first commit

2020-01-02 22:20:31 +07:00
commit 10eb3340ad
5753 changed files with 631345 additions and 0 deletions
--- a/administrator/components/com_users/controllers/user.php
+++ b/administrator/components/com_users/controllers/user.php
@ -0,0 +1,120 @@
+<?php
+/**
+ * @package     Joomla.Administrator
+ * @subpackage  com_users
+ *
+ * @copyright   Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
+ * @license     GNU General Public License version 2 or later; see LICENSE.txt
+ */
+
+defined('_JEXEC') or die;
+
+/**
+ * User controller class.
+ *
+ * @package     Joomla.Administrator
+ * @subpackage  com_users
+ * @since       1.6
+ */
+class UsersControllerUser extends JControllerForm
+{
+	/**
+	 * @var    string  The prefix to use with controller messages.
+	 * @since  1.6
+	 */
+	protected $text_prefix = 'COM_USERS_USER';
+
+	/**
+	 * Overrides JControllerForm::allowEdit
+	 *
+	 * Checks that non-Super Admins are not editing Super Admins.
+	 *
+	 * @param   array   $data  An array of input data.
+	 * @param   string  $key   The name of the key for the primary key.
+	 *
+	 * @return  boolean  True if allowed, false otherwise.
+	 *
+	 * @since   1.6
+	 */
+	protected function allowEdit($data = array(), $key = 'id')
+	{
+		// Check if this person is a Super Admin
+		if (JAccess::check($data[$key], 'core.admin'))
+		{
+			// If I'm not a Super Admin, then disallow the edit.
+			if (!JFactory::getUser()->authorise('core.admin'))
+			{
+				return false;
+			}
+		}
+
+		return parent::allowEdit($data, $key);
+	}
+
+	/**
+	 * Method to run batch operations.
+	 *
+	 * @param   object  $model  The model.
+	 *
+	 * @return  boolean  True on success, false on failure
+	 *
+	 * @since   2.5
+	 */
+	public function batch($model = null)
+	{
+		JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN'));
+
+		// Set the model
+		$model = $this->getModel('User', '', array());
+
+		// Preset the redirect
+		$this->setRedirect(JRoute::_('index.php?option=com_users&view=users' . $this->getRedirectToListAppend(), false));
+
+		return parent::batch($model);
+	}
+
+	/**
+	 * Overrides parent save method to check the submitted passwords match.
+	 *
+	 * @param   string  $key     The name of the primary key of the URL variable.
+	 * @param   string  $urlVar  The name of the URL variable if different from the primary key (sometimes required to avoid router collisions).
+	 *
+	 * @return  boolean  True if successful, false otherwise.
+	 *
+	 * @since   1.6
+	 */
+	public function save($key = null, $urlVar = null)
+	{
+		$data = $this->input->post->get('jform', array(), 'array');
+
+		// TODO: JForm should really have a validation handler for this.
+		if (isset($data['password']) && isset($data['password2']))
+		{
+			// Check the passwords match.
+			if ($data['password'] != $data['password2'])
+			{
+				$this->setMessage(JText::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH'), 'warning');
+				$this->setRedirect(JRoute::_('index.php?option=com_users&view=user&layout=edit', false));
+			}
+
+			unset($data['password2']);
+		}
+
+		return parent::save();
+	}
+
+	/**
+	 * Function that allows child controller access to model data after the data has been saved.
+	 *
+	 * @param   JModelLegacy  $model      The data model object.
+	 * @param   array         $validData  The validated data.
+	 *
+	 * @return  void
+	 *
+	 * @since   3.1
+	 */
+	protected function postSaveHook(JModelLegacy $model, $validData = array())
+	{
+		return;
+	}
+}