UserHelper

Authorisation helper class, provides static methods to perform various tasks relevant to the Joomla user and authorisation classes

abstract

This class has influences and some method logic from the Horde Auth package

since

1.7.0

Methods

_bin

Converts hexadecimal string to binary data.

_bin(string $hex) : string
static
since

1.7.0

Arguments

$hex

stringHex data.

Response

stringBinary data.

_toAPRMD5

Converts to allowed 64 characters for APRMD5 passwords.

_toAPRMD5(string $value, integer $count) : string
static
since

1.7.0

Arguments

$value

stringThe value to convert.

$count

integerThe number of characters to convert.

Response

string$value converted to the 64 MD5 characters.

activateUser

Method to activate a user

activateUser(string $activation) : boolean
static
since

1.7.0

Arguments

$activation

stringActivation string

Response

booleanTrue on success

addUserToGroup

Method to add a user to a group.

addUserToGroup(integer $userId, integer $groupId) : boolean
static
since

1.7.0

throws

\RuntimeException

Arguments

$userId

integerThe id of the user.

$groupId

integerThe id of the group.

Response

booleanTrue on success

checkSuperUserInUsers

Check if there is a super user in the user ids.

checkSuperUserInUsers(array $userIds) : boolean
static
since

3.6.5

Arguments

$userIds

arrayAn array of user IDs on which to operate

Response

booleanTrue on success, false on failure

clearExpiredTokens

Clear all expired tokens for all users.

clearExpiredTokens() : mixed
static deprecated
since

3.2

deprecated

4.0 This is handled in the authentication plugin itself

Response

mixedDatabase query result

genRandomPassword

Generate a random password

genRandomPassword(integer $length = 8) : string
static
since

1.7.0

Arguments

$length

integerLength of the password to generate

Response

stringRandom Password

getCryptedPassword

Formats a password using the old encryption methods.

getCryptedPassword(string $plaintext, string $salt = '', string $encryption = 'md5-hex', boolean $show_encrypt = false) : string
static deprecated
since

1.7.0

deprecated

4.0

Arguments

$plaintext

stringThe plaintext password to encrypt.

$salt

stringThe salt to use to encrypt the password. [] If not present, a new salt will be generated.

$encryption

stringThe kind of password encryption to use. Defaults to md5-hex.

$show_encrypt

booleanSome password systems prepend the kind of encryption to the crypted password ({SHA}, etc). Defaults to false.

Response

stringThe encrypted password.

getProfile

Gets the user profile information

getProfile(integer $userId) : object
static
since

1.7.0

Arguments

$userId

integerThe id of the user.

Response

object

getRememberCookieData

Method to get the remember me cookie data

getRememberCookieData() : mixed
static deprecated
since

3.2

deprecated

4.0 This is handled in the authentication plugin itself

Response

mixedAn array of information from an authentication cookie or false if there is no cookie

getSalt

Returns a salt for the appropriate kind of password encryption using the old encryption methods.

getSalt(string $encryption = 'md5-hex', string $seed = '', string $plaintext = '') : string
static deprecated

Optionally takes a seed and a plaintext password, to extract the seed of an existing password, or for encryption types that use the plaintext in the generation of the salt.

since

1.7.0

deprecated

4.0

Arguments

$encryption

stringThe kind of password encryption to use. Defaults to md5-hex.

$seed

stringThe seed to get the salt from (probably a previously generated password). Defaults to generating a new seed.

$plaintext

stringThe plaintext password that we're generating a salt for. Defaults to none.

Response

stringThe generated or extracted salt.

getShortHashedUserAgent

Method to get a hashed user agent string that does not include browser version.

getShortHashedUserAgent() : string
static

Used when frequent version changes cause problems.

since

3.2

Response

stringA hashed user agent string with version replaced by 'abcd'

getUserGroups

Method to get a list of groups a user is in.

getUserGroups(integer $userId) : array
static
since

1.7.0

Arguments

$userId

integerThe id of the user.

Response

arrayList of groups

getUserId

Returns userid if a user exists

getUserId(string $username) : integer
static
since

1.7.0

Arguments

$username

stringThe username to search on.

Response

integerThe user id or 0 if not found.

hashPassword

Hashes a password using the current encryption.

hashPassword(string $password, integer $algorithm = PASSWORD_BCRYPT, array $options = array()) : string
static
since

3.2.1

Arguments

$password

stringThe plaintext password to encrypt.

$algorithm

integerThe hashing algorithm to use, represented by PASSWORD_* constants.

$options

arrayThe options for the algorithm to use.

Response

stringThe encrypted password.

invalidateCookie

Method to remove a cookie record from the database and the browser

invalidateCookie(string $userId, string $cookieName) : boolean
static deprecated
since

3.2

deprecated

4.0 This is handled in the authentication plugin itself. The 'invalid' column in the db should be removed as well

Arguments

$userId

stringUser ID for this user

$cookieName

stringSeries id (cookie name decoded)

Response

booleanTrue on success

removeUserFromGroup

Method to remove a user from a group.

removeUserFromGroup(integer $userId, integer $groupId) : boolean
static
since

1.7.0

Arguments

$userId

integerThe id of the user.

$groupId

integerThe id of the group.

Response

booleanTrue on success

setUserGroups

Method to set the groups for a user.

setUserGroups(integer $userId, array $groups) : boolean
static
since

1.7.0

Arguments

$userId

integerThe id of the user.

$groups

arrayAn array of group ids to put the user in.

Response

booleanTrue on success

verifyPassword

Formats a password using the current encryption. If the user ID is given and the hash does not fit the current hashing algorithm, it automatically updates the hash.

verifyPassword(string $password, string $hash, integer $user_id) : boolean
static
since

3.2.1

Arguments

$password

stringThe plaintext password to check.

$hash

stringThe hash to verify against.

$user_id

integerID of the user if the password hash should be updated

Response

booleanTrue if the password and hash match, false otherwise