shop.balmet.com

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README

login.php (7256B)

      1 <?php
      2 class ControllerAccountLogin extends Controller {
      3 	private $error = array();
      4 
      5 	public function index() {
      6 		$this->load->model('account/customer');
      7 
      8 		// Login override for admin users
      9 		if (!empty($this->request->get['token'])) {
     10 			$this->customer->logout();
     11 			$this->cart->clear();
     12 
     13 			unset($this->session->data['order_id']);
     14 			unset($this->session->data['payment_address']);
     15 			unset($this->session->data['payment_method']);
     16 			unset($this->session->data['payment_methods']);
     17 			unset($this->session->data['shipping_address']);
     18 			unset($this->session->data['shipping_method']);
     19 			unset($this->session->data['shipping_methods']);
     20 			unset($this->session->data['comment']);
     21 			unset($this->session->data['coupon']);
     22 			unset($this->session->data['reward']);
     23 			unset($this->session->data['voucher']);
     24 			unset($this->session->data['vouchers']);
     25 
     26 			$customer_info = $this->model_account_customer->getCustomerByToken($this->request->get['token']);
     27 
     28 			if ($customer_info && $this->customer->login($customer_info['email'], '', true)) {
     29 				// Default Addresses
     30 				$this->load->model('account/address');
     31 
     32 				if ($this->config->get('config_tax_customer') == 'payment') {
     33 					$this->session->data['payment_address'] = $this->model_account_address->getAddress($this->customer->getAddressId());
     34 				}
     35 
     36 				if ($this->config->get('config_tax_customer') == 'shipping') {
     37 					$this->session->data['shipping_address'] = $this->model_account_address->getAddress($this->customer->getAddressId());
     38 				}
     39 
     40 				$this->response->redirect($this->url->link('account/account', '', true));
     41 			}
     42 		}
     43 
     44 		if ($this->customer->isLogged()) {
     45 			$this->response->redirect($this->url->link('account/account', '', true));
     46 		}
     47 
     48 		$this->load->language('account/login');
     49 
     50 		$this->document->setTitle($this->language->get('heading_title'));
     51 
     52 		if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validate()) {
     53 			// Unset guest
     54 			unset($this->session->data['guest']);
     55 
     56 			// Default Shipping Address
     57 			$this->load->model('account/address');
     58 
     59 			if ($this->config->get('config_tax_customer') == 'payment') {
     60 				$this->session->data['payment_address'] = $this->model_account_address->getAddress($this->customer->getAddressId());
     61 			}
     62 
     63 			if ($this->config->get('config_tax_customer') == 'shipping') {
     64 				$this->session->data['shipping_address'] = $this->model_account_address->getAddress($this->customer->getAddressId());
     65 			}
     66 
     67 			// Wishlist
     68 			if (isset($this->session->data['wishlist']) && is_array($this->session->data['wishlist'])) {
     69 				$this->load->model('account/wishlist');
     70 
     71 				foreach ($this->session->data['wishlist'] as $key => $product_id) {
     72 					$this->model_account_wishlist->addWishlist($product_id);
     73 
     74 					unset($this->session->data['wishlist'][$key]);
     75 				}
     76 			}
     77 
     78 			// Added strpos check to pass McAfee PCI compliance test (http://forum.opencart.com/viewtopic.php?f=10&t=12043&p=151494#p151295)
     79 			if (isset($this->request->post['redirect']) && $this->request->post['redirect'] != $this->url->link('account/logout', '', true) && (strpos($this->request->post['redirect'], $this->config->get('config_url')) !== false || strpos($this->request->post['redirect'], $this->config->get('config_ssl')) !== false)) {
     80 				$this->response->redirect(str_replace('&amp;', '&', $this->request->post['redirect']));
     81 			} else {
     82 				$this->response->redirect($this->url->link('account/account', '', true));
     83 			}
     84 		}
     85 
     86 		$data['breadcrumbs'] = array();
     87 
     88 		$data['breadcrumbs'][] = array(
     89 			'text' => $this->language->get('text_home'),
