1: | <?php
|
2: | namespace Opencart\Admin\Controller\Common;
|
3: | |
4: | |
5: | |
6: | |
7: |
|
8: | class Forgotten extends \Opencart\System\Engine\Controller {
|
9: | |
10: | |
11: | |
12: | |
13: |
|
14: | public function index(): void {
|
15: | $this->load->language('common/forgotten');
|
16: |
|
17: | if ($this->user->isLogged() || !$this->config->get('config_mail_engine')) {
|
18: | $this->response->redirect($this->url->link('common/login', '', true));
|
19: | }
|
20: |
|
21: | $this->document->setTitle($this->language->get('heading_title'));
|
22: |
|
23: | $data['breadcrumbs'] = [];
|
24: |
|
25: | $data['breadcrumbs'][] = [
|
26: | 'text' => $this->language->get('text_home'),
|
27: | 'href' => $this->url->link('common/dashboard')
|
28: | ];
|
29: |
|
30: | $data['breadcrumbs'][] = [
|
31: | 'text' => $this->language->get('heading_title'),
|
32: | 'href' => $this->url->link('common/forgotten')
|
33: | ];
|
34: |
|
35: | $data['confirm'] = $this->url->link('common/forgotten.confirm');
|
36: | $data['back'] = $this->url->link('common/login');
|
37: |
|
38: | $data['header'] = $this->load->controller('common/header');
|
39: | $data['footer'] = $this->load->controller('common/footer');
|
40: |
|
41: | $this->response->setOutput($this->load->view('common/forgotten', $data));
|
42: | }
|
43: |
|
44: | |
45: | |
46: | |
47: | |
48: |
|
49: | public function confirm(): void {
|
50: | $this->load->language('common/forgotten');
|
51: |
|
52: | $json = [];
|
53: |
|
54: |
|
55: | if ($this->user->isLogged() || !$this->config->get('config_mail_engine')) {
|
56: | $json['redirect'] = $this->url->link('common/login', '', true);
|
57: | }
|
58: |
|
59: | $keys = ['email'];
|
60: |
|
61: | foreach ($keys as $key) {
|
62: | if (!isset($this->request->post[$key])) {
|
63: | $this->request->post[$key] = '';
|
64: | }
|
65: | }
|
66: |
|
67: | $this->load->model('user/user');
|
68: |
|
69: | $user_info = $this->model_user_user->getUserByEmail($this->request->post['email']);
|
70: |
|
71: | if (!$user_info) {
|
72: | $json['error'] = $this->language->get('error_email');
|
73: | }
|
74: |
|
75: | if (!$json) {
|
76: | $this->model_user_user->editCode($this->request->post['email'], oc_token(40));
|
77: |
|
78: | $this->session->data['success'] = $this->language->get('text_success');
|
79: |
|
80: | $json['redirect'] = $this->url->link('common/login', '', true);
|
81: | }
|
82: |
|
83: | $this->response->addHeader('Content-Type: application/json');
|
84: | $this->response->setOutput(json_encode($json));
|
85: | }
|
86: |
|
87: | |
88: | |
89: | |
90: | |
91: |
|
92: | public function reset(): void {
|
93: | $this->load->language('common/forgotten');
|
94: |
|
95: | if (isset($this->request->get['email'])) {
|
96: | $email = (string)$this->request->get['email'];
|
97: | } else {
|
98: | $email = '';
|
99: | }
|
100: |
|
101: | if (isset($this->request->get['code'])) {
|
102: | $code = (string)$this->request->get['code'];
|
103: | } else {
|
104: | $code = '';
|
105: | }
|
106: |
|
107: | if ($this->user->isLogged() || !$this->config->get('config_mail_engine')) {
|
108: | $this->response->redirect($this->url->link('common/login', '', true));
|
109: | }
|
110: |
|
111: | $this->load->model('user/user');
|
112: |
|
113: | $user_info = $this->model_user_user->getUserByEmail($email);
|
114: |
|
115: | if (!$user_info || !$user_info['code'] || $user_info['code'] !== $code) {
|
116: | $this->model_user_user->editCode($email, '');
|
117: |
|
118: | $this->session->data['error'] = $this->language->get('error_code');
|
119: |
|
120: | $this->response->redirect($this->url->link('common/login', '', true));
|
121: | }
|
122: |
|
