/**
* {@inheritDoc}
*/
public function processPost($request)
{
$translator = $this->get('translator');
$emailAddress = $request->request->get('email_address');
$account = $this->container->get('accountService')->getAccountForEmailAddress($emailAddress);
if (null === $account || Account::REGISTERED != $account->getType()) {
$this->get('session.flash_bag')->error($translator->trans("Sorry, there is no account with the email address '%email%'.", array('%email%' => $emailAddress)));
return $this->findView();
}
$encoder = $this->get('security.encoder_factory')->getEncoder($account);
$minLength = $this->get('settingsService')->get('zenmagick.base.security.authentication.minPasswordLength', 8);
$newPassword = Toolbox::random($minLength, Toolbox::RANDOM_MIXED);
$newEncodedPassword = $encoder->encodePassword($newPassword);
// update account password (encrypted)
$this->container->get('accountService')->setAccountPassword($account->getId(), $newEncodedPassword);
// send email (clear text)
$settingsService = $this->container->get('settingsService');
$message = $this->container->get('messageBuilder')->createMessage('password_forgotten', true, $request, array('password' => $newPassword));
$message->setSubject($translator->trans('Forgotten Password - %store_name%', array('%store_name%' => $settingsService->get('storeName'))))->setTo($emailAddress, $account->getFullName())->setFrom($settingsService->get('storeEmail'));
$this->container->get('mailer')->send($message);
$this->container->get('event_dispatcher')->dispatch('password_changed', new GenericEvent($this, array('controller' => $this, 'account' => $account, 'clearPassword' => $newPassword)));
// report success
$this->get('session.flash_bag')->success($translator->trans('A new password has been sent to your email address.'));
return $this->findView('success');
}
/**
* {@inheritDoc}
*/
public function encodePassword($raw, $salt = null)
{
$password = '';
for ($i = 0; $i < 10; $i++) {
$password .= Toolbox::random(Toolbox::RANDOM_MIXED);
}
$salt = substr(md5($password), 0, 2);
$password = md5($salt . $raw) . ':' . $salt;
return $password;
}
/**
* {@inheritDoc}
*/
public function processPost($request)
{
$email = $request->request->get('email');
$adminUserService = $this->container->get('adminUserService');
$user = $adminUserService->getUserForEmail($email);
$translator = $this->get('translator');
if (null === $user) {
$message = $translator->trans("Sorry, there is no account with that email address '%s'.", array('%email%' => $email));
$this->get('session.flash_bag')->error($message);
return $this->findView();
}
$encoder = $this->get('security.encoder_factory')->getEncoder($user);
$minLength = $this->get('settingsService')->get('zenmagick.base.security.authentication.minPasswordLength', 8);
$newPassword = Toolbox::random($minLength, Toolbox::RANDOM_MIXED);
$newEncrpytedPassword = $encoder->encodePassword($newPassword);
$user->setPassword($newEncrpytedPassword);
$adminUserService->updateUser($user);
$message = $this->container->get('messageBuilder')->createMessage('reset_password', false, $request, array('newPassword' => $newPassword));
$message->setSubject($translator->trans('New password request'))->setTo($email)->setFrom($this->container->get('settingsService')->get('storeEmail'));
$this->container->get('mailer')->send($message);
// report success
$this->get('session.flash_bag')->success($translator->trans('A new password has been sent to your email address.'));
return $this->findView('success');
}
/**
* Method to generate a cart ID
*
* @param length of ID to generate
* @return string cart ID
*/
public function generate_cart_id($length = 5)
{
return \ZenMagick\Base\Toolbox::random($length, 'digits');
}
/**
* Event callback to inject the required JS.
