joomla · nikosdion · Aug 19, 2016 · Aug 19, 2016 · Aug 19, 2016 · Aug 20, 2016
diff --git a/administrator/components/com_admin/sql/updates/mysql/3.7.0-2016-08-21.sql b/administrator/components/com_admin/sql/updates/mysql/3.7.0-2016-08-21.sql
@@ -0,0 +1,2 @@
+INSERT INTO `#__extensions` (`extension_id`, `name`, `type`, `element`, `folder`, `client_id`, `enabled`, `access`, `protected`, `manifest_cache`, `params`, `custom_data`, `system_data`, `checked_out`, `checked_out_time`, `ordering`, `state`) VALUES
+(458, 'plg_authentication_facebook', 'plugin', 'facebook', 'authentication', 0, 0, 1, 1, '', '', '', '', 0, '0000-00-00 00:00:00', 3, 0);
diff --git a/administrator/components/com_admin/sql/updates/postgresql/3.7.0-2016-08-21.sql b/administrator/components/com_admin/sql/updates/postgresql/3.7.0-2016-08-21.sql
@@ -0,0 +1,2 @@
+INSERT INTO "#__extensions" ("extension_id", "name", "type", "element", "folder", "client_id", "enabled", "access", "protected", "manifest_cache", "params", "custom_data", "system_data", "checked_out", "checked_out_time", "ordering", "state") VALUES
+(458, 'plg_authentication_facebook', 'plugin', 'facebook', 'authentication', 0, 1, 1, 1, '', '', '', '', 0, '1970-01-01 00:00:00', 3, 0);
diff --git a/administrator/components/com_admin/sql/updates/sqlazure/3.7.0-2016-08-21.sql b/administrator/components/com_admin/sql/updates/sqlazure/3.7.0-2016-08-21.sql
@@ -0,0 +1,6 @@
+SET IDENTITY_INSERT #__extensions  ON;
+
+INSERT INTO #__extensions ([extension_id], [name], [type], [element], [folder], [client_id], [enabled], [access], [protected], [manifest_cache], [params], [custom_data], [system_data], [checked_out], [checked_out_time], [ordering], [state])
+SELECT 458, 'plg_authentication_facebook', 'plugin', 'facebook', 'authentication', 0, 1, 1, 1, '', '', '', '', 0, '1900-01-01 00:00:00', 3, 0;
+
+SET IDENTITY_INSERT #__extensions  OFF;
diff --git a/administrator/components/com_users/helpers/users.php b/administrator/components/com_users/helpers/users.php
@@ -174,8 +174,8 @@ public static function getRangeOptions()
 	 */
 	public static function getTwoFactorMethods()
 	{
-		FOFPlatform::getInstance()->importPlugin('twofactorauth');
-		$identities = FOFPlatform::getInstance()->runPlugins('onUserTwofactorIdentify', array());
+		JPluginHelper::importPlugin('twofactorauth');
+		$identities = JEventDispatcher::getInstance()->trigger('onUserTwofactorIdentify', array());
 
 		$options = array(
 			JHtml::_('select.option', 'none', JText::_('JGLOBAL_OTPMETHOD_NONE'), 'value', 'text'),

diff --git a/administrator/language/en-GB/en-GB.plg_authentication_facebook.ini b/administrator/language/en-GB/en-GB.plg_authentication_facebook.ini
@@ -0,0 +1,28 @@
+; Joomla! Project
+; Copyright (C) 2005 - 2016 Open Source Matters. All rights reserved.
+; License GNU General Public License version 2 or later; see LICENSE.txt, see LICENSE.php
+; Note : All ini files need to be saved as UTF-8
+
+; Note 2: Do NOT alpha-sort the language keys. It makes translation far harder because it deprives the translator
+; of the string's context!
+
+PLG_AUTHENTICATION_FACEBOOK="Authentication - Facebook"
+PLG_AUTHENTICATION_FACEBOOK_XML_DESCRIPTION="Handles User Authentication with a Facebook account (Requires cURL).<br />You need to <a href='https://developers.facebook.com/apps'>create a Facebook app</a> for your site. Facebook login only works in the front-end of your site.<br /><strong>Warning!</strong>Facebook login bypasses Two Factor Authentication.<br /><strong> Warning! You must have at least one authentication plugin enabled or you will lose all access to your site.</strong>"
+
+PLG_AUTHENTICATION_FACEBOOK_FIELD_APPID_LABEL="Facebook Application ID"
+PLG_AUTHENTICATION_FACEBOOK_FIELD_APPID_DESC="Enter the App ID for your custom Facebook application here. This is required to enable social login with Facebook. You can create a Facebook app at https://developers.facebook.com/apps."
+PLG_AUTHENTICATION_FACEBOOK_FIELD_APPSECRET_LABEL="Facebook Application Secret"
+PLG_AUTHENTICATION_FACEBOOK_FIELD_APPSECRET_DESC="Enter the App Secret for your custom Facebook application here. This is required to enable social login with Facebook. You can create a Facebook app at https://developers.facebook.com/apps."
+PLG_AUTHENTICATION_FACEBOOK_FIELD_CREATENEW_LABEL="Create new user accounts?"
+PLG_AUTHENTICATION_FACEBOOK_FIELD_CREATENEW_DESC="Creates a new Joomla! user when a user tries to log in via Facebook but there is no Joomla! user account associated with that e-mail or Facebook User ID. If user registration is disabled no account will be created and an error will be raised. The Joomla! user has a username derived from the Facebook login, the same email address as the Facebook account and a long, random password (which the user can change once they have logged in). Set this to No to prevent creation of user accounts through Facebook login."
+
+PLG_AUTHENTICATION_FACEBOOK_BTN_LABEL="Facebook Login"
+
+PLG_AUTHENTICATION_FACEBOOK_ERROR_NOT_LOGGED_IN_FB="You are not logged into Facebook or you didn't grant permissions for our site to log you in through Facebook"
+PLG_AUTHENTICATION_FACEBOOK_ERROR_ACCOUNT_DISABLED_OR_NOT_ACTIVATED="Your account on our site is disabled or not activated."
+PLG_AUTHENTICATION_FACEBOOK_ERROR_LOCAL_NOT_FOUND="You do not have an account on our site that corresponds to this Facebook account."
+PLG_AUTHENTICATION_FACEBOOK_ERROR_LOCAL_USERNAME_CONFLICT="An account with the same username as your Facebook account already exists on our site. Please create a new user account on our site and then link your Facebook account to it."
+PLG_AUTHENTICATION_FACEBOOK_ERROR_CANNOT_CREATE="Could not create a new user on our site: %s"
+
+PLG_AUTHENTICATION_FACEBOOK_NOTICE_USERACTIVATE="Your email address needs to be verified before logging in to our site. An email has been sent to you with instructions. After following these instructions please come back here and retry logging in to our site using Facebook."
+PLG_AUTHENTICATION_FACEBOOK_NOTICE_ADMINACTIVATE="Your account needs to be reviewed by an administrator. When the review process is complete you will receive a confirmation email. After receiving that email please come back here and retry logging in to our site using Facebook."
diff --git a/administrator/language/en-GB/en-GB.plg_authentication_facebook.sys.ini b/administrator/language/en-GB/en-GB.plg_authentication_facebook.sys.ini
@@ -0,0 +1,7 @@
+; Joomla! Project
+; Copyright (C) 2005 - 2016 Open Source Matters. All rights reserved.
+; License GNU General Public License version 2 or later; see LICENSE.txt, see LICENSE.php
+; Note : All ini files need to be saved as UTF-8
+
+PLG_AUTHENTICATION_FACEBOOK="Authentication - Facebook"
+PLG_AUTHENTICATION_FACEBOOK_XML_DESCRIPTION="Handles User Authentication with a Facebook account (Requires cURL).<br />You need to <a href='https://developers.facebook.com/apps'>create a Facebook app</a> for your site.<br /><strong>Warning!</strong>Facebook login bypasses Two Factor Authentication.<br /><strong> Warning! You must have at least one authentication plugin enabled or you will lose all access to your site.</strong>"
diff --git a/administrator/manifests/packages/pkg_weblinks.xml b/administrator/manifests/packages/pkg_weblinks.xml
diff --git a/administrator/modules/mod_login/mod_login.php b/administrator/modules/mod_login/mod_login.php
@@ -14,6 +14,7 @@
 
 $langs            = ModLoginHelper::getLanguageList();
 $twofactormethods = JAuthenticationHelper::getTwoFactorMethods();
+$extraFields      = JAuthenticationHelper::getUserLoginFormFields();
 $return           = ModLoginHelper::getReturnUri();
 
 require JModuleHelper::getLayoutPath('mod_login', $params->get('layout', 'default'));
diff --git a/administrator/modules/mod_login/tmpl/default.php b/administrator/modules/mod_login/tmpl/default.php
@@ -70,6 +70,32 @@
 			</div>
 		</div>
 		<?php endif; ?>
+		<?php if (count($extraFields)):
+			$extraFieldCounter = 0;
+			/** @var JAuthenticationFieldInterface $extraField */
+			foreach ($extraFields as $extraField):
+				if ($extraField->getType() != 'field') continue;
+				?>
+				<div id="form-login-extrafield-<?php echo ++$extraFieldCounter ?>" class="control-group">
+					<div class="controls">
+						<?php if (!$params->get('usetext')) : ?>
+							<div class="input-prepend">
+					<span class="add-on">
+						<span class="<?php echo $extraField->getIcon() ?> hasTooltip" title="<?php echo $extraField->getLabel(); ?>">
+						</span>
+							<label class="element-invisible"><?php echo $extraField->getLabel(); ?>
+						</label>
+					</span>
+								<?php echo $extraField->getInput(); ?>
+							</div>
+						<?php else: ?>
+							<label><?php echo $extraField->getLabel(); ?></label>
+							<?php echo $extraField->getInput(); ?>
+						<?php endif; ?>
+					</div>
+				</div>
+			<?php endforeach; ?>
+		<?php endif; ?>
 		<?php if (!empty($langs)) : ?>
 			<div class="control-group">
 				<div class="controls">
@@ -91,6 +117,20 @@
 					<button tabindex="3" class="btn btn-primary btn-block btn-large">
 						<span class="icon-lock icon-white"></span> <?php echo JText::_('MOD_LOGIN_LOGIN'); ?>
 					</button>
+					<?php if (count($extraFields)):
+						$extraFieldCounter = 0;
+						/** @var JAuthenticationFieldInterface $extraField */
+						foreach ($extraFields as $extraField):
+							if ($extraField->getType() != 'link') continue;
+							?>
+							<a id="form-login-button-<?php echo ++$extraFieldCounter ?>" class="btn btn-default" href="<?php echo $extraField->getInput() ?>">
+								<?php if ($extraField->getIcon()): ?>
+									<span class="<?php echo $extraField->getIcon() ?>"></span>
+								<?php endif; ?>
+								<?php echo $extraField->getLabel(); ?>
+							</a>
+						<?php endforeach; ?>
+					<?php endif; ?>
 				</div>
 			</div>
 		</div>

diff --git a/administrator/templates/hathor/html/mod_login/default.php b/administrator/templates/hathor/html/mod_login/default.php
@@ -29,6 +29,20 @@
 				</div>
 			</div>
 		<?php endif; ?>
+		<?php if (count($extraFields)):
+			$extraFieldCounter = 0;
+			/** @var JAuthenticationFieldInterface $extraField */
+			foreach ($extraFields as $extraField):
+				if ($extraField->getType() != 'field') continue;
+				?>
+				<div id="form-login-extrafield-<?php echo ++$extraFieldCounter ?>" class="control-group">
+					<div class="controls">
+						<label><?php echo $extraField->getLabel(); ?></label>
+						<?php echo $extraField->getInput(); ?>
+					</div>
+				</div>
+			<?php endforeach; ?>
+		<?php endif; ?>
 		<?php if (!empty ($langs)) : ?>
 			<label id="mod-login-language-lbl" for="lang"><?php echo JText::_('MOD_LOGIN_LANGUAGE'); ?></label>
 			<?php echo $langs; ?>
@@ -43,6 +57,24 @@
 						<?php echo JText::_('MOD_LOGIN_LOGIN'); ?></a>
 				</div>
 			</div>
+			<?php if (count($extraFields)):
+				$extraFieldCounter = 0;
+				/** @var JAuthenticationFieldInterface $extraField */
+				foreach ($extraFields as $extraField):
+					if ($extraField->getType() != 'button') continue;
+					?>
+					<div class="button1">
+						<div class="next">
+							<a id="form-login-button-<?php echo ++$extraFieldCounter ?>" href="<?php echo $extraField->getInput() ?>">
+								<?php if ($extraField->getIcon()): ?>
+									<span class="<?php echo $extraField->getIcon() ?>"></span>
+								<?php endif; ?>
+								<?php echo $extraField->getLabel(); ?>
+							</a>
+						</div>
+					</div>
+				<?php endforeach; ?>
+			<?php endif; ?>
 		</div>
 
 		<div class="clr"></div>

diff --git a/components/com_users/models/registration.php b/components/com_users/models/registration.php
@@ -372,18 +372,21 @@ protected function populateState()
 	/**
 	 * Method to save the form data.
 	 *
-	 * @param   array  $temp  The form data.
+	 * @param   array  $temp      The form data.
+	 * @param   bool   $verified  Is this user account / email address pre-verified (e.g. through a social network integration)?
 	 *
 	 * @return  mixed  The user id on success, false on failure.
 	 *
 	 * @since   1.6
 	 */
-	public function register($temp)
+	public function register($temp, $verified = false)
 	{
 		$params = JComponentHelper::getParams('com_users');
 
 		// Initialise the table with JUser.
 		$user = new JUser;
+
+		// Get the default data from the site's setup
 		$data = (array) $this->getData();
 
 		// Merge in the registration data.
@@ -398,6 +401,12 @@ public function register($temp)
 		$useractivation = $params->get('useractivation');
 		$sendpassword = $params->get('sendpassword', 1);
 
+		// If the email / user account is pre-verified there's no need to send an activation email.
+		if ($verified)
+		{
+			$useractivation = 0;
+		}
+
 		// Check if the user needs to activate their account.
 		if (($useractivation == 1) || ($useractivation == 2))
 		{

diff --git a/components/com_users/views/login/tmpl/default_login.php b/components/com_users/views/login/tmpl/default_login.php
@@ -11,6 +11,9 @@
 
 JHtml::_('behavior.keepalive');
 JHtml::_('behavior.formvalidator');
+
+/** @var  UsersViewLogin  $this */
+
 ?>
 <div class="login<?php echo $this->pageclass_sfx; ?>">
 	<?php if ($this->params->get('show_page_heading')) : ?>
@@ -64,6 +67,21 @@
 				</div>
 			<?php endif; ?>
 
+			<?php if (count($this->extraFields)):
+				foreach ($this->extraFields as $extraField):
+					if ($extraField->getType() != 'field') continue;
+					?>
+					<div class="control-group">
+						<div class="control-label">
+							<label><?php echo $extraField->getLabel(); ?></label>
+						</div>
+						<div class="controls">
+							<?php echo $extraField->getInput(); ?>
+						</div>
+					</div>
+				<?php endforeach; ?>
+			<?php endif; ?>
+
 			<?php if (JPluginHelper::isEnabled('system', 'remember')) : ?>
 			<div  class="control-group">
 				<div class="control-label"><label><?php echo JText::_('COM_USERS_LOGIN_REMEMBER_ME') ?></label></div>
@@ -76,6 +94,19 @@
 					<button type="submit" class="btn btn-primary">
 						<?php echo JText::_('JLOGIN'); ?>
 					</button>
+					<?php if (count($this->extraFields)):
+						$extraFieldCounter = 0;
+						foreach ($this->extraFields as $extraField):
+							if ($extraField->getType() != 'button') continue;
+							?>
+							<a id="form-login-button-<?php echo ++$extraFieldCounter ?>" class="btn btn-default" href="<?php echo $extraField->getInput() ?>">
+								<?php if ($extraField->getIcon()): ?>
+									<span class="<?php echo $extraField->getIcon() ?>"></span>
+								<?php endif; ?>
+								<?php echo $extraField->getLabel(); ?>
+							</a>
+						<?php endforeach; ?>
+					<?php endif; ?>
 				</div>
 			</div>
 
@@ -106,5 +137,17 @@
 				<?php echo JText::_('COM_USERS_LOGIN_REGISTER'); ?></a>
 		</li>
 		<?php endif; ?>
+		<?php if (count($this->extraFields)):
+			$extraFieldCounter = 0;
+			foreach ($this->extraFields as $extraField):
+				if ($extraField->getType() != 'link') continue;
+				?>
+		<li>
+			<a id="form-login-link-<?php echo ++$extraFieldCounter ?>" href="<?php echo $extraField->getInput() ?>">
+				<?php echo $extraField->getLabel(); ?>
+			</a>
+		</li>
+			<?php endforeach; ?>
+		<?php endif; ?>
 	</ul>
 </div>
diff --git a/components/com_users/views/login/view.html.php b/components/com_users/views/login/view.html.php
@@ -16,12 +16,31 @@
  */
 class UsersViewLogin extends JViewLegacy
 {
+	/**
+	 * @var  JForm
+	 */
 	protected $form;
 
+	/**
+	 * Additional login form fields
+	 *
+	 * @var  JAuthenticationFieldInterface[]
+	 *
+	 * @since  3.7
+	 */
+	protected $extraFields;
+
+	/**
+	 * Users component parameters
+	 *
+	 * @var  \Joomla\Registry\Registry
+	 */
 	protected $params;
 
 	protected $state;
 
+	protected $tfa;
+
 	protected $user;
 
 	/**
@@ -57,9 +76,20 @@ public function display($tpl = null)
 			$this->setLayout($active->query['layout']);
 		}
 
-		$tfa = JAuthenticationHelper::getTwoFactorMethods();
+		$tfa       = JAuthenticationHelper::getTwoFactorMethods();
 		$this->tfa = is_array($tfa) && count($tfa) > 1;
 
+		if ($this->params->get('login_redirect_url'))
+		{
+			$returnUrl = $this->params->get('login_redirect_url', $this->form->getValue('return'));
+		}
+		else
+		{
+			$returnUrl = $this->params->get('login_redirect_menuitem', $this->form->getValue('return'));
+		}
+
+		$this->extraFields = JAuthenticationHelper::getUserLoginFormFields($returnUrl);
+
 		// Escape strings for HTML output
 		$this->pageclass_sfx = htmlspecialchars($this->params->get('pageclass_sfx'), ENT_COMPAT, 'UTF-8');
 

diff --git a/installation/sql/mysql/joomla.sql b/installation/sql/mysql/joomla.sql
@@ -614,6 +614,7 @@ INSERT INTO `#__extensions` (`extension_id`, `name`, `type`, `element`, `folder`
 (455, 'plg_installer_packageinstaller', 'plugin', 'packageinstaller', 'installer', 0, 1, 1, 1, '', '', '', '', 0, '0000-00-00 00:00:00', 1, 0),
 (456, 'plg_installer_folderinstaller', 'plugin', 'folderinstaller', 'installer', 0, 1, 1, 1, '', '', '', '', 0, '0000-00-00 00:00:00', 2, 0),
 (457, 'plg_installer_urlinstaller', 'plugin', 'urlinstaller', 'installer', 0, 1, 1, 1, '', '', '', '', 0, '0000-00-00 00:00:00', 3, 0),
+(458, 'plg_authentication_facebook', 'plugin', 'facebook', 'authentication', 0, 0, 1, 1, '', '', '', '', 0, '0000-00-00 00:00:00', 3, 0),
 (503, 'beez3', 'template', 'beez3', '', 0, 1, 1, 0, '', '{"wrapperSmall":"53","wrapperLarge":"72","sitetitle":"","sitedescription":"","navposition":"center","templatecolor":"nature"}', '', '', 0, '0000-00-00 00:00:00', 0, 0),
 (504, 'hathor', 'template', 'hathor', '', 1, 1, 1, 0, '', '{"showSiteName":"0","colourChoice":"0","boldText":"0"}', '', '', 0, '0000-00-00 00:00:00', 0, 0),
 (506, 'protostar', 'template', 'protostar', '', 0, 1, 1, 0, '', '{"templateColor":"","logoFile":"","googleFont":"1","googleFontName":"Open+Sans","fluidContainer":"0"}', '', '', 0, '0000-00-00 00:00:00', 0, 0),

