Changeset:
94929e1ebe65
https://sourceforge.net/p/mrbs/hg-code/ci/94929e1ebe65f30fc2a7046d01cdff5666c0402b
Author:
Campbell Morrison <[email protected]>
Date:
Tue Feb 21 15:07:59 2017 +0000
Log message:
Moved printLoginForm() out into a separate file and also made the cookie
session scheme accept an email address instead of a username, when possible.
diffstat:
web/functions_logon.inc | 53 +++++++++++++++++++++++++++++++++++++++
web/session/session_cookie.inc | 57 +++++++++++------------------------------
web/session/session_joomla.inc | 41 +-----------------------------
web/session/session_php.inc | 52 +------------------------------------
4 files changed, 71 insertions(+), 132 deletions(-)
diffs (271 lines):
diff -r f86a6a7f12c1 -r 94929e1ebe65 web/functions_logon.inc
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/web/functions_logon.inc Tue Feb 21 15:07:59 2017 +0000
@@ -0,0 +1,53 @@
+<?php
+namespace MRBS;
+
+/*
+ Display the login form.
+ Will eventually return to $target_url with query string returl=$returl
+*/
+function printLoginForm($action, $target_url, $returl)
+{
+ $html = '';
+
+ $html .= "<form class=\"form_general\" id=\"logon\" method=\"post\"".
+ " action=\"" . htmlspecialchars($action) . "\">\n";
+ $html .= "<fieldset>\n";
+ $html .= "<legend>" . get_vocab("please_login") . "</legend>\n";
+
+ $html .= "<div>\n";
+ if (function_exists(__NAMESPACE__ . "\\authValidateEmail"))
+ {
+ $placeholder = get_vocab("username_or_email");
+ }
+ else
+ {
+ $placeholder = get_vocab("username");
+ }
+ $html .= "<label for=\"NewUserName\">" . get_vocab("user") . ":</label>\n";
+ $html .= "<input type=\"text\" id=\"NewUserName\" name=\"NewUserName\"
placeholder=\"$placeholder\">\n";
+ $html .= "</div>\n";
+
+ $html .= "<div>\n";
+ $html .= "<label for=\"NewUserPassword\">" . get_vocab("users.password") .
":</label>\n";
+ $html .= "<input type=\"password\" id=\"NewUserPassword\"
name=\"NewUserPassword\">\n";
+ $html .= "</div>\n";
+
+
+ $html .= "<input type=\"hidden\" name=\"returl\" value=\"" .
htmlspecialchars($returl) . "\">\n";
+ $html .= "<input type=\"hidden\" name=\"target_url\" value=\"" .
htmlspecialchars($target_url) . "\">\n";
+ $html .= "<input type=\"hidden\" name=\"Action\" value=\"SetName\">\n";
+
+ $html .= "<div id=\"logon_submit\">\n";
+ $html .= "<input class=\"submit\" type=\"submit\" value=\"" .
get_vocab('login') . "\">\n";
+ $html .= "</div>\n";
+
+ $html .= "</fieldset>\n";
+ $html .= "</form>\n";
+
+ $html .= "</div>"; // Close of the contents div
+
+ echo $html;
+
+ // Print footer and exit
+ print_footer(TRUE);
+}
diff -r f86a6a7f12c1 -r 94929e1ebe65 web/session/session_cookie.inc
--- a/web/session/session_cookie.inc Tue Feb 21 14:18:48 2017 +0000
+++ b/web/session/session_cookie.inc Tue Feb 21 15:07:59 2017 +0000
@@ -16,6 +16,8 @@
* *
\*****************************************************************************/
+require_once MRBS_ROOT . '/functions_logon.inc';
+
global $PHP_SELF, $HTTP_REFERER;
global $auth;
@@ -70,18 +72,25 @@
}
else
{
- if (!authValidateUser($NewUserName, $NewUserPassword))
+ if (authValidateUser($NewUserName, $NewUserPassword))
+ {
+ $UserName = $NewUserName;
+ $UserPassword = $NewUserPassword;
+ }
+ // Maybe the username was an email address. Try that if possible.
+ elseif (function_exists(__NAMESPACE__ . "\\authValidateEmail") &&
+ ($result = authValidateEmail($NewUserName, $NewUserPassword)) !==
false)
+ {
+ $UserName = $result;
+ $UserPassword = $NewUserPassword;
+ }
+ else
{
print_header(0, 0, 0, 0, "");
echo "<p>".get_vocab('unknown_user')."</p>\n";
printLoginForm(this_page(), $target_url, $returl);
exit();
}
- else
- {
- $UserName = $NewUserName;
- $UserPassword = $NewUserPassword;
- }
if ($auth['session_cookie']['session_expire_time'] == 0)
{
@@ -141,42 +150,6 @@
print_footer(TRUE);
}
-/*
- Display the login form. Used by two routines below.
- Will eventually return to $target_url.
