Merge pull request #42001 from HLeithner/5.0/upmerge/300923

[5.0] Upmerge 30.09.23

administrator/components/com_joomlaupdate/src/Model/UpdateModel.php

@@ -968,9 +968,9 @@ public function upload()
 
         // Check the uploaded file (throws RuntimeException when a check failed)
         if (\extension_loaded('zip')) {
-            $this->checkPackageFileZip($userfile['tmp_name']);
+            $this->checkPackageFileZip($userfile['tmp_name'], $userfile['name']);
         } else {
-            $this->checkPackageFileNoZip($userfile['tmp_name']);
+            $this->checkPackageFileNoZip($userfile['tmp_name'], $userfile['name']);
         }
 
         // Build the appropriate paths.
@@ -1790,64 +1790,66 @@ public function collectError(string $context, \Throwable $error)
     /**
      * Check the update package with ZipArchive class from zip PHP extension
      *
-     * @param   string  $filePath  Full path to the update package to test
+     * @param   string  $filePath     Full path to the uploaded update package (temporary file) to test
+     * @param   string  $packageName  Name of the selected update package
      *
      * @return  void
      *
-     * @since   5.0.0
+     * @since   4.4.0
      * @throws  \RuntimeException
      */
-    private function checkPackageFileZip(string $filePath)
+    private function checkPackageFileZip(string $filePath, $packageName)
     {
         $zipArchive = new \ZipArchive();
 
         if ($zipArchive->open($filePath) !== true) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
         }
 
         if ($zipArchive->locateName('installation/index.php') !== false) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE', $packageName), 500);
         }
 
         $manifestFile = $zipArchive->getFromName('administrator/manifests/files/joomla.xml');
 
         if ($manifestFile === false) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE', $packageName), 500);
         }
 
-        $this->checkManifestXML($manifestFile);
+        $this->checkManifestXML($manifestFile, $packageName);
     }
 
     /**
      * Check the update package without using the ZipArchive class from zip PHP extension
      *
-     * @param   string  $filePath  Full path to the update package to test
+     * @param   string  $filePath  Full path to the uploaded update package (temporary file) to test
+     * @param   string  $packageName  Name of the selected update package
      *
      * @return  void
      *
      * @see     https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT
-     * @since   5.0.0
+     * @since   4.4.0
      * @throws  \RuntimeException
      */
-    private function checkPackageFileNoZip(string $filePath)
+    private function checkPackageFileNoZip(string $filePath, $packageName)
     {
         // The file must exist and be readable
         if (!file_exists($filePath) || !is_readable($filePath)) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
         }
 
         // The file must be at least 1KiB (anything less is not even a real file!)
         $filesize = filesize($filePath);
 
         if ($filesize < 1024) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
         }
 
         // Open the file
         $fp = @fopen($filePath, 'rb');
 
         if ($fp === false) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
         }
 
         // Read chunks of max. 1MiB size
@@ -1874,7 +1876,7 @@ private function checkPackageFileNoZip(string $filePath)
             if ($fileChunk === false || strlen($fileChunk) !== $readsize) {
                 @fclose($fp);
 
-                throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+                throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
             }
 
             $posFirstHeader = strpos($fileChunk, $headerSignature);
@@ -1893,7 +1895,7 @@ private function checkPackageFileNoZip(string $filePath)
                 if (substr($fileChunk, $pos - 46, 4) == $headerSignature && substr($fileChunk, $pos - 18, 2) == $sizeSignatureIndexPhp) {
                     @fclose($fp);
 
-                    throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE'), 500);
+                    throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE', $packageName), 500);
                 }
 
                 $offset = $pos + 22;
@@ -1928,14 +1930,14 @@ private function checkPackageFileNoZip(string $filePath)
         if (!$headerFound) {
             @fclose($fp);
 
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN', $packageName), 500);
         }
 
         // If no central directory file header found for the manifest XML file it's not a valid Joomla package
         if (!$headerInfo) {
             @fclose($fp);
 
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE', $packageName), 500);
         }
 
         // Read the local file header of the manifest XML file
@@ -1948,7 +1950,7 @@ private function checkPackageFileNoZip(string $filePath)
         if (!$localHeaderInfo['Compressed']) {
             @fclose($fp);
 
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE', $packageName), 500);
         }
 
         // Read the compressed manifest XML file content
@@ -1978,34 +1980,35 @@ private function checkPackageFileNoZip(string $filePath)
         }
 
         if (!$manifestFile) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE', $packageName), 500);
         }
 
-        $this->checkManifestXML($manifestFile);
+        $this->checkManifestXML($manifestFile, $packageName);
     }
 
     /**
      * Check content of manifest XML file in update package
      *
-     * @param   string  $manifest  Content of the manifest XML file
+     * @param   string  $manifest     Content of the manifest XML file
+     * @param   string  $packageName  Name of the selected update package
      *
      * @return  void
      *
-     * @since   5.0.0
+     * @since   4.4.0
      * @throws  \RuntimeException
      */
-    private function checkManifestXML(string $manifest)
+    private function checkManifestXML(string $manifest, $packageName)
     {
         $manifestXml = simplexml_load_string($manifest);
 
         if (!$manifestXml) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND', $packageName), 500);
         }
 
         $versionPackage = (string) $manifestXml->version ?: '';
 
         if (!$versionPackage) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND', $packageName), 500);
         }
 
         $currentVersion = JVERSION;
@@ -2016,7 +2019,7 @@ private function checkManifestXML(string $manifest)
         }
 
         if (version_compare($versionPackage, $currentVersion, 'lt')) {
-            throw new \RuntimeException(Text::_('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_DOWNGRADE'), 500);
+            throw new \RuntimeException(Text::sprintf('COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_DOWNGRADE', $packageName, $versionPackage, $currentVersion), 500);
         }
     }
 }

administrator/components/com_users/src/Model/UsersModel.php

@@ -365,10 +365,7 @@ protected function getListQuery()
         $groups  = $this->getState('filter.groups');
 
         if ($groupId || isset($groups)) {
-            $query->join('LEFT', '#__user_usergroup_map AS map2 ON map2.user_id = a.id')
-                ->group(
-                    $db->quoteName(
-                        [
+            $group_by = [
                             'a.id',
                             'a.name',
                             'a.username',
@@ -385,9 +382,14 @@ protected function getListQuery()
                             'a.otpKey',
                             'a.otep',
                             'a.requireReset',
-                        ]
-                    )
-                );
+            ];
+
+            if (PluginHelper::isEnabled('multifactorauth')) {
+                $group_by[] = 'mfa.mfaRecords';
+            }
+
+            $query->join('LEFT', '#__user_usergroup_map AS map2 ON map2.user_id = a.id')
+                ->group($db->quoteName($group_by));
 
             if ($groupId) {
                 $groupId = (int) $groupId;

administrator/language/en-GB/com_joomlaupdate.ini

@@ -179,11 +179,11 @@ COM_JOOMLAUPDATE_VIEW_UPDATE_FINALISE_HEAD_DESC="To complete the update Process
 COM_JOOMLAUPDATE_VIEW_UPDATE_PERCENT="Percent complete"
 COM_JOOMLAUPDATE_VIEW_UPLOAD_CAPTIVE_INTRO_BODY="Make sure that the update file you have uploaded comes from the official Joomla download page. Afterwards, please confirm that you want to install it by re-entering the login information for your site "%s" below."
 COM_JOOMLAUPDATE_VIEW_UPLOAD_CAPTIVE_INTRO_HEAD="Are you sure you want to install the file you uploaded?"
-COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_DOWNGRADE="The update package file has a lower version than the current Joomla version. You cannot downgrade a Joomla site."
-COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE="The uploaded package file looks like it is a full installation package of Joomla which can only be used for creating new sites. You can only use the \"Upgrade Package (.zip)\" to update your site."
-COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE="The uploaded package file is not a Joomla update package. It does not contain the \"administrator/manifests/files/joomla.xml\" file."
-COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND="The uploaded package file is not a Joomla update package. It does not contain valid version information."
-COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN="The uploaded package file is either not a ZIP file or is corrupted."
+COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_DOWNGRADE="The uploaded package file \"%1$s\" has a lower version \"%2$s\" than the installed version \"%3$s\". You cannot downgrade a Joomla site.<br>Check <a class=\"alert-link\" href=\"https://downloads.joomla.org/latest\" target=\"_blank\" rel=\"noopener noreferrer\">the official Joomla download page</a> for the Joomla Upgrade Package of a <em><strong>newer version</strong></em>."
+COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_INSTALL_PACKAGE="The uploaded package file \"%s\" looks like it is a full installation package of Joomla which can only be used for creating new sites. You can only use the <em><strong>Upgrade Package</strong></em> to update your site.<br>Check <a class=\"alert-link\" href=\"https://downloads.joomla.org/latest\" target=\"_blank\" rel=\"noopener noreferrer\">the official Joomla download page</a> for the Joomla <em><strong>Upgrade Package</strong></em> of the right version."
+COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_MANIFEST_FILE="The uploaded package file \"%s\" is not a Joomla update package. It does not contain the \"administrator/manifests/files/joomla.xml\" file.<br>Check <a class=\"alert-link\" href=\"https://downloads.joomla.org/latest\" target=\"_blank\" rel=\"noopener noreferrer\">the official Joomla download page</a> for the right Joomla <em><strong>Upgrade Package</strong></em>."
+COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_NO_VERSION_FOUND="The uploaded package file \"%s\" is not a Joomla update package. It does not contain valid version information.<br>Check <a class=\"alert-link\" href=\"https://downloads.joomla.org/latest\" target=\"_blank\" rel=\"noopener noreferrer\">the official Joomla download page</a> for the right Joomla <em><strong>Upgrade Package</strong></em>."
+COM_JOOMLAUPDATE_VIEW_UPLOAD_ERROR_PACKAGE_OPEN="The uploaded package file \"%s\" is either not a ZIP file or is corrupted.<br>Check <a class=\"alert-link\" href=\"https://downloads.joomla.org/latest\" target=\"_blank\" rel=\"noopener noreferrer\">the official Joomla download page</a> for the desired Joomla <em><strong>Upgrade Package in ZIP format</strong></em>."
 COM_JOOMLAUPDATE_VIEW_UPLOAD_PACKAGE_FILE="Joomla package file"
 COM_JOOMLAUPDATE_XML_DESCRIPTION="Updates Joomla to the latest version with one click."
 

libraries/src/Event/MultiFactor/BeforeDisplayMethods.php

@@ -46,7 +46,7 @@ public function __construct(User $user)
      * @return  User
      * @since   4.2.0
      *
-     * @deprecated 5.0.0 will be removed in 6.0
+     * @deprecated 4.4.0 will be removed in 6.0
      *               Use counterpart with onSet prefix
      */
     public function setUser(User $value): User
@@ -64,7 +64,7 @@ public function setUser(User $value): User
      * @param   User  $value  The value to validate
      *
      * @return  User
-     * @since   5.0.0
+     * @since   4.4.0
      */
     protected function onSetUser(User $value): User
     {

libraries/src/Event/MultiFactor/Callback.php

@@ -43,7 +43,7 @@ public function __construct(string $method)
      * @throws  \DomainException
      * @since   4.2.0
      *
-     * @deprecated 5.0.0 will be removed in 6.0
+     * @deprecated 4.4.0 will be removed in 6.0
      *                Use counterpart with onSet prefix
      */
     public function setMethod(string $value): string
@@ -62,7 +62,7 @@ public function setMethod(string $value): string
      *
      * @return  string
      * @throws  \DomainException
-     * @since   5.0.0
+     * @since   4.4.0
      */
     protected function onSetMethod(string $value): string
     {

libraries/src/Event/MultiFactor/Captive.php

@@ -55,7 +55,7 @@ public function __construct(MfaTable $record)
      * @return  MfaTable
      * @since   4.2.0
      *
-     * @deprecated 5.0.0 will be removed in 6.0
+     * @deprecated 4.4.0 will be removed in 6.0
      *                Use counterpart with onSet prefix
      */
     public function setRecord(MfaTable $value): MfaTable
@@ -73,7 +73,7 @@ public function setRecord(MfaTable $value): MfaTable
      * @param   MfaTable  $value  The value to validate
      *
      * @return  MfaTable
-     * @since   5.0.0
+     * @since   4.4.0
      */
     protected function onSetRecord(MfaTable $value): MfaTable
     {

libraries/src/Event/MultiFactor/GetSetup.php

@@ -55,7 +55,7 @@ public function __construct(MfaTable $record)
      * @return  MfaTable
      * @since   4.2.0
      *
-     * @deprecated 5.0.0 will be removed in 6.0
+     * @deprecated 4.4.0 will be removed in 6.0
      *                Use counterpart with onSet prefix
      */
     public function setRecord(MfaTable $value): MfaTable
@@ -73,7 +73,7 @@ public function setRecord(MfaTable $value): MfaTable
      * @param   MfaTable  $value  The value to validate
      *
      * @return  MfaTable
-     * @since   5.0.0
+     * @since   4.4.0
      */
     protected function onSetRecord(MfaTable $value): MfaTable
     {

libraries/src/Event/MultiFactor/SaveSetup.php

@@ -59,7 +59,7 @@ public function __construct(MfaTable $record, Input $input)
      * @return  MfaTable
      * @since   4.2.0
      *
-     * @deprecated 5.0.0 will be removed in 6.0
+     * @deprecated 4.4.0 will be removed in 6.0
      *                Use counterpart with onSet prefix
      */
     public function setRecord(MfaTable $value): MfaTable
@@ -79,7 +79,7 @@ public function setRecord(MfaTable $value): MfaTable
      * @return  Input
      * @since   4.2.0
      *
-     * @deprecated 5.0.0 will be removed in 6.0
+     * @deprecated 4.4.0 will be removed in 6.0
      *                Use counterpart with onSet prefix
      */
     public function setInput(Input $value): Input
@@ -97,7 +97,7 @@ public function setInput(Input $value): Input
      * @param   MfaTable  $value  The value to validate
      *
      * @return  MfaTable
-     * @since   5.0.0
+     * @since   4.4.0
      */
     protected function onSetRecord(MfaTable $value): MfaTable
     {
@@ -110,7 +110,7 @@ protected function onSetRecord(MfaTable $value): MfaTable
      * @param   Input  $value  The value to validate
      *
      * @return  Input
-     * @since   5.0.0
+     * @since   4.4.0
      */
     protected function onSetInput(Input $value): Input
     {

libraries/src/Event/MultiFactor/Validate.php

@@ -59,7 +59,7 @@ public function __construct(MfaTable $record, User $user, string $code)
      * @return  MfaTable
      * @since   4.2.0
      *
-     * @deprecated 5.0.0 will be removed in 6.0
+     * @deprecated 4.4.0 will be removed in 6.0
      *                Use counterpart with onSet prefix
      */
     public function setRecord(MfaTable $value): MfaTable
@@ -79,7 +79,7 @@ public function setRecord(MfaTable $value): MfaTable
      * @return  User
      * @since   4.2.0
      *
-     * @deprecated 5.0.0 will be removed in 6.0
+     * @deprecated 4.4.0 will be removed in 6.0
      *                Use counterpart with onSet prefix
      */
     public function setUser(User $value): User
@@ -99,7 +99,7 @@ public function setUser(User $value): User
      * @return  string|null
      * @since   4.2.0
      *
-     * @deprecated 5.0.0 will be removed in 6.0
+     * @deprecated 4.4.0 will be removed in 6.0
      *                Use counterpart with onSet prefix
      */
     public function setCode(?string $value): ?string
@@ -114,7 +114,7 @@ public function setCode(?string $value): ?string
      * @param   MfaTable  $value  The value to validate
      *
      * @return  MfaTable
-     * @since   5.0.0
+     * @since   4.4.0
      */
     protected function onSetRecord(MfaTable $value): MfaTable
     {
@@ -127,7 +127,7 @@ protected function onSetRecord(MfaTable $value): MfaTable
      * @param   User  $value  The value to validate
      *
      * @return  User
-     * @since   5.0.0
+     * @since   4.4.0
      */
     protected function onSetUser(User $value): User
     {
@@ -140,7 +140,7 @@ protected function onSetUser(User $value): User
      * @param   string|null  $value  The value to validate
      *
      * @return  string|null
-     * @since   5.0.0
+     * @since   4.4.0
      */
     protected function onSetCode(?string $value): ?string
     {