Overview
Comment: | Utilisation de KD2\Form pour le login |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | dev |
Files: | files | file ages | folders |
SHA1: |
a14a753be3ecc557ec53a0e238779457 |
User & Date: | bohwaz on 2017-05-16 04:56:11 |
Other Links: | branch diff | manifest | tags |
Context
2017-05-16
| ||
06:09 | DB: Fix legacy compatibility functions check-in: f9c05b3c39 user: bohwaz tags: dev | |
04:56 | Utilisation de KD2\Form pour le login check-in: a14a753be3 user: bohwaz tags: dev | |
2017-05-14
| ||
10:41 | Passage aux objets check-in: 400c8eb2df user: bohwaz tags: dev | |
Changes
Modified src/include/init.php from [bfc98c00e2] to [a6110f17d2].
1 2 3 4 5 6 7 8 9 10 11 12 13 | <?php namespace Garradin; use KD2\ErrorManager; use KD2\Security; error_reporting(-1); /* * Version de Garradin */ | > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 | <?php namespace Garradin; use KD2\ErrorManager; use KD2\Security; use KD2\Form; error_reporting(-1); /* * Version de Garradin */ |
︙ | ︙ | |||
261 262 263 264 265 266 267 | { $key = base64_encode(Security::random_bytes(64)); Install::setLocalConfig('SECRET_KEY', $key); define('Garradin\SECRET_KEY', $key); } // Intégration du secret pour les tokens | | > > > > > > > > > > > | 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 | { $key = base64_encode(Security::random_bytes(64)); Install::setLocalConfig('SECRET_KEY', $key); define('Garradin\SECRET_KEY', $key); } // Intégration du secret pour les tokens Form::tokenSetSecret(SECRET_KEY); // Fonctions utilitaires bien utiles d'avoir dans le namespace global de Garradin function obj_has($obj, $pattern) { return \KD2\Helpers::obj_has($obj, $pattern); } function obj_get($src, $pattern, $default = null) { return \KD2\Helpers::obj_get($src, $pattern, $default); } /* * Vérifications pour enclencher le processus d'installation ou de mise à jour */ if (!defined('Garradin\INSTALL_PROCESS') && !defined('Garradin\UPGRADE_PROCESS')) { |
︙ | ︙ |
Modified src/include/lib/Garradin/Template.php from [58ab6469f8] to [d7cfbaa69e].
1 2 3 4 | <?php namespace Garradin; | | | 1 2 3 4 5 6 7 8 9 10 11 12 | <?php namespace Garradin; use KD2\Form; class Template extends \KD2\Smartyer { static protected $_instance = null; static public function getInstance() { |
︙ | ︙ | |||
25 26 27 28 29 30 31 | parent::__construct(); $this->assign('www_url', WWW_URL); $this->assign('self_url', Utils::getSelfUrl()); $this->assign('self_url_no_qs', Utils::getSelfUrl(true)); $this->assign('is_logged', false); | | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | | 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 | parent::__construct(); $this->assign('www_url', WWW_URL); $this->assign('self_url', Utils::getSelfUrl()); $this->assign('self_url_no_qs', Utils::getSelfUrl(true)); $this->assign('is_logged', false); $this->register_function('form_errors', [$this, 'formErrors']); $this->register_function('show_error', [$this, 'showError']); } protected function formErrors($params) { $errors = $this->getTemplateVars('form_errors'); if (!$errors || count($errors) == 0) { return ''; } $out = []; foreach ($errors as $error) { $out[] = $this->getFormErrorMessage($error['rule'], $error['name']); } return '<div class="error"><ul><li>' . implode('</li><li>', $out) . '</li></ul></div>'; } protected function getFormErrorMessage($rule, $element) { if ($element == '_id') { $element = 'identifiant'; } elseif ($element == 'passe') { $element = 'mot de passe'; } switch ($rule) { case 'required': return sprintf('Le champ %s est vide.', $element); case 'csrf': return 'Une erreur est survenue, merci de bien vouloir renvoyer le formulaire.'; default: return sprintf('Erreur "%s" dans le champ "%s"', $rule, $element); } } protected function showError($params) { if (!$params['if']) { return ''; } return '<p class="error">' . $this->escape($params['message']) . '</p>'; } } $tpl = Template::getInstance(); function tpl_csrf_field($params) { return Form::tokenHTML($params['key']); } function tpl_form_field($params) { if (!isset($params['name'])) throw new \BadFunctionCallException('name argument is mandatory'); |
︙ | ︙ |
Modified src/templates/admin/login.tpl from [73997fd1e9] to [cecf8ffa2c].
