Compare commits

...

78 Commits

Author SHA1 Message Date
Christian Weiske
7379805565 Merge branch 'master' into quickform
Conflicts:
	data/templates/bookmarks.tpl.php
	data/templates/sidebar.block.search.php
	data/templates/top.inc.php
	doc/developers/TODO
	src/SemanticScuttle/header.php
2011-04-06 19:13:19 +02:00
Christian Weiske
1e3cd8bf6e add quickform files 2011-02-14 17:54:48 +01:00
Christian Weiske
ae8cd8ffc3 clear captcha session after successful registration 2010-07-09 22:00:16 +02:00
Christian Weiske
e0ece297a3 invalidate captcha solution when the password has been sent 2010-07-09 21:58:51 +02:00
Christian Weiske
bf9b3f98a7 do not show password forgotten form when we sent the mail 2010-07-09 21:55:37 +02:00
Christian Weiske
cecf6d349a Merge branch 'quickform' of github.com:cweiske/SemanticScuttle into quickform 2010-07-09 15:00:01 +02:00
Christian Weiske
badc3b87ee test new method SemanticScuttle_Service_User::userEmailCombinationValid() used in password forgotten page 2010-07-09 14:59:13 +02:00
Christian Weiske
2aa12b2534 convert password forgotten page to quickform and add captcha 2010-07-09 14:43:21 +02:00
Christian Weiske
4b3c308cc4 update dev TODO 2010-07-09 14:43:21 +02:00
Christian Weiske
122d8679c9 reset content type to normal html, since application/xhtml+xml gives quite some javascript problems 2010-07-09 14:43:21 +02:00
Christian Weiske
78697d4438 set content type to application/xhtml+xml to find problems earlier 2010-07-09 14:43:21 +02:00
Christian Weiske
69233c462d registration page xml bug 2010-07-09 14:43:21 +02:00
Christian Weiske
f3461fcada make home page xml-valid 2010-07-09 14:43:21 +02:00
Christian Weiske
645c0a4396 make html more valid when using special chars in title 2010-07-09 14:43:21 +02:00
Christian Weiske
7331bf395e CS 2010-07-09 14:43:20 +02:00
Christian Weiske
012d48ff45 better error message 2010-07-09 14:43:20 +02:00
Christian Weiske
8ec3147507 copyright was not in original file 2010-07-09 14:43:20 +02:00
Christian Weiske
3c280ae9ab make login form use quickform 2010-07-09 14:43:20 +02:00
Christian Weiske
1ba18be35d fix include 2010-07-09 14:43:20 +02:00
Christian Weiske
b38edbc353 docblock 2010-07-09 14:43:20 +02:00
Christian Weiske
d5e22f7ac5 use new file docblock for register.php 2010-07-09 14:43:20 +02:00
Christian Weiske
cb7b2f5433 we do not need backgroundtext anymore 2010-07-09 14:43:20 +02:00
Christian Weiske
830d417db4 fix label for registration submit button 2010-07-09 14:43:20 +02:00
Christian Weiske
4a734d2012 remove unneeded comment 2010-07-09 14:43:19 +02:00
Christian Weiske
745550b2cd get rid of manually specified IDs 2010-07-09 14:43:19 +02:00
Christian Weiske
40850b4da2 remove old form validation code 2010-07-09 14:43:19 +02:00
Christian Weiske
7a7d5f5a6f replace antispam question and answer with numeral captcha 2010-07-09 14:43:19 +02:00
Christian Weiske
79d9a0b88c use quickform rule "notcallback" now instead of our own 2010-07-09 14:43:19 +02:00
Christian Weiske
4e324ccc14 backgroundtext is an own package now 2010-07-09 14:43:19 +02:00
Christian Weiske
67122981b4 remove icallback since QF2 has notcallback now 2010-07-09 14:43:19 +02:00
Christian Weiske
4d874f7528 move backgroundtext element class to html folder 2010-07-09 14:43:19 +02:00
Christian Weiske
df1701253b some more explanation 2010-07-09 14:43:19 +02:00
Christian Weiske
bcf3737f8e make it possible to set class attribute after setting background class 2010-07-09 14:43:19 +02:00
Christian Weiske
1376dfb7c5 use special class when default text is set 2010-07-09 14:43:19 +02:00
Christian Weiske
ecd30ace99 set background text class initially before rendering 2010-07-09 14:43:18 +02:00
Christian Weiske
1d4e5d8011 first step in converting registration to quickform 2010-07-09 14:43:18 +02:00
Christian Weiske
02dac679f7 docblock fix 2010-07-09 14:43:18 +02:00
Christian Weiske
087189a503 first work on quickform2 registration form 2010-07-09 14:43:18 +02:00
Christian Weiske
52a4fb1f79 Merge branch 'master' into quickform 2010-07-09 12:06:14 +02:00
Christian Weiske
5f99b64744 convert password forgotten page to quickform and add captcha 2010-07-09 11:47:05 +02:00
Christian Weiske
4f1daa96df update dev TODO 2010-07-09 11:46:13 +02:00
Christian Weiske
0ebb87bdb1 Merge branch 'master' into quickform 2010-06-10 08:22:53 +02:00
Christian Weiske
66c1044d41 reset content type to normal html, since application/xhtml+xml gives quite some javascript problems 2010-06-07 08:00:07 +02:00
Christian Weiske
041d1c0b38 set content type to application/xhtml+xml to find problems earlier 2010-06-02 19:02:05 +02:00
Christian Weiske
a9bf6a587b registration page xml bug 2010-06-02 19:01:33 +02:00
Christian Weiske
2d6e303bff make home page xml-valid 2010-06-02 18:59:59 +02:00
Christian Weiske
95dbed3784 make html more valid when using special chars in title 2010-06-02 18:50:03 +02:00
Christian Weiske
a48692960b CS 2010-06-02 07:56:19 +02:00
Christian Weiske
89caa4a598 better error message 2010-06-02 07:55:13 +02:00
Christian Weiske
429bddee63 copyright was not in original file 2010-06-02 07:53:06 +02:00
Christian Weiske
23fe0c49fc make login form use quickform 2010-06-02 07:52:36 +02:00
Christian Weiske
f5bf96f1fa fix include 2010-06-02 07:52:21 +02:00
Christian Weiske
1cfaae161d docblock 2010-06-02 07:52:09 +02:00
Christian Weiske
a697e846ca Merge branch 'master' into quickform
Conflicts:
	data/locales/ru_RU/LC_MESSAGES/messages.po
2010-06-01 16:42:01 +02:00
Christian Weiske
b0b9b2fafb put sergey's name in the russian translation file 2010-05-27 08:48:38 +02:00
Christian Weiske
f32ac6ed48 use new file docblock for register.php 2010-05-27 08:43:22 +02:00
Christian Weiske
79db270b90 we do not need backgroundtext anymore 2010-05-27 08:37:15 +02:00
Christian Weiske
9d45600fce fix label for registration submit button 2010-05-27 08:36:27 +02:00
Christian Weiske
1276ad4ffb remove unneeded comment 2010-05-27 08:32:02 +02:00
Christian Weiske
3a0ff7a803 get rid of manually specified IDs 2010-05-26 19:18:12 +02:00
Christian Weiske
94afd94fd6 remove old form validation code 2010-05-26 19:15:27 +02:00
Christian Weiske
362d159437 replace antispam question and answer with numeral captcha 2010-05-26 19:14:53 +02:00
Christian Weiske
f4c51ccb4e use quickform rule "notcallback" now instead of our own 2010-05-26 19:03:36 +02:00
Christian Weiske
71e665fd9b backgroundtext is an own package now 2010-05-26 19:01:07 +02:00
Christian Weiske
3cacd46d82 remove icallback since QF2 has notcallback now 2010-05-26 19:00:15 +02:00
Christian Weiske
7f10ac6aa3 move backgroundtext element class to html folder 2010-05-07 07:39:30 +02:00
Christian Weiske
ec49e80dea some more explanation 2010-05-06 20:39:46 +02:00
Christian Weiske
f310b12374 make it possible to set class attribute after setting background class 2010-05-06 17:15:45 +02:00
Christian Weiske
4e5c6ad1f9 use special class when default text is set 2010-05-06 17:12:42 +02:00
Christian Weiske
680822f0f4 set background text class initially before rendering 2010-05-06 17:12:24 +02:00
Christian Weiske
4285799c3f first step in converting registration to quickform 2010-05-06 14:21:13 +02:00
Christian Weiske
26052021a2 docblock fix 2010-05-04 19:18:45 +02:00
Christian Weiske
883bf951c7 first work on quickform2 registration form 2010-05-03 22:55:53 +02:00
Christian Weiske
e20fbd226b update changelog 2010-05-03 08:01:46 +02:00
Christian Weiske
251d2a868a add compiled russian translation 2010-05-03 07:58:12 +02:00
Christian Weiske
a4d637f1ca Revert "Vietnamese translation" - was accidentially put into fr_FR
This reverts commit d8dc6eb9e0.
2010-05-03 07:56:29 +02:00
Christian Weiske
28a0739ec0 typo 2010-05-03 07:48:35 +02:00
Christian Weiske
cb81fc48cb add russian translation, thanks to Serge 2010-05-03 07:48:17 +02:00
16 changed files with 766 additions and 253 deletions

View File

@ -237,31 +237,6 @@ $adminsAreAdvisedTagsFromOtherAdmins = false;
*/
$reservedusers = array('all', 'watchlist');
/***************************************************
* Anti SPAM measures
*/
/**
* A question to avoid spam.
* Shown on user registration page.
*
* @var string
* @see $antispamAnswer
*/
$antispamQuestion = 'name of this application';
/**
* The answer to the antispam question
* Users have to write exactly this string.
*
* @var string
* @see $antispamQuestion
*/
$antispamAnswer = 'semanticscuttle';
/**
* Enable or disable user registration
*

View File

@ -14,22 +14,23 @@ if (!$userservice->isSessionStable()) {
}
?>
<form action="<?php echo $formaction; ?>" method="post">
<div><input type="hidden" name="query" value="<?php echo $querystring; ?>" /></div>
<form<?php echo $form['attributes']; ?>>
<?php echo implode('', $form['hidden']); ?>
<table>
<tr>
<th align="left"><label for="username"><?php echo T_('Username'); ?></label></th>
<td><input type="text" id="username" name="username" size="20" /></td>
<th align="left"><?php echo $form['username']['labelhtml']; ?></th>
<td><?php echo $form['username']['html']; ?></td>
<td></td>
</tr>
<tr>
<th align="left"><label for="password"><?php echo T_('Password'); ?></label></th>
<td><input type="password" id="password" name="password" size="20" /></td>
<td><input type="checkbox" name="keeppass" id="keeppass" value="yes" /> <label for="keeppass"><?php echo T_("Don't ask for my password for 2 weeks"); ?>.</label></td>
<th align="left"><?php echo $form['password']['labelhtml']; ?></th>
<td><?php echo $form['password']['html']; ?></td>
<td><?php echo $form['keeploggedin']['html']
. $form['keeploggedin']['labelhtml']; ?></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submitted" value="<?php echo T_('Log In'); ?>" /></td>
<td><?php echo $form['submit']['html']; ?></td>
<td></td>
</tr>
</table>

View File

@ -1,26 +1,34 @@
<?php
$this->includeTemplate($GLOBALS['top_include']);
if (isset($form)) {
?>
<p><?php echo sprintf(T_('If you have forgotten your password, %s can generate a new one. Enter the username and e-mail address of your account into the form below and we will e-mail your new password to you.'), $GLOBALS['sitename']); ?></p>
<form action="<?php echo $formaction; ?>" method="post">
<form<?php echo $form['attributes']; ?>>
<?php echo implode('', $form['hidden']); ?>
<table>
<tr>
<th align="left"><label for="username"><?php echo T_('Username'); ?></label></th>
<td><input type="text" id="username" name="username" size="20" class="required" /></td>
<th align="left"><?php echo $form['username']['labelhtml']; ?></th>
<td><?php echo $form['username']['html']; ?></td>
</tr>
<tr>
<th align="left"><label for="email"><?php echo T_('E-mail'); ?></label></th>
<td><input type="text" id="email" name="email" size="40" class="required" /></td>
<th align="left"><?php echo $form['email']['labelhtml']; ?></th>
<td><?php echo $form['email']['html']; ?></td>
</tr>
<tr>
<th align="left"><?php echo $form['captcha']['labelhtml']; ?></th>
<td><?php echo $form['captcha']['html']; ?></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submitted" value="<?php echo T_('Generate Password'); ?>" /></td>
<td><?php echo $form['submit']['html']; ?></td>
</tr>
</table>
</form>
<?php
}
$this->includeTemplate($GLOBALS['bottom_include']);
?>

View File

@ -10,35 +10,36 @@ window.onload = function() {
<p><?php echo sprintf(T_('Sign up here to create a free %s account. All the information requested below is required'), $GLOBALS['sitename']); ?>.</p>
<form action="<?php echo $formaction; ?>" method="post">
<form<?php echo $form['attributes']; ?>>
<?php echo implode('', $form['hidden']); ?>
<table>
<tr>
<th align="left"><label for="username"><?php echo T_('Username'); ?></label></th>
<td><input type="text" id="username" name="username" size="20" class="required" onkeyup="isAvailable(this, '')" /> </td>
<th align="left"><?php echo $form['username']['labelhtml']; ?></th>
<td><?php echo $form['username']['html']; ?></td>
<td id="availability"><?php echo '←'.T_(' at least 5 characters, alphanumeric (no spaces, no dots or other special ones)') ?></td>
</tr>
<tr>
<th align="left"><label for="password"><?php echo T_('Password'); ?></label></th>
<td><input type="password" id="password" name="password" size="20" class="required" /></td>
<th align="left"><?php echo $form['password']['labelhtml']; ?></th>
<td><?php echo $form['password']['html']; ?></td>
<td></td>
</tr>
<tr>
<th align="left"><label for="email"><?php echo T_('E-mail'); ?></label></th>
<td><input type="text" id="email" name="email" size="40" class="required" /></td>
<th align="left"><?php echo $form['email']['labelhtml']; ?></th>
<td><?php echo $form['email']['html']; ?></td>
<td><?php echo '←'.T_(' to send you your password if you forget it')?></td>
</tr>
<?php if(strlen($antispamQuestion)>0) {?>
<?php if (isset($form['captcha'])) {?>
<tr>
<th align="left"><label for="antispamAnswer"><?php echo T_('Antispam question'); ?></label></th>
<td><input type="text" id="antispamAnswer" name="antispamAnswer" size="40" class="required" value="<?php echo $antispamQuestion; ?>" onfocus="if (this.value == '<?php echo $antispamQuestion; ?>') this.value = '';" onblur="if (this.value == '') this.value = '<?php echo $antispamQuestion; ?>';"/></td>
<th align="left"><?php echo $form['captcha']['labelhtml']; ?></th>
<td><?php echo $form['captcha']['html']; ?></td>
<td></td>
</tr>
<?php } ?>
<tr>
<td></td>
<td><input type="submit" name="submitted" value="<?php echo T_('Register'); ?>" /></td>
<td><?php echo $form['submit']['html']; ?></td>
<td></td>
</tr>
</table>

