[ Index ] |
PHP Cross Reference of Joomla 4.2.2 documentation |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * @package Joomla.Site 5 * @subpackage com_privacy 6 * 7 * @copyright (C) 2018 Open Source Matters, Inc. <https://www.joomla.org> 8 * @license GNU General Public License version 2 or later; see LICENSE.txt 9 */ 10 11 namespace Joomla\Component\Privacy\Site\Model; 12 13 use Joomla\CMS\Date\Date; 14 use Joomla\CMS\Factory; 15 use Joomla\CMS\Form\Form; 16 use Joomla\CMS\Language\Text; 17 use Joomla\CMS\MVC\Model\AdminModel; 18 use Joomla\CMS\Table\Table; 19 use Joomla\CMS\User\UserHelper; 20 use Joomla\Component\Actionlogs\Administrator\Model\ActionlogModel; 21 use Joomla\Component\Messages\Administrator\Model\MessageModel; 22 use Joomla\Component\Privacy\Administrator\Table\RequestTable; 23 use Joomla\Database\Exception\ExecutionFailureException; 24 25 // phpcs:disable PSR1.Files.SideEffects 26 \defined('_JEXEC') or die; 27 // phpcs:enable PSR1.Files.SideEffects 28 29 /** 30 * Request confirmation model class. 31 * 32 * @since 3.9.0 33 */ 34 class ConfirmModel extends AdminModel 35 { 36 /** 37 * Confirms the information request. 38 * 39 * @param array $data The data expected for the form. 40 * 41 * @return mixed Exception | boolean 42 * 43 * @since 3.9.0 44 */ 45 public function confirmRequest($data) 46 { 47 // Get the form. 48 $form = $this->getForm(); 49 50 // Check for an error. 51 if ($form instanceof \Exception) { 52 return $form; 53 } 54 55 // Filter and validate the form data. 56 $data = $form->filter($data); 57 $return = $form->validate($data); 58 59 // Check for an error. 60 if ($return instanceof \Exception) { 61 return $return; 62 } 63 64 // Check the validation results. 65 if ($return === false) { 66 // Get the validation messages from the form. 67 foreach ($form->getErrors() as $formError) { 68 $this->setError($formError->getMessage()); 69 } 70 71 return false; 72 } 73 74 // Get the user email address 75 $email = Factory::getUser()->email; 76 77 // Search for the information request 78 /** @var RequestTable $table */ 79 $table = $this->getTable(); 80 81 if (!$table->load(['email' => $email, 'status' => 0])) { 82 $this->setError(Text::_('COM_PRIVACY_ERROR_NO_PENDING_REQUESTS')); 83 84 return false; 85 } 86 87 // A request can only be confirmed if it is in a pending status and has a confirmation token 88 if ($table->status != '0' || !$table->confirm_token || $table->confirm_token_created_at === null) { 89 $this->setError(Text::_('COM_PRIVACY_ERROR_NO_PENDING_REQUESTS')); 90 91 return false; 92 } 93 94 // A request can only be confirmed if the token is less than 24 hours old 95 $confirmTokenCreatedAt = new Date($table->confirm_token_created_at); 96 $confirmTokenCreatedAt->add(new \DateInterval('P1D')); 97 98 $now = new Date('now'); 99 100 if ($now > $confirmTokenCreatedAt) { 101 // Invalidate the request 102 $table->status = -1; 103 $table->confirm_token = ''; 104 $table->confirm_token_created_at = null; 105 106 try { 107 $table->store(); 108 } catch (ExecutionFailureException $exception) { 109 // The error will be logged in the database API, we just need to catch it here to not let things fatal out 110 } 111 112 $this->setError(Text::_('COM_PRIVACY_ERROR_CONFIRM_TOKEN_EXPIRED')); 113 114 return false; 115 } 116 117 // Verify the token 118 if (!UserHelper::verifyPassword($data['confirm_token'], $table->confirm_token)) { 119 $this->setError(Text::_('COM_PRIVACY_ERROR_NO_PENDING_REQUESTS')); 120 121 return false; 122 } 123 124 // Everything is good to go, transition the request to confirmed 125 $saved = $this->save( 126 [ 127 'id' => $table->id, 128 'status' => 1, 129 'confirm_token' => '', 130 ] 131 ); 132 133 if (!$saved) { 134 // Error was set by the save method 135 return false; 136 } 137 138 // Push a notification to the site's super users, deliberately ignoring if this process fails so the below message goes out 139 /** @var MessageModel $messageModel */ 140 $messageModel = Factory::getApplication()->bootComponent('com_messages')->getMVCFactory()->createModel('Message', 'Administrator'); 141 142 $messageModel->notifySuperUsers( 143 Text::_('COM_PRIVACY_ADMIN_NOTIFICATION_USER_CONFIRMED_REQUEST_SUBJECT'), 144 Text::sprintf('COM_PRIVACY_ADMIN_NOTIFICATION_USER_CONFIRMED_REQUEST_MESSAGE', $table->email) 145 ); 146 147 $message = [ 148 'action' => 'request-confirmed', 149 'subjectemail' => $table->email, 150 'id' => $table->id, 151 'itemlink' => 'index.php?option=com_privacy&view=request&id=' . $table->id, 152 ]; 153 154 $this->getActionlogModel()->addLog([$message], 'COM_PRIVACY_ACTION_LOG_CONFIRMED_REQUEST', 'com_privacy.request'); 155 156 return true; 157 } 158 159 /** 160 * Method for getting the form from the model. 161 * 162 * @param array $data Data for the form. 163 * @param boolean $loadData True if the form is to load its own data (default case), false if not. 164 * 165 * @return Form|boolean A Form object on success, false on failure 166 * 167 * @since 3.9.0 168 */ 169 public function getForm($data = [], $loadData = true) 170 { 171 // Get the form. 172 $form = $this->loadForm('com_privacy.confirm', 'confirm', ['control' => 'jform']); 173 174 if (empty($form)) { 175 return false; 176 } 177 178 $input = Factory::getApplication()->input; 179 180 if ($input->getMethod() === 'GET') { 181 $form->setValue('confirm_token', '', $input->get->getAlnum('confirm_token')); 182 } 183 184 return $form; 185 } 186 187 /** 188 * Method to get a table object, load it if necessary. 189 * 190 * @param string $name The table name. Optional. 191 * @param string $prefix The class prefix. Optional. 192 * @param array $options Configuration array for model. Optional. 193 * 194 * @return Table A Table object 195 * 196 * @since 3.9.0 197 * @throws \Exception 198 */ 199 public function getTable($name = 'Request', $prefix = 'Administrator', $options = []) 200 { 201 return parent::getTable($name, $prefix, $options); 202 } 203 204 /** 205 * Method to auto-populate the model state. 206 * 207 * Note. Calling getState in this method will result in recursion. 208 * 209 * @return void 210 * 211 * @since 3.9.0 212 */ 213 protected function populateState() 214 { 215 // Get the application object. 216 $params = Factory::getApplication()->getParams('com_privacy'); 217 218 // Load the parameters. 219 $this->setState('params', $params); 220 } 221 222 /** 223 * Method to fetch an instance of the action log model. 224 * 225 * @return ActionlogModel 226 * 227 * @since 4.0.0 228 */ 229 private function getActionlogModel(): ActionlogModel 230 { 231 return Factory::getApplication()->bootComponent('com_actionlogs') 232 ->getMVCFactory()->createModel('Actionlog', 'Administrator', ['ignore_request' => true]); 233 } 234 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Sep 7 05:41:13 2022 | Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer |