"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "mrbs-1.9.4/web/lib/MRBS/Session/SessionWithLogin.php" between
mrbs-1.9.4.tar.gz and mrbs-1.10.0.tar.gz

About: MRBS is a web application for booking meeting rooms or other resources (using PHP and MySQL/pgsql).

[ To the main mrbs source changes report ]

SessionWithLogin.php  (mrbs-1.9.4):SessionWithLogin.php  (mrbs-1.10.0)
skipping to change at line 12 skipping to change at line 12
namespace MRBS\Session; namespace MRBS\Session;
use MRBS\Form\FieldDiv; use MRBS\Form\FieldDiv;
use MRBS\Form\Form; use MRBS\Form\Form;
use MRBS\Form\ElementA; use MRBS\Form\ElementA;
use MRBS\Form\ElementFieldset; use MRBS\Form\ElementFieldset;
use MRBS\Form\ElementP; use MRBS\Form\ElementP;
use MRBS\Form\FieldInputPassword; use MRBS\Form\FieldInputPassword;
use MRBS\Form\FieldInputSubmit; use MRBS\Form\FieldInputSubmit;
use MRBS\Form\FieldInputText; use MRBS\Form\FieldInputText;
use MRBS\User;
// An abstract class for those session schemes that implement a login form // An abstract class for those session schemes that implement a login form
abstract class SessionWithLogin implements SessionInterface abstract class SessionWithLogin implements SessionInterface
{ {
protected $form = array(); protected $form = array();
public function __construct() public function __construct()
{ {
// Get non-standard form variables // Get non-standard form variables
foreach (array('action', 'username', 'password', 'target_url', 'returl') as $var) foreach (array('action', 'username', 'password', 'target_url', 'returl') as $var)
{ {
$this->form[$var] = \MRBS\get_form_var($var, 'string', null, INPUT_POST); $this->form[$var] = \MRBS\get_form_var($var, 'string', null, INPUT_POST);
} }
// It's easy for extra spaces to appear, especially on a mobile device if (isset($this->form['username']))
$this->form['username'] = trim($this->form['username']); {
// It's easy for extra spaces to appear, especially on a mobile device
$this->form['username'] = trim($this->form['username']);
}
} }
// Gets the username and password. Returns: Nothing // Gets the username and password. Returns: Nothing
// //
// $target_url The URL to go to after successful login // $target_url The URL to go to after successful login
// $returl The URL to return to eventually // $returl The URL to return to eventually
public function authGet($target_url=null, $returl=null, $error=null, $raw=fals e) public function authGet(?string $target_url=null, ?string $returl=null, ?strin g $error=null, bool $raw=false) : void
{ {
if (!isset($target_url)) if (!isset($target_url))
{ {
$target_url = \MRBS\this_page(true); $target_url = \MRBS\this_page(true);
} }
// Omit the Login link in the header when we're on the login page itself // Omit the Login link in the header when we're on the login page itself
\MRBS\print_header(null, null, true); \MRBS\print_header(null, null, true);
$action = \MRBS\multisite(\MRBS\this_page()); $action = \MRBS\multisite(\MRBS\this_page());
$this->printLoginForm($action, $target_url, $returl, $error, $raw); $this->printLoginForm($action, $target_url, $returl, $error, $raw);
exit; exit;
} }
abstract public function getCurrentUser(); abstract public function getCurrentUser() : ?User;
// Returns the parameters ('method', 'action' and 'hidden_inputs') for a // Returns the parameters ('method', 'action' and 'hidden_inputs') for a
// Logon form. Returns an array. // Logon form. Returns an array.
public function getLogonFormParams() public function getLogonFormParams() : ?array
{ {
return array( return array(
'action' => \MRBS\multisite('admin.php'), 'action' => \MRBS\multisite('admin.php'),
'method' => 'post', 'method' => 'post',
'hidden_inputs' => array('target_url' => \MRBS\this_page(true), 'hidden_inputs' => array('target_url' => \MRBS\this_page(true),
'action' => 'QueryName') 'action' => 'QueryName')
); );
} }
// Returns the parameters ('method', 'action' and 'hidden_inputs') for a // Returns the parameters ('method', 'action' and 'hidden_inputs') for a
// Logoff form. Returns an array. // logoff form. Returns an array of parameters, or null if no form is to be
public function getLogoffFormParams() // shown.
public function getLogoffFormParams() : ?array
{ {
return array( return array(
'action' => \MRBS\multisite('admin.php'), 'action' => \MRBS\multisite('admin.php'),
'method' => 'post', 'method' => 'post',
'hidden_inputs' => array('target_url' => \MRBS\this_page(true), 'hidden_inputs' => array('target_url' => \MRBS\this_page(true),
'action' => 'SetName', 'action' => 'SetName',
'username' => '', 'username' => '',
'password' => '') 'password' => '')
); );
} }
public function processForm() public function processForm() : void
