X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Flogin.php;h=3a93c466facd4ffe6b5707d01033cd4c81f2b6fc;hb=1ef5cf964ef65b248dc150660124e95dcd933106;hp=a95dc9e3a3d4511e5f3e3ac81570a242c01e5c4b;hpb=c47de27c114c9998acc01fd2c6df185cd271ec2f;p=quix0rs-gnu-social.git

diff --git a/actions/login.php b/actions/login.php
index a95dc9e3a3..3a93c466fa 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -1,25 +1,76 @@
 <?php
+/*
+ * Laconica - a distributed open-source microblogging tool
+ * Copyright (C) 2008, Controlez-Vous, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
 
-function handle_login() {
-	if ($_REQUEST['METHOD'] == 'POST') {
-		if (login_check_user($_REQUEST['user'], $_REQUEST['password'])) {
-			
+if (!defined('LACONICA')) { exit(1); }
+
+class LoginAction extends Action {
+
+	function handle($args) {
+		parent::handle($args);
+		if (common_logged_in()) {
+			common_user_error(_t('Already logged in.'));
+		} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+			$this->check_login();
 		} else {
+			$this->show_form();
 		}
-	} else {
-		if (user_logged_in()) {
+	}
+
+	function check_login() {
+		# XXX: form token in $_SESSION to prevent XSS
+		# XXX: login throttle
+		$nickname = $this->arg('nickname');
+		$password = $this->arg('password');
+		if (common_check_user($nickname, $password)) {
+			# success!
+			if (!common_set_user($nickname)) {
+				common_server_error(_t('Error setting user.'));
+				return;
+			}
+			# success!
+			$url = common_get_returnto();
+			if ($url) {
+				# We don't have to return to it again
+				common_set_returnto(NULL);
+			} else {
+				$url = common_local_url('all',
+										array('nickname' =>
+											  $nickname));
+			}
+			common_redirect($url);
 		} else {
-			login_show_form();
+			$this->show_form(_t('Incorrect username or password.'));
 		}
 	}
+
+	function show_form($error=NULL) {
+		common_show_header(_t('Login'));
+		if ($error) {
+			common_element('div', array('class' => 'error'), $error);
+		}
+		common_element_start('form', array('method' => 'POST',
+										   'id' => 'login',
+										   'action' => common_local_url('login')));
+		common_input('nickname', _t('Nickname'));
+		common_password('password', _t('Password'));
+		common_submit('submit', _t('Login'));
+		common_element_end('form');
+		common_show_footer();
+	}
 }
-	
-function login_show_form() {
-	html_start();
-	html_head("Login");
-	html_body();
-}
-	
-function login_check_user($username, $password) {
-	
-}
\ No newline at end of file