View File

@ -1,10 +1,43 @@
- Use HTML_QuickForm2 for forms
-> easy captcha integration
-> cleaner code
-> more secure code
-> easy to i.e. add richtext fields
- forms:
- user
+ login
+ register
+ send password -> add captcha
- edit profile
- bookmark:
- edit
- common bookmark description
- tag
- delete tag
- edit tag
- rename tag
- common tag description
- tag2tag
- add tag2tag
- edit tag2tag
- delete tag2tag
- import
- import structure
- import delicious
- import netscape
- watchlist sidebar
- search
- normal search
- gsearch
- openid integration
- SemanticScuttle_Filter
-> class with static filter functions to filter
ids, usernames, passwords, sorting etc.
- when a user gets deleted from database, he should not be
logged in anymore (name not shown on top right)
- Make users inactive by default when registered newly
- have to be activated by admins
- have to be activated by admins (see #1926991)
- Add RDFa to user profile page
- use recaptcha or alike -> quickform
- tutorial about sidebar
@ -14,6 +47,7 @@
- how to optimize DISTINCT bHash
Tracker items:
#1908041 - klick counter
a counter how many people klicked one link
@ -50,7 +84,7 @@ Tracker items:
I'l like to propose a function, where 5 (numbers can be selected)of top
users (or sub admins if they can be created) of the site marks the bookmark
not applicable to the site, then that bookmark is deleted.
#2862548 - Disable email TLD verification
ALREADY FIXED! #2862548 - Disable email TLD verification
It should be possible to disable the top level domain verification in the
email verification for new users. Use cases are
a) new top level domains (TLD) that are created in the future

View File

@ -0,0 +1 @@
/home/cweiske/Dev/pear/sandbox/HTML_QuickForm2_Captcha/HTML/QuickForm2/Element/Captcha

View File

@ -0,0 +1 @@
/home/cweiske/Dev/pear/sandbox/HTML_QuickForm2_Captcha/HTML/QuickForm2/Element/Captcha.php

View File

@ -0,0 +1 @@
/home/cweiske/Dev/pear/sandbox/HTML_QuickForm2_Captcha/HTML/QuickForm2/Element/NumeralCaptcha.php

View File

@ -0,0 +1 @@
/home/cweiske/Dev/pear/sandbox/HTML_QuickForm2_Captcha/HTML/QuickForm2/Element/ReCaptcha.php

View File

@ -0,0 +1,89 @@
<?php
require_once 'HTML/QuickForm2/Renderer/Array.php';
/**
* Custom HTML_QuickForm2 renderer allowing easy access
* to elements by their ID
*
* FIXME
*/
class SemanticScuttle_QuickForm2_Renderer_CoolArray
extends HTML_QuickForm2_Renderer_Array
implements ArrayAccess
{
protected $ids = array();
public function __construct()
{
parent::__construct();
}
/**
* Overwrite parent method to create ID index
*/
public function pushScalar(array $element)
{
parent::pushScalar($element);
$id = $element['id'];
$cont =& $this->containers[
count($this->containers) - 1
];
$this->ids[$id] =& $cont[count($cont) - 1];
}
/**
* Creates an array with fields that are common to all elements.
* This method here also creates html labels.
*
* @param HTML_QuickForm2_Node $element Element being rendered
*
* @return array Array of attributes
*/
public function buildCommonFields(HTML_QuickForm2_Node $element)
{
$ary = parent::buildCommonFields($element);
if (isset($ary['label'])) {
//FIXME: error class
//FIXME: htmlspecialchars()?
$ary['labelhtml'] = '<label for="' . $ary['id'] . '">'
. $ary['label'] . '</label>';
}
return $ary;
}
public function offsetSet($offset, $value)
{
$this->ids[$offset] = $value;
}
public function offsetExists($offset)
{
if (isset($this->array[$offset])) {
return true;
}
return isset($this->ids[$offset]);
}
public function offsetUnset($offset)
{
unset($this->ids[$offset]);
}
public function offsetGet($offset)
{
if (isset($this->array[$offset])) {
return $this->array[$offset];
}
return isset($this->ids[$offset])
? $this->ids[$offset]
: null;
}
}
?>

View File

@ -188,7 +188,15 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return sprintf($this->profileurl, urlencode($id), urlencode($username));
}
function getUserByUsername($username) {
/**
* Fetches a user by the given user name
*
* @param string $username Nickname of the user
*
* @return array Database row or boolean false on error
*/
public function getUserByUsername($username)
{
return $this->_getuser($this->getFieldName('username'), $username);
}
@ -307,7 +315,18 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
return $currentObjectUser;
}
function existsUserWithUsername($username) {
/**
* Checks if the user with the given username exists
* in database.
*
* @param string $username Nickname of user
*
* @return boolean True if it exists, false if not
*/
public function existsUserWithUsername($username)
{
if ($this->getUserByUsername($username) != '') {
return true;
} else {
@ -315,6 +334,35 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
}
/**
* Checks if the given username and email combination is
* valid (user with nickname and email address exists).
* Used on forgot-password page.
*
* @param string $username Nickname of user
* @param string $email Email address of user
*
* @return boolean True if a user with both nickname and
* email address exists, false if not.
*/
public function userEmailCombinationValid($username, $email)
{
$user = $this->getUserByUsername($username);
if ($user === false) {
//user does not exist
return false;
} else if ($user['email'] != $email) {
//email wrong
return false;
}
return true;
}
function existsUser($id) {
if($this->getUser($id) != '') {
return true;
@ -729,7 +777,17 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
}
function isReserved($username) {
/**
* Checks if the given user name is one of the reserved ones
*
* @param string $username Username to check
*
* @return boolean True when it is reserved
*
* @uses $GLOBALS['reservedusers']
*/
public function isReserved($username)
{
if (in_array($username, $GLOBALS['reservedusers'])) {
return true;
} else {
@ -737,7 +795,20 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
}
}
function isValidUsername($username) {
/**
* Check if the given username is valid syntactically.
* This function does not check if the username is already
* in use or reserved.
*
* @param string $username Name to check
*
* @return boolean True if the username is valid
*
* @see isReserved()
* @see existsUserWithUsername()
*/
public function isValidUsername($username)
{
if (strlen($username) < 4) {
return false;
}elseif (strlen($username) > 24) {

