Overview

Packages

  • currencysymbol
  • MAbout
  • Mage
    • Admin
    • Adminhtml
    • AdminNotification
    • Api
    • Api2
    • Authorizenet
    • Backup
    • Bundle
    • Captcha
    • Catalog
    • CatalogIndex
    • CatalogInventory
    • CatalogRule
    • CatalogSearch
    • Centinel
    • Checkout
    • Cms
    • Compiler
    • Connect
    • Contacts
    • Core
    • Cron
    • CurrencySymbol
    • Customer
    • Dataflow
    • Directory
    • DirtectPost
    • Downloadable
    • Eav
    • GiftMessage
    • GoogleAnalytics
    • GoogleBase
    • GoogleCheckout
    • ImportExport
    • Index
    • Install
    • Log
    • Media
    • Newsletter
    • Oauth
    • Page
    • PageCache
    • Paygate
    • Payment
    • Paypal
    • PaypalUk
    • Persistent
    • Poll
    • ProductAlert
    • Rating
    • Reports
    • Review
    • Rss
    • Rule
    • Sales
    • SalesRule
    • Sedfriend
    • Sendfriend
    • Shipping
    • Sitemap
    • Tag
    • Tax
    • Usa
    • Weee
    • Widget
    • Wishlist
    • XmlConnect
  • None
  • Phoenix
    • Moneybookers
  • PHP
  • Zend
    • Date
    • Mime
    • XmlRpc

Classes

  • Mage_Customer_AccountController
  • Mage_Customer_AddressController
  • Mage_Customer_Block_Account
  • Mage_Customer_Block_Account_Dashboard
  • Mage_Customer_Block_Account_Dashboard_Address
  • Mage_Customer_Block_Account_Dashboard_Block
  • Mage_Customer_Block_Account_Dashboard_Hello
  • Mage_Customer_Block_Account_Dashboard_Info
  • Mage_Customer_Block_Account_Dashboard_Newsletter
  • Mage_Customer_Block_Account_Dashboard_Sidebar
  • Mage_Customer_Block_Account_Forgotpassword
  • Mage_Customer_Block_Account_Navigation
  • Mage_Customer_Block_Account_Resetpassword
  • Mage_Customer_Block_Address_Book
  • Mage_Customer_Block_Address_Edit
  • Mage_Customer_Block_Address_Renderer_Default
  • Mage_Customer_Block_Form_Edit
  • Mage_Customer_Block_Form_Login
  • Mage_Customer_Block_Form_Register
  • Mage_Customer_Block_Newsletter
  • Mage_Customer_Block_Widget_Abstract
  • Mage_Customer_Block_Widget_Dob
  • Mage_Customer_Block_Widget_Gender
  • Mage_Customer_Block_Widget_Name
  • Mage_Customer_Block_Widget_Taxvat
  • Mage_Customer_Helper_Address
  • Mage_Customer_Helper_Data
  • Mage_Customer_Model_Address
  • Mage_Customer_Model_Address_Abstract
  • Mage_Customer_Model_Address_Api
  • Mage_Customer_Model_Address_Api_V2
  • Mage_Customer_Model_Address_Config
  • Mage_Customer_Model_Api2_Customer
  • Mage_Customer_Model_Api2_Customer_Address
  • Mage_Customer_Model_Api2_Customer_Address_Rest
  • Mage_Customer_Model_Api2_Customer_Address_Rest_Admin_V1
  • Mage_Customer_Model_Api2_Customer_Address_Rest_Customer_V1
  • Mage_Customer_Model_Api2_Customer_Address_Validator
  • Mage_Customer_Model_Api2_Customer_Rest
  • Mage_Customer_Model_Api2_Customer_Rest_Admin_V1
  • Mage_Customer_Model_Api2_Customer_Rest_Customer_V1
  • Mage_Customer_Model_Api_Resource
  • Mage_Customer_Model_Attribute
  • Mage_Customer_Model_Attribute_Backend_Data_Boolean
  • Mage_Customer_Model_Attribute_Data
  • Mage_Customer_Model_Attribute_Data_Abstract
  • Mage_Customer_Model_Attribute_Data_Boolean
  • Mage_Customer_Model_Attribute_Data_Date
  • Mage_Customer_Model_Attribute_Data_File
  • Mage_Customer_Model_Attribute_Data_Hidden
  • Mage_Customer_Model_Attribute_Data_Image
  • Mage_Customer_Model_Attribute_Data_Multiline
  • Mage_Customer_Model_Attribute_Data_Multiselect
  • Mage_Customer_Model_Attribute_Data_Postcode
  • Mage_Customer_Model_Attribute_Data_Select
  • Mage_Customer_Model_Attribute_Data_Text
  • Mage_Customer_Model_Attribute_Data_Textarea
  • Mage_Customer_Model_Config_Share
  • Mage_Customer_Model_Convert_Adapter_Customer
  • Mage_Customer_Model_Convert_Parser_Customer
  • Mage_Customer_Model_Customer
  • Mage_Customer_Model_Customer_Api
  • Mage_Customer_Model_Customer_Api_V2
  • Mage_Customer_Model_Customer_Attribute_Backend_Billing
  • Mage_Customer_Model_Customer_Attribute_Backend_Password
  • Mage_Customer_Model_Customer_Attribute_Backend_Shipping
  • Mage_Customer_Model_Customer_Attribute_Backend_Store
  • Mage_Customer_Model_Customer_Attribute_Backend_Website
  • Mage_Customer_Model_Customer_Attribute_Source_Group
  • Mage_Customer_Model_Customer_Attribute_Source_Store
  • Mage_Customer_Model_Customer_Attribute_Source_Website
  • Mage_Customer_Model_Entity_Address
  • Mage_Customer_Model_Entity_Address_Attribute_Backend_Region
  • Mage_Customer_Model_Entity_Address_Attribute_Backend_Street
  • Mage_Customer_Model_Entity_Address_Attribute_Collection
  • Mage_Customer_Model_Entity_Address_Attribute_Source_Country
  • Mage_Customer_Model_Entity_Address_Attribute_Source_Region
  • Mage_Customer_Model_Entity_Address_Collection
  • Mage_Customer_Model_Entity_Attribute
  • Mage_Customer_Model_Entity_Attribute_Collection
  • Mage_Customer_Model_Entity_Customer
  • Mage_Customer_Model_Entity_Customer_Collection
  • Mage_Customer_Model_Entity_Form_Attribute
  • Mage_Customer_Model_Entity_Form_Attribute_Collection
  • Mage_Customer_Model_Entity_Group
  • Mage_Customer_Model_Entity_Group_Collection
  • Mage_Customer_Model_Entity_Setup
  • Mage_Customer_Model_Entity_Wishlist_Collection
  • Mage_Customer_Model_Form
  • Mage_Customer_Model_Group
  • Mage_Customer_Model_Group_Api
  • Mage_Customer_Model_Group_Api_V2
  • Mage_Customer_Model_Observer
  • Mage_Customer_Model_Resource_Address
  • Mage_Customer_Model_Resource_Address_Attribute_Backend_Region
  • Mage_Customer_Model_Resource_Address_Attribute_Backend_Street
  • Mage_Customer_Model_Resource_Address_Attribute_Collection
  • Mage_Customer_Model_Resource_Address_Attribute_Source_Country
  • Mage_Customer_Model_Resource_Address_Attribute_Source_Region
  • Mage_Customer_Model_Resource_Address_Collection
  • Mage_Customer_Model_Resource_Attribute
  • Mage_Customer_Model_Resource_Attribute_Collection
  • Mage_Customer_Model_Resource_Customer
  • Mage_Customer_Model_Resource_Customer_Collection
  • Mage_Customer_Model_Resource_Form_Attribute
  • Mage_Customer_Model_Resource_Form_Attribute_Collection
  • Mage_Customer_Model_Resource_Group
  • Mage_Customer_Model_Resource_Group_Collection
  • Mage_Customer_Model_Resource_Setup
  • Mage_Customer_Model_Resource_Wishlist_Collection
  • Mage_Customer_Model_Session
  • Mage_Customer_ReviewController

Interfaces

  • Mage_Customer_Block_Address_Renderer_Interface

Exceptions

  • Mage_Customer_Exception
  • Overview
  • Package
  • Class
  • Tree 
  1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * DISCLAIMER
 16:  *
 17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
 18:  * versions in the future. If you wish to customize Magento for your
 19:  * needs please refer to http://www.magentocommerce.com for more information.
 20:  *
 21:  * @category    Mage
 22:  * @package     Mage_Customer
 23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
 24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 25:  */
 26: 
 27: /**
 28:  * Customer account controller
 29:  *
 30:  * @category   Mage
 31:  * @package    Mage_Customer
 32:  * @author      Magento Core Team <core@magentocommerce.com>
 33:  */
 34: class Mage_Customer_AccountController extends Mage_Core_Controller_Front_Action
 35: {
 36:     /**
 37:      * Action list where need check enabled cookie
 38:      *
 39:      * @var array
 40:      */
 41:     protected $_cookieCheckActions = array('loginPost', 'createpost');
 42: 
 43:     /**
 44:      * Retrieve customer session model object
 45:      *
 46:      * @return Mage_Customer_Model_Session
 47:      */
 48:     protected function _getSession()
 49:     {
 50:         return Mage::getSingleton('customer/session');
 51:     }
 52: 
 53:     /**
 54:      * Action predispatch
 55:      *
 56:      * Check customer authentication for some actions
 57:      */
 58:     public function preDispatch()
 59:     {
 60:         // a brute-force protection here would be nice
 61: 
 62:         parent::preDispatch();
 63: 
 64:         if (!$this->getRequest()->isDispatched()) {
 65:             return;
 66:         }
 67: 
 68:         $action = $this->getRequest()->getActionName();
 69:         $openActions = array(
 70:             'create',
 71:             'login',
 72:             'logoutsuccess',
 73:             'forgotpassword',
 74:             'forgotpasswordpost',
 75:             'resetpassword',
 76:             'resetpasswordpost',
 77:             'confirm',
 78:             'confirmation'
 79:         );
 80:         $pattern = '/^(' . implode('|', $openActions) . ')/i';
 81: 
 82:         if (!preg_match($pattern, $action)) {
 83:             if (!$this->_getSession()->authenticate($this)) {
 84:                 $this->setFlag('', 'no-dispatch', true);
 85:             }
 86:         } else {
 87:             $this->_getSession()->setNoReferer(true);
 88:         }
 89:     }
 90: 
 91:     /**
 92:      * Action postdispatch
 93:      *
 94:      * Remove No-referer flag from customer session after each action
 95:      */
 96:     public function postDispatch()
 97:     {
 98:         parent::postDispatch();
 99:         $this->_getSession()->unsNoReferer(false);
100:     }
101: 
102:     /**
103:      * Default customer account page
104:      */
105:     public function indexAction()
106:     {
107:         $this->loadLayout();
108:         $this->_initLayoutMessages('customer/session');
109:         $this->_initLayoutMessages('catalog/session');
110: 
111:         $this->getLayout()->getBlock('content')->append(
112:             $this->getLayout()->createBlock('customer/account_dashboard')
113:         );
114:         $this->getLayout()->getBlock('head')->setTitle($this->__('My Account'));
115:         $this->renderLayout();
116:     }
117: 
118:     /**
119:      * Customer login form page
120:      */
121:     public function loginAction()
122:     {
123:         if ($this->_getSession()->isLoggedIn()) {
124:             $this->_redirect('*/*/');
125:             return;
126:         }
127:         $this->getResponse()->setHeader('Login-Required', 'true');
128:         $this->loadLayout();
129:         $this->_initLayoutMessages('customer/session');
130:         $this->_initLayoutMessages('catalog/session');
131:         $this->renderLayout();
132:     }
133: 
134:     /**
135:      * Login post action
136:      */
137:     public function loginPostAction()
138:     {
139:         if ($this->_getSession()->isLoggedIn()) {
140:             $this->_redirect('*/*/');
141:             return;
142:         }
143:         $session = $this->_getSession();
144: 
145:         if ($this->getRequest()->isPost()) {
146:             $login = $this->getRequest()->getPost('login');
147:             if (!empty($login['username']) && !empty($login['password'])) {
