summaryrefslogtreecommitdiff
path: root/modules/gallery/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'modules/gallery/controllers')
-rw-r--r--modules/gallery/controllers/admin.php11
-rw-r--r--modules/gallery/controllers/reauthenticate.php20
2 files changed, 20 insertions, 11 deletions
diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php
index 8effe28f..40dd260b 100644
--- a/modules/gallery/controllers/admin.php
+++ b/modules/gallery/controllers/admin.php
@@ -38,8 +38,7 @@ class Admin_Controller extends Controller {
return self::_reauth_check();
}
if (auth::must_reauth_for_admin_area()) {
- print self::_prompt_for_reauth($controller_name, $args);
- return;
+ return self::_prompt_for_reauth($controller_name, $args);
}
if (request::method() == "post") {
@@ -87,13 +86,7 @@ class Admin_Controller extends Controller {
// Avoid anti-phishing protection by passing the url as session variable.
Session::instance()->set("continue_url", url::abs_current(true));
}
-
- // Check that we we not in a dialog. If we are, then use an ajax response.
- if (strpos(Router::$query_string, "g-in-dialog") === false) {
- url::redirect("reauthenticate");
- } else {
- return reauthenticate::get_authenticate_form();
- }
+ url::redirect("reauthenticate");
}
}
diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php
index 9ddaff2e..acb27f6a 100644
--- a/modules/gallery/controllers/reauthenticate.php
+++ b/modules/gallery/controllers/reauthenticate.php
@@ -22,7 +22,7 @@ class Reauthenticate_Controller extends Controller {
if (!identity::active_user()->admin) {
access::forbidden();
}
- return self::_show_form(reauthenticate::get_authenticate_form());
+ return self::_show_form(self::_form());
}
public function auth() {
@@ -31,7 +31,7 @@ class Reauthenticate_Controller extends Controller {
}
access::verify_csrf();
- $form = reauthenticate::get_authenticate_form();
+ $form = self::_form();
$valid = $form->validate();
$user = identity::active_user();
if ($valid) {
@@ -54,4 +54,20 @@ class Reauthenticate_Controller extends Controller {
$view->content->user_name = identity::active_user()->name;
print $view;
}
+
+ private static function _form() {
+ $form = new Forge("reauthenticate/auth", "", "post", array("id" => "g-reauthenticate-form"));
+ $form->set_attr('class', "g-narrow");
+ $form->hidden("continue_url")->value(Session::instance()->get("continue_url", "admin"));
+ $group = $form->group("reauthenticate")->label(t("Re-authenticate"));
+ $group->password("password")->label(t("Password"))->id("g-password")->class(null)
+ ->callback("auth::validate_too_many_failed_auth_attempts")
+ ->callback("user::valid_password")
+ ->error_messages("invalid_password", t("Incorrect password"))
+ ->error_messages(
+ "too_many_failed_auth_attempts",
+ t("Too many incorrect passwords. Try again later"));
+ $group->submit("")->value(t("Submit"));
+ return $form;
+ }
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 23:21:16 +0000