PageRenderTime 75ms CodeModel.GetById 29ms RepoModel.GetById 4ms app.codeStats 0ms

/app/code/core/Mage/XmlConnect/controllers/CustomerController.php

https://bitbucket.org/claudiu_marginean/magento-hg-mirror
PHP | 551 lines | 383 code | 54 blank | 114 comment | 77 complexity | 190398518b0f033f5287275a51ce5000 MD5 | raw file
Possible License(s): CC-BY-SA-3.0, LGPL-2.1, GPL-2.0, WTFPL
  1. <?php
  2. /**
  3. * Magento
  4. *
  5. * NOTICE OF LICENSE
  6. *
  7. * This source file is subject to the Open Software License (OSL 3.0)
  8. * that is bundled with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://opensource.org/licenses/osl-3.0.php
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@magentocommerce.com so we can send you a copy immediately.
  14. *
  15. * DISCLAIMER
  16. *
  17. * Do not edit or add to this file if you wish to upgrade Magento to newer
  18. * versions in the future. If you wish to customize Magento for your
  19. * needs please refer to http://www.magentocommerce.com for more information.
  20. *
  21. * @category Mage
  22. * @package Mage_XmlConnect
  23. * @copyright Copyright (c) 2010 Magento Inc. (http://www.magentocommerce.com)
  24. * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
  25. */
  26. /**
  27. * XmlConnect customer controller
  28. *
  29. * @author Magento Core Team <core@magentocommerce.com>
  30. */
  31. class Mage_XmlConnect_CustomerController extends Mage_XmlConnect_Controller_Action
  32. {
  33. /**
  34. * Customer authentification action
  35. *
  36. * @return void
  37. */
  38. public function loginAction()
  39. {
  40. $session = $this->_getSession();
  41. $request = $this->getRequest();
  42. if ($session->isLoggedIn()) {
  43. $this->_message($this->__('You are already logged in.'), self::MESSAGE_STATUS_ERROR);
  44. return;
  45. }
  46. if ($request->isPost()) {
  47. $user = $request->getParam('username');
  48. $pass = $request->getParam('password');
  49. try {
  50. if ($session->login($user, $pass)) {
  51. if ($session->getCustomer()->getIsJustConfirmed()) {
  52. $session->getCustomer()->sendNewAccountEmail('confirmed');
  53. }
  54. $this->_message($this->__('Authentication complete.'), self::MESSAGE_STATUS_SUCCESS);
  55. } else {
  56. $this->_message($this->__('Invalid login or password.'), self::MESSAGE_STATUS_ERROR);
  57. }
  58. } catch (Mage_Core_Exception $e) {
  59. switch ($e->getCode()) {
  60. case Mage_Customer_Model_Customer::EXCEPTION_EMAIL_NOT_CONFIRMED:
  61. // TODO: resend configmation email message with action
  62. break;
  63. case Mage_Customer_Model_Customer::EXCEPTION_INVALID_EMAIL_OR_PASSWORD:
  64. $message = $e->getMessage();
  65. break;
  66. default:
  67. $message = $e->getMessage();
  68. }
  69. $this->_message($message, self::MESSAGE_STATUS_ERROR);
  70. } catch (Exception $e) {
  71. $this->_message($this->__('Customer authentication problem.'), self::MESSAGE_STATUS_ERROR);
  72. }
  73. } else {
  74. $this->_message($this->__('Login and password are required.'), self::MESSAGE_STATUS_ERROR);
  75. }
  76. }
  77. /**
  78. * Customer logout
  79. *
  80. * @return void
  81. */
  82. public function logoutAction()
  83. {
  84. try {
  85. $this->_getSession()->logout();
  86. $this->_message($this->__('Logout complete.'), self::MESSAGE_STATUS_SUCCESS);
  87. } catch (Mage_Core_Exception $e) {
  88. $this->_message($e->getMessage(), self::MESSAGE_STATUS_ERROR);
  89. } catch (Exception $e) {
  90. $this->_message($this->__('Customer logout problem.'), self::MESSAGE_STATUS_ERROR);
  91. }
  92. }
  93. /**
  94. * Customer registration/edit account form
  95. *
  96. * @return void
  97. */
  98. public function formAction()
  99. {
  100. $customer = null;
  101. $editFlag = (int)$this->getRequest()->getParam('edit');
  102. if ($editFlag == 1) {
  103. if (!$this->_getSession()->isLoggedIn()) {
  104. $this->_message($this->__('Customer not logged in.'), self::MESSAGE_STATUS_ERROR);
  105. return ;
  106. }
  107. $customer = $this->_getSession()->getCustomer();
  108. }
  109. $this->loadLayout(false)->getLayout()->getBlock('xmlconnect.customer.form')->setCustomer($customer);
  110. $this->renderLayout();
  111. }
  112. /**
  113. * Change customer data action
  114. *
  115. * @return void
  116. */
  117. public function editAction()
  118. {
  119. if (!$this->_getSession()->isLoggedIn()) {
  120. $this->_message($this->__('Customer not logged in.'), self::MESSAGE_STATUS_ERROR);
  121. return ;
  122. }
  123. if ($this->getRequest()->isPost()) {
  124. $customer = $this->_getSession()->getCustomer();
  125. /* @var $customerForm Mage_Customer_Model_Form */
  126. $customerForm = Mage::getModel('customer/form');
  127. $customerForm->setFormCode('customer_account_edit')
  128. ->setEntity($customer);
  129. $customerData = $customerForm->extractData($this->getRequest());
  130. $errors = array();
  131. $customerErrors = $customerForm->validateData($customerData);
  132. if ($customerErrors !== true) {
  133. $errors = array_merge($customerErrors, $errors);
  134. } else {
  135. $customerForm->compactData($customerData);
  136. $customerErrors = $customer->validate();
  137. if (is_array($customerErrors)) {
  138. $errors = array_merge($customerErrors, $errors);
  139. }
  140. }
  141. if ($this->getRequest()->getParam('change_password')) {
  142. $currPass = $this->getRequest()->getPost('current_password');
  143. $newPass = $this->getRequest()->getPost('password');
  144. $confPass = $this->getRequest()->getPost('confirmation');
  145. if (empty($currPass) || empty($newPass) || empty($confPass)) {
  146. $errors[] = $this->__('Password fields cannot be empty.');
  147. }
  148. if ($newPass != $confPass) {
  149. $errors[] = $this->__('Please make sure your passwords match.');
  150. }
  151. $oldPass = $this->_getSession()->getCustomer()->getPasswordHash();
  152. if (strpos($oldPass, ':')) {
  153. list($_salt, $salt) = explode(':', $oldPass);
  154. } else {
  155. $salt = false;
  156. }
  157. if ($customer->hashPassword($currPass, $salt) == $oldPass) {
  158. $customer->setPassword($newPass);
  159. } else {
  160. $errors[] = $this->__('Invalid current password.');
  161. }
  162. }
  163. if (!empty($errors)) {
  164. $message = new Mage_XmlConnect_Model_Simplexml_Element('<message></message>');
  165. $message->addChild('status', self::MESSAGE_STATUS_ERROR);
  166. $message->addChild('text', implode(' ', $errors));
  167. $this->getResponse()->setBody($message->asNiceXml());
  168. return;
  169. }
  170. try {
  171. $customer->save();
  172. $this->_getSession()->setCustomer($customer);
  173. $this->_message($this->__('Account information has been saved.'), self::MESSAGE_STATUS_SUCCESS);
  174. return;
  175. } catch (Mage_Core_Exception $e) {
  176. $this->_message($e->getMessage(), self::MESSAGE_STATUS_ERROR);
  177. } catch (Exception $e) {
  178. if ($e instanceof Mage_Eav_Model_Entity_Attribute_Exception) {
  179. $this->_message($e->getMessage(), self::MESSAGE_STATUS_ERROR);
  180. } else {
  181. $this->_message($this->__('Can\'t save the customer.'), self::MESSAGE_STATUS_ERROR);
  182. }
  183. }
  184. } else {
  185. $this->_message($this->__('POST data is not valid.'), self::MESSAGE_STATUS_ERROR);
  186. }
  187. }
  188. /**
  189. * Save customer account
  190. *
  191. * @return void
  192. */
  193. public function saveAction()
  194. {
  195. $session = $this->_getSession();
  196. $request = $this->getRequest();
  197. if ($session->isLoggedIn()) {
  198. $this->_message($this->__('You are already logged in.'), self::MESSAGE_STATUS_ERROR);
