Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #############################################################################################
- file /frontend/config/main - UPDATE
- #############################################################################################
- riga 101, alla fine dell'array rules:
- 'invia-richiesta-recover-password' => 'site/sendrichiestarecoverpassword',
- 'rp' => 'site/resetpassword',
- 'saverp' => 'site/saveresetpassword'
- #############################################################################################
- file /frontend/controllers/SiteController.php - UPDATE
- #############################################################################################
- /**
- * Logs in a user.
- *
- * @return mixed
- */
- public function actionLogin()
- {
- $msg_reset_password = Yii::$app->session->get("msg_reset_password",NULL);
- if (!Yii::$app->user->isGuest) {
- return $this->goHome();
- }
- $model = new LoginFormFE();
- if ($model->load(Yii::$app->request->post()) && $model->login()) {
- return $this->redirect("/account");
- } else {
- return $this->render('login', [
- 'model' => $model,
- 'msg_reset_password' => $msg_reset_password
- ]);
- }
- }
- /**
- * Logs out the current user.
- *
- * @return mixed
- */
- public function actionSendrichiestarecoverpassword()
- {
- $params = Yii::$app->request;
- $codfisc = trim(Html::encode($params->post("codice-fiscale")));
- $email = trim(Html::encode($params->post("email")));
- if(empty($codfisc))
- return BaseJson::encode([ 'error' => 1,'field' => 'codice-fiscale','msg' => 'Il codice fiscale è obbligatorio' ]);
- if(is_numeric($codfisc) && strlen($codfisc) != 11)
- return BaseJson::encode([ 'error' => 1,'field' => 'codice-fiscale','msg' => 'Il codice fiscale non è valido' ]);
- elseif(! is_numeric($codfisc) && ! StringUtils::is_valid_cf($codfisc))
- return BaseJson::encode([ 'error' => 1,'field' => 'codice-fiscale','msg' => 'Il codice fiscale non è valido' ]);
- if(empty($email))
- return BaseJson::encode([ 'error' => 1,'field' => 'email','msg' => 'L\'email è obbligatoria' ]);
- if(!StringUtils::is_valid_email($email))
- return BaseJson::encode([ 'error' => 1,'field' => 'email','msg' => 'Email non valida' ]);
- $q = <<<SQL
- SELECT C.idCliente,A.id_Account ida,C.ClienteCodiceContabilita codcli FROM Cliente C
- JOIN _Account A ON A.id_Account=C._Account_id_Account
- JOIN _non_cancellare NC ON A._AccountUsername=NC.user
- WHERE (C.ClienteCodFiscale=:cf OR C.ClientePIVA=:cf) AND A._AccountEmail=:em AND NC.mail=:em
- SQL;
- $connection = Yii::$app->getDb();
- $command = $connection->createCommand($q);
- $command->bindValue(':cf', $codfisc);
- $command->bindValue(':em', $email);
- $cliente = $command->queryOne(\PDO::FETCH_ASSOC);
- if(empty($cliente)){
- return BaseJson::encode([ 'error' => 1,'field' => '','msg' => 'Siamo spiacenti. Cliente non trovato sul nostro sistema' ]);
- }
- $idacc = $cliente['_Account_id_Account'];
- if(! empty($idacc))
- return BaseJson::encode([ 'error' => 1,'field' => '','msg' => 'Possiede già un accesso per la sua Area Personale' ]);
- $data = [
- 'ida' => $cliente['ida'],
- 'codcli' => $cliente['codcli'],
- 'codfisc' => $codfisc,
- 'email' => $email
- ];
- $sub = "NordOvest Energie - Richiesta di recupero password di accesso all'Area Personale";
- $from = [ Yii::$app->params['sistemaautoEmail'] => 'Nordovest Energie' ];
- $to = [ Yii::$app->params['clientiEmail'] => 'Nordovest Energie Area clienti' ];
- //$from = $to = 'simmese@simmese.com';
- Yii::$app->mailer->compose(
- [ 'html' => 'send-richiesta-rp-html','text' => 'send-richiesta-rp-text' ],
- $data
- )->setFrom($from)->setTo($to)->setSubject($sub)->setBcc($from)->send();
- $msg = <<<HTML
- <h3>Grazie per averci contattati</h3>
- <div class="standard-no-indent">
- La sua richiesta è stata processata correttamente.<br />
- A breve riceverà una nostra email contenente le istruzioni per reimpostare la password di accesso alla sua Area Personale.
