'Login',
'summary' => 'Login to ProcessWire',
'version' => 101,
'permanent' => true,
'permission' => 'page-view',
);
}
/**
* Build the login form
*
*/
public function init() {
$this->id = isset($_GET['id']) ? (int) $_GET['id'] : '';
$this->allowForgot = $this->modules->isInstalled('ProcessForgotPassword');
return parent::init();
}
/**
* Check if login posted and attempt login, otherwise render the login form
*
*/
public function ___execute() {
if($this->user->isLoggedin()) {
$this->message($this->_("You are logged in."));
if($this->user->hasPermission('page-edit')) $this->afterLoginRedirect();
$url = $this->config->urls->root;
return "" . $this->_('Continue') . "
";
}
if($this->input->get->forgot && $this->allowForgot) {
$process = $this->modules->get("ProcessForgotPassword");
return $process->execute();
}
$this->buildLoginForm();
if(isset($_POST['login_submit'])) $this->form->processInput($this->input->post);
if(!$this->nameField->value || !$this->passField->value) return $this->renderLoginForm();
$name = $this->fuel('sanitizer')->username($this->nameField->value);
$pass = substr($this->passField->value, 0, 50);
if($this->fuel('session')->login($name, $pass)) {
$this->session->message($name . ' - ' . $this->_("Successful login"));
$this->session->remove('error');
$this->performSystemChecks();
$this->session->redirect("./?login=1" . ($this->id ? "&id={$this->id}" : ''));
} else {
$this->error($name . " - " . $this->_("Login failed"));
}
return $this->renderLoginForm();
}
protected function performSystemChecks() {
if(!$this->user->isSuperuser()) return;
$indexVersion = ProcessWire::indexVersion;
if(PROCESSWIRE < $indexVersion) {
$this->error(
"Not urgent, but note that your root index.php file is not up-to-date with this ProcessWire version - please update it when possible. " .
"
Required version: $indexVersion, Found version: " . PROCESSWIRE . "", Notice::log | Notice::allowMarkup
);
}
$htaccessFile = $this->wire('config')->paths->root . '.htaccess';
if(is_readable($htaccessFile)) {
$htaccessData = file_get_contents($htaccessFile);
if(!preg_match('/@indexVersion\s+(\d+)\b/', $htaccessData, $matches) || ((int) $matches[1]) < $indexVersion) {
$this->error(
"Not urgent, but note that your root .htaccess file is not up-to-date with this ProcessWire version - please update it when possible.
" .
"To ignore this warning, replace or add the following in the top of your existing .htaccess file: " .
"# @indexVersion $indexVersion", Notice::log | Notice::allowMarkup
);
}
}
// if($this->config->showSecurityWarnings === false) return;
// if(is_writable($this->config->paths->root . "site/config.php")) $this->error("Security Warning: /site/config.php is writable and ideally should not be.");
// if(is_writable($this->config->paths->root . "index.php")) $this->error("Security Warning: /index.php is writable and ideally should not be.");
$warningText = $this->_("Security Warning: %s exists and should be deleted as soon as possible.");
if(is_file($this->config->paths->root . "install.php")) $this->error(sprintf($warningText, '/install.php'), Notice::log);
$file = $this->config->paths->assets . "active.php";
if(!is_file($file)) {
$data = "config->paths->root}]";
file_put_contents($file, $data);
}
}
protected function ___buildLoginForm() {
$this->nameField = $this->modules->get('InputfieldText');
$this->nameField->set('label', $this->_('Username')); // