modules/user/controllers/login.php

<?php defined("SYSPATH") or die("No direct script access.");
/**
 * Gallery - a web based photo album viewer and editor
 * Copyright (C) 2000-2008 Bharat Mediratta
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or (at
 * your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
 */
class Login_Controller extends Controller {
  public function index() {
    $form = new Forge(url::current(true), "", "post", array("id" => "gLoginForm"));
    $group = $form->group("login_form")->label(_("Login"));
    $group->input("name")->label(_("Name"))->id("gName")->class(null);
    $group->password("password")->label(_("Password"))->id("gPassword")->class(null);
    $group->inputs["name"]->error_messages("invalid_login", _("Invalid name or password"));

    if (request::method() == "post" && $form->validate()) {
      $user = ORM::factory("user")->where("name", $group->inputs["name"]->value)->find();
      if ($user->loaded &&
          user::is_correct_password($user, $group->password->value)) {
        user::login($user);
        log::add("user", "User $user->name logged in");
        rest::http_status(rest::ACCEPTED);
      } else {
        log::add("user", sprintf(_("Failed login for %s"), $group->inputs["name"]->value),
                 log::WARNING);
        $group->inputs["name"]->add_error("invalid_login", 1);
      }
    }

    print $form->render();
  }
}
More updates for user management. The controllers don't work yet. But the login link in the header wil open up a login box like the mockup 2008-11-12 03:40:49 +00:00			`<?php defined("SYSPATH") or die("No direct script access.");`
			`/**`
			`* Gallery - a web based photo album viewer and editor`
			`* Copyright (C) 2000-2008 Bharat Mediratta`
			`*`
			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation; either version 2 of the License, or (at`
			`* your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful, but`
			`* WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU`
			`* General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program; if not, write to the Free Software`
			`* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.`
			`*/`
			`class Login_Controller extends Controller {`
			`public function index() {`
Rename gLogin -> gLoginForm This disambiguates forms from blocks (for example in the comment module we were calling both the form and block gComments). 2008-11-16 07:07:16 +00:00			`$form = new Forge(url::current(true), "", "post", array("id" => "gLoginForm"));`
Change the login form so that the legend is populated 2008-12-15 02:40:17 +00:00			`$group = $form->group("login_form")->label(_("Login"));`
Revise the user login code. * Remove user registration link and popup from the theme; this shouldn't be done in a popup. Use ajaxform to simplify the way that we load the login popup. * Create form.html.php, this is a template for Forge based forms. * Move user validation rules into User_Model and let forms populate the rules into their forms as useful. * Undo r18688's changes regarding the REST code. We should never accept a null resource, this breaks the REST abstraction. * Change login and user controllers to use Forge which lets us delete login.html.php and user.html.php since those now are generated by the theme-owned form template 2008-11-15 06:23:09 +00:00			`$group->input("name")->label(_("Name"))->id("gName")->class(null);`
			`$group->password("password")->label(_("Password"))->id("gPassword")->class(null);`
			`$group->inputs["name"]->error_messages("invalid_login", _("Invalid name or password"));`
More updates for user management. The controllers don't work yet. But the login link in the header wil open up a login box like the mockup 2008-11-12 03:40:49 +00:00
Don't try to validate the form unless it's a POST request. 2008-12-19 03:05:11 +00:00			`if (request::method() == "post" && $form->validate()) {`
Revise the user login code. * Remove user registration link and popup from the theme; this shouldn't be done in a popup. Use ajaxform to simplify the way that we load the login popup. * Create form.html.php, this is a template for Forge based forms. * Move user validation rules into User_Model and let forms populate the rules into their forms as useful. * Undo r18688's changes regarding the REST code. We should never accept a null resource, this breaks the REST abstraction. * Change login and user controllers to use Forge which lets us delete login.html.php and user.html.php since those now are generated by the theme-owned form template 2008-11-15 06:23:09 +00:00			`$user = ORM::factory("user")->where("name", $group->inputs["name"]->value)->find();`
			`if ($user->loaded &&`
			`user::is_correct_password($user, $group->password->value)) {`
			`user::login($user);`
Tersify a log message 2008-12-24 04:10:00 +00:00			`log::add("user", "User $user->name logged in");`
Lots of deltas rolled up into a bigger change. Sorry for the mess. 1) Deleted in-place-editing. We'll be replacing this with a real edit system that groups settings together and is more coherent. 2) Tweaked the way that dialog boxes work to get the ajax stuff working again. It's imperfect and does not work properly for uploading images. This is going to get redone also, but this is a good resting point. 3) Created edit forms for albums and photos. Moved _update and _create out of Items_Controller and into the individual subclasses. 4) Created access::required which is a shorthand for: if (!access::can(...)) { access::forbidden(); } 5) Added validation rules to Items_Model 6) Converted login to use the regular modal dialog approach in the theme. 2008-12-24 00:20:26 +00:00			`rest::http_status(rest::ACCEPTED);`
Revise the user login code. * Remove user registration link and popup from the theme; this shouldn't be done in a popup. Use ajaxform to simplify the way that we load the login popup. * Create form.html.php, this is a template for Forge based forms. * Move user validation rules into User_Model and let forms populate the rules into their forms as useful. * Undo r18688's changes regarding the REST code. We should never accept a null resource, this breaks the REST abstraction. * Change login and user controllers to use Forge which lets us delete login.html.php and user.html.php since those now are generated by the theme-owned form template 2008-11-15 06:23:09 +00:00			`} else {`
Add info/warning/error classes to log messages. 2008-12-21 10:35:30 +00:00			`log::add("user", sprintf(_("Failed login for %s"), $group->inputs["name"]->value),`
			`log::WARNING);`
Revise the user login code. * Remove user registration link and popup from the theme; this shouldn't be done in a popup. Use ajaxform to simplify the way that we load the login popup. * Create form.html.php, this is a template for Forge based forms. * Move user validation rules into User_Model and let forms populate the rules into their forms as useful. * Undo r18688's changes regarding the REST code. We should never accept a null resource, this breaks the REST abstraction. * Change login and user controllers to use Forge which lets us delete login.html.php and user.html.php since those now are generated by the theme-owned form template 2008-11-15 06:23:09 +00:00			`$group->inputs["name"]->add_error("invalid_login", 1);`
More updates for user management. The controllers don't work yet. But the login link in the header wil open up a login box like the mockup 2008-11-12 03:40:49 +00:00			`}`
			`}`
The login processing is starting to take shape. Login_Form is gone. The html for the login form is retrieve via an ajax call when the user clicks on login. Can't login with a valid id yet, but you certainly get error messages when things are wrong :-) 2008-11-12 21:42:40 +00:00
Create MY_Forge to specify the defaul html 2008-11-16 06:43:31 +00:00			`print $form->render();`
More updates for user management. The controllers don't work yet. But the login link in the header wil open up a login box like the mockup 2008-11-12 03:40:49 +00:00			`}`
			`}`