1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<?php
/**
*
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
declare(strict_types=1);
namespace Magento\Checkout\Controller\Index;
use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
class Index extends \Magento\Checkout\Controller\Onepage implements HttpGetActionInterface
{
/**
* Checkout page
*
* @return \Magento\Framework\Controller\ResultInterface
*/
public function execute()
{
/** @var \Magento\Checkout\Helper\Data $checkoutHelper */
$checkoutHelper = $this->_objectManager->get(\Magento\Checkout\Helper\Data::class);
if (!$checkoutHelper->canOnepageCheckout()) {
$this->messageManager->addErrorMessage(__('One-page checkout is turned off.'));
return $this->resultRedirectFactory->create()->setPath('checkout/cart');
}
$quote = $this->getOnepage()->getQuote();
if (!$quote->hasItems() || $quote->getHasError() || !$quote->validateMinimumAmount()) {
return $this->resultRedirectFactory->create()->setPath('checkout/cart');
}
if (!$this->_customerSession->isLoggedIn() && !$checkoutHelper->isAllowedGuestCheckout($quote)) {
$this->messageManager->addErrorMessage(__('Guest checkout is disabled.'));
return $this->resultRedirectFactory->create()->setPath('checkout/cart');
}
// generate session ID only if connection is unsecure according to issues in session_regenerate_id function.
// @see http://php.net/manual/en/function.session-regenerate-id.php
if (!$this->isSecureRequest()) {
$this->_customerSession->regenerateId();
}
$this->_objectManager->get(\Magento\Checkout\Model\Session::class)->setCartWasUpdated(false);
$this->getOnepage()->initCheckout();
$resultPage = $this->resultPageFactory->create();
$resultPage->getConfig()->getTitle()->set(__('Checkout'));
return $resultPage;
}
/**
* Checks if current request uses SSL and referer also is secure.
*
* @return bool
*/
private function isSecureRequest(): bool
{
$request = $this->getRequest();
$referrer = $request->getHeader('referer');
$secure = false;
if ($referrer) {
$scheme = parse_url($referrer, PHP_URL_SCHEME);
$secure = $scheme === 'https';
}
return $secure && $request->isSecure();
}
}