components/com_user/user.php-Dateireferenz
gehe zum Quellcode dieser Datei
Namensbereiche | |
| namespace | Joomla |
Funktionen | |
| CheckIn ($userid, $access, $option) | |
| userEdit ($option, $uid, $submitvalue) | |
| userSave ($option, $uid) | |
Variablen | |
| $access = new stdClass() | |
| case | $option |
| case | __pad0__ |
| case | __pad1__ |
| case | __pad2__ |
| default | __pad3__ |
| break | |
| $access | canEdit = $acl->acl_check( 'action', 'edit', 'users', $my->usertype, 'content', 'all' ) |
| $access | canEditOwn = $acl->acl_check( 'action', 'edit', 'users', $my->usertype, 'content', 'own' ) |
Dokumentation der Funktionen
| CheckIn | ( | $ | userid, | |
| $ | access, | |||
| $ | option | |||
| ) |
Definiert in Zeile 175 der Datei user.php.
Benutzt $access, $database, $editor, $i, $k, $link, $mosConfig_db, $nullDate, $num, $query, $res, canEdit, canEditOwn und mosNotAuth().
00175 { 00176 global $database; 00177 global $mosConfig_db; 00178 00179 $nullDate = $database->getNullDate(); 00180 if (!($access->canEdit || $access->canEditOwn || $userid > 0)) { 00181 mosNotAuth(); 00182 return; 00183 } 00184 00185 // security check to see if link exists in a menu 00186 $link = 'index.php?option=com_user&task=CheckIn'; 00187 $query = "SELECT id" 00188 . "\n FROM #__menu" 00189 . "\n WHERE link LIKE '%$link%'" 00190 . "\n AND published = 1" 00191 ; 00192 $database->setQuery( $query ); 00193 $exists = $database->loadResult(); 00194 if ( !$exists ) { 00195 mosNotAuth(); 00196 return; 00197 } 00198 00199 $lt = mysql_list_tables($mosConfig_db); 00200 $k = 0; 00201 echo "<table cellpadding=\"0\" cellspacing=\"0\" border=\"0\">"; 00202 while (list($tn) = mysql_fetch_array($lt)) { 00203 // only check in the jos_* tables 00204 if (strpos( $tn, $database->_table_prefix ) !== 0) { 00205 continue; 00206 } 00207 $lf = mysql_list_fields($mosConfig_db, "$tn"); 00208 $nf = mysql_num_fields($lf); 00209 00210 $checked_out = false; 00211 $editor = false; 00212 00213 for ($i = 0; $i < $nf; $i++) { 00214 $fname = mysql_field_name($lf, $i); 00215 if ( $fname == "checked_out") { 00216 $checked_out = true; 00217 } else if ( $fname == "editor") { 00218 $editor = true; 00219 } 00220 } 00221 00222 if ($checked_out) { 00223 if ($editor) { 00224 $query = "SELECT checked_out, editor" 00225 . "\n FROM `$tn`" 00226 . "\n WHERE checked_out > 0" 00227 . "\n AND checked_out = " . (int) $userid 00228 ; 00229 $database->setQuery( $query ); 00230 } else { 00231 $query = "SELECT checked_out" 00232 . "\n FROM `$tn`" 00233 . "\n WHERE checked_out > 0" 00234 . "\n AND checked_out = " . (int) $userid 00235 ; 00236 $database->setQuery( $query ); 00237 } 00238 $res = $database->query(); 00239 $num = $database->getNumRows( $res ); 00240 00241 if ($editor) { 00242 $query = "UPDATE `$tn`" 00243 . "\n SET checked_out = 0, checked_out_time = " . $database->Quote( $nullDate ) . ", editor = NULL" 00244 . "\n WHERE checked_out > 0" 00245 . "\n AND checked_out = " . (int) $userid 00246 ; 00247 $database->setQuery( $query ); 00248 } else { 00249 $query = "UPDATE `$tn`" 00250 . "\n SET checked_out = 0, checked_out_time = " . $database->Quote( $nullDate ) 00251 . "\n WHERE checked_out > 0" 00252 . "\n AND checked_out = " . (int) $userid 00253 ; 00254 $database->setQuery( $query ); 00255 } 00256 $res = $database->query(); 00257 00258 if ($res == 1) { 00259 00260 if ($num > 0) { 00261 echo "\n<tr class=\"row$k\">"; 00262 echo "\n <td width=\"250\">"; 00263 echo _CHECK_TABLE; 00264 echo " - $tn</td>"; 00265 echo "\n <td>"; 00266 echo _CHECKED_IN; 00267 echo "<b>$num</b>"; 00268 echo _CHECKED_IN_ITEMS; 00269 echo "</td>"; 00270 echo "\n</tr>"; 00271 } 00272 $k = 1 - $k; 00273 } 00274 } 00275 } 00276 ?> 00277 <tr> 00278 <td colspan="2"> 00279 <b><?php echo _CONF_CHECKED_IN; ?></b> 00280 </td> 00281 </tr> 00282 </table> 00283 <?php 00284 }
Hier ist ein Graph der zeigt, was diese Funktion aufruft:
| userEdit | ( | $ | option, | |
| $ | uid, | |||
| $ | submitvalue | |||
| ) |
Definiert in Zeile 52 der Datei user.php.
Benutzt $database, $link, $mainframe, $mosConfig_absolute_path, $option, $params, $query, $row, mosNotAuth(), HTML_user::userEdit() und username.
00052 { 00053 global $database, $mainframe; 00054 global $mosConfig_absolute_path; 00055 00056 // security check to see if link exists in a menu 00057 $link = 'index.php?option=com_user&task=UserDetails'; 00058 $query = "SELECT id" 00059 . "\n FROM #__menu" 00060 . "\n WHERE link LIKE '%$link%'" 00061 . "\n AND published = 1" 00062 ; 00063 $database->setQuery( $query ); 00064 $exists = $database->loadResult(); 00065 if ( !$exists ) { 00066 mosNotAuth(); 00067 return; 00068 } 00069 00070 require_once( $mosConfig_absolute_path .'/administrator/components/com_users/users.class.php' ); 00071 00072 if ($uid == 0) { 00073 mosNotAuth(); 00074 return; 00075 } 00076 $row = new mosUser( $database ); 00077 $row->load( (int)$uid ); 00078 $row->orig_password = $row->password; 00079 00080 $row->name = trim( $row->name ); 00081 $row->email = trim( $row->email ); 00082 $row->username = trim( $row->username ); 00083 00084 $file = $mainframe->getPath( 'com_xml', 'com_users' ); 00085 $params =& new mosUserParameters( $row->params, $file, 'component' ); 00086 00087 HTML_user::userEdit( $row, $option, $submitvalue, $params ); 00088 }
Hier ist ein Graph der zeigt, was diese Funktion aufruft:
| userSave | ( | $ | option, | |
| $ | uid | |||
| ) |
Definiert in Zeile 90 der Datei user.php.
Benutzt $database, $k, $my, $params, $query, $row, josSpoofCheck(), mosGetParam(), mosMakeHtmlSafe(), mosMakePassword(), mosNotAuth(), mosRedirect(), NULL und username.
00090 { 00091 global $database, $my, $mosConfig_frontend_userparams; 00092 00093 $user_id = intval( mosGetParam( $_POST, 'id', 0 )); 00094 00095 // do some security checks 00096 if ($uid == 0 || $user_id == 0 || $user_id != $uid) { 00097 mosNotAuth(); 00098 return; 00099 } 00100 00101 // simple spoof check security 00102 josSpoofCheck(); 00103 00104 $row = new mosUser( $database ); 00105 $row->load( (int)$user_id ); 00106 00107 $orig_password = $row->password; 00108 $orig_username = $row->username; 00109 00110 if (!$row->bind( $_POST, 'gid usertype' )) { 00111 echo "<script> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; 00112 exit(); 00113 } 00114 00115 $row->name = trim($row->name); 00116 $row->email = trim($row->email); 00117 $row->username = trim($row->username); 00118 00119 mosMakeHtmlSafe($row); 00120 00121 if (isset($_POST['password']) && $_POST['password'] != '') { 00122 if (isset($_POST['verifyPass']) && ($_POST['verifyPass'] == $_POST['password'])) { 00123 $row->password = trim($row->password); 00124 $salt = mosMakePassword(16); 00125 $crypt = md5($row->password.$salt); 00126 $row->password = $crypt.':'.$salt; 00127 } else { 00128 echo "<script> alert(\"".addslashes( _PASS_MATCH )."\"); window.history.go(-1); </script>\n"; 00129 exit(); 00130 } 00131 } else { 00132 // Restore 'original password' 00133 $row->password = $orig_password; 00134 } 00135 00136 if ($mosConfig_frontend_userparams == '1' || $mosConfig_frontend_userparams == 1 || $mosConfig_frontend_userparams == NULL) { 00137 // save params 00138 $params = mosGetParam( $_POST, 'params', '' ); 00139 if (is_array( $params )) { 00140 $txt = array(); 00141 foreach ( $params as $k=>$v) { 00142 $txt[] = "$k=$v"; 00143 } 00144 $row->params = implode( "\n", $txt ); 00145 } 00146 } 00147 00148 if (!$row->check()) { 00149 echo "<script> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; 00150 exit(); 00151 } 00152 00153 if (!$row->store()) { 00154 echo "<script> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; 00155 exit(); 00156 } 00157 00158 // check if username has been changed 00159 if ( $orig_username != $row->username ) { 00160 // change username value in session table 00161 $query = "UPDATE #__session" 00162 . "\n SET username = " . $database->Quote($row->username) 00163 . "\n WHERE username = " . $database->Quote( $orig_username ) 00164 . "\n AND userid = " . (int) $my->id 00165 . "\n AND gid = " . (int) $my->gid 00166 . "\n AND guest = 0" 00167 ; 00168 $database->setQuery( $query ); 00169 $database->query(); 00170 } 00171 00172 mosRedirect( 'index.php', _USER_DETAILS_SAVE ); 00173 }
Hier ist ein Graph der zeigt, was diese Funktion aufruft:
Variablen-Dokumentation
| $access canEditOwn = $acl->acl_check( 'action', 'edit', 'users', $my->usertype, 'content', 'own' ) |