securesite.inc in Secure Site 5
Same filename and directory in other branches
Support functions for the Secure Site contrib module
File
securesite.incView source
<?php
/**
* @file
* Support functions for the Secure Site contrib module
*/
/**
* Returns complete form for login when using the HTML form
*
* @return
* HTML used in the Secure Site dialog when the HTML login form is in use
*/
function _securesite_login_form() {
return "\n <h1>" . t('Login') . '</h1>
<div id="login">' . variable_get('securesite_login_form', t('<p>Enter your username and password.</p>')) . (!isset($_POST['securesite_request_form']) ? theme('status_messages') : '') . '</div>
<form action="' . request_uri() . '" method="post">
<p><label>' . t('Username') . ': <input type="text" maxlength="55" class="form-text" name="edit[name]" id="edit-name" value=""></label></p>
<p><label>' . t('Password') . ': <input type="password" class="form-password" maxlength="24" name="edit[pass]" id="edit-pass" value=""></label></p>
<p><input type="hidden" name="securesite_login_form" value="1"><input type="submit" class="form-submit" name="op" value="' . t('Login') . '"></p>
</form>
';
}
/**
* Returns complete form for password reset request (if enabled)
*
* @return
* HTML used in the Secure Site dialog when the HTTP Auth dialog is cancelled
*/
function _securesite_request_form() {
$securesite_enabled = variable_get('securesite_enabled', SECURESITE_DISABLED);
$output = '';
if ($form_msg = variable_get('securesite_request_form', t('<p>Enter your username or e-mail address.</p>'))) {
if ($securesite_enabled == SECURESITE_FORM) {
// Only output the HR if also outputting the login form
$output = " <hr>\n\n ";
}
$output .= "\n <h1>" . t('Password Reset') . '</h1>
<div id="reset">' . $form_msg . '</div>
' . theme('status_messages') . '
<form action="' . request_uri() . '" method="post">
<p><label>' . t('Username') . ': <input type="text" maxlength="55" class="form-text" name="edit[name]" id="edit-name" value=""></label></p>
<p><label>' . t('E-mail address') . ': <input type="text" maxlength="64" class="form-text" name="edit[mail]" id="edit-mail" value=""></label></p>
<p><input type="hidden" name="securesite_request_form" value="1"><input type="submit" class="form-submit" name="op" value="' . t('Reset password') . '"></p>
</form>
';
}
else {
if ($securesite_enabled == SECURESITE_AUTH) {
// If password reset is disabled and the login form isn't being used,
// output a message to the user informing them how to login
$output = theme('status_messages') . '<p id="password">' . t('Reload the page to try logging in again.') . "</p>\n";
}
}
return $output;
}
/**
* Print HTML dialog page for Secure Site
*
* @param $content
* HTML to output for the login and/or password reset form
*/
function _securesite_dialog_page($content) {
$theme_path = drupal_get_path('theme', variable_get('theme_default', 'garland'));
$dialog_file = '/securesite-dialog.tpl.php';
if (file_exists($theme_path . $dialog_file)) {
include_once $theme_path . $dialog_file;
}
else {
include_once drupal_get_path('module', 'securesite') . $dialog_file;
}
}
/**
* Process password reset requests
*
* @param $edit
* Username or e-mail address of user requesting password reset
*/
function _securesite_password_reset($edit = array()) {
global $base_url;
// Only look-up information if input was given
if ($edit['name'] || $edit['mail']) {
// User must have an active account
$load['status'] = 1;
// Only create array keys/values if something was entered, otherwise
// user_load() will fail
if (!empty($edit['name'])) {
$load['name'] = $edit['name'];
}
if (!empty($edit['mail'])) {
$load['mail'] = $edit['mail'];
}
// Check account information
$account = user_load($load);
if ($account && $account->uid) {
// Valid account, e-mail the user a new password
// Generate a new password for this user
$account = user_save($account, array(
'pass' => user_password(),
));
// Mail new password
$variables = array(
'!username' => $account->name,
'!site' => variable_get('site_name', 'Drupal'),
'!login_url' => user_pass_reset_url($account),
'!uri' => $base_url,
'!uri_brief' => preg_replace('`^https?://`i', '', $base_url),
'!mailto' => $account->mail,
'!date' => format_date(time()),
'!login_uri' => url('user', NULL, NULL, TRUE),
'!edit_uri' => url('user/' . $account->uid . '/edit', NULL, NULL, TRUE),
);
$subject = _user_mail_text('pass_subject', $variables);
$body = _user_mail_text('pass_body', $variables);
$mail_success = drupal_mail('securesite-password', $account->mail, $subject, $body);
if ($mail_success) {
watchdog('user', t('Password mailed to %name at %email.', array(
'%name' => $account->name,
'%email' => $account->mail,
)));
// Exit here because presumably the user can't do anything more before
// visiting the password reset URL
_securesite_dialog_page('<p id="mail">' . t('Further instructions have been e-mailed to you.') . "</p>\n");
session_write_close();
module_invoke_all('exit', request_uri());
exit;
}
else {
// Note: At this point, the user's password has already been reset
watchdog('user', t('Error mailing password to %name at %email.', array(
'%name' => $account->name,
'%email' => $account->mail,
)), WATCHDOG_ERROR);
drupal_set_message(t('Unable to send mail. Please contact the site admin.'), 'error');
}
}
else {
// Name or mail not valid or account disabled
drupal_set_message(t('Unrecognized username or e-mail address.'), 'error');
}
}
else {
// Nothing entered
drupal_set_message(t('Unrecognized username or e-mail address.'), 'error');
}
}
Functions
Name | Description |
---|---|
_securesite_dialog_page | Print HTML dialog page for Secure Site |
_securesite_login_form | Returns complete form for login when using the HTML form |
_securesite_password_reset | Process password reset requests |
_securesite_request_form | Returns complete form for password reset request (if enabled) |