| Line 16... |
Line 16... |
| 16 |
* @package Auth
|
16 |
* @package Auth
|
| 17 |
* @author Martin Jansen <mj@php.net>
|
17 |
* @author Martin Jansen <mj@php.net>
|
| 18 |
* @author Adam Ashley <aashley@php.net>
|
18 |
* @author Adam Ashley <aashley@php.net>
|
| 19 |
* @copyright 2001-2006 The PHP Group
|
19 |
* @copyright 2001-2006 The PHP Group
|
| 20 |
* @license http://www.php.net/license/3_01.txt PHP License 3.01
|
20 |
* @license http://www.php.net/license/3_01.txt PHP License 3.01
|
| 21 |
* @version CVS: $Id: Html.php,v 1.1 2006-12-14 15:04:29 jp_milcent Exp $
|
21 |
* @version CVS: $Id: Html.php,v 1.2 2007-11-19 15:11:00 jp_milcent Exp $
|
| 22 |
* @link http://pear.php.net/package/Auth
|
22 |
* @link http://pear.php.net/package/Auth
|
| 23 |
* @since File available since Release 1.3.0
|
23 |
* @since File available since Release 1.3.0
|
| 24 |
*/
|
24 |
*/
|
| Line 25... |
Line 25... |
| 25 |
|
25 |
|
| 26 |
/**
|
26 |
/**
|
| 27 |
* Standard Html Login form
|
27 |
* Standard Html Login form
|
| 28 |
*
|
28 |
*
|
| 29 |
* @category Authentication
|
29 |
* @category Authentication
|
| 30 |
* @package Auth
|
30 |
* @package Auth
|
| 31 |
* @author Yavor Shahpasov <yavo@netsmart.com.cy>
|
31 |
* @author Yavor Shahpasov <yavo@netsmart.com.cy>
|
| 32 |
* @author Adam Ashley <aashley@php.net>
|
32 |
* @author Adam Ashley <aashley@php.net>
|
| 33 |
* @copyright 2001-2006 The PHP Group
|
33 |
* @copyright 2001-2006 The PHP Group
|
| 34 |
* @license http://www.php.net/license/3_01.txt PHP License 3.01
|
34 |
* @license http://www.php.net/license/3_01.txt PHP License 3.01
|
| 35 |
* @version Release: 1.4.3 File: $Revision: 1.1 $
|
35 |
* @version Release: 1.5.4 File: $Revision: 1.2 $
|
| 36 |
* @link http://pear.php.net/package/Auth
|
36 |
* @link http://pear.php.net/package/Auth
|
| 37 |
* @since Class available since Release 1.3.0
|
37 |
* @since Class available since Release 1.3.0
|
| 38 |
*/
|
38 |
*/
|
| 39 |
class Auth_Frontend_Html {
|
39 |
class Auth_Frontend_Html {
|
| 40 |
|
40 |
|
| Line 41... |
Line 41... |
| 41 |
// {{{ render()
|
41 |
// {{{ render()
|
| 42 |
|
42 |
|
| 43 |
/**
|
43 |
/**
|
| Line 47... |
Line 47... |
| 47 |
* @param string The previously used username
|
47 |
* @param string The previously used username
|
| 48 |
* @return void
|
48 |
* @return void
|
| 49 |
*/
|
49 |
*/
|
| 50 |
function render(&$caller, $username = '') {
|
50 |
function render(&$caller, $username = '') {
|
| 51 |
$loginOnClick = 'return true;';
|
51 |
$loginOnClick = 'return true;';
|
| 52 |
|
52 |
|
| 53 |
// Try To Use Challene response
|
53 |
// Try To Use Challene response
|
| 54 |
// TODO javascript might need some improvement for work on other browsers
|
54 |
// TODO javascript might need some improvement for work on other browsers
|
| 55 |
if($caller->advancedsecurity && $caller->storage->supportsChallengeResponse() ) {
|
55 |
if($caller->advancedsecurity && $caller->storage->supportsChallengeResponse() ) {
|
| Line 56... |
Line 56... |
| 56 |
|
56 |
|
| Line 66... |
Line 66... |
| 66 |
print ' function securePassword() { '."\n";
|
66 |
print ' function securePassword() { '."\n";
|
| 67 |
print ' var pass = document.getElementById(\''.$caller->getPostPasswordField().'\');'."\n";
|
67 |
print ' var pass = document.getElementById(\''.$caller->getPostPasswordField().'\');'."\n";
|
| 68 |
print ' var secret = document.getElementById(\'authsecret\')'."\n";
|
68 |
print ' var secret = document.getElementById(\'authsecret\')'."\n";
|
| 69 |
//print ' alert(pass);alert(secret); '."\n";
|
69 |
//print ' alert(pass);alert(secret); '."\n";
|
| Line 70... |
Line 70... |
| 70 |
|
70 |
|
| 71 |
// If using md5 for password storage md5 the password before
|
71 |
// If using md5 for password storage md5 the password before
|
| 72 |
// we hash it with the secret
|
72 |
// we hash it with the secret
|
| 73 |
// print ' alert(pass.value);';