  199. return;
  200. }
  201. $session->setEscapeMessages(true); // prevent XSS injection in user input
  202. if ($request->isPost()) {
  203. $errors = array();
  204. /* @var $customer Mage_Customer_Model_Customer */
  205. $customer = Mage::registry('current_customer');
  206. if (is_null($customer)) {
  207. $customer = Mage::getModel('customer/customer');
  208. }
  209. /* @var $customerForm Mage_Customer_Model_Form */
  210. $customerForm = Mage::getModel('customer/form');
  211. $customerForm->setFormCode('customer_account_create')
  212. ->setEntity($customer);
  213. $customerData = $customerForm->extractData($this->getRequest());
  214. if ($this->getRequest()->getParam('is_subscribed', false)) {
  215. $customer->setIsSubscribed(1);
  216. }
  217. /**
  218. * Initialize customer group id
  219. */
  220. $customer->getGroupId();
  221. try {
  222. $customerErrors = $customerForm->validateData($customerData);
  223. if ($customerErrors !== true) {
  224. $errors = array_merge($customerErrors, $errors);
  225. } else {
  226. $customerForm->compactData($customerData);
  227. $customer->setPassword($this->getRequest()->getPost('password'));
  228. $customer->setConfirmation($this->getRequest()->getPost('confirmation'));
  229. $customerErrors = $customer->validate();
  230. if (is_array($customerErrors)) {
  231. $errors = array_merge($customerErrors, $errors);
  232. }
  233. }
  234. $validationResult = count($errors) == 0;
  235. if (true === $validationResult) {
  236. $customer->save();
  237. if ($customer->isConfirmationRequired()) {
  238. $customer->sendNewAccountEmail('confirmation', $session->getBeforeAuthUrl());
  239. $message = $this->__('Account confirmation is required. Please check your email for the confirmation link.');
  240. $messageXmlObj = new Mage_XmlConnect_Model_Simplexml_Element('<message></message>');
  241. $messageXmlObj->addChild('status', self::MESSAGE_STATUS_SUCCESS);
  242. $messageXmlObj->addChild('text', $message);
  243. $messageXmlObj->addChild('confirmation', 1);
  244. $this->getResponse()->setBody($messageXmlObj->asNiceXml());
  245. return;
  246. } else {
  247. $session->setCustomerAsLoggedIn($customer);
  248. $customer->sendNewAccountEmail('registered');
  249. $this->_message($this->__('Thank you for registering!'), self::MESSAGE_STATUS_SUCCESS);
  250. return;
  251. }
  252. } else {
  253. if (is_array($errors)) {
  254. $message = implode("\n", $errors);
  255. } else {
  256. $message = $this->__('Invalid customer data.');
  257. }
  258. $this->_message($message, self::MESSAGE_STATUS_ERROR);
  259. return ;
  260. }
  261. } catch (Mage_Core_Exception $e) {
  262. if ($e->getCode() === Mage_Customer_Model_Customer::EXCEPTION_EMAIL_EXISTS) {
  263. $message = $this->__('An account with this email address already exists.');
  264. $session->setEscapeMessages(false);
  265. } else {
  266. $message = $e->getMessage();
  267. }
  268. $this->_message($message, self::MESSAGE_STATUS_ERROR);
  269. } catch (Exception $e) {
  270. $this->_message($this->__('Can\'t save the customer.'), self::MESSAGE_STATUS_ERROR);
  271. }
  272. }
  273. }
  274. /**
  275. * Send new password to customer by specified email
  276. *
  277. * @return void
  278. */
  279. public function forgotPasswordAction()
  280. {
  281. $email = $this->getRequest()->getPost('email');
  282. if ($email) {
  283. if (!Zend_Validate::is($email, 'EmailAddress')) {
  284. $this->_message($this->__('Invalid email address.'), self::MESSAGE_STATUS_ERROR);
  285. return;
  286. }
  287. $customer = Mage::getModel('customer/customer')
  288. ->setWebsiteId(Mage::app()->getStore()->getWebsiteId())
  289. ->loadByEmail($email);
  290. if ($customer->getId()) {
  291. try {
  292. $newPassword = $customer->generatePassword();
  293. $customer->changePassword($newPassword, false);
  294. $customer->sendPasswordReminderEmail();
  295. $this->_message($this->__('A new password has been sent.'), self::MESSAGE_STATUS_SUCCESS);
  296. return;
  297. } catch (Mage_Core_Exception $e) {
  298. $this->_message($e->getMessage(), self::MESSAGE_STATUS_ERROR);
  299. } catch (Exception $e) {
  300. $this->_message($this->__('Problem changing or sending password.'), self::MESSAGE_STATUS_ERROR);
  301. }
  302. } else {
  303. $this->_message($this->__('This email address was not found in our records.'), self::MESSAGE_STATUS_ERROR);
  304. }
  305. } else {
  306. $this->_message($this->__('Customer email not specified.'), self::MESSAGE_STATUS_ERROR);
  307. }
  308. }
  309. /**
  310. * Customer addresses list
  311. *
  312. * @return void
  313. */
  314. public function addressAction()
  315. {
  316. if (!$this->_getSession()->isLoggedIn()) {
  317. $this->_message($this->__('Customer not logged in.'), self::MESSAGE_STATUS_ERROR);
  318. return ;
  319. }
  320. if (count($this->_getSession()->getCustomer()->getAddresses())) {
  321. $this->loadLayout(false);
  322. $this->renderLayout();
  323. } else {
  324. $message = new Mage_XmlConnect_Model_Simplexml_Element('<message></message>');
  325. $message->addChild('status', self::MESSAGE_STATUS_ERROR);
  326. $message->addChild('is_empty_address_book', 1);
  327. $this->getResponse()->setBody($message->asNiceXml());
  328. }
  329. }
  330. /**
  331. * Customer add/edit address form
  332. *
  333. * @return void
  334. */
  335. public function addressFormAction()
  336. {
  337. if (!$this->_getSession()->isLoggedIn()) {
  338. $this->_message($this->__('Customer not logged in.'), self::MESSAGE_STATUS_ERROR);
  339. return ;
  340. }
  341. $address = Mage::getModel('customer/address');
  342. /**
  343. * Init address object
  344. */
  345. $addressId = (int)$this->getRequest()->getParam('id');
  346. if ($addressId) {
  347. $address->load($addressId);
  348. if ($address->getCustomerId() != $this->_getSession()->getCustomerId()) {
  349. $this->_message($this->__('Specified address does not exist.'), self::MESSAGE_STATUS_ERROR);
  350. return ;
  351. }
  352. }
  353. $this->loadLayout(false)->getLayout()->getBlock('xmlconnect.customer.address.form')->setAddress($address);
  354. $this->renderLayout();
  355. }
  356. /**
  357. * Remove customer address
  358. *
  359. * @return void
  360. */
  361. public function deleteAddressAction()
  362. {
  363. if (!$this->_getSession()->isLoggedIn()) {
  364. $this->_message($this->__('Customer not logged in.'), self::MESSAGE_STATUS_ERROR);
  365. return ;
  366. }
  367. $addressId = $this->getRequest()->getParam('id', false);
  368. if ($addressId) {
  369. $address = Mage::getModel('customer/address')->load($addressId);
  370. // Validate address_id <=> customer_id
  371. if ($address->getCustomerId() != $this->_getSession()->getCustomerId()) {
  372. $this->_message($this->__('Address does not belong to this customer.'), self::MESSAGE_STATUS_ERROR);
  373. return;
  374. }
  375. try {
  376. $address->delete();
  377. $this->_message($this->__('Address has been deleted.'), self::MESSAGE_STATUS_SUCCESS);
  378. } catch (Exception $e) {
  379. Mage::logException($e);
  380. $this->_message($this->__('An error occurred while deleting the address.'), self::MESSAGE_STATUS_ERROR);
  381. }
  382. }
  383. }
  384. /**
  385. * Add/Save customer address
  386. *
  387. * @return void
  388. */
  389. public function saveAddressAction()
  390. {
  391. if (!$this->_getSession()->isLoggedIn()) {
  392. $this->_message($this->__('Customer not logged in.'), self::MESSAGE_STATUS_ERROR);
  393. return ;
  394. }
  395. // Save data
  396. if ($this->getRequest()->isPost()) {
  397. $customer = $this->_getSession()->getCustomer();
  398. /* @var $address Mage_Customer_Model_Address */
  399. $address = Mage::getModel('customer/address');
  400. $addressId = $this->getRequest()->getParam('id');
  401. if ($addressId) {
  402. $existsAddress = $customer->getAddressById($addressId);
  403. if ($existsAddress->getId() && $existsAddress->getCustomerId() == $customer->getId()) {
  404. $address->setId($existsAddress->getId());
  405. }
  406. }
  407. $errors = array();
  408. /* @var $addressForm Mage_Customer_Model_Form */
  409. $addressForm = Mage::getModel('customer/form');
  410. $addressForm->setFormCode('customer_address_edit')
  411. ->setEntity($address);
  412. $addressData = $addressForm->extractData($this->getRequest());
  413. $addressErrors = $addressForm->validateData($addressData);
  414. if ($addressErrors !== true) {
  415. $errors = $addressErrors;
  416. }
  417. try {
  418. $addressForm->compactData($addressData);
  419. $address->setCustomerId($customer->getId())
  420. ->setIsDefaultBilling($this->getRequest()->getParam('default_billing', false))
  421. ->setIsDefaultShipping($this->getRequest()->getParam('default_shipping', false));
  422. $addressErrors = $address->validate();
  423. if ($addressErrors !== true) {
  424. $errors = array_merge($errors, $addressErrors);
  425. }
  426. $addressValidation = count($errors) == 0;
  427. if (true === $addressValidation) {
  428. $address->save();
  429. $message = new Mage_XmlConnect_Model_Simplexml_Element('<message></message>');
  430. $message->addChild('status', self::MESSAGE_STATUS_SUCCESS);
  431. $message->addChild('text', $this->__('Address has been saved.'));
  432. $message->addChild('address_id', $address->getId());
  433. $this->getResponse()->setBody($message->asNiceXml());
  434. return;
  435. } else {
  436. if (is_array($errors)) {
  437. $this->_message(implode('. ', $errors), self::MESSAGE_STATUS_ERROR);
  438. } else {
  439. $this->_message($this->__('Can\'t save address.'), self::MESSAGE_STATUS_ERROR);
  440. }
  441. }
  442. } catch (Mage_Core_Exception $e) {
  443. $this->_message($e->getMessage(), self::MESSAGE_STATUS_ERROR);
  444. } catch (Exception $e) {
  445. Mage::logException($e);
  446. $this->_message($this->__('Can\'t save address.'), self::MESSAGE_STATUS_ERROR);
  447. }
  448. } else {
  449. $this->_message($this->__('Address data not specified.'), self::MESSAGE_STATUS_ERROR);
  450. }
  451. }
  452. /**
  453. * Customer orders list
  454. *
  455. * @return void
  456. */
  457. public function orderListAction()
  458. {
  459. if (!$this->_getSession()->isLoggedIn()) {
  460. $this->_message($this->__('Customer not logged in.'), self::MESSAGE_STATUS_ERROR);
  461. return ;
  462. }
  463. $this->loadLayout(false);
  464. $this->renderLayout();
  465. }
  466. /**
  467. * Check if customer is loggined
  468. *
  469. * @return void
  470. */
  471. public function isLogginedAction()
  472. {
  473. $message = new Mage_XmlConnect_Model_Simplexml_Element('<message></message>');
  474. $message->addChild('is_loggined', (int)$this->_getSession()->isLoggedIn());
  475. $this->getResponse()->setBody($message->asNiceXml());
  476. }
  477. /**
  478. * Filtering posted data. Converting localized data if needed
  479. *
  480. * @param array $data
  481. * @return array
  482. */
  483. protected function _filterPostData($data)
  484. {
  485. $data = $this->_filterDates($data, array('dob'));
  486. return $data;
  487. }
  488. /**
  489. * Get customer session model
  490. *
  491. * @return Mage_Customer_Model_Session
  492. */
  493. protected function _getSession()
  494. {
  495. return Mage::getSingleton('customer/session');
  496. }
  497. }