diff options
Diffstat (limited to 'www')
| -rw-r--r-- | www/login.php | 176 | ||||
| -rw-r--r-- | www/password.php | 249 | ||||
| -rw-r--r-- | www/register.php | 199 | ||||
| -rw-r--r-- | www/scuttle.css | 3 |
4 files changed, 445 insertions, 182 deletions
diff --git a/www/login.php b/www/login.php index 2a61224..7fd173b 100644 --- a/www/login.php +++ b/www/login.php @@ -1,62 +1,138 @@ <?php -/*************************************************************************** -Copyright (C) 2004 - 2006 Scuttle project -http://sourceforge.net/projects/scuttle/ -http://scuttle.org/ - -This program is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program; if not, write to the Free Software -Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -***************************************************************************/ - +/** + * SemanticScuttle - your social bookmark manager. + * User login form. + * + * PHP version 5. + * + * @category Bookmarking + * @package SemanticScuttle + * @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net> + * @author Christian Weiske <cweiske@cweiske.de> + * @author Eric Dane <ericdane@users.sourceforge.net> + * @license GPL http://www.gnu.org/licenses/gpl.html + * @link http://sourceforge.net/projects/semanticscuttle + */ require_once 'www-header.php'; +if ($userservice->isLoggedOn()) { + //no need to log in when the user is already logged in + $user = $userservice->getCurrentUser(); + header( + 'Location: ' + . createURL('bookmarks', $user['username']) + ); + exit(); +} + +require_once 'HTML/QuickForm2.php'; +require_once 'SemanticScuttle/QuickForm2/Renderer/CoolArray.php'; + +//do not append '-0' to IDs +HTML_Common2::setOption('id_force_append_index', false); + +$login = new HTML_QuickForm2( + 'login', 'post', + array('action' => createURL('login')), + true +); +$login->addElement( + 'hidden', 'querystring', + array( + 'value' => $_SERVER['QUERY_STRING'] + ) +); + +$user = $login->addElement( + 'text', 'username', + array( + 'size' => 20, + 'class' => 'required' + ) +)->setLabel(T_('Username')); +$user->addRule( + 'required', + T_('Please enter your username') +); +$user->addRule( + 'callback', + T_('This username is not valid (too short, too long, forbidden characters...), please make another choice.'), + array($userservice, 'isValidUsername') +); -/* Service creation: only useful services are created */ -// No specific services +$login->addElement( + 'password', 'password', + array( + 'size' => 20, + 'class' => 'required' + ) +) +->setLabel(T_('Password')) +->addRule( + 'required', + T_('Please enter your password') +); +$login->addElement( + 'checkbox', 'keeploggedin' +)->setLabel(T_('Don\'t ask for my password for 2 weeks')); -/* Managing all possible inputs */ -isset($_POST['keeppass']) ? define('POST_KEEPPASS', $_POST['keeppass']): define('POST_KEEPPASS', ''); -isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', ''); -isset($_POST['username']) ? define('POST_USERNAME', $_POST['username']): define('POST_USERNAME', ''); -isset($_POST['password']) ? define('POST_PASSWORD', $_POST['password']): define('POST_PASSWORD', ''); -isset($_POST['query']) ? define('POST_QUERY', $_POST['query']): define('POST_QUERY', ''); +$login->addElement( + 'submit', 'submit', + array('value' => T_('Log In')) +); -$keeppass = (POST_KEEPPASS=='yes')?true:false; -$login = false; -if (POST_SUBMITTED!='' && POST_USERNAME!='' && POST_PASSWORD!='') { - $posteduser = trim(utf8_strtolower(POST_USERNAME)); - $login = $userservice->login($posteduser, POST_PASSWORD, $keeppass); - if ($login) { - if (POST_QUERY) - header('Location: '. createURL('bookmarks', $posteduser .'?'. POST_QUERY)); - else - header('Location: '. createURL('bookmarks', $posteduser)); - } else { - $tplVars['error'] = T_('The details you have entered are incorrect. Please try again.'); +$tplVars['error'] = ''; +if ($login->validate()) { + $arValues = $login->getValue(); + if (!isset($arValues['keeploggedin'])) { + $arValues['keeploggedin'] = false; } -} -if (!