From 09dfe32eb6b538225686fd6ed0220240010bc574 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Mon, 1 Aug 2011 01:22:36 -0400
Subject: initial commit.

Partway through a rewrite. I have some old files I didn't want to entirely delete.
---
 src/views/pages/auth/badrequest.html.php | 11 ++++++
 src/views/pages/auth/index.html.php      | 12 ++++++
 src/views/pages/auth/login.html.php      | 49 +++++++++++++++++++++++++
 src/views/pages/auth/login.php           | 63 ++++++++++++++++++++++++++++++++
 src/views/pages/auth/logout.html.php     |  6 +++
 5 files changed, 141 insertions(+)
 create mode 100644 src/views/pages/auth/badrequest.html.php
 create mode 100644 src/views/pages/auth/index.html.php
 create mode 100644 src/views/pages/auth/login.html.php
 create mode 100644 src/views/pages/auth/login.php
 create mode 100644 src/views/pages/auth/logout.html.php

(limited to 'src/views/pages/auth')

diff --git a/src/views/pages/auth/badrequest.html.php b/src/views/pages/auth/badrequest.html.php
new file mode 100644
index 0000000..c1fe726
--- /dev/null
+++ b/src/views/pages/auth/badrequest.html.php
@@ -0,0 +1,11 @@
+<?php global $VARS;
+$t = $VARS['template'];
+
+$t->status('400 Bad Request');
+$t->header('Authentication');
+$t->paragraph('The recieved POST request was malformed/invalid. '.
+              'If you got here from a link, this is a bug; '.
+              'Let the admin know.'.
+              'If you got here from outside, then the API is being '.
+              'used incorrectly.');
+$t->footer();
diff --git a/src/views/pages/auth/index.html.php b/src/views/pages/auth/index.html.php
new file mode 100644
index 0000000..ac80140
--- /dev/null
+++ b/src/views/pages/auth/index.html.php
@@ -0,0 +1,12 @@
+<?php global $VARS;
+$t = $VARS['template'];
+$username = $VARS['username'];
+
+$t->header('Authentication');
+
+$t->openTag('div',array('class'=>'login'));
+$t->text("Logged in as ".htmlentities($username).'.');
+$t->logout_button('Logout');
+$t->closeTag('div');
+
+$t->footer();
\ No newline at end of file
diff --git a/src/views/pages/auth/login.html.php b/src/views/pages/auth/login.html.php
new file mode 100644
index 0000000..a246a9e
--- /dev/null
+++ b/src/views/pages/auth/login.html.php
@@ -0,0 +1,49 @@
+<?php global $VARS;
+$t = $VARS['template'];
+$username = $VARS['username'];
+$password = $VARS['password'];
+
+$t->header('Authentication');
+	
+$t->openTag('form',array('action'=>$t->url('auth'), 'method'=>"post"));
+$t->openFieldset('Login');
+switch ($VARS['login_code']) {
+case -1: break;
+case 0:
+	$t->inputP('Successfully logged in as '.
+	           htmlentities($username).'.');
+	if (isset($VARS['url'])) {
+		$url = htmlentities($VARS['url']);
+		$t->inputP($t->link($url,
+		                    'Return to the page you were on.',
+		                    true));
+	}
+	$t->closeFieldset();
+	$t->closeTag('form');
+	return;
+	break;
+case 1:
+	$t->inputP("Password does not match username.",
+	           array('class'=>'error'));
+	break;
+case 2:
+	$t->inputP("Username <q>$username</q> does not exist.");
+	$username = '';
+	break;
+}
+$t->inputText(    'username', 'Username:', '', $username);
+$t->inputPassword('password', 'Password:', '', $password);
+$t->openTag('li');
+$t->tag('input', array('type'=>'submit', 'value'=>'Login'));
+$t->closeTag('li');
+$t->closeFieldset();
+$t->tag('input', array('type'=>'hidden',
+                       'name'=>'action',
+                       'value'=>'login'));
+if (isset($VARS['url'])) {
+	$url = htmlentities($VARS['url']);
+	$t->tag('input', array('type'=>'hidden',
+	                       'name'=>'url',
+	                       'value'=>$url));
+}
+$t->closeTag('form');
diff --git a/src/views/pages/auth/login.php b/src/views/pages/auth/login.php
new file mode 100644
index 0000000..8a175eb
--- /dev/null
+++ b/src/views/pages/auth/login.php
@@ -0,0 +1,63 @@
+<?php global $mm;
+/**
+ * This isn't a separate URL, but this is what the 'auth' view loads
+ * when the user is attempting to log in.
+ * Logically, I don't think it should be in a separate file, but I think the
+ * general flow of things is easier to follow and edit and maintain.
+ */
+$username = '';
+$password = '';
+
+$t = $mm->template();
+
+$login = -1;
+if ( isset($_POST['username']) && isset($_POST['password'])) {
+	$username = $_POST['username'];
+	$password = $_POST['password'];
+	$login = $mm->login($username, $password);
+}
+
+$mm->header('Authentication');
+	
+$t->openTag('form',array('action'=>$mm->baseUrl().'auth','method'=>"post"));
+$t->openFieldset('Login');
+switch ($login) {
+case -1: break;
+case 0:
+	$t->inputP('Successfully logged in as '.
+	           htmlentities($username).'.');
+	if (isset($_POST['url'])) {
+		$url = htmlentities($_POST['url']);
+		$t->inputP($t->link($url,
+		                    'Return to the page you were on.',
+		                    true));
+	}
+	$t->closeFieldset();
+	$t->closeTag('form');
+	return;
+	break;
+case 1:
+	$t->inputP("Password does not match username.",
+	           array('class'=>'error'));
+	break;
+case 2:
+	$t->inputP("Username <q>$username</q> does not exist.");
+	$username = '';
+	break;
+}
+$t->inputText(    'username', 'Username:', '', $username);
+$t->inputPassword('password', 'Password:', '', $password);
+$t->openTag('li');
+$t->tag('input', array('type'=>'submit', 'value'=>'Login'));
+$t->closeTag('li');
+$t->closeFieldset();
+$t->tag('input', array('type'=>'hidden',
+                       'name'=>'action',
+                       'value'=>'login'));
+if (isset($_POST['url'])) {
+	$url = htmlentities($_POST['url']);
+	$t->tag('input', array('type'=>'hidden',
+	                       'name'=>'url',
+	                       'value'=>$url));
+}
+$t->closeTag('form');
diff --git a/src/views/pages/auth/logout.html.php b/src/views/pages/auth/logout.html.php
new file mode 100644
index 0000000..2d00998
--- /dev/null
+++ b/src/views/pages/auth/logout.html.php
@@ -0,0 +1,6 @@
+<?php global $VARS;
+$t = $VARS['template'];
+
+$t->header('Authentication');
+$t->paragraph('Logged out');
+$t->footer();
-- 
cgit v1.2.3-2-g168b