/** * Run before each action. * * @param CAction $action Passed action from Yii. * * @return boolean */ public function beforeAction($action) { if ($action->Id == "checkout" && _xls_get_conf('ENABLE_SSL') == 1) { if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on') { $this->redirect(Yii::app()->createAbsoluteUrl('cart/' . $action->Id, array(), 'https')); Yii::app()->end(); } } // For passing a cart when not logged in under Common SSL if ($action->Id == "checkout" && Yii::app()->isCommonSSL && Yii::app()->user->isGuest) { $c = Yii::app()->getRequest()->getQuery('c'); if (isset($c)) { $item = explode(",", _xls_decrypt($c)); Yii::app()->shoppingcart->assign($item[0]); } } if (Yii::app()->shoppingcart->wasCartModified && Yii::app()->request->isAjaxRequest === false) { // Web Store has removed cart items or modified requested quantities // to reflect recent updates to inventory. // Since these changes may have invalidated the end user's originally selected shipping // option, clear cache of shipping info. When the user returns to checkout they will be // forced to recalculate shipping and choose from valid options Yii::app()->shoppingcart->clearCachedShipping(); // Redirect the user to the index page and display the relevant message. $this->redirect(Yii::app()->createUrl('cart/index')); } return parent::beforeAction($action); }
protected function successfullyLogin($user) { $this->errorCode = self::ERROR_NONE; $this->_id = $user->id; $this->setState('fullname', $user->first_name . ' ' . $user->last_name); $this->setState('firstname', $user->first_name); $this->setState('profilephoto', Yii::app()->theme->baseUrl . "/css/images/loginhead.png"); if ($user->allow_login == Customer::ADMIN_USER) { $this->setState('role', 'admin'); } else { $this->setState('role', 'user'); } // Update the password storage format if ($user->password == $this->hash($this->password) || $this->password == _xls_decrypt($user->password)) { $user->setScenario(Customer::SCENARIO_UPDATEPASSWORD); $user->attributes = array("password" => $this->password, "password_repeat" => $this->password); Yii::log("Note, user's old password format upgraded " . $user->fullname, 'error', 'application.' . __CLASS__ . "." . __FUNCTION__); } $user->last_login = new CDbExpression('UTC_TIMESTAMP()'); if (!$user->save()) { Yii::log("ERROR Saving user record " . print_r($user->getErrors(), true), 'error', 'application.' . __CLASS__ . "." . __FUNCTION__); } }
/** * Short Description. * * @return void */ public function actionEdit() { $id = Yii::app()->getRequest()->getQuery('id'); $model = Configuration::model()->findAllByAttributes(array('configuration_type_id' => $id), array('order' => 'sort_order')); if ($this->IsCloud) { $model = $this->sanitizeEditModule($model, 'Cloud'); } if ($this->IsMT) { $model = $this->sanitizeEditModule($model, 'MT'); } if ($this->isHosted) { $model = $this->sanitizeEditModule($model, 'Hosted'); } if (isset($_POST['Configuration'])) { $valid = true; foreach ($model as $i => $item) { if (isset($_POST['Configuration'][$i])) { $item->attributes = $_POST['Configuration'][$i]; } if ($item->key_name == 'LANG_MENU' && $item->key_value == 1) { $itemLanguages = $model[2]; $itemLanguages->attributes = $_POST['Configuration'][2]; if (empty($itemLanguages->key_value)) { $valid = false; } } if ($item->options == "INT") { if ((int) $item->key_value) { $valid = true; } else { $valid = false; } } if ($item->options == "EMAIL") { $valid = $this->validateEmail($item) && $valid; } else { $valid = $item->validate() && $valid; } if (!$valid) { if ($item->options == 'EMAIL') { Yii::app()->user->setFlash('error', $item->title . ' is not a valid email address'); } elseif ($item->key_name == 'LANG_MENU') { Yii::app()->user->setFlash('error', 'Languages field cannot be empty when language menu is enabled'); } elseif ($item->options == "INT") { Yii::app()->user->setFlash('error', $item->title . ': ' . 'Only numbers are allowed', true); } else { $err = $item->getErrors(); Yii::app()->user->setFlash('error', $item->title . ' -- ' . print_r($err['key_value'][0], true)); } break; } } if ($valid) { foreach ($model as $i => $item) { $item->attributes = $_POST['Configuration'][$i]; if ($item->options == "PASSWORD") { $item->key_value = _xls_encrypt($item->key_value); } if ($item->save() === false) { Yii::app()->user->setFlash('error', print_r($item->getErrors(), true)); } else { Yii::app()->user->setFlash('success', Yii::t('admin', 'Configuration updated on {time}.', array('{time}' => date('d F, Y h:i:sa')))); $item->postConfigurationChange(); } if ($item->key_name == 'EMAIL_TEST' && $item->key_value == 1) { $this->sendEmailTest(); } } } } foreach ($model as $i => $item) { if ($item->options == 'BOOL') { $this->registerOnOff($item->id, "Configuration_{$i}_key_value", $item->key_value); } if ($item->options == 'PASSWORD') { $model[$i]->key_value = _xls_decrypt($model[$i]->key_value); } $model[$i]->title = Yii::t('admin', $item->title, array('{color}' => _xls_regionalize('color'), '{check}' => _xls_regionalize('check'))); $model[$i]->helper_text = Yii::t('admin', $item->helper_text, array('{color}' => _xls_regionalize('color'), '{check}' => _xls_regionalize('check'))); } /* * http://www.yiiframework.com/doc/api/1.1/CModel#generateAttributeLabel-detail * * Unless we define the label attribute in activeLabelEx htmlOptions in the view, * the label will be generated when it calls CModel::generateAttributeLabel(). * This is a problem for the labels we want to display on pages like the Google Integration * page that have labels which deliberately require dashes and camel-case formatting. */ $defineLabel = false; switch (CPropertyValue::ensureInteger($id)) { case 20: // IntegrationController::GOOGLE = 20 $defineLabel = true; break; default: break; } $this->render('admin.views.default.edit', array('model' => $model, 'defineLabel' => $defineLabel)); }
public function authenticate() { $user = $this->getCustomerRecord(); $this->username = $user->email; $this->password = _xls_decrypt($user->password); $this->successfullyLogin($user); return !$this->errorCode; }
public function actionEdit() { $id = Yii::app()->getRequest()->getQuery('id'); $model = Configuration::model()->findAllByAttributes(array('configuration_type_id' => $id), array('order' => 'sort_order')); if (isset($_POST['Configuration'])) { $valid = true; foreach ($model as $i => $item) { if (isset($_POST['Configuration'][$i])) { $item->attributes = $_POST['Configuration'][$i]; } $valid = $item->validate() && $valid; if (!$valid) { $err = $item->getErrors(); Yii::app()->user->setFlash('error', $item->title . " -- " . print_r($err['key_value'][0], true)); break; } } if ($valid) { foreach ($model as $i => $item) { $item->attributes = $_POST['Configuration'][$i]; if ($item->options == "PASSWORD") { $item->key_value = _xls_encrypt($item->key_value); } if (!$item->save()) { Yii::app()->user->setFlash('error', print_r($item->getErrors(), true)); } else { $item->postConfigurationChange(); } if ($item->key_name == 'EMAIL_TEST' && $item->key_value == 1) { $this->sendEmailTest(); } } Yii::app()->user->setFlash('success', Yii::t('admin', 'Configuration updated on {time}.', array('{time}' => date("d F, Y h:i:sa")))); } } foreach ($model as $i => $item) { if ($item->key_name == "EMAIL_TEST") { $item->key_value = 0; } if ($item->options == "BOOL") { $this->registerOnOff($item->id, "Configuration_{$i}_key_value", $item->key_value); } if ($item->options == "PASSWORD") { $model[$i]->key_value = _xls_decrypt($model[$i]->key_value); } $model[$i]->title = Yii::t('admin', $item->title, array('{color}' => _xls_regionalize('color'), '{check}' => _xls_regionalize('check'))); $model[$i]->helper_text = Yii::t('admin', $item->helper_text, array('{color}' => _xls_regionalize('color'), '{check}' => _xls_regionalize('check'))); } $this->render('edit', array('model' => $model)); }
