function handle($args)
{
parent::handle($args);
- if (common_logged_in()) {
+ if (common_is_real_login()) {
$this->clientError(_('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$openid_url = $this->trimmed('openid_url');
function getInstructions()
{
- return _('Login with an [OpenID](%%doc.openid%%) account.');
+ if (common_logged_in() && !common_is_real_login() &&
+ common_get_returnto()) {
+ // rememberme logins have to reauthenticate before
+ // changing any profile settings (cookie-stealing protection)
+ return _('For security reasons, please re-login with your ' .
+ '[OpenID](%%doc.openid%%) ' .
+ 'before changing your settings.');
+ } else {
+ return _('Login with an [OpenID](%%doc.openid%%) account.');
+ }
}
function showPageNotice()
function showContent() {
$formaction = common_local_url('openidlogin');
$this->elementStart('form', array('method' => 'post',
- 'id' => 'openidlogin',
+ 'id' => 'form_openid_login',
+ 'class' => 'form_settings',
'action' => $formaction));
+ $this->elementStart('fieldset');
+ $this->element('legend', null, _('OpenID login'));
$this->hidden('token', common_session_token());
+
+ $this->elementStart('ul', 'form_data');
+ $this->elementStart('li');
$this->input('openid_url', _('OpenID URL'),
$this->openid_url,
_('Your OpenID URL'));
+ $this->elementEnd('li');
+ $this->elementStart('li', array('id' => 'settings_rememberme'));
$this->checkbox('rememberme', _('Remember me'), false,
_('Automatically login in the future; ' .
'not for shared computers!'));
+ $this->elementEnd('li');
+ $this->elementEnd('ul');
$this->submit('submit', _('Login'));
+ $this->elementEnd('fieldset');
$this->elementEnd('form');
}