From 67a347bafb875be60e7554f308d80d7f0a1d2747 Mon Sep 17 00:00:00 2001
From: Evan Prodromou <evan@prodromou.name>
Date: Wed, 14 May 2008 10:54:36 -0400
Subject: considerable coding

darcs-hash:20080514145436-84dde-d0994cb35d3fe8545d3f08abeec3cdfe7559c67d.gz
---
 actions/login.php | 66 +++++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 50 insertions(+), 16 deletions(-)

(limited to 'actions/login.php')

diff --git a/actions/login.php b/actions/login.php
index a95dc9e3a..b93936297 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -1,25 +1,59 @@
 <?php
 
-function handle_login() {
-	if ($_REQUEST['METHOD'] == 'POST') {
-		if (login_check_user($_REQUEST['user'], $_REQUEST['password'])) {
-			
+class LoginAction extends Action {
+	
+	function handle($args) {
+		parent::handle($args);
+		if (common_logged_in()) {
+			common_user_error(_t('Already logged in.'));
+		} else if ($this->arg('METHOD') == 'POST') {
+			$this->check_login();
 		} else {
+			$this->show_form();
 		}
-	} else {
-		if (user_logged_in()) {
+	}
+
+	function check_login() {
+		# XXX: form token in $_SESSION to prevent XSS
+		# XXX: login throttle
+		$nickname = $this->arg('nickname');
+		$password = $this->arg('password');
+		if (common_check_user($nickname, $password)) {
+			common_set_user($nickname);
+			common_redirect(common_local_url('all',
+											 array('nickname' =>
+												   $nickname)));
 		} else {
-			login_show_form();
+			$this->show_form(_t('Incorrect username or password.'));
 		}
 	}
-}
 	
-function login_show_form() {
-	html_start();
-	html_head("Login");
-	html_body();
+	function show_form($error=NULL) {
+		
+		common_show_header(_t('Login'));
+		if (!is_null($error)) {
+			common_element('div', array('class' => 'error'), $msg);
+		}
+		common_start_element('form', array('method' => 'POST',
+										   'id' => 'login',
+										   'action' => common_local_url('login')));
+		common_element('label', array('for' => 'username'),
+					   _t('Name'));
+		common_element('input', array('name' => 'username',
+									  'type' => 'text',
+									  'id' => 'username'));
+		common_element('label', array('for' => 'password'),
+					   _t('Password'));
+		common_element('input', array('name' => 'password',
+									  'type' => 'password',									  
+									  'id' => 'password'));
+		common_element('input', array('name' => 'submit',
+									  'type' => 'submit',
+									  'id' => 'submit'),
+					   _t('Login'));
+		common_element('input', array('name' => 'cancel',
+									  'type' => 'button',
+									  'id' => 'cancel'),
+					   _t('Cancel'));
+	}
 }
-	
-function login_check_user($username, $password) {
-	
-}
\ No newline at end of file
-- 
cgit v1.2.3-54-g00ecf