1 2 | {include file="admin/_head.tpl" title="Connexion"} | | < < < < | < < < | | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | {include file="admin/_head.tpl" title="Connexion"} {form_errors} {show_error if=$fail message="Connexion impossible. Vérifiez l'adresse e-mail et le mot de passe."} {if !$ssl_enabled && $prefer_ssl} <p class="alert"> <strong>Message de sécurité</strong><br /> Nous vous conseillons de vous connecter sur la version <a href="{$own_https_url}">chiffrée (HTTPS) de cette page</a> pour vous connecter. </p> {/if} <form method="post" action="{$self_url}"> <fieldset> <legend>Connexion</legend> <dl> <dt><label for="f_id">{$champ.title}</label></dt> <dd><input type="text" name="_id" id="f_id" value="{form_field name=_id}" /></dd> <dt><label for="f_passe">Mot de passe</label></dt> <dd><input type="password" name="passe" id="f_passe" value="" /> {if $ssl_enabled} <b class="icn confirm" title="Connexion chiffrée">🔒</b> <span class="confirm">Connexion sécurisée</span> {else} <b class="icn error" title="Connexion non chiffrée">🔓</b> |
︙ | ︙ |
Modified src/www/admin/_inc.php from [8fa8938d39] to [eb2f2a42ed].
︙ | ︙ | |||
8 9 10 11 12 13 14 15 16 17 18 19 20 21 | // Redirection automatique en HTTPS si nécessaire if (PREFER_HTTPS !== true && PREFER_HTTPS >= 2 && empty($_SERVER['HTTPS']) && empty($_POST)) { utils::redirect(str_replace('http://', 'https://', utils::getSelfURL())); exit; } $tpl = Template::getInstance(); $tpl->assign('admin_url', WWW_URL . 'admin/'); $session = Session::get(); if (!defined('Garradin\LOGIN_PROCESS')) | > > > > > > > > > > > | 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | // Redirection automatique en HTTPS si nécessaire if (PREFER_HTTPS !== true && PREFER_HTTPS >= 2 && empty($_SERVER['HTTPS']) && empty($_POST)) { utils::redirect(str_replace('http://', 'https://', utils::getSelfURL())); exit; } // Alias utiles pour la gestion de formulaires function f($key) { return \KD2\Form::get($key); } function fc($action, Array $rules, Array &$errors = []) { return \KD2\Form::check($action, $rules, $errors); } $tpl = Template::getInstance(); $tpl->assign('admin_url', WWW_URL . 'admin/'); $session = Session::get(); if (!defined('Garradin\LOGIN_PROCESS')) |
︙ | ︙ |
Modified src/www/admin/login.php from [5749aca48a] to [a38c475ec7].
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | <?php namespace Garradin; const LOGIN_PROCESS = true; require_once __DIR__ . '/_inc.php'; if ($session) { Utils::redirect('/admin/'); } // Relance session_start et renvoie une image de 1px transparente if (isset($_GET['keepSessionAlive'])) { Session::refresh(); header('Cache-Control: no-cache, must-revalidate'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Content-Type: image/gif'); echo base64_decode("R0lGODlhAQABAIAAAP///////yH5BAEKAAEALAAAAAABAAEAAAICTAEAOw=="); exit; } | > > | > | | < > > > | | < < < | < < < > | | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 | <?php namespace Garradin; const LOGIN_PROCESS = true; require_once __DIR__ . '/_inc.php'; // L'utilisateur est déjà connecté if ($session) { Utils::redirect('/admin/'); } // Relance session_start et renvoie une image de 1px transparente if (isset($_GET['keepSessionAlive'])) { Session::refresh(); header('Cache-Control: no-cache, must-revalidate'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Content-Type: image/gif'); echo base64_decode("R0lGODlhAQABAIAAAP///////yH5BAEKAAEALAAAAAABAAEAAAICTAEAOw=="); exit; } $errors = []; $fail = false; // Soumission du formulaire if (f('login')) { $check = fc('login', [ '_id' => 'required|string', 'passe' => 'required|string', 'permanent' => 'boolean', ], $errors); if ($check && ($fail = Membres\Session::login(f('_id'), f('passe'), (bool) f('permanent')))) { Utils::redirect('/admin/'); } } $champs = $config->get('champs_membres'); $champ = $champs->get($config->get('champ_identifiant')); $tpl->assign('ssl_enabled', empty($_SERVER['HTTPS']) ? false : true); $tpl->assign('prefer_ssl', (bool)PREFER_HTTPS); $tpl->assign('own_https_url', str_replace('http://', 'https://', utils::getSelfURL())); $tpl->assign('champ', $champ); $tpl->assign('form_errors', $errors); $tpl->assign('fail', $fail); $tpl->display('admin/login.tpl'); |
Modified src/www/admin/static/admin.css from [0a77a33694] to [a3aac92b19].
︙ | ︙ | |||
170 171 172 173 174 175 176 177 178 179 180 181 182 183 | margin: 1em; color: #666; } p.intro { margin: 1em; } /* Formulaires */ fieldset { border: 1px solid #ccc; padding: 0.8em 1em 0 1em; margin-bottom: 1em; padding: 0.5em; | > > > > > | 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 | margin: 1em; color: #666; } p.intro { margin: 1em; } .error ul, .alert ul, .confirm ul { margin-left: 1.5em; list-style: disc; } /* Formulaires */ fieldset { border: 1px solid #ccc; padding: 0.8em 1em 0 1em; margin-bottom: 1em; padding: 0.5em; |
︙ | ︙ |