| 1: | <?php
|
| 2: | namespace Opencart\Catalog\Controller\Account;
|
| 3: | |
| 4: | |
| 5: | |
| 6: | |
| 7: |
|
| 8: | class Authorize extends \Opencart\System\Engine\Controller {
|
| 9: | |
| 10: | |
| 11: |
|
| 12: | public function index(): void {
|
| 13: | $this->load->language('account/authorize');
|
| 14: |
|
| 15: | $this->document->setTitle($this->language->get('heading_title'));
|
| 16: |
|
| 17: | if (isset($this->request->cookie['authorize'])) {
|
| 18: | $token = $this->request->cookie['authorize'];
|
| 19: | } else {
|
| 20: | $token = '';
|
| 21: | }
|
| 22: |
|
| 23: |
|
| 24: | if (isset($this->session->data['error'])) {
|
| 25: | $data['error_warning'] = $this->session->data['error'];
|
| 26: |
|
| 27: | unset($this->session->data['error']);
|
| 28: | } else {
|
| 29: | $data['error_warning'] = '';
|
| 30: | }
|
| 31: |
|
| 32: | if (isset($this->session->data['success'])) {
|
| 33: | $data['success'] = $this->session->data['success'];
|
| 34: |
|
| 35: | unset($this->session->data['success']);
|
| 36: | } else {
|
| 37: | $data['success'] = '';
|
| 38: | }
|
| 39: |
|
| 40: | $this->load->model('account/customer');
|
| 41: |
|
| 42: | $login_info = $this->model_account_customer->getAuthorizeByToken($this->user->getId(), $token);
|
| 43: |
|
| 44: | if (!$login_info) {
|
| 45: |
|
| 46: | $token = oc_token(32);
|
| 47: |
|
| 48: | $authorize_data = [
|
| 49: | 'token' => $token,
|
| 50: | 'ip' => $this->request->server['REMOTE_ADDR'],
|
| 51: | 'user_agent' => $this->request->server['HTTP_USER_AGENT']
|
| 52: | ];
|
| 53: |
|
| 54: | $this->load->model('account/customer');
|
| 55: |
|
| 56: | $this->model_account_customer->addAuthorize($this->customer->getId(), $authorize_data);
|
| 57: |
|
| 58: | setcookie('authorize', $token, time() + 60 * 60 * 24 * 365 * 10);
|
| 59: | }
|
| 60: |
|
| 61: | $data['action'] = $this->url->link('account/authorize.validate', 'user_token=' . $this->session->data['user_token']);
|
| 62: |
|
| 63: |
|
| 64: | $this->session->data['code'] = oc_token(4);
|
| 65: |
|
| 66: | if (isset($this->request->get['route']) && $this->request->get['route'] != 'account/login' && $this->request->get['route'] != 'account/authorize') {
|
| 67: | $args = $this->request->get;
|
| 68: |
|
| 69: | $route = $args['route'];
|
| 70: |
|
| 71: | unset($args['route']);
|
| 72: | unset($args['user_token']);
|
| 73: |
|
| 74: | $url = '';
|
| 75: |
|
| 76: | if ($args) {
|
| 77: | $url .= http_build_query($args);
|
| 78: | }
|
| 79: |
|
| 80: | $data['redirect'] = $this->url->link($route, $url, true);
|
| 81: | } else {
|
| 82: | $data['redirect'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true);
|
| 83: | }
|
| 84: |
|
| 85: | $data['user_token'] = $this->session->data['user_token'];
|
| 86: |
|
| 87: | $data['header'] = $this->load->controller('common/header');
|
| 88: | $data['footer'] = $this->load->controller('common/footer');
|
| 89: |
|
| 90: | $this->response->setOutput($this->load->view('common/authorize', $data));
|
| 91: | }
|
| 92: |
|
| 93: | |
| 94: | |
| 95: | |
| 96: | |
| 97: |
|
| 98: | public function send(): void {
|
| 99: | $this->load->language('account/authorize');
|
| 100: |
|
| 101: | $json = [];
|
| 102: |
|
| 103: | $json['success'] = $this->language->get('text_resend');
|
| 104: |
|
| 105: | $this->response->addHeader('Content-Type: application/json');
|
| 106: | $this->response->setOutput(json_encode($json));
|
| 107: | }
|
| 108: |
|
| 109: | |
| 110: | |
| 111: | |
| 112: | |
| 113: |
|
| 114: | public function validate(): void {
|
| 115: | $this->load->language('account/authorize');
|
| 116: |
|
| 117: | $json = [];
|
| 118: |
|
| 119: | if (isset($this->request->cookie['authorize'])) {
|
| 120: | $token = $this->request->cookie['authorize'];
|
| 121: | } else {
|
| 122: | $token = '';
|
| 123: | }
|
| 124: |
|
| 125: | $this->load->model('account/customer');
|
| 126: |
|
| 127: | $authorize_info = $this->model_account_customer->getAuthorizeByToken($this->customer->getId(), $token);
|
| 128: |
|
| 129: | if ($authorize_info) {
|
| 130: | if (($authorize_info['attempts'] <= 2) && (!isset($this->request->post['code']) || !isset($this->session->data['code']) || ($this->request->post['code'] != $this->session->data['code']))) {
|
| 131: | $json['error'] = $this->language->get('error_code');
|
| 132: |
|
| 133: | $this->model_account_customer->editAuthorizeTotal($authorize_info['customer_authorize_id'], $authorize_info['total'] + 1);
|
| 134: | }
|
| 135: |
|
| 136: | if ($authorize_info['attempts'] >= 2) {
|
| 137: | $json['redirect'] = $this->url->link('account/authorize.unlock', 'user_token=' . $this->session->data['user_token'], true);
|
| 138: | }
|
| 139: | } else {
|
| 140: | $json['error'] = $this->language->get('error_code');
|
| 141: | }
|
| 142: |
|
| 143: | if (!$json) {
|
| 144: | $this->model_account_customer->editAuthorizeStatus($authorize_info['customer_authorize_id'], true);
|
| 145: | $this->model_account_customer->editAuthorizeTotal($authorize_info['customer_authorize_id'], 0);
|
| 146: |
|
| 147: | if (isset($this->request->post['redirect'])) {
|
| 148: | $redirect = urldecode(html_entity_decode($this->request->post['redirect'], ENT_QUOTES, 'UTF-8'));
|
| 149: | } else {
|
| 150: | $redirect = '';
|
| 151: | }
|
| 152: |
|
| 153: |
|
| 154: | if ($redirect && str_starts_with($redirect, HTTP_SERVER)) {
|
| 155: | $json['redirect'] = $redirect . '&user_token=' . $this->session->data['user_token'];
|
| 156: | } else {
|
| 157: | $json['redirect'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true);
|
| 158: | }
|
| 159: | }
|
| 160: |
|
| 161: | $this->response->addHeader('Content-Type: application/json');
|
| 162: | $this->response->setOutput(json_encode($json));
|
| 163: | }
|
| 164: |
|
| 165: | |
| 166: | |
| 167: | |
| 168: | |
| 169: |
|
| 170: | public function unlock(): void {
|
| 171: | $this->load->language('account/authorize');
|
| 172: |
|
| 173: | if (isset($this->request->cookie['authorize'])) {
|
| 174: | $token = $this->request->cookie['authorize'];
|
| 175: | } else {
|
| 176: | $token = '';
|
| 177: | }
|
| 178: |
|
| 179: | $this->load->model('account/customer');
|
| 180: |
|
| 181: | $authorize_info = $this->model_account_customer->getAuthorizeByToken($this->customer->getId(), $token);
|
| 182: |
|
| 183: | if ($authorize_info && $authorize_info['status']) {
|
| 184: |
|
| 185: | $this->response->redirect($this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true));
|
| 186: | }
|
| 187: |
|
| 188: | $data['user_token'] = $this->session->data['user_token'];
|
| 189: |
|
| 190: | $data['header'] = $this->load->controller('common/header');
|
| 191: | $data['footer'] = $this->load->controller('common/footer');
|
| 192: |
|
| 193: | $this->response->setOutput($this->load->view('common/authorize_unlock', $data));
|
| 194: | }
|
| 195: |
|
| 196: | |
| 197: | |
| 198: | |
| 199: | |
| 200: |
|
| 201: | public function confirm(): void {
|
| 202: | $this->load->language('account/authorize');
|
| 203: |
|
| 204: | $json = [];
|
| 205: |
|
| 206: | $json['success'] = $this->language->get('text_link');
|
| 207: |
|
| 208: |
|
| 209: | $this->load->model('account/customer');
|
| 210: |
|
| 211: | $this->model_account_customer->editCode($this->customer->getEmail(), oc_token(32));
|
| 212: |
|
| 213: | $this->response->addHeader('Content-Type: application/json');
|
| 214: | $this->response->setOutput(json_encode($json));
|
| 215: | }
|
| 216: |
|
| 217: | |
| 218: | |
| 219: | |
| 220: | |
| 221: |
|
| 222: | public function reset(): void {
|
| 223: | $this->load->language('account/authorize');
|
| 224: |
|
| 225: | if (isset($this->request->get['email'])) {
|
| 226: | $email = (string)$this->request->get['email'];
|
| 227: | } else {
|
| 228: | $email = '';
|
| 229: | }
|
| 230: |
|
| 231: | if (isset($this->request->get['code'])) {
|
| 232: | $code = (string)$this->request->get['code'];
|
| 233: | } else {
|
| 234: | $code = '';
|
| 235: | }
|
| 236: |
|
| 237: | $this->load->model('account/customer');
|
| 238: |
|
| 239: | $customer_info = $this->model_account_customer->getCustomerByEmail($email);
|
| 240: |
|
| 241: | if ($customer_info && $customer_info['code'] && $code && $customer_info['code'] === $code) {
|
| 242: | $this->model_account_customer->resetAuthorizes($customer_info['customer_id']);
|
| 243: |
|
| 244: | $this->model_account_customer->editCode($email, '');
|
| 245: |
|
| 246: | $this->session->data['success'] = $this->language->get('text_unlocked');
|
| 247: |
|
| 248: | $this->response->redirect($this->url->link('account/authorize', 'user_token=' . $this->session->data['user_token'], true));
|
| 249: | } else {
|
| 250: | $this->customer->logout();
|
| 251: |
|
| 252: | $this->model_account_customer->editCode($email, '');
|
| 253: |
|
| 254: | $this->session->data['error'] = $this->language->get('error_reset');
|
| 255: |
|
| 256: | $this->response->redirect($this->url->link('account/login', '', true));
|
| 257: | }
|
| 258: | }
|
| 259: | }
|
| 260: | |