- </div>
- <div class="standard-no-indent">
- Nel caso in cui non dovesse ricevere nulla verifichi la sua casella Spam.<br />
- Per evitare che eventuali comunicazioni vengano classificate come Spam le consigliamo di aggiungere la nostra email tra i suoi contatti.
- </div>
- HTML;
- return BaseJson::encode([ 'success' => 1,'msg' => $msg ]);
- }
- public function actionResetpassword(){
- $params = Yii::$app->request;
- $token = trim($params->get('t'));
- $q = <<<SQL
- SELECT * FROM _Account WHERE token=:t AND token_exp>NOW()
- SQL;
- $connection = Yii::$app->getDb();
- $command = $connection->createCommand($q);
- $command->bindValue(':t', $token);
- $account = $command->queryOne(\PDO::FETCH_ASSOC);
- return $this->render('resetpassword', [
- 'account' => $account,
- 'token' => $token
- ]);
- }
- public function actionSaveresetpassword(){
- $params = Yii::$app->request;
- $token = intval($params->post("token"));
- $ida = intval($params->post("ida"));
- $np = trim(Html::encode($params->post("np")));
- $npc = trim(Html::encode($params->post("npc")));
- $err = 0;
- if(empty($np)){
- $err = 101;
- }
- if(empty($npc)){
- $err = 102;
- }
- if($np != $npc) {
- $err = 103;
- }
- if(! empty($err)) {
- return $this->redirect("/rp?t=".$token."&err=".$err);
- }
- $q = <<<SQL
- UPDATE _Account SET _AccountPassword=:p WHERE id_Account=:ida
- SQL;
- $connection = Yii::$app->getDb();
- $command = $connection->createCommand($q);
- $command->bindValue(':p', md5($np));
- $command->bindValue(':ida', $ida);
- $command->execute();
- Yii::$app->session->set("msg_reset_password","Password reimpostata con successo. Prova ad accedere.");
- return $this->redirect("/login");
- }
- #############################################################################################
- file /frontend/views/site/login.php - OVERWRITE FULL
- #############################################################################################
- <?php
- /* @var $this yii\web\View */
- /* @var $form yii\bootstrap\ActiveForm */
- /* @var $model \common\models\LoginForm */
- /* @var $msg_reset_password string|null */
- use frontend\components\Utilities;
- use yii\helpers\Html;
- use yii\bootstrap\ActiveForm;
- $this->title = 'Login';
- $this->params['breadcrumbs'][] = $this->title;
- ?>
- <div class="site-login mar-bot-100">
- <div class="row">
- <div class="col-sm-offset-2 col-sm-8 col-md-offset-3 col-md-6" id="login-cont">
- <?php
- if($msg_reset_password){
- echo '<div class="alert alert-success">'.$msg_reset_password.'</div>';
- Yii::$app->session->remove('msg_reset_password');
- }
- ?>
- <h1><?= Html::encode($this->title) ?></h1>
- <div class="mar-top-30" id="login-cont-form">
- <?php $form = ActiveForm::begin(['id' => 'login-form']); ?>
- <?php echo $form->field($model, 'username')->textInput(['autofocus' => true]); ?>
- <?php echo $form->field($model, 'password')->passwordInput(); ?>
- <div class="form-group mar-top-30">
- <?php echo Html::submitButton('Accedi', ['class' => 'btn btn-primary pull-right', 'name' => 'login-button']); ?>
- </div>
- <div class="clearfix"></div>
- <?php ActiveForm::end(); ?>
- </div>
- <div class="clearfix"></div>
- <div class="center" style="margin-top:20px;">
- Non hai ancora un accesso alla tua Area Personale?
- <br><br>
- <button class="btn btn-primary" data-target="#modal-richiesta-area-personale" data-toggle="modal">
- <i class="fa fa-user" style="color:white!important;"></i> RICHIEDI ORA
- </button>
- </div>
- <div class="center" style="margin-top:20px;">
- Hai dimenticato la password di accesso alla tua Area Personale?
