561 lines
20 KiB
PHP
561 lines
20 KiB
PHP
<?php
|
|
/**
|
|
* @version $Id: users.php 1937 2013-03-07 15:19:16Z lefteris.kavadas $
|
|
* @package K2
|
|
* @author JoomlaWorks http://www.joomlaworks.net
|
|
* @copyright Copyright (c) 2006 - 2013 JoomlaWorks Ltd. All rights reserved.
|
|
* @license GNU/GPL license: http://www.gnu.org/copyleft/gpl.html
|
|
*/
|
|
|
|
// no direct access
|
|
defined('_JEXEC') or die ;
|
|
|
|
jimport('joomla.application.component.model');
|
|
|
|
JTable::addIncludePath(JPATH_COMPONENT.DS.'tables');
|
|
|
|
class K2ModelUsers extends K2Model
|
|
{
|
|
|
|
function getData()
|
|
{
|
|
|
|
$mainframe = JFactory::getApplication();
|
|
$option = JRequest::getCmd('option');
|
|
$view = JRequest::getCmd('view');
|
|
$db = JFactory::getDBO();
|
|
$limit = $mainframe->getUserStateFromRequest('global.list.limit', 'limit', $mainframe->getCfg('list_limit'), 'int');
|
|
$limitstart = $mainframe->getUserStateFromRequest($option.$view.'.limitstart', 'limitstart', 0, 'int');
|
|
$filter_order = $mainframe->getUserStateFromRequest($option.$view.'filter_order', 'filter_order', 'juser.name', 'cmd');
|
|
$filter_order_Dir = $mainframe->getUserStateFromRequest($option.$view.'filter_order_Dir', 'filter_order_Dir', '', 'word');
|
|
$filter_status = $mainframe->getUserStateFromRequest($option.$view.'filter_status', 'filter_status', -1, 'int');
|
|
$filter_group = $mainframe->getUserStateFromRequest($option.$view.'filter_group', 'filter_group', '', 'string');
|
|
$filter_group_k2 = $mainframe->getUserStateFromRequest($option.$view.'filter_group_k2', 'filter_group_k2', '', 'string');
|
|
$search = $mainframe->getUserStateFromRequest($option.$view.'search', 'search', '', 'string');
|
|
$search = JString::strtolower($search);
|
|
|
|
$query = "SELECT juser.*, k2user.group, k2group.name as groupname FROM #__users as juser "."LEFT JOIN #__k2_users as k2user ON juser.id=k2user.userID "."LEFT JOIN #__k2_user_groups as k2group ON k2user.group=k2group.id ";
|
|
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
$query .= " LEFT JOIN #__user_usergroup_map as `map` ON juser.id=map.user_id ";
|
|
}
|
|
|
|
$query .= " WHERE juser.id>0";
|
|
|
|
if ($filter_status > -1)
|
|
{
|
|
$query .= " AND juser.block = {$filter_status}";
|
|
}
|
|
|
|
if ($filter_group)
|
|
{
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
$query .= " AND `map`.group_id =".(int)$filter_group;
|
|
}
|
|
else
|
|
{
|
|
switch($filter_group)
|
|
{
|
|
case 'Public Frontend' :
|
|
$query .= " AND juser.usertype IN ('Registered', 'Author', 'Editor', 'Publisher')";
|
|
break;
|
|
|
|
case 'Public Backend' :
|
|
$query .= " AND juser.usertype IN ('Manager', 'Administrator', 'Super Administrator')";
|
|
break;
|
|
|
|
default :
|
|
$filter_group = strtolower(trim($filter_group));
|
|
$query .= " AND juser.usertype = ".$db->Quote($filter_group);
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
if ($filter_group_k2)
|
|
{
|
|
$query .= " AND k2user.group = ".$db->Quote($filter_group_k2);
|
|
}
|
|
|
|
if ($search)
|
|
{
|
|
$escaped = K2_JVERSION == '15' ? $db->getEscaped($search, true) : $db->escape($search, true);
|
|
$query .= " AND (LOWER( juser.name ) LIKE ".$db->Quote('%'.$escaped.'%', false)." OR LOWER( juser.email ) LIKE ".$db->Quote('%'.$escaped.'%', false).")";
|
|
}
|
|
|
|
if (!$filter_order)
|
|
{
|
|
$filter_order = "juser.name";
|
|
}
|
|
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
$query .= " GROUP BY juser.id ";
|
|
}
|
|
|
|
$query .= " ORDER BY {$filter_order} {$filter_order_Dir}";
|
|
|
|
$db->setQuery($query, $limitstart, $limit);
|
|
$rows = $db->loadObjectList();
|
|
|
|
if (K2_JVERSION != '15' && count($rows))
|
|
{
|
|
foreach ($rows as $row)
|
|
{
|
|
$IDs[] = $row->id;
|
|
}
|
|
$query = "SELECT map.user_id, COUNT(map.group_id) AS group_count,GROUP_CONCAT(g2.title SEPARATOR '\n') AS group_names
|
|
FROM #__user_usergroup_map AS map
|
|
LEFT JOIN #__usergroups AS g2
|
|
ON g2.id = map.group_id
|
|
WHERE map.user_id IN (".implode(',', $IDs).")
|
|
GROUP BY map.user_id";
|
|
$db->setQuery($query);
|
|
$groups = $db->loadObjectList();
|
|
foreach ($rows as $row)
|
|
{
|
|
foreach ($groups as $group)
|
|
{
|
|
if ($row->id == $group->user_id)
|
|
{
|
|
$row->usertype = nl2br($group->group_names);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return $rows;
|
|
}
|
|
|
|
function getTotal()
|
|
{
|
|
|
|
$mainframe = JFactory::getApplication();
|
|
$option = JRequest::getCmd('option');
|
|
$view = JRequest::getCmd('view');
|
|
$db = JFactory::getDBO();
|
|
$limit = $mainframe->getUserStateFromRequest('global.list.limit', 'limit', $mainframe->getCfg('list_limit'), 'int');
|
|
$limitstart = $mainframe->getUserStateFromRequest($option.'.limitstart', 'limitstart', 0, 'int');
|
|
$filter_status = $mainframe->getUserStateFromRequest($option.$view.'filter_status', 'filter_status', -1, 'int');
|
|
$filter_group = $mainframe->getUserStateFromRequest($option.$view.'filter_group', 'filter_group', '', 'string');
|
|
$filter_group_k2 = $mainframe->getUserStateFromRequest($option.$view.'filter_group_k2', 'filter_group_k2', '', 'string');
|
|
$search = $mainframe->getUserStateFromRequest($option.$view.'search', 'search', '', 'string');
|
|
$search = JString::strtolower($search);
|
|
|
|
$query = "SELECT COUNT(DISTINCT juser.id) FROM #__users as juser "."LEFT JOIN #__k2_users as k2user ON juser.id=k2user.userID "."LEFT JOIN #__k2_user_groups as k2group ON k2user.group=k2group.id ";
|
|
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
$query .= " LEFT JOIN #__user_usergroup_map as `map` ON juser.id=map.user_id ";
|
|
}
|
|
|
|
$query .= " WHERE juser.id>0";
|
|
|
|
if ($filter_status > -1)
|
|
{
|
|
$query .= " AND juser.block = {$filter_status}";
|
|
}
|
|
|
|
if ($filter_group)
|
|
{
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
$query .= " AND `map`.group_id =".(int)$filter_group;
|
|
}
|
|
else
|
|
{
|
|
switch($filter_group)
|
|
{
|
|
case 'Public Frontend' :
|
|
$query .= " AND juser.usertype IN ('Registered', 'Author', 'Editor', 'Publisher')";
|
|
break;
|
|
|
|
case 'Public Backend' :
|
|
$query .= " AND juser.usertype IN ('Manager', 'Administrator', 'Super Administrator')";
|
|
break;
|
|
|
|
default :
|
|
$filter_group = strtolower(trim($filter_group));
|
|
$query .= " AND juser.usertype = ".$db->Quote($filter_group);
|
|
}
|
|
}
|
|
}
|
|
|
|
if ($filter_group_k2)
|
|
{
|
|
$query .= " AND k2user.group = ".$db->Quote($filter_group_k2);
|
|
}
|
|
|
|
if ($search)
|
|
{
|
|
$escaped = K2_JVERSION == '15' ? $db->getEscaped($search, true) : $db->escape($search, true);
|
|
$query .= " AND (LOWER( juser.name ) LIKE ".$db->Quote('%'.$escaped.'%', false)." OR LOWER( juser.email ) LIKE ".$db->Quote('%'.$escaped.'%', false).")";
|
|
|
|
}
|
|
|
|
$db->setQuery($query);
|
|
$total = $db->loadResult();
|
|
return $total;
|
|
}
|
|
|
|
function remove()
|
|
{
|
|
|
|
$mainframe = JFactory::getApplication();
|
|
$cid = JRequest::getVar('cid');
|
|
JArrayHelper::toInteger($cid);
|
|
$db = JFactory::getDBO();
|
|
$query = "DELETE FROM #__k2_users WHERE userID IN(".implode(',', $cid).")";
|
|
$db->setQuery($query);
|
|
$db->query();
|
|
$cache = JFactory::getCache('com_k2');
|
|
$cache->clean();
|
|
$mainframe->redirect('index.php?option=com_k2&view=users', JText::_('K2_USER_PROFILE_DELETED'));
|
|
}
|
|
|
|
function getUserGroups($type = 'joomla')
|
|
{
|
|
|
|
$db = JFactory::getDBO();
|
|
|
|
if ($type == 'joomla')
|
|
{
|
|
|
|
$query = 'SELECT (lft - 3) AS lft, name AS value, name AS text'.' FROM #__core_acl_aro_groups'.' WHERE name != "ROOT"'.' AND name != "USERS"'.' ORDER BY `lft` ASC';
|
|
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
$query = "SELECT a.lft AS lft, a.id AS value, a.title AS text, COUNT(DISTINCT b.id) AS level
|
|
FROM #__usergroups AS a
|
|
LEFT JOIN #__usergroups AS b
|
|
ON a.lft > b.lft
|
|
AND a.rgt < b.rgt
|
|
GROUP BY a.id
|
|
ORDER BY a.lft ASC";
|
|
}
|
|
|
|
$db->setQuery($query);
|
|
$groups = $db->loadObjectList();
|
|
$userGroups = array();
|
|
|
|
foreach ($groups as $group)
|
|
{
|
|
if ($group->lft >= 10)
|
|
$group->lft = (int)$group->lft - 10;
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
$group->text = $this->indent($group->level, '- ').$group->text;
|
|
}
|
|
else
|
|
{
|
|
$group->text = $this->indent($group->lft).$group->text;
|
|
}
|
|
|
|
array_push($userGroups, $group);
|
|
}
|
|
|
|
}
|
|
else
|
|
{
|
|
$query = "SELECT * FROM #__k2_user_groups";
|
|
$db->setQuery($query);
|
|
$userGroups = $db->loadObjectList();
|
|
|
|
}
|
|
|
|
return $userGroups;
|
|
}
|
|
|
|
function indent($times, $char = ' ', $start_char = '', $end_char = '')
|
|
{
|
|
$return = $start_char;
|
|
for ($i = 0; $i < $times; $i++)
|
|
$return .= $char;
|
|
$return .= $end_char;
|
|
return $return;
|
|
}
|
|
|
|
function checkLogin($id)
|
|
{
|
|
|
|
$db = JFactory::getDBO();
|
|
$query = "SELECT COUNT(s.userid) FROM #__session AS s WHERE s.userid = ".(int)$id;
|
|
$db->setQuery($query);
|
|
$result = $db->loadResult();
|
|
return $result;
|
|
}
|
|
|
|
function hasProfile($id)
|
|
{
|
|
|
|
$db = JFactory::getDBO();
|
|
$query = "SELECT id FROM #__k2_users WHERE userID = ".(int)$id;
|
|
$db->setQuery($query);
|
|
$result = $db->loadResult();
|
|
return $result;
|
|
}
|
|
|
|
function enable()
|
|
{
|
|
$mainframe = JFactory::getApplication();
|
|
$cid = JRequest::getVar('cid');
|
|
JArrayHelper::toInteger($cid);
|
|
$db = JFactory::getDBO();
|
|
$query = "UPDATE #__users SET block=0 WHERE id IN(".implode(',', $cid).")";
|
|
$db->setQuery($query);
|
|
$db->query();
|
|
$mainframe->redirect('index.php?option=com_k2&view=users', JText::_('K2_USERS_ENABLED'));
|
|
}
|
|
|
|
function disable()
|
|
{
|
|
$mainframe = JFactory::getApplication();
|
|
$cid = JRequest::getVar('cid');
|
|
JArrayHelper::toInteger($cid);
|
|
$db = JFactory::getDBO();
|
|
$query = "UPDATE #__users SET block=1 WHERE id IN(".implode(',', $cid).")";
|
|
$db->setQuery($query);
|
|
$db->query();
|
|
$mainframe->redirect('index.php?option=com_k2&view=users', JText::_('K2_USERS_DISABLED'));
|
|
}
|
|
|
|
function delete()
|
|
{
|
|
$mainframe = JFactory::getApplication();
|
|
$user = JFactory::getUser();
|
|
$cid = JRequest::getVar('cid');
|
|
JArrayHelper::toInteger($cid);
|
|
$db = JFactory::getDBO();
|
|
if (in_array($user->id, $cid))
|
|
{
|
|
foreach ($cid as $key => $id)
|
|
{
|
|
if ($id == $user->id)
|
|
{
|
|
unset($cid[$key]);
|
|
}
|
|
}
|
|
$mainframe->enqueueMessage(JText::_('K2_YOU_CANNOT_DELETE_YOURSELF'), 'notice');
|
|
}
|
|
if (count($cid) < 1)
|
|
{
|
|
$mainframe->redirect('index.php?option=com_k2&view=users', JText::_('K2_DELETE_COMPLETED'));
|
|
}
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
JPluginHelper::importPlugin('user');
|
|
$dispatcher = JDispatcher::getInstance();
|
|
$iAmSuperAdmin = $user->authorise('core.admin');
|
|
foreach ($cid as $key => $id)
|
|
{
|
|
$table = JTable::getInstance('user');
|
|
$table->load($id);
|
|
$allow = $user->authorise('core.delete', 'com_users');
|
|
// Don't allow non-super-admin to delete a super admin
|
|
$allow = (!$iAmSuperAdmin && JAccess::check($id, 'core.admin')) ? false : $allow;
|
|
if ($allow)
|
|
{
|
|
// Get users data for the users to delete.
|
|
$user_to_delete = JFactory::getUser($id);
|
|
// Fire the onUserBeforeDelete event.
|
|
$dispatcher->trigger('onUserBeforeDelete', array($table->getProperties()));
|
|
if (!$table->delete($id))
|
|
{
|
|
$this->setError($table->getError());
|
|
return false;
|
|
}
|
|
else
|
|
{
|
|
// Trigger the onUserAfterDelete event.
|
|
$dispatcher->trigger('onUserAfterDelete', array($user_to_delete->getProperties(), true, $this->getError()));
|
|
}
|
|
}
|
|
else
|
|
{
|
|
// Prune items that you can't change.
|
|
unset($cid[$key]);
|
|
JError::raiseWarning(403, JText::_('JERROR_CORE_DELETE_NOT_PERMITTED'));
|
|
}
|
|
}
|
|
$IDsToDelete = $cid;
|
|
}
|
|
else
|
|
{
|
|
$query = "SELECT * FROM #__users WHERE id IN(".implode(',', $cid).") AND gid<={$user->gid}";
|
|
$db->setQuery($query);
|
|
$IDsToDelete = K2_JVERSION == '30' ? $db->loadColumn() : $db->loadResultArray();
|
|
|
|
$query = "DELETE FROM #__users WHERE id IN(".implode(',', $IDsToDelete).") AND id!={$user->id}";
|
|
$db->setQuery($query);
|
|
$db->query();
|
|
}
|
|
$query = "DELETE FROM #__k2_users WHERE userID IN(".implode(',', $IDsToDelete).") AND userID!={$user->id}";
|
|
$db->setQuery($query);
|
|
$db->query();
|
|
|
|
$mainframe->redirect('index.php?option=com_k2&view=users', JText::_('K2_DELETE_COMPLETED'));
|
|
}
|
|
|
|
function saveMove()
|
|
{
|
|
$mainframe = JFactory::getApplication();
|
|
$db = JFactory::getDBO();
|
|
$cid = JRequest::getVar('cid');
|
|
JArrayHelper::toInteger($cid);
|
|
$group = JRequest::getVar('group');
|
|
$k2group = JRequest::getInt('k2group');
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
JArrayHelper::toInteger($group);
|
|
$group = array_filter($group);
|
|
if (count($group))
|
|
{
|
|
foreach ($cid as $id)
|
|
{
|
|
$query = "DELETE FROM #__user_usergroup_map WHERE user_id = ".$id;
|
|
$db->setQuery($query);
|
|
$db->query();
|
|
$query = "INSERT INTO #__user_usergroup_map VALUES (".$id.", ".implode("), (".$id.", ", $group).")";
|
|
$db->setQuery($query);
|
|
$db->query();
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
if ($group)
|
|
{
|
|
$query = "SELECT id FROM #__core_acl_aro_groups WHERE name=".$db->Quote($group);
|
|
$db->setQuery($query);
|
|
$gid = $db->loadResult();
|
|
$query = "UPDATE #__users SET gid={$gid}, usertype=".$db->Quote($group)." WHERE id IN(".implode(',', $cid).")";
|
|
$db->setQuery($query);
|
|
$db->query();
|
|
}
|
|
}
|
|
|
|
if ($k2group)
|
|
{
|
|
foreach ($cid as $id)
|
|
{
|
|
$query = "SELECT COUNT(*) FROM #__k2_users WHERE userID = ".$id;
|
|
$db->setQuery($query);
|
|
$result = $db->loadResult();
|
|
if ($result)
|
|
{
|
|
$query = "UPDATE #__k2_users SET `group`={$k2group} WHERE userID = ".$id;
|
|
}
|
|
else
|
|
{
|
|
$user = JFactory::getUser($id);
|
|
$query = "INSERT INTO #__k2_users VALUES ('', {$id}, {$db->Quote($user->username)}, '', '', '', '', {$k2group}, '')";
|
|
}
|
|
$db->setQuery($query);
|
|
$db->query();
|
|
}
|
|
}
|
|
$mainframe->redirect('index.php?option=com_k2&view=users', JText::_('K2_MOVE_COMPLETED'));
|
|
|
|
}
|
|
|
|
function import()
|
|
{
