libraries/joomla/user/helper.php. Joomla helper
libraries/joomla/plugin/helper.php (Документация по Joomla 2.5.4)
Вернуться к записям по теме Joomla. <?php /** * @package Joomla.Platform * @subpackage User * * @copyright Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved. * @license GNU General Public License version 2 or later; see LICENSE */ defined('JPATH_PLATFORM') or die; /** * Authorisation helper class, provides static methods to perform various tasks relevant * to the Joomla user and authorisation classes * * This class has influences and some method logic from the Horde Auth package * * @package Joomla.Platform * @subpackage User * @since 11.1 */ abstract class JUserHelper { /** * Method to add a user to a group. * * @param integer $userId The id of the user. * @param integer $groupId The id of the group. * * @return mixed Boolean true on success, Exception on error. * * @since 11.1 */ public static function addUserToGroup($userId, $groupId) { // Get the user object. $user = new JUser((int) $userId); // Add the user to the group if necessary. if (!in_array($groupId, $user->groups)) { // Get the title of the group. $db = JFactory::getDbo(); $query = $db->getQuery(true); $query->select($db->quoteName('title')); $query->from($db->quoteName('#__usergroups')); $query->where($db->quoteName('id') . ' = ' . (int) $groupId); $db->setQuery($query); $title = $db->loadResult(); // Check for a database error. if ($db->getErrorNum()) { return new Exception($db->getErrorMsg()); } // If the group does not exist, return an exception. if (!$title) { return new Exception(JText::_('JLIB_USER_EXCEPTION_ACCESS_USERGROUP_INVALID')); } // Add the group data to the user object. $user->groups[$title] = $groupId; // Store the user object. if (!$user->save()) { return new Exception($user->getError()); } } // Set the group data for any preloaded user objects. $temp = JFactory::getUser((int) $userId); $temp->groups = $user->groups; // Set the group data for the user object in the session. $temp = JFactory::getUser(); if ($temp->id == $userId) { $temp->groups = $user->groups; } return true; } /** * Method to get a list of groups a user is in. * * @param integer $userId The id of the user. * * @return mixed Array on success, JException on error. * * @since 11.1 */ public static function getUserGroups($userId) { // Get the user object. $user = JUser::getInstance((int) $userId); return isset($user->groups) ? $user->groups : array(); } /** * Method to remove a user from a group. * * @param integer $userId The id of the user. * @param integer $groupId The id of the group. * * @return mixed Boolean true on success, JException on error. * * @since 11.1 */ public static function removeUserFromGroup($userId, $groupId) { // Get the user object. $user = JUser::getInstance((int) $userId); // Remove the user from the group if necessary. $key = array_search($groupId, $user->groups); if ($key !== false) { // Remove the user from the group. unset($user->groups[$key]); // Store the user object. if (!$user->save()) { return new JException($user->getError()); } } // Set the group data for any preloaded user objects. $temp = JFactory::getUser((int) $userId); $temp->groups = $user->groups; // Set the group data for the user object in the session. $temp = JFactory::getUser(); if ($temp->id == $userId) { $temp->groups = $user->groups; } return true; } /** * Method to set the groups for a user. * * @param integer $userId The id of the user. * @param array $groups An array of group ids to put the user in. * * @return mixed Boolean true on success, Exception on error. * * @since 11.1 */ public static function setUserGroups($userId, $groups) { // Get the user object. $user = JUser::getInstance((int) $userId); // Set the group ids. JArrayHelper::toInteger($groups); $user->groups = $groups; // Get the titles for the user groups. $db = JFactory::getDbo(); $query = $db->getQuery(true); $query->select($db->quoteName('id') . ', ' . $db->quoteName('title')); $query->from($db->quoteName('#__usergroups')); $query->where($db->quoteName('id') . ' = ' . implode(' OR ' . $db->quoteName('id') . ' = ', $user->groups)); $db->setQuery($query); $results = $db->loadObjectList(); // Check for a database error. if ($db->getErrorNum()) { return new Exception($db->getErrorMsg()); } // Set the titles for the user groups. for ($i = 0, $n = count($results); $i < $n; $i++) { $user->groups[$results[$i]->id] = $results[$i]->title; } // Store the user object. if (!$user->save()) { return new Exception($user->getError()); } // Set the group data for any preloaded user objects. $temp = JFactory::getUser((int) $userId); $temp->groups = $user->groups; // Set the group data for the user object in the session. $temp = JFactory::getUser(); if ($temp->id == $userId) { $temp->groups = $user->groups; } return true; } /** * Gets the user profile information * * @param integer $userId The id of the user. * * @return object * * @since 11.1 */ public function getProfile($userId = 0) { if ($userId == 0) { $user = JFactory::getUser(); $userId = $user->id; } // Get the dispatcher and load the user's plugins. $dispatcher = JDispatcher::getInstance(); JPluginHelper::importPlugin('user'); $data = new JObject; $data->id = $userId; // Trigger the data preparation event. $dispatcher->trigger('onContentPrepareData', array('com_users.profile', &$data)); return $data; } /** * Method to activate a user * * @param string $activation Activation string * * @return boolean True on success * * @since 11.1 */ public static function activateUser($activation) { // Initialize some variables. $db = JFactory::getDbo(); $query = $db->getQuery(true); // Let's get the id of the user we want to activate $query->select($db->quoteName('id')); $query->from($db->quoteName('#__users')); $query->where($db->quoteName('activation') . ' = ' . $db->quote($activation)); $query->where($db->quoteName('block') . ' = 1'); $query->where($db->quoteName('lastvisitDate') . ' = ' . $db->quote('0000-00-00 00:00:00')); $db->setQuery($query); $id = intval($db->loadResult()); // Is it a valid user to activate? if ($id) { $user = JUser::getInstance((int) $id); $user->set('block', '0'); $user->set('activation', ''); // Time to take care of business.... store the user. if (!$user->save()) { JError::raiseWarning("SOME_ERROR_CODE", $user->getError()); return false; } } else { JError::raiseWarning("SOME_ERROR_CODE", JText::_('JLIB_USER_ERROR_UNABLE_TO_FIND_USER')); return false; } return true; } /** * Returns userid if a user exists * * @param string $username The username to search on. * * @return integer The user id or 0 if not found. * * @since 11.1 */ public static function getUserId($username) { // Initialise some variables $db = JFactory::getDbo(); $query = $db->getQuery(true); $query->select($db->quoteName('id')); $query->from($db->quoteName('#__users')); $query->where($db->quoteName('username') . ' = ' . $db->quote($username)); $db->setQuery($query, 0, 1); return $db->loadResult(); } /** * Formats a password using the current encryption. * * @param string $plaintext The plaintext password to encrypt. * @param string $salt The salt to use to encrypt the password. [] * If not present, a new salt will be * generated. * @param string $encryption The kind of password encryption to use. * Defaults to md5-hex. * @param boolean $show_encrypt Some password systems prepend the kind of * encryption to the crypted password ({SHA}, * etc). Defaults to false. * * @return string The encrypted password. * * @since 11.1 */ public static function getCryptedPassword($plaintext, $salt = '', $encryption = 'md5-hex', $show_encrypt = false) { // Get the salt to use. $salt = JUserHelper::getSalt($encryption, $salt, $plaintext); // Encrypt the password. switch ($encryption) { case 'plain': return $plaintext; case 'sha': $encrypted = base64_encode(mhash(MHASH_SHA1, $plaintext)); return ($show_encrypt) ? '{SHA}' . $encrypted : $encrypted; case 'crypt': case 'crypt-des': case 'crypt-md5': case 'crypt-blowfish': return ($show_encrypt ? '{crypt}' : '') . crypt($plaintext, $salt); case 'md5-base64': $encrypted = base64_encode(mhash(MHASH_MD5, $plaintext)); return ($show_encrypt) ? '{MD5}' . $encrypted : $encrypted; case 'ssha': $encrypted = base64_encode(mhash(MHASH_SHA1, $plaintext . $salt) . $salt); return ($show_encrypt) ? '{SSHA}' . $encrypted : $encrypted; case 'smd5': $encrypted = base64_encode(mhash(MHASH_MD5, $plaintext . $salt) . $salt); return ($show_encrypt) ? '{SMD5}' . $encrypted : $encrypted; case 'aprmd5': $length = strlen($plaintext); $context = $plaintext . '$apr1$' . $salt; $binary = JUserHelper::_bin(md5($plaintext . $salt . $plaintext)); for ($i = $length; $i > 0; $i -= 16) { $context .