$login) { - if ($userservice->isLoggedOn()) { - $cUser = $userservice->getCurrentObjectUser(); - header('Location: '. createURL('bookmarks', strtolower($cUser->getUsername()))); + $bLoginOk = $userservice->login( + $arValues['username'], + $arValues['password'], + (bool)$arValues['keeploggedin'] + ); + if ($bLoginOk) { + if ($arValues['querystring'] != '') { + //append old query string + header( + 'Location: ' + . createURL('bookmarks', $arValues['username']) + . '?' . $arValues['querystring'] + ); + } else { + header( + 'Location: ' + . createURL('bookmarks', $arValues['username']) + ); + } + exit(); } - - $tplVars['subtitle'] = T_('Log In'); - $tplVars['formaction'] = createURL('login'); - $tplVars['querystring'] = filter($_SERVER['QUERY_STRING']); - $templateservice->loadTemplate('login.tpl', $tplVars); + $tplVars['error'] = T_('The details you have entered are incorrect. Please try again.'); } + + +HTML_QuickForm2_Renderer::register( + 'coolarray', + 'SemanticScuttle_QuickForm2_Renderer_CoolArray' +); +//$renderer = HTML_QuickForm2_Renderer::factory('coolarray') +$renderer = new SemanticScuttle_QuickForm2_Renderer_CoolArray(); +$renderer->setOption( + array( + 'group_hiddens' => true, + 'group_errors' => true + ) +); + +$tplVars['form'] = $login->render($renderer); +$tplVars['loadjs'] = true; +$tplVars['subtitle'] = T_('Register'); +$tplVars['error'] .= implode( + '<br/>', array_unique($tplVars['form']['errors']) +); +$templateservice->loadTemplate('login.tpl', $tplVars); + ?> diff --git a/www/password.php b/www/password.php index 77a58ce..7981d0a 100644 --- a/www/password.php +++ b/www/password.php @@ -1,78 +1,191 @@ <?php -/*************************************************************************** - Copyright (C) 2005 Scuttle project - https://sourceforge.net/projects/scuttle/ - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - ***************************************************************************/ - +/** + * SemanticScuttle - your social bookmark manager. + * User password reset form. + * + * PHP version 5. + * + * @category Bookmarking + * @package SemanticScuttle + * @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net> + * @author Christian Weiske <cweiske@cweiske.de> + * @author Eric Dane <ericdane@users.sourceforge.net> + * @author Marcus Campbell <marcus.campbell@gmail.com> + * @license GPL http://www.gnu.org/licenses/gpl.html + * @link http://sourceforge.net/projects/semanticscuttle + */ require_once 'www-header.php'; -/* Service creation: only useful services are created */ -// No specific services - -/* Managing all possible inputs */ -isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', ''); -isset($_POST['username']) ? define('POST_USERNAME', $_POST['username']): define('POST_USERNAME', ''); -isset($_POST['email']) ? define('POST_EMAIL', $_POST['email']): define('POST_EMAIL', ''); - -// IF SUBMITTED -if (POST_SUBMITTED != '') { - - // NO USERNAME - if (!POST_USERNAME) { - $tplVars['error'] = T_('You must enter your username.'); - - // NO E-MAIL - } elseif (!POST_EMAIL) { - $tplVars['error'] = T_('You must enter your <abbr title="electronic mail">e-mail</abbr> address.'); - - // USERNAME AND E-MAIL - } else { - - // NO MATCH - $userinfo = $userservice->getObjectUserByUsername(POST_USERNAME); - if ($userinfo == NULL) { - $tplVars['error'] = T_('No matches found for that username.'); - - } elseif (POST_EMAIL != $userinfo->getEmail()) { - $tplVars['error'] = T_('No matches found for that combination of username and <abbr title="electronic mail">e-mail</abbr> address.'); - - // MATCH - } else { +require_once 'HTML/QuickForm2.php'; +require_once 'SemanticScuttle/QuickForm2/Renderer/CoolArray.php'; +require_once 'HTML/QuickForm2/Element/NumeralCaptcha.php'; + + + +//we register a strange name here so we can change the class +// itself easily +HTML_QuickForm2_Factory::registerElement( + 'sc-captcha', + 'HTML_QuickForm2_Element_NumeralCaptcha' +); + +//do not append '-0' to IDs +HTML_Common2::setOption('id_force_append_index', false); + +$form = new HTML_QuickForm2( + 'registration', 'post', + array('action' => createURL('password')), + true +); + +$user = $form->addElement( + 'text', 'username', + array( + 'size' => 20, + 'class' => 'required' + ) +)->setLabel(T_('Username')); +$user->addRule( + 'required', + T_('You <em>must</em> enter a username, password and e-mail address.') +); +$user->addRule( + 'callback', + T_('This username is not valid (too short, too long, forbidden characters...), please make another choice.'), + array($userservice, 'isValidUsername') +); +$user->addRule( + 'notcallback', + T_('This username has been reserved, please make another choice.'), + array($userservice, 'isReserved') +); +$user->addRule( + 'callback', + T_('No matches found for that username.'), + array($userservice, 'existsUserWithUsername') +); +$form->addRule( + 'callback', + T_('No matches found for that combination of username and <abbr title="electronic mail">e-mail</abbr> address.'), + 'checkUserEmailCombination' +); + + +$email = $form->addElement( + 'text', 'email', + array( + 'size' => 40, + 'class' => 'required' + ) +)->setLabel(T_('E-mail')); +$email->addRule( + 'required', + T_('You <em>must</em> enter a username, password and e-mail address.') +); +$email->addRule( + 'callback', + T_('E-mail address is not valid. Please try again.'), + array($userservice, 'isValidEmail') +); + + +$captcha = $form->addElement( + 'sc-captcha', 'captcha', + array( + 'size' => 40 + ), + array( + 'captchaSolutionWrong' + => T_('Antispam answer is not valid. Please try again.') + ) +) +->setLabel(T_('Antispam question')); + + +$form->addElement( + 'submit', 'submit', + array('value' => T_('Generate Password')) +); + +/** + * Checks if the user and email combination exists in the database. + * + * @param array $arValues Key-value array of form values + * + * @return boolean True if it exists, false if not + */ +function checkUserEmailCombination($arValues) +{ + //FIXME: remove this once HTML_QuickForm2 calls form rules + // only after element rules match + // http://pear.php.net/bugs/17576 + if (trim($arValues['username']) == '' + || trim($arValues['email']) == '' + ) { + return false; + } + + $userservice = SemanticScuttle_Service_Factory::get('User'); + return $userservice->userEmailCombinationValid( + $arValues['username'], $arValues['email'] + ); +} - // GENERATE AND STORE PASSWORD - $password = $userservice->generatePassword($userinfo->getId()); - if (!($password = $userservice->generatePassword($userinfo->getId()))) { - $tplVars['error'] = T_('There was an error while generating your new password. Please try again.'); - } else { - // SEND E-MAIL - $message = T_('Your new password is:') ."\n". $password ."\n\n". T_('To keep your bookmarks secure, you should change this password in your profile the next time you log in.'); - $message = wordwrap($message, 70); - $headers = 'From: '. $adminemail; - $mail = mail(POST_EMAIL, sprintf(T_('%s Account Information'), $sitename), $message); - $tplVars['msg'] = sprintf(T_('New password generated and sent to %s'), POST_EMAIL); - } - } - } +$tplVars['error'] = ''; +if ($form->validate()) { + $arValues = $form->getValue(); + $arUser = $userservice->getUserByUsername($arValues['username']); + $password = $userservice->generatePassword($arUser['uId']); + if ($password === false) { + $tplVars['error'] = T_('There was an error while generating your new password. Please try again.'); + } else { + //change password and send email out + $message = T_('Your new password is:') + . "\n" . $password . "\n\n" + . T_('To keep your bookmarks secure, you should change this password in your profile the next time you log in.'); + $message = wordwrap($message, 70); + $headers = 'From: '. $adminemail; + $mail = mail( + $arValues['email'], + sprintf(T_('%s Account Information'), $sitename), + $message + ); + $tplVars['msg'] = sprintf( + T_('New password generated and sent to %s'), + $arValues['email'] + ); + $captcha->clearCaptchaSession(); + } +} else { + HTML_QuickForm2_Renderer::register( + 'coolarray', + 'SemanticScuttle_QuickForm2_Renderer_CoolArray' + ); + //$renderer = HTML_QuickForm2_Renderer::factory('coolarray') + $renderer = new SemanticScuttle_QuickForm2_Renderer_CoolArray(); + $renderer->setOption( + array( + 'group_hiddens' => true, + 'group_errors' => true + ) + ); + + $tplVars['form'] = $form->render($renderer); + //fscking form error is not in form|errors + $tplVars['error'] .= implode( + '<br/>', + array_unique( + array_merge( + $tplVars['form']['errors'], + array($form->getError()) + ) + ) + ); } -$templatename = 'password.tpl'; +$tplVars['loadjs'] = true; $tplVars['subtitle'] = T_('Forgotten Password'); -$tplVars['formaction'] = createURL('password'); -$templateservice->loadTemplate($templatename, $tplVars); +$templateservice->loadTemplate('password.tpl', $tplVars); ?> diff --git a/www/register.php b/www/register.php index c01939a..cd5d2a1 100644 --- a/www/register.php +++ b/www/register.php @@ -1,24 +1,20 @@ <?php -/*************************************************************************** -Copyright (C) 2004 - 2006 Marcus Campbell -http://sourceforge.net/projects/scuttle/ -http://scuttle.org/ - -This program is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program; if not, write to the Free Software -Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -***************************************************************************/ - +/** + * SemanticScuttle - your social bookmark manager. + * New user registration form. + * + * PHP version 5. + * + * @category Bookmarking + * @package SemanticScuttle + * @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net> + * @author Christian Weiske <cweiske@cweiske.de> + * @author Eric Dane <ericdane@users.sourceforge.net> + * @author Marcus Campbell <marcus.campbell@gmail.com> + * @copyright 2004-2006 Marcus Campbell + * @license GPL http://www.gnu.org/licenses/gpl.html + * @link http://sourceforge.net/projects/semanticscuttle + */ require_once 'www-header.php'; if (!$GLOBALS['enableRegistration']) { @@ -27,60 +23,135 @@ if (!$GLOBALS['enableRegistration']) { exit(1); } -/* Service creation: only useful services are created */ -// No specific services +require_once 'HTML/QuickForm2.php'; +require_once 'SemanticScuttle/QuickForm2/Renderer/CoolArray.php'; +require_once 'HTML/QuickForm2/Element/NumeralCaptcha.php'; -/* Managing all possible inputs */ -isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', ''); -isset($_POST['username']) ? define('POST_USERNAME', $_POST['username']): define('POST_USERNAME', ''); -isset($_POST['password']) ? define('POST_PASS', $_POST['password']): define('POST_PASS', ''); -isset($_POST['email']) ? define('POST_MAIL', $_POST['email']): define('POST_MAIL', ''); -isset($_POST['antispamAnswer']) ? define('POST_ANTISPAMANSWER', $_POST['antispamAnswer']): define('POST_ANTISPAMANSWER', ''); +//we register a strange name here so we can change the class +// itself easily +HTML_QuickForm2_Factory::registerElement( + 'sc-captcha', + 'HTML_QuickForm2_Element_NumeralCaptcha' +); +//do not append '-0' to IDs +HTML_Common2::setOption('id_force_append_index', false); -if (POST_SUBMITTED != '') { - $posteduser = trim(utf8_strtolower(POST_USERNAME)); +$form = new HTML_QuickForm2( + 'registration', 'post', + array('action' => createURL('register')), + true +); - // Check if form is incomplete - if (!($posteduser) || POST_PASS == '' || POST_MAIL == '') { - $tplVars['error'] = T_('You <em>must</em> enter a username, password and e-mail address.'); +$user = $form->addElement( + 'text', 'username', + array( + 'size' => 20, + 'onkeyup' => 'isAvailable(this, "")', + 'class' => 'required' + ) +)->setLabel(T_('Username')); +$user->addRule( + 'required', + T_('You <em>must</em> enter a username, password and e-mail address.') +); +$user->addRule( + 'callback', + T_('This username is not valid (too short, too long, forbidden characters...), please make another choice.'), + array($userservice, 'isValidUsername') +); +$user->addRule( + 'notcallback', + T_('This username has been reserved, please make another