Last active
December 21, 2015 18:59
-
-
Save charlycoste/6351155 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
%form{ :method=>'post', :action=>$action } | |
%h1.maincontentheader = $title | |
- foreach ($warnings as $warning) | |
.warning[$warning] | |
%h2 = $warning->message | |
%ul | |
%li = $warning->hint | |
- foreach ($fields as $field) | |
%label.block[$field] | |
%span = $field->label | |
%input.halfbox{ :type=>$field->type, :size=>$field->size, :name=>$field->name, :id=>$field->id, :value=>$field->value } | |
- if ($RememberMeTimeout) | |
%label | |
%input.checkbox{ :name=>'Cookie', :id=>'id3' }/ | |
%span | |
.buttonblock | |
%input{:class=>'defaultbutton', :type=>'submit', :name=>'LoginButton', :value=$login }/ | |
%input{:class=>'button', :type=>'submit', :name=>'RegisterButton', :value=$Sign_up }/ | |
-if ($CustomLoginPage) | |
%p | |
%a{ :href=>$forgotpassword_url } = $forgot_your_password | |
%input{ :type=>'hidden', :name=>'RedirectURI', :value=>$User:redirect_uri }/ | |
- if ($User:post_data) | |
%input{ :name=>"Last_".$key, :value=>$item, :type=>'hidden' }/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<form method="post" action={{action}}> | |
<h1 class="maincontentheader">{{title}}</h1> | |
{{#warning}} | |
<div class="warning"> | |
<h2>{{message}}</h2> | |
<ul> | |
<li>{{hint}}</li> | |
</ul> | |
</div> | |
{{/warning}} | |
{{#fields}} | |
<label class="block"> | |
<span>{{label}}</span> | |
<input class="halfbox" type="{{type}}" {{#size}}size="{{size}}"{{/size}} name="{{name}}" id="{{id}}" value="{{value}}" /> | |
</label> | |
{{/fields}} | |
{{#RememberMeTimeout}} | |
<label> | |
<input type="checkbox" tabindex="1" name="Cookie" id="id3" /> | |
<span>{{Remember_me}}</span> | |
</label> | |
{{/RememberMeTimeout}} | |
<div class="buttonblock"> | |
<input class="defaultbutton" type="submit" name="LoginButton" value="{{Login}}" tabindex="1" /> | |
<input class="button" type="submit" name="RegisterButton" value="{{Sign_Up}} tabindex="1" /> | |
</div> | |
{{#CustomLoginPage}} | |
<p><a href={'/user/forgotpassword'|ezurl}>{{Forgot_your_password}}</a></p> | |
{{/CustomLoginPage}} | |
<input type="hidden" name="RedirectURI" value="{{$User:redirect_uri}}" /> | |
{{#$User:post_data}} | |
<input name="Last_{{key}}" value="{{$item}}" type="hidden" /> | |
{{/$User:post_data}} | |
</form> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* @copyright Copyright (C) 1999-2013 eZ Systems AS. All rights reserved. | |
* @license http://www.gnu.org/licenses/gpl-2.0.txt GNU General Public License v2 | |
* @version //autogentag// | |
* @package kernel | |
*/ | |
//$Module->setExitStatus( EZ_MODULE_STATUS_SHOW_LOGIN_PAGE ); | |
$Module = $Params['Module']; | |
$ini = eZINI::instance(); | |
$http = eZHTTPTool::instance(); | |
$userLogin = ''; | |
$userPassword = ''; | |
$userRedirectURI = ''; | |
$loginWarning = false; | |
$siteAccessAllowed = true; | |
$siteAccessName = false; | |
if ( isset( $Params['SiteAccessAllowed'] ) ) | |
$siteAccessAllowed = $Params['SiteAccessAllowed']; | |
if ( isset( $Params['SiteAccessName'] ) ) | |
$siteAccessName = $Params['SiteAccessName']; | |
$postData = ''; // Will contain post data from previous page. | |
if ( $http->hasSessionVariable( '$_POST_BeforeLogin', false ) ) | |
{ | |
$postData = $http->sessionVariable( '$_POST_BeforeLogin' ); | |
$http->removeSessionVariable( '$_POST_BeforeLogin' ); | |
} | |
if ( $Module->isCurrentAction( 'Login' ) and | |
$Module->hasActionParameter( 'UserLogin' ) and | |
$Module->hasActionParameter( 'UserPassword' ) and | |
!$http->hasPostVariable( "RegisterButton" ) | |
) | |
{ | |
$userLogin = $Module->actionParameter( 'UserLogin' ); | |
$userPassword = $Module->actionParameter( 'UserPassword' ); | |
$userRedirectURI = $Module->actionParameter( 'UserRedirectURI' ); | |
if ( trim( $userRedirectURI ) == "" ) | |
{ | |
// Only use redirection if RequireUserLogin is disabled | |
$requireUserLogin = ( $ini->variable( "SiteAccessSettings", "RequireUserLogin" ) == "true" ); | |
if ( !$requireUserLogin ) | |
{ | |
$userRedirectURI = trim( $http->postVariable( 'RedirectURI', '' ) ); | |
if ( empty( $userRedirectURI ) ) | |
{ | |
$userRedirectURI = $http->sessionVariable( 'LastAccessesURI', '/' ); | |
} | |
} | |
if ( $http->hasSessionVariable( "RedirectAfterLogin", false ) ) | |
{ | |
$userRedirectURI = $http->sessionVariable( "RedirectAfterLogin" ); | |
} | |
} | |
// Save array of previous post variables in session variable | |
$post = $http->attribute( 'post' ); | |
$lastPostVars = array(); | |
foreach ( array_keys( $post ) as $postKey ) | |
{ | |
if ( substr( $postKey, 0, 5 ) == 'Last_' ) | |
$lastPostVars[ substr( $postKey, 5, strlen( $postKey ) )] = $post[ $postKey ]; | |
} | |
if ( count( $lastPostVars ) > 0 ) | |
{ | |
$postData = $lastPostVars; | |
$http->setSessionVariable( 'LastPostVars', $lastPostVars ); | |
} | |
$user = false; | |
if ( $userLogin != '' ) | |
{ | |
if ( $http->hasSessionVariable( "RedirectAfterLogin", false ) ) | |
{ | |
$http->removeSessionVariable( 'RedirectAfterLogin' ); | |
} | |
if ( $ini->hasVariable( 'UserSettings', 'LoginHandler' ) ) | |
{ | |
$loginHandlers = $ini->variable( 'UserSettings', 'LoginHandler' ); | |
} | |
else | |
{ | |
$loginHandlers = array( 'standard' ); | |
} | |
$hasAccessToSite = true; | |
if ( $http->hasPostVariable( 'Cookie' ) | |
&& $ini->hasVariable( 'Session', 'RememberMeTimeout' ) | |
&& ( $rememberMeTimeout = $ini->variable( 'Session', 'RememberMeTimeout' ) ) | |
) | |
{ | |
eZSession::setCookieLifetime( $rememberMeTimeout ); | |
} | |
foreach ( array_keys ( $loginHandlers ) as $key ) | |
{ | |
$loginHandler = $loginHandlers[$key]; | |
$userClass = eZUserLoginHandler::instance( $loginHandler ); | |
if ( !is_object( $userClass ) ) | |
{ | |
continue; | |
} | |
$user = $userClass->loginUser( $userLogin, $userPassword ); | |
if ( $user instanceof eZUser ) | |
{ | |
$hasAccessToSite = $user->canLoginToSiteAccess( $GLOBALS['eZCurrentAccess'] ); | |
if ( !$hasAccessToSite ) | |
{ | |
$user->logoutCurrent(); | |
$user = null; | |
$siteAccessName = $GLOBALS['eZCurrentAccess']['name']; | |
$siteAccessAllowed = false; | |
} | |
break; | |
} | |
} | |
if ( !( $user instanceof eZUser ) and $hasAccessToSite ) | |
$loginWarning = true; | |
} | |
else | |
{ | |
$loginWarning = true; | |
} | |
$redirectionURI = $userRedirectURI; | |
// Determine if we already know redirection URI. | |
$haveRedirectionURI = ( $redirectionURI != '' && $redirectionURI != '/' ); | |
if ( !$haveRedirectionURI ) | |
$redirectionURI = $ini->variable( 'SiteSettings', 'DefaultPage' ); | |
/* If the user has successfully passed authorization | |
* and we don't know redirection URI yet. | |
*/ | |
if ( is_object( $user ) && !$haveRedirectionURI ) | |
{ | |
/* | |
* Choose where to redirect the user to after successful login. | |
* The checks are done in the following order: | |
* 1. Per-user. | |
* 2. Per-group. | |
* If the user object is published under several groups, main node is chosen | |
* (it its URI non-empty; otherwise first non-empty URI is chosen from the group list -- if any). | |
* | |
* See doc/features/3.8/advanced_redirection_after_user_login.txt for more information. | |
*/ | |
// First, let's determine which attributes we should search redirection URI in. | |
$userUriAttrName = ''; | |
$groupUriAttrName = ''; | |
if ( $ini->hasVariable( 'UserSettings', 'LoginRedirectionUriAttribute' ) ) | |
{ | |
$uriAttrNames = $ini->variable( 'UserSettings', 'LoginRedirectionUriAttribute' ); | |
if ( is_array( $uriAttrNames ) ) | |
{ | |
if ( isset( $uriAttrNames['user'] ) ) | |
$userUriAttrName = $uriAttrNames['user']; | |
if ( isset( $uriAttrNames['group'] ) ) | |
$groupUriAttrName = $uriAttrNames['group']; | |
} | |
} | |
$userObject = $user->attribute( 'contentobject' ); | |
// 1. Check if redirection URI is specified for the user | |
$userUriSpecified = false; | |
if ( $userUriAttrName ) | |
{ | |
$userDataMap = $userObject->attribute( 'data_map' ); | |
if ( !isset( $userDataMap[$userUriAttrName] ) ) | |
{ | |
eZDebug::writeWarning( "Cannot find redirection URI: there is no attribute '$userUriAttrName' in object '" . | |
$userObject->attribute( 'name' ) . | |
"' of class '" . | |
$userObject->attribute( 'class_name' ) . "'." ); | |
} | |
elseif ( ( $uriAttribute = $userDataMap[$userUriAttrName] ) && | |
( $uri = $uriAttribute->attribute( 'content' ) ) ) | |
{ | |
$redirectionURI = $uri; | |
$userUriSpecified = true; | |
} | |
} | |
// 2.Check if redirection URI is specified for at least one of the user's groups (preferring main parent group). | |
if ( !$userUriSpecified && $groupUriAttrName && $user->hasAttribute( 'groups' ) ) | |
{ | |
$groups = $user->attribute( 'groups' ); | |
if ( isset( $groups ) && is_array( $groups ) ) | |
{ | |
$chosenGroupURI = ''; | |
foreach ( $groups as $groupID ) | |
{ | |
$group = eZContentObject::fetch( $groupID ); | |
$groupDataMap = $group->attribute( 'data_map' ); | |
$isMainParent = ( $group->attribute( 'main_node_id' ) == $userObject->attribute( 'main_parent_node_id' ) ); | |
if ( !isset( $groupDataMap[$groupUriAttrName] ) ) | |
{ | |
eZDebug::writeWarning( "Cannot find redirection URI: there is no attribute '$groupUriAttrName' in object '" . | |
$group->attribute( 'name' ) . | |
"' of class '" . | |
$group->attribute( 'class_name' ) . "'." ); | |
continue; | |
} | |
$uri = $groupDataMap[$groupUriAttrName]->attribute( 'content' ); | |
if ( $uri ) | |
{ | |
if ( $isMainParent ) | |
{ | |
$chosenGroupURI = $uri; | |
break; | |
} | |
elseif ( !$chosenGroupURI ) | |
$chosenGroupURI = $uri; | |
} | |
} | |
if ( $chosenGroupURI ) // if we've chose an URI from one of the user's groups. | |
$redirectionURI = $chosenGroupURI; | |
} | |
} | |
} | |
$userID = 0; | |
if ( $user instanceof eZUser ) | |
$userID = $user->id(); | |
if ( $userID > 0 ) | |
{ | |
$http->removeSessionVariable( 'eZUserLoggedInID' ); | |
$http->setSessionVariable( 'eZUserLoggedInID', $userID ); | |
// Remove all temporary drafts | |
eZContentObject::cleanupAllInternalDrafts( $userID ); | |
return $Module->redirectTo( $redirectionURI ); | |
} | |
} | |
else | |
{ | |
// called from outside of a template (?) | |
$requestedURI = $GLOBALS['eZRequestedURI']; | |
if ( $requestedURI instanceof eZURI ) | |
{ | |
$requestedModule = $requestedURI->element( 0, false ); | |
$requestedView = $requestedURI->element( 1, false ); | |
if ( $requestedModule != 'user' or | |
$requestedView != 'login' ) | |
$userRedirectURI = $requestedURI->originalURIString( false ); | |
} | |
} | |
if ( $http->hasPostVariable( "RegisterButton" ) ) | |
{ | |
$Module->redirectToView( 'register' ); | |
} | |
$userIsNotAllowedToLogin = false; | |
$failedLoginAttempts = false; | |
$maxNumOfFailedLogin = !eZUser::isTrusted() ? eZUser::maxNumberOfFailedLogin() : false; | |
// Should we show message about failed login attempt and max number of failed login | |
if ( $loginWarning and isset( $GLOBALS['eZFailedLoginAttemptUserID'] ) ) | |
{ | |
$showMessageIfExceeded = $ini->hasVariable( 'UserSettings', 'ShowMessageIfExceeded' ) ? $ini->variable( 'UserSettings', 'ShowMessageIfExceeded' ) == 'true' : false; | |
$failedUserID = $GLOBALS['eZFailedLoginAttemptUserID']; | |
$failedLoginAttempts = eZUser::failedLoginAttemptsByUserID( $failedUserID ); | |
$canLogin = eZUser::isEnabledAfterFailedLogin( $failedUserID ); | |
if ( $showMessageIfExceeded and !$canLogin ) | |
$userIsNotAllowedToLogin = true; | |
} | |
$tpl = eZTemplate::factory(); | |
$tpl->setVariable( 'login', $userLogin, 'User' ); | |
$tpl->setVariable( 'post_data', $postData, 'User' ); | |
$tpl->setVariable( 'password', $userPassword, 'User' ); | |
$tpl->setVariable( 'redirect_uri', $userRedirectURI . eZSys::queryString(), 'User' ); | |
$tpl->setVariable( 'warning', array( 'bad_login' => $loginWarning ), 'User' ); | |
$tpl->setVariable( 'site_access', array( 'allowed' => $siteAccessAllowed, | |
'name' => $siteAccessName ) ); | |
$tpl->setVariable( 'user_is_not_allowed_to_login', $userIsNotAllowedToLogin, 'User' ); | |
$tpl->setVariable( 'failed_login_attempts', $failedLoginAttempts, 'User' ); | |
$tpl->setVariable( 'max_num_of_failed_login', $maxNumOfFailedLogin, 'User' ); | |
$Result = array(); | |
$Result['content'] = $tpl->fetch( 'design:user/login.tpl' ); | |
$Result['path'] = array( array( 'text' => ezpI18n::tr( 'kernel/user', 'User' ), | |
'url' => false ), | |
array( 'text' => ezpI18n::tr( 'kernel/user', 'Login' ), | |
'url' => false ) ); | |
if ( $ini->variable( 'SiteSettings', 'LoginPage' ) == 'custom' ) | |
$Result['pagelayout'] = 'loginpagelayout.tpl'; | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{* DO NOT EDIT THIS FILE! Use an override template instead. *} | |
<form method="post" action={"/user/login/"|ezurl}> | |
<div class="maincontentheader"> | |
<h1>{"Login"|i18n("design/standard/user")}</h1> | |
</div> | |
{if $User:warning.bad_login} | |
<div class="warning"> | |
<h2>{"Could not login"|i18n("design/standard/user")}</h2> | |
<ul> | |
<li>{"A valid username and password is required to login."|i18n("design/standard/user")}</li> | |
</ul> | |
</div> | |
{else} | |
{if $site_access.allowed|not} | |
<div class="warning"> | |
<h2>{"Access not allowed"|i18n("design/standard/user")}</h2> | |
<ul> | |
<li>{"You are not allowed to access %1."|i18n("design/standard/user",,array($site_access.name))}</li> | |
</ul> | |
</div> | |
{/if} | |
{/if} | |
<div class="block"> | |
<label for="id1">{"Username"|i18n("design/standard/user",'User name')}</label><div class="labelbreak"></div> | |
<input class="halfbox" type="text" size="10" name="Login" id="id1" value="{$User:login|wash}" tabindex="1" /> | |
</div> | |
<div class="block"> | |
<label for="id2">{"Password"|i18n("design/standard/user")}</label><div class="labelbreak"></div> | |
<input class="halfbox" type="password" size="10" name="Password" id="id2" value="" tabindex="1" /> | |
</div> | |
{if and( ezini_hasvariable( 'Session', 'RememberMeTimeout' ), ezini( 'Session', 'RememberMeTimeout' ) )} | |
