public function login($welcome = null)
{
if ($user = panel()->site()->user()) {
go(panel()->urls()->index());
}
$message = l('login.error');
$error = false;
$form = panel()->form('login');
$form->cancel = false;
$form->save = l('login.button');
$form->centered = true;
if (r::is('post') and get('_csfr') and csfr(get('_csfr'))) {
$data = $form->serialize();
$user = site()->user(str::lower($data['username']));
if (!$user) {
$error = true;
} else {
if (!$user->hasPanelAccess()) {
$error = true;
} else {
if (!$user->login(get('password'))) {
$error = true;
} else {
go(panel()->urls()->index());
}
}
}
}
if ($username = s::get('username')) {
$form->fields->username->value = html($username, false);
}
return layout('login', array('meta' => new Snippet('meta'), 'welcome' => $welcome ? l('login.welcome') : '', 'form' => $form, 'error' => $error ? $message : false));
}
public function __toString()
{
// auto-trigger the submit event when the form is being echoed
if (get('_csfr') and csfr(get('_csfr'))) {
$this->trigger('submit');
}
$this->append($this->alert());
$fieldset = new Brick('fieldset');
$fieldset->addClass('fieldset field-grid cf');
foreach ($this->fields() as $field) {
$fieldset->append($field);
}
$this->append($fieldset);
$this->append($this->buttons());
$this->append(static::field('hidden', array('name' => '_csfr', 'value' => csfr())));
return parent::__toString();
}
</div>
<div class="field field-grid-item field-with-icon">
<label class="label" for="form-field-username">Username<abbr title="Required">*</abbr></label>
<div class="field-content">
<input type="text" name="username" id="username" class="input" required autocomplete="on" autofocus>
<div class="field-icon"><i class="icon fa fa-user"></i></div>
</div>
</div>
<div class="field field-grid-item field-with-icon">
<label class="label" for="form-field-password">Password<abbr title="Required">*</abbr></label>
<div class="field-content">
<input type="password" name="password" id="password" class="input" required autocomplete="on" >
<div class="field-icon"><i class="icon fa fa-key"></i></div>
</div>
</div>
</fieldset>
<div class="buttons cf">
<input class="btn btn-rounded btn-submit" value="Continue" type="submit">
</div>
<input type="hidden" name="token" value="<?php
echo csfr();
?>
">
</form>
/**
* Render the comment form. Performs field validation and adds alert messages
* when errors occur.
*
* @return string
*/
public function __toString()
{
$config = plugin('comments')->config();
// Validate all field values, if the form has been submitted. Protect the
// form against malicious Cross-Site Forgery requests. Expects a random
// token to match the value of a variable in the user’s current session.
if (get('token') && csfr(get('token'))) {
$this->trigger('submit');
}
// Render message list
if ($list = $this->messages()) {
$this->append($list);
}
// Honeypot protection via a textfield (which should be hidden using css)
if ('css' === $config->get('honeypot')) {
$label = l('comments.field.honeypot', 'Leave this field empty');
$label = $config->get('honeypot.label', $label);
$name = $config->get('honeypot.name', 'url');
$class = $config->get('honeypot.css', 'input input--type-text input--name-url');
$this->field($name, array('type' => 'text', 'label' => $label, 'size' => 30, 'class' => $class, 'autocomplete' => 'off'));
}
// Require a minimum amount of time to be elapsed between the rendering of
// the form and its submission
if ($config->get('requiredReadingTime') > 0) {
$this->append(array('type' => 'hidden', 'name' => 'tictoc', 'value' => time()));
}
// Render all form fields
foreach ($this->fields as $field => $definition) {
$this->build($definition);
}
// Form actions
$group = new Brick('div', array('class' => 'form-actions'));
$button = new Brick('input', array('type' => 'submit', 'name' => 'submit', 'class' => 'btn btn--primary js-submit', 'value' => l('comments.button.send', 'Send Comment')));
// Cross-Site Request Forgery protection
$csfr = new Brick('input', array('type' => 'hidden', 'name' => 'token', 'value' => csfr()));
// Add elements to the form
$this->append($button, $group);
$this->append($csfr);
// Disable client side validation while debugging
if (c::get('debug')) {
$this->attr('novalidate', 'novalidate');
}
// Convert to html string
$this->attr['class'] = implode(' ', $this->classNames());
return html::tag('form', $this->html(), $this->attr());
}
/**
* Run the wizard dialog.
*
* @param integer $index
* @return string
*/
public function launch($index = 0)
{
// Retrieve active view
if (!($view = $this->nth($index))) {
return false;
}
// Trigger submit event
if (get('token') && csfr(get('token'))) {
$form = r::data();
$validator = new Validator($form, $view->rules());
$valid = $validator->passes();
// Goto next wizard step or display validation errors
if ($valid && $view->trigger('submit', compact('form'))) {
$next = $view->index() + 1;
redirect::to($this->url($next));
} else {
if (!$valid) {
$view->errors($validator->errors());
}
}
}
// Generate view and return the contents
return $this->with(array('url' => $this->url(), 'content' => $view->content()));
}
