| [ Index ] |
PHP Cross Reference of Joomla 4.2.2 documentation |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * @package Joomla.Plugin 5 * @subpackage System.remember 6 * 7 * @copyright (C) 2007 Open Source Matters, Inc. <https://www.joomla.org> 8 * @license GNU General Public License version 2 or later; see LICENSE.txt 9 10 * @phpcs:disable PSR1.Classes.ClassDeclaration.MissingNamespace 11 */ 12 13 use Joomla\CMS\Log\Log; 14 use Joomla\CMS\Plugin\CMSPlugin; 15 use Joomla\CMS\Plugin\PluginHelper; 16 use Joomla\CMS\User\UserHelper; 17 18 // phpcs:disable PSR1.Files.SideEffects 19 \defined('_JEXEC') or die; 20 // phpcs:enable PSR1.Files.SideEffects 21 22 /** 23 * Joomla! System Remember Me Plugin 24 * 25 * @since 1.5 26 */ 27 28 class PlgSystemRemember extends CMSPlugin 29 { 30 /** 31 * @var \Joomla\CMS\Application\CMSApplication 32 * 33 * @since 3.2 34 */ 35 protected $app; 36 37 /** 38 * @var \Joomla\Database\DatabaseDriver 39 * 40 * @since 4.0.0 41 */ 42 protected $db; 43 44 /** 45 * Remember me method to run onAfterInitialise 46 * Only purpose is to initialise the login authentication process if a cookie is present 47 * 48 * @return void 49 * 50 * @since 1.5 51 * 52 * @throws InvalidArgumentException 53 */ 54 public function onAfterInitialise() 55 { 56 // No remember me for admin. 57 if ($this->app->isClient('administrator')) { 58 return; 59 } 60 61 // Check for a cookie if user is not logged in 62 if ($this->app->getIdentity()->get('guest')) { 63 $cookieName = 'joomla_remember_me_' . UserHelper::getShortHashedUserAgent(); 64 65 // Check for the cookie 66 if ($this->app->input->cookie->get($cookieName)) { 67 $this->app->login(['username' => ''], ['silent' => true]); 68 } 69 } 70 } 71 72 /** 73 * Imports the authentication plugin on user logout to make sure that the cookie is destroyed. 74 * 75 * @param array $user Holds the user data. 76 * @param array $options Array holding options (remember, autoregister, group). 77 * 78 * @return boolean 79 */ 80 public function onUserLogout($user, $options) 81 { 82 // No remember me for admin 83 if ($this->app->isClient('administrator')) { 84 return true; 85 } 86 87 $cookieName = 'joomla_remember_me_' . UserHelper::getShortHashedUserAgent(); 88 89 // Check for the cookie 90 if ($this->app->input->cookie->get($cookieName)) { 91 // Make sure authentication group is loaded to process onUserAfterLogout event 92 PluginHelper::importPlugin('authentication'); 93 } 94 95 return true; 96 } 97 98 /** 99 * Method is called before user data is stored in the database 100 * Invalidate all existing remember-me cookies after a password change 101 * 102 * @param array $user Holds the old user data. 103 * @param boolean $isnew True if a new user is stored. 104 * @param array $data Holds the new user data. 105 * 106 * @return boolean 107 * 108 * @since 3.8.6 109 */ 110 public function onUserBeforeSave($user, $isnew, $data) 111 { 112 // Irrelevant on new users 113 if ($isnew) { 114 return true; 115 } 116 117 // Irrelevant, because password was not changed by user 118 if (empty($data['password_clear'])) { 119 return true; 120 } 121 122 // But now, we need to do something - Delete all tokens for this user! 123 $db = $this->db; 124 $query = $db->getQuery(true) 125 ->delete($db->quoteName('#__user_keys')) 126 ->where($db->quoteName('user_id') . ' = :userid') 127 ->bind(':userid', $user['username']); 128 129 try { 130 $db->setQuery($query)->execute(); 131 } catch (RuntimeException $e) { 132 // Log an alert for the site admin 133 Log::add( 134 sprintf('Failed to delete cookie token for user %s with the following error: %s', $user['username'], $e->getMessage()), 135 Log::WARNING, 136 'security' 137 ); 138 } 139 140 return true; 141 } 142 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Sep 7 05:41:13 2022 | Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer |