/**
* Complete password reset
*
* @param string $hash Identification hash of a password reset token
* @param string $password New password of the user
* @param string $passwordRepeat Confirmation of the new password
* @return void
*
* @validate $password NotEmpty
* @validate $passwordRepeat NotEmpty
*/
public function completePasswordResetAction($hash, $password, $passwordRepeat)
{
$token = $this->tokenCache->get($hash);
if ($token !== FALSE) {
$user = $this->frontendUserRepository->findByIdentifier($token['uid']);
if ($user !== NULL) {
if ($this->hashService->validateHmac($user->getPassword(), $token['hmac'])) {
$user->setPassword($this->passwordService->applyTransformations($password));
$this->frontendUserRepository->update($user);
$this->tokenCache->remove($hash);
if ($this->getSettingValue('passwordReset.loginOnSuccess')) {
$this->authenticationService->authenticateUser($user);
$this->addLocalizedFlashMessage('resetPassword.completed.login', NULL, FlashMessage::OK);
} else {
$this->addLocalizedFlashMessage('resetPassword.completed', NULL, FlashMessage::OK);
}
} else {
$this->addLocalizedFlashMessage('resetPassword.failed.expired', NULL, FlashMessage::ERROR);
}
} else {
$this->addLocalizedFlashMessage('resetPassword.failed.invalid', NULL, FlashMessage::ERROR);
}
} else {
$this->addLocalizedFlashMessage('resetPassword.failed.expired', NULL, FlashMessage::ERROR);
}
$loginPageUid = $this->getSettingValue('login.page');
$this->redirect('showLoginForm', NULL, NULL, NULL, $loginPageUid);
}
/**
* Checks if the registration can be cancelled and returns an array of variables
*
* @param int $reguid UID of registration
* @param string $hmac HMAC for parameters
*
* @return array
*/
public function checkCancelRegistration($reguid, $hmac)
{
/* @var $registration Registration */
$registration = NULL;
$failed = FALSE;
$messageKey = 'event.message.cancel_successful';
$titleKey = 'cancelRegistration.title.successful';
if (!$this->hashService->validateHmac('reg-' . $reguid, $hmac)) {
$failed = TRUE;
$messageKey = 'event.message.cancel_failed_wrong_hmac';
$titleKey = 'cancelRegistration.title.failed';
} else {
$registration = $this->registrationRepository->findByUid($reguid);
}
if (!$failed && is_null($registration)) {
$failed = TRUE;
$messageKey = 'event.message.cancel_failed_registration_not_found_or_cancelled';
$titleKey = 'cancelRegistration.title.failed';
}
if (!$failed && $registration->getEvent()->getEnableCancel() === FALSE) {
$failed = TRUE;
$messageKey = 'event.message.confirmation_failed_cancel_disabled';
$titleKey = 'cancelRegistration.title.failed';
}
if (!$failed && $registration->getEvent()->getCancelDeadline() > 0 && $registration->getEvent()->getCancelDeadline() < new \DateTime()) {
$failed = TRUE;
$messageKey = 'event.message.cancel_failed_deadline_expired';
$titleKey = 'cancelRegistration.title.failed';
}
return array($failed, $registration, $messageKey, $titleKey);
}
/**
* Returns banners for the given parameters if given Hmac validation succeeds
*
* @param string $categories
* @param string $startingPoint
* @param string $displayMode
* @param int $currentPageUid
* @param string $hmac
* @return string
*/
public function getBannersAction($categories = '', $startingPoint = '', $displayMode = 'all', $currentPageUid = 0, $hmac = '')
{
$compareString = $currentPageUid . $categories . $startingPoint . $displayMode;
if ($this->hashService->validateHmac($compareString, $hmac)) {
/** @var \DERHANSEN\SfBanners\Domain\Model\BannerDemand $demand */
$demand = $this->objectManager->get('DERHANSEN\\SfBanners\\Domain\\Model\\BannerDemand');
$demand->setCategories($categories);
$demand->setStartingPoint($startingPoint);
$demand->setDisplayMode($displayMode);
$demand->setCurrentPageUid($currentPageUid);
/* Get banners */
$banners = $this->bannerRepository->findDemanded($demand);
/* Update Impressions */
$this->bannerRepository->updateImpressions($banners);
/* Collect identifier based on uids for all banners */
$ident = $GLOBALS['TSFE']->id . $GLOBALS['TSFE']->sys_language_uid;
foreach ($banners as $banner) {
$ident .= $banner->getUid();
}
$ret = $this->cacheInstance->get(sha1($ident));
if ($ret === false || $ret === null) {
$this->view->assign('banners', $banners);
$this->view->assign('settings', $this->settings);
$ret = $this->view->render();
// Save value in cache
$this->cacheInstance->set(sha1($ident), $ret, array('sf_banners'), $this->settings['cacheLifetime']);
}
} else {
$ret = LocalizationUtility::translate('wrong_hmac', 'SfBanners');
}
return $ret;
}
/**
* Verify the request. Checks if there is an __hmac argument, and if yes, tries to validate and verify it.
*
* In the end, $request->setHmacVerified is set depending on the value.
*
* @param \TYPO3\CMS\Extbase\Mvc\Web\Request $request The request to verify
* @throws \TYPO3\CMS\Extbase\Security\Exception\SyntacticallyWrongRequestHashException
* @return void
*/
public function verifyRequest(\TYPO3\CMS\Extbase\Mvc\Web\Request $request)
{
if (!$request->getInternalArgument('__hmac')) {
$request->setHmacVerified(FALSE);
return;
}
$hmac = $request->getInternalArgument('__hmac');
if (strlen($hmac) < 40) {
throw new \TYPO3\CMS\Extbase\Security\Exception\SyntacticallyWrongRequestHashException('Request hash too short. This is a probably manipulation attempt!', 1255089361);
}
$serializedFieldNames = substr($hmac, 0, -40);
// TODO: Constant for hash length needs to be introduced
$hash = substr($hmac, -40);
if ($this->hashService->validateHmac($serializedFieldNames, $hash)) {
$requestArguments = $request->getArguments();
// Unset framework arguments
unset($requestArguments['__referrer']);
unset($requestArguments['__hmac']);
if ($this->checkFieldNameInclusion($requestArguments, unserialize($serializedFieldNames))) {
$request->setHmacVerified(TRUE);
} else {
$request->setHmacVerified(FALSE);
}
} else {
$request->setHmacVerified(FALSE);
}
}
/**
* Checks the HMAC for the given action and registration
*
* @param \DERHANSEN\SfEventMgt\Domain\Model\Registration $registration
* @param string $hmac
* @param string $action
* @throws InvalidHashException
*/
protected function validateHmacForAction($registration, $hmac, $action)
{
$result = $this->hashService->validateHmac($action . '-' . $registration->getUid(), $hmac);
if (!$result) {
$message = LocalizationUtility::translate('payment.messages.invalidHmac', 'sf_event_mgt');
throw new InvalidHashException($message, 1899934890);
}
}
/**
* @param ElectionInvitation $electionInvitation
* @param string $hmac
* @return string
*/
public function voteAction(ElectionInvitation $electionInvitation = null, $hmac = '')
{
if (null !== $electionInvitation && '' !== $hmac) {
$saltedEmail = $electionInvitation->getSecret() . $electionInvitation->getElector()->getEmail();
if ($this->hashService->validateHmac($saltedEmail, $hmac)) {
if ($electionInvitation->isVoted()) {
$this->addFlashMessage(LocalizationUtility::translate('controller.fe.election.vote.already_voted', 'election'), LocalizationUtility::translate('controller.fe.election.vote.request_failed', 'election'), AbstractMessage::ERROR);
$this->redirect(FeDashboardController::ACTION_INDEX, FeDashboardController::CONTROLLER_NAME);
} elseif ($electionInvitation->getElectionEndDateAsTimestamp() < time()) {
$this->addFlashMessage(LocalizationUtility::translate('controller.fe.election.vote.election_finished', 'election'), LocalizationUtility::translate('controller.fe.election.vote.request_failed', 'election'), AbstractMessage::ERROR);
$this->redirect(FeDashboardController::ACTION_INDEX, FeDashboardController::CONTROLLER_NAME);
} else {
$this->view->assign('electionInvitation', $electionInvitation);
$this->view->assign('electionVoting', new ElectionVoting());
}
} else {
$this->addFlashMessage(LocalizationUtility::translate('controller.fe.election.vote.hmac_invalid', 'election'), LocalizationUtility::translate('controller.fe.election.vote.request_failed', 'election'), AbstractMessage::ERROR);
$this->redirect(FeDashboardController::ACTION_INDEX, FeDashboardController::CONTROLLER_NAME);
}
} else {
$this->addFlashMessage(LocalizationUtility::translate('controller.fe.election.vote.no_election_or_hmac', 'election'), LocalizationUtility::translate('controller.fe.election.vote.request_failed', 'election'), AbstractMessage::ERROR);
$this->redirect(FeDashboardController::ACTION_INDEX, FeDashboardController::CONTROLLER_NAME);
}
}
/**
* @test
*/
public function generatedHmacWillNotBeValidatedIfHashHasBeenChanged()
{
$string = 'asdf';
$hash = 'myhash';
$this->assertFalse($this->hashService->validateHmac($string, $hash));
}
/**
* Confirms the registration if possible and sends e-mails to admin and user
*
* @param int $reguid UID of registration
* @param string $hmac HMAC for parameters
*
* @return void
*/
public function confirmRegistrationAction($reguid, $hmac)
{
/* @var $registration Registration */
$registration = NULL;
$failed = FALSE;
$messageKey = 'event.message.confirmation_successful';
$titleKey = 'confirmRegistration.title.successful';
if (!$this->hashService->validateHmac('reg-' . $reguid, $hmac)) {
$failed = TRUE;
$messageKey = 'event.message.confirmation_failed_wrong_hmac';
$titleKey = 'confirmRegistration.title.failed';
} else {
$registration = $this->registrationRepository->findByUid($reguid);
}
if (!$failed && is_null($registration)) {
$failed = TRUE;
$messageKey = 'event.message.confirmation_failed_registration_not_found';
$titleKey = 'confirmRegistration.title.failed';
}
if (!$failed && $registration->getConfirmationUntil() < new \DateTime()) {
$failed = TRUE;
$messageKey = 'event.message.confirmation_failed_confirmation_until_expired';
$titleKey = 'confirmRegistration.title.failed';
}
if (!$failed && $registration->getConfirmed() === TRUE) {
$failed = TRUE;
$messageKey = 'event.message.confirmation_failed_already_confirmed';
$titleKey = 'confirmRegistration.title.failed';
}
if ($failed === FALSE) {
$registration->setConfirmed(TRUE);
$this->registrationRepository->update($registration);
// Send notifications to user and admin
$this->notificationService->sendUserMessage($registration->getEvent(), $registration, $this->settings, MessageType::REGISTRATION_CONFIRMED);
$this->notificationService->sendAdminMessage($registration->getEvent(), $registration, $this->settings, MessageType::REGISTRATION_CONFIRMED);
// Confirm registrations depending on main registration if necessary
if ($registration->getAmountOfRegistrations() > 1) {
$this->registrationService->confirmDependingRegistrations($registration);
}
}
$this->view->assign('messageKey', $messageKey);
$this->view->assign('titleKey', $titleKey);
}
