  * Start forms process
  * @see FrontController::postProcess()
 public function postProcess()
     if (Tools::isSubmit('email')) {
         if (!($email = Tools::getValue('email')) || !Validate::isEmail($email)) {
             $this->errors[] = Tools::displayError('Invalid e-mail address');
         } else {
             $customer = new Customer();
             if (!Validate::isLoadedObject($customer)) {
                 $this->errors[] = Tools::displayError('There is no account registered to this e-mail address.');
             } elseif (!$customer->active) {
                 $this->errors[] = Tools::displayError('You cannot regenerate the password for this account.');
             } elseif (strtotime($customer->last_passwd_gen . '+' . (int) ($min_time = Configuration::get('PS_PASSWD_TIME_FRONT')) . ' minutes') - time() > 0) {
                 $this->errors[] = sprintf(Tools::displayError('You can regenerate your password only every %d minute(s)'), (int) $min_time);
             } else {
                 $mail_params = array('{email}' => $customer->email, '{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{url}' => $this->context->link->getPageLink('password', true, null, 'token=' . $customer->secure_key . '&id_customer=' . (int) $customer->id));
                 if (Mail::Send($this->context->language->id, 'password_query', Mail::l('Password query confirmation'), $mail_params, $customer->email, $customer->firstname . ' ' . $customer->lastname)) {
                     $this->context->smarty->assign(array('confirmation' => 2, 'email' => $customer->email));
                 } else {
                     $this->errors[] = Tools::displayError('Error occurred while sending the e-mail.');
     } elseif (($token = Tools::getValue('token')) && ($id_customer = (int) Tools::getValue('id_customer'))) {
         $email = Db::getInstance()->getValue('SELECT `email` FROM ' . _DB_PREFIX_ . 'customer c WHERE c.`secure_key` = \'' . pSQL($token) . '\' AND c.id_customer = ' . (int) $id_customer);
         if ($email) {
             $customer = new Customer();
             if (!Validate::isLoadedObject($customer)) {
                 $this->errors[] = Tools::displayError('Customer account not found');
             } elseif (!$customer->active) {
                 $this->errors[] = Tools::displayError('You cannot regenerate the password for this account.');
             } elseif (strtotime($customer->last_passwd_gen . '+' . (int) Configuration::get('PS_PASSWD_TIME_FRONT') . ' minutes') - time() > 0) {
             } else {
                 $customer->passwd = Tools::encrypt($password = Tools::passwdGen(MIN_PASSWD_LENGTH));
                 $customer->last_passwd_gen = date('Y-m-d H:i:s', time());
                 if ($customer->update()) {
                     Hook::exec('actionPasswordRenew', array('customer' => $customer, 'password' => $password));
                     $mail_params = array('{email}' => $customer->email, '{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{passwd}' => $password);
                     if (Mail::Send($this->context->language->id, 'password', Mail::l('Your new password'), $mail_params, $customer->email, $customer->firstname . ' ' . $customer->lastname)) {
                         $this->context->smarty->assign(array('confirmation' => 1, 'email' => $customer->email));
                     } else {
                         $this->errors[] = Tools::displayError('Error occurred while sending the e-mail.');
                 } else {
                     $this->errors[] = Tools::displayError('An error occurred with your account and your new password cannot be sent to your e-mail. Please report your problem using the contact form.');
         } else {
             $this->errors[] = Tools::displayError('We cannot regenerate your password with the data you submitted');
     } elseif (Tools::getValue('token') || Tools::getValue('id_customer')) {
         $this->errors[] = Tools::displayError('We cannot regenerate your password with the data you submitted');
 public function process()
     if (Tools::isSubmit('email')) {
         if (!($email = Tools::getValue('email')) or !Validate::isEmail($email)) {
             $this->errors[] = Tools::displayError('Invalid e-mail address');
         } else {
             $customer = new Customer();
             if (!Validate::isLoadedObject($customer)) {
                 $this->errors[] = Tools::displayError('There is no account registered to this e-mail address.');
             } else {
                 if (strtotime($customer->last_passwd_gen . '+' . (int) ($min_time = Configuration::get('PS_PASSWD_TIME_FRONT')) . ' minutes') - time() > 0) {
                     $this->errors[] = Tools::displayError('You can regenerate your password only every') . ' ' . (int) $min_time . ' ' . Tools::displayError('minute(s)');
                 } else {
                     if (Mail::Send((int) self::$cookie->id_lang, 'password_query', Mail::l('Password query confirmation'), array('{email}' => $customer->email, '{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{url}' => self::$link->getPageLink('password.php', true) . '?token=' . $customer->secure_key . '&id_customer=' . (int) $customer->id), $customer->email, $customer->firstname . ' ' . $customer->lastname)) {
                         self::$smarty->assign(array('confirmation' => 2, 'email' => $customer->email));
                     } else {
                         $this->errors[] = Tools::displayError('Error occurred when sending the e-mail.');
     } elseif (($token = Tools::getValue('token')) && ($id_customer = (int) Tools::getValue('id_customer'))) {
         $email = Db::getInstance()->getValue('SELECT `email` FROM ' . _DB_PREFIX_ . 'customer c WHERE c.`secure_key` = \'' . pSQL($token) . '\' AND c.id_customer = ' . (int) $id_customer);
         if ($email) {
             $customer = new Customer();
             if (strtotime($customer->last_passwd_gen . '+' . (int) ($min_time = Configuration::get('PS_PASSWD_TIME_FRONT')) . ' minutes') - time() > 0) {
             } else {
                 $customer->passwd = Tools::encrypt($password = Tools::passwdGen((int) MIN_PASSWD_LENGTH));
                 $customer->last_passwd_gen = date('Y-m-d H:i:s', time());
                 if ($customer->update()) {
                     if (Mail::Send((int) self::$cookie->id_lang, 'password', Mail::l('Your password'), array('{email}' => $customer->email, '{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{passwd}' => $password), $customer->email, $customer->firstname . ' ' . $customer->lastname)) {
                         self::$smarty->assign(array('confirmation' => 1, 'email' => $customer->email));
                     } else {
                         $this->errors[] = Tools::displayError('Error occurred when sending the e-mail.');
                 } else {
                     $this->errors[] = Tools::displayError('An error occurred with your account and your new password cannot be sent to your e-mail. Please report your problem using the contact form.');
         } else {
             $this->errors[] = Tools::displayError('We cannot regenerate your password with the data you submitted');
     } elseif (($token = Tools::getValue('token')) || ($id_customer = Tools::getValue('id_customer'))) {
         $this->errors[] = Tools::displayError('We cannot regenerate your password with the data you submitted');
Esempio n. 3
if (Tools::isSubmit('SubmitLogin')) {
    $passwd = trim(Tools::getValue('passwd'));
    $email = trim(Tools::getValue('email'));
    if (empty($email)) {
        $errors[] = Tools::displayError('e-mail address is required');
    } elseif (!Validate::isEmail($email)) {
        $errors[] = Tools::displayError('invalid e-mail address');
    } elseif (empty($passwd)) {
        $errors[] = Tools::displayError('password is required');
    } elseif (Tools::strlen($passwd) > 32) {
        $errors[] = Tools::displayError('password is too long');
    } elseif (!Validate::isPasswd($passwd)) {
        $errors[] = Tools::displayError('invalid password');
    } else {
        $customer = new Customer();
        $authentication = $customer->getByemail(trim($email), trim($passwd));
        /* Handle brute force attacks */
        if (!$authentication or !$customer->id) {
            $errors[] = Tools::displayError('authentication failed');
        } else {
            $cookie->id_customer = intval($customer->id);
            $cookie->customer_lastname = $customer->lastname;
            $cookie->customer_firstname = $customer->firstname;
            $cookie->logged = 1;
            $cookie->passwd = $customer->passwd;
            $cookie->email = $customer->email;
            if (Configuration::get('PS_CART_FOLLOWING') and (empty($cookie->id_cart) or Cart::getNbProducts($cookie->id_cart) == 0)) {
                $cookie->id_cart = intval(Cart::lastNoneOrderedCart(intval($customer->id)));
            $id_address = intval(Address::getFirstCustomerAddressId(intval($customer->id)));
 public function process()
     if (Tools::isSubmit('SubmitPassword')) {
         $new_pass = Tools::getValue('new_password');
         $retype_pass = Tools::getValue('retype_password');
         if (strcmp($new_pass, $retype_pass)) {
             $errors[] = Tools::displayError("Password fields don't match. Please retype.");
         } else {
             $email = Tools::getValue('email');
             $customer = new Customer();
             if (!Validate::isLoadedObject($customer)) {
                 $errors[] = Tools::displayError('Could not retrieve the account information.');
             } else {
                 $customer->passwd = Tools::encrypt($new_pass);
                 $customer->reset_token = NULL;
                 $customer->reset_time = NULL;
                 if ($customer->update()) {
                     self::$cart->secure_key = $customer->secure_key;
                     self::$cookie->id_customer = (int) $customer->id;
                     self::$cookie->customer_lastname = $customer->lastname;
                     self::$cookie->customer_firstname = $customer->firstname;
                     self::$cookie->passwd = $customer->passwd;
                     self::$cookie->logged = 1;
                     self::$cookie->email = $customer->email;
                     if (Configuration::get('PS_CART_FOLLOWING') and (empty(self::$cookie->id_cart) or Cart::getNbProducts(self::$cookie->id_cart) == 0)) {
                         self::$cookie->id_cart = (int) Cart::lastNoneOrderedCart((int) $customer->id);
                 } else {
                     $errors[] = Tools::displayError('error resetting the password');
     } else {
         if (Tools::isSubmit('email')) {
             if (!($email = Tools::getValue('email')) or !Validate::isEmail($email)) {
                 $this->errors[] = Tools::displayError('Invalid e-mail address');
             } else {
                 $customer = new Customer();
                 if (!Validate::isLoadedObject($customer)) {
                     $this->errors[] = Tools::displayError('There is no account registered to this e-mail address.');
                 } else {
                     if (strtotime($customer->last_passwd_gen . '+' . (int) ($min_time = Configuration::get('PS_PASSWD_TIME_FRONT')) . ' minutes') - time() > 0) {
                         $this->errors[] = Tools::displayError('You can regenerate your password only every') . ' ' . (int) $min_time . ' ' . Tools::displayError('minute(s)');
                     } else {
                         if (Mail::Send((int) self::$cookie->id_lang, 'password_query', Mail::l('Your password reset request at IndusDiva.com'), array('{email}' => $customer->email, '{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{url}' => self::$link->getPageLink('password.php', true) . '?token=' . $customer->secure_key . '&id_customer=' . (int) $customer->id), $customer->email, $customer->firstname . ' ' . $customer->lastname)) {
                             self::$smarty->assign(array('confirmation' => 2, 'email' => $customer->email));
                         } else {
                             $this->errors[] = Tools::displayError('Error occurred when sending the e-mail.');
         } elseif (($token = Tools::getValue('token')) && ($id_customer = (int) Tools::getValue('id_customer'))) {
             $email = Db::getInstance()->getValue('SELECT `email` FROM ' . _DB_PREFIX_ . 'customer c WHERE c.`secure_key` = "' . pSQL($token) . '" AND c.id_customer=' . (int) $id_customer);
             if ($email) {
                 $customer = new Customer();
                 if (strtotime($customer->last_passwd_gen . '+' . (int) ($min_time = Configuration::get('PS_PASSWD_TIME_FRONT')) . ' minutes') - time() > 0) {
                 } else {
                     self::$smarty->assign(array('password_reset' => 1, 'email' => $customer->email));
                     $customer->passwd = Tools::encrypt($password = Tools::passwdGen((int)(MIN_PASSWD_LENGTH)));
                     $customer->last_passwd_gen = date('Y-m-d H:i:s', time());
                     if ($customer->update())
                     	if (Mail::Send((int)(self::$cookie->id_lang), 'password', Mail::l('Your password'), 
                     	array('{email}' => $customer->email, 
                     		  '{lastname}' => $customer->lastname, 
                     		  '{firstname}' => $customer->firstname, 
                     		  '{passwd}' => $password), 
                     	$customer->firstname.' '.$customer->lastname)) 
                     		self::$smarty->assign(array('confirmation' => 1, 'email' => $customer->email));
                     		$this->errors[] = Tools::displayError('Error occurred when sending the e-mail.');
                     	$this->errors[] = Tools::displayError('An error occurred with your account and your new password cannot be sent to your e-mail. Please report your problem using the contact form.');
             } else {
                 $this->errors[] = Tools::displayError('We cannot regenerate your password with the data you submitted');
         } elseif (($token = Tools::getValue('token')) || ($id_customer = Tools::getValue('id_customer'))) {
             $this->errors[] = Tools::displayError('We cannot regenerate your password with the data you submitted');
Esempio n. 5
function submitLogin()
    global $cookie, $errors;
    $passwd = trim(Tools::getValue('passwd'));
    $email = trim(Tools::getValue('email'));
    if (empty($email)) {
        $errors[] = Tools::displayError('e-mail address is required');
    } elseif (empty($email) or !Validate::isEmail($email)) {
        $errors[] = Tools::displayError('invalid e-mail address');
    } elseif (empty($passwd)) {
        $errors[] = Tools::displayError('password is required');
    } elseif (Tools::strlen($passwd) > 32) {
        $errors[] = Tools::displayError('password is too long');
    } elseif (!Validate::isPasswd($passwd)) {
        $errors[] = Tools::displayError('invalid password');
    } else {
        $customer = new Customer();
        $authentication = $customer->getByemail(trim($email), trim($passwd));
        /* Handle brute force attacks */
        if (!$authentication or !$customer->id) {
            $errors[] = Tools::displayError('authentication failed');
        } else {
            $cookie->id_customer = (int) $customer->id;
            $cookie->customer_lastname = $customer->lastname;
            $cookie->customer_firstname = $customer->firstname;
            $cookie->logged = 1;
            $cookie->passwd = $customer->passwd;
            $cookie->email = $customer->email;
            if (Configuration::get('PS_CART_FOLLOWING') and (empty($cookie->id_cart) or Cart::getNbProducts($cookie->id_cart) == 0)) {
                $cookie->id_cart = Cart::lastNoneOrderedCart($customer->id);
            // Next !
            $payerID = strval(Tools::getValue('payerID'));
Esempio n. 6

include dirname(__FILE__) . '/config/config.inc.php';
include dirname(__FILE__) . '/header.php';
define('MIN_PASSWD_LENGTH', 8);
$errors = array();
if (Tools::isSubmit('email')) {
    if (!($email = Tools::getValue('email')) or !Validate::isEmail($email)) {
        $errors[] = Tools::displayError('invalid e-mail address');
    } else {
        $customer = new Customer();
        if (!Validate::isLoadedObject($customer)) {
            $errors[] = Tools::displayError('there is no account registered to this e-mail address');
        } else {
            if (strtotime($customer->last_passwd_gen . '+' . intval($min_time = Configuration::get('PS_PASSWD_TIME_FRONT')) . ' minutes') - time() > 0) {
                $errors[] = Tools::displayError('You can regenerate your password only each') . ' ' . intval($min_time) . ' ' . Tools::displayError('minute(s)');
            } else {
                $customer->passwd = Tools::encrypt($password = Tools::passwdGen(intval(MIN_PASSWD_LENGTH)));
                $customer->last_passwd_gen = date('Y-m-d H:i:s', time());
                if ($customer->update()) {
                    Mail::Send(intval($cookie->id_lang), 'password', 'Your password', array('{email}' => $customer->email, '{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{passwd}' => $password), $customer->email, $customer->firstname . ' ' . $customer->lastname);
                    $smarty->assign(array('confirmation' => 1, 'email' => $customer->email));
                } else {
                    $errors[] = Tools::displayError('error with your account and your new password cannot be sent to your e-mail; please report your problem using the contact form');
$smarty->assign('errors', $errors);