View File

@ -105,6 +105,73 @@ class UserTest extends TestBase
/**
* Test userEmailCombinationValid() with valid user
* and valid email address.
*
* @return void
*/
public function testUserEmailCombinationValid()
{
$this->us->deleteAll();
$uid = $this->addUser();
$user = $this->us->getUser($uid);
$email = $user['email'];
$name = $user['username'];
$this->assertTrue(
$this->us->userEmailCombinationValid(
$name, $email
)
);
}
/**
* Test userEmailCombinationValid() with valid user and invalid email.
*
* @return void
*/
public function testUserEmailCombinationValidInvalidEmail()
{
$this->us->deleteAll();
$uid = $this->addUser();
$user = $this->us->getUser($uid);
$email = $user['email'];
$name = $user['username'];
$this->assertFalse(
$this->us->userEmailCombinationValid(
$name, 'not-' . $email
)
);
}
/**
* Test userEmailCombinationValid() with invalid user and invalid email.
*
* @return void
*/
public function testUserEmailCombinationValidBothInvalid()
{
$this->us->deleteAll();
$uid = $this->addUser();
$user = $this->us->getUser($uid);
$email = $user['email'];
$name = $user['username'];
$this->assertFalse(
$this->us->userEmailCombinationValid(
'not-' . $name, 'not-' . $email
)
);
}
/**
* Test login() function with invalid creditentials
*

View File

@ -1,62 +1,138 @@
<?php
/***************************************************************************
Copyright (C) 2004 - 2006 Scuttle project
http://sourceforge.net/projects/scuttle/
http://scuttle.org/
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
***************************************************************************/
/**
* SemanticScuttle - your social bookmark manager.
* User login form.
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
require_once 'www-header.php';
if ($userservice->isLoggedOn()) {
//no need to log in when the user is already logged in
$user = $userservice->getCurrentUser();
header(
'Location: '
. createURL('bookmarks', $user['username'])
);
exit();
}
/* Service creation: only useful services are created */
// No specific services
require_once 'HTML/QuickForm2.php';
require_once 'SemanticScuttle/QuickForm2/Renderer/CoolArray.php';
//do not append '-0' to IDs
HTML_Common2::setOption('id_force_append_index', false);
$login = new HTML_QuickForm2(
'login', 'post',
array('action' => createURL('login')),
true
);
$login->addElement(
'hidden', 'querystring',
array(
'value' => $_SERVER['QUERY_STRING']
)
);
$user = $login->addElement(
'text', 'username',
array(
'size' => 20,
'class' => 'required'
)
)->setLabel(T_('Username'));
$user->addRule(
'required',
T_('Please enter your username')
);
$user->addRule(
'callback',
T_('This username is not valid (too short, too long, forbidden characters...), please make another choice.'),
array($userservice, 'isValidUsername')
);
$login->addElement(
'password', 'password',
array(
'size' => 20,
'class' => 'required'
)
)
->setLabel(T_('Password'))
->addRule(
'required',
T_('Please enter your password')
);
$login->addElement(
'checkbox', 'keeploggedin'
)->setLabel(T_('Don\'t ask for my password for 2 weeks'));
$login->addElement(
'submit', 'submit',
array('value' => T_('Log In'))
);
/* Managing all possible inputs */
isset($_POST['keeppass']) ? define('POST_KEEPPASS', $_POST['keeppass']): define('POST_KEEPPASS', '');
isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', '');
isset($_POST['username']) ? define('POST_USERNAME', $_POST['username']): define('POST_USERNAME', '');
isset($_POST['password']) ? define('POST_PASSWORD', $_POST['password']): define('POST_PASSWORD', '');
isset($_POST['query']) ? define('POST_QUERY', $_POST['query']): define('POST_QUERY', '');
$keeppass = (POST_KEEPPASS=='yes')?true:false;
$login = false;
if (POST_SUBMITTED!='' && POST_USERNAME!='' && POST_PASSWORD!='') {
$posteduser = trim(utf8_strtolower(POST_USERNAME));
$login = $userservice->login($posteduser, POST_PASSWORD, $keeppass);
if ($login) {
if (POST_QUERY)
header('Location: '. createURL('bookmarks', $posteduser .'?'. POST_QUERY));
else
header('Location: '. createURL('bookmarks', $posteduser));
$tplVars['error'] = '';
if ($login->validate()) {
$arValues = $login->getValue();
if (!isset($arValues['keeploggedin'])) {
$arValues['keeploggedin'] = false;
}
$bLoginOk = $userservice->login(
$arValues['username'],
$arValues['password'],
(bool)$arValues['keeploggedin']
);
if ($bLoginOk) {
if ($arValues['querystring'] != '') {
//append old query string
header(
'Location: '
. createURL('bookmarks', $arValues['username'])
. '?' . $arValues['querystring']
);
} else {
header(
'Location: '
. createURL('bookmarks', $arValues['username'])
);
}
exit();
}
$tplVars['error'] = T_('The details you have entered are incorrect. Please try again.');
}
}
if (!$login) {
if ($userservice->isLoggedOn()) {
$cUser = $userservice->getCurrentObjectUser();
header('Location: '. createURL('bookmarks', strtolower($cUser->getUsername())));
}
$tplVars['subtitle'] = T_('Log In');
$tplVars['formaction'] = createURL('login');
$tplVars['querystring'] = filter($_SERVER['QUERY_STRING']);
HTML_QuickForm2_Renderer::register(
'coolarray',
'SemanticScuttle_QuickForm2_Renderer_CoolArray'
);
//$renderer = HTML_QuickForm2_Renderer::factory('coolarray')
$renderer = new SemanticScuttle_QuickForm2_Renderer_CoolArray();
$renderer->setOption(
array(
'group_hiddens' => true,
'group_errors' => true
)
);
$tplVars['form'] = $login->render($renderer);
$tplVars['loadjs'] = true;
$tplVars['subtitle'] = T_('Register');
$tplVars['error'] .= implode(
'<br/>', array_unique($tplVars['form']['errors'])
);
$templateservice->loadTemplate('login.tpl', $tplVars);
}
?>

View File

@ -1,78 +1,191 @@
<?php
/***************************************************************************
Copyright (C) 2005 Scuttle project
https://sourceforge.net/projects/scuttle/
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
***************************************************************************/
/**
* SemanticScuttle - your social bookmark manager.
* User password reset form.
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @author Marcus Campbell <marcus.campbell@gmail.com>
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
require_once 'www-header.php';
/* Service creation: only useful services are created */
// No specific services
require_once 'HTML/QuickForm2.php';
require_once 'SemanticScuttle/QuickForm2/Renderer/CoolArray.php';
require_once 'HTML/QuickForm2/Element/NumeralCaptcha.php';
/* Managing all possible inputs */
isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', '');
isset($_POST['username']) ? define('POST_USERNAME', $_POST['username']): define('POST_USERNAME', '');
isset($_POST['email']) ? define('POST_EMAIL', $_POST['email']): define('POST_EMAIL', '');
// IF SUBMITTED
if (POST_SUBMITTED != '') {
// NO USERNAME
if (!POST_USERNAME) {
$tplVars['error'] = T_('You must enter your username.');
//we register a strange name here so we can change the class
// itself easily
HTML_QuickForm2_Factory::registerElement(
'sc-captcha',
'HTML_QuickForm2_Element_NumeralCaptcha'
);
// NO E-MAIL
} elseif (!POST_EMAIL) {
$tplVars['error'] = T_('You must enter your <abbr title="electronic mail">e-mail</abbr> address.');
//do not append '-0' to IDs
HTML_Common2::setOption('id_force_append_index', false);
// USERNAME AND E-MAIL
} else {
$form = new HTML_QuickForm2(
'registration', 'post',
array('action' => createURL('password')),
true
);
// NO MATCH
$userinfo = $userservice->getObjectUserByUsername(POST_USERNAME);
if ($userinfo == NULL) {
$tplVars['error'] = T_('No matches found for that username.');
$user = $form->addElement(
'text', 'username',
array(
'size' => 20,
'class' => 'required'
)
)->setLabel(T_('Username'));
$user->addRule(
'required',
T_('You <em>must</em> enter a username, password and e-mail address.')
);
$user->addRule(
'callback',
T_('This username is not valid (too short, too long, forbidden characters...), please make another choice.'),
array($userservice, 'isValidUsername')
);
$user->addRule(
'notcallback',
T_('This username has been reserved, please make another choice.'),
array($userservice, 'isReserved')
);
$user->addRule(
'callback',
T_('No matches found for that username.'),
array($userservice, 'existsUserWithUsername')
);
$form->addRule(
'callback',
T_('No matches found for that combination of username and <abbr title="electronic mail">e-mail</abbr> address.'),
'checkUserEmailCombination'
);
} elseif (POST_EMAIL != $userinfo->getEmail()) {
$tplVars['error'] = T_('No matches found for that combination of username and <abbr title="electronic mail">e-mail</abbr> address.');
// MATCH
} else {
$email = $form->addElement(
'text', 'email',
array(
'size' => 40,
'class' => 'required'
)
)->setLabel(T_('E-mail'));
$email->addRule(
'required',
T_('You <em>must</em> enter a username, password and e-mail address.')
);
$email->addRule(
'callback',
T_('E-mail address is not valid. Please try again.'),
array($userservice, 'isValidEmail')
);
// GENERATE AND STORE PASSWORD
$password = $userservice->generatePassword($userinfo->getId());
if (!($password = $userservice->generatePassword($userinfo->getId()))) {
$captcha = $form->addElement(
'sc-captcha', 'captcha',
array(
'size' => 40
),
array(
'captchaSolutionWrong'
=> T_('Antispam answer is not valid. Please try again.')
)
)
->setLabel(T_('Antispam question'));
$form->addElement(
'submit', 'submit',
array('value' => T_('Generate Password'))
);
/**
* Checks if the user and email combination exists in the database.
*
* @param array $arValues Key-value array of form values
*
* @return boolean True if it exists, false if not
*/
function checkUserEmailCombination($arValues)
{
//FIXME: remove this once HTML_QuickForm2 calls form rules
// only after element rules match
// http://pear.php.net/bugs/17576
if (trim($arValues['username']) == ''
|| trim($arValues['email']) == ''
) {
return false;
}
$userservice = SemanticScuttle_Service_Factory::get('User');
return $userservice->userEmailCombinationValid(
$arValues['username'], $arValues['email']
);
}
$tplVars['error'] = '';
if ($form->validate()) {
$arValues = $form->getValue();
$arUser = $userservice->getUserByUsername($arValues['username']);
$password = $userservice->generatePassword($arUser['uId']);
if ($password === false) {
$tplVars['error'] = T_('There was an error while generating your new password. Please try again.');
} else {
// SEND E-MAIL
$message = T_('Your new password is:') ."\n". $password ."\n\n". T_('To keep your bookmarks secure, you should change this password in your profile the next time you log in.');
//change password and send email out
$message = T_('Your new password is:')
. "\n" . $password . "\n\n"
. T_('To keep your bookmarks secure, you should change this password in your profile the next time you log in.');
$message = wordwrap($message, 70);
$headers = 'From: '. $adminemail;
$mail = mail(POST_EMAIL, sprintf(T_('%s Account Information'), $sitename), $message);
$mail = mail(
$arValues['email'],
sprintf(T_('%s Account Information'), $sitename),
$message
);
$tplVars['msg'] = sprintf(
T_('New password generated and sent to %s'),
$arValues['email']
);
$captcha->clearCaptchaSession();
}
} else {
HTML_QuickForm2_Renderer::register(
'coolarray',
'SemanticScuttle_QuickForm2_Renderer_CoolArray'
);
//$renderer = HTML_QuickForm2_Renderer::factory('coolarray')
$renderer = new SemanticScuttle_QuickForm2_Renderer_CoolArray();
$renderer->setOption(
array(
'group_hiddens' => true,
'group_errors' => true
)
);
$tplVars['msg'] = sprintf(T_('New password generated and sent to %s'), POST_EMAIL);
}
}
}
$tplVars['form'] = $form->render($renderer);
//fscking form error is not in form|errors
$tplVars['error'] .= implode(
'<br/>',
array_unique(
array_merge(
$tplVars['form']['errors'],
array($form->getError())
)
)
);
}
$templatename = 'password.tpl';
$tplVars['loadjs'] = true;
$tplVars['subtitle'] = T_('Forgotten Password');
$tplVars['formaction'] = createURL('password');
$templateservice->loadTemplate($templatename, $tplVars);
$templateservice->loadTemplate('password.tpl', $tplVars);
?>

