joomla_test/administrator/components/com_users/controllers/user.php

<?php
/**
 * @package     Joomla.Administrator
 * @subpackage  com_users
 *
 * @copyright   Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
 * @license     GNU General Public License version 2 or later; see LICENSE.txt
 */

defined('_JEXEC') or die;

/**
 * User controller class.
 *
 * @package     Joomla.Administrator
 * @subpackage  com_users
 * @since       1.6
 */
class UsersControllerUser extends JControllerForm
{
	/**
	 * @var    string  The prefix to use with controller messages.
	 * @since  1.6
	 */
	protected $text_prefix = 'COM_USERS_USER';

	/**
	 * Overrides JControllerForm::allowEdit
	 *
	 * Checks that non-Super Admins are not editing Super Admins.
	 *
	 * @param   array   $data  An array of input data.
	 * @param   string  $key   The name of the key for the primary key.
	 *
	 * @return  boolean  True if allowed, false otherwise.
	 *
	 * @since   1.6
	 */
	protected function allowEdit($data = array(), $key = 'id')
	{
		// Check if this person is a Super Admin
		if (JAccess::check($data[$key], 'core.admin'))
		{
			// If I'm not a Super Admin, then disallow the edit.
			if (!JFactory::getUser()->authorise('core.admin'))
			{
				return false;
			}
		}

		return parent::allowEdit($data, $key);
	}

	/**
	 * Method to run batch operations.
	 *
	 * @param   object  $model  The model.
	 *
	 * @return  boolean  True on success, false on failure
	 *
	 * @since   2.5
	 */
	public function batch($model = null)
	{
		JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN'));

		// Set the model
		$model = $this->getModel('User', '', array());

		// Preset the redirect
		$this->setRedirect(JRoute::_('index.php?option=com_users&view=users' . $this->getRedirectToListAppend(), false));

		return parent::batch($model);
	}

	/**
	 * Overrides parent save method to check the submitted passwords match.
	 *
	 * @param   string  $key     The name of the primary key of the URL variable.
	 * @param   string  $urlVar  The name of the URL variable if different from the primary key (sometimes required to avoid router collisions).
	 *
	 * @return  boolean  True if successful, false otherwise.
	 *
	 * @since   1.6
	 */
	public function save($key = null, $urlVar = null)
	{
		$data = $this->input->post->get('jform', array(), 'array');

		// TODO: JForm should really have a validation handler for this.
		if (isset($data['password']) && isset($data['password2']))
		{
			// Check the passwords match.
			if ($data['password'] != $data['password2'])
			{
				$this->setMessage(JText::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH'), 'warning');
				$this->setRedirect(JRoute::_('index.php?option=com_users&view=user&layout=edit', false));
			}

			unset($data['password2']);
		}

		return parent::save();
	}

	/**
	 * Function that allows child controller access to model data after the data has been saved.
	 *
	 * @param   JModelLegacy  $model      The data model object.
	 * @param   array         $validData  The validated data.
	 *
	 * @return  void
	 *
	 * @since   3.1
	 */
	protected function postSaveHook(JModelLegacy $model, $validData = array())
	{
		return;
	}
}
first commit 2020-01-02 22:20:31 +07:00			`<?php`
			`/**`
			`* @package Joomla.Administrator`
			`* @subpackage com_users`
			`*`
			`* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.`
			`* @license GNU General Public License version 2 or later; see LICENSE.txt`
			`*/`

			`defined('_JEXEC') or die;`

			`/**`
			`* User controller class.`
			`*`
			`* @package Joomla.Administrator`
			`* @subpackage com_users`
			`* @since 1.6`
			`*/`
			`class UsersControllerUser extends JControllerForm`
			`{`
			`/**`
			`* @var string The prefix to use with controller messages.`
			`* @since 1.6`
			`*/`
			`protected $text_prefix = 'COM_USERS_USER';`

			`/**`
			`* Overrides JControllerForm::allowEdit`
			`*`
			`* Checks that non-Super Admins are not editing Super Admins.`
			`*`
			`* @param array $data An array of input data.`
			`* @param string $key The name of the key for the primary key.`
			`*`
			`* @return boolean True if allowed, false otherwise.`
			`*`
			`* @since 1.6`
			`*/`
			`protected function allowEdit($data = array(), $key = 'id')`
			`{`
			`// Check if this person is a Super Admin`
			`if (JAccess::check($data[$key], 'core.admin'))`
			`{`
			`// If I'm not a Super Admin, then disallow the edit.`
			`if (!JFactory::getUser()->authorise('core.admin'))`
			`{`
			`return false;`
			`}`
			`}`

			`return parent::allowEdit($data, $key);`
			`}`

			`/**`
			`* Method to run batch operations.`
			`*`
			`* @param object $model The model.`
			`*`
			`* @return boolean True on success, false on failure`
			`*`
			`* @since 2.5`
			`*/`
			`public function batch($model = null)`
			`{`
			`JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN'));`

			`// Set the model`
			`$model = $this->getModel('User', '', array());`

			`// Preset the redirect`
			`$this->setRedirect(JRoute::_('index.php?option=com_users&view=users' . $this->getRedirectToListAppend(), false));`

			`return parent::batch($model);`
			`}`

			`/**`
			`* Overrides parent save method to check the submitted passwords match.`
			`*`
			`* @param string $key The name of the primary key of the URL variable.`
			`* @param string $urlVar The name of the URL variable if different from the primary key (sometimes required to avoid router collisions).`
			`*`
			`* @return boolean True if successful, false otherwise.`
			`*`
			`* @since 1.6`
			`*/`
			`public function save($key = null, $urlVar = null)`
			`{`
			`$data = $this->input->post->get('jform', array(), 'array');`

			`// TODO: JForm should really have a validation handler for this.`
			`if (isset($data['password']) && isset($data['password2']))`
			`{`
			`// Check the passwords match.`
			`if ($data['password'] != $data['password2'])`
			`{`
			`$this->setMessage(JText::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH'), 'warning');`
			`$this->setRedirect(JRoute::_('index.php?option=com_users&view=user&layout=edit', false));`
			`}`

			`unset($data['password2']);`
			`}`

			`return parent::save();`
			`}`

			`/**`
			`* Function that allows child controller access to model data after the data has been saved.`
			`*`
			`* @param JModelLegacy $model The data model object.`
			`* @param array $validData The validated data.`
			`*`
			`* @return void`
			`*`
			`* @since 3.1`
			`*/`
			`protected function postSaveHook(JModelLegacy $model, $validData = array())`
			`{`
			`return;`
			`}`
			`}`