Code Coverage
 
Classes and Traits
Functions and Methods
Lines
Total
0.00% covered (danger)
0.00%
0 / 1
66.67% covered (warning)
66.67%
2 / 3
CRAP
92.59% covered (success)
92.59%
50 / 54
ForgotController
0.00% covered (danger)
0.00%
0 / 1
66.67% covered (warning)
66.67%
2 / 3
10.04
92.59% covered (success)
92.59%
50 / 54
 index
100.00% covered (success)
100.00%
1 / 1
4
100.00% covered (success)
100.00%
26 / 26
 complete
100.00% covered (success)
100.00%
1 / 1
1
100.00% covered (success)
100.00%
1 / 1
 reset
0.00% covered (danger)
0.00%
0 / 1
5.08
85.19% covered (warning)
85.19%
23 / 27
<?php
/*
 * This file is part of EC-CUBE
 *
 * Copyright(c) 2000-2015 LOCKON CO.,LTD. All Rights Reserved.
 *
 * http://www.lockon.co.jp/
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 */
namespace Eccube\Controller;
use Eccube\Application;
use Eccube\Event\EccubeEvents;
use Eccube\Event\EventArgs;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception as HttpException;
use Symfony\Component\Validator\Constraints as Assert;
class ForgotController extends AbstractController
{
    /**
     * パスワードリマインダ.
     *
     * @param Application $app
     * @param Request $request
     * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response
     */
    public function index(Application $app, Request $request)
    {
        $builder = $app['form.factory']
            ->createNamedBuilder('', 'forgot');
        $event = new EventArgs(
            array(
                'builder' => $builder,
            ),
            $request
        );
        $app['eccube.event.dispatcher']->dispatch(EccubeEvents::FRONT_FORGOT_INDEX_INITIALIZE, $event);
        $form = $builder->getForm();
        $form->handleRequest($request);
        if ($form->isSubmitted() && $form->isValid()) {
            $Customer = $app['eccube.repository.customer']
                ->getActiveCustomerByEmail($form->get('login_email')->getData());
            if (!is_null($Customer)) {
                // リセットキーの発行・有効期限の設定
                $Customer
                    ->setResetKey($app['eccube.repository.customer']->getUniqueResetKey($app))
                    ->setResetExpire(new \DateTime('+' . $app['config']['customer_reset_expire'] .' min'));
                // リセットキーを更新
                $app['orm.em']->persist($Customer);
                $app['orm.em']->flush();
                $event = new EventArgs(
                    array(
                        'form' => $form,
                        'Customer' => $Customer,
                    ),
                    $request
                );
                $app['eccube.event.dispatcher']->dispatch(EccubeEvents::FRONT_FORGOT_INDEX_COMPLETE, $event);
                // 完了URLの生成
                $reset_url = $app->url('forgot_reset', array('reset_key' => $Customer->getResetKey()));
                // メール送信
                $app['eccube.service.mail']->sendPasswordResetNotificationMail($Customer, $reset_url);
                // ログ出力
                $app['monolog']->addInfo(
                    'send reset password mail to:'  . "{$Customer->getId()} {$Customer->getEmail()} {$request->getClientIp()}"
                );
            }
            return $app->redirect($app->url('forgot_complete'));
        }
        return $app->render('Forgot/index.twig', array(
            'form' => $form->createView(),
        ));
    }
    /**
     * パスワードリマインダ完了画面.
     *
     * @param Application $app
     * @param Request $request
     * @return \Symfony\Component\HttpFoundation\Response
     */
    public function complete(Application $app, Request $request)
    {
        return $app->render('Forgot/complete.twig');
    }
    /**
     * パスワード再発行実行画面.
     *
     * @param Application $app
     * @param Request $request
     * @param $reset_key
     * @return \Symfony\Component\HttpFoundation\Response
     */
    public function reset(Application $app, Request $request, $reset_key)
    {
        $errors = $app['validator']->validateValue($reset_key, array(
            new Assert\NotBlank(),
            new Assert\Regex(array(
                'pattern' => '/^[a-zA-Z0-9]+$/',
            )))
        );
        if ('GET' === $request->getMethod()
                && count($errors) === 0) {
            try {
                $Customer = $app['eccube.repository.customer']
                    ->getActiveCustomerByResetKey($reset_key);
            } catch (\Exception $e) {
                throw new HttpException\NotFoundHttpException('有効期限が切れているか、無効なURLです。');
            }
            // パスワードの発行・更新
            $pass = $app['eccube.repository.customer']->getResetPassword();
            $Customer->setPassword($pass);
            // 発行したパスワードの暗号化
            if ($Customer->getSalt() === null) {
                $Customer->setSalt($app['eccube.repository.customer']->createSalt(5));
            }
            $encPass = $app['eccube.repository.customer']->encryptPassword($app, $Customer);
            $Customer->setPassword($encPass);
            $Customer->setResetKey(null);
            // パスワードを更新
            $app['orm.em']->persist($Customer);
            $app['orm.em']->flush();
            $event = new EventArgs(
                array(
                    'Customer' => $Customer,
                ),
                $request
            );
            $app['eccube.event.dispatcher']->dispatch(EccubeEvents::FRONT_FORGOT_RESET_COMPLETE, $event);
            // メール送信
            $app['eccube.service.mail']->sendPasswordResetCompleteMail($Customer, $pass);
            // ログ出力
            $app['monolog']->addInfo(
                'reset password complete:' . "{$Customer->getId()} {$Customer->getEmail()} {$request->getClientIp()}"
            );
        } else {
            throw new HttpException\AccessDeniedHttpException('不正なアクセスです。');
        }
        return $app->render('Forgot/reset.twig');
    }
}