<div class="block"> | |
<input type="checkbox" tabindex="1" name="Cookie" id="id3" /><label for="id3" style="display:inline;">{"Remember me"|i18n("design/admin/user/login")}</label> | |
</div> | |
{/if} | |
<div class="buttonblock"> | |
<input class="defaultbutton" type="submit" name="LoginButton" value="{'Login'|i18n('design/standard/user','Button')}" tabindex="1" /> | |
<input class="button" type="submit" name="RegisterButton" value="{'Sign Up'|i18n('design/standard/user','Button')}" tabindex="1" /> | |
</div> | |
{if ezini( 'SiteSettings', 'LoginPage' )|eq( 'custom' )} | |
<p><a href={'/user/forgotpassword'|ezurl}>{'Forgot your password?'|i18n( 'design/standard/user' )}</a></p> | |
{/if} | |
<input type="hidden" name="RedirectURI" value="{$User:redirect_uri|wash}" /> | |
{section show=and( is_set( $User:post_data ), is_array( $User:post_data ) )} | |
{section name=postData loop=$User:post_data } | |
<input name="Last_{$postData:key|wash}" value="{$postData:item|wash}" type="hidden" /><br/> | |
{/section} | |
{/section} | |
</form> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$tpl->setVariable('action', eZURI::transformURI('/user/login')); | |
... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{* DO NOT EDIT THIS FILE! Use an override template instead. *} | |
<form method="post" action={"/user/login/"|ezurl}> | |
<h1 class="maincontentheader">{"Login"|i18n("design/standard/user")}</h1> | |
{if $User:warning.bad_login} | |
<div class="warning"> | |
<h2>{"Could not login"|i18n("design/standard/user")}</h2> | |
<ul> | |
<li>{"A valid username and password is required to login."|i18n("design/standard/user")}</li> | |
</ul> | |
</div> | |
{elseif $site_access.allowed|not} | |
<div class="warning"> | |
<h2>{"Access not allowed"|i18n("design/standard/user")}</h2> | |
<ul> | |
<li>{"You are not allowed to access %1."|i18n("design/standard/user",,array($site_access.name))}</li> | |
</ul> | |
</div> | |
{/if} | |
<label class="block"> | |
<span>{"Username"|i18n("design/standard/user",'User name')} | |
<input class="halfbox" type="text" size="10" name="Login" id="id1" value="{$User:login|wash}" tabindex="1" /> | |
</label> | |
<label class="block"> | |
<span>{"Password"|i18n("design/standard/user")}</span> | |
<input class="halfbox" type="password" size="10" name="Password" id="id2" value="" tabindex="1" /> | |
</label> | |
{if and( ezini_hasvariable( 'Session', 'RememberMeTimeout' ), ezini( 'Session', 'RememberMeTimeout' ) )} | |
<label> | |
<input type="checkbox" tabindex="1" name="Cookie" id="id3" /> | |
<span>{"Remember me"|i18n("design/admin/user/login")}</span> | |
</label> | |
{/if} | |
<div class="buttonblock"> | |
<input class="defaultbutton" type="submit" name="LoginButton" value="{'Login'|i18n('design/standard/user','Button')}" tabindex="1" /> | |
<input class="button" type="submit" name="RegisterButton" value="{'Sign Up'|i18n('design/standard/user','Button')}" tabindex="1" /> | |
</div> | |
{if ezini( 'SiteSettings', 'LoginPage' )|eq( 'custom' )} | |
<p><a href={'/user/forgotpassword'|ezurl}>{'Forgot your password?'|i18n( 'design/standard/user' )}</a></p> | |
{/if} | |
<input type="hidden" name="RedirectURI" value="{$User:redirect_uri|wash}" /> | |
{if and( is_set( $User:post_data ), is_array( $User:post_data ) )} | |
{foreach $User:post_data as $key=>$item} | |
<input name="Last_{$key|wash}" value="{$item|wash}" type="hidden" /> | |
{/foreach} | |
{/if} | |
</form> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment