1
|
|
|
<?php |
2
|
|
|
namespace Redaxscript\Controller; |
3
|
|
|
|
4
|
|
|
use Redaxscript\Filter; |
5
|
|
|
use Redaxscript\Html; |
6
|
|
|
use Redaxscript\Mailer; |
7
|
|
|
use Redaxscript\Model; |
8
|
|
|
use Redaxscript\Validator; |
9
|
|
|
use function sha1; |
10
|
|
|
|
11
|
|
|
/** |
12
|
|
|
* children class to process the recover request |
13
|
|
|
* |
14
|
|
|
* @since 3.0.0 |
15
|
|
|
* |
16
|
|
|
* @package Redaxscript |
17
|
|
|
* @category Controller |
18
|
|
|
* @author Henry Ruhs |
19
|
|
|
* @author Balázs Szilágyi |
20
|
|
|
*/ |
21
|
|
|
|
22
|
|
|
class Recover extends ControllerAbstract |
23
|
|
|
{ |
24
|
|
|
/** |
25
|
|
|
* process the class |
26
|
|
|
* |
27
|
|
|
* @since 3.0.0 |
28
|
|
|
* |
29
|
|
|
* @return string |
30
|
|
|
*/ |
31
|
|
|
|
32
|
5 |
|
public function process() : string |
33
|
|
|
{ |
34
|
5 |
|
$postArray = $this->_normalizePost($this->_sanitizePost()); |
35
|
5 |
|
$validateArray = $this->_validatePost($postArray); |
|
|
|
|
36
|
5 |
|
$users = $this->_getUsers($postArray); |
|
|
|
|
37
|
|
|
|
38
|
|
|
/* validate post */ |
39
|
|
|
|
40
|
5 |
|
if ($validateArray) |
|
|
|
|
41
|
|
|
{ |
42
|
3 |
|
return $this->_error( |
43
|
|
|
[ |
44
|
3 |
|
'route' => 'login/recover', |
45
|
3 |
|
'message' => $validateArray |
46
|
|
|
]); |
47
|
|
|
} |
48
|
|
|
|
49
|
|
|
/* handle mail and validate user */ |
50
|
|
|
|
51
|
2 |
|
$validateArray = []; |
52
|
2 |
|
foreach ($users as $user) |
|
|
|
|
53
|
|
|
{ |
54
|
|
|
$mailArray = |
55
|
|
|
[ |
56
|
2 |
|
'id' => $user->id, |
57
|
2 |
|
'name' => $user->name, |
58
|
2 |
|
'user' => $user->user, |
59
|
2 |
|
'password' => $user->password, |
60
|
2 |
|
'email' => $user->email |
61
|
|
|
]; |
62
|
2 |
|
if (!$this->_mail($mailArray)) |
63
|
|
|
{ |
64
|
1 |
|
return $this->_error( |
65
|
|
|
[ |
66
|
1 |
|
'route' => 'login/recover', |
67
|
1 |
|
'message' => $this->_language->get('email_failed') |
68
|
|
|
]); |
69
|
|
|
} |
70
|
1 |
|
$validateArray[] = $user->name . $this->_language->get('colon') . ' ' . $this->_language->get('recovery_sent'); |
71
|
|
|
} |
72
|
1 |
|
if ($validateArray) |
|
|
|
|
73
|
|
|
{ |
74
|
1 |
|
return $this->_success( |
75
|
|
|
[ |
76
|
1 |
|
'route' => 'login', |
77
|
1 |
|
'timeout' => 2, |
78
|
1 |
|
'message' => $validateArray |
79
|
|
|
]); |
80
|
|
|
} |
81
|
|
|
|
82
|
|
|
/* handle error */ |
83
|
|
|
|
84
|
|
|
return $this->_error( |
85
|
|
|
[ |
86
|
|
|
'route' => 'login/recover' |
87
|
|
|
]); |
88
|
|
|
} |
89
|
|
|
|
90
|
|
|
/** |
91
|
|
|
* sanitize the post |
92
|
|
|
* |
93
|
|
|
* @since 4.0.0 |
94
|
|
|
* |
95
|
|
|
* @return array |
96
|
|
|
*/ |
97
|
|
|
|
98
|
5 |
|
protected function _sanitizePost() : array |
99
|
|
|
{ |
100
|
5 |
|
$numberFilter = new Filter\Number(); |
101
|
5 |
|
$emailFilter = new Filter\Email(); |
102
|
|
|
|
103
|
|
|
/* sanitize post */ |
104
|
|
|
|
105
|
|
|
return |
106
|
|
|
[ |
107
|
5 |
|
'email' => $emailFilter->sanitize($this->_request->getPost('email')), |
|
|
|
|
108
|
5 |
|
'task' => $numberFilter->sanitize($this->_request->getPost('task')), |
|
|
|
|
109
|
5 |
|
'solution' => $this->_request->getPost('solution') |
110
|
|
|
]; |
111
|
|
|
} |
112
|
|
|
|
113
|
|
|
/** |
114
|
|
|
* validate the post |
115
|
|
|
* |
116
|
|
|
* @since 3.0.0 |
117
|
|
|
* |
118
|
|
|
* @param array $postArray array of the post |
119
|
|
|
* |
120
|
|
|
* @return array |
121
|
|
|
*/ |
122
|
|
|
|
123
|
5 |
|
protected function _validatePost(array $postArray = []) : array |
