// Include the common auth system files (including the OAuth2 Server object).
require_once(__DIR__.'/authsystem.inc.php');
-// Start HTML document as a DOM object.
-extract(ExtendedDocument::initHTML5()); // sets $document, $html, $head, $title, $body
-$document->formatOutput = true; // we want a nice output
-
-$style = $head->appendElement('link');
-$style->setAttribute('rel', 'stylesheet');
-$style->setAttribute('href', 'authsystem.css');
-$head->appendJSFile('authsystem.js');
-$title->appendText('KaiRo.at Authentication Server');
-$h1 = $body->appendElement('h1', 'KaiRo.at Authentication Server');
-
-// Make the document not be scaled on mobile devices.
-$vpmeta = $head->appendElement('meta');
-$vpmeta->setAttribute('name', 'viewport');
-$vpmeta->setAttribute('content', 'width=device-width, height=device-height');
-
$errors = $utils->checkForSecureConnection();
$utils->sendSecurityHeaders();
-$para = $body->appendElement('p', _('This login system does not work without JavaScript. Please activate JavaScript for this site to log in.'));
-$para->setAttribute('id', 'jswarning');
-$para->setAttribute('class', 'warn');
+// Initialize the HTML document with our basic elements.
+extract($utils->initHTMLDocument('KaiRo.at Authentication Server')); // sets $document, $html, $head, $title, $body
if (!count($errors)) {
$session = $utils->initSession(); // Read session or create new session and set cookie.
$user = array('id' => 0, 'email' => '');
$pagetype = 'default';
if (is_null($session)) {
- $errors[] = _('The session system is not working.
Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ $errors[] = _('The session system is not working.
').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
}
elseif (array_key_exists('logout', $_GET)) {
$result = $db->prepare('UPDATE `auth_sessions` SET `logged_in` = FALSE WHERE `id` = :sessid;');
$session['logged_in'] = 0;
}
elseif (array_key_exists('email', $_POST)) {
- if (!preg_match('/^[^@]+@[^@]+\.[^@]+$/', $_POST['email'])) {
+ if (!preg_match('/^[^@]+@([^@]+\.[^@]+|localhost)$/', $_POST['email'])) {
$errors[] = _('The email address is invalid.');
}
elseif ($utils->verifyTimeCode(@$_POST['tcode'], $session)) {
$result = $db->prepare('INSERT INTO `auth_users` (`email`, `pwdhash`, `status`, `verify_hash`) VALUES (:email, :pwdhash, \'unverified\', :vcode);');
if (!$result->execute(array(':email' => $_POST['email'], ':pwdhash' => $newHash, ':vcode' => $vcode))) {
$utils->log('user_insert_failure', 'email: '.$_POST['email'].' - '.$result->errorInfo()[2]);
- $errors[] = _('Could not add user.
Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ $errors[] = _('Could not add user.
').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
}
$user = array('id' => $db->lastInsertId(),
'email' => $_POST['email'],
}
else {
$utils->log('verify_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
- $errors[] = _('The confirmation email could not be sent to you.
Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ $errors[] = _('The confirmation email could not be sent to you.
').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
}
}
else {
$result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = :vcode WHERE `id` = :userid;');
if (!$result->execute(array(':vcode' => $vcode, ':userid' => $user['id']))) {
$utils->log('vhash_set_failure', 'user: '.$user['id']);
- $errors[] = _('Could not initiate reset request.
Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ $errors[] = _('Could not initiate reset request.
').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
}
else {
$utils->log('pwd_reset_request', 'user: '.$user['id'].', email: '.$user['email']);
}
else {
$utils->log('pwd_reset_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
- $errors[] = _('The email with password reset instructions could not be sent to you.
Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ $errors[] = _('The email with password reset instructions could not be sent to you.
').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
}
}
}
}
elseif (array_key_exists('reset', $_GET)) {
if ($session['logged_in']) {
- $result = $db->prepare('SELECT `id`,`email` FROM `auth_users` WHERE `id` = :userid;');
+ $result = $db->prepare('SELECT `id`,`email`,`group_id` FROM `auth_users` WHERE `id` = :userid;');
$result->execute(array(':userid' => $session['user']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if (!$user['id']) {
}
}
elseif (array_key_exists('verification_code', $_GET)) {
- $result = $db->prepare('SELECT `id`,`email` FROM `auth_users` WHERE `email` = :email AND `status` = \'unverified\' AND `verify_hash` = :vcode;');
+ $result = $db->prepare('SELECT `id`,`email`,`group_id` FROM `auth_users` WHERE `email` = :email AND `status` = \'unverified\' AND `verify_hash` = :vcode;');
$result->execute(array(':email' => @$_GET['email'], ':vcode' => $_GET['verification_code']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if ($user['id']) {
$result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = \'\', `status` = \'ok\' WHERE `id` = :userid;');
if (!$result->execute(array(':userid' => $user['id']))) {
$utils->log('verification_save_failure', 'user: '.$user['id']);
- $errors[] = _('Could not save confirmation.
Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ $errors[] = _('Could not save confirmation.
').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
}
$pagetype = 'verification_done';
}
}
elseif (array_key_exists('reset_code', $_GET)) {
$reset_fail = true;
- $result = $db->prepare('SELECT `id`,`email`,`verify_hash` FROM `auth_users` WHERE `email` = :email');
+ $result = $db->prepare('SELECT `id`,`email`,`verify_hash`,`group_id` FROM `auth_users` WHERE `email` = :email');
$result->execute(array(':email' => @$_GET['email']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if ($user['id']) {
}
}
elseif (array_key_exists('clients', $_GET)) {
- $result = $db->prepare('SELECT `id`,`email` FROM `auth_users` WHERE `id` = :userid;');
+ $result = $db->prepare('SELECT `id`,`email`,`group_id` FROM `auth_users` WHERE `id` = :userid;');
$result->execute(array(':userid' => $session['user']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if ($session['logged_in'] && $user['id']) {
':scope' => $scope,
':userid' => $user['id']))) {
$utils->log('client_save_failure', 'client: '.$clientid);
- $errors[] = 'Unexpectedly failed to save new client information. Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.';
+ $errors[] = _('Unexpectedly failed to save new client information.').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
}
}
if (!count($errors)) {
$result = $db->prepare('UPDATE `auth_users` SET `pwdhash` = :pwdhash, `verify_hash` = \'\' WHERE `id` = :userid;');
if (!$result->execute(array(':pwdhash' => $newHash, ':userid' => $session['user']))) {
$utils->log('pwd_reset_failure', 'user: '.$session['user']);
- $errors[] = _('Password reset failed.
Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ $errors[] = _('Password reset failed.
').' '._('Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
}
else {
$pagetype = 'reset_done';
$list = $body->appendElement('ul');
$list->setAttribute('class', 'flat warn');
foreach ($errors as $msg) {
- $item = $list->appendElement('li', $msg);
+ $item = $list->appendElement('li');
+ $item->appendHTMLMarkup($msg);
}
$body->appendButton(_('Back'), 'history.back();');
}
projects / authserver.git / blobdiff