Difference between revisions of "Accessing the current user object"

From Joomla! Documentation

(authorize to authorise)
(Remove gid and added password reset)
Line 16: Line 16:
 
</pre>
 
</pre>
  
Getting a reference through getUser() ensures that only one user object is created during any one Joomla! request, saving on memory and processing time. Most of the information about the user is available through public member variables of the user object. This code displays the current user's name, email, user name, user type, and group id:
+
Getting a reference through getUser() ensures that only one user object is created during any one Joomla! request, saving on memory and processing time. Most of the information about the user is available through public member variables of the user object. This code displays the current user's name, email, user name and user type:
  
 
<pre>
 
<pre>
 
echo "<p>Your name is {$user->name}, your email is {$user->email}, and your username is {$user->username}</p>";
 
echo "<p>Your name is {$user->name}, your email is {$user->email}, and your username is {$user->username}</p>";
echo "<p>Your usertype is {$user->usertype} which has a group id of {$user->gid}.</p>";
+
echo "<p>Your usertype is {$user->usertype}.</p>";
 
</pre>
 
</pre>
  
Line 36: Line 36:
 
<li>password_clear - Set to the user's password only when it is being changed. Otherwise, remains blank.</li>
 
<li>password_clear - Set to the user's password only when it is being changed. Otherwise, remains blank.</li>
 
<li>usertype - The role of the user within Joomla!. (Super Administrator, Editor, etc...)</li>
 
<li>usertype - The role of the user within Joomla!. (Super Administrator, Editor, etc...)</li>
<li>gid - Set to the user's group id, which corresponds to the usertype.</li>
+
<li>groups - Set to the user's group ids.</li>
 
<li>block - Set to '1' when the user is set to 'blocked' in Joomla!.</li>
 
<li>block - Set to '1' when the user is set to 'blocked' in Joomla!.</li>
 
<li>registerDate - Set to the date when the user was first registered.</li>
 
<li>registerDate - Set to the date when the user was first registered.</li>
 
<li>lastvisitDate - Set to the date the user last visited the site.</li>
 
<li>lastvisitDate - Set to the date the user last visited the site.</li>
 
<li>guest - If the user is not logged in, this variable will be set to '1'. The other variables will be unset or default values.</li>
 
<li>guest - If the user is not logged in, this variable will be set to '1'. The other variables will be unset or default values.</li>
 +
<li>lastResetTime - Set to the last time the password was reset.</li>
 +
<li>resetCount - Counts the number of password resets.</li>
 
</ul>
 
</ul>
 
 

Revision as of 12:44, 24 September 2013

Copyedit.png
This Article Needs Your Help

This article is tagged because it NEEDS IMPROVEMENT. You can help the Joomla! Documentation Wiki by contributing to it.
More pages that need help similar to this one are here. NOTE-If you feel the need is satistified, please remove this notice.

Reason: Remove Joomla 1.5 ACL info and update to 2.5/3.x.


Basics[edit]

For every request in Joomla!, there is one user. Information about this user is readily available through the Joomla! framework in the form of an object. To get this object for the current user, use the following member function of JFactory:

	$user = JFactory::getUser();

Or, to get information about any other registered user you can call the function with a user 'id', e.g. for user '99'; or a username e.g. 'johnsmith':

	$user = JFactory::getUser(99);
        $user = JFactory::getUser('johnsmith');

Getting a reference through getUser() ensures that only one user object is created during any one Joomla! request, saving on memory and processing time. Most of the information about the user is available through public member variables of the user object. This code displays the current user's name, email, user name and user type:

	echo "<p>Your name is {$user->name}, your email is {$user->email}, and your username is {$user->username}</p>";
	echo "<p>Your usertype is {$user->usertype}.</p>";

Object Member Variables and Parameters[edit]

These are the relevant member variables automatically generated on a call to getUser():

  • id - The unique, numerical user id. Use this when referencing the user record in other database tables.
  • name - The name of the user. (e.g. Vint Cerf)
  • username - The login/screen name of the user. (e.g. shmuffin1979)
  • email - The email address of the user. (e.g. crashoverride@hackers.com)
  • password - The encrypted version of the user's password
  • password_clear - Set to the user's password only when it is being changed. Otherwise, remains blank.
  • usertype - The role of the user within Joomla!. (Super Administrator, Editor, etc...)
  • groups - Set to the user's group ids.
  • block - Set to '1' when the user is set to 'blocked' in Joomla!.
  • registerDate - Set to the date when the user was first registered.
  • lastvisitDate - Set to the date the user last visited the site.
  • guest - If the user is not logged in, this variable will be set to '1'. The other variables will be unset or default values.
  • lastResetTime - Set to the last time the password was reset.
  • resetCount - Counts the number of password resets.

