| 1: | <?php
|
| 2: | namespace Opencart\Admin\Controller\Common;
|
| 3: | |
| 4: | |
| 5: | |
| 6: | |
| 7: |
|
| 8: | class Forgotten extends \Opencart\System\Engine\Controller {
|
| 9: | |
| 10: | |
| 11: | |
| 12: | |
| 13: |
|
| 14: | public function index(): void {
|
| 15: | $this->load->language('common/forgotten');
|
| 16: |
|
| 17: | if ($this->user->isLogged() || !$this->config->get('config_mail_engine')) {
|
| 18: | $this->response->redirect($this->url->link('common/login', '', true));
|
| 19: | }
|
| 20: |
|
| 21: | $this->document->setTitle($this->language->get('heading_title'));
|
| 22: |
|
| 23: | $data['breadcrumbs'] = [];
|
| 24: |
|
| 25: | $data['breadcrumbs'][] = [
|
| 26: | 'text' => $this->language->get('text_home'),
|
| 27: | 'href' => $this->url->link('common/dashboard')
|
| 28: | ];
|
| 29: |
|
| 30: | $data['breadcrumbs'][] = [
|
| 31: | 'text' => $this->language->get('heading_title'),
|
| 32: | 'href' => $this->url->link('common/forgotten')
|
| 33: | ];
|
| 34: |
|
| 35: | $data['confirm'] = $this->url->link('common/forgotten.confirm');
|
| 36: | $data['back'] = $this->url->link('common/login');
|
| 37: |
|
| 38: | $data['header'] = $this->load->controller('common/header');
|
| 39: | $data['footer'] = $this->load->controller('common/footer');
|
| 40: |
|
| 41: | $this->response->setOutput($this->load->view('common/forgotten', $data));
|
| 42: | }
|
| 43: |
|
| 44: | |
| 45: | |
| 46: | |
| 47: | |
| 48: |
|
| 49: | public function confirm(): void {
|
| 50: | $this->load->language('common/forgotten');
|
| 51: |
|
| 52: | $json = [];
|
| 53: |
|
| 54: |
|
| 55: | if ($this->user->isLogged() || !$this->config->get('config_mail_engine')) {
|
| 56: | $json['redirect'] = $this->url->link('common/login', '', true);
|
| 57: | }
|
| 58: |
|
| 59: | $keys = ['email'];
|
| 60: |
|
| 61: | foreach ($keys as $key) {
|
| 62: | if (!isset($this->request->post[$key])) {
|
| 63: | $this->request->post[$key] = '';
|
| 64: | }
|
| 65: | }
|
| 66: |
|
| 67: | $this->load->model('user/user');
|
| 68: |
|
| 69: | $user_info = $this->model_user_user->getUserByEmail($this->request->post['email']);
|
| 70: |
|
| 71: | if (!$user_info) {
|
| 72: | $json['error'] = $this->language->get('error_email');
|
| 73: | }
|
| 74: |
|
| 75: | if (!$json) {
|
| 76: | $this->model_user_user->editCode($this->request->post['email'], oc_token(40));
|
| 77: |
|
| 78: | $this->session->data['success'] = $this->language->get('text_success');
|
| 79: |
|
| 80: | $json['redirect'] = $this->url->link('common/login', '', true);
|
| 81: | }
|
| 82: |
|
| 83: | $this->response->addHeader('Content-Type: application/json');
|
| 84: | $this->response->setOutput(json_encode($json));
|
| 85: | }
|
| 86: |
|
| 87: | |
| 88: | |
| 89: | |
| 90: | |
| 91: |
|
| 92: | public function reset(): void {
|
| 93: | $this->load->language('common/forgotten');
|
| 94: |
|
| 95: | if (isset($this->request->get['email'])) {
|
| 96: | $email = (string)$this->request->get['email'];
|
| 97: | } else {
|
| 98: | $email = '';
|
| 99: | }
|
| 100: |
|
| 101: | if (isset($this->request->get['code'])) {
|
| 102: | $code = (string)$this->request->get['code'];
|
| 103: | } else {
|
| 104: | $code = '';
|
| 105: | }
|
| 106: |
|
| 107: | if ($this->user->isLogged() || !$this->config->get('config_mail_engine')) {
|
| 108: | $this->response->redirect($this->url->link('common/login', '', true));
|
| 109: | }
|
| 110: |
|
| 111: | $this->load->model('user/user');
|
| 112: |
|
| 113: | $user_info = $this->model_user_user->getUserByEmail($email);
|
| 114: |
|
| 115: | if (!$user_info || !$user_info['code'] || $user_info['code'] !== $code) {
|
| 116: | $this->model_user_user->editCode($email, '');
|
| 117: |
|
| 118: | $this->session->data['error'] = $this->language->get('error_code');
|
| 119: |
|
| 120: | $this->response->redirect($this->url->link('common/login', '', true));
|
| 121: | }
|
| 122: |
|
| 123: | $this->document->setTitle($this->language->get('heading_reset'));
|
| 124: |
|
| 125: | $data['breadcrumbs'] = [];
|
| 126: |
|
| 127: | $data['breadcrumbs'][] = [
|
| 128: | 'text' => $this->language->get('text_home'),
|
| 129: | 'href' => $this->url->link('common/dashboard')
|
| 130: | ];
|
| 131: |
|
| 132: | $data['breadcrumbs'][] = [
|
| 133: | 'text' => $this->language->get('heading_title'),
|
| 134: | 'href' => $this->url->link('common/forgotten.reset')
|
| 135: | ];
|
| 136: |
|
| 137: | $this->session->data['reset_token'] = substr(bin2hex(openssl_random_pseudo_bytes(26)), 0, 26);
|
| 138: |
|
| 139: | $data['reset'] = $this->url->link('common/forgotten.password', 'email=' . urlencode($email) . '&code=' . $code . '&reset_token=' . $this->session->data['reset_token']);
|
| 140: | $data['back'] = $this->url->link('common/login');
|
| 141: |
|
| 142: | $data['header'] = $this->load->controller('common/header');
|
| 143: | $data['footer'] = $this->load->controller('common/footer');
|
| 144: |
|
| 145: | $this->response->setOutput($this->load->view('common/forgotten_reset', $data));
|
| 146: | }
|
| 147: |
|
| 148: | |
| 149: | |
| 150: | |
| 151: | |
| 152: |
|
| 153: | public function password(): void {
|
| 154: | $this->load->language('common/forgotten');
|
| 155: |
|
| 156: | $json = [];
|
| 157: |
|
| 158: | if (isset($this->request->get['email'])) {
|
| 159: | $email = (string)$this->request->get['email'];
|
| 160: | } else {
|
| 161: | $email = '';
|
| 162: | }
|
| 163: |
|
| 164: | if (isset($this->request->get['code'])) {
|
| 165: | $code = (string)$this->request->get['code'];
|
| 166: | } else {
|
| 167: | $code = '';
|
| 168: | }
|
| 169: |
|
| 170: | $keys = [
|
| 171: | 'password',
|
| 172: | 'confirm'
|
| 173: | ];
|
| 174: |
|
| 175: | foreach ($keys as $key) {
|
| 176: | if (!isset($this->request->post[$key])) {
|
| 177: | $this->request->post[$key] = '';
|
| 178: | }
|
| 179: | }
|
| 180: |
|
| 181: | if (!isset($this->request->get['reset_token']) || !isset($this->session->data['reset_token']) || ($this->session->data['reset_token'] != $this->request->get['reset_token'])) {
|
| 182: | $this->session->data['error'] = $this->language->get('error_session');
|
| 183: |
|
| 184: | $json['redirect'] = $this->url->link('account/forgotten', '', true);
|
| 185: | }
|
| 186: |
|
| 187: | $this->load->model('user/user');
|
| 188: |
|
| 189: | $user_info = $this->model_user_user->getUserByEmail($email);
|
| 190: |
|
| 191: | if (!$user_info || !$user_info['code'] || $user_info['code'] !== $code) {
|
| 192: | $this->model_user_user->editCode($email, '');
|
| 193: |
|
| 194: | $this->session->data['error'] = $this->language->get('error_code');
|
| 195: |
|
| 196: | $json['redirect'] = $this->url->link('common/login', '', true);
|
| 197: | }
|
| 198: |
|
| 199: | if (!$json) {
|
| 200: | if ((oc_strlen(html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8')) < 6) || (oc_strlen(html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8')) > 40)) {
|
| 201: | $json['error']['password'] = $this->language->get('error_password');
|
| 202: | }
|
| 203: |
|
| 204: | if ($this->request->post['confirm'] != $this->request->post['password']) {
|
| 205: | $json['error']['confirm'] = $this->language->get('error_confirm');
|
| 206: | }
|
| 207: | }
|
| 208: |
|
| 209: | if (!$json) {
|
| 210: | $this->model_user_user->editPassword($user_info['user_id'], $this->request->post['password']);
|
| 211: |
|
| 212: | $this->session->data['success'] = $this->language->get('text_reset');
|
| 213: |
|
| 214: | unset($this->session->data['reset_token']);
|
| 215: |
|
| 216: | $json['redirect'] = $this->url->link('common/login', '', true);
|
| 217: | }
|
| 218: |
|
| 219: | $this->response->addHeader('Content-Type: application/json');
|
| 220: | $this->response->setOutput(json_encode($json));
|
| 221: | }
|
| 222: | }
|
| 223: | |