124
|
|
|
{ |
125
|
5 |
|
$emailValidator = new Validator\Email(); |
126
|
5 |
|
$captchaValidator = new Validator\Captcha(); |
127
|
5 |
|
$userModel = new Model\User(); |
128
|
5 |
|
$settingModel = new Model\Setting(); |
129
|
5 |
|
$validateArray = []; |
130
|
|
|
|
131
|
|
|
/* validate post */ |
132
|
|
|
|
133
|
5 |
|
if (!$postArray['email']) |
134
|
|
|
{ |
135
|
1 |
|
$validateArray[] = $this->_language->get('email_empty'); |
136
|
|
|
} |
137
|
4 |
|
else if (!$emailValidator->validate($postArray['email'])) |
138
|
|
|
{ |
139
|
1 |
|
$validateArray[] = $this->_language->get('email_incorrect'); |
140
|
|
|
} |
141
|
3 |
|
else if (!$userModel->query()->where('email', $postArray['email'])->findOne()->id) |
142
|
|
|
{ |
143
|
1 |
|
$validateArray[] = $this->_language->get('email_unknown'); |
144
|
|
|
} |
145
|
5 |
|
if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution'])) |
146
|
|
|
{ |
147
|
1 |
|
$validateArray[] = $this->_language->get('captcha_incorrect'); |
148
|
|
|
} |
149
|
5 |
|
return $validateArray; |
150
|
|
|
} |
151
|
|
|
|
152
|
|
|
/** |
153
|
|
|
* get the users |
154
|
|
|
* |
155
|
|
|
* @since 4.0.0 |
156
|
|
|
* |
157
|
|
|
* @param array $postArray array of the post |
158
|
|
|
* |
159
|
|
|
* @return object|null |
160
|
|
|
*/ |
161
|
|
|
|
162
|
5 |
|
protected function _getUsers(array $postArray = []) : ?object |
163
|
|
|
{ |
164
|
5 |
|
$userModel = new Model\User(); |
165
|
|
|
return $userModel |
166
|
5 |
|
->query() |
167
|
5 |
|
->where( |
168
|
|
|
[ |
169
|
5 |
|
'email' => $postArray['email'], |
170
|
5 |
|
'status' => 1 |
171
|
|
|
]) |
172
|
5 |
|
->findMany() ? : null; |
173
|
|
|
} |
174
|
|
|
|
175
|
|
|
/** |
176
|
|
|
* send the mail |
177
|
|
|
* |
178
|
|
|
* @since 3.0.0 |
179
|
|
|
* |
180
|
|
|
* @param array $mailArray array of the mail |
181
|
|
|
* |
182
|
|
|
* @return bool |
183
|
|
|
*/ |
184
|
|
|
|
185
|
1 |
|
protected function _mail(array $mailArray = []) : bool |
186
|
|
|
{ |
187
|
1 |
|
$settingModel = new Model\Setting(); |
188
|
1 |
|
$urlReset = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . 'login/reset/' . sha1($mailArray['password']) . '/' . $mailArray['id']; |
189
|
|
|
|
190
|
|
|
/* html element */ |
191
|
|
|
|
192
|
1 |
|
$linkElement = new Html\Element(); |
193
|
|
|
$linkElement |
194
|
1 |
|
->init('a', |
195
|
|
|
[ |
196
|
1 |
|
'href' => $urlReset |
197
|
|
|
]) |
198
|
1 |
|
->text($urlReset); |
199
|
|
|
|
200
|
|
|
/* prepare mail */ |
201
|
|
|
|
202
|
|
|
$toArray = |
203
|
|
|
[ |
204
|
1 |
|
$mailArray['name'] => $mailArray['email'] |
205
|
|
|
]; |
206
|
|
|
$fromArray = |
207
|
|
|
[ |
208
|
1 |
|
$settingModel->get('author') => $settingModel->get('email') |
209
|
|
|
]; |
210
|
1 |
|
$subject = $this->_language->get('recovery'); |
211
|
|
|
$bodyArray = |
212
|
|
|
[ |
213
|
1 |
|
$this->_language->get('user') . $this->_language->get('colon') . ' ' . $mailArray['user'], |
214
|
1 |
|
'<br />', |
215
|
1 |
|
$this->_language->get('password_reset') . $this->_language->get('colon') . ' ' . $linkElement |
216
|
|
|
]; |
217
|
|
|
|
218
|
|
|
/* send mail */ |
219
|
|
|
|
220
|
1 |
|
$mailer = new Mailer(); |
221
|
1 |
|
$mailer->init($toArray, $fromArray, $subject, $bodyArray); |
|
|
|
|
222
|
1 |
|
return $mailer->send(); |
223
|
|
|
} |
224
|
|
|
} |
225
|
|
|
|
If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check:
If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.