= substr($binary, 0, ($i > 16 ? 16 : $i)); } for ($i = $length; $i > 0; $i >>= 1) { $context .= ($i & 1) ? chr(0) : $plaintext[0]; } $binary = JUserHelper::_bin(md5($context)); for ($i = 0; $i < 1000; $i++) { $new = ($i & 1) ? $plaintext : substr($binary, 0, 16); if ($i % 3) { $new .= $salt; } if ($i % 7) { $new .= $plaintext; } $new .= ($i & 1) ? substr($binary, 0, 16) : $plaintext; $binary = JUserHelper::_bin(md5($new)); } $p = array(); for ($i = 0; $i < 5; $i++) { $k = $i + 6; $j = $i + 12; if ($j == 16) { $j = 5; } $p[] = JUserHelper::_toAPRMD5((ord($binary[$i]) << 16) | (ord($binary[$k]) << 8) | (ord($binary[$j])), 5); } return '$apr1$' . $salt . '$' . implode('', $p) . JUserHelper::_toAPRMD5(ord($binary[11]), 3); case 'md5-hex': default: $encrypted = ($salt) ? md5($plaintext . $salt) : md5($plaintext); return ($show_encrypt) ? '{MD5}' . $encrypted : $encrypted; } } /** * Returns a salt for the appropriate kind of password encryption. * Optionally takes a seed and a plaintext password, to extract the seed * of an existing password, or for encryption types that use the plaintext * in the generation of the salt. * * @param string $encryption The kind of password encryption to use. * Defaults to md5-hex. * @param string $seed The seed to get the salt from (probably a * previously generated password). Defaults to * generating a new seed. * @param string $plaintext The plaintext password that we're generating * a salt for. Defaults to none. * * @return string The generated or extracted salt. * * @since 11.1 */ public static function getSalt($encryption = 'md5-hex', $seed = '', $plaintext = '') { // Encrypt the password. switch ($encryption) { case 'crypt': case 'crypt-des': if ($seed) { return substr(preg_replace('|^{crypt}|i', '', $seed), 0, 2); } else { return substr(md5(mt_rand()), 0, 2); } break; case 'crypt-md5': if ($seed) { return substr(preg_replace('|^{crypt}|i', '', $seed), 0, 12); } else { return '$1$' . substr(md5(mt_rand()), 0, 8) . '$'; } break; case 'crypt-blowfish': if ($seed) { return substr(preg_replace('|^{crypt}|i', '', $seed), 0, 16); } else { return '$2$' . substr(md5(mt_rand()), 0, 12) . '$'; } break; case 'ssha': if ($seed) { return substr(preg_replace('|^{SSHA}|', '', $seed), -20); } else { return mhash_keygen_s2k(MHASH_SHA1, $plaintext, substr(pack('h*', md5(mt_rand())), 0, 8), 4); } break; case 'smd5': if ($seed) { return substr(preg_replace('|^{SMD5}|', '', $seed), -16); } else { return mhash_keygen_s2k(MHASH_MD5, $plaintext, substr(pack('h*', md5(mt_rand())), 0, 8), 4); } break; case 'aprmd5': /* 64 characters that are valid for APRMD5 passwords. */ $APRMD5 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; if ($seed) { return substr(preg_replace('/^\$apr1\$(.{8}).*/', '\\1', $seed), 0, 8); } else { $salt = ''; for ($i = 0; $i < 8; $i++) { $salt .= $APRMD5{rand(0, 63)}; } return $salt; } break; default: $salt = ''; if ($seed) { $salt = $seed; } return $salt; break; } } /** * Generate a random password * * @param integer $length Length of the password to generate * * @return string Random Password * * @since 11.1 */ public static function genRandomPassword($length = 8) { $salt = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $base = strlen($salt); $makepass = ''; /* * Start with a cryptographic strength random string, then convert it to * a string with the numeric base of the salt. * Shift the base conversion on each character so the character * distribution is even, and randomize the start shift so it's not * predictable. */ $random = JCrypt::genRandomBytes($length + 1); $shift = ord($random[0]); for ($i = 1; $i <= $length; ++$i) { $makepass .= $salt[($shift + ord($random[$i])) % $base]; $shift += ord($random[$i]); } return $makepass; } /** * Converts to allowed 64 characters for APRMD5 passwords. * * @param string $value The value to convert. * @param integer $count The number of characters to convert. * * @return string $value converted to the 64 MD5 characters. * * @since 11.1 */ protected static function _toAPRMD5($value, $count) { /* 64 characters that are valid for APRMD5 passwords. */ $APRMD5 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; $aprmd5 = ''; $count = abs($count); while (--$count) { $aprmd5 .= $APRMD5[$value & 0x3f]; $value >>= 6; } return $aprmd5; } /** * Converts hexadecimal string to binary data. * * @param string $hex Hex data. * * @return string Binary data. * * @since 11.1 */ private static function _bin($hex) { $bin = ''; $length = strlen($hex); for ($i = 0; $i < $length; $i += 2) { $tmp = sscanf(substr($hex, $i, 2), '%x'); $bin .= chr(array_shift($tmp)); } return $bin; } } Вернуться к записям по теме Joomla. |