148:                 try {
149:                     $session->login($login['username'], $login['password']);
150:                     if ($session->getCustomer()->getIsJustConfirmed()) {
151:                         $this->_welcomeCustomer($session->getCustomer(), true);
152:                     }
153:                 } catch (Mage_Core_Exception $e) {
154:                     switch ($e->getCode()) {
155:                         case Mage_Customer_Model_Customer::EXCEPTION_EMAIL_NOT_CONFIRMED:
156:                             $value = Mage::helper('customer')->getEmailConfirmationUrl($login['username']);
157:                             $message = Mage::helper('customer')->__('This account is not confirmed. <a href="%s">Click here</a> to resend confirmation email.', $value);
158:                             break;
159:                         case Mage_Customer_Model_Customer::EXCEPTION_INVALID_EMAIL_OR_PASSWORD:
160:                             $message = $e->getMessage();
161:                             break;
162:                         default:
163:                             $message = $e->getMessage();
164:                     }
165:                     $session->addError($message);
166:                     $session->setUsername($login['username']);
167:                 } catch (Exception $e) {
168:                     // Mage::logException($e); // PA DSS violation: this exception log can disclose customer password
169:                 }
170:             } else {
171:                 $session->addError($this->__('Login and password are required.'));
172:             }
173:         }
174: 
175:         $this->_loginPostRedirect();
176:     }
177: 
178:     /**
179:      * Define target URL and redirect customer after logging in
180:      */
181:     protected function _loginPostRedirect()
182:     {
183:         $session = $this->_getSession();
184: 
185:         if (!$session->getBeforeAuthUrl() || $session->getBeforeAuthUrl() == Mage::getBaseUrl()) {
186:             // Set default URL to redirect customer to
187:             $session->setBeforeAuthUrl(Mage::helper('customer')->getAccountUrl());
188:             // Redirect customer to the last page visited after logging in
189:             if ($session->isLoggedIn()) {
190:                 if (!Mage::getStoreConfigFlag(
191:                     Mage_Customer_Helper_Data::XML_PATH_CUSTOMER_STARTUP_REDIRECT_TO_DASHBOARD
192:                 )) {
193:                     $referer = $this->getRequest()->getParam(Mage_Customer_Helper_Data::REFERER_QUERY_PARAM_NAME);
194:                     if ($referer) {
195:                         // Rebuild referer URL to handle the case when SID was changed
196:                         $referer = Mage::getModel('core/url')
197:                             ->getRebuiltUrl(Mage::helper('core')->urlDecode($referer));
198:                         if ($this->_isUrlInternal($referer)) {
199:                             $session->setBeforeAuthUrl($referer);
200:                         }
201:                     }
202:                 } else if ($session->getAfterAuthUrl()) {
203:                     $session->setBeforeAuthUrl($session->getAfterAuthUrl(true));
204:                 }
205:             } else {
206:                 $session->setBeforeAuthUrl(Mage::helper('customer')->getLoginUrl());
207:             }
208:         } else if ($session->getBeforeAuthUrl() == Mage::helper('customer')->getLogoutUrl()) {
209:             $session->setBeforeAuthUrl(Mage::helper('customer')->getDashboardUrl());
210:         } else {
211:             if (!$session->getAfterAuthUrl()) {
212:                 $session->setAfterAuthUrl($session->getBeforeAuthUrl());
213:             }
214:             if ($session->isLoggedIn()) {
215:                 $session->setBeforeAuthUrl($session->getAfterAuthUrl(true));
216:             }
217:         }
218:         $this->_redirectUrl($session->getBeforeAuthUrl(true));
219:     }
220: 
221:     /**
222:      * Customer logout action
223:      */
224:     public function logoutAction()
225:     {
226:         $this->_getSession()->logout()
227:             ->setBeforeAuthUrl(Mage::getUrl());
228: 
229:         $this->_redirect('*/*/logoutSuccess');
230:     }
231: 
232:     /**
233:      * Logout success page
234:      */
235:     public function logoutSuccessAction()
236:     {
237:         $this->loadLayout();
238:         $this->renderLayout();
239:     }
240: 
241:     /**
242:      * Customer register form page
243:      */
244:     public function createAction()
245:     {
246:         if ($this->_getSession()->isLoggedIn()) {
247:             $this->_redirect('*/*');
248:             return;
249:         }
250: 
251:         $this->loadLayout();
252:         $this->_initLayoutMessages('customer/session');
253:         $this->renderLayout();
254:     }
255: 
256:     /**
257:      * Create customer account action
258:      */
259:     public function createPostAction()
260:     {
261:         $session = $this->_getSession();
262:         if ($session->isLoggedIn()) {
263:             $this->_redirect('*/*/');
264:             return;
265:         }
266:         $session->setEscapeMessages(true); // prevent XSS injection in user input
267:         if ($this->getRequest()->isPost()) {
268:             $errors = array();
269: 
270:             if (!$customer = Mage::registry('current_customer')) {
271:                 $customer = Mage::getModel('customer/customer')->setId(null);
272:             }
273: 
274:             /* @var $customerForm Mage_Customer_Model_Form */
275:             $customerForm = Mage::getModel('customer/form');
276:             $customerForm->setFormCode('customer_account_create')
277:                 ->setEntity($customer);
278: 
279:             $customerData = $customerForm->extractData($this->getRequest());
280: 
281:             if ($this->getRequest()->getParam('is_subscribed', false)) {
282:                 $customer->setIsSubscribed(1);
283:             }
284: 
285:             /**
286:              * Initialize customer group id
287:              */
288:             $customer->getGroupId();
289: 
290:             if ($this->getRequest()->getPost('create_address')) {
291:                 /* @var $address Mage_Customer_Model_Address */
292:                 $address = Mage::getModel('customer/address');
293:                 /* @var $addressForm Mage_Customer_Model_Form */
294:                 $addressForm = Mage::getModel('customer/form');
295:                 $addressForm->setFormCode('customer_register_address')
296:                     ->setEntity($address);
297: 
298:                 $addressData    = $addressForm->extractData($this->getRequest(), 'address', false);
299:                 $addressErrors  = $addressForm->validateData($addressData);
300:                 if ($addressErrors === true) {
301:                     $address->setId(null)
302:                         ->setIsDefaultBilling($this->getRequest()->getParam('default_billing', false))
303:                         ->setIsDefaultShipping($this->getRequest()->getParam('default_shipping', false));
304:                     $addressForm->compactData($addressData);
305:                     $customer->addAddress($address);
306: 
307:                     $addressErrors = $address->validate();
308:                     if (is_array($addressErrors)) {
309:                         $errors = array_merge($errors, $addressErrors);
310:                     }
311:                 } else {
312:                     $errors = array_merge($errors, $addressErrors);
313:                 }
314:             }
315: 
316:             try {
317:                 $customerErrors = $customerForm->validateData($customerData);
318:                 if ($customerErrors !== true) {
319:                     $errors = array_merge($customerErrors, $errors);
320:                 } else {
321:                     $customerForm->compactData($customerData);
322:                     $customer->setPassword($this->getRequest()->getPost('password'));
323:                     $customer->setConfirmation($this->getRequest()->getPost('confirmation'));
324:                     $customerErrors = $customer->validate();
325:                     if (is_array($customerErrors)) {
326:                         $errors = array_merge($customerErrors, $errors);
327:                     }
328:                 }
329: 
330:                 $validationResult = count($errors) == 0;
331: 
332:                 if (true === $validationResult) {
333:                     $customer->save();
334: 
335:                     Mage::dispatchEvent('customer_register_success',
336:                         array('account_controller' => $this, 'customer' => $customer)
337:                     );
338: 
339:                     if ($customer->isConfirmationRequired()) {
340:                         $customer->sendNewAccountEmail(
341:                             'confirmation',
342:                             $session->getBeforeAuthUrl(),
343:                             Mage::app()->getStore()->getId()
344:                         );
345:                         $session->addSuccess($this->__('Account confirmation is required. Please, check your email for the confirmation link. To resend the confirmation email please <a href="%s">click here</a>.', Mage::helper('customer')->getEmailConfirmationUrl($customer->getEmail())));
346:                         $this->_redirectSuccess(Mage::getUrl('*/*/index', array('_secure'=>true)));
347:                         return;
348:                     } else {
349:                         $session->setCustomerAsLoggedIn($customer);
350:                         $url = $this->_welcomeCustomer($customer);
351:                         $this->_redirectSuccess($url);
352:                         return;
353:                     }
354:                 } else {
355:                     $session->setCustomerFormData($this->getRequest()->getPost());
356:                     if (is_array($errors)) {
357:                         foreach ($errors as $errorMessage) {
358:                             $session->addError($errorMessage);
359:                         }
360:                     } else {
361:                         $session->addError($this->__('Invalid customer data'));
362:                     }
363:                 }
364:             } catch (Mage_Core_Exception $e) {
365:                 $session->setCustomerFormData($this->getRequest()->getPost());
366:                 if ($e->getCode() === Mage_Customer_Model_Customer::EXCEPTION_EMAIL_EXISTS) {
367:                     $url = Mage::getUrl('customer/account/forgotpassword');
368:                     $message = $this->__('There is already an account with this email address. If you are sure that it is your email address, <a href="%s">click here</a> to get your password and access your account.', $url);
369:                     $session->setEscapeMessages(false);
370:                 } else {
371:                     $message = $e->getMessage();
372:                 }
373:                 $session->addError($message);
374:             } catch (Exception $e) {
375:                 $session->setCustomerFormData($this->getRequest()->getPost())
376:                     ->addException($e, $this->__('Cannot save the customer.'));
377:             }
378:         }
379: 
380:         $this->_redirectError(Mage::getUrl('*/*/create', array('_secure' => true)));
381:     }
382: 
383:     /**
384:      * Add welcome message and send new account email.
385:      * Returns success URL
386:      *
387:      * @param Mage_Customer_Model_Customer $customer
388:      * @param bool $isJustConfirmed
389:      * @return string
390:      */
391:     protected function _welcomeCustomer(Mage_Customer_Model_Customer $customer, $isJustConfirmed = false)
392:     {
393:         $this->_getSession()->addSuccess(
394:             $this->__('Thank you for registering with %s.', Mage::app()->getStore()->getFrontendName())
395:         );
396:         if ($this->_isVatValidationEnabled()) {
397:             // Show corresponding VAT message to customer
398:             $configAddressType = Mage::helper('customer/address')->getTaxCalculationAddressType();
399:             $userPrompt = '';
400:             switch ($configAddressType) {
401:                 case Mage_Customer_Model_Address_Abstract::TYPE_SHIPPING:
402:                     $userPrompt = $this->__('If you are a registered VAT customer, please click <a href="%s">here</a> to enter you shipping address for proper VAT calculation', Mage::getUrl('customer/address/edit'));
403:                     break;
404:                 default:
405:                     $userPrompt = $this->__('If you are a registered VAT customer, please click <a href="%s">here</a> to enter you billing address for proper VAT calculation', Mage::getUrl('customer/address/edit'));
406:             }
407:             $this->_getSession()->addSuccess($userPrompt);
408:         }
409: 
410:         $customer->sendNewAccountEmail(
411:             $isJustConfirmed ? 'confirmed' : 'registered',
412:             '',
413:             Mage::app()->getStore()->getId()
414:         );
415: 
416:         $successUrl = Mage::getUrl('*/*/index', array('_secure'=>true));
417:         if ($this->_getSession()->getBeforeAuthUrl()) {
418:             $successUrl = $this->_getSession()->getBeforeAuthUrl(true);
419:         }
420:         return $successUrl;
421:     }
422: 
423:     /**
424:      * Confirm customer account by id and confirmation key
425:      */
426:     public function confirmAction()
427:     {
428:         if ($this->_getSession()->isLoggedIn()) {
429:             $this->_redirect('*/*/');
430:             return;
431:         }
432:         try {
433:             $id      = $this->getRequest()->getParam('id', false);
434:             $key     = $this->getRequest()->getParam('key', false);
435:             $backUrl = $this->getRequest()->getParam('back_url', false);
436:             if (empty($id) || empty($key)) {
437:                 throw new Exception($this->__('Bad request.'));
438:             }
439: 
440:             // load customer by id (try/catch in case if it throws exceptions)
441:             try {
442:                 $customer = Mage::getModel('customer/customer')->load($id);
443:                 if ((!$customer) || (!$customer->getId())) {
444:                     throw new Exception('Failed to load customer by id.');
445:                 }
446:             }
447:             catch (Exception $e) {
448:                 throw new Exception($this->__('Wrong customer account specified.'));
449:             }
450: 
451:             // check if it is inactive
452:             if ($customer->getConfirmation()) {
453:                 if ($customer->getConfirmation() !== $key) {
454:                     throw new Exception($this->__('Wrong confirmation key.'));
455:                 }
456: 
457:                 // activate customer
458:                 try {
459:                     $customer->setConfirmation(null);
460:                     $customer->save();
461:                 }
462:                 catch (Exception $e) {
463:                     throw new Exception($this->__('Failed to confirm customer account.'));
464:                 }
465: 
466:                 // log in and send greeting email, then die happy
467:                 $this->_getSession()->setCustomerAsLoggedIn($customer);
468:                 $successUrl = $this->_welcomeCustomer($customer, true);
469:                 $this->_redirectSuccess($backUrl ? $backUrl : $successUrl);
470:                 return;
471:             }
472: 
473:             // die happy
474:             $this->_redirectSuccess(Mage::getUrl('*/*/index', array('_secure'=>true)));
475:             return;
476:         }
477:         catch (Exception $e) {
478:             // die unhappy
479:             $this->_getSession()->addError($e->getMessage());
480:             $this->_redirectError(Mage::getUrl('*/*/index', array('_secure'=>true)));
481:             return;
482:         }
483:     }
484: 
485:     /**
486:      * Send confirmation link to specified email
487:      */
488:     public function confirmationAction()
489:     {
490:         $customer = Mage::getModel('customer/customer');
491:         if ($this->_getSession()->isLoggedIn()) {
492:             $this->_redirect('*/*/');
493:             return;
494:         }
495: 
496:         // try to confirm by email
497:         $email = $this->getRequest()->getPost('email');
498:         if ($email) {
499:             try {
500:                 $customer->setWebsiteId(Mage::app()->getStore()->getWebsiteId())->loadByEmail($email);
501:                 if (!$customer->getId()) {
502:                     throw new Exception('');
503:                 }
504:                 if ($customer->getConfirmation()) {
505:                     $customer->sendNewAccountEmail('confirmation', '', Mage::app()->getStore()->getId());
506:                     $this->_getSession()->addSuccess($this->__('Please, check your email for confirmation key.'));
507:                 } else {
508:                     $this->_getSession()->addSuccess($this->__('This email does not require confirmation.'));
509:                 }
510:                 $this->_getSession()->setUsername($email);
511:                 $this->_redirectSuccess(Mage::getUrl('*/*/index', array('_secure' => true)));
512:             } catch (Exception $e) {
513:                 $this->_getSession()->addException($e, $this->__('Wrong email.'));
514:                 $this->_redirectError(Mage::getUrl('*/*/*', array('email' => $email, '_secure' => true)));
515:             }
516:             return;
517:         }
518: 
519:         // output form
520:         $this->loadLayout();
521: 
522:         $this->getLayout()->getBlock('accountConfirmation')
523:             ->setEmail($this->getRequest()->getParam('email', $email));
524: 
525:         $this->_initLayoutMessages('customer/session');
526:         $this->renderLayout();
527:     }
528: 
529:     /**
530:      * Forgot customer password page
531:      */
532:     public function forgotPasswordAction()
533:     {
534:         $this->loadLayout();
535: 
536:         $this->getLayout()->getBlock('forgotPassword')->setEmailValue(
537:             $this->_getSession()->getForgottenEmail()
538:         );
539:         $this->_getSession()->unsForgottenEmail();
540: 
541:         $this->_initLayoutMessages('customer/session');
542:         $this->renderLayout();
543:     }
544: 
545:     /**
546:      * Forgot customer password action
547:      */
548:     public function forgotPasswordPostAction()
549:     {
550:         $email = (string) $this->getRequest()->getPost('email');
551:         if ($email) {
552:             if (!Zend_Validate::is($email, 'EmailAddress')) {
553:                 $this->_getSession()->setForgottenEmail($email);
554:                 $this->_getSession()->addError($this->__('Invalid email address.'));
555:                 $this->_redirect('*/*/forgotpassword');
556:                 return;
557:             }
558: 
559:             /** @var $customer Mage_Customer_Model_Customer */
560:             $customer = Mage::getModel('customer/customer')
561:                 ->setWebsiteId(Mage::app()->getStore()->getWebsiteId())
562:                 ->loadByEmail($email);
563: 
564:             if ($customer->getId()) {
565:                 try {
566:                     $newResetPasswordLinkToken = Mage::helper('customer')->generateResetPasswordLinkToken();
567:                     $customer->changeResetPasswordLinkToken($newResetPasswordLinkToken);
568:                     $customer->sendPasswordResetConfirmationEmail();
569:                 } catch (Exception $exception) {
570:                     $this->_getSession()->addError($exception->getMessage());
571:                     $this->_redirect('*/*/forgotpassword');
572:                     return;
573:                 }
574:             }
575:             $this->_getSession()
576:                 ->addSuccess(Mage::helper('customer')->__('If there is an account associated with %s you will receive an email with a link to reset your password.', Mage::helper('customer')->htmlEscape($email)));
577:             $this->_redirect('*/*/');
578:             return;
579:         } else {
580:             $this->_getSession()->addError($this->__('Please enter your email.'));
581:             $this->_redirect('*/*/forgotpassword');
582:             return;
583:         }
584:     }
585: 
586:     /**
587:      * Display reset forgotten password form
588:      *
589:      * User is redirected on this action when he clicks on the corresponding link in password reset confirmation email
590:      *
591:      */
592:     public function resetPasswordAction()
593:     {
594:         $resetPasswordLinkToken = (string) $this->getRequest()->getQuery('token');
595:         $customerId = (int) $this->getRequest()->getQuery('id');
596:         try {
597:             $this->_validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken);
598:             $this->loadLayout();
599:             // Pass received parameters to the reset forgotten password form
600:             $this->getLayout()->getBlock('resetPassword')
601:                 ->setCustomerId($customerId)
602:                 ->setResetPasswordLinkToken($resetPasswordLinkToken);
603:             $this->renderLayout();
604:         } catch (Exception $exception) {
605:             $this->_getSession()->addError(Mage::helper('customer')->__('Your password reset link has expired.'));
606:             $this->_redirect('*/*/forgotpassword');
607:         }
608:     }
609: 
610:     /**
611:      * Reset forgotten password
612:      *
613:      * Used to handle data recieved from reset forgotten password form
614:      *
615:      */
616:     public function resetPasswordPostAction()
617:     {
618:         $resetPasswordLinkToken = (string) $this->getRequest()->getQuery('token');
619:         $customerId = (int) $this->getRequest()->getQuery('id');
620:         $password = (string) $this->getRequest()->getPost('password');
621:         $passwordConfirmation = (string) $this->getRequest()->getPost('confirmation');
622: 
623:         try {
624:             $this->_validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken);
625:         } catch (Exception $exception) {
626:             $this->_getSession()->addError(Mage::helper('customer')->__('Your password reset link has expired.'));
627:             $this->_redirect('*/*/');
628:             return;
629:         }
630: 
631:         $errorMessages = array();
632:         if (iconv_strlen($password) <= 0) {
633:             array_push($errorMessages, Mage::helper('customer')->__('New password field cannot be empty.'));
634:         }
635:         /** @var $customer Mage_Customer_Model_Customer */
636:         $customer = Mage::getModel('customer/customer')->load($customerId);
637: 
638:         $customer->setPassword($password);
639:         $customer->setConfirmation($passwordConfirmation);
640:         $validationErrorMessages = $customer->validate();
641:         if (is_array($validationErrorMessages)) {
642:             $errorMessages = array_merge($errorMessages, $validationErrorMessages);
643:         }
644: 
645:         if (!empty($errorMessages)) {
646:             $this->_getSession()->setCustomerFormData($this->getRequest()->getPost());
647:             foreach ($errorMessages as $errorMessage) {
648:                 $this->_getSession()->addError($errorMessage);
649:             }
650:             $this->_redirect('*/*/resetpassword', array(
651:                 'id' => $customerId,
652:                 'token' => $resetPasswordLinkToken
653:             ));
654:             return;
655:         }
656: 
657:         try {
658:             // Empty current reset password token i.e. invalidate it
659:             $customer->setRpToken(null);
660:             $customer->setRpTokenCreatedAt(null);
661:             $customer->setConfirmation(null);
662:             $customer->save();
663:             $this->_getSession()->addSuccess(Mage::helper('customer')->__('Your password has been updated.'));
664:             $this->_redirect('*/*/login');
665:         } catch (Exception $exception) {
666:             $this->_getSession()->addException($exception, $this->__('Cannot save a new password.'));
667:             $this->_redirect('*/*/resetpassword', array(
668:                 'id' => $customerId,
669:                 'token' => $resetPasswordLinkToken
670:             ));
671:             return;
672:         }
673:     }
674: 
675:     /**
676:      * Check if password reset token is valid
677:      *
678:      * @param int $customerId
679:      * @param string $resetPasswordLinkToken
680:      * @throws Mage_Core_Exception
681:      */
682:     protected function _validateResetPasswordLinkToken($customerId, $resetPasswordLinkToken)
683:     {
684:         if (!is_int($customerId)
685:             || !is_string($resetPasswordLinkToken)
686:             || empty($resetPasswordLinkToken)
687:             || empty($customerId)
688:             || $customerId < 0
689:         ) {
690:             throw Mage::exception('Mage_Core', Mage::helper('customer')->__('Invalid password reset token.'));
691:         }
692: 
693:         /** @var $customer Mage_Customer_Model_Customer */
694:         $customer = Mage::getModel('customer/customer')->load($customerId);
695:         if (!$customer || !$customer->getId()) {
696:             throw Mage::exception('Mage_Core', Mage::helper('customer')->__('Wrong customer account specified.'));
697:         }
698: 
699:         $customerToken = $customer->getRpToken();
700:         if (strcmp($customerToken, $resetPasswordLinkToken) != 0 || $customer->isResetPasswordLinkTokenExpired()) {
701:             throw Mage::exception('Mage_Core', Mage::helper('customer')->__('Your password reset link has expired.'));
702:         }
703:     }
704: 
705:     /**
706:      * Forgot customer account information page
707:      */
708:     public function editAction()
709:     {
710:         $this->loadLayout();
711:         $this->_initLayoutMessages('customer/session');
712:         $this->_initLayoutMessages('catalog/session');
713: 
714:         $block = $this->getLayout()->getBlock('customer_edit');
715:         if ($block) {
716:             $block->setRefererUrl($this->_getRefererUrl());
717:         }
718:         $data = $this->_getSession()->getCustomerFormData(true);
719:         $customer = $this->_getSession()->getCustomer();
720:         if (!empty($data)) {
721:             $customer->addData($data);
722:         }
723:         if ($this->getRequest()->getParam('changepass')==1){
724:             $customer->setChangePassword(1);
725:         }
726: 
727:         $this->getLayout()->getBlock('head')->setTitle($this->__('Account Information'));
728:         $this->getLayout()->getBlock('messages')->setEscapeMessageFlag(true);
729:         $this->renderLayout();
730:     }
731: 
732:     /**
733:      * Change customer password action
734:      */
735:     public function editPostAction()
736:     {
737:         if (!$this->_validateFormKey()) {
738:             return $this->_redirect('*/*/edit');
739:         }
740: 
741:         if ($this->getRequest()->isPost()) {
742:             /** @var $customer Mage_Customer_Model_Customer */
743:             $customer = $this->_getSession()->getCustomer();
744: 
745:             /** @var $customerForm Mage_Customer_Model_Form */
746:             $customerForm = Mage::getModel('customer/form');
747:             $customerForm->setFormCode('customer_account_edit')
748:                 ->setEntity($customer);
749: 
750:             $customerData = $customerForm->extractData($this->getRequest());
751: 
752:             $errors = array();
753:             $customerErrors = $customerForm->validateData($customerData);
754:             if ($customerErrors !== true) {
755:                 $errors = array_merge($customerErrors, $errors);
756:             } else {
757:                 $customerForm->compactData($customerData);
758:                 $errors = array();
759: 
760:                 // If password change was requested then add it to common validation scheme
761:                 if ($this->getRequest()->getParam('change_password')) {
762:                     $currPass   = $this->getRequest()->getPost('current_password');
763:                     $newPass    = $this->getRequest()->getPost('password');
764:                     $confPass   = $this->getRequest()->getPost('confirmation');
765: 
766:                     $oldPass = $this->_getSession()->getCustomer()->getPasswordHash();
767:                     if (Mage::helper('core/string')->strpos($oldPass, ':')) {
768:                         list($_salt, $salt) = explode(':', $oldPass);
769:                     } else {
770:                         $salt = false;
771:                     }
772: 
773:                     if ($customer->hashPassword($currPass, $salt) == $oldPass) {
774:                         if (strlen($newPass)) {
775:                             /**
776:                              * Set entered password and its confirmation - they
777:                              * will be validated later to match each other and be of right length
778:                              */
779:                             $customer->setPassword($newPass);
780:                             $customer->setConfirmation($confPass);
781:                         } else {
782:                             $errors[] = $this->__('New password field cannot be empty.');
783:                         }
784:                     } else {
785:                         $errors[] = $this->__('Invalid current password');
786:                     }
787:                 }
788: 
789:                 // Validate account and compose list of errors if any
790:                 $customerErrors = $customer->validate();
791:                 if (is_array($customerErrors)) {
792:                     $errors = array_merge($errors, $customerErrors);
793:                 }
794:             }
795: 
796:             if (!empty($errors)) {
797:                 $this->_getSession()->setCustomerFormData($this->getRequest()->getPost());
798:                 foreach ($errors as $message) {
799:                     $this->_getSession()->addError($message);
800:                 }
801:                 $this->_redirect('*/*/edit');
802:                 return $this;
803:             }
804: 
805:             try {
806:                 $customer->setConfirmation(null);
807:                 $customer->save();
808:                 $this->_getSession()->setCustomer($customer)
809:                     ->addSuccess($this->__('The account information has been saved.'));
810: 
811:                 $this->_redirect('customer/account');
812:                 return;
813:             } catch (Mage_Core_Exception $e) {
814:                 $this->_getSession()->setCustomerFormData($this->getRequest()->getPost())
815:                     ->addError($e->getMessage());
816:             } catch (Exception $e) {
817:                 $this->_getSession()->setCustomerFormData($this->getRequest()->getPost())
818:                     ->addException($e, $this->__('Cannot save the customer.'));
819:             }
820:         }
821: 
822:         $this->_redirect('*/*/edit');
823:     }
824: 
825:     /**
826:      * Filtering posted data. Converting localized data if needed
827:      *
828:      * @param array
829:      * @return array
830:      */
831:     protected function _filterPostData($data)
832:     {
833:         $data = $this->_filterDates($data, array('dob'));
834:         return $data;
835:     }
836: 
837:     /**
838:      * Check whether VAT ID validation is enabled
839:      *
840:      * @param Mage_Core_Model_Store|string|int $store
841:      * @return bool
842:      */
843:     protected function _isVatValidationEnabled($store = null)
844:     {
845:         return Mage::helper('customer/address')->isVatValidationEnabled($store);
846:     }
847: }
848:
Magento 1.7.0.2 API documentation generated by ApiGen 2.8.0