File Manager

Current Directory: /home/astoriaah/www/old15/administrator/components/com_admintools/models
Viewing File: /home/astoriaah/www/old15/administrator/components/com_admintools/models/adminuser.php
<?php /** * @package AdminTools * @copyright Copyright (c)2010-2015 Nicholas K. Dionysopoulos * @license GNU General Public License version 3, or later * @version $Id$ */ // Protect from unauthorized access defined('_JEXEC') or die; /** * A feature to get rid of Joomla!'s default administrator user (ID 62/42) */ class AdmintoolsModelAdminuser extends F0FModel { /** * Determines if the default Super Administrator account is in use with a simple * trick. If a user exists with an ID less than the default Joomla! Super User ID * (42 in 1.6 or 62 in 1.5) then the default Super Administrator account is considered * to not be in use. * * @return bool */ public function hasDefaultAdmin() { $id = 42; // Check if a user with a low ID is present $db = $this->getDBO(); $query = $db->getQuery(true) ->select(array( 'COUNT(*)' ))->from($db->quoteName('#__users')) ->where($db->quoteName('id') . ' < ' . $db->quote($id)); $db->setQuery($query); $isuser = $db->loadResult(); if (!$isuser) { // If now low-ID user exists, check if a user with ID of 62/42 exists $query = $db->getQuery(true) ->select(array( 'COUNT(*)' ))->from($db->quoteName('#__users')) ->where($db->quoteName('id') . ' = ' . $db->quote($id)); $db->setQuery($query); $defaultuser = $db->loadResult(); if ($defaultuser) { // Is that user blocker? $user = JFactory::getUser($id); if ($user->block) { // The user is blocked, therefore you're not using the default SA account. return false; } else { // The user is not blocked. You are sing the default SA account. return true; } } else { return false; } } else { // Low-ID user exists; no default admin is present ;) return false; } } /** * Get the default user's username * * @return string */ public function getDefaultUsername() { $id = 42; $user = JFactory::getUser($id); return $user->username; } /** * Creates a new Super Administrator with a low ID and swaps his privileges with the old administrator user * * @param $newid int The new ID to use. Leave null to use a random one (recommended!) */ public function swapAccounts($newid = null) { $maxid = 41; if (empty($newid)) { $newid = rand(1, $maxid); } // Load the existing user $db = $this->getDBO(); $query = $db->getQuery(true) ->select(array( '*' ))->from($db->quoteName('#__users')) ->where($db->quoteName('id') . ' = ' . $db->quote($maxid + 1)); $db->setQuery($query); $olduser = $db->loadAssoc(); // Create a copy of the old user's data and update the ID $newuser = $olduser; $newuser['id'] = $newid; // Insert the new user to the database $query = $db->getQuery(true) ->insert($db->quoteName('#__users')); $sql = 'INSERT INTO `#__users` '; $keys = array(); $values = array(); foreach ($newuser as $k => $v) { $keys[] = $db->quoteName($k); $values[] = $db->Quote($v); } $query->columns($keys); $query->values(implode(', ', $values)); $db->setQuery($query); $db->execute(); JLoader::import('joomla.database.table.user'); $userTable = JTable::getInstance('user'); // Time to promote the new user to a Super Administrator! $ugmap = (object)array( 'user_id' => $newid, 'group_id' => 8 ); $db->insertObject('#__user_usergroup_map', $ugmap); // Reset the old user's password to something stupid and block his access completely! JLoader::import('joomla.user.helper'); $prefix = $this->getState('prefix', null); if (empty($prefix)) { $prefix = JUserHelper::genRandomPassword(4); } $password = JUserHelper::genRandomPassword(32); $salt = JUserHelper::genRandomPassword(32); $olduser['username'] = $prefix . '_' . $olduser['username']; $olduser['password'] = JUserHelper::getCryptedPassword($password, $salt); $olduser['email'] = $prefix . '_' . $olduser['email']; $olduser['block'] = 1; $olduser['sendEmail'] = 0; $userTable->save($olduser); } }