blob: 2132d67e44b07bbbfee4ae0390bb1de26786f419 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
<?php global $mm;
/**
* This is the view for the main login page.
*/
// TODO: We should probably check to make sure PAGE is just 'auth' or
// 'auth/', and not something like 'auth/foobar', for which we should
// throw a 404.
@$action = $_POST['action'];
switch ($action) {
case 'login': login(); break;
case 'logout': logout(); break;
case '': maybe_login(); break;
default: badrequest(); break;
}
function maybe_login() {
global $mm;
$uid = $mm->isLoggedIn();
if ($uid===false) {
login();
} else {
$mm->header('Authentication');
$t = $mm->template();
$username = $mm->getUsername($uid);
$t->openTag('div',array('class'=>'login'));
$t->text("Logged in as ".htmlentities($username).'.');
$t->logout_button('Logout');
$t->closeTag('div');
$mm->footer();
}
}
function login() {
include(VIEWPATH.'/pages/auth/login.php');
}
function logout() {
global $mm;
$t = $mm->template();
$mm->logout();
$mm->header('Authentication');
$t->paragraph('Logged out');
$mm->footer();
}
function badrequest() {
global $mm;
$mm->status('400 Bad Request');
$t = $mm->template();
$mm->header('Authentication');
$t->paragraph('The recieved POST request was malformed/invalid. '.
'If you got here from a link, this is a bug; '.
'Let the admin know.'.
'If you got here from outside, then the API is being '.
'missused.');
$mm->footer();
}
|
