X-Git-Url: https://git-public.kairo.at/?p=authserver.git;a=blobdiff_plain;f=app%2Findex.php;h=ba0d0247e7e42bc500b84eb6181b717661e0c8f7;hp=5f091a26ae14b152d49f79e44f3f0ca145b1ea83;hb=3875e0fb8b2b31d82809bd20880f1d206db4cb2c;hpb=04116cc5dabb951023fb511fda0dc36956d6a84a
diff --git a/app/index.php b/app/index.php
index 5f091a2..ba0d024 100644
--- a/app/index.php
+++ b/app/index.php
@@ -6,35 +6,18 @@
// Include the common auth system files (including the OAuth2 Server object).
require_once(__DIR__.'/authsystem.inc.php');
-// Start HTML document as a DOM object.
-extract(ExtendedDocument::initHTML5()); // sets $document, $html, $head, $title, $body
-$document->formatOutput = true; // we want a nice output
-
-$style = $head->appendElement('link');
-$style->setAttribute('rel', 'stylesheet');
-$style->setAttribute('href', 'authsystem.css');
-$head->appendJSFile('authsystem.js');
-$title->appendText('KaiRo.at Authentication Server');
-$h1 = $body->appendElement('h1', 'KaiRo.at Authentication Server');
-
-// Make the document not be scaled on mobile devices.
-$vpmeta = $head->appendElement('meta');
-$vpmeta->setAttribute('name', 'viewport');
-$vpmeta->setAttribute('content', 'width=device-width, height=device-height');
-
$errors = $utils->checkForSecureConnection();
$utils->sendSecurityHeaders();
-$para = $body->appendElement('p', _('This login system does not work without JavaScript. Please activate JavaScript for this site to log in.'));
-$para->setAttribute('id', 'jswarning');
-$para->setAttribute('class', 'warn');
+// Initialize the HTML document with our basic elements.
+extract($utils->initHTMLDocument('KaiRo.at Authentication Server')); // sets $document, $html, $head, $title, $body
if (!count($errors)) {
$session = $utils->initSession(); // Read session or create new session and set cookie.
$user = array('id' => 0, 'email' => '');
$pagetype = 'default';
if (is_null($session)) {
- $errors[] = _('The session system is not working. Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('The session system is not working.').' '._('Please contact KaiRo.at and tell the team about this.');
}
elseif (array_key_exists('logout', $_GET)) {
$result = $db->prepare('UPDATE `auth_sessions` SET `logged_in` = FALSE WHERE `id` = :sessid;');
@@ -45,7 +28,7 @@ if (!count($errors)) {
$session['logged_in'] = 0;
}
elseif (array_key_exists('email', $_POST)) {
- if (!preg_match('/^[^@]+@[^@]+\.[^@]+$/', $_POST['email'])) {
+ if (!preg_match('/^[^@]+@([^@]+\.[^@]+|localhost)$/', $_POST['email'])) {
$errors[] = _('The email address is invalid.');
}
elseif ($utils->verifyTimeCode(@$_POST['tcode'], $session)) {
@@ -104,7 +87,7 @@ if (!count($errors)) {
$result = $db->prepare('INSERT INTO `auth_users` (`email`, `pwdhash`, `status`, `verify_hash`) VALUES (:email, :pwdhash, \'unverified\', :vcode);');
if (!$result->execute(array(':email' => $_POST['email'], ':pwdhash' => $newHash, ':vcode' => $vcode))) {
$utils->log('user_insert_failure', 'email: '.$_POST['email'].' - '.$result->errorInfo()[2]);
- $errors[] = _('Could not add user. Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('Could not add user.').' '._('Please contact KaiRo.at and tell the team about this.');
}
$user = array('id' => $db->lastInsertId(),
'email' => $_POST['email'],
@@ -138,7 +121,7 @@ if (!count($errors)) {
}
else {
$utils->log('verify_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
- $errors[] = _('The confirmation email could not be sent to you. Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('The confirmation email could not be sent to you.').' '._('Please contact KaiRo.at and tell the team about this.');
}
}
else {
@@ -147,7 +130,7 @@ if (!count($errors)) {
$result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = :vcode WHERE `id` = :userid;');
if (!$result->execute(array(':vcode' => $vcode, ':userid' => $user['id']))) {
$utils->log('vhash_set_failure', 'user: '.$user['id']);
- $errors[] = _('Could not initiate reset request. Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('Could not initiate reset request.').' '._('Please contact KaiRo.at and tell the team about this.');
}
else {
$utils->log('pwd_reset_request', 'user: '.$user['id'].', email: '.$user['email']);
@@ -174,7 +157,7 @@ if (!count($errors)) {
}
else {
$utils->log('pwd_reset_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
- $errors[] = _('The email with password reset instructions could not be sent to you. Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('The email with password reset instructions could not be sent to you.').' '._('Please contact KaiRo.at and tell the team about this.');
}
}
}
@@ -212,7 +195,7 @@ if (!count($errors)) {
}
elseif (array_key_exists('reset', $_GET)) {
if ($session['logged_in']) {
- $result = $db->prepare('SELECT `id`,`email` FROM `auth_users` WHERE `id` = :userid;');
+ $result = $db->prepare('SELECT `id`,`email`,`group_id` FROM `auth_users` WHERE `id` = :userid;');
$result->execute(array(':userid' => $session['user']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if (!$user['id']) {
@@ -226,14 +209,14 @@ if (!count($errors)) {
}
}
elseif (array_key_exists('verification_code', $_GET)) {
- $result = $db->prepare('SELECT `id`,`email` FROM `auth_users` WHERE `email` = :email AND `status` = \'unverified\' AND `verify_hash` = :vcode;');
+ $result = $db->prepare('SELECT `id`,`email`,`group_id` FROM `auth_users` WHERE `email` = :email AND `status` = \'unverified\' AND `verify_hash` = :vcode;');
$result->execute(array(':email' => @$_GET['email'], ':vcode' => $_GET['verification_code']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if ($user['id']) {
$result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = \'\', `status` = \'ok\' WHERE `id` = :userid;');
if (!$result->execute(array(':userid' => $user['id']))) {
$utils->log('verification_save_failure', 'user: '.$user['id']);
- $errors[] = _('Could not save confirmation. Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('Could not save confirmation.').' '._('Please contact KaiRo.at and tell the team about this.');
}
$pagetype = 'verification_done';
}
@@ -243,7 +226,7 @@ if (!count($errors)) {
}
elseif (array_key_exists('reset_code', $_GET)) {
$reset_fail = true;
- $result = $db->prepare('SELECT `id`,`email`,`verify_hash` FROM `auth_users` WHERE `email` = :email');
+ $result = $db->prepare('SELECT `id`,`email`,`verify_hash`,`group_id` FROM `auth_users` WHERE `email` = :email');
$result->execute(array(':email' => @$_GET['email']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if ($user['id']) {
@@ -278,7 +261,7 @@ if (!count($errors)) {
}
}
elseif (array_key_exists('clients', $_GET)) {
- $result = $db->prepare('SELECT `id`,`email` FROM `auth_users` WHERE `id` = :userid;');
+ $result = $db->prepare('SELECT `id`,`email`,`group_id` FROM `auth_users` WHERE `id` = :userid;');
$result->execute(array(':userid' => $session['user']));
$user = $result->fetch(PDO::FETCH_ASSOC);
if ($session['logged_in'] && $user['id']) {
@@ -294,7 +277,7 @@ if (!count($errors)) {
':scope' => $scope,
':userid' => $user['id']))) {
$utils->log('client_save_failure', 'client: '.$clientid);
- $errors[] = 'Unexpectedly failed to save new client information. Please contact KaiRo.at and tell the team about this.';
+ $errors[] = _('Unexpectedly failed to save new client information.').' '._('Please contact KaiRo.at and tell the team about this.');
}
}
if (!count($errors)) {
@@ -337,7 +320,7 @@ if (!count($errors)) {
$result = $db->prepare('UPDATE `auth_users` SET `pwdhash` = :pwdhash, `verify_hash` = \'\' WHERE `id` = :userid;');
if (!$result->execute(array(':pwdhash' => $newHash, ':userid' => $session['user']))) {
$utils->log('pwd_reset_failure', 'user: '.$session['user']);
- $errors[] = _('Password reset failed. Please contact KaiRo.at and tell the team about this.');
+ $errors[] = _('Password reset failed.').' '._('Please contact KaiRo.at and tell the team about this.');
}
else {
$pagetype = 'reset_done';
@@ -479,7 +462,7 @@ if (!count($errors)) {
$link = $litem->appendLink('./?logout', _('Log out'));
$litem = $ulist->appendElement('li');
$link = $litem->appendLink('./?addemail', _('Add another email address'));
- if (in_array($user['email'], $utils->client_reg_email_whitelist)) {
+ if (($utils->client_reg_email_whitelist === false) || (in_array($user['email'], $utils->client_reg_email_whitelist))) {
$litem = $ulist->appendElement('li');
$link = $litem->appendLink('./?clients', _('Manage OAuth2 clients'));
}
@@ -512,7 +495,8 @@ if (count($errors)) {
$list = $body->appendElement('ul');
$list->setAttribute('class', 'flat warn');
foreach ($errors as $msg) {
- $item = $list->appendElement('li', $msg);
+ $item = $list->appendElement('li');
+ $item->appendHTMLMarkup($msg);
}
$body->appendButton(_('Back'), 'history.back();');
}