*/
public function onFinaliseContent($event)
{
$request = $event->getArgument('request');
$trackingType = $this->get('trackingType');
if (in_array($request->getRequestId(), array('product_info', 'shopping_cart')) && null !== $this->recommendationsLoadedFor) {
// TODO: won't work with minify
$scriptFile = 'ga' == $trackingType ? 'liftsuggest.js' : 'liftsuggest_traditional.js';
$protocol = $request->isSecure() ? 'https://' : 'http://';
$code1 = sprintf('<script type="text/javascript" src="%swww.liftsuggest.com/js/%s?cache=%s"></script>', $protocol, $scriptFile, Toolbox::random(10, Toolbox::RANDOM_DIGITS));
$code2 = $this->getTrackerCode($request);
if (Toolbox::asBoolean($this->get('debug'))) {
$code1 = str_replace('<script', '<!--script', $code1);
$code1 = str_replace('</script>', '/script-->', $code1);
$code2 = str_replace('<script', '<!--script', $code2);
$code2 = str_replace('</script>', '/script-->', $code2);
}
$content = $event->getArgument('content');
if ('ga' == $trackingType) {
$content = preg_replace('/<\\/head>/', $code1 . '</head>', $content, 1);
$content = preg_replace('/pageTracker._trackPageview\\(/', $code2 . 'pageTracker._trackPageview(', $content, 1);
} elseif ('as' == $trackingType) {
$content = preg_replace('/<\\/body>/', $code1 . $code2 . '</body>', $content, 1);
}
$event->setArgument('content', $content);
}
}
/**
* {@inheritDoc}
*/
public function processGet($request)
{
$translator = $this->get('translator');
$orderId = $request->query->get('order');
$id = $request->query->get('id');
if (null == $orderId || null == $id) {
$this->get('session.flash_bag')->error($translator->trans('Download not found'));
return $this->findView('error');
}
$languageId = $request->getSession()->getLanguageId();
$order = $this->container->get('orderService')->getOrderForId($orderId, $languageId);
$account = $this->getUser();
if ($account->getId() != $order->getAccountId()) {
$this->get('session.flash_bag')->error($translator->trans('Order not found'));
return $this->findView('error');
}
$product = null;
foreach ($order->getDownloads() as $download) {
if ($download->getId() == $id) {
$product = $download;
}
}
if (null == $product || !$product->isDownloadable()) {
$this->get('session.flash_bag')->error($translator->trans('No such download or download has expired.'));
return $this->findView('error');
}
if ($product->getMaxDays() > 0) {
// ignore for unlimited downloads
$query = "UPDATE %table.orders_products_download% SET download_count = download_count - 1\n WHERE orders_products_download_id = :id";
\ZMRuntime::getDatabase()->updateObj($query, array('id' => $id), 'orders_products_download');
}
$settingsService = $this->container->get('settingsService');
$downloadBaseDir = $settingsService->get('downloadBaseDir');
$fileName = $product->getFilename();
$filePath = $downloadBaseDir . '/' . $fileName;
$fileSize = $product->getFilesize();
$outputFileName = basename(str_replace(' ', '_', $fileName));
// Download by redirect.
// @todo only works on windows >= Vista. Should have a warning somewhere.
if ($settingsService->get('downloadByRedirect')) {
// @todo use web accessible cache sub directory for downloadPubDir
$pubDir = $settingsService->get('downloadPubDir');
if (empty($pubDir) || !is_writeable($pubDir)) {
$this->get('session.flash_bag')->error($translator->trans('Could not write to public download directory.'));
return $this->findView('error');
}
/**
* @todo this seems like an obvious race condition when more than one download is happening.
* But i have heard no reports of it causing problems. INVESTIGATE!!
*/
$this->cleanTempDir($pubDir);
$pubLocalDir = '.' . Toolbox::random(32);
umask(00);
mkdir($pubDir . '/' . $pubLocalDir, 0777, true);
$target = $pubDir . '/' . $pubLocalDir . '/' . $outputFileName;
$link = @symlink($filePath, $target);
if ($link) {
$url = $this->getRequest()->getUriForPath($target);
return new RedirectResponse($url, 303);
}
}
// Streaming downloads.
// @todo offer a generic streaming method on the controller
// and rely on HttpFoundation\Response
if (headers_sent()) {
$msg = 'Could not send download because headers were already sent.';
throw new ZMException($msg);
}
ini_set('zlib.output_compression', 'Off');
/**
* Now send the file with header() magic
* The "must-revalidate" and expiry times are used to prevent caching and fraudulent re-acquiring of files w/o redownloading.
* Certain browsers require certain header combinations, especially when related to SSL mode and caching
*
* @todo rely on HttpFoundation\Response
* @copyright the zencart developers
*/
header('Expires: Mon, 22 Jan 2002 00:00:00 GMT');
header('Last-Modified: ' . gmdate('D,d M Y H:i:s') . ' GMT');
if (preg_match('/msie/i', $request->server->get('HTTP_USER_AGENT'))) {
header('Pragma: public');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Cache-Control: private', FALSE);
header('Cache-Control: max-age=1');
// stores for only 1 second, which helps allow SSL downloads to work more reliably in IE
} else {
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
}
// force file to be downloaded.
header('Content-Type: application/x-octet-stream');
header('Content-Type: application/force-download');
header('Content-Type: application/octet-stream');
header('Content-Type: application/download');
header('Content-Transfer-Encoding: binary');
header('Content-Disposition: attachment; filename="' . urlencode($outputFileName) . '"');
if ($fileSize > 0) {
header('Content-Length: ' . (string) $fileSize);
}
if (!$settingsService->get('downloadInChunks')) {
readfile($filePath);
} else {
@set_time_limit(1500);
$fp = fopen($filePath, 'rb');
while (!feof($fp)) {
echo fread($fp, 4096);
flush();
}
fclose($fp);
return null;
}
}