|
|
|
|
$mainframe = JFactory::getApplication();
|
|
$db = JFactory::getDBO();
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
$db->setQuery("SELECT id, title AS name FROM #__usergroups");
|
|
$usergroups = $db->loadObjectList();
|
|
$xml = new JXMLElement(JFile::read(JPATH_COMPONENT.DS.'models'.DS.'usergroup.xml'));
|
|
$permissions = class_exists('JParameter') ? new JParameter('') : new JRegistry('');
|
|
foreach ($xml->params as $paramGroup)
|
|
{
|
|
foreach ($paramGroup->param as $param)
|
|
{
|
|
$attribute = K2_JVERSION == '30' ? $param->attributes()->type : $param->getAttribute('type');
|
|
if ($attribute != 'spacer')
|
|
{
|
|
if (K2_JVERSION == '30')
|
|
{
|
|
$permissions->set((string)$param->attributes()->name, (string)$param->attributes()->default);
|
|
}
|
|
else
|
|
{
|
|
$permissions->set($param->getAttribute('name'), $param->getAttribute('default'));
|
|
}
|
|
|
|
}
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$acl = JFactory::getACL();
|
|
$frontEndGroups = $acl->_getBelow('#__core_acl_aro_groups', 'g1.id, g1.name, COUNT(g2.name) AS level', 'g1.name', false, 'Public Frontend', false);
|
|
$backEndGroups = $acl->_getBelow('#__core_acl_aro_groups', 'g1.id, g1.name, COUNT(g2.name) AS level', 'g1.name', false, 'Public Backend', false);
|
|
$usergroups = array_merge($frontEndGroups, $backEndGroups);
|
|
|
|
$xml = new JSimpleXML;
|
|
$xml->loadFile(JPATH_COMPONENT.DS.'models'.DS.'usergroup.xml');
|
|
$permissions = class_exists('JParameter') ? new JParameter('') : new JRegistry('');
|
|
foreach ($xml->document->params as $paramGroup)
|
|
{
|
|
foreach ($paramGroup->param as $param)
|
|
{
|
|
if ($param->attributes('type') != 'spacer')
|
|
{
|
|
$permissions->set($param->attributes('name'), $param->attributes('default'));
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$permissions->set('inheritance', 0);
|
|
$permissions->set('categories', 'all');
|
|
$permissions = $permissions->toString();
|
|
|
|
foreach ($usergroups as $usergroup)
|
|
{
|
|
$K2UserGroup = JTable::getInstance('K2UserGroup', 'Table');
|
|
$K2UserGroup->name = JString::trim($usergroup->name)." (Imported from Joomla!)";
|
|
$K2UserGroup->permissions = $permissions;
|
|
$K2UserGroup->store();
|
|
|
|
if (K2_JVERSION != '15')
|
|
{
|
|
$query = "SELECT * FROM #__users AS user JOIN #__user_usergroup_map AS map ON user.id = map.user_id
|
|
WHERE map.group_id = ".$usergroup->id;
|
|
}
|
|
else
|
|
{
|
|
$query = "SELECT * FROM #__users WHERE gid={$usergroup->id}";
|
|
}
|
|
|
|
$db->setQuery($query);
|
|
$users = $db->loadObjectList();
|
|
|
|
foreach ($users as $user)
|
|
{
|
|
|
|
$query = "SELECT COUNT(*) FROM #__k2_users WHERE userID={$user->id}";
|
|
$db->setQuery($query);
|
|
$result = $db->loadResult();
|
|
if (!$result)
|
|
{
|
|
$K2User = JTable::getInstance('K2User', 'Table');
|
|
$K2User->userID = $user->id;
|
|
$K2User->group = $K2UserGroup->id;
|
|
$K2User->store();
|
|
}
|
|
}
|
|
}
|
|
|
|
$mainframe->redirect('index.php?option=com_k2&view=users', JText::_('K2_IMPORT_COMPLETED'));
|
|
|
|
}
|
|
|
|
}
|