b2evolution PHP Cross Reference Blogging Systems

Source: /skins/_widget_login.form.php - 156 lines - 5371 bytes - Summary - Text - Print

Description: This file implements the widget login form This file is not meant to be called directly.

   1  <?php
   2  /**

   3   * This file implements the widget login form

   4   *

   5   * This file is not meant to be called directly.

   6   *

   7   * @copyright (c)2003-2014 by Francois Planque - {@link http://fplanque.com/}.

   8   *

   9   * @package evocore

  10   *

  11   * {@internal Below is a list of authors who have contributed to design/coding of this file: }}

  12   * @author asimo: Evo Factory / Attila Simo

  13   *

  14   * @version $Id: _widget_login.form.php 68 2011-10-26 13:16:00Z yura $

  15   */
  16  if( !defined('EVO_MAIN_INIT') ) die( 'Please, do not access this page directly.' );
  17  
  18  global $baseurl, $dummy_fields;
  19  
  20  /**

  21   * @var object user_login_Widget

  22   */
  23  $Widget = !empty( $this ) ? $this : false;
  24  
  25  $ajax_form_enabled = ( !empty( $Blog ) && ( $Blog->get_ajax_form_enabled() ) );
  26  
  27  $Form = new Form( get_login_url( $source, $redirect_to ), 'login_form', 'post' );
  28  
  29  $Form->begin_form( NULL, '', array( 'style' => 'display:none' ) );
  30  
  31  if( $ajax_form_enabled )
  32  { // ajax form is enabled, add hidden action param, because we will catch the form submit button action
  33      $Form->hidden( 'login_action', array( 'login' => 'login' ) );
  34  }
  35  $Form->hidden( 'crumb_loginform', '' );
  36  $Form->hidden( 'pwd_salt', '' );
  37  $Form->hidden( 'pwd_hashed', '' );
  38  $Form->hidden( 'source', $source );
  39  $Form->hidden( 'inskin', true );
  40  $Form->hidden( 'redirect_to', $redirect_to );
  41  
  42  $Form->text_input( $dummy_fields[ 'login' ], '', 18, T_('Login'), '', array( 'maxlength' => 255, 'class' => 'input_text', 'required'=>true ) );
  43  $Form->password_input( $dummy_fields[ 'pwd' ], '', 18, T_('Password'), array( 'maxlength' => 70, 'class' => 'input_text', 'required'=>true ) );
  44  
  45  // Submit button and lost password link:

  46  $submit_button = array(
  47      'id' => 'submit_login_form',
  48      'name' => 'login_action[login]',
  49      'value' => T_('Log in!'),
  50      'class' => 'submit' );
  51  $Form->begin_fieldset( '', array( 'class' => 'fieldset field_login_btn' ) );
  52  $Form->button_input( $submit_button );
  53  if( $Widget && $Widget->get_param('password_link_show') )
  54  {    // Display a link to recovery password
  55      $lost_password_url = url_add_param( ( empty( $Blog ) ? $baseurl : $Blog->gen_blogurl() ), 'disp=lostpassword' );
  56      echo '<a href="'.$lost_password_url.'">'.$Widget->get_param('password_link').'</a>';
  57  }
  58  $Form->end_fieldset();
  59  
  60  $Form->end_form();
  61  
  62  
  63  // Display only button to login if JS scripts or AJAX forms are disabled

  64  echo $ajax_form_enabled ? '<noscript>' : '';
  65  
  66  echo get_user_login_link( '<br /><strong>', '</strong><br /><br />', T_('Login now...'), '#', $source, $redirect_to );
  67  
  68  echo $ajax_form_enabled ? '</noscript>' : '';
  69  
  70  if( $Widget && $Widget->get_param('register_link_show') )
  71  {    // Display a link to register
  72      echo get_user_register_link( '<span class="register_link">', '</span>', $Widget->get_param('register_link'), '#', true /*disp_when_logged_in*/, $redirect_to, $source );
  73  }
  74  
  75  if( $ajax_form_enabled )
  76  { // create javascripts to handle login form crumb and password salt
  77      global $samedomain_htsrv_url;
  78      $json_params = evo_json_encode( array( 'action' => 'get_widget_login_hidden_fields' ) );
  79  
  80      ?>
  81      <script type="text/javascript">
  82          // Show login form when JS scripts and AJAX forms are enabled

  83          jQuery( 'form#login_form' ).show();
  84  
  85          var requestSent = false;
  86          var requestSucceed = false;
  87          var submitFormIfRequestSucceed = false;
  88          var sessionID = 0;
  89  
  90          // Calculate hashed password and set it in the form

  91  		function setPwdHashed() {
  92              var form = document.forms['login_form'];
  93              form.pwd_hashed.value = hex_sha1( hex_md5(form.<?php echo $dummy_fields[ 'pwd'] ?>.value) + form.pwd_salt.value );
  94              form.<?php echo $dummy_fields[ 'pwd'] ?>.value = "padding_padding_padding_padding_padding_padding_hashed_" + sessionID; /* to detect cookie problems */
  95          }
  96  
  97          // get and set login form hidden fields

  98  		function getHiddenFields() {
  99              if( requestSent ) {
 100                  return;
 101              }
 102              requestSent = true;
 103              jQuery.ajax({
 104                  url: '<?php echo $samedomain_htsrv_url; ?>anon_async.php',
 105                  type: 'POST',
 106                  data: <?php echo $json_params; ?>,
 107                  success: function(result)
 108                  {
 109                      result = ajax_debug_clear( result );
 110                      var form = document.forms['login_form'];
 111                      var hidden_fields = new Array();
 112                      hidden_fields = result.split(' ');
 113                      var crumb = hidden_fields.shift();
 114                      var salt = hidden_fields.shift();
 115                      sessionID = hidden_fields.shift();
 116                      form.crumb_loginform.value = crumb;
 117                      form.pwd_salt.value = salt;
 118                      requestSucceed = true;
 119                      if( submitFormIfRequestSucceed ) { // submit button was already clicked
 120                          setPwdHashed();
 121                          form.submit();
 122                      }
 123                      return false;
 124                  },
 125                  error: function()
 126                  {
 127                      requestSent = false;
 128                      return false;
 129                  }
 130              });
 131          }
 132  
 133          // if login input was changed or got the focus

 134          jQuery('#login_form #<?php echo $dummy_fields[ 'login' ] ?>').bind( "focus change", function() {
 135              getHiddenFields();
 136          });
 137  
 138          // if password input was changed or got the focus

 139          jQuery('#login_form #<?php echo $dummy_fields[ 'pwd' ] ?>').bind( "focus change", function() {
 140              getHiddenFields();
 141          });
 142  
 143          // if submit button was clicked

 144          jQuery('#submit_login_form').click( function() {
 145              if( !requestSucceed ) {
 146                  submitFormIfRequestSucceed = true;
 147                  getHiddenFields();
 148                  return false;
 149              }
 150              setPwdHashed();
 151          });
 152      </script>
 153      <?php
 154  } // end ajax crumb functions

 155  
 156  ?>

title

Description

title

Description

title

Description

title

title

Body