApplicationHelper;
use Joomla\CMS\Language\Multilanguage;
use Joomla\CMS\Language\Text;
use Joomla\CMS\MVC\Controller\BaseController;
use Joomla\CMS\Router\Route;
use Joomla\CMS\Session\Session;
use Joomla\CMS\Uri\Uri;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Registration controller class for Users.
*
* @since 1.6
*/
class UserController extends BaseController
{
/**
* Method to log in a user.
*
* @return void
*
* @since 1.6
*/
public function login()
{
$this->checkToken('post');
$input = $this->input->getInputForRequestMethod();
// Populate the data array:
$data = [];
$data['return'] = base64_decode($input->get('return', '', 'BASE64'));
$data['username'] = $input->get('username', '', 'USERNAME');
$data['password'] = $input->get('password', '', 'RAW');
$data['secretkey'] = $input->get('secretkey', '', 'RAW');
// Check for a simple menu item id
if (is_numeric($data['return'])) {
$itemId = (int) $data['return'];
$data['return'] = 'index.php?Itemid=' . $itemId;
if (Multilanguage::isEnabled()) {
$language = $this->getModel('Login', 'Site')->getMenuLanguage($itemId);
if ($language !== '*') {
$data['return'] .= '&lang=' . $language;
}
}
} elseif (!Uri::isInternal($data['return'])) {
// Don't redirect to an external URL.
$data['return'] = '';
}
// Set the return URL if empty.
if (empty($data['return'])) {
$data['return'] = 'index.php?option=com_users&view=profile';
}
// Set the return URL in the user state to allow modification by plugins
$this->app->setUserState('users.login.form.return', $data['return']);
// Get the log in options.
$options = [];
$options['remember'] = $this->input->getBool('remember', false);
$options['return'] = $data['return'];
// Get the log in credentials.
$credentials = [];
$credentials['username'] = $data['username'];
$credentials['password'] = $data['password'];
$credentials['secretkey'] = $data['secretkey'];
// Perform the log in.
if (true !== $this->app->login($credentials, $options)) {
// Login failed !
// Clear user name, password and secret key before sending the login form back to the user.
$data['remember'] = (int) $options['remember'];
$data['username'] = '';
$data['password'] = '';
$data['secretkey'] = '';
$this->app->setUserState('users.login.form.data', $data);
$this->app->redirect(Route::_('index.php?option=com_users&view=login', false));
}
// Success
if ($options['remember'] == true) {
$this->app->setUserState('rememberLogin', true);
}
$this->app->setUserState('users.login.form.data', []);
$this->app->redirect(Route::_($this->app->getUserState('users.login.form.return'), false));
}
/**
* Method to log out a user.
*
* @return void
*
* @since 1.6
*/
public function logout()
{
$this->checkToken('request');
$app = $this->app;
// Prepare the logout options.
$options = [
'clientid' => $app->get('shared_session', '0') ? null : 0,
];
// Perform the log out.
$error = $app->logout(null, $options);
$input = $app->getInput()->getInputForRequestMethod();
// Check if the log out succeeded.
if ($error instanceof \Exception) {
$app->redirect(Route::_('index.php?option=com_users&view=login', false));
}
// Get the return URL from the request and validate that it is internal.
$return = $input->get('return', '', 'BASE64');
$return = base64_decode($return);
// Check for a simple menu item id
if (is_numeric($return)) {
$itemId = (int) $return;
$return = 'index.php?Itemid=' . $itemId;
if (Multilanguage::isEnabled()) {
$language = $this->getModel('Login', 'Site')->getMenuLanguage($itemId);
if ($language !== '*') {
$return .= '&lang=' . $language;
}
}
} elseif (!Uri::isInternal($return)) {
$return = '';
}
// In case redirect url is not set, redirect user to homepage
if (empty($return)) {
$return = Uri::root();
}
// Show a message when a user is logged out.
$app->enqueueMessage(Text::_('COM_USERS_FRONTEND_LOGOUT_SUCCESS'), 'message');
// Redirect the user.
$app->redirect(Route::_($return, false));
}
/**
* Method to logout directly and redirect to page.
*
* @return void
*
* @since 3.5
*/
public function menulogout()
{
// Get the ItemID of the page to redirect after logout
$app = $this->app;
$active = $app->getMenu()->getActive();
$itemid = $active ? $active->getParams()->get('logout') : 0;
// Get the language of the page when multilang is on
if (Multilanguage::isEnabled()) {
if ($itemid) {
$language = $this->getModel('Login', 'Site')->getMenuLanguage($itemid);
// URL to redirect after logout
$url = 'index.php?Itemid=' . $itemid . ($language !== '*' ? '&lang=' . $language : '');
} else {
// Logout is set to default. Get the home page ItemID
$lang_code = $app->getInput()->cookie->getString(ApplicationHelper::getHash('language'));
$item = $app->getMenu()->getDefault($lang_code);
$itemid = $item->id;
// Redirect to Home page after logout
$url = 'index.php?Itemid=' . $itemid;
}
} else {
// URL to redirect after logout, default page if no ItemID is set
$url = $itemid ? 'index.php?Itemid=' . $itemid : Uri::root();
}
// Logout and redirect
$this->setRedirect(Route::_('index.php?option=com_users&task=user.logout&' . Session::getFormToken() . '=1&return=' . base64_encode($url), false));
}
/**
* Method to request a username reminder.
*
* @return boolean
*
* @since 1.6
*/
public function remind()
{
// Check the request token.
$this->checkToken('post');
$app = $this->app;
/** @var \Joomla\Component\Users\Site\Model\RemindModel $model */
$model = $this->getModel('Remind', 'Site');
$data = $this->input->post->get('jform', [], 'array');
// Submit the username remind request.
$return = $model->processRemindRequest($data);
// Check for a hard error.
if ($return instanceof \Exception) {
// Get the error message to display.
$message = $app->get('error_reporting')
? $return->getMessage()
: Text::_('COM_USERS_REMIND_REQUEST_ERROR');
// Go back to the complete form.
$this->setRedirect(Route::_('index.php?option=com_users&view=remind', false), $message, 'error');
return false;
}
if ($return === false) {
// Go back to the complete form.
$message = Text::sprintf('COM_USERS_REMIND_REQUEST_FAILED', $model->getError());
$this->setRedirect(Route::_('index.php?option=com_users&view=remind', false), $message, 'notice');
return false;
}
// Proceed to the login form.
$message = Text::_('COM_USERS_REMIND_REQUEST_SUCCESS');
$this->setRedirect(Route::_('index.php?option=com_users&view=login', false), $message);
return true;
}
/**
* Method to resend a user.
*
* @return void
*
* @since 1.6
*/
public function resend()
{
// Check for request forgeries
// $this->checkToken('post');
}
}