protected function request() { $userid = $this->userid(true); if (isset($_SESSION['expired'])) { echo '<p>Your password has expired.'; } $f = new Form(); $f->start(); $f->text('pw-old', 'Existing Password:'******'Existing Password', true, true); $f->text('pw-new1', 'New Password:'******'New Password', true, true); $f->password_strength('pw-new1', $userid); $f->text('pw-new2', 'Repeat:', 50, 'New Password', true, true); if (YUBIKEY) { $f->text('yubikey', 'YubiKey:', 50, '', true, true); } $f->button('action_set', 'Set'); $f->end(); }
function show_form($data = null) { if (empty($data['phone_method'])) { $data['phone_method'] = 'sms'; } $form = new Form(); $form->start($data); $form->errors($this->err_flds); if (!$this->is_logged_in()) { $form->text('userid', 'Desired User ID:', 15, 'UserID'); $form->text('pw1', 'Password:'******'Password', true, true); $form->password_strength('pw1', ''); $form->text('pw2', 'Repeat:', 50, 'Password', true, true); } $form->text('first', 'First Name:', 25, 'First Name'); $form->hspace(3); $form->text('last', 'Last Name:', 25, 'Last Name', false); $form->text('email', 'Email:', 75, '*****@*****.**'); $form->text('phone', 'Verification Phone:', 25, '303-555-1234'); $form->radio('phone_method', 'SMS (text)', 'sms'); $form->hspace(5); $form->radio('phone_method', 'Voice', 'voice', false); $form->button('action_register', $this->is_logged_in() ? 'Save' : 'Register'); // Next line for clickjacking example //$form->button('action_disable', 'Disable 2FA'); $form->end(); $userid = isset($data['userid']) ? $data['userid'] : ''; echo <<<EOT <script> \$('#pw1').bind('keydown', function() { PasswordDidChange('pw1', '{$userid}'); }); </script> EOT; }