X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fopenidlogin.php;h=1a4372d73e76722dfe5f60d30b220b6ba191b3f0;hb=1a63d7d8299259dc13c8b21700bf441123947d3a;hp=09679e372ebc0aa6f0e54e5f2361cbe0b673af4f;hpb=2d456a15e5652a0c0e2c0f9f50221eed2d16e109;p=quix0rs-gnu-social.git

diff --git a/actions/openidlogin.php b/actions/openidlogin.php
index 09679e372e..1a4372d73e 100644
--- a/actions/openidlogin.php
+++ b/actions/openidlogin.php
@@ -23,75 +23,109 @@ require_once(INSTALLDIR.'/lib/openid.php');
 
 class OpenidloginAction extends Action
 {
-
     function handle($args)
     {
         parent::handle($args);
-        if (common_logged_in()) {
-            common_user_error(_('Already logged in.'));
+        if (common_is_real_login()) {
+            $this->clientError(_('Already logged in.'));
         } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $openid_url = $this->trimmed('openid_url');
 
             # CSRF protection
             $token = $this->trimmed('token');
             if (!$token || $token != common_session_token()) {
-                $this->show_form(_('There was a problem with your session token. Try again, please.'), $openid_url);
+                $this->showForm(_('There was a problem with your session token. Try again, please.'), $openid_url);
                 return;
             }
 
             $rememberme = $this->boolean('rememberme');
-            
+
             common_ensure_session();
-            
+
             $_SESSION['openid_rememberme'] = $rememberme;
-            
+
             $result = oid_authenticate($openid_url,
                                        'finishopenidlogin');
-            
+
             if (is_string($result)) { # error message
                 unset($_SESSION['openid_rememberme']);
-                $this->show_form($result, $openid_url);
+                $this->showForm($result, $openid_url);
             }
         } else {
             $openid_url = oid_get_last();
-            $this->show_form(null, $openid_url);
+            $this->showForm(null, $openid_url);
         }
     }
 
-    function get_instructions()
+    function getInstructions()
     {
-        return _('Login with an [OpenID](%%doc.openid%%) account.');
+        if (common_logged_in() && !common_is_real_login() &&
+            common_get_returnto()) {
+            // rememberme logins have to reauthenticate before
+            // changing any profile settings (cookie-stealing protection)
+            return _('For security reasons, please re-login with your ' .
+                     '[OpenID](%%doc.openid%%) ' .
+                     'before changing your settings.');
+        } else {
+            return _('Login with an [OpenID](%%doc.openid%%) account.');
+        }
     }
 
-    function show_top($error=null)
+    function showPageNotice()
     {
-        if ($error) {
-            common_element('div', array('class' => 'error'), $error);
+        if ($this->error) {
+            $this->element('div', array('class' => 'error'), $this->error);
         } else {
-            $instr = $this->get_instructions();
+            $instr = $this->getInstructions();
             $output = common_markup_to_html($instr);
-            common_element_start('div', 'instructions');
-            common_raw($output);
-            common_element_end('div');
+            $this->elementStart('div', 'instructions');
+            $this->raw($output);
+            $this->elementEnd('div');
         }
     }
 
-    function show_form($error=null, $openid_url)
+    function title()
+    {
+        return _('OpenID Login');
+    }
+
+    function showForm($error=null, $openid_url)
     {
-        common_show_header(_('OpenID Login'), null, $error, array($this, 'show_top'));
+        $this->error = $error;
+        $this->openid_url = $openid_url;
+        $this->showPage();
+    }
+
+    function showContent() {
         $formaction = common_local_url('openidlogin');
-        common_element_start('form', array('method' => 'post',
-                                           'id' => 'openidlogin',
+        $this->elementStart('form', array('method' => 'post',
+                                           'id' => 'form_openid_login',
+                                           'class' => 'form_settings',
                                            'action' => $formaction));
-        common_hidden('token', common_session_token());
-        common_input('openid_url', _('OpenID URL'),
-                     $openid_url,
+        $this->elementStart('fieldset');
+        $this->element('legend', null, _('OpenID login'));
+        $this->hidden('token', common_session_token());
+
+        $this->elementStart('ul', 'form_data');
+        $this->elementStart('li');
+        $this->input('openid_url', _('OpenID URL'),
+                     $this->openid_url,
                      _('Your OpenID URL'));
-        common_checkbox('rememberme', _('Remember me'), false,
+        $this->elementEnd('li');
+        $this->elementStart('li', array('id' => 'settings_rememberme'));
+        $this->checkbox('rememberme', _('Remember me'), false,
                         _('Automatically login in the future; ' .
                            'not for shared computers!'));
-        common_submit('submit', _('Login'));
-        common_element_end('form');
-        common_show_footer();
+        $this->elementEnd('li');
+        $this->elementEnd('ul');
+        $this->submit('submit', _('Login'));
+        $this->elementEnd('fieldset');
+        $this->elementEnd('form');
+    }
+
+    function showLocalNav()
+    {
+        $nav = new LoginGroupNav($this);
+        $nav->show();
     }
 }