Joomla\CMS\User\UserHelper

class UserHelper

Authorisation helper class, provides static methods to perform various tasks relevant to the Joomla user and authorisation classes

This class has influences and some method logic from the Horde Auth package

Methods

static boolean

addUserToGroup( integer $userId, integer $groupId)

Method to add a user to a group.

static array

getUserGroups( integer $userId)

Method to get a list of groups a user is in.

static boolean

removeUserFromGroup( integer $userId, integer $groupId)

Method to remove a user from a group.

static boolean

setUserGroups( integer $userId, array $groups)

Method to set the groups for a user.

static object

getProfile( integer $userId)

Gets the user profile information

static boolean

activateUser( string $activation)

Method to activate a user

static integer

getUserId( string $username)

Returns userid if a user exists

static string

hashPassword( string $password, integer $algorithm = PASSWORD_BCRYPT, array $options = array())

Hashes a password using the current encryption.

static boolean

verifyPassword( string $password, string $hash, integer $user_id)

Formats a password using the current encryption. If the user ID is given and the hash does not fit the current hashing algorithm, it automatically updates the hash.

static string

getCryptedPassword( string $plaintext, string $salt = '', string $encryption = 'md5-hex', boolean $show_encrypt = false)

Formats a password using the old encryption methods.

static string

getSalt( string $encryption = 'md5-hex', string $seed = '', string $plaintext = '')

Returns a salt for the appropriate kind of password encryption using the old encryption methods.

static string

genRandomPassword( integer $length = 8)

Generate a random password

static boolean

invalidateCookie( string $userId, string $cookieName)

Method to remove a cookie record from the database and the browser

static mixed

clearExpiredTokens()

Clear all expired tokens for all users.

static mixed

getRememberCookieData()

Method to get the remember me cookie data

static string

getShortHashedUserAgent()

Method to get a hashed user agent string that does not include browser version.

static boolean

checkSuperUserInUsers( array $userIds)

Check if there is a super user in the user ids.

Details

`static boolean addUserToGroup( integer $userId, integer $groupId)`

Method to add a user to a group.

Parameters

integer	$userId	The id of the user.
integer	$groupId	The id of the group.

Return Value

boolean

True on success

Exceptions

RuntimeException

`static array getUserGroups( integer $userId)`

Method to get a list of groups a user is in.

Parameters

integer

$userId

The id of the user.

Return Value

array

List of groups

`static boolean removeUserFromGroup( integer $userId, integer $groupId)`

Method to remove a user from a group.

Parameters

integer	$userId	The id of the user.
integer	$groupId	The id of the group.

Return Value

boolean

True on success

`static boolean setUserGroups( integer $userId, array $groups)`

Method to set the groups for a user.

Parameters

integer	$userId	The id of the user.
array	$groups	An array of group ids to put the user in.

Return Value

boolean

True on success

`static object getProfile( integer $userId)`

Gets the user profile information

Parameters

integer

$userId

The id of the user.

Return Value

object

`static boolean activateUser( string $activation)`

Method to activate a user

Parameters

string

$activation

Activation string

Return Value

boolean

True on success

`static integer getUserId( string $username)`

Returns userid if a user exists

Parameters

string

$username

The username to search on.

Return Value

integer

The user id or 0 if not found.

`static string hashPassword( string $password, integer $algorithm = PASSWORD_BCRYPT, array $options = array())`

Hashes a password using the current encryption.

Parameters

string	$password	The plaintext password to encrypt.
integer	$algorithm	The hashing algorithm to use, represented by `PASSWORD_*` constants.
array	$options	The options for the algorithm to use.

Return Value

string

The encrypted password.

`static boolean verifyPassword( string $password, string $hash, integer $user_id)`

Formats a password using the current encryption. If the user ID is given and the hash does not fit the current hashing algorithm, it automatically updates the hash.

Parameters

string	$password	The plaintext password to check.
string	$hash	The hash to verify against.
integer	$user_id	ID of the user if the password hash should be updated

Return Value

boolean

True if the password and hash match, false otherwise

`static string getCryptedPassword( string $plaintext, string $salt = '', string $encryption = 'md5-hex', boolean $show_encrypt = false)`

Formats a password using the old encryption methods.

Parameters

string	$plaintext	The plaintext password to encrypt.
string	$salt	The salt to use to encrypt the password. [] If not present, a new salt will be generated.
string	$encryption	The kind of password encryption to use. Defaults to md5-hex.
boolean	$show_encrypt	Some password systems prepend the kind of encryption to the crypted password ({SHA}, etc). Defaults to false.

Return Value

string

The encrypted password.

`static string getSalt( string $encryption = 'md5-hex', string $seed = '', string $plaintext = '')`

Returns a salt for the appropriate kind of password encryption using the old encryption methods.

Optionally takes a seed and a plaintext password, to extract the seed of an existing password, or for encryption types that use the plaintext in the generation of the salt.

Parameters

string	$encryption	The kind of password encryption to use. Defaults to md5-hex.
string	$seed	The seed to get the salt from (probably a previously generated password). Defaults to generating a new seed.
string	$plaintext	The plaintext password that we're generating a salt for. Defaults to none.

Return Value

string

The generated or extracted salt.

`static string genRandomPassword( integer $length = 8)`

Generate a random password

Parameters

integer

$length

Length of the password to generate

Return Value

string

Random Password

`static boolean invalidateCookie( string $userId, string $cookieName)`

Method to remove a cookie record from the database and the browser

Parameters

string	$userId	User ID for this user
string	$cookieName	Series id (cookie name decoded)

Return Value

boolean

True on success

`static mixed clearExpiredTokens()`

Clear all expired tokens for all users.

Return Value

mixed

Database query result

`static mixed getRememberCookieData()`

Method to get the remember me cookie data

Return Value

mixed

An array of information from an authentication cookie or false if there is no cookie

`static string getShortHashedUserAgent()`

Method to get a hashed user agent string that does not include browser version.

Used when frequent version changes cause problems.

Return Value

string

A hashed user agent string with version replaced by 'abcd'

`static boolean checkSuperUserInUsers( array $userIds)`

Check if there is a super user in the user ids.

Parameters

array

$userIds

An array of user IDs on which to operate

Return Value

boolean

True on success, false on failure