123: | $this->document->setTitle($this->language->get('heading_reset'));
|
124: |
|
125: | $data['breadcrumbs'] = [];
|
126: |
|
127: | $data['breadcrumbs'][] = [
|
128: | 'text' => $this->language->get('text_home'),
|
129: | 'href' => $this->url->link('common/dashboard')
|
130: | ];
|
131: |
|
132: | $data['breadcrumbs'][] = [
|
133: | 'text' => $this->language->get('heading_title'),
|
134: | 'href' => $this->url->link('common/forgotten.reset')
|
135: | ];
|
136: |
|
137: | $this->session->data['reset_token'] = substr(bin2hex(openssl_random_pseudo_bytes(26)), 0, 26);
|
138: |
|
139: | $data['reset'] = $this->url->link('common/forgotten.password', 'email=' . urlencode($email) . '&code=' . $code . '&reset_token=' . $this->session->data['reset_token']);
|
140: | $data['back'] = $this->url->link('common/login');
|
141: |
|
142: | $data['header'] = $this->load->controller('common/header');
|
143: | $data['footer'] = $this->load->controller('common/footer');
|
144: |
|
145: | $this->response->setOutput($this->load->view('common/forgotten_reset', $data));
|
146: | }
|
147: |
|
148: | |
149: | |
150: | |
151: | |
152: |
|
153: | public function password(): void {
|
154: | $this->load->language('common/forgotten');
|
155: |
|
156: | $json = [];
|
157: |
|
158: | if (isset($this->request->get['email'])) {
|
159: | $email = (string)$this->request->get['email'];
|
160: | } else {
|
161: | $email = '';
|
162: | }
|
163: |
|
164: | if (isset($this->request->get['code'])) {
|
165: | $code = (string)$this->request->get['code'];
|
166: | } else {
|
167: | $code = '';
|
168: | }
|
169: |
|
170: | $keys = [
|
171: | 'password',
|
172: | 'confirm'
|
173: | ];
|
174: |
|
175: | foreach ($keys as $key) {
|
176: | if (!isset($this->request->post[$key])) {
|
177: | $this->request->post[$key] = '';
|
178: | }
|
179: | }
|
180: |
|
181: | if (!isset($this->request->get['reset_token']) || !isset($this->session->data['reset_token']) || ($this->session->data['reset_token'] != $this->request->get['reset_token'])) {
|
182: | $this->session->data['error'] = $this->language->get('error_session');
|
183: |
|
184: | $json['redirect'] = $this->url->link('account/forgotten', '', true);
|
185: | }
|
186: |
|
187: | $this->load->model('user/user');
|
188: |
|
189: | $user_info = $this->model_user_user->getUserByEmail($email);
|
190: |
|
191: | if (!$user_info || !$user_info['code'] || $user_info['code'] !== $code) {
|
192: | $this->model_user_user->editCode($email, '');
|
193: |
|
194: | $this->session->data['error'] = $this->language->get('error_code');
|
195: |
|
196: | $json['redirect'] = $this->url->link('common/login', '', true);
|
197: | }
|
198: |
|
199: | if (!$json) {
|
200: | if ((oc_strlen(html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8')) < 6) || (oc_strlen(html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8')) > 40)) {
|
201: | $json['error']['password'] = $this->language->get('error_password');
|
202: | }
|
203: |
|
204: | if ($this->request->post['confirm'] != $this->request->post['password']) {
|
205: | $json['error']['confirm'] = $this->language->get('error_confirm');
|
206: | }
|
207: | }
|
208: |
|
209: | if (!$json) {
|
210: | $this->model_user_user->editPassword($user_info['user_id'], $this->request->post['password']);
|
211: |
|
212: | $this->session->data['success'] = $this->language->get('text_reset');
|
213: |
|
214: | unset($this->session->data['reset_token']);
|
215: |
|
216: | $json['redirect'] = $this->url->link('common/login', '', true);
|
217: | }
|
218: |
|
219: | $this->response->addHeader('Content-Type: application/json');
|
220: | $this->response->setOutput(json_encode($json));
|
221: | }
|
222: | }
|
223: | |