- <br><br>
- <button class="btn btn-primary" data-target="#modal-richiesta-recover-password" data-toggle="modal">
- <i class="fa fa-user" style="color:white!important;"></i> RECUPERA ORA
- </button>
- </div>
- <div class="center mar-top-50">
- Hai un accesso come agenzia? <a href="http://servizi.nordovestenergie.it/login.php">Clicca qui</a>.
- </div>
- <?php echo Utilities::getModalContent("modal-richiesta-area-personale","Richiedi accesso alla tua Area Personale",$this->renderFile('@app/views/layouts/partials/modalerichiestaareapersonale.php'),"Richiedi"); ?>
- <?php echo Utilities::getModalContent("modal-richiesta-recover-password","Cambia la password di accesso alla tua Area Personale",$this->renderFile('@app/views/layouts/partials/modalerecuperopassword.php'),"Richiedi",'lg'); ?>
- </div>
- </div>
- </div>
- #############################################################################################
- file /frontend/views/layouts/partials/modalerecuperopassword.php - NEW FILE
- #############################################################################################
- <form id="modal-richiesta-recover-password-form">
- <div class="subtitle center mar-top-10">
- Inserisci qui il tuo codice fiscale e il tuo indirizzo e-mail.<br>
- Ti invieremo al più presto una email con il link per poter reimpostare<br>
- la password per l'accesso alla tua Area Personale.
- </div>
- <div class="row mar-top-50">
- <div class="col-sm-4 ralign cont-label">
- <label>Codice Fiscale/Partita IVA *</label>
- </div>
- <div class="col-sm-8">
- <div class="col-sm-8">
- <input type="text" class="form-control" name="codice-fiscale" placeholder="Inserisci il tuo codice fiscale" />
- </div>
- </div>
- </div>
- <div class="row mar-top-50">
- <div class="col-sm-4 ralign cont-label">
- <label>Email *</label>
- </div>
- <div class="col-sm-8">
- <div class="col-sm-8">
- <input type="text" class="form-control" name="email" placeholder="Inserisci la tua email" />
- </div>
- </div>
- </div>
- <div class="small mar-top-20 center">* I campi contrassegnati con un asterisco sono obbligatori</div>
- </form>
- <div class="alert alert-danger nascosto mar-top-10" id="err-modal-richiesta-cambio-password"></div>
- #############################################################################################
- file /frontend/views/site/resetpassword.php - NEW FILE (click email, vista di actionResetpassword)
- #############################################################################################
- <?php
- /* @var $this yii\web\View */
- use frontend\components\Utilities;
- use yii\helpers\Html;
- use yii\bootstrap\ActiveForm;
- if(empty($account))
- die('Richiesta scaduta o non valida');
- $this->title = 'Reset Password';
- $this->params['breadcrumbs'][] = $this->title;
- ?>
- <div class="site-login mar-bot-100">
- <div class="row">
- <div class="col-sm-offset-1 col-sm-10" id="login-cont">
- <h1><?= Html::encode($this->title) ?></h1>
- <div class="mar-top-30" id="login-cont-form">
- <form id="modal-richiesta-recover-password-form" action="/saverp" method="post">
- <div class="subtitle center mar-top-10">
- Inserisci qui la nuova password e confermala per teminare la reimpostazione.<br>
- Poi prova ad accedere nuovamente.
- </div>
- <div class="row mar-top-50">
- <div class="col-sm-4 ralign cont-label">
- <label>Nuova password *</label>
- </div>
- <div class="col-sm-8">
- <div class="col-sm-8">
- <input type="password" class="form-control" name="np" />
- </div>
- </div>
- </div>
- <div class="row mar-top-50">
- <div class="col-sm-4 ralign cont-label">
- <label>Ripeti password *</label>
- </div>
- <div class="col-sm-8">
- <div class="col-sm-8">
- <input type="password" class="form-control" name="npc" />
- </div>
- </div>
- </div>
- <input type="hidden" name="ida" value="<?= $account['id_Account'] ?>">
- <input type="hidden" name="token" value="<?= $token ?>">
- <div class="small mar-top-20 center">* I campi contrassegnati con un asterisco sono obbligatori</div>
- <div class="form-group mar-top-30">
- <?php echo Html::submitButton('Salva', ['class' => 'btn btn-primary pull-right', 'name' => 'reset-password-button']); ?>
- </div>
- </form>
- <div class="alert alert-danger nascosto mar-top-10" id="err-modal-richiesta-cambio-password"></div>
- <div class="clearfix"></div>
- </div>
- <div class="clearfix"></div>
- </div>
- </div>
- </div>
- #############################################################################################
- file /frontend/web/js/site.js - UPDATE, verso riga 700, dopo blocco
- - $doc.on("click","#modal-richiesta-area-personale-btn",function(){
- #############################################################################################
- $('#modal-richiesta-recover-password').on('shown.bs.modal', function (e) {
- $("[name=codice-fiscale]").focus();
- });
- $('#modal-richiesta-recover-password').on('hidden.bs.modal', function (e) {
- var $form = $("#modal-richiesta-recover-password-form");
- $form.find("input:text").val("");
- });
- $doc.on("click","#modal-richiesta-recover-password input",function(){
- cleanErrors();
- });
- $doc.on("keyup","#modal-richiesta-recover-password input",function(){
- cleanErrors();
- });
- $doc.on("click","#modal-richiesta-recover-password-btn",function(){
- var $btn = $(this);
- var $form = $("#modal-richiesta-recover-password-form");
- $form.find(".alert").html("").hide();
- $btn.attr("disabled","disabled");
- $.ajax({
- url : "/invia-richiesta-recover-password",
- data : $form.serialize(),
- dataType : "json",
- type : "post",
- success : function(j){
- $btn.removeAttr("disabled");
- if(j) {
- if(typeof(j.success) != 'undefined') {
- $form.find("input:text").val("");
- closeModal("#modal-richiesta-recover-password");
- $("h1").after('<div class="fade in alert alert-success mar-top-20" id="mail-ok"><a href="#" class="close" data-dismiss="alert" aria-label="close" title="close">×</a><div class="inner-msg">' + j.msg + '</div></div>');
- } else {
- if(typeof(j.field) != 'undefined') {
- if(j.field != '') {
- var f = $("#modal-richiesta-recover-password").find("[name=" + j.field + "]");
- f.select();
- f.addClass("error");
- f.closest(".col-sm-8").append('<div class="alert alert-danger mar-top-10">' + j.msg + '</div>');
- } else {
- $form.append('<div class="alert alert-danger mar-top-10">' + j.msg + '</div>');
- }
- }
- }
- }
- }
- });
- });
- #############################################################################################
- file /common/mail/send-richiesta-rp-html.php - NEW FILE (template mail HTML, richiamato dal controller Site)
- Testo da modificare PHP semicorretto
- #############################################################################################
- <h3>Richiesta accesso all'Area Personale Nordovest Energie</h3>
- <?php
- /* @var $ida int */
- /* @var $codcli int */
- /* @var $email string */
- /* @var $codfisc string */
- $token = sha1(uniqid($codcli."|".$email."|".$codfisc."|".time(),TRUE));
- // salvo token su tabella _Account
- $q = <<<SQL
- UPDATE _Account SET token=:t,token_exp=:te WHERE id_Account=:ida
- SQL;
- $connection = Yii::$app->getDb();
- $command = $connection->createCommand($q);
- $command->bindValue(':t', $token);
- $command->bindValue(':te', date("Y-m-d H:i:s",time() + 2*86400));
- $command->bindValue(':ida', $ida);
- $command->execute();
- ?>
- https://www.nordovestenergie.it/rp/?t=<?= base64_encode($token) ?>
- <div style="font-size:15px;">
- <div><b>Codice Cliente: </b><?= str_pad($codcli,5,"0",STR_PAD_LEFT) ?></div>
- <div><b>Codice Fiscale: </b><?= $codfisc ?></div>
- </div>
- <div style="font-size:15px;margin-top:15px;margin-bottom:25px;">
- Inviare una email all'indirizzo comunicatoci dal cliente <?= $email ?> con i dati per effettuare l'accesso.
- </div>
- <?= \common\components\helpers\EmailHelper::footer() ?>
- #############################################################################################
- file /common/mail/send-richiesta-rp-text.php - NEW FILE (template mail testo, richiamato dal controller Site)
- Testo da scrivere NO HTML
- #############################################################################################
- ...
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement