/**
* Display recaptcha function
* @return string|bool
*/
public function display()
{
if (!Setting::readOrFail('Recaptcha.enable')) {
return false;
}
$sitekey = Setting::readOrFail('Recaptcha.sitekey');
$lang = Setting::readOrFail('Recaptcha.lang');
$theme = Setting::readOrFail('Recaptcha.theme');
$type = Setting::readOrFail('Recaptcha.type');
return <<<EOF
<script type="text/javascript" src="https://www.google.com/recaptcha/api.js?hl={$lang}" async defer></script>
<div class="g-recaptcha" data-sitekey="{$sitekey}" data-theme="{$theme}" data-type="{$type}"></div>
<noscript>
<div>
<div style="width: 302px; height: 422px; position: relative;">
<div style="width: 302px; height: 422px; position: absolute;">
<iframe src="https://www.google.com/recaptcha/api/fallback?k={$sitekey}"
frameborder="0" scrolling="no"
style="width: 302px; height:422px; border-style: none;">
</iframe>
</div>
</div>
<div style="width: 300px; height: 60px; border-style: none;
bottom: 12px; left: 25px; margin: 0px; padding: 0px; right: 25px;
background: #f9f9f9; border: 1px solid #c1c1c1; border-radius: 3px;">
<textarea id="g-recaptcha-response" name="g-recaptcha-response"
class="g-recaptcha-response"
style="width: 250px; height: 40px; border: 1px solid #c1c1c1;
margin: 10px 25px; padding: 0px; resize: none;" >
</textarea>
</div>
</div>
</noscript>
EOF;
}
/**
* verify recaptcha
* @return bool
*/
public function verify()
{
if (!Setting::readOrFail('Recaptcha.enable')) {
return true;
}
$controller = $this->_registry->getController();
if (isset($controller->request->data['g-recaptcha-response'])) {
$response = (new Client())->post('https://www.google.com/recaptcha/api/siteverify', ['secret' => Setting::readOrFail('Recaptcha.secret'), 'response' => $controller->request->data['g-recaptcha-response'], 'remoteip' => $controller->request->clientIp()]);
return json_decode($response->body)->success;
}
return false;
}
/**
* Active Account
* @param string $token hash from $user->email . $user->token_created . $user->id
* @param string $email email
* @return Cake\Network\Response
*/
public function activeAccount($token = null, $email = null)
{
if (!$token || !$email) {
throw new NotFoundException(__('Missing required information. Please read email carefully and try again.'));
}
$user = $this->Users->findByEmailAndStatus($email, false)->first();
if (!$user) {
throw new RecordNotFoundException(__('Account not found or already activated. Please read email carefully and try again.'));
}
if ($token != Security::hash($user->email . $user->token_created . $user->id, 'sha1', true)) {
throw new ForbiddenException(__('Invalid token. Please read email carefully and try again.'));
}
if (!$user->token_created->wasWithinLast(Setting::readOrFail('Member.RegisterTokenExpired'))) {
throw new ForbiddenException(__('Your request has been expired. Please contact to your administrator.'));
}
unset($user->password);
if ($this->request->is('put')) {
$allowedToChange = ['password', 're_password', 'full_name'];
$data = array_intersect_key($this->request->data, array_flip($allowedToChange));
$user = $this->Users->patchEntity($user, $data, ['validate' => 'ActiveAccount']);
$user->status = true;
if ($this->Users->save($user)) {
unset($user->password);
$url = Router::url(['prefix' => 'admin', 'controller' => 'Users', 'action' => 'login', '_full' => true]);
TableRegistry::get('EmailQueue')->enqueue($user->email, ['user' => $user, 'url' => $url], ['subject' => __('Your account has been activated'), 'template' => 'Users/account_verified', 'layout' => 'default', 'format' => 'html']);
$this->Flash->success(__('Your account has been activated. You can login right now'));
return $this->redirect(['action' => 'login']);
}
}
$this->set(compact('user'));
}