     90 			'href' => $this->url->link('common/home')
     91 		);
     92 
     93 		$data['breadcrumbs'][] = array(
     94 			'text' => $this->language->get('text_account'),
     95 			'href' => $this->url->link('account/account', '', true)
     96 		);
     97 
     98 		$data['breadcrumbs'][] = array(
     99 			'text' => $this->language->get('text_login'),
    100 			'href' => $this->url->link('account/login', '', true)
    101 		);
    102 
    103 		if (isset($this->session->data['error'])) {
    104 			$data['error_warning'] = $this->session->data['error'];
    105 
    106 			unset($this->session->data['error']);
    107 		} elseif (isset($this->error['warning'])) {
    108 			$data['error_warning'] = $this->error['warning'];
    109 		} else {
    110 			$data['error_warning'] = '';
    111 		}
    112 
    113 		$data['action'] = $this->url->link('account/login', '', true);
    114 		$data['register'] = $this->url->link('account/register', '', true);
    115 		$data['forgotten'] = $this->url->link('account/forgotten', '', true);
    116 
    117 		// Added strpos check to pass McAfee PCI compliance test (http://forum.opencart.com/viewtopic.php?f=10&t=12043&p=151494#p151295)
    118 		if (isset($this->request->post['redirect']) && (strpos($this->request->post['redirect'], $this->config->get('config_url')) !== false || strpos($this->request->post['redirect'], $this->config->get('config_ssl')) !== false)) {
    119 			$data['redirect'] = $this->request->post['redirect'];
    120 		} elseif (isset($this->session->data['redirect'])) {
    121 			$data['redirect'] = $this->session->data['redirect'];
    122 
    123 			unset($this->session->data['redirect']);
    124 		} else {
    125 			$data['redirect'] = '';
    126 		}
    127 
    128 		if (isset($this->session->data['success'])) {
    129 			$data['success'] = $this->session->data['success'];
    130 
    131 			unset($this->session->data['success']);
    132 		} else {
    133 			$data['success'] = '';
    134 		}
    135 
    136 		if (isset($this->request->post['email'])) {
    137 			$data['email'] = $this->request->post['email'];
    138 		} else {
    139 			$data['email'] = '';
    140 		}
    141 
    142 		if (isset($this->request->post['password'])) {
    143 			$data['password'] = $this->request->post['password'];
    144 		} else {
    145 			$data['password'] = '';
    146 		}
    147 
    148 		$data['column_left'] = $this->load->controller('common/column_left');
    149 		$data['column_right'] = $this->load->controller('common/column_right');
    150 		$data['content_top'] = $this->load->controller('common/content_top');
    151 		$data['content_bottom'] = $this->load->controller('common/content_bottom');
    152 		$data['footer'] = $this->load->controller('common/footer');
    153 		$data['header'] = $this->load->controller('common/header');
    154 
    155 		$this->response->setOutput($this->load->view('account/login', $data));
    156 	}
    157 
    158 	protected function validate() {
    159 		// Check how many login attempts have been made.
    160 		$login_info = $this->model_account_customer->getLoginAttempts($this->request->post['email']);
    161 
    162 		if ($login_info && ($login_info['total'] >= $this->config->get('config_login_attempts')) && strtotime('-1 hour') < strtotime($login_info['date_modified'])) {
    163 			$this->error['warning'] = $this->language->get('error_attempts');
    164 		}
    165 
    166 		// Check if customer has been approved.
    167 		$customer_info = $this->model_account_customer->getCustomerByEmail($this->request->post['email']);
    168 
    169 		if ($customer_info && !$customer_info['status']) {
    170 			$this->error['warning'] = $this->language->get('error_approved');
    171 		}
    172 
    173 		if (!$this->error) {
    174 			if (!$this->customer->login($this->request->post['email'], $this->request->post['password'])) {
    175 				$this->error['warning'] = $this->language->get('error_login');
    176 
    177 				$this->model_account_customer->addLoginAttempt($this->request->post['email']);
    178 			} else {
    179 				$this->model_account_customer->deleteLoginAttempts($this->request->post['email']);
    180 			}
    181 		}
    182 
    183 		return !$this->error;
    184 	}
    185 }