choice.'), + array($userservice, 'isReserved') +); +$user->addRule( + 'notcallback', + T_('This username already exists, please make another choice.'), + array($userservice, 'existsUserWithUsername') +); - // Check if username is reserved - } elseif ($userservice->isReserved($posteduser)) { - $tplVars['error'] = T_('This username has been reserved, please make another choice.'); +$form->addElement( + 'password', 'password', + array( + 'size' => 20, + 'class' => 'required' + ) +) +->setLabel(T_('Password')) +->addRule( + 'required', + T_('You <em>must</em> enter a username, password and e-mail address.') +); - // Check if username already exists - } elseif ($userservice->getUserByUsername($posteduser)) { - $tplVars['error'] = T_('This username already exists, please make another choice.'); - - // Check if username is valid (length, authorized characters) - } elseif (!$userservice->isValidUsername($posteduser)) { - $tplVars['error'] = T_('This username is not valid (too short, too long, forbidden characters...), please make another choice.'); - - // Check if e-mail address is valid - } elseif (!$userservice->isValidEmail(POST_MAIL)) { - $tplVars['error'] = T_('E-mail address is not valid. Please try again.'); +$email = $form->addElement( + 'text', 'email', + array( + 'size' => 40, + 'class' => 'required' + ) +)->setLabel(T_('E-mail')); +$email->addRule( + 'required', + T_('You <em>must</em> enter a username, password and e-mail address.') +); +$email->addRule( + 'callback', + T_('E-mail address is not valid. Please try again.'), + array($userservice, 'isValidEmail') +); - // Check if antispam answer is valid (doesn't take into account spaces and uppercase) - } elseif (strcasecmp(str_replace(' ', '', POST_ANTISPAMANSWER), str_replace(' ', '', $GLOBALS['antispamAnswer'])) != 0) { - $tplVars['error'] = T_('Antispam answer is not valid. Please try again.'); +$captcha = $form->addElement( + 'sc-captcha', 'captcha', + array( + 'size' => 40 + ), + array( + 'captchaSolutionWrong' + => T_('Antispam answer is not valid. Please try again.') + ) +) +->setLabel(T_('Antispam question')); - // Register details - } elseif ($userservice->addUser($posteduser, POST_PASS, POST_MAIL) !== false) { - // Log in with new username - $login = $userservice->login($posteduser, POST_PASS); - if ($login) { - header('Location: '. createURL('bookmarks', $posteduser)); - } - $tplVars['msg'] = T_('You have successfully registered. Enjoy!'); - } else { - $tplVars['error'] = T_('Registration failed. Please try again.'); +$form->addElement( + 'submit', 'submit', + array('value' => T_('Register')) +); + + +$tplVars['error'] = ''; +if ($form->validate()) { + $arValues = $form->getValue(); + + $bOk = $userservice->addUser( + $arValues['username'], $arValues['password'], $arValues['email'] + ); + if ($bOk) { + $captcha->clearCaptchaSession(); + header('Location: '. createURL('bookmarks', $arValues['username'])); + exit(); } + $tplVars['error'] .= T_('Registration failed. Please try again.'); } -$tplVars['antispamQuestion'] = $GLOBALS['antispamQuestion']; -$tplVars['loadjs'] = true; -$tplVars['subtitle'] = T_('Register'); -$tplVars['formaction'] = createURL('register'); +HTML_QuickForm2_Renderer::register( + 'coolarray', + 'SemanticScuttle_QuickForm2_Renderer_CoolArray' +); +//$renderer = HTML_QuickForm2_Renderer::factory('coolarray') +$renderer = new SemanticScuttle_QuickForm2_Renderer_CoolArray(); +$renderer->setOption( + array( + 'group_hiddens' => true, + 'group_errors' => true + ) +); + +$tplVars['form'] = $form->render($renderer); +$tplVars['loadjs'] = true; +$tplVars['subtitle'] = T_('Register'); +$tplVars['error'] .= implode( + '<br/>', array_unique($tplVars['form']['errors']) +); $templateservice->loadTemplate('register.tpl', $tplVars); ?> diff --git a/www/scuttle.css b/www/scuttle.css index 78f24e9..480b7f4 100644 --- a/www/scuttle.css +++ b/www/scuttle.css @@ -541,6 +541,9 @@ form th { form table { margin: 0 1em; } +form input.inacttext { + color: #888; +} h3 { background: #DDD; color: #555; |