| 1: | <?php
|
| 2: | namespace Opencart\Admin\Controller\Common;
|
| 3: | |
| 4: | |
| 5: | |
| 6: | |
| 7: |
|
| 8: | class Login extends \Opencart\System\Engine\Controller {
|
| 9: | |
| 10: | |
| 11: | |
| 12: | |
| 13: |
|
| 14: | public function index(): void {
|
| 15: | $this->load->language('common/login');
|
| 16: |
|
| 17: | $this->document->setTitle($this->language->get('heading_title'));
|
| 18: |
|
| 19: |
|
| 20: | if ($this->user->isLogged() && isset($this->request->get['user_token']) && isset($this->session->data['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) {
|
| 21: | $this->response->redirect($this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true));
|
| 22: | }
|
| 23: |
|
| 24: |
|
| 25: | if (isset($this->request->get['user_token']) && (!isset($this->session->data['user_token']) || ($this->request->get['user_token'] != $this->session->data['user_token']))) {
|
| 26: | $data['error_warning'] = $this->language->get('error_token');
|
| 27: | } elseif (isset($this->session->data['error'])) {
|
| 28: | $data['error_warning'] = $this->session->data['error'];
|
| 29: |
|
| 30: | unset($this->session->data['error']);
|
| 31: | } else {
|
| 32: | $data['error_warning'] = '';
|
| 33: | }
|
| 34: |
|
| 35: | if (isset($this->session->data['success'])) {
|
| 36: | $data['success'] = $this->session->data['success'];
|
| 37: |
|
| 38: | unset($this->session->data['success']);
|
| 39: | } else {
|
| 40: | $data['success'] = '';
|
| 41: | }
|
| 42: |
|
| 43: |
|
| 44: | $this->session->data['login_token'] = oc_token(32);
|
| 45: |
|
| 46: | $data['login'] = $this->url->link('common/login.login', 'login_token=' . $this->session->data['login_token'], true);
|
| 47: |
|
| 48: | if ($this->config->get('config_mail_engine')) {
|
| 49: | $data['forgotten'] = $this->url->link('common/forgotten');
|
| 50: | } else {
|
| 51: | $data['forgotten'] = '';
|
| 52: | }
|
| 53: |
|
| 54: | if (isset($this->request->get['route']) && $this->request->get['route'] != 'common/login') {
|
| 55: | $args = $this->request->get;
|
| 56: |
|
| 57: | $route = $args['route'];
|
| 58: |
|
| 59: | unset($args['route']);
|
| 60: | unset($args['user_token']);
|
| 61: |
|
| 62: | $url = '';
|
| 63: |
|
| 64: | $url .= http_build_query($args);
|
| 65: |
|
| 66: | $data['redirect'] = $this->url->link($route, $url);
|
| 67: | } else {
|
| 68: | $data['redirect'] = '';
|
| 69: | }
|
| 70: |
|
| 71: | $data['header'] = $this->load->controller('common/header');
|
| 72: | $data['footer'] = $this->load->controller('common/footer');
|
| 73: |
|
| 74: | $this->response->setOutput($this->load->view('common/login', $data));
|
| 75: | }
|
| 76: |
|
| 77: | |
| 78: | |
| 79: | |
| 80: | |
| 81: |
|
| 82: | public function login(): void {
|
| 83: | $this->load->language('common/login');
|
| 84: |
|
| 85: | $json = [];
|
| 86: |
|
| 87: |
|
| 88: | $keys = [
|
| 89: | 'username',
|
| 90: | 'password',
|
| 91: | 'redirect'
|
| 92: | ];
|
| 93: |
|
| 94: | foreach ($keys as $key) {
|
| 95: | if (!isset($this->request->post[$key])) {
|
| 96: | $this->request->post[$key] = '';
|
| 97: | }
|
| 98: | }
|
| 99: |
|
| 100: | if ($this->user->isLogged() && isset($this->request->get['user_token']) && isset($this->session->data['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) {
|
| 101: | $json['redirect'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true);
|
| 102: | }
|
| 103: |
|
| 104: | if (!isset($this->request->get['login_token']) || !isset($this->session->data['login_token']) || $this->request->get['login_token'] != $this->session->data['login_token']) {
|
| 105: | $this->session->data['error'] = $this->language->get('error_login');
|
| 106: |
|
| 107: | $json['redirect'] = $this->url->link('common/login', '', true);
|
| 108: | }
|
| 109: |
|
| 110: | if (!$json && !$this->user->login($this->request->post['username'], html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8'))) {
|
| 111: | $json['error'] = $this->language->get('error_login');
|
| 112: | }
|
| 113: |
|
| 114: | if (!$json) {
|
| 115: | $this->session->data['user_token'] = oc_token(32);
|
| 116: |
|
| 117: |
|
| 118: | unset($this->session->data['login_token']);
|
| 119: |
|
| 120: | $login_data = [
|
| 121: | 'ip' => $this->request->server['REMOTE_ADDR'],
|
| 122: | 'user_agent' => $this->request->server['HTTP_USER_AGENT']
|
| 123: | ];
|
| 124: |
|
| 125: | $this->load->model('user/user');
|
| 126: |
|
| 127: | $this->model_user_user->addLogin($this->user->getId(), $login_data);
|
| 128: |
|
| 129: | if ($this->request->post['redirect'] && str_starts_with(html_entity_decode($this->request->post['redirect'], ENT_QUOTES, 'UTF-8'), HTTP_SERVER)) {
|
| 130: | $json['redirect'] = html_entity_decode($this->request->post['redirect'], ENT_QUOTES, 'UTF-8') . '&user_token=' . $this->session->data['user_token'];
|
| 131: | } else {
|
| 132: | $json['redirect'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true);
|
| 133: | }
|
| 134: | }
|
| 135: |
|
| 136: | $this->response->addHeader('Content-Type: application/json');
|
| 137: | $this->response->setOutput(json_encode($json));
|
| 138: | }
|
| 139: | }
|
| 140: | |