ya.samposebe.ru
libraries/joomla/mail/helper.php *Документация по Joomla 3.0.2
Вернуться к записям по теме Joomla. <?php /** * @package Joomla.Platform * @subpackage Mail * * @copyright Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved. * @license GNU General Public License version 2 or later; see LICENSE */ defined('JPATH_PLATFORM') or die; /** * Email helper class, provides static methods to perform various tasks relevant * to the Joomla email routines. * * TODO: Test these methods as the regex work is first run and not tested thoroughly * * @package Joomla.Platform * @subpackage Mail * @since 11.1 */ abstract class JMailHelper { /** * Cleans single line inputs. * * @param string $value String to be cleaned. * * @return string Cleaned string. * * @since 11.1 */ public static function cleanLine($value) { return trim(preg_replace('/(%0A|%0D|\n+|\r+)/i', '', $value)); } /** * Cleans multi-line inputs. * * @param string $value Multi-line string to be cleaned. * * @return string Cleaned multi-line string. * * @since 11.1 */ public static function cleanText($value) { return trim(preg_replace('/(%0A|%0D|\n+|\r+)(content-type:|to:|cc:|bcc:)/i', '', $value)); } /** * Cleans any injected headers from the email body. * * @param string $body email body string. * * @return string Cleaned email body string. * * @since 11.1 */ public static function cleanBody($body) { // Strip all email headers from a string return preg_replace("/((From:|To:|Cc:|Bcc:|Subject:|Content-type:) ([\S]+))/", "", $body); } /** * Cleans any injected headers from the subject string. * * @param string $subject email subject string. * * @return string Cleaned email subject string. * * @since 11.1 */ public static function cleanSubject($subject) { return preg_replace("/((From:|To:|Cc:|Bcc:|Content-type:) ([\S]+))/", "", $subject); } /** * Verifies that an email address does not have any extra headers injected into it. * * @param string $address email address. * * @return mixed email address string or boolean false if injected headers are present. * * @since 11.1 */ public static function cleanAddress($address) { if (preg_match("[\s;,]", $address)) { return false; } return $address; } /** * Verifies that the string is in a proper email address format. * * @param string $email String to be verified. * * @return boolean True if string has the correct format; false otherwise. * * @since 11.1 */ public static function isEmailAddress($email) { // Split the email into a local and domain $atIndex = strrpos($email, "@"); $domain = substr($email, $atIndex + 1); $local = substr($email, 0, $atIndex); // Check Length of domain $domainLen = strlen($domain); if ($domainLen < 1 || $domainLen > 255) { return false; } /* * Check the local address * We're a bit more conservative about what constitutes a "legal" address, that is, A-Za-z0-9!#$%&\'*+/=?^_`{|}~- * Also, the last character in local cannot be a period ('.') */ $allowed = 'A-Za-z0-9!#&*+=?_-'; $regex = "/^[$allowed][\.$allowed]{0,63}$/"; if (!preg_match($regex, $local) || substr($local, -1) == '.') { return false; } // No problem if the domain looks like an IP address, ish $regex = '/^[0-9\.]+$/'; if (preg_match($regex, $domain)) { return true; } // Check Lengths $localLen = strlen($local); if ($localLen < 1 || $localLen > 64) { return false; } // Check the domain $domain_array = explode(".", rtrim($domain, '.')); $regex = '/^[A-Za-z0-9-]{0,63}$/'; foreach ($domain_array as $domain) { // Must be something if (!$domain) { return false; } // Check for invalid characters if (!preg_match($regex, $domain)) { return false; } // Check for a dash at the beginning of the domain if (strpos($domain, '-') === 0) { return false; } // Check for a dash at the end of the domain $length = strlen($domain) - 1; if (strpos($domain, '-', $length) === $length) { return false; } } return true; } } Вернуться к записям по теме Joomla.ya.samposebe.ru