In addition to the member variables (which are stored in the database in columns), there are parameters for the user that hold preferences. To get one of these parameters, call the getParam() member function of the user object, passing in the name of the parameter you want along with a default value in case it is blank.

	$user = JFactory::getUser();
	$language = $user->getParam('language', 'the default');
	
	echo "<p>Your language is set to {$language}.</p>";


Determining Status[edit]

Frequently, you will just want to make sure the user is logged in before continuing. The 'guest' property will be set to '1' when the current user is not logged in. When the user is authenticated, 'guest' will be set to '0'.

	$user = JFactory::getUser();
	
	if ($user->guest) {
		echo "<p>You must login to see the content. I want your email address.</p>";
	} else {
		?>
		
		<h1>Impromptu leftovers salad that goes well with fish</h1>
		<ul>
			<li>1/2 cup chopped celery</li>
			<li>1/4 cup raisins</li>
			<li>1 teaspoon Extra Virgin Olive Oil</li>
			<li>2 tablespoons of faux Thai lemongrass marinade</li>
			<li>1/4 cup shredded fresh basil</li>
			<li>Sprinkling of dill weed</li>
			<li>Big pinch of kosher salt</li>
			<li>Several lettuce leaves</li>
		</ul>
		
		<p>Wash the lettuce and basil and place in a salad bowl.
Get out a much smaller bowl and swish around all of the remaining ingredients. Pour this over the greens and toss.
Serves two.</p>
		<?php
	}

Privileges[edit]

Not all authenticated users are given equal rights. For instance, a Super Administrator may be able to edit anyone's content, while a Publisher may only be able to edit their own. The authorise() member function can be used to determine if the current user has permission to do a certain task. The first parameter is used to identify which component or function we wish to authenticate against. The second represents the task. The third and fourth are optional; they further break the permissions down into record types and ownership respectively.

In Joomla! 1.5, the rights for all of the core components are stored in libraries/joomla/user/authorization.php. These are available to all extensions wherever authentication is required. If the permission scheme of the Content component suits your extension's needs, you can use code similar to the following to determine what functions to give to a specific user.

	$user = JFactory::getUser();
	
	if ($user->authorise('com_content', 'edit', 'content', 'all')) {
		echo "<p>You may edit all content.</p>";
	} else {
		echo "<p>You may not edit all content.</p>";
	}
	
	if ($user->authorise('com_content', 'publish', 'content', 'own')) {
		echo "<p>You may publish your own content.</p>";
	} else {
		echo "<p>You may not publish your own content.</p>";
	}

The permissions for core functions may not be suitable for your extension. If this is the case, you can create your own permissions. You will probably want to add this code in a place where it will always be executed, such as the beginning of the component you are building or in a systemwide plugin. First, you need to get an authorization object using the getACL() member function of JFactory. This works like getUser() in that it only creates one authorization object during any particular Joomla! request. Once you have this object, call the addACL() member function to add permissions. Pass in the name of your component or function, the task name, the string 'users', and the user type (in lowercase) respectively. If you want to also define record sets and ownership, pass those in as an additional two parameters.


	$auth = JFactory::getACL();
	
	$auth->addACL('com_userinfo15', 'persuade', 'users', 'super administrator');
	$auth->addACL('com_userinfo15', 'persuade', 'users', 'administrator');
	$auth->addACL('com_userinfo15', 'persuade', 'users', 'manager');

	$user = JFactory::getUser();
	
	if ($user->authorise('com_userinfo15', 'persuade')) {
		echo "<p>You may persuade the system to do what you wish.</p>";
	} else {
		echo "<p>You are not very persuasive.</p>";
	}


Summary[edit]

Information about the current user is readily available in any part of your Joomla! extension. You need only fetch the object and access the member variables. You can authorise the user against the core permissions set, or create your own to suit your needs.

External Links[edit]

JUser API documentation see getInstance.