Exemplo n.º 1
0
function helper_ensure_confirmed($p_message, $p_button_label)
{
    if (true == gpc_get_bool('_confirmed')) {
        return true;
    }
    html_page_top1();
    html_page_top2();
    # @@@ we need to improve this formatting.  I'd like the text to only
    #  be about 50% the width of the screen so that it doesn't become to hard
    #  to read.
    print "<br />\n<div align=\"center\">\n";
    print_hr();
    print "\n{$p_message}\n";
    print '<form method="post" action="' . $_SERVER['PHP_SELF'] . "\">\n";
    print_hidden_inputs(gpc_strip_slashes($_POST));
    print_hidden_inputs(gpc_strip_slashes($_GET));
    print "<input type=\"hidden\" name=\"_confirmed\" value=\"1\" />\n";
    print '<br /><br /><input type="submit" class="button" value="' . $p_button_label . '" />';
    print "\n</form>\n";
    print_hr();
    print "</div>\n";
    html_page_bottom1();
    exit;
}
Exemplo n.º 2
0
/**
 * Check whether the user has confirmed this action.
 *
 * If the user has not confirmed the action, generate a page which asks
 * the user to confirm and then submits a form back to the current page
 * with all the GET and POST data and an additional field called _confirmed
 * to indicate that confirmation has been done.
 * @param string $p_message
 * @param string $p_button_label
 * @return bool
 * @todo improve this formatting - to only be about 50% of the screen width so that it doesn't become hard to read.
 */
function helper_ensure_confirmed($p_message, $p_button_label)
{
    if (true == gpc_get_bool('_confirmed')) {
        return true;
    }
    html_page_top();
    echo "<br />\n<div class=\"center\">\n<hr />";
    echo "\n{$p_message}\n";
    echo '<form method="post" action="">' . "\n";
    # CSRF protection not required here - user needs to confirm action
    # before the form is accepted.
    print_hidden_inputs(gpc_strip_slashes($_POST));
    print_hidden_inputs(gpc_strip_slashes($_GET));
    echo "<input type=\"hidden\" name=\"_confirmed\" value=\"1\" />\n";
    echo '<br /><br /><input type="submit" class="button" value="' . $p_button_label . '" />';
    echo "\n</form>\n";
    echo "<hr /></div>\n";
    html_page_bottom();
    exit;
}
Exemplo n.º 3
0
/**
 * Generate the intermediate authentication page.
 * @param integer $p_user_id  User ID.
 * @param string  $p_username Username.
 * @return boolean
 * @access public
 */
function auth_reauthenticate_page($p_user_id, $p_username)
{
    $t_error = false;
    if (true == gpc_get_bool('_authenticate')) {
        $f_password = gpc_get_string('password', '');
        if (auth_attempt_login($p_username, $f_password)) {
            auth_set_tokens($p_user_id);
            return true;
        } else {
            $t_error = true;
        }
    }
    html_page_top();
    ?>
<div class="important-msg">
<?php 
    echo lang_get('reauthenticate_message');
    if ($t_error != false) {
        echo '<br /><span class="error-msg">', lang_get('login_error'), '</span>';
    }
    ?>
</div>
<div id="reauth-div" class="form-container">
	<form id="reauth-form" method="post" action="">
		<fieldset>
			<legend><span><?php 
    echo lang_get('reauthenticate_title');
    ?>
</span></legend>

		<?php 
    # CSRF protection not required here - user needs to enter password
    # (confirmation step) before the form is accepted.
    print_hidden_inputs($_POST);
    print_hidden_inputs($_GET);
    ?>

			<input type="hidden" name="_authenticate" value="1" />
			<div class="field-container">
				<label for="username"><span><?php 
    echo lang_get('username');
    ?>
</span></label>
				<span class="input"><input id="username" type="text" disabled="disabled" size="32" maxlength="<?php 
    echo DB_FIELD_SIZE_USERNAME;
    ?>
" value="<?php 
    echo string_attribute($p_username);
    ?>
" /></span>
				<span class="label-style"></span>
			</div>
			<div class="field-container">
				<label for="password"><span><?php 
    echo lang_get('password');
    ?>
</span></label>
				<span class="input"><input id="password" type="password" name="password" size="32" maxlength="<?php 
    echo auth_get_password_max_size();
    ?>
" class="autofocus" /></span>
				<span class="label-style"></span>
			</div>
			<span class="submit-button"><input type="submit" class="button" value="<?php 
    echo lang_get('login_button');
    ?>
" /></span>
		</fieldset>
	</form>
</div>

<?php 
    html_page_bottom();
    exit;
}
Exemplo n.º 4
0
/**
 * Generate the intermediate authentication page.
 * @param integer User ID
 * @param string Username
 * @return bool
 * @access public
 */
function auth_reauthenticate_page($p_user_id, $p_username)
{
    $t_error = false;
    if (true == gpc_get_bool('_authenticate')) {
        $f_password = gpc_get_string('password', '');
        if (auth_attempt_login($p_username, $f_password)) {
            auth_set_tokens($p_user_id);
            return true;
        } else {
            $t_error = true;
        }
    }
    html_page_top();
    ?>
<div align="center">
<p>
<?php 
    echo lang_get('reauthenticate_message');
    if ($t_error != false) {
        echo '<br/><font color="red">', lang_get('login_error'), '</font>';
    }
    ?>
</p>
<form name="reauth_form" method="post" action="<?php 
    echo form_action_self();
    ?>
">
<?php 
    # CSRF protection not required here - user needs to enter password
    # (confirmation step) before the form is accepted.
    print_hidden_inputs(gpc_strip_slashes($_POST));
    print_hidden_inputs(gpc_strip_slashes($_GET));
    ?>

<input type="hidden" name="_authenticate" value="1" />

<table class="width50 center">
<tr>
	<td class="form-title" colspan="2"><?php 
    echo lang_get('reauthenticate_title');
    ?>
</td>
</tr>

<tr class="row-1">
	<th class="category"><?php 
    echo lang_get('username');
    ?>
</th>
	<td><input type="text" disabled="disabled" size="32" maxlength="<?php 
    echo USERLEN;
    ?>
" value="<?php 
    echo string_attribute($p_username);
    ?>
" /></td>
</tr>

<tr class="row-2">
	<th class="category"><?php 
    echo lang_get('password');
    ?>
</th>
	<td><input type="password" name="password" size="16" maxlength="<?php 
    echo PASSLEN;
    ?>
" class="autofocus" /></td>
</tr>

<tr>
	<td class="center" colspan="2"><input type="submit" class="button" value="<?php 
    echo lang_get('login_button');
    ?>
" /></td>
</tr>
</table>

</form>
</div>

<?php 
    html_page_bottom();
    exit;
}
Exemplo n.º 5
0
/**
 * Generate the intermediate authentication page.
 * @param integer User ID
 * @param string Username
 */
function auth_reauthenticate_page($p_user_id, $p_username)
{
    $t_error = false;
    if (true == gpc_get_bool('_authenticate')) {
        $f_password = gpc_get_string('password', '');
        if (auth_attempt_login($p_username, $f_password)) {
            auth_set_tokens($p_user_id);
            return true;
        } else {
            $t_error = true;
        }
    }
    html_page_top1();
    html_page_top2();
    ?>
<div align="center">
<p>
<?php 
    echo lang_get('reauthenticate_message');
    if ($t_error != false) {
        echo '<br/><font color="red">', lang_get('login_error'), '</font>';
    }
    ?>
</p>
<form method="post" action="<?php 
    echo $_SERVER['PHP_SELF'];
    ?>
">

<?php 
    print_hidden_inputs(gpc_strip_slashes($_POST));
    print_hidden_inputs(gpc_strip_slashes($_GET));
    ?>

<input type="hidden" name="_authenticate" value="1" />

<table class="width50 center">
<tr>
	<td class="form-title"><?php 
    echo lang_get('reauthenticate_title');
    ?>
</td>
</tr>

<tr class="row-1">
	<td class="category"><?php 
    echo lang_get('username');
    ?>
</td>
	<td><input type="text" disabled="disabled" size="32" maxlength="32" value="<?php 
    echo $p_username;
    ?>
" /></td>
</tr>

<tr class="row-2">
	<td class="category"><?php 
    echo lang_get('password');
    ?>
</td>
	<td><input type="password" name="password" size="16" maxlength="32" /></td>
</tr>

<tr>
	<td class="center" colspan="2"><input type="submit" class="button" value="<?php 
    echo lang_get('login_button');
    ?>
" /></td>
</tr>
</table>

</form>
</div>

		<?php 
    html_page_bottom1();
    exit;
}