diff options
Diffstat (limited to 'modules/gallery/controllers/reauthenticate.php')
| -rw-r--r-- | modules/gallery/controllers/reauthenticate.php | 41 |
1 files changed, 33 insertions, 8 deletions
diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index acb27f6a..0486c0fe 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -18,11 +18,21 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class Reauthenticate_Controller extends Controller { - public function index($share_translations_form=null) { + public function index() { if (!identity::active_user()->admin) { access::forbidden(); } - return self::_show_form(self::_form()); + // On redirects from the admin controller, the ajax request indicator is lost, + // so we store it in the session. + $is_ajax = Session::instance()->get_once("is_ajax_request", request::is_ajax()); + if ($is_ajax) { + $v = new View("reauthenticate.html"); + $v->form = self::_form(); + $v->user_name = identity::active_user()->name; + print $v; + } else { + self::_show_form(self::_form()); + } } public function auth() { @@ -35,14 +45,23 @@ class Reauthenticate_Controller extends Controller { $valid = $form->validate(); $user = identity::active_user(); if ($valid) { - message::success(t("Successfully re-authenticated!")); module::event("user_auth", $user); - url::redirect($form->continue_url->value); + if (!request::is_ajax()) { + message::success(t("Successfully re-authenticated!")); + } + url::redirect(Session::instance()->get_once("continue_url")); } else { $name = $user->name; log::warning("user", t("Failed re-authentication for %name", array("name" => $name))); module::event("user_auth_failed", $name); - return self::_show_form($form); + if (request::is_ajax()) { + $v = new View("reauthenticate.html"); + $v->form = $form; + $v->user_name = identity::active_user()->name; + json::reply(array("html" => (string)$v)); + } else { + self::_show_form($form); + } } } @@ -52,17 +71,17 @@ class Reauthenticate_Controller extends Controller { $view->content = new View("reauthenticate.html"); $view->content->form = $form; $view->content->user_name = identity::active_user()->name; + print $view; } private static function _form() { $form = new Forge("reauthenticate/auth", "", "post", array("id" => "g-reauthenticate-form")); - $form->set_attr('class', "g-narrow"); - $form->hidden("continue_url")->value(Session::instance()->get("continue_url", "admin")); + $form->set_attr("class", "g-narrow"); $group = $form->group("reauthenticate")->label(t("Re-authenticate")); $group->password("password")->label(t("Password"))->id("g-password")->class(null) ->callback("auth::validate_too_many_failed_auth_attempts") - ->callback("user::valid_password") + ->callback("Reauthenticate_Controller::valid_password") ->error_messages("invalid_password", t("Incorrect password")) ->error_messages( "too_many_failed_auth_attempts", @@ -70,4 +89,10 @@ class Reauthenticate_Controller extends Controller { $group->submit("")->value(t("Submit")); return $form; } + + static function valid_password($password_input) { + if (!identity::is_correct_password(identity::active_user(), $password_input->value)) { + $password_input->add_error("invalid_password", 1); + } + } } |