{ {
if (isset($this->form['action'])) if (isset($this->form['action']))
{ {
// Target of the form with sets the URL argument "action=QueryName". // Target of the form with sets the URL argument "action=QueryName".
// Will eventually return to URL argument "target_url=whatever". // Will eventually return to URL argument "target_url=whatever".
if ($this->form['action'] == 'QueryName') if ($this->form['action'] == 'QueryName')
{ {
$this->authGet($this->form['target_url']); $this->authGet($this->form['target_url']);
exit(); // unnecessary because authGet() exits, but just included for cl arity exit(); // unnecessary because authGet() exits, but just included for cl arity
} }
skipping to change at line 126 skipping to change at line 131
$this->form['target_url'] .= 'returl=' . urlencode($this->form['retu rl']); $this->form['target_url'] .= 'returl=' . urlencode($this->form['retu rl']);
} }
} }
\MRBS\location_header($this->form['target_url']); // Redirect browser to initial page \MRBS\location_header($this->form['target_url']); // Redirect browser to initial page
} }
} }
} }
// Can only return a valid username. If the username and password are not val id it will ask for new ones. // Can only return a valid username. If the username and password are not val id it will ask for new ones.
protected function getValidUser($username, $password) protected function getValidUser(?string $username, ?string $password) : string
{ {
if (($valid_username = \MRBS\auth()->validateUser($this->form['username'], $ this->form['password'])) === false) if (($valid_username = \MRBS\auth()->validateUser($this->form['username'], $ this->form['password'])) === false)
{ {
$this->authGet($this->form['target_url'], $this->form['returl'], \MRBS\get _vocab('unknown_user')); $this->authGet($this->form['target_url'], $this->form['returl'], \MRBS\get _vocab('unknown_user'));
exit(); // unnecessary because authGet() exits, but just included for clar ity exit(); // unnecessary because authGet() exits, but just included for clar ity
} }
return $valid_username; return $valid_username;
} }
protected function logonUser($username) protected function logonUser(string $username) : void
{ {
} }
public function logoffUser() public function logoffUser() : void
{ {
} }
// Displays the login form. // Displays the login form.
// Will eventually return to $target_url with query string returl=$returl // Will eventually return to $target_url with query string returl=$returl
// If $error is set then an $error is printed. // If $error is set then an $error is printed.
// If $raw is true then the message is not HTML escaped // If $raw is true then the message is not HTML escaped
private function printLoginForm($action, $target_url, $returl, $error=null, $r aw=false) private function printLoginForm(string $action, ?string $target_url, ?string $ returl, ?string $error=null, bool $raw=false) : void
{ {
$form = new Form(); $form = new Form();
$form->setAttributes(array('class' => 'standard', $form->setAttributes(array('class' => 'standard',
'id' => 'logon', 'id' => 'logon',
'method' => 'post', 'method' => 'post',
'action' => $action)); 'action' => $action));
// Hidden inputs // Hidden inputs
$hidden_inputs = array('returl' => $returl, $hidden_inputs = array('returl' => $returl,
'target_url' => $target_url, 'target_url' => $target_url,
skipping to change at line 228 skipping to change at line 233
$form->render(); $form->render();
// Print footer and exit // Print footer and exit
\MRBS\print_footer(true); \MRBS\print_footer(true);
} }
// Check we've got the right authentication type for the session scheme. // Check we've got the right authentication type for the session scheme.
// To be called for those session schemes which require the same // To be called for those session schemes which require the same
// authentication type // authentication type
protected function checkTypeMatchesSession() protected function checkTypeMatchesSession() : void
{ {
global $auth; global $auth;
if ($auth['type'] !== $auth['session']) if ($auth['type'] !== $auth['session'])
{ {
$class = get_called_class(); $class = get_called_class();
$message = "MRBS configuration error: $class needs \$auth['type'] set to ' " . $auth['session'] . "'"; $message = "MRBS configuration error: $class needs \$auth['type'] set to ' " . $auth['session'] . "'";
die($message); die($message);
} }
} }
 End of changes. 12 change blocks. 
13 lines changed or deleted 18 lines changed or added
To the PHP Programs (all 610): section of the mrbs source changes report or the top of this page
Mainly generated by pkgdiff using rfcdiff
Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)