src/Controller/PageGeneratorController.php line 468

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use Twig\Environment;
  6. use Symfony\Component\Routing\Annotation\Route;
  7. use Symfony\Bundle\FrameworkBundle\Templating\EngineInterface;
  8. use Symfony\Component\HttpFoundation\Request;
  9. use Symfony\Component\HttpFoundation\Response;
  10. use Symfony\Component\HttpFoundation\RedirectResponse;
  11. use Symfony\Component\Finder\Finder;
  12. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  13. use Symfony\Component\EventDispatcher\GenericEvent;
  14. use Symfony\Component\Form\FormInterface;
  15. use Symfony\Component\Security\Core\Security;
  16. use Symfony\Component\Routing\RequestContext;
  17. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  18. use Sylius\Component\Channel\Context\ChannelContextInterface;
  19. use App\Repository\UserRepository;
  20. use App\Service\UserService;
  21. use Vanilla\JsConnect\JsConnect;
  22. use Vanilla\JsConnect\JsConnectJSONP;
  25. final class PageGeneratorController extends AbstractController
  26. {
  27. private const CONTACT_EMAIL = 'info@hephaestos.eu';
  29. /** @var Environment */
  30. private $twig;
  32. /** @var ChannelContextInterface */
  33. private $channelContext;
  34. private Jsconnect $jsconnect;
  36. public function __construct(Environment $twig, Jsconnect $jsconnect, ChannelContextInterface $channelContext)
  37. {
  38. $this->twig = $twig;
  39. $this->jsconnect = $jsconnect;
  40. $this->channelContext = $channelContext;
  42. }
  44. public function menuAction(): Response
  45. {
  46. return $this->render('@SyliusShop/Menu/_pageMenu.html.twig');
  47. }
  49. /**
  50. * Subscription page disabled for the beta-only release.
  51. */
  52. public function subscriptionAction(): Response
  53. {
  54. throw $this->createNotFoundException();
  55. }
  57. /**
  58. * @Route("/beta-testers", name="beta_testers")
  59. */
  60. public function betaTestersAction(Request $request, \Swift_Mailer $mailer): Response
  61. {
  62. $formData = [
  63. 'firstName' => '',
  64. 'lastName' => '',
  65. 'email' => '',
  66. 'company' => '',
  67. 'role' => '',
  68. 'showType' => '',
  69. 'operatingSystem' => '',
  70. 'hardware' => '',
  71. 'features' => '',
  72. 'usage' => '',
  73. 'feedback' => '',
  74. 'availability' => '',
  75. ];
  77. if ($request->isMethod('POST')) {
  78. $formData = array_map(
  79. static fn ($value): string => trim((string) $value),
  80. array_intersect_key($request->request->all(), $formData)
  81. ) + $formData;
  83. $honeypot = trim((string) $request->request->get('website', ''));
  84. $requiredFields = ['firstName', 'lastName', 'email', 'role', 'operatingSystem', 'usage', 'feedback'];
  85. $missingFields = array_filter($requiredFields, static fn (string $field): bool => '' === $formData[$field]);
  87. if ('' !== $honeypot) {
  88. $this->addFlash('success', 'beta.form.success');
  90. return $this->redirectToRoute('beta_testers');
  91. }
  93. if (!$this->isCsrfTokenValid('beta_tester_application', (string) $request->request->get('_token'))) {
  94. $this->addFlash('error', 'beta.form.csrf_error');
  95. } elseif ([] !== $missingFields || false === filter_var($formData['email'], FILTER_VALIDATE_EMAIL)) {
  96. $this->addFlash('error', 'beta.form.error');
  97. } else {
  98. $messageBody = $this->renderView('Email/beta_tester_application.html.twig', [
  99. 'data' => $formData,
  100. ]);
  102. $message = (new \Swift_Message('Nouvelle candidature beta testeur Hephaestos'))
  103. ->setFrom([self::CONTACT_EMAIL => 'Hephaestos'])
  104. ->setTo([self::CONTACT_EMAIL])
  105. ->setReplyTo([$formData['email']])
  106. ->setBody($messageBody, 'text/html');
  108. try {
  109. if (0 === $mailer->send($message)) {
