Source code for file /joomla/user/user.php
Documentation is available at user.php
* @version $Id: user.php 6760 2007-03-03 02:50:10Z Jinx $
* @package Joomla.Framework
* @copyright Copyright (C) 2005 - 2007 Open Source Matters. All rights reserved.
* @license GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant to the
* GNU General Public License, and as distributed it includes or is derivative
* of works licensed under the GNU General Public License or other free or open
* source software licenses. See COPYRIGHT.php for copyright notices and
// Check to ensure this file is within the rest of the framework
jimport( 'joomla.html.parameter' );
* User class. Handles all application interaction with a user
* @package Joomla.Framework
* The users real name (or nickname)
* @var string activation hash
* Clear password, only available when a new password is set for a user
* Constructor activating the default information of the language
// Create the user parameters object
// Load the user if it exists
if (!empty($identifier)) {
$this->load($identifier);
* Returns a reference to the global User object, only creating it if it
* This method must be invoked as:
* <pre> $user =& JUser::getInstance($id);</pre>
* @param int $id The user to load - Can be an integer or string - If string, it is converted to ID automatically.
* @return JUser The User object.
if (!isset
($instances)) {
if (empty($instances[$id])) {
* Method to get a parameter value
* @param string $key Parameter key
* @param mixed $default Parameter default value
* @return mixed The value or the default if it did not exist
function getParam( $key, $default =
null )
return $this->_params->get( $key, $default );
* Method to set a parameter
* @param string $key Parameter key
* @param mixed $value Parameter value
* @return mixed Set parameter value
return $this->_params->set( $key, $value );
* Method to set a default parameter if it does not exist
* @param string $key Parameter key
* @param mixed $value Parameter value
* @return mixed Set parameter value
return $this->_params->def( $key, $value );
* Method to check JUser object authorization against an access control
* object and optionally an access extension object
* @param string $acoSection The ACO section value
* @param string $aco The ACO value
* @param string $axoSection The AXO section value [optional]
* @param string $axo The AXO value [optional]
* @return boolean True if authorized
function authorize( $acoSection, $aco, $axoSection =
null, $axo =
null )
return $acl->acl_check( $acoSection, $aco, 'users', $this->usertype, $axoSection, $axo );
* Pass through method to the table for setting the last visit date
* @param int $timestamp The timestamp, defaults to 'now'
* @return boolean True on success
// Create the user table object
return $table->setLastVisit($timestamp);
* Method to get the user parameters
* @return object The user parameters object
* Method to get the user table object
* @return object The user table object
// Create the user table object
* Method to set the user parameters
* @param string $data The paramters string in INI format
* @param string $path Path to the parameters xml file [optional]
// Assume we are using the xml file from com_users if no other xml file has been set
jimport( 'joomla.application.helper' );
$this->_params->loadSetupFile($path);
* Method to get JUser error message
* @return string The error message
* Method to bind an associative array of data to a user object
* @param array $array The associative array to bind to the object
* @return boolean True on success
jimport( 'joomla.utilities.array' );
// Lets check to see if the user is new or not
if (empty($this->id) /*&& $array['id']*/)
* Since we have a new user, and we are going to create it... we
* need to check a few things and set some defaults if we don't
if (empty($array['password']))
// Next the registration timestamp
$this->set( 'registerDate', date( 'Y-m-d H:i:s' ) );
// check that username is not greater than 25 characters
$username =
$this->get( 'username' );
if ( strlen($username) >
150 )
$username =
substr( $username, 0, 150 );
$this->set( 'username', $username );
// check that password is not greater than 50 characters
$password =
$this->get( 'password' );
if ( strlen($password) >
100 )
$password =
substr( $password, 0, 100 );
$this->set( 'password', $password );
// We are updating an existing user.. so lets get down to it.
if (!empty($array['password']))
* @todo: this will be deprecated as of the ACL implementation
.
' FROM #__core_acl_aro_groups'
.
' WHERE id = ' . (int)
$gid
$this->set( 'usertype', $db->loadResult());
$this->_params->bind($array['params']);
$params =
$this->_params->toString();
$params =
$array['params'];
* Lets first try to bind the array to us... if that fails
* then we can certainly fail the whole method as we've done absolutely
if (!$this->_bind($array, 'aid guest')) {
$this->_setError("Unable to bind array to user object");
// Make sure its an integer
$this->id = (int)
$this->id;
* Method to save the JUser object to the database
* @param boolean $updateOnly Save the object only if not a new user
* @return boolean True on success
function save( $updateOnly =
false )
jimport( 'joomla.utilities.array' );
// Create the user table object
* We need to get the JUser object for the current installed user, but
* might very well be modifying that user... and isn't it ironic...
* Now that we have gotten all the field handling out of the way, time
* to check and store the object.
$this->_setError($table->getError());
// if user is made a Super Admin group and user is NOT a Super Admin
if ( $this->get('gid') ==
25 &&
$me->get('gid') !=
25 )
// disallow creation of Super Admin by non Super Admin users
$this->_setError(JText::_( 'WARNSUPERADMINCREATE' ));
//are we creating a new user
// If we aren't allowed to create new and we are about to... return true .. job done
if ($isnew &&
$updateOnly) {
* Since we have passed all checks lets load the user plugin group and
* fire the onBeforeStoreUser event.
$dispatcher->trigger( 'onBeforeStoreUser', array( get_object_vars( $table ), $isnew ) );
* Time for the real thing... are you ready for the real thing? Store
* the JUserModel ... if a fail condition exists throw a warning
if (!$result =
$table->store()) {
$this->_setError($table->getError());
* If the id is not set, lets set the id for the JUser object. This
* might happen if we just inserted a new user... and need to update
* this objects id value with the inserted id.
$this->id =
$table->get( 'id' );
// We stored the user... lets tell everyone about it.
$dispatcher->trigger( 'onAfterStoreUser', array( get_object_vars( $table ), $isnew, $result, $this->getError() ) );
* Method to delete the JUser object from the database
* @param boolean $updateOnly Save the object only if not a new user
* @return boolean True on success
//trigger the onBeforeDeleteUser event
$dispatcher->trigger( 'onBeforeDeleteUser', array( array( 'id' =>
$this->id ) ) );
// Create the user table object
if (!$result =
$table->delete($this->id)) {
$this->_setError($table->getError());
//trigger the onAfterDeleteUser event
$dispatcher->trigger( 'onAfterDeleteUser', array( array('id' =>
$this->id), $result, $this->getError()) );
* Method to load a JUser object by user id number
* @param mixed $identifier The user id of the user to load
* @param string $path Path to a parameters xml file
* @return boolean True on success
// Create the user table object
// Load the JUserModel object based on the user id or throw a warning.
JError::raiseWarning( 'SOME_ERROR_CODE', 'JUser::_load: Unable to load user with id: '.
$id );
* Set the user parameters using the default xml file. We might want to
* extend this in the future to allow for the ability to have custom
* user parameters, but for right now we'll leave it how it is.
$this->_params->loadINI($table->params);
// Assuming all is well at this point lets bind the data
* Binds a named array/hash to this object
* @param $array mixed Either and associative array or another object
* @param $ignore string Space separated list of fields not to bind
function _bind( $from, $ignore=
'' )
if ($fromArray ||
$fromObject)
// only bind to public variables
if( substr( $k, 0, 1 ) !=
'_' )
// internal attributes of an object are ignored
if (strpos( $ignore, $k) ===
false)
if ($fromArray && isset
( $from[$ak] )) {
} else if ($fromObject && isset
( $from->$ak )) {
* Method to set an error message
* @param string $msg The message to append to the error message
function _setError( $msg )