View source
<?php
namespace Drupal\protected_pages\Form;
use Drupal\Component\Datetime\TimeInterface;
use Drupal\Component\Utility\Html;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Form\FormBase;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Password\PasswordInterface;
use Drupal\Core\Session\AccountProxy;
use Drupal\protected_pages\ProtectedPagesStorage;
use Symfony\Component\DependencyInjection\ContainerInterface;
class ProtectedPagesLoginForm extends FormBase {
protected $protectedPagesStorage;
protected $password;
protected $currentUser;
protected $time;
public function __construct(PasswordInterface $password, ProtectedPagesStorage $protectedPagesStorage, AccountProxy $currentUser, TimeInterface $time) {
$this->password = $password;
$this->protectedPagesStorage = $protectedPagesStorage;
$this->currentUser = $currentUser;
$this->time = $time;
}
public static function create(ContainerInterface $container) {
return new static($container
->get('password'), $container
->get('protected_pages.storage'), $container
->get('current_user'), $container
->get('datetime.time'));
}
public function getFormId() {
return 'protected_pages_enter_password';
}
public function accessProtectedPageLoginScreen() {
$param_protected_page = $this
->getRequest()->query
->get('protected_page');
$param_exists = isset($param_protected_page) && is_numeric($param_protected_page);
return AccessResult::allowedIf(($this->currentUser
->hasPermission('access protected page password screen') || $this->currentUser
->id() == 1) && $param_exists);
}
public function protectedPageTitle() {
$config = $this
->config('protected_pages.settings');
return Html::escape($config
->get('others.protected_pages_title'));
}
public function buildForm(array $form, FormStateInterface $form_state) {
$config = $this
->config('protected_pages.settings');
$form['protected_page_enter_password'] = [
'#type' => 'fieldset',
'#collapsible' => FALSE,
'#title' => $config
->get('others.protected_pages_password_fieldset_legend'),
];
$form['protected_page_enter_password']['protected_page_pid'] = [
'#markup' => '<div class="protected_pages_description"><strong>' . $config
->get('others.protected_pages_description') . '</strong></div>',
];
$form['protected_page_enter_password']['password'] = [
'#type' => 'password',
'#title' => $config
->get('others.protected_pages_password_label'),
'#size' => 20,
'#required' => TRUE,
];
$form['protected_page_pid'] = [
'#type' => 'hidden',
'#value' => $this
->getRequest()->query
->get('protected_page'),
];
$form['protected_page_enter_password']['submit'] = [
'#type' => 'submit',
'#value' => $config
->get('others.protected_pages_submit_button_text'),
];
return $form;
}
public function validateForm(array &$form, FormStateInterface $form_state) {
$config = $this
->config('protected_pages.settings');
$global_password_setting = $config
->get('password.per_page_or_global');
if ($global_password_setting == 'per_page_password') {
$fields = [
'password',
];
$conditions = [];
$conditions['general'][] = [
'field' => 'pid',
'value' => $form_state
->getValue('protected_page_pid'),
'operator' => '=',
];
$password = $this->protectedPagesStorage
->loadProtectedPage($fields, $conditions, TRUE);
if (!$this->password
->check($form_state
->getValue('password'), $password)) {
$form_state
->setErrorByName('password', $config
->get('others.protected_pages_incorrect_password_msg'));
}
}
elseif ($global_password_setting == 'per_page_or_global') {
$fields = [
'password',
];
$conditions = [];
$conditions['general'][] = [
'field' => 'pid',
'value' => $form_state
->getValue('protected_page_pid'),
'operator' => '=',
];
$password = $this->protectedPagesStorage
->loadProtectedPage($fields, $conditions, TRUE);
$global_password = $config
->get('password.protected_pages_global_password');
if (!$this->password
->check($form_state
->getValue('password'), $password) && !$this->password
->check($form_state
->getValue('password'), $global_password)) {
$form_state
->setErrorByName('password', $config
->get('others.protected_pages_incorrect_password_msg'));
}
}
else {
$global_password = $config
->get('password.protected_pages_global_password');
if (!$this->password
->check($form_state
->getValue('password'), $global_password)) {
$form_state
->setErrorByName('password', $config
->get('others.protected_pages_incorrect_password_msg'));
}
}
}
public function submitForm(array &$form, FormStateInterface $form_state) {
$config = $this
->config('protected_pages.settings');
$_SESSION['_protected_page']['passwords'][$form_state
->getValue('protected_page_pid')]['request_time'] = $this->time
->getRequestTime();
$session_expire_time = $config
->get('password.protected_pages_session_expire_time');
if ($session_expire_time) {
$_SESSION['_protected_page']['passwords'][$form_state
->getValue('protected_page_pid')]['expire_time'] = strtotime("+{$session_expire_time} minutes");
}
}
}