Current File : /home/admin/public_html/old/happy2/administrator/components/com_users/controllers/user.php
<?php
/**
* @package Joomla.Administrator
* @subpackage com_users
*
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
// No direct access.
defined('_JEXEC') or die;
jimport('joomla.application.component.controllerform');
/**
* User controller class.
*
* @package Joomla.Administrator
* @subpackage com_users
* @since 1.6
*/
class UsersControllerUser extends JControllerForm
{
/**
* @var string The prefix to use with controller messages.
* @since 1.6
*/
protected $text_prefix = 'COM_USERS_USER';
/**
* Overrides JControllerForm::allowEdit
*
* Checks that non-Super Admins are not editing Super Admins.
*
* @param array $data An array of input data.
* @param string $key The name of the key for the primary key.
*
* @return boolean True if allowed, false otherwise.
*
* @since 1.6
*/
protected function allowEdit($data = array(), $key = 'id')
{
// Check if this person is a Super Admin
if (JAccess::check($data[$key], 'core.admin'))
{
// If I'm not a Super Admin, then disallow the edit.
if (!JFactory::getUser()->authorise('core.admin'))
{
return false;
}
}
return parent::allowEdit($data, $key);
}
/**
* Method to run batch operations.
*
* @param object $model The model.
*
* @return boolean True on success, false on failure
*
* @since 2.5
*/
public function batch($model = null)
{
JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN'));
// Set the model
$model = $this->getModel('User', '', array());
// Preset the redirect
$this->setRedirect(JRoute::_('index.php?option=com_users&view=users' . $this->getRedirectToListAppend(), false));
return parent::batch($model);
}
/**
* Overrides parent save method to check the submitted passwords match.
*
* @param string $key The name of the primary key of the URL variable.
* @param string $urlVar The name of the URL variable if different from the primary key (sometimes required to avoid router collisions).
*
* @return boolean True if successful, false otherwise.
*
* @since 1.6
*/
public function save($key = null, $urlVar = null)
{
$data = JRequest::getVar('jform', array(), 'post', 'array');
// TODO: JForm should really have a validation handler for this.
if (isset($data['password']) && isset($data['password2']))
{
// Check the passwords match.
if ($data['password'] != $data['password2'])
{
$this->setMessage(JText::_('JLIB_USER_ERROR_PASSWORD_NOT_MATCH'), 'warning');
$this->setRedirect(JRoute::_('index.php?option=com_users&view=user&layout=edit', false));
}
unset($data['password2']);
}
return parent::save();
}
}