121 lines
3.0 KiB
PHP
121 lines
3.0 KiB
PHP
<?php
|
|
/**
|
|
* @package Joomla.Administrator
|
|
* @subpackage com_users
|
|
*
|
|
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
|
|
* @license GNU General Public License version 2 or later; see LICENSE.txt
|
|
*/
|
|
|
|
defined('_JEXEC') or die;
|
|
|
|
/**
|
|
* User controller class.
|
|
*
|
|
* @package Joomla.Administrator
|
|
* @subpackage com_users
|
|
* @since 1.6
|
|
*/
|
|
class UsersControllerUser extends JControllerForm
|
|
{
|
|
/**
|
|
* @var string The prefix to use with controller messages.
|
|
* @since 1.6
|
|
*/
|
|
protected $text_prefix = 'COM_USERS_USER';
|
|
|
|
/**
|
|
* Overrides JControllerForm::allowEdit
|
|
*
|
|
* Checks that non-Super Admins are not editing Super Admins.
|
|
*
|
|
* @param array $data An array of input data.
|
|
* @param string $key The name of the key for the primary key.
|
|
*
|
|
* @return boolean True if allowed, false otherwise.
|
|
*
|
|
* @since 1.6
|
|
*/
|
|
protected function allowEdit($data = array(), $key = 'id')
|
|
{
|
|
// Check if this person is a Super Admin
|
|
if (JAccess::check($data[$key], 'core.admin'))
|
|
{
|
|
// If I'm not a Super Admin, then disallow the edit.
|
|
if (!JFactory::getUser()->authorise('core.admin'))
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
|
|
return parent::allowEdit($data, $key);
|
|
}
|
|
|
|
/**
|
|
* Method to run batch operations.
|
|
*
|
|
* @param object $model The model.
|
|
*
|
|
* @return boolean True on success, false on failure
|
|
*
|
|
* @since 2.5
|
|
*/
|
|
public function batch($model = null)
|
|
{
|
|
JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN'));
|
|
|
|
// Set the model
|
|
$model = $this->getModel('User', '', array());
|
|
|
|
// Preset the redirect
|
|
$this->setRedirect(JRoute::_('index.php?option=com_users&view=users' . $this->getRedirectToListAppend(), false));
|
|
|
|
return parent::batch($model);
|
|
}
|
|
|
|
/**
|
|
* Overrides parent save method to check the submitted passwords match.
|
|
*
|
|
* @param string $key The name of the primary key of the URL variable.
|
|
* @param string $urlVar The name of the URL variable if different from the primary key (sometimes required to avoid router collisions).
|
|
*
|
|
* @return boolean True if successful, false otherwise.
|
|
*
|
|
* @since 1.6
|
|
*/
|
|
public function save($key = null, $urlVar = null)
|
|
{
|
|
$data = $this->input->post->get('jform', array(), 'array');
|
|
|
|
// TODO: JForm should really have a validation handler for this.
|
|
if (isset($data['password']) && isset($data['password2']))
|
|
{
|
|
// Check the passwords match.
|
|
if ($data['password'] != $data['password2'])
|
|
{
|
|
$this->setMessage(JText::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH'), 'warning');
|
|
$this->setRedirect(JRoute::_('index.php?option=com_users&view=user&layout=edit', false));
|
|
}
|
|
|
|
unset($data['password2']);
|
|
}
|
|
|
|
return parent::save();
|
|
}
|
|
|
|
/**
|
|
* Function that allows child controller access to model data after the data has been saved.
|
|
*
|
|
* @param JModelLegacy $model The data model object.
|
|
* @param array $validData The validated data.
|
|
*
|
|
* @return void
|
|
*
|
|
* @since 3.1
|
|
*/
|
|
protected function postSaveHook(JModelLegacy $model, $validData = array())
|
|
{
|
|
return;
|
|
}
|
|
}
|