ILIAS  release_4-4 Revision
Auth_Frontend_Html Class Reference
+ Collaboration diagram for Auth_Frontend_Html:

Public Member Functions

 render (&$caller, $username='')
 Displays the login form. More...
 

Detailed Description

Definition at line 39 of file Html.php.

Member Function Documentation

◆ render()

Auth_Frontend_Html::render ( $caller,
  $username = '' 
)

Displays the login form.

Parameters
objectThe calling auth instance
stringThe previously used username
Returns
void

Definition at line 50 of file Html.php.

References AUTH_EXPIRED, AUTH_IDLED, AUTH_SECURITY_BREACH, AUTH_WRONG_LOGIN, and if.

Referenced by Auth\login().

50  {
51  $loginOnClick = 'return true;';
52 
53  // Try To Use Challene response
54  // TODO javascript might need some improvement for work on other browsers
55  if($caller->advancedsecurity && $caller->storage->supportsChallengeResponse() ) {
56 
57  // Init the secret cookie
58  $caller->session['loginchallenege'] = md5(microtime());
59 
60  print "\n";
61  print '<script language="JavaScript">'."\n";
62 
63  include 'Auth/Frontend/md5.js';
64 
65  print "\n";
66  print ' function securePassword() { '."\n";
67  print ' var pass = document.getElementById(\''.$caller->getPostPasswordField().'\');'."\n";
68  print ' var secret = document.getElementById(\'authsecret\')'."\n";
69  //print ' alert(pass);alert(secret); '."\n";
70 
71  // If using md5 for password storage md5 the password before
72  // we hash it with the secret
73  // print ' alert(pass.value);';
74  if ($caller->storage->getCryptType() == 'md5' ) {
75  print ' pass.value = hex_md5(pass.value); '."\n";
76  #print ' alert(pass.value);';
77  }
78 
79  print ' pass.value = hex_md5(pass.value+\''.$caller->session['loginchallenege'].'\'); '."\n";
80  // print ' alert(pass.value);';
81  print ' secret.value = 1;'."\n";
82  print ' var doLogin = document.getElementById(\'doLogin\')'."\n";
83  print ' doLogin.disabled = true;'."\n";
84  print ' return true;';
85  print ' } '."\n";
86  print '</script>'."\n";;
87  print "\n";
88 
89  $loginOnClick = ' return securePassword(); ';
90  }
91 
92  print '<center>'."\n";
93 
94  $status = '';
95  if (!empty($caller->status) && $caller->status == AUTH_EXPIRED) {
96  $status = '<i>Your session has expired. Please login again!</i>'."\n";
97  } else if (!empty($caller->status) && $caller->status == AUTH_IDLED) {
98  $status = '<i>You have been idle for too long. Please login again!</i>'."\n";
99  } else if (!empty ($caller->status) && $caller->status == AUTH_WRONG_LOGIN) {
100  $status = '<i>Wrong login data!</i>'."\n";
101  } else if (!empty ($caller->status) && $caller->status == AUTH_SECURITY_BREACH) {
102  $status = '<i>Security problem detected. </i>'."\n";
103  }
104 
105  print '<form method="post" action="'.$caller->server['PHP_SELF'].'" '
106  .'onSubmit="'.$loginOnClick.'">'."\n";
107  print '<table border="0" cellpadding="2" cellspacing="0" '
108  .'summary="login form" align="center" >'."\n";
109  print '<tr>'."\n";
110  print ' <td colspan="2" bgcolor="#eeeeee"><strong>Login </strong>'
111  .$status.'</td>'."\n";
112  print '</tr>'."\n";
113  print '<tr>'."\n";
114  print ' <td>Username:</td>'."\n";
115  print ' <td><input type="text" id="'.$caller->getPostUsernameField()
116  .'" name="'.$caller->getPostUsernameField().'" value="' . $username
117  .'" /></td>'."\n";
118  print '</tr>'."\n";
119  print '<tr>'."\n";
120  print ' <td>Password:</td>'."\n";
121  print ' <td><input type="password" id="'.$caller->getPostPasswordField()
122  .'" name="'.$caller->getPostPasswordField().'" /></td>'."\n";
123  print '</tr>'."\n";
124  print '<tr>'."\n";
125 
126  //onClick=" '.$loginOnClick.' "
127  print ' <td colspan="2" bgcolor="#eeeeee"><input value="Login" '
128  .'id="doLogin" name="doLogin" type="submit" /></td>'."\n";
129  print '</tr>'."\n";
130  print '</table>'."\n";
131 
132  // Might be a good idea to make the variable name variable
133  print '<input type="hidden" id="authsecret" name="authsecret" value="" />';
134  print '</form>'."\n";
135  print '</center>'."\n";
136  }
const AUTH_SECURITY_BREACH
Returned if new Advanced security system detects a breach.
Definition: Auth.php:46
if(!file_exists(getcwd().'/ilias.ini.php')) if(isset( $_GET["client_id"]))
registration confirmation script for ilias
Definition: confirmReg.php:20
const AUTH_IDLED
Returned if session exceeds idle time.
Definition: Auth.php:30
const AUTH_WRONG_LOGIN
Returned if container is unable to authenticate user/password pair.
Definition: Auth.php:38
const AUTH_EXPIRED
Returned if session has expired.
Definition: Auth.php:34
+ Here is the caller graph for this function:

The documentation for this class was generated from the following file: