https://github.com/opencart/opencart/issues/8710

opencart · Jun 24, 2022 · 85eb07b · 85eb07b
1 parent ddcb163
commit 85eb07b
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 9 deletions.
diff --git a/upload/admin/controller/mail/authorize.php b/upload/admin/controller/mail/authorize.php
@@ -1,6 +1,6 @@
 <?php
 namespace Opencart\Admin\Controller\Mail;
-class Authorize extends Controller {
+class Authorize extends \Opencart\System\Engine\Controller {
 	// admin/model/user/user/editCode/after
 	public function index(&$route, &$args, &$output) {
 		if (isset($this->request->get['route'])) {
@@ -66,15 +66,18 @@ public function reset(&$route, &$args, &$output) {
 			$code = '';
 		}
 
-		if ($email && $code && ($route == 'common/authorize|reset') && filter_var($email, FILTER_VALIDATE_EMAIL)) {
-			$this->load->language('common/authorize_reset');
+		print_r($this->request->get);
+		print_r($args);
 
+		if ($email && $code && ($route == 'common/authorize|confirm') && filter_var($email, FILTER_VALIDATE_EMAIL)) {
+			$this->load->language('common/authorize_reset');
+echo 'hi';
 			$data['username'] = $this->user->getUsername();
 			$data['reset'] = $this->url->link('common/authorize|reset', 'email=' . $email . '&code=' . $code, true);
 			$data['ip'] = $this->request->server['REMOTE_ADDR'];
 			$data['store'] = $this->config->get('config_store');
 
-			$mail = new \Opencart\System\Library\Mail($this->config->get('config_mail_engine'));
+			$mail = new \Opencart\System\ bLibrary\Mail($this->config->get('config_mail_engine'));
 			$mail->parameter = $this->config->get('config_mail_parameter');
 			$mail->smtp_hostname = $this->config->get('config_mail_smtp_hostname');
 			$mail->smtp_username = $this->config->get('config_mail_smtp_username');

diff --git a/upload/admin/controller/startup/authorize.php b/upload/admin/controller/startup/authorize.php
@@ -35,11 +35,11 @@ public function index(): object|null {
 			$token_info = $this->model_user_user->getLoginByToken($this->user->getId(), $token);
 
 			if (!$token_info || !$token_info['status']) {
-				//return new \Opencart\System\Engine\Action('common/authorize');
+				return new \Opencart\System\Engine\Action('common/authorize');
 			}
 
 			if ($token_info && !$token_info['status'] && $token_info['attempts'] > 3) {
-				//return new \Opencart\System\Engine\Action('common/authorize|unlock');
+				return new \Opencart\System\Engine\Action('common/authorize|unlock');
 			}
 		}
 

diff --git a/upload/admin/view/template/common/authorize_unlock.twig b/upload/admin/view/template/common/authorize_unlock.twig
@@ -23,7 +23,7 @@ $('#button-reset').on('click', function (e) {
     e.preventDefault();
 
     $.ajax({
-        url: 'index.php?route=common/authorize|reset&user_token={{ user_token }}',
+        url: 'index.php?route=common/authorize|confirm&user_token={{ user_token }}',
         dataType: 'json',
         beforeSend: function () {
             $('#button-reset').prop('disabled', true).addClass('loading');

diff --git a/upload/install/opencart.sql b/upload/install/opencart.sql
@@ -868,8 +868,8 @@ INSERT INTO `oc_event` (`code`, `trigger`, `action`, `status`) VALUES
 ('admin_mail_reward', 'admin/model/customer/customer/addReward/after', 'mail/reward', 1),
 ('admin_mail_return', 'admin/model/sale/returns/addHistory/after', 'mail/returns', 1),
 ('admin_mail_user_forgotten', 'admin/model/user/user/editCode/after', 'mail/forgotten', 1),
-('admin_mail_user_authorize', 'admin/controller/common/authorize/send/after', 'mail/authorise', 1),
-('admin_mail_user_authorize_reset', 'admin/model/user/user/editCode/after', 'mail/authorise|reset', 1);
+('admin_mail_user_authorize', 'admin/controller/common/authorize|send/after', 'mail/authorize', 1),
+('admin_mail_user_authorize_reset', 'admin/model/user/user/editCode/after', 'mail/authorize|reset', 1);
 
 -----------------------------------------------------------
 

diff --git a/upload/system/library/cart/user.php b/upload/system/library/cart/user.php
@@ -4,6 +4,7 @@ class User {
 	private int $user_id = 0;
 	private string $username = '';
 	private int $user_group_id = 0;
+	private string $email = '';
 	private array $permission = [];
 
 	public function __construct($registry) {
@@ -18,6 +19,7 @@ public function __construct($registry) {
 				$this->user_id = $user_query->row['user_id'];
 				$this->username = $user_query->row['username'];
 				$this->user_group_id = $user_query->row['user_group_id'];
+				$this->email = $user_query->row['email'];
 
 				$this->db->query("UPDATE `" . DB_PREFIX . "user` SET `ip` = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "' WHERE `user_id` = '" . (int)$this->session->data['user_id'] . "'");
 
@@ -59,6 +61,7 @@ public function login($username, $password): bool {
 			$this->user_id = $user_query->row['user_id'];
 			$this->username = $user_query->row['username'];
 			$this->user_group_id = $user_query->row['user_group_id'];
+			$this->email = $user_query->row['email'];
 
 			$user_group_query = $this->db->query("SELECT `permission` FROM `" . DB_PREFIX . "user_group` WHERE `user_group_id` = '" . (int)$user_query->row['user_group_id'] . "'");
 
@@ -82,6 +85,7 @@ public function logout(): void {
 		$this->user_id = 0;
 		$this->username = '';
 		$this->user_group_id = 0;
+		$this->email = '';
 	}
 
 	public function hasPermission($key, $value): bool {
@@ -107,4 +111,9 @@ public function getUserName(): string {
 	public function getGroupId(): int {
 		return $this->user_group_id;
 	}
+
+
+	public function getEmail(): string {
+		return $this->email;
+	}
 }