-*/
-function printLoginForm($action, $target_url, $returl)
-{
-?>
-<p>
-
-</p>
-<form class="form_general" id="logon" method="post" action="<?php
htmlspecialchars($action) ?>">
- <fieldset>
- <legend><?php echo get_vocab("please_login") ?></legend>
- <div>
- <label for="NewUserName"><?php echo get_vocab("users.name") ?>:</label>
- <input type="text" id="NewUserName" name="NewUserName">
- </div>
- <div>
- <label for="NewUserPassword"><?php echo get_vocab("users.password")
?>:</label>
- <input type="password" id="NewUserPassword" name="NewUserPassword">
- </div>
- <?php
- echo "<input type=\"hidden\" name=\"returl\" value=\"" .
htmlspecialchars($returl) . "\">\n";
- ?>
- <input type="hidden" name="target_url" value="<?php echo
htmlspecialchars($target_url) ?>">
- <input type="hidden" name="Action" value="SetName">
- <div id="logon_submit">
- <input class="submit" type="submit" value="<?php echo get_vocab('login')
?> ">
- </div>
- </fieldset>
-</form>
-<?php
- echo "</div>"; // Close of the contents div
- // Print footer and exit
- print_footer(TRUE);
-}
/*
Target of the form with sets the URL argument "Action=QueryName".
diff -r f86a6a7f12c1 -r 94929e1ebe65 web/session/session_joomla.inc
--- a/web/session/session_joomla.inc Tue Feb 21 14:18:48 2017 +0000
+++ b/web/session/session_joomla.inc Tue Feb 21 15:07:59 2017 +0000
@@ -2,6 +2,7 @@
namespace MRBS;
require_once MRBS_ROOT . '/auth/cms/joomla.inc';
+require_once MRBS_ROOT . '/functions_logon.inc';
$mainframe = JFactory::getApplication('site');
$mainframe->initialise();
@@ -74,46 +75,6 @@
print_footer(TRUE);
}
-/*
- Display the login form. Used by two routines below.
- Will eventually return to $target_url.
-*/
-function printLoginForm($action, $target_url, $returl)
-{
-?>
-<form class="form_general" id="logon" method="post" action="<?php echo
htmlspecialchars($action) ?>">
- <fieldset>
- <legend><?php echo get_vocab("please_login") ?></legend>
- <div>
- <label for="NewUserName"><?php echo get_vocab("users.name") ?>:</label>
- <input type="text" id="NewUserName" name="NewUserName">
- </div>
- <div>
- <label for="NewUserPassword"><?php echo get_vocab("users.password")
?>:</label>
- <input type="password" id="NewUserPassword" name="NewUserPassword">
- </div>
- <?php
- // We need to preserve the original calling page, so that it's there when
we eventually get
- // to the target_url (especially if that's edit_entry.php). If this is
the first time through then $HTTP_REFERER holds
- // the original caller. If this is the second time through we will have
stored it in $returl.
- if (!isset($returl))
- {
- $returl = isset($HTTP_REFERER) ? $HTTP_REFERER : "";
- }
- echo "<input type=\"hidden\" name=\"returl\" value=\"" .
htmlspecialchars($returl) . "\">\n";
- ?>
- <input type="hidden" name="target_url" value="<?php echo
htmlspecialchars($target_url) ?>">
- <input type="hidden" name="Action" value="SetName">
- <div id="logon_submit">
- <input class="submit" type="submit" value=" <?php echo
get_vocab('login') ?> ">
- </div>
- </fieldset>
-</form>
-<?php
- echo "</div>"; // Close of the contents div
- // Print footer and exit
- print_footer(TRUE);
-}
/*
Target of the form with sets the URL argument "Action=QueryName".
diff -r f86a6a7f12c1 -r 94929e1ebe65 web/session/session_php.inc
--- a/web/session/session_php.inc Tue Feb 21 14:18:48 2017 +0000
+++ b/web/session/session_php.inc Tue Feb 21 15:07:59 2017 +0000
@@ -13,6 +13,8 @@
* *
\*****************************************************************************/
+require_once MRBS_ROOT . '/functions_logon.inc';
+
global $PHP_SELF, $HTTP_REFERER;
global $auth;
@@ -145,56 +147,6 @@
print_footer(TRUE);
}
-/*
- Display the login form. Used by two routines below.
- Will eventually return to $target_url.
-*/
-function printLoginForm($action, $target_url, $returl)
-{
- $html = '';
-
- $html .= "<form class=\"form_general\" id=\"logon\" method=\"post\"".
- " action=\"" . htmlspecialchars($action) . "\">\n";
- $html .= "<fieldset>\n";
- $html .= "<legend>" . get_vocab("please_login") . "</legend>\n";
-
- $html .= "<div>\n";
- if (function_exists(__NAMESPACE__ . "\\authValidateEmail"))
- {
- $placeholder = get_vocab("username_or_email");
- }
- else
- {
- $placeholder = get_vocab("username");
- }
- $html .= "<label for=\"NewUserName\">" . get_vocab("user") . ":</label>\n";
- $html .= "<input type=\"text\" id=\"NewUserName\" name=\"NewUserName\"
placeholder=\"$placeholder\">\n";
- $html .= "</div>\n";
-
- $html .= "<div>\n";
- $html .= "<label for=\"NewUserPassword\">" . get_vocab("users.password") .
":</label>\n";
- $html .= "<input type=\"password\" id=\"NewUserPassword\"
name=\"NewUserPassword\">\n";
- $html .= "</div>\n";
-
-
- $html .= "<input type=\"hidden\" name=\"returl\" value=\"" .
htmlspecialchars($returl) . "\">\n";
- $html .= "<input type=\"hidden\" name=\"target_url\" value=\"" .
htmlspecialchars($target_url) . "\">\n";
- $html .= "<input type=\"hidden\" name=\"Action\" value=\"SetName\">\n";
-
- $html .= "<div id=\"logon_submit\">\n";
- $html .= "<input class=\"submit\" type=\"submit\" value=\"" .
get_vocab('login') . "\">\n";
- $html .= "</div>\n";
-
- $html .= "</fieldset>\n";
- $html .= "</form>\n";
-
- $html .= "</div>"; // Close of the contents div
-
- echo $html;
-
- // Print footer and exit
- print_footer(TRUE);
-}
/*
Target of the form with sets the URL argument "Action=QueryName".
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