|
73 |
// print ' alert(pass.value);';
|
| 74 |
if ($caller->storage->getCryptType() == 'md5' ) {
|
74 |
if ($caller->storage->getCryptType() == 'md5' ) {
|
| 75 |
print ' pass.value = hex_md5(pass.value); '."\n";
|
75 |
print ' pass.value = hex_md5(pass.value); '."\n";
|
| Line 99... |
Line 99... |
| 99 |
} else if (!empty ($caller->status) && $caller->status == AUTH_WRONG_LOGIN) {
|
99 |
} else if (!empty ($caller->status) && $caller->status == AUTH_WRONG_LOGIN) {
|
| 100 |
$status = '<i>Wrong login data!</i>'."\n";
|
100 |
$status = '<i>Wrong login data!</i>'."\n";
|
| 101 |
} else if (!empty ($caller->status) && $caller->status == AUTH_SECURITY_BREACH) {
|
101 |
} else if (!empty ($caller->status) && $caller->status == AUTH_SECURITY_BREACH) {
|
| 102 |
$status = '<i>Security problem detected. </i>'."\n";
|
102 |
$status = '<i>Security problem detected. </i>'."\n";
|
| 103 |
}
|
103 |
}
|
| 104 |
|
104 |
|
| 105 |
print '<form method="post" action="'.$caller->server['PHP_SELF'].'" '
|
105 |
print '<form method="post" action="'.$caller->server['PHP_SELF'].'" '
|
| 106 |
.'onSubmit="'.$loginOnClick.'">'."\n";
|
106 |
.'onSubmit="'.$loginOnClick.'">'."\n";
|
| 107 |
print '<table border="0" cellpadding="2" cellspacing="0" '
|
107 |
print '<table border="0" cellpadding="2" cellspacing="0" '
|
| 108 |
.'summary="login form" align="center" >'."\n";
|
108 |
.'summary="login form" align="center" >'."\n";
|
| 109 |
print '<tr>'."\n";
|
109 |
print '<tr>'."\n";
|
| Line 111... |
Line 111... |
| 111 |
.$status.'</td>'."\n";
|
111 |
.$status.'</td>'."\n";
|
| 112 |
print '</tr>'."\n";
|
112 |
print '</tr>'."\n";
|
| 113 |
print '<tr>'."\n";
|
113 |
print '<tr>'."\n";
|
| 114 |
print ' <td>Username:</td>'."\n";
|
114 |
print ' <td>Username:</td>'."\n";
|
| 115 |
print ' <td><input type="text" id="'.$caller->getPostUsernameField()
|
115 |
print ' <td><input type="text" id="'.$caller->getPostUsernameField()
|
| 116 |
.'" name="'.$caller->getPostUsernameField().'" value="' . $username
|
116 |
.'" name="'.$caller->getPostUsernameField().'" value="' . $username
|
| 117 |
.'" /></td>'."\n";
|
117 |
.'" /></td>'."\n";
|
| 118 |
print '</tr>'."\n";
|
118 |
print '</tr>'."\n";
|
| 119 |
print '<tr>'."\n";
|
119 |
print '<tr>'."\n";
|
| 120 |
print ' <td>Password:</td>'."\n";
|
120 |
print ' <td>Password:</td>'."\n";
|
| 121 |
print ' <td><input type="password" id="'.$caller->getPostPasswordField()
|
121 |
print ' <td><input type="password" id="'.$caller->getPostPasswordField()
|
| 122 |
.'" name="'.$caller->getPostPasswordField().'" /></td>'."\n";
|
122 |
.'" name="'.$caller->getPostPasswordField().'" /></td>'."\n";
|
| 123 |
print '</tr>'."\n";
|
123 |
print '</tr>'."\n";
|
| 124 |
print '<tr>'."\n";
|
124 |
print '<tr>'."\n";
|
| 125 |
|
125 |
|
| 126 |
//onClick=" '.$loginOnClick.' "
|
126 |
//onClick=" '.$loginOnClick.' "
|
| 127 |
print ' <td colspan="2" bgcolor="#eeeeee"><input value="Login" '
|
127 |
print ' <td colspan="2" bgcolor="#eeeeee"><input value="Login" '
|
| 128 |
.'id="doLogin" name="doLogin" type="submit" /></td>'."\n";
|
128 |
.'id="doLogin" name="doLogin" type="submit" /></td>'."\n";
|
| 129 |
print '</tr>'."\n";
|
129 |
print '</tr>'."\n";
|
| 130 |
print '</table>'."\n";
|
130 |
print '</table>'."\n";
|
| Line 131... |
Line 131... |
| 131 |
|
131 |
|
| 132 |
// Might be a good idea to make the variable name variable
|
132 |
// Might be a good idea to make the variable name variable
|
| 133 |
print '<input type="hidden" id="authsecret" name="authsecret" value="" />';
|
133 |
print '<input type="hidden" id="authsecret" name="authsecret" value="" />';
|
| 134 |
print '</form>'."\n";
|
134 |
print '</form>'."\n";
|
| 135 |
print '</center>'."\n";
|
135 |
print '</center>'."\n";
|
| Line 136... |
Line 136... |
| 136 |
}
|
136 |
}
|
| 137 |
|
137 |
|
| 138 |
// }}}
|
138 |
// }}}
|
| Line 139... |
Line 139... |
| 139 |
|
139 |
|