  110. throw new \RuntimeException('Beta email was not accepted by the transport.');
  111. }
  112. } catch (\Throwable $exception) {
  113. $this->addFlash('error', 'beta.form.mail_error');
  115. return $this->redirectToRoute('beta_testers');
  116. }
  118. $this->addFlash('success', 'beta.form.success');
  120. return $this->redirectToRoute('beta_testers');
  121. }
  122. }
  124. return $this->render('page_generator/beta_testers.html.twig', [
  125. 'formData' => $formData,
  126. ]);
  127. }
  129. /**
  130. * @Route("/formation/demande", name="formation_request")
  131. */
  132. public function formationRequestAction(Request $request, \Swift_Mailer $mailer): Response
  133. {
  134. $formData = [
  135. 'firstName' => '',
  136. 'lastName' => '',
  137. 'email' => '',
  138. 'company' => '',
  139. 'subject' => '',
  140. 'needs' => '',
  141. 'availability' => '',
  142. ];
  144. if ($request->isMethod('POST')) {
  145. $formData = array_map(
  146. static fn ($value): string => trim((string) $value),
  147. array_intersect_key($request->request->all(), $formData)
  148. ) + $formData;
  150. $honeypot = trim((string) $request->request->get('website', ''));
  151. $requiredFields = ['firstName', 'lastName', 'email', 'subject', 'needs'];
  152. $missingFields = array_filter($requiredFields, static fn (string $field): bool => '' === $formData[$field]);
  154. if ('' !== $honeypot) {
  155. $this->addFlash('success', 'formation.request.success');
  157. return $this->redirectToRoute('formation_request');
  158. }
  160. if (!$this->isCsrfTokenValid('formation_request', (string) $request->request->get('_token'))) {
  161. $this->addFlash('error', 'formation.request.csrf_error');
  162. } elseif ([] !== $missingFields || false === filter_var($formData['email'], FILTER_VALIDATE_EMAIL)) {
  163. $this->addFlash('error', 'formation.request.error');
  164. } else {
  165. $messageBody = $this->renderView('Email/formation_request.html.twig', [
  166. 'data' => $formData,
  167. ]);
  169. $message = (new \Swift_Message('Nouvelle demande de formation Hephaestos'))
  170. ->setFrom([self::CONTACT_EMAIL => 'Hephaestos'])
  171. ->setTo([self::CONTACT_EMAIL])
  172. ->setReplyTo([$formData['email']])
  173. ->setBody($messageBody, 'text/html');
  175. try {
  176. if (0 === $mailer->send($message)) {
  177. throw new \RuntimeException('Training request email was not accepted by the transport.');
  178. }
  179. } catch (\Throwable $exception) {
  180. $this->addFlash('error', 'formation.request.mail_error');
  182. return $this->redirectToRoute('formation_request');
  183. }
  185. $this->addFlash('success', 'formation.request.success');
  187. return $this->redirectToRoute('formation_request');
  188. }
  189. }
  191. return $this->render('page_generator/formation_request.html.twig', [
  192. 'formData' => $formData,
  193. ]);
  194. }
  196. private function getChannel(): mixed
  197. {
  198. return $this->channelContext->getChannel();
  199. }
  201. /**
  202. * @Route("/old_version", name="old_version")
  203. */
  205. public function oldversionAction(Request $request): Response
  206. {
  208. $finderwindows64 = new Finder();
  209. $windowsfiles64 = $finderwindows64->files()->name('*.zip')->in($this->get('kernel')->getProjectDir() . "/public/versions/old/Windows/x64");
  210. $finderwindows32 = new Finder();
  211. $windowsfiles32 = $finderwindows32->files()->name('*.zip')->in($this->get('kernel')->getProjectDir() . "/public/versions/old/Windows/x86");
  212. $findermac = new Finder();
  213. $macfiles = $findermac->files()->name('*.zip')->in($this->get('kernel')->getProjectDir() . "/public/versions/old/OSX");
  216. return $this->render('page_generator/oldversion.html.twig', array('windowsfiles64' => $windowsfiles64,'windowsfiles32' => $windowsfiles32, 'macfiles' => $macfiles));
  217. }
  219. /**
  220. * @Route("/download", name="download")
  222. public function downloadAction(Request $request): Response
  223. {
  224. return $this->render('page_generator/download.html.twig');
  225. }
  226. */
  227. /**
  228. * @Route("/formation", name="formation")
  229. */
  230. public function formationAction(Request $request): Response
  231. {
  232. $locale = $request->getLocale();
  233. $template = str_starts_with((string) $locale, 'en')
  234. ? 'page_generator/formation.en.html.twig'
  235. : 'page_generator/formation.html.twig';
  237. return $this->render($template);
  238. }
  240. /**
  241. * @Route("/forum", name="forum")
  242. */
  243. public function forumAction(Request $request, UserService $userService): Response
  244. {
  245. $forumRoot = rtrim((string) $this->getParameter('forumdomain'), '/');
  246. $forumUrl = $forumRoot . '/';
  248. $user = $this->getUser();
  249. if ($user === null || !is_object($user) || !method_exists($user, 'isVerified') || !$user->isVerified()) {
  250. return new RedirectResponse($forumUrl);
  251. }
  253. $customer = $userService->getCustomerByUser($user);
  254. $forumName = method_exists($customer, 'getPseudo') ? trim((string) $customer->getPseudo()) : '';
  255. if ('' === $forumName) {
  256. $this->addFlash('error', 'customer.pseudo.required_for_forum');
  258. return $this->redirectToRoute('sylius_shop_account_profile_update');
  259. }
  261. $forumEmail = $this->resolveForumEmail($customer, $user);
  262. $ssoToken = $this->createForumSsoToken([
  263. 'sub' => (string) $user->getId(),
  264. 'name' => $forumName,
  265. 'email' => $forumEmail,
  266. ]);
  268. $forumSsoPath = '/app.php/hephaestos/sso/login';
  269. $forumSsoUrl = $forumRoot . $forumSsoPath . '?token=' . rawurlencode($ssoToken) . '&return=' . rawurlencode('/');
  271. return new RedirectResponse($forumSsoUrl);
  272. }
  273. private function resolveForumEmail(object $customer, object $user): string
  274. {
  275. $candidates = [
  276. method_exists($customer, 'getEmail') ? $customer->getEmail() : null,
  277. method_exists($user, 'getEmail') ? $user->getEmail() : null,
  278. method_exists($user, 'getUsername') ? $user->getUsername() : null,
  279. ];
  281. foreach ($candidates as $candidate) {
  282. $candidate = trim((string) $candidate);
  283. if ('' !== $candidate) {
  284. return $candidate;
  285. }
  286. }
  288. return 'forum-user-' . (method_exists($user, 'getId') ? (string) $user->getId() : 'hephaestos') . '@hephaestos.local';
  289. }
  291. private function resolveForumName(object $customer, object $user): string
  292. {
  293. $candidates = [
  294. method_exists($customer, 'getPseudo') ? $customer->getPseudo() : null,
  295. method_exists($customer, 'getFullName') ? $customer->getFullName() : null,
  296. trim(sprintf(
  297. '%s %s',
  298. method_exists($customer, 'getFirstName') ? (string) $customer->getFirstName() : '',
  299. method_exists($customer, 'getLastName') ? (string) $customer->getLastName() : ''
  300. )),
  301. method_exists($customer, 'getEmail') ? $customer->getEmail() : null,
  302. method_exists($user, 'getEmail') ? $user->getEmail() : null,
  303. method_exists($user, 'getUsername') ? $user->getUsername() : null,
  304. 'user-' . (method_exists($user, 'getId') ? (string) $user->getId() : 'hephaestos'),
  305. ];
  307. foreach ($candidates as $candidate) {
  308. $candidate = trim((string) $candidate);
  309. if ('' !== $candidate) {
  310. return $candidate;
  311. }
  312. }
  314. return 'Hephaestos user';
  315. }
  317. private function createForumSsoToken(array $identity): string
  318. {
  319. $now = time();
  320. $payload = [
  321. 'sub' => (string) ($identity['sub'] ?? ''),
  322. 'name' => (string) ($identity['name'] ?? ''),
  323. 'email' => (string) ($identity['email'] ?? ''),
  324. 'iat' => $now,
  325. 'exp' => $now + 120,
  326. 'nonce' => bin2hex(random_bytes(8)),
  327. ];
  329. $payloadJson = json_encode($payload, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
  330. if (false === $payloadJson) {
  331. throw new \RuntimeException('Unable to encode forum SSO payload.');
  332. }
  334. $payloadB64 = rtrim(strtr(base64_encode($payloadJson), '+/', '-_'), '=');
  335. $secret = (string) $this->getParameter('forum_sso_secret');
  336. $signature = hash_hmac('sha256', $payloadB64, $secret);
  338. return $payloadB64 . '.' . $signature;
  339. }
  341. /**
  342. * @Route("/wiki", name="wiki")
  343. */
  344. public function wikiAction(Request $request): Response
  345. {
  346. return $this->render('page_generator/wiki.html.twig');
  347. }
  349. /**
  350. * @Route("/redirectlogin", name="redirectlogin")
  351. */
  352. public function redirectloginAction(Request $request): Response
  353. {
  355. $context = new RequestContext();
  356. $context->fromRequest(Request::createFromGlobals());
  357. $url = $this->generateUrl('sylius_shop_login', [
  358. '_locale' => 'fr',
  359. ], UrlGeneratorInterface::ABSOLUTE_URL);
  361. $js = '<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script><script type="text/javascript">jQuery(document).ready( function() {
  363. top.location = "' . $url . '";});</script>';
  364. $response = new Response();
  365. $response->prepare($request);
  366. $response->setContent($js);
  367. $response->send();
  368. return $this->redirect($url);
  370. //return $this->redirectToRoute('sylius_shop_login', [], 301);
  371. }
  372. /**
  373. * @Route("/redirectlogout", name="redirectlogout")
  374. */
  375. public function redirectlogoutAction(Request $request): Response
  376. {
  377. $context = new RequestContext();
  378. $context->fromRequest(Request::createFromGlobals());
  379. $url = $this->generateUrl('sylius_shop_logout', ['_locale' => 'fr',], UrlGeneratorInterface::ABSOLUTE_URL);
  381. $js = '<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script><script type="text/javascript">jQuery(document).ready( function() {
  383. top.location = "' . $url . '";});</script>';
  384. $response = new Response();
  385. $response->prepare($request);
  386. $response->setContent($js);
  387. $response->send();
  388. }
  389. /**
  390. * @Route("/redirectregister", name="redirectregister")
  391. */
  392. public function redirectregisterAction(Request $request): Response
  393. {
  394. $context = new RequestContext();
  395. $context->fromRequest(Request::createFromGlobals());
  396. $url = $this->generateUrl('sylius_shop_register', ['_locale' => 'fr',], UrlGeneratorInterface::ABSOLUTE_URL);
  398. $js = '<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script><script type="text/javascript">jQuery(document).ready( function() { top.location = "' . $url . '";});</script>';
  399. $response = new Response();
  400. $response->prepare($request);
  401. $response->setContent($js);
  402. $response->send();
  404. // return $this->redirect($url);
  405. //return $this->redirectToRoute('sylius_shop_register', [], 301);
  406. }
  408. /**
  409. * @Route("/electronique", name="electronique")
  410. */
  411. public function electroniqueAction(Request $request): Response
  412. {
  413. $code = array('Board_Taxons','DMX_HF','PWM_DIMMER_Taxon', 'HF_PROJECTOR__Taxon','books');
  415. return $this->render('page_generator/electronique.html.twig', array('code' => $code, 'maxresult' => -1));
  416. }
  418. /**
  419. * @Route("/features", name="features")
  420. */
  421. public function featuresAction(Request $request): Response
  422. {
  423. return $this->render('page_generator/features.html.twig');
  424. }
  427. /**
  428. * @Route("/about", name="about")
  429. */
  430. public function aboutAction(Request $request): Response
  431. {
  432. return $this->render('page_generator/about.html.twig');
  433. }
  435. /**
  436. * @Route("/shipping", name="shipping")
  437. */
  438. public function deliveryAction(Request $request): Response
  439. {
  440. return $this->render('page_generator/shipping.html.twig');
  441. }
  443. /**
  444. * @Route("/FAQ", name="FAQ")
  445. */
  446. public function FAQAction(Request $request): Response
  447. {
  448. return $this->render('page_generator/FAQ.html.twig');
  449. }
  451. /**
  452. * @Route("/privacy", name="privacy")
  453. */
  454. public function privacyAction(Request $request): Response
  455. {
  456. return $this->render('page_generator/privacy.html.twig');
  457. }
  458. /**
  459. * @Route("/return", name="return")
  460. */
  461. public function returnAction(Request $request): Response
  462. {
  463. return $this->render('page_generator/return.html.twig');
  464. }
  465. /**
  466. * @Route("/terms", name="terms")
  467. */
  468. public function termsAction(Request $request): Response
  469. {
  470. return $this->render('page_generator/terms.html.twig');
  471. }
  473. /**
  474. * @Route("/confirmationresend", name="confirmationresend", methods={"POST"})
  475. */
  476. public function resendVerificationTokenfromMailAction(Request $request): Response
  477. {
  478. if (!$this->isCsrfTokenValid('resend_verification_email', (string) $request->request->get('_token'))) {
  479. $this->addTranslatedFlash('error', 'Invalid security token.');
  481. return $this->redirectToRoute('sylius_shop_login');
  482. }
  484. $email = trim((string) $request->request->get('emailverif', ''));
  485. if ('' === $email || false === filter_var($email, FILTER_VALIDATE_EMAIL)) {
  486. // Neutral response to avoid user enumeration.
  487. $this->addTranslatedFlash('success', 'sylius.user.verify_email_request');
  489. return $this->redirectToRoute('sylius_shop_login');
  490. }
  492. $cooldownKey = 'resend_verification_last_' . sha1(strtolower($email) . '|' . (string) $request->getClientIp());
  493. $cooldownSeconds = 60;
  494. if ($request->hasSession()) {
  495. $lastAttemptAt = (int) $request->getSession()->get($cooldownKey, 0);
  496. if ($lastAttemptAt > 0 && (time() - $lastAttemptAt) < $cooldownSeconds) {
  497. $this->addTranslatedFlash('success', 'sylius.user.verify_email_request');
  499. return $this->redirectToRoute('sylius_shop_login');
  500. }
  502. $request->getSession()->set($cooldownKey, time());
  503. }
  505. $customer = $this->container->get('sylius.repository.customer')->findOneBy(['email' => $email]);
  506. $user = null !== $customer ? $customer->getUser() : null;
  508. if (null !== $user && null === $user->getVerifiedAt()) {
  509. $sender = $this->container->get('sylius.email_sender');
  510. $logpath = 'https://www.hephaestos.eu/build/img/baniere1024x768.png';
  511. $localeCode = $this->get('sylius.context.locale')->getLocaleCode();
  512. $channel = $this->container->get('sylius.context.channel')->getChannel();
  514. $sender->send(\Sylius\Bundle\UserBundle\Mailer\Emails::EMAIL_VERIFICATION_TOKEN, [$email], ['user' => $user, 'channel' => $channel, 'localeCode' => $localeCode, 'image_src' => $logpath]);
  515. }
  517. $this->addTranslatedFlash('success', 'sylius.user.verify_email_request');
  519. return $this->redirectToRoute('sylius_shop_login');
  520. }
  522. /**
  523. * {@inheritdoc}
  524. */
  525. protected function addTranslatedFlash(string $type, string $message): void
  526. {
  527. $translator = $this->container->get('translator');
  528. $this->container->get('session')->getFlashBag()->add($type, @$this->translator->trans($message, [], 'flashes'));
  529. }
  532. }