1: | <?php
|
2: | namespace Opencart\Catalog\Controller\Account;
|
3: | |
4: | |
5: | |
6: | |
7: |
|
8: | class Authorize extends \Opencart\System\Engine\Controller {
|
9: | |
10: | |
11: |
|
12: | public function index(): void {
|
13: | $this->load->language('account/authorize');
|
14: |
|
15: | $this->document->setTitle($this->language->get('heading_title'));
|
16: |
|
17: | if (isset($this->request->cookie['authorize'])) {
|
18: | $token = $this->request->cookie['authorize'];
|
19: | } else {
|
20: | $token = '';
|
21: | }
|
22: |
|
23: |
|
24: | if (isset($this->session->data['error'])) {
|
25: | $data['error_warning'] = $this->session->data['error'];
|
26: |
|
27: | unset($this->session->data['error']);
|
28: | } else {
|
29: | $data['error_warning'] = '';
|
30: | }
|
31: |
|
32: | if (isset($this->session->data['success'])) {
|
33: | $data['success'] = $this->session->data['success'];
|
34: |
|
35: | unset($this->session->data['success']);
|
36: | } else {
|
37: | $data['success'] = '';
|
38: | }
|
39: |
|
40: | $this->load->model('account/customer');
|
41: |
|
42: | $login_info = $this->model_account_customer->getAuthorizeByToken($this->user->getId(), $token);
|
43: |
|
44: | if (!$login_info) {
|
45: |
|
46: | $token = oc_token(32);
|
47: |
|
48: | $authorize_data = [
|
49: | 'token' => $token,
|
50: | 'ip' => $this->request->server['REMOTE_ADDR'],
|
51: | 'user_agent' => $this->request->server['HTTP_USER_AGENT']
|
52: | ];
|
53: |
|
54: | $this->load->model('account/customer');
|
55: |
|
56: | $this->model_account_customer->addAuthorize($this->customer->getId(), $authorize_data);
|
57: |
|
58: | setcookie('authorize', $token, time() + 60 * 60 * 24 * 365 * 10);
|
59: | }
|
60: |
|
61: | $data['action'] = $this->url->link('account/authorize.validate', 'user_token=' . $this->session->data['user_token']);
|
62: |
|
63: |
|
64: | $this->session->data['code'] = oc_token(4);
|
65: |
|
66: | if (isset($this->request->get['route']) && $this->request->get['route'] != 'account/login' && $this->request->get['route'] != 'account/authorize') {
|
67: | $args = $this->request->get;
|
68: |
|
69: | $route = $args['route'];
|
70: |
|
71: | unset($args['route']);
|
72: | unset($args['user_token']);
|
73: |
|
74: | $url = '';
|
75: |
|
76: | if ($args) {
|
77: | $url .= http_build_query($args);
|
78: | }
|
79: |
|
80: | $data['redirect'] = $this->url->link($route, $url, true);
|
81: | } else {
|
82: | $data['redirect'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true);
|
83: | }
|
84: |
|
85: | $data['user_token'] = $this->session->data['user_token'];
|
86: |
|
87: | $data['header'] = $this->load->controller('common/header');
|
88: | $data['footer'] = $this->load->controller('common/footer');
|
89: |
|
90: | $this->response->setOutput($this->load->view('common/authorize', $data));
|
91: | }
|
92: |
|
93: | |
94: | |
95: | |
96: | |
97: |
|
98: | public function send(): void {
|
99: | $this->load->language('account/authorize');
|
100: |
|
101: | $json = [];
|
102: |
|
103: | $json['success'] = $this->language->get('text_resend');
|
104: |
|
105: | $this->response->addHeader('Content-Type: application/json');
|
106: | $this->response->setOutput(json_encode($json));
|
107: | }
|
108: |
|
109: | |
110: | |
111: | |
112: | |
113: |
|
114: | public function validate(): void {
|
115: | $this->load->language('account/authorize');
|
116: |
|
117: | $json = [];
|
118: |
|
119: | if (isset($this->request->cookie['authorize'])) {
|
120: | $token = $this->request->cookie['authorize'];
|
121: | } else {
|
122: | $token = '';
|
123: | }
|
124: |
|
125: | $this->load->model('account/customer');
|
126: |
|
127: | $authorize_info = $this->model_account_customer->getAuthorizeByToken($this->customer->getId(), $token);
|
128: |
|
129: | if ($authorize_info) {
|
130: | if (($authorize_info['attempts'] <= 2) && (!isset($this->request->post['code']) || !isset($this->session->data['code']) || ($this->request->post['code'] != $this->session->data['code']))) {
|
131: | $json['error'] = $this->language->get('error_code');
|
132: |
|
133: | $this->model_account_customer->editAuthorizeTotal($authorize_info['customer_authorize_id'], $authorize_info['total'] + 1);
|
134: | }
|
135: |
|
136: | if ($authorize_info['attempts'] >= 2) {
|
137: | $json['redirect'] = $this->url->link('account/authorize.unlock', 'user_token=' . $this->session->data['user_token'], true);
|
138: | }
|
139: | } else {
|
140: | $json['error'] = $this->language->get('error_code');
|
141: | }
|
142: |
|
143: | if (!$json) {
|
144: | $this->model_account_customer->editAuthorizeStatus($authorize_info['customer_authorize_id'], true);
|
145: | $this->model_account_customer->editAuthorizeTotal($authorize_info['customer_authorize_id'], 0);
|
146: |
|
147: | if (isset($this->request->post['redirect'])) {
|
148: | $redirect = urldecode(html_entity_decode($this->request->post['redirect'], ENT_QUOTES, 'UTF-8'));
|
149: | } else {
|
150: | $redirect = '';
|
151: | }
|
152: |
|
153: |
|
154: | if ($redirect && str_starts_with($redirect, HTTP_SERVER)) {
|
155: | $json['redirect'] = $redirect . '&user_token=' . $this->session->data['user_token'];
|
156: | } else {
|
157: | $json['redirect'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true);
|
158: | }
|
159: | }
|
160: |
|
161: | $this->response->addHeader('Content-Type: application/json');
|
162: | $this->response->setOutput(json_encode($json));
|
163: | }
|
164: |
|
165: | |
166: | |
167: | |
168: | |
169: |
|
170: | public function unlock(): void {
|
171: | $this->load->language('account/authorize');
|
172: |
|
173: | if (isset($this->request->cookie['authorize'])) {
|
174: | $token = $this->request->cookie['authorize'];
|
175: | } else {
|
176: | $token = '';
|
177: | }
|
178: |
|
179: | $this->load->model('account/customer');
|
180: |
|
181: | $authorize_info = $this->model_account_customer->getAuthorizeByToken($this->customer->getId(), $token);
|
182: |
|
183: | if ($authorize_info && $authorize_info['status']) {
|
184: |
|
185: | $this->response->redirect($this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true));
|
186: | }
|
187: |
|
188: | $data['user_token'] = $this->session->data['user_token'];
|
189: |
|
190: | $data['header'] = $this->load->controller('common/header');
|
191: | $data['footer'] = $this->load->controller('common/footer');
|
192: |
|
193: | $this->response->setOutput($this->load->view('common/authorize_unlock', $data));
|
194: | }
|
195: |
|
196: | |
197: | |
198: | |
199: | |
200: |
|
201: | public function confirm(): void {
|
202: | $this->load->language('account/authorize');
|
203: |
|
204: | $json = [];
|
205: |
|
206: | $json['success'] = $this->language->get('text_link');
|
207: |
|
208: |
|
209: | $this->load->model('account/customer');
|
210: |
|
211: | $this->model_account_customer->editCode($this->customer->getEmail(), oc_token(32));
|
212: |
|
213: | $this->response->addHeader('Content-Type: application/json');
|
214: | $this->response->setOutput(json_encode($json));
|
215: | }
|
216: |
|
217: | |
218: | |
219: | |
220: | |
221: |
|
222: | public function reset(): void {
|
223: | $this->load->language('account/authorize');
|
224: |
|
225: | if (isset($this->request->get['email'])) {
|
226: | $email = (string)$this->request->get['email'];
|
227: | } else {
|
228: | $email = '';
|
229: | }
|
230: |
|
231: | if (isset($this->request->get['code'])) {
|
232: | $code = (string)$this->request->get['code'];
|
233: | } else {
|
234: | $code = '';
|
235: | }
|
236: |
|
237: | $this->load->model('account/customer');
|
238: |
|
239: | $customer_info = $this->model_account_customer->getCustomerByEmail($email);
|
240: |
|
241: | if ($customer_info && $customer_info['code'] && $code && $customer_info['code'] === $code) {
|
242: | $this->model_account_customer->resetAuthorizes($customer_info['customer_id']);
|
243: |
|
244: | $this->model_account_customer->editCode($email, '');
|
245: |
|
246: | $this->session->data['success'] = $this->language->get('text_unlocked');
|
247: |
|
248: | $this->response->redirect($this->url->link('account/authorize', 'user_token=' . $this->session->data['user_token'], true));
|
249: | } else {
|
250: | $this->customer->logout();
|
251: |
|
252: | $this->model_account_customer->editCode($email, '');
|
253: |
|
254: | $this->session->data['error'] = $this->language->get('error_reset');
|
255: |
|
256: | $this->response->redirect($this->url->link('account/login', '', true));
|
257: | }
|
258: | }
|
259: | }
|
260: | |