diff --git a/installation/sql/postgresql/joomla.sql b/installation/sql/postgresql/joomla.sql
@@ -613,7 +613,8 @@ INSERT INTO "#__extensions" ("extension_id", "name", "type", "element", "folder"
 (454, 'plg_system_stats', 'plugin', 'stats', 'system', 0, 1, 1, 0, '', '', '', '', 0, '1970-01-01 00:00:00', 0, 0),
 (455, 'plg_installer_packageinstaller', 'plugin', 'packageinstaller', 'installer', 0, 1, 1, 1, '', '', '', '', 0, '1970-01-01 00:00:00', 1, 0),
 (456, 'plg_installer_folderinstaller', 'plugin', 'folderinstaller', 'installer', 0, 1, 1, 1, '', '', '', '', 0, '1970-01-01 00:00:00', 2, 0),
-(457, 'plg_installer_urlinstaller', 'plugin', 'urlinstaller', 'installer', 0, 1, 1, 1, '', '', '', '', 0, '1970-01-01 00:00:00', 3, 0);
+(457, 'plg_installer_urlinstaller', 'plugin', 'urlinstaller', 'installer', 0, 1, 1, 1, '', '', '', '', 0, '1970-01-01 00:00:00', 3, 0),
+(458, 'plg_authentication_facebook', 'plugin', 'facebook', 'authentication', 0, 1, 1, 1, '', '', '', '', 0, '1970-01-01 00:00:00', 3, 0);
 
 -- Templates
 INSERT INTO "#__extensions" ("extension_id", "name", "type", "element", "folder", "client_id", "enabled", "access", "protected", "manifest_cache", "params", "custom_data", "system_data", "checked_out", "checked_out_time", "ordering", "state") VALUES

diff --git a/installation/sql/sqlazure/joomla.sql b/installation/sql/sqlazure/joomla.sql
@@ -1010,7 +1010,9 @@ SELECT 455, 'plg_installer_packageinstaller', 'plugin', 'packageinstaller', 'ins
 UNION ALL
 SELECT 456, 'plg_installer_folderinstaller', 'plugin', 'folderinstaller', 'installer', 0, 1, 1, 1, '', '', '', '', 0, '1900-01-01 00:00:00', 2, 0
 UNION ALL
-SELECT 457, 'plg_installer_urlinstaller', 'plugin', 'urlinstaller', 'installer', 0, 1, 1, 1, '', '', '', '', 0, '1900-01-01 00:00:00', 3, 0;
+SELECT 457, 'plg_installer_urlinstaller', 'plugin', 'urlinstaller', 'installer', 0, 1, 1, 1, '', '', '', '', 0, '1900-01-01 00:00:00', 3, 0
+UNION ALL
+SELECT 458, 'plg_authentication_facebook', 'plugin', 'facebook', 'authentication', 0, 1, 1, 1, '', '', '', '', 0, '1900-01-01 00:00:00', 3, 0;
 
 -- Templates
 INSERT INTO [#__extensions] ([extension_id], [name], [type], [element], [folder], [client_id], [enabled], [access], [protected], [manifest_cache], [params], [custom_data], [system_data], [checked_out], [checked_out_time], [ordering], [state])