.-.-.-.-.-

<?php
/**
 * @package   admintools
 * @copyright Copyright (c)2010-2023 Nicholas K. Dionysopoulos / Akeeba Ltd
 * @license   GNU General Public License version 3, or later
 */

use Joomla\CMS\Language\Text;

defined('_JEXEC') || die;

/**
 * Self protection.
 *
 * Monitors whenever someone tries to unpublish the Admin Tools pluign, overriding the action.
 */
class AtsystemFeatureSelfprotect extends AtsystemFeatureAbstract
{
	protected $loadOrder = 170;

/**
	 * Is this feature enabled?
	 *
	 * @return bool
	 */
	public function isEnabled()
	{
		$enabled = $this->cparams->getValue('selfprotect', 1) == 1;

return $enabled & $this->container->platform->isBackend();
	}

/**
	 * Disables creating new admins or updating new ones
	 */
	public function onAfterInitialise()
	{
		$input  = $this->input;
		$option = $input->getCmd('option', '');
		$task   = $input->getCmd('task', '');

if ($option != 'com_plugins')
		{
			return;
		}

$this->onDirectUnpublish($task);

$this->onApplyOrSave($task);
	}

/**
	 * Gets the extennsion ID for the System - Admin Tools plugin
	 *
	 * @return  int|null  The ID or null on failure
	 */
	protected function getPluginId()
	{
		$db    = $this->container->db;
		$query = $db->getQuery(true)
			->select($db->qn('extension_id'))
			->from($db->qn('#__extensions'))
			->where($db->qn('type') . ' = ' . $db->q('plugin'))
			->where($db->qn('element') . ' = ' . $db->q('admintools'))
			->where($db->qn('folder') . ' = ' . $db->q('system'));

try
		{
			return $db->setQuery($query)->loadResult();
		}
		catch (Exception $e)
		{
			return null;
		}
	}

/**
	 * Handles the case of someone directly unpublishing the plugin from the Plugin Manager interface
	 *
	 * @param   string  $task
	 */
	private function onDirectUnpublish($task)
	{
		$allowedTasks = ['unpublish', 'plugins.unpublish'];

if (!in_array($task, $allowedTasks))
		{
			return;
		}

// Get a list of all IDs in the request
		$ids   = $this->input->get('cid', [], 'array');
		$ids[] = $this->input->getInt('id', null);

// Get the plugin ID for System - Admin Tools
		$ourId = $this->getPluginId();

if (is_null($ourId) || empty($ourId))
		{
			return;
		}

// Does the ID exist in the array? We need to be thorough, we can't do a simple in_array.
		foreach ($ids as $id)
		{
			$id = (int) trim($id);

if ($id == $ourId)
			{
				throw new RuntimeException(Text::_('JGLOBAL_AUTH_ACCESS_DENIED'), 403);
			}
		}
	}

/**
	 * Handles the case of someone directly unpublishing the plugin from the Plugin Manager interface
	 *
	 * @param   string  $task
	 */
	private function onApplyOrSave($task)
	{
		$allowedTasks = ['apply', 'save', 'plugins.apply', 'plugins.save', 'plugin.apply', 'plugin.save'];

if (!in_array($task, $allowedTasks))
		{
			return;
		}

// Get a list of all IDs in the request
		$ids   = $this->input->get('cid', [], 'array');
		$ids[] = $this->input->getInt('id', null);
		$ids[] = $this->input->getInt('extension_id', null);

// Get the plugin ID for System - Admin Tools
		$ourId = $this->getPluginId();

if (is_null($ourId) || empty($ourId))
		{
			return;
		}

// Does the ID exist in the array? We need to be thorough, we can't do a simple in_array.
		$found = false;

foreach ($ids as $id)
		{
			$id = (int) trim($id);

if ($id == $ourId)
			{
				$found = true;

break;
			}
		}

if (!$found)
		{
			return;
		}

// Get the form data and look for the enabled field
		$jform = $this->input->get('jform', [], 'array');

if (!isset($jform['enabled']))
		{
			// Not saving the "enabled" value
			return;
		}

if ($jform['enabled'] == 1)
		{
			// The plugin is being activated
			return;
		}

// Apparently someone tries to activate the plugin. NOPE.
		throw new RuntimeException(Text::_('JGLOBAL_AUTH_ACCESS_DENIED'), 403);
	}
}

/var/www/consult-e-syn/public_html/643de/../plugins/system/admintools/feature/selfprotect.php