source: branches/dev/html/test/kakinaka/pear/Auth/Frontend/Html.php @ 8

Revision 8, 5.4 KB checked in by root, 17 years ago (diff)

new import

Line 
1<?php
2/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
3
4/**
5 * Standard Html Login form
6 *
7 * PHP versions 4 and 5
8 *
9 * LICENSE: This source file is subject to version 3.01 of the PHP license
10 * that is available through the world-wide-web at the following URI:
11 * http://www.php.net/license/3_01.txt.  If you did not receive a copy of
12 * the PHP License and are unable to obtain it through the web, please
13 * send a note to license@php.net so we can mail you a copy immediately.
14 *
15 * @category   Authentication
16 * @package    Auth
17 * @author     Martin Jansen <mj@php.net>
18 * @author     Adam Ashley <aashley@php.net>
19 * @copyright  2001-2006 The PHP Group
20 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
21 * @version    CVS: $Id: Html.php 8715 2006-12-01 05:10:46Z kakinaka $
22 * @link       http://pear.php.net/package/Auth
23 * @since      File available since Release 1.3.0
24 */
25
26/**
27 * Standard Html Login form
28 *
29 * @category   Authentication
30 * @package    Auth
31 * @author     Yavor Shahpasov <yavo@netsmart.com.cy>
32 * @author     Adam Ashley <aashley@php.net>
33 * @copyright  2001-2006 The PHP Group
34 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
35 * @version    Release: 1.4.2  File: $Revision: 8715 $
36 * @link       http://pear.php.net/package/Auth
37 * @since      Class available since Release 1.3.0
38 */
39class Auth_Frontend_Html {
40   
41    // {{{ render()
42
43    /**
44     * Displays the login form
45     *
46     * @param object The calling auth instance
47     * @param string The previously used username
48     * @return void
49     */
50    function render(&$caller, $username = '') {
51        $loginOnClick = 'return true;';
52       
53        // Try To Use Challene response
54        // TODO javascript might need some improvement for work on other browsers
55        if($caller->advancedsecurity && $caller->storage->supportsChallengeResponse() ) {
56
57            // Init the secret cookie
58            $caller->session['loginchallenege'] = md5(microtime());
59
60            print "\n";
61            print '<script language="JavaScript">'."\n";
62
63            include 'Auth/Frontend/md5.js';
64
65            print "\n";
66            print ' function securePassword() { '."\n";
67            print '   var pass = document.getElementById(\''.$caller->getPostPasswordField().'\');'."\n";
68            print '   var secret = document.getElementById(\'authsecret\')'."\n";
69            //print '   alert(pass);alert(secret); '."\n";
70
71            // If using md5 for password storage md5 the password before
72            // we hash it with the secret
73            // print '   alert(pass.value);';
74            if ($caller->storage->getCryptType() == 'md5' ) {
75                print '   pass.value = hex_md5(pass.value); '."\n";
76                #print '   alert(pass.value);';
77            }
78
79            print '   pass.value = hex_md5(pass.value+\''.$caller->session['loginchallenege'].'\'); '."\n";
80            // print '   alert(pass.value);';
81            print '   secret.value = 1;'."\n";
82            print '   var doLogin = document.getElementById(\'doLogin\')'."\n";
83            print '   doLogin.disabled = true;'."\n";
84            print '   return true;';
85            print ' } '."\n";
86            print '</script>'."\n";;
87            print "\n";
88
89            $loginOnClick = ' return securePassword(); ';
90        }
91
92        print '<center>'."\n";
93
94        $status = '';
95        if (!empty($caller->status) && $caller->status == AUTH_EXPIRED) {
96            $status = '<i>Your session has expired. Please login again!</i>'."\n";
97        } else if (!empty($caller->status) && $caller->status == AUTH_IDLED) {
98            $status = '<i>You have been idle for too long. Please login again!</i>'."\n";
99        } else if (!empty ($caller->status) && $caller->status == AUTH_WRONG_LOGIN) {
100            $status = '<i>Wrong login data!</i>'."\n";
101        } else if (!empty ($caller->status) && $caller->status == AUTH_SECURITY_BREACH) {
102            $status = '<i>Security problem detected. </i>'."\n";
103        }
104       
105        print '<form method="post" action="'.$caller->server['PHP_SELF'].'" '
106            .'onSubmit="'.$loginOnClick.'">'."\n";
107        print '<table border="0" cellpadding="2" cellspacing="0" '
108            .'summary="login form" align="center" >'."\n";
109        print '<tr>'."\n";
110        print '    <td colspan="2" bgcolor="#eeeeee"><strong>Login </strong>'
111            .$status.'</td>'."\n";
112        print '</tr>'."\n";
113        print '<tr>'."\n";
114        print '    <td>Username:</td>'."\n";
115        print '    <td><input type="text" id="'.$caller->getPostUsernameField()
116            .'" name="'.$caller->getPostUsernameField().'" value="' . $username
117            .'" /></td>'."\n";
118        print '</tr>'."\n";
119        print '<tr>'."\n";
120        print '    <td>Password:</td>'."\n";
121        print '    <td><input type="password" id="'.$caller->getPostPasswordField()
122            .'" name="'.$caller->getPostPasswordField().'" /></td>'."\n";
123        print '</tr>'."\n";
124        print '<tr>'."\n";
125       
126        //onClick=" '.$loginOnClick.' "
127        print '    <td colspan="2" bgcolor="#eeeeee"><input value="Login" '
128            .'id="doLogin" name="doLogin" type="submit" /></td>'."\n";
129        print '</tr>'."\n";
130        print '</table>'."\n";
131
132        // Might be a good idea to make the variable name variable
133        print '<input type="hidden" id="authsecret" name="authsecret" value="" />';
134        print '</form>'."\n";
135        print '</center>'."\n";
136    }
137
138    // }}}
139   
140}
141
142?>
Note: See TracBrowser for help on using the repository browser.