View File

@ -1,24 +1,20 @@
<?php
/***************************************************************************
Copyright (C) 2004 - 2006 Marcus Campbell
http://sourceforge.net/projects/scuttle/
http://scuttle.org/
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
***************************************************************************/
/**
* SemanticScuttle - your social bookmark manager.
* New user registration form.
*
* PHP version 5.
*
* @category Bookmarking
* @package SemanticScuttle
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
* @author Christian Weiske <cweiske@cweiske.de>
* @author Eric Dane <ericdane@users.sourceforge.net>
* @author Marcus Campbell <marcus.campbell@gmail.com>
* @copyright 2004-2006 Marcus Campbell
* @license GPL http://www.gnu.org/licenses/gpl.html
* @link http://sourceforge.net/projects/semanticscuttle
*/
require_once 'www-header.php';
if (!$GLOBALS['enableRegistration']) {
@ -27,60 +23,135 @@ if (!$GLOBALS['enableRegistration']) {
exit(1);
}
/* Service creation: only useful services are created */
// No specific services
require_once 'HTML/QuickForm2.php';
require_once 'SemanticScuttle/QuickForm2/Renderer/CoolArray.php';
require_once 'HTML/QuickForm2/Element/NumeralCaptcha.php';
/* Managing all possible inputs */
isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', '');
isset($_POST['username']) ? define('POST_USERNAME', $_POST['username']): define('POST_USERNAME', '');
isset($_POST['password']) ? define('POST_PASS', $_POST['password']): define('POST_PASS', '');
isset($_POST['email']) ? define('POST_MAIL', $_POST['email']): define('POST_MAIL', '');
isset($_POST['antispamAnswer']) ? define('POST_ANTISPAMANSWER', $_POST['antispamAnswer']): define('POST_ANTISPAMANSWER', '');
//we register a strange name here so we can change the class
// itself easily
HTML_QuickForm2_Factory::registerElement(
'sc-captcha',
'HTML_QuickForm2_Element_NumeralCaptcha'
);
//do not append '-0' to IDs
HTML_Common2::setOption('id_force_append_index', false);
$form = new HTML_QuickForm2(
'registration', 'post',
array('action' => createURL('register')),
true
);
$user = $form->addElement(
'text', 'username',
array(
'size' => 20,
'onkeyup' => 'isAvailable(this, "")',
'class' => 'required'
)
)->setLabel(T_('Username'));
$user->addRule(
'required',
T_('You <em>must</em> enter a username, password and e-mail address.')
);
$user->addRule(
'callback',
T_('This username is not valid (too short, too long, forbidden characters...), please make another choice.'),
array($userservice, 'isValidUsername')
);
$user->addRule(
'notcallback',
T_('This username has been reserved, please make another choice.'),
array($userservice, 'isReserved')
);
$user->addRule(
'notcallback',
T_('This username already exists, please make another choice.'),
array($userservice, 'existsUserWithUsername')
);
$form->addElement(
'password', 'password',
array(
'size' => 20,
'class' => 'required'
)
)
->setLabel(T_('Password'))
->addRule(
'required',
T_('You <em>must</em> enter a username, password and e-mail address.')
);
$email = $form->addElement(
'text', 'email',
array(
'size' => 40,
'class' => 'required'
)
)->setLabel(T_('E-mail'));
$email->addRule(
'required',
T_('You <em>must</em> enter a username, password and e-mail address.')
);
$email->addRule(
'callback',
T_('E-mail address is not valid. Please try again.'),
array($userservice, 'isValidEmail')
);
$captcha = $form->addElement(
'sc-captcha', 'captcha',
array(
'size' => 40
),
array(
'captchaSolutionWrong'
=> T_('Antispam answer is not valid. Please try again.')
)
)
->setLabel(T_('Antispam question'));
$form->addElement(
'submit', 'submit',
array('value' => T_('Register'))
);
if (POST_SUBMITTED != '') {
$posteduser = trim(utf8_strtolower(POST_USERNAME));
$tplVars['error'] = '';
if ($form->validate()) {
$arValues = $form->getValue();
// Check if form is incomplete
if (!($posteduser) || POST_PASS == '' || POST_MAIL == '') {
$tplVars['error'] = T_('You <em>must</em> enter a username, password and e-mail address.');
// Check if username is reserved
} elseif ($userservice->isReserved($posteduser)) {
$tplVars['error'] = T_('This username has been reserved, please make another choice.');
// Check if username already exists
} elseif ($userservice->getUserByUsername($posteduser)) {
$tplVars['error'] = T_('This username already exists, please make another choice.');
// Check if username is valid (length, authorized characters)
} elseif (!$userservice->isValidUsername($posteduser)) {
$tplVars['error'] = T_('This username is not valid (too short, too long, forbidden characters...), please make another choice.');
// Check if e-mail address is valid
} elseif (!$userservice->isValidEmail(POST_MAIL)) {
$tplVars['error'] = T_('E-mail address is not valid. Please try again.');
// Check if antispam answer is valid (doesn't take into account spaces and uppercase)
} elseif (strcasecmp(str_replace(' ', '', POST_ANTISPAMANSWER), str_replace(' ', '', $GLOBALS['antispamAnswer'])) != 0) {
$tplVars['error'] = T_('Antispam answer is not valid. Please try again.');
// Register details
} elseif ($userservice->addUser($posteduser, POST_PASS, POST_MAIL) !== false) {
// Log in with new username
$login = $userservice->login($posteduser, POST_PASS);
if ($login) {
header('Location: '. createURL('bookmarks', $posteduser));
}
$tplVars['msg'] = T_('You have successfully registered. Enjoy!');
} else {
$tplVars['error'] = T_('Registration failed. Please try again.');
$bOk = $userservice->addUser(
$arValues['username'], $arValues['password'], $arValues['email']
);
if ($bOk) {
$captcha->clearCaptchaSession();
header('Location: '. createURL('bookmarks', $arValues['username']));
exit();
}
$tplVars['error'] .= T_('Registration failed. Please try again.');
}
$tplVars['antispamQuestion'] = $GLOBALS['antispamQuestion'];
HTML_QuickForm2_Renderer::register(
'coolarray',
'SemanticScuttle_QuickForm2_Renderer_CoolArray'
);
//$renderer = HTML_QuickForm2_Renderer::factory('coolarray')
$renderer = new SemanticScuttle_QuickForm2_Renderer_CoolArray();
$renderer->setOption(
array(
'group_hiddens' => true,
'group_errors' => true
)
);
$tplVars['form'] = $form->render($renderer);
$tplVars['loadjs'] = true;
$tplVars['subtitle'] = T_('Register');
$tplVars['formaction'] = createURL('register');
$tplVars['error'] .= implode(
'<br/>', array_unique($tplVars['form']['errors'])
);
$templateservice->loadTemplate('register.tpl', $tplVars);
?>

View File

@ -541,6 +541,9 @@ form th {
form table {
margin: 0 1em;
}
form input.inacttext {
color: #888;
}
h3 {
background: #DDD;
color: #555;