/** * Returns the start of a module form\n * Parameters: * - 'action' - The action that this form should do when the form is submitted. Defaults to 'default'. * - 'method' - Method to put in the form tag. Defaults to 'post'. * - 'enctype' - Optional enctype for the form. Only real option is 'multipart/form-data'. Defaults to null. * - 'inline' - Boolean to tell whether or not we want the form's result to be "inline". Defaults to false. * - 'id_suffix' - Text to append to the end of the id and name of the form. Defaults to ''. * - 'extra' - Text to append to the <form>-statement, ex. for javascript-validation code. Defaults to ''. * - 'html_id' - Id to use for the html id="". Defaults to an autogenerated value. * - 'use_current_page_as_action' - A flag to determine if the action should just * redirect back to this exact page. Defaults to false. * - 'remote' - Boolean to add an onsubmit that will serialize the form contents and submit it via an * XMLHttpRequest instead of the traditional POST. Defaults to false. * - 'params' - An array of key/value pairs to add as extra hidden parameters. These will merge into any * additional parameters you pass along in to the $params hash that aren't parsed by the function. * * @param array An array of parameters to pass to the method. Unrecognized parameters will be added as hidden * variables to the form and merged correctly with anything in the 'params' key if passed. * @param boolean Test whether keys are all valid or not. Not helpful if you're * passing extra key/values along, but good for debugging. * @return string * @author Ted Kulp **/ public function create_form_start($params = array(), $check_keys = false) { $default_params = array('action' => coalesce_key($params, 'action', '', FILTER_SANITIZE_URL), 'controller' => coalesce_key($params, 'controller', '', FILTER_SANITIZE_URL), 'method' => coalesce_key($params, 'method', 'post', FILTER_SANITIZE_STRING), 'enctype' => coalesce_key($params, 'enctype', '', FILTER_SANITIZE_STRING), 'inline' => coalesce_key($params, 'inline', false, FILTER_VALIDATE_BOOLEAN), 'id_suffix' => coalesce_key($params, 'id_suffix', '', FILTER_SANITIZE_STRING), 'url' => coalesce_key($params, 'url', SilkRequest::get_requested_uri()), 'extra' => coalesce_key($params, 'extra', ''), 'remote' => coalesce_key($params, 'remote', false, FILTER_VALIDATE_BOOLEAN), 'params' => coalesce_key($params, 'params', array())); $default_params['html_id'] = coalesce_key($params, 'html_id', SilkResponse::make_dom_id('form_' . $default_params['action'] . $default_params['id_suffix']), FILTER_SANITIZE_STRING); $default_params['html_name'] = coalesce_key($params, 'html_name', $default_params['html_id'], FILTER_SANITIZE_STRING); if ($check_keys && !are_all_keys_valid($params, $default_params)) { throw new SilkInvalidKeyException(invalid_key($params, $default_params)); } //Strip out any straggling parameters to their own array //Merge in anything if it was passed in the params key to the method $extra_params = forms()->strip_extra_params($params, $default_params, 'params'); $form_params = array('id' => $params['html_id'], 'name' => $params['html_name'], 'method' => $params['method'], 'action' => $params['url']); if ($enctype != '') { $form_params['enctype'] = $params['enctype']; } $extra = ''; if ($params['extra']) { $extra = $params['extra']; unset($params['extra']); } if ($params['remote'] == true) { $form_params['onsubmit'] = "silk_ajax_call('" . $form_params['action'] . "', \$(this).serializeArray()); return false;"; } $text .= forms()->create_start_tag('form', $form_params, false, $extra); foreach ($extra_params as $key => $value) { $text .= forms()->create_start_tag('input', array('type' => 'hidden', 'name' => $key, 'value' => $value), true); } return $text; }
function login() { if ($_REQUEST['openid_mode']) { $consumer = $this->get_consumer(); $response = $consumer->complete(SilkRequest::get_requested_uri(true)); $msg = ''; if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $this->validation_errors[] = 'Verification cancelled.'; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $this->validation_errors[] = "OpenID authentication failed: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { $esc_identity = htmlentities($response->getDisplayIdentifier()); $user = orm('user')->find_by_openid($esc_identity); if ($user != null) { self::$current_user = $user; $_SESSION['silk_user'] = $user; return true; } else { $this->validation_errors[] = "No user associated to this login"; } } } } } else { if ($this->params != null && is_array($this->params)) { if ($this->params['username'] != '' && $this->params['password'] != '') { $user = orm('silk_user')->find_by_username($this->params['username']); if ($user != null) { //Add salt if ($user->password == $this->encode_password($this->params['password'])) { self::$current_user = $user; $_SESSION['silk_user'] = $user; return true; } } $this->validation_errors[] = 'Username or password incorrect.'; } else { if ($this->params['openid'] != '') { $consumer = $this->get_consumer(); $auth_request = $consumer->begin($this->params['openid']); if ($auth_request) { if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(SilkRequest::get_calculated_url_base(true), SilkRequest::get_requested_uri(true)); redirect($redirect_url); } } } } } } return false; }