actions/login.php

   1 <?php
   2
   3 class LoginAction extends Action {
   4
   5         function handle($args) {
   6                 parent::handle($args);
   7                 if (common_logged_in()) {
   8                         common_user_error(_t('Already logged in.'));
   9                 } else if ($this->arg('METHOD') == 'POST') {
  10                         $this->check_login();
  11                 } else {
  12                         $this->show_form();
  13                 }
  14         }
  15
  16         function check_login() {
  17                 # XXX: form token in $_SESSION to prevent XSS
  18                 # XXX: login throttle
  19                 $nickname = $this->arg('nickname');
  20                 $password = $this->arg('password');
  21                 if (common_check_user($nickname, $password)) {
  22                         common_set_user($nickname);
  23                         common_redirect(common_local_url('all',
  24                                                                                          array('nickname' =>
  25                                                                                                    $nickname)));
  26                 } else {
  27                         $this->show_form(_t('Incorrect username or password.'));
  28                 }
  29         }
  30
  31         function show_form($error=NULL) {
  32
  33                 common_show_header(_t('Login'));
  34                 if (!is_null($error)) {
  35                         common_element('div', array('class' => 'error'), $msg);
  36                 }
  37                 common_start_element('form', array('method' => 'POST',
  38                                                                                    'id' => 'login',
  39                                                                                    'action' => common_local_url('login')));
  40                 common_element('label', array('for' => 'username'),
  41                                            _t('Name'));
  42                 common_element('input', array('name' => 'username',
  43                                                                           'type' => 'text',
  44                                                                           'id' => 'username'));
  45                 common_element('label', array('for' => 'password'),
  46                                            _t('Password'));
  47                 common_element('input', array('name' => 'password',
  48                                                                           'type' => 'password',
  49                                                                           'id' => 'password'));
  50                 common_element('input', array('name' => 'submit',
  51                                                                           'type' => 'submit',
  52                                                                           'id' => 'submit'),
  53                                            _t('Login'));
  54                 common_element('input', array('name' => 'cancel',
  55                                                                           'type' => 'button',
  56                                                                           'id' => 'cancel'),
  57                                            _t('Cancel'));
  58         }
  59 }