public function action_changepass()
{
Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Change password')));
$this->template->title = __('Change password');
$user = Auth::instance()->get_user();
$this->template->bind('content', $content);
$this->template->content = View::factory('oc-panel/profile/edit', array('user' => $user, 'custom_fields' => Model_UserField::get_all()));
$this->template->content->msg = '';
if ($this->request->post()) {
$user = Auth::instance()->get_user();
if (core::post('password1') == core::post('password2')) {
$new_pass = core::post('password1');
if (!empty($new_pass)) {
$user->password = core::post('password1');
$user->last_modified = Date::unix2mysql();
try {
$user->save();
} catch (ORM_Validation_Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
Alert::set(Alert::SUCCESS, __('Password is changed'));
} else {
Form::set_errors(array(__('Nothing is provided')));
}
} else {
Form::set_errors(array(__('Passwords do not match')));
}
}
}
/**
* simple registration without password
* @return [type] [description]
*/
public function action_register()
{
$provider_name = $this->request->param('id');
$this->template->content = View::factory('pages/auth/register-social', array('provider' => $provider_name, 'uid' => core::get('uid'), 'name' => core::get('name')));
if (core::post('email') and CSRF::valid('register_social')) {
$email = core::post('email');
if (Valid::email($email, TRUE)) {
//register the user in DB
Model_User::create_social($email, core::post('name'), $provider_name, core::get('uid'));
//log him in
Auth::instance()->social_login($provider_name, core::get('uid'));
Alert::set(Alert::SUCCESS, __('Welcome!'));
//change the redirect
$this->redirect(Route::url('default'));
} else {
Form::set_errors(array(__('Invalid Email')));
}
}
//template header
$this->template->title = __('Register new user');
}
/**
* Simple register for user
*
*/
public function action_register()
{
$this->template->content = View::factory('pages/auth/register');
$this->template->content->msg = '';
//if user loged in redirect home
if (Auth::instance()->logged_in()) {
$this->redirect(Route::get('oc-panel')->uri());
} elseif ($this->request->post()) {
$validation = Validation::factory($this->request->post())->rule('name', 'not_empty')->rule('email', 'not_empty')->rule('email', 'email')->rule('password1', 'not_empty')->rule('password2', 'not_empty')->rule('password1', 'matches', array(':validation', 'password1', 'password2'));
if ($validation->check()) {
//posting data so try to remember password
if (CSRF::valid('register')) {
$email = core::post('email');
//check we have this email in the DB
$user = new Model_User();
$user = $user->where('email', '=', $email)->limit(1)->find();
if ($user->loaded()) {
Form::set_errors(array(__('User already exists')));
} else {
//creating the user
$user = Model_User::create_email($email, core::post('name'), core::post('password1'));
//login the user
Auth::instance()->login(core::post('email'), core::post('password1'));
Alert::set(Alert::SUCCESS, __('Welcome!'));
//login the user
$this->redirect(Core::post('auth_redirect', Route::url('oc-panel')));
}
}
} else {
$errors = $validation->errors('auth');
foreach ($errors as $error) {
Alert::set(Alert::ALERT, $error);
}
}
}
//template header
$this->template->title = __('Register new user');
$this->template->meta_description = __('Create a new profile at') . ' ' . Core::config('general.site_name');
}
/**
* 2step verification form
*
*/
public function action_2step()
{
// 2step disabled or trying to access directly
if (!Auth::instance()->logged_in() or Core::config('general.google_authenticator') == FALSE) {
$this->redirect(Route::get('oc-panel')->uri());
}
//template header
$this->template->title = __('2 Step Authentication');
$this->template->content = View::factory('pages/auth/2step');
//if user loged in redirect home
if (Auth::instance()->logged_in() and (Cookie::get('google_authenticator') == $this->user->id_user or $this->user->google_authenticator == '')) {
$this->redirect(Route::get('oc-panel')->uri());
} elseif (core::post('code') and CSRF::valid('2step')) {
//load library
require Kohana::find_file('vendor', 'GoogleAuthenticator');
$ga = new PHPGangsta_GoogleAuthenticator();
if ($ga->verifyCode($this->user->google_authenticator, core::post('code'), 2)) {
//set cookie
Cookie::set('google_authenticator', $this->user->id_user, Core::config('auth.lifetime'));
// redirect to the url we wanted to see
Auth::instance()->login_redirect();
} else {
Form::set_errors(array(__('Invalid Code')));
}
}
}
public function action_changepass()
{
// only admins can change password
if ($this->request->post() and $this->user->id_role == Model_Role::ROLE_ADMIN) {
$user = new Model_User($this->request->param('id'));
if (core::post('password1') == core::post('password2')) {
if (!empty(core::post('password1'))) {
$user->password = core::post('password1');
$user->last_modified = Date::unix2mysql();
$user->failed_attempts = 0;
$user->last_failed = NULL;
try {
$user->save();
// email user with new password
Email::content($user->email, $user->name, NULL, NULL, 'password-changed', array('[USER.PWD]' => core::post('password1')));
} catch (ORM_Validation_Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
Alert::set(Alert::SUCCESS, __('Password is changed'));
} else {
Form::set_errors(array(__('Nothing is provided')));
}
} else {
Form::set_errors(array(__('Passwords do not match')));
}
}
$this->redirect(Route::url('oc-panel', array('controller' => 'user', 'action' => 'update', 'id' => $this->request->param('id'))));
}
/**
* complete the login for a user
* incrementing the logins and saving login timestamp
* @param integer $lifetime Regenerates the token used for the autologin cookie
*
*/
public function complete_login($lifetime = NULL)
{
if ($this->_loaded) {
//want to remember the login using cookie
if (is_numeric($lifetime)) {
$this->create_token($lifetime);
}
// Update the number of logins
$this->logins = new Database_Expression('logins + 1');
// Set the last login date
$this->last_login = Date::unix2mysql(time());
// Set the last ip address
$this->last_ip = ip2long(Request::$client_ip);
try {
// Save the user
$this->update();
} catch (ORM_Validation_Exception $e) {
Form::set_errors($e->errors(''));
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
}
}
/**
* Simple register for user
*
*/
public function action_register()
{
$this->template->content = View::factory('pages/auth/register');
$this->template->content->msg = '';
//if user loged in redirect home
if (Auth::instance()->logged_in()) {
$this->request->redirect(Route::get('oc-panel')->uri());
} elseif (core::post('email') and CSRF::valid('register')) {
$email = core::post('email');
if (Valid::email($email, TRUE)) {
if (core::post('password1') == core::post('password2')) {
//check we have this email in the DB
$user = new Model_User();
$user = $user->where('email', '=', $email)->limit(1)->find();
if ($user->loaded()) {
Form::set_errors(array(__('User already exists')));
} else {
//create user
$user->email = $email;
$user->name = core::post('name');
$user->status = Model_User::STATUS_ACTIVE;
$user->id_role = 1;
//normal user
$user->password = core::post('password1');
$user->seoname = $user->gen_seo_title(core::post('name'));
try {
$user->save();
} catch (ORM_Validation_Exception $e) {
//Form::errors($content->errors);
} catch (Exception $e) {
throw new HTTP_Exception_500($e->getMessage());
}
//login the user
Auth::instance()->login(core::post('email'), core::post('password1'));
//send email
$user->email('auth.register', array('[USER.PWD]' => core::post('password1'), '[URL.QL]' => $user->ql('default', NULL, TRUE)));
Alert::set(Alert::SUCCESS, __('Welcome!'));
//login the user
$this->request->redirect(Core::post('auth_redirect', Route::url('oc-panel')));
}
} else {
Form::set_errors(array(__('Passwords do not match')));
}
} else {
Form::set_errors(array(__('Invalid Email')));
}
}
//template header
$this->template->title = __('Register new user');
}
public function action_billing()
{
Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Billing Information')));
$this->template->title = __('Billing Information');
$user = Auth::instance()->get_user();
$this->template->bind('content', $content);
$this->template->content = View::factory('oc-panel/profile/edit', array('user' => $user));
$this->template->content->msg = '';
if ($this->request->post()) {
$user = Auth::instance()->get_user();
$user->country = core::post('country');
$user->city = core::post('city');
$user->postal_code = core::post('postal_code');
$user->address = core::post('address');
$user->last_modified = Date::unix2mysql();
$user->VAT_number = core::post('VAT_number');
//theres VAT sent
if (core::post('VAT_number') != NULL) {
//if VAT submited and country is from EU verify it, not valid do not store it and display on page
if (!euvat::verify_vies(core::post('VAT_number'), $user->country)) {
Alert::set(Alert::ERROR, __('Invalid EU Vat Number, please verify number and country match'));
$this->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'billing')) . '?order_id=' . core::request('order_id') . '');
}
}
//save user data
try {
$user->save();
Alert::set(Alert::SUCCESS, __('Billing information changed'));
} catch (ORM_Validation_Exception $e) {
Form::set_errors($e->errors(''));
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
//in case there was an order rediret him to checkout
if (is_numeric(core::request('order_id'))) {
$this->redirect(Route::url('default', array('controller' => 'product', 'action' => 'checkout', 'id' => core::request('order_id'))));
}
}
}
