docs/api/source-catalog.controller.account.login.html
| 1: | <?php | | 2: | namespace Opencart\Catalog\Controller\Account; | | 3: | /** | | 4: | * Class Login | | 5: | * | | 6: | * @package Opencart\Catalog\Controller\Account | | 7: | */ | | 8: | class Login extends \Opencart\System\Engine\Controller { | | 9: | /** | | 10: | * @return void | | 11: | */ | | 12: | public function index(): void { | | 13: | $this->load->language('account/login'); | | 14: | | | 15: | $this->document->setTitle($this->language->get('heading_title')); | | 16: | | | 17: | // If already logged in and has matching token then redirect to account page | | 18: | if ($this->customer->isLogged() && isset($this->request->get['customer_token']) && isset($this->session->data['customer_token']) && ($this->request->get['customer_token'] == $this->session->data['customer_token'])) { | | 19: | $this->response->redirect($this->url->link('account/account', 'language=' . $this->config->get('config_language') . '&customer_token=' . $this->session->data['customer_token'], true)); | | 20: | } | | 21: | | | 22: | $data['breadcrumbs'] = []; | | 23: | | | 24: | $data['breadcrumbs'][] = [ | | 25: | 'text' => $this->language->get('text_home'), | | 26: | 'href' => $this->url->link('common/home', 'language=' . $this->config->get('config_language')) | | 27: | ]; | | 28: | | | 29: | $data['breadcrumbs'][] = [ | | 30: | 'text' => $this->language->get('text_account'), | | 31: | 'href' => $this->url->link('account/account', 'language=' . $this->config->get('config_language')) | | 32: | ]; | | 33: | | | 34: | $data['breadcrumbs'][] = [ | | 35: | 'text' => $this->language->get('text_login'), | | 36: | 'href' => $this->url->link('account/login', 'language=' . $this->config->get('config_language')) | | 37: | ]; | | 38: | | | 39: | // Check to see if user is using incorrect token | | 40: | if (isset($this->session->data['customer_token'])) { | | 41: | $data['error_warning'] = $this->language->get('error_token'); | | 42: | | | 43: | $this->customer->logout(); | | 44: | | | 45: | unset($this->session->data['customer']); | | 46: | unset($this->session->data['shipping_address']); | | 47: | unset($this->session->data['shipping_method']); | | 48: | unset($this->session->data['shipping_methods']); | | 49: | unset($this->session->data['payment_address']); | | 50: | unset($this->session->data['payment_method']); | | 51: | unset($this->session->data['payment_methods']); | | 52: | unset($this->session->data['comment']); | | 53: | unset($this->session->data['order_id']); | | 54: | unset($this->session->data['coupon']); | | 55: | unset($this->session->data['reward']); | | 56: | unset($this->session->data['voucher']); | | 57: | unset($this->session->data['vouchers']); | | 58: | unset($this->session->data['customer_token']); | | 59: | } elseif (isset($this->session->data['error'])) { | | 60: | $data['error_warning'] = $this->session->data['error']; | | 61: | | | 62: | unset($this->session->data['error']); | | 63: | } else { | | 64: | $data['error_warning'] = ''; | | 65: | } | | 66: | | | 67: | if (isset($this->session->data['success'])) { | | 68: | $data['success'] = $this->session->data['success']; | | 69: | | | 70: | unset($this->session->data['success']); | | 71: | } else { | | 72: | $data['success'] = ''; | | 73: | } | | 74: | | | 75: | if (isset($this->session->data['redirect'])) { | | 76: | $data['redirect'] = $this->session->data['redirect']; | | 77: | | | 78: | unset($this->session->data['redirect']); | | 79: | } elseif (isset($this->request->get['redirect'])) { | | 80: | $data['redirect'] = $this->request->get['redirect']; | | 81: | } else { | | 82: | $data['redirect'] = ''; | | 83: | } | | 84: | | | 85: | $this->session->data['login_token'] = oc_token(26); | | 86: | | | 87: | $data['login'] = $this->url->link('account/login.login', 'language=' . $this->config->get('config_language') . '&login_token=' . $this->session->data['login_token']); | | 88: | $data['register'] = $this->url->link('account/register', 'language=' . $this->config->get('config_language')); | | 89: | $data['forgotten'] = $this->url->link('account/forgotten', 'language=' . $this->config->get('config_language')); | | 90: | | | 91: | $data['column_left'] = $this->load->controller('common/column_left'); | | 92: | $data['column_right'] = $this->load->controller('common/column_right'); | | 93: | $data['content_top'] = $this->load->controller('common/content_top'); | | 94: | $data['content_bottom'] = $this->load->controller('common/content_bottom'); | | 95: | $data['footer'] = $this->load->controller('common/footer'); | | 96: | $data['header'] = $this->load->controller('common/header'); | | 97: | | | 98: | $this->response->setOutput($this->load->view('account/login', $data)); | | 99: | } | | 100: | | | 101: | /** | | 102: | * Login | | 103: | * | | 104: | * @return void | | 105: | */ | | 106: | public function login(): void { | | 107: | $this->load->language('account/login'); | | 108: | | | 109: | $json = []; | | 110: | | | 111: | // Stop any undefined index messages. | | 112: | $keys = [ | | 113: | 'email', | | 114: | 'password', | | 115: | 'redirect' | | 116: | ]; | | 117: | | | 118: | foreach ($keys as $key) { | | 119: | if (!isset($this->request->post[$key])) { | | 120: | $this->request->post[$key] = ''; | | 121: | } | | 122: | } | | 123: | | | 124: | $this->customer->logout(); | | 125: | | | 126: | if (!isset($this->request->get['login_token']) || !isset($this->session->data['login_token']) || ($this->request->get['login_token'] != $this->session->data['login_token'])) { | | 127: | $json['redirect'] = $this->url->link('account/login', 'language=' . $this->config->get('config_language'), true); | | 128: | } | | 129: | | | 130: | if (!$json) { | | 131: | // Check how many login attempts have been made. | | 132: | $this->load->model('account/customer'); | | 133: | | | 134: | $login_info = $this->model_account_customer->getLoginAttempts($this->request->post['email']); | | 135: | | | 136: | if ($login_info && ($login_info['total'] >= $this->config->get('config_login_attempts')) && strtotime('-1 hour') < strtotime($login_info['date_modified'])) { | | 137: | $json['error']['warning'] = $this->language->get('error_attempts'); | | 138: | } | | 139: | | | 140: | // Check if customer has been approved. | | 141: | $customer_info = $this->model_account_customer->getCustomerByEmail($this->request->post['email']); | | 142: | | | 143: | if ($customer_info && !$customer_info['status']) { | | 144: | $json['error']['warning'] = $this->language->get('error_approved'); | | 145: | } elseif (!$this->customer->login($this->request->post['email'], html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8'))) { | | 146: | $json['error']['warning'] = $this->language->get('error_login'); | | 147: | | | 148: | $this->model_account_customer->addLoginAttempt($this->request->post['email']); | | 149: | } | | 150: | } | | 151: | | | 152: | if (!$json) { | | 153: | // Add customer details into session | | 154: | $this->session->data['customer'] = [ | | 155: | 'customer_id' => $customer_info['customer_id'], | | 156: | 'customer_group_id' => $customer_info['customer_group_id'], | | 157: | 'firstname' => $customer_info['firstname'], | | 158: | 'lastname' => $customer_info['lastname'], | | 159: | 'email' => $customer_info['email'], | | 160: | 'telephone' => $customer_info['telephone'], | | 161: | 'custom_field' => $customer_info['custom_field'] | | 162: | ]; | | 163: | | | 164: | unset($this->session->data['order_id']); | | 165: | unset($this->session->data['shipping_method']); | | 166: | unset($this->session->data['shipping_methods']); | | 167: | unset($this->session->data['payment_method']); | | 168: | unset($this->session->data['payment_methods']); | | 169: | | | 170: | // Wishlist | | 171: | if (isset($this->session->data['wishlist']) && is_array($this->session->data['wishlist'])) { | | 172: | $this->load->model('account/wishlist'); | | 173: | | | 174: | foreach ($this->session->data['wishlist'] as $key => $product_id) { | | 175: | $this->model_account_wishlist->addWishlist($this->customer->getId(), $product_id); | | 176: | | | 177: | unset($this->session->data['wishlist'][$key]); | | 178: | } | | 179: | } | | 180: | | | 181: | // Log the IP info | | 182: | $this->model_account_customer->addLogin($this->customer->getId(), $this->request->server['REMOTE_ADDR']); | | 183: | | | 184: | // Create customer token | | 185: | $this->session->data['customer_token'] = oc_token(26); | | 186: | | | 187: | $this->model_account_customer->deleteLoginAttempts($this->request->post['email']); | | 188: | | | 189: | if (isset($this->request->post['redirect'])) { | | 190: | $redirect = urldecode(html_entity_decode($this->request->post['redirect'], ENT_QUOTES, 'UTF-8')); | | 191: | } else { | | 192: | $redirect = ''; | | 193: | } | | 194: | | | 195: | // Added strpos check to pass McAfee PCI compliance test (http://forum.opencart.com/viewtopic.php?f=10&t=12043&p=151494#p151295) | | 196: | if ($redirect && str_starts_with($redirect, $this->config->get('config_url'))) { | | 197: | $json['redirect'] = $redirect . '&customer_token=' . $this->session->data['customer_token']; | | 198: | } else { | | 199: | $json['redirect'] = $this->url->link('account/account', 'language=' . $this->config->get('config_language') . '&customer_token=' . $this->session->data['customer_token'], true); | | 200: | } | | 201: | } | | 202: | | | 203: | $this->response->addHeader('Content-Type: application/json'); | | 204: | $this->response->setOutput(json_encode($json)); | | 205: | } | | 206: | | | 207: | /** | | 208: | * Token | | 209: | * | | 210: | * @return void | | 211: | */ | | 212: | public function token(): void { | | 213: | $this->load->language('account/login'); | | 214: | | | 215: | if (isset($this->request->get['email'])) { | | 216: | $email = $this->request->get['email']; | | 217: | } else { | | 218: | $email = ''; | | 219: | } | | 220: | | | 221: | if (isset($this->request->get['login_token'])) { | | 222: | $token = $this->request->get['login_token']; | | 223: | } else { | | 224: | $token = ''; | | 225: | } | | 226: | | | 227: | // Login override for admin users | | 228: | $this->customer->logout(); | | 229: | $this->cart->clear(); | | 230: | | | 231: | unset($this->session->data['order_id']); | | 232: | unset($this->session->data['payment_address']); | | 233: | unset($this->session->data['payment_method']); | | 234: | unset($this->session->data['payment_methods']); | | 235: | unset($this->session->data['shipping_address']); | | 236: | unset($this->session->data['shipping_method']); | | 237: | unset($this->session->data['shipping_methods']); | | 238: | unset($this->session->data['comment']); | | 239: | unset($this->session->data['coupon']); | | 240: | unset($this->session->data['reward']); | | 241: | unset($this->session->data['voucher']); | | 242: | unset($this->session->data['vouchers']); | | 243: | unset($this->session->data['customer_token']); | | 244: | | | 245: | $this->load->model('account/customer'); | | 246: | | | 247: | $customer_info = $this->model_account_customer->getCustomerByEmail($email); | | 248: | | | 249: | if ($customer_info && $customer_info['token'] && $customer_info['token'] == $token && $this->customer->login($customer_info['email'], '', true)) { | | 250: | // Add customer details into session | | 251: | $this->session->data['customer'] = [ | | 252: | 'customer_id' => $customer_info['customer_id'], | | 253: | 'customer_group_id' => $customer_info['customer_group_id'], | | 254: | 'firstname' => $customer_info['firstname'], | | 255: | 'lastname' => $customer_info['lastname'], | | 256: | 'email' => $customer_info['email'], | | 257: | 'telephone' => $customer_info['telephone'], | | 258: | 'custom_field' => $customer_info['custom_field'] | | 259: | ]; | | 260: | | | 261: | // Default Addresses | | 262: | $this->load->model('account/address'); | | 263: | | | 264: | $address_info = $this->model_account_address->getAddress($this->customer->getId(), $this->customer->getAddressId()); | | 265: | | | 266: | if ($address_info) { | | 267: | $this->session->data['shipping_address'] = $address_info; | | 268: | } | | 269: | | | 270: | if ($this->config->get('config_tax_customer') && $address_info) { | | 271: | $this->session->data[$this->config->get('config_tax_customer') . '_address'] = $address_info; | | 272: | } | | 273: | | | 274: | $this->model_account_customer->editToken($email, ''); | | 275: | | | 276: | // Create customer token | | 277: | $this->session->data['customer_token'] = oc_token(26); | | 278: | | | 279: | $this->response->redirect($this->url->link('account/account', 'language=' . $this->config->get('config_language') . '&customer_token=' . $this->session->data['customer_token'], true)); | | 280: | } else { | | 281: | $this->session->data['error'] = $this->language->get('error_login'); | | 282: | | | 283: | $this->model_account_customer->editToken($email, ''); | | 284: | | | 285: | $this->response->redirect($this->url->link('account/login', 'language=' . $this->config->get('config_language'), true)); | | 286: | } | | 287: | } | | 288: | } | | 289: | |
OpenCart API API documentation generated by ApiGen dev-master