Code Coverage |
||||||||||
Classes and Traits |
Functions and Methods |
Lines |
||||||||
| Total | |
0.00% |
0 / 1 |
|
66.67% |
2 / 3 |
CRAP | |
92.59% |
50 / 54 |
| ForgotController | |
0.00% |
0 / 1 |
|
66.67% |
2 / 3 |
10.04 | |
92.59% |
50 / 54 |
| index | |
100.00% |
1 / 1 |
4 | |
100.00% |
26 / 26 |
|||
| complete | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
| reset | |
0.00% |
0 / 1 |
5.08 | |
85.19% |
23 / 27 |
|||
| <?php | |
| /* | |
| * This file is part of EC-CUBE | |
| * | |
| * Copyright(c) 2000-2015 LOCKON CO.,LTD. All Rights Reserved. | |
| * | |
| * http://www.lockon.co.jp/ | |
| * | |
| * This program is free software; you can redistribute it and/or | |
| * modify it under the terms of the GNU General Public License | |
| * as published by the Free Software Foundation; either version 2 | |
| * of the License, or (at your option) any later version. | |
| * | |
| * This program is distributed in the hope that it will be useful, | |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| * GNU General Public License for more details. | |
| * | |
| * You should have received a copy of the GNU General Public License | |
| * along with this program; if not, write to the Free Software | |
| * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | |
| */ | |
| namespace Eccube\Controller; | |
| use Eccube\Application; | |
| use Eccube\Event\EccubeEvents; | |
| use Eccube\Event\EventArgs; | |
| use Symfony\Component\HttpFoundation\Request; | |
| use Symfony\Component\HttpKernel\Exception as HttpException; | |
| use Symfony\Component\Validator\Constraints as Assert; | |
| class ForgotController extends AbstractController | |
| { | |
| /** | |
| * パスワードリマインダ. | |
| * | |
| * @param Application $app | |
| * @param Request $request | |
| * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response | |
| */ | |
| public function index(Application $app, Request $request) | |
| { | |
| $builder = $app['form.factory'] | |
| ->createNamedBuilder('', 'forgot'); | |
| $event = new EventArgs( | |
| array( | |
| 'builder' => $builder, | |
| ), | |
| $request | |
| ); | |
| $app['eccube.event.dispatcher']->dispatch(EccubeEvents::FRONT_FORGOT_INDEX_INITIALIZE, $event); | |
| $form = $builder->getForm(); | |
| $form->handleRequest($request); | |
| if ($form->isSubmitted() && $form->isValid()) { | |
| $Customer = $app['eccube.repository.customer'] | |
| ->getActiveCustomerByEmail($form->get('login_email')->getData()); | |
| if (!is_null($Customer)) { | |
| // リセットキーの発行・有効期限の設定 | |
| $Customer | |
| ->setResetKey($app['eccube.repository.customer']->getUniqueResetKey($app)) | |
| ->setResetExpire(new \DateTime('+' . $app['config']['customer_reset_expire'] .' min')); | |
| // リセットキーを更新 | |
| $app['orm.em']->persist($Customer); | |
| $app['orm.em']->flush(); | |
| $event = new EventArgs( | |
| array( | |
| 'form' => $form, | |
| 'Customer' => $Customer, | |
| ), | |
| $request | |
| ); | |
| $app['eccube.event.dispatcher']->dispatch(EccubeEvents::FRONT_FORGOT_INDEX_COMPLETE, $event); | |
| // 完了URLの生成 | |
| $reset_url = $app->url('forgot_reset', array('reset_key' => $Customer->getResetKey())); | |
| // メール送信 | |
| $app['eccube.service.mail']->sendPasswordResetNotificationMail($Customer, $reset_url); | |
| // ログ出力 | |
| $app['monolog']->addInfo( | |
| 'send reset password mail to:' . "{$Customer->getId()} {$Customer->getEmail()} {$request->getClientIp()}" | |
| ); | |
| } | |
| return $app->redirect($app->url('forgot_complete')); | |
| } | |
| return $app->render('Forgot/index.twig', array( | |
| 'form' => $form->createView(), | |
| )); | |
| } | |
| /** | |
| * パスワードリマインダ完了画面. | |
| * | |
| * @param Application $app | |
| * @param Request $request | |
| * @return \Symfony\Component\HttpFoundation\Response | |
| */ | |
| public function complete(Application $app, Request $request) | |
| { | |
| return $app->render('Forgot/complete.twig'); | |
| } | |
| /** | |
| * パスワード再発行実行画面. | |
| * | |
| * @param Application $app | |
| * @param Request $request | |
| * @param $reset_key | |
| * @return \Symfony\Component\HttpFoundation\Response | |
| */ | |
| public function reset(Application $app, Request $request, $reset_key) | |
| { | |
| $errors = $app['validator']->validateValue($reset_key, array( | |
| new Assert\NotBlank(), | |
| new Assert\Regex(array( | |
| 'pattern' => '/^[a-zA-Z0-9]+$/', | |
| ))) | |
| ); | |
| if ('GET' === $request->getMethod() | |
| && count($errors) === 0) { | |
| try { | |
| $Customer = $app['eccube.repository.customer'] | |
| ->getActiveCustomerByResetKey($reset_key); | |
| } catch (\Exception $e) { | |
| throw new HttpException\NotFoundHttpException('有効期限が切れているか、無効なURLです。'); | |
| } | |
| // パスワードの発行・更新 | |
| $pass = $app['eccube.repository.customer']->getResetPassword(); | |
| $Customer->setPassword($pass); | |
| // 発行したパスワードの暗号化 | |
| if ($Customer->getSalt() === null) { | |
| $Customer->setSalt($app['eccube.repository.customer']->createSalt(5)); | |
| } | |
| $encPass = $app['eccube.repository.customer']->encryptPassword($app, $Customer); | |
| $Customer->setPassword($encPass); | |
| $Customer->setResetKey(null); | |
| // パスワードを更新 | |
| $app['orm.em']->persist($Customer); | |
| $app['orm.em']->flush(); | |
| $event = new EventArgs( | |
| array( | |
| 'Customer' => $Customer, | |
| ), | |
| $request | |
| ); | |
| $app['eccube.event.dispatcher']->dispatch(EccubeEvents::FRONT_FORGOT_RESET_COMPLETE, $event); | |
| // メール送信 | |
| $app['eccube.service.mail']->sendPasswordResetCompleteMail($Customer, $pass); | |
| // ログ出力 | |
| $app['monolog']->addInfo( | |
| 'reset password complete:' . "{$Customer->getId()} {$Customer->getEmail()} {$request->getClientIp()}" | |
| ); | |
| } else { | |
| throw new HttpException\AccessDeniedHttpException('不正なアクセスです。'); | |
| } | |
| return $app->render('Forgot/reset.twig'); | |
| } | |
| } |