kickern/com_sportsmanager
1
0
Fork 0
mirror of https://github.com/Deutscher-Tischfussballbund/com_sportsmanager.git synced 2026-06-10 06:27:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: use UserFactoryInterface and align input

Browse Source
This commit is contained in:
Marvin Flock
2025-04-24 20:15:31 +02:00
parent 43ebed6b39
commit 5c026641c7
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/structure/components/com_sportsmanager/api.php
+5 -4
View File
@@ -4,10 +4,11 @@
*/ */
use JetBrains\PhpStorm\NoReturn; use JetBrains\PhpStorm\NoReturn;
use Joomla\CMS\Application\AdministratorApplication;
use Joomla\CMS\Application\SiteApplication; use Joomla\CMS\Application\SiteApplication;
use Joomla\CMS\Factory; use Joomla\CMS\Factory;
use Joomla\CMS\User\UserFactory; use Joomla\CMS\User\UserFactory;
use Joomla\Input\Input; use Joomla\CMS\User\UserFactoryInterface;
use Joomla\Registry\Registry; use Joomla\Registry\Registry;
defined("_JEXEC") or die(); defined("_JEXEC") or die();
@@ -121,11 +122,11 @@ function begegnungVerlegenNotify($begegnung, $users, $vorschlagendes_team_id, $h
abortWithError("Local Database only"); abortWithError("Local Database only");
} }
$container = Factory::getContainer(); $container = Factory::getContainer();
$jInput = $container->get(SiteApplication::class)->getInput()->json; $jInput = $container->get(SiteApplication::class)->input->json;
$access_key = $jInput->getString('access_key'); $access_key = $jInput->getString('access_key');
$user_id = _payload($access_key)->sub; $user_id = _payload($access_key)->sub;
$user = $container->get(UserFactory::class)->loadUserById($user_id); $user = $container->get(UserFactoryInterface::class)->loadUserById($user_id);
if (!jwt_validate($access_key, $secret . $user->password)) { if (!jwt_validate($access_key, $secret . $user->password)) {
abortWithError('Access Key is invalid'); abortWithError('Access Key is invalid');
@@ -181,7 +182,7 @@ function begegnungVerlegenNotify($begegnung, $users, $vorschlagendes_team_id, $h
$query->select('id')->from('#__users')->where('username = "' . $username . '"')->setLimit(1); $query->select('id')->from('#__users')->where('username = "' . $username . '"')->setLimit(1);
$db->setQuery($query); $db->setQuery($query);
$user_id = $db->loadResult(); $user_id = $db->loadResult();
$user = $container->get(UserFactory::class)->loadUserById($user_id); $user = $container->get(UserFactoryInterface::class)->loadUserById($user_id);
//TODO: pw verification modernising: use php native methods, however this also needs new pw hashing. maybe force a pw reset on all accounts //TODO: pw verification modernising: use php native methods, however this also needs new pw hashing. maybe force a pw reset on all accounts
if (password_verify($password, $user->password)) { if (password_verify($password, $user->password)) {