<?php $this->beginContent('//layouts/mail-layout'); ?> <tr> <td style="border-bottom: 1px solid #dddddd;display: block; padding-bottom: 30px;color:#111111;font-family:'Lucida Grande','Lucida Sans', Verdana, sans-serif;font-size: 16px;line-height:1.5em;"> <?php echo Yii::t('email', 'Dear') . ' ' . $model->first_name; ?> ,<br/><br/> <?php echo Yii::t('email', 'The password that is registered at {storename} is {password}', array('{password}' => _xls_decrypt($model->password), '{storename}' => _xls_get_conf('STORE_NAME'))); ?> .<br/><br/> </td> </tr> <?php $this->endContent();
/** * Compares the supplied password with the hashed password in the database. * @param $plain_text * @return bool */ public function authenticate($plain_text) { // Users with no password or guest records should not be able to login // A registered user with an empty password can make a reset request if (!$this->allow_login || !$this->password || $this->record_type == Customer::GUEST) { return false; } // Check the old ways of storing passwords, please get rid of this someday. return md5($plain_text) == $this->password || $plain_text == _xls_decrypt($this->password) || CPasswordHelper::verifyPassword($plain_text, $this->password); }
function _xls_send_email($id, $hideJson = false) { $objMail = EmailQueue::model()->findByPk($id); if ($objMail instanceof EmailQueue) { $orderEmail = _xls_get_conf('ORDER_FROM', ''); $from = empty($orderEmail) ? _xls_get_conf('EMAIL_FROM') : $orderEmail; Yii::app()->setComponent('Smtpmail', null); $mail = Yii::app()->Smtpmail; //$mail->CharSet="utf-8"; $mail->Debugoutput = "error_log"; $mail->IsSMTP(); $mail->Username = Yii::app()->params['EMAIL_SMTP_USERNAME']; $mail->Password = _xls_decrypt(Yii::app()->params['EMAIL_SMTP_PASSWORD']); $mail->Mailer = 'smtp'; $mail->Port = Yii::app()->params['EMAIL_SMTP_PORT']; $SMTPSecure = ""; if (Yii::app()->params['EMAIL_SMTP_SECURITY_MODE'] == '0') { if (Yii::app()->params['EMAIL_SMTP_PORT'] == "465") { $SMTPSecure = "ssl"; } if (Yii::app()->params['EMAIL_SMTP_PORT'] == "587") { $SMTPSecure = "tls"; } } if (_xls_get_conf('EMAIL_SMTP_SECURITY_MODE') == '1') { $SMTPSecure = ""; } if (_xls_get_conf('EMAIL_SMTP_SECURITY_MODE') == '2') { $SMTPSecure = "ssl"; } if (_xls_get_conf('EMAIL_SMTP_SECURITY_MODE') == '3') { $SMTPSecure = "tls"; } $mail->SMTPAuth = true; $mail->AuthType = "LOGIN"; if (_xls_get_conf('EMAIL_SMTP_AUTH_PLAIN', '0') == '1') { $mail->AuthType = "PLAIN"; } if (empty(Yii::app()->params['EMAIL_SMTP_PASSWORD'])) { Yii::log("Password for SMTP blank, turning off SMTP Authentication", 'info', 'application.' . __CLASS__ . "." . __FUNCTION__); $mail->SMTPAuth = false; $mail->Username = ''; $mail->Password = ''; } $mail->SMTPDebug = 1; $mail->SMTPSecure = $SMTPSecure; $mail->Host = Yii::app()->params['EMAIL_SMTP_SERVER']; $mail->SetFrom($from, Yii::app()->params['STORE_NAME']); $mail->Subject = $objMail->subject; $mail->ClearAllRecipients(); $mail->AddAddress($objMail->to); if (!empty(Yii::app()->params['EMAIL_BCC'])) { if ($objMail->to != Yii::app()->params['EMAIL_BCC'] && $objMail->to == $from) { $mail->AddCC(Yii::app()->params['EMAIL_BCC']); } } $mail->MsgHTML($objMail->htmlbody); $blnResult = $mail->Send(); $mail->Password = '******'; //replace the real password before logging Yii::log("Contents of mail " . print_r($mail, true), 'info', 'application.' . __CLASS__ . "." . __FUNCTION__); if ($blnResult) { Yii::log("Sent email to " . $objMail->to . " successfully.", 'info', 'application.' . __CLASS__ . "." . __FUNCTION__); $objMail->delete(); Yii::log("Email removed from queue", 'info', 'application.' . __CLASS__ . "." . __FUNCTION__); if (!$hideJson) { echo json_encode("success"); } } else { $objMail->sent_attempts += 1; $objMail->save(); Yii::log("Sending email failed ID " . $id . " " . $objMail->to . " " . print_r($mail->ErrorInfo, true), 'error', 'application.' . __CLASS__ . "." . __FUNCTION__); if (!$hideJson) { echo json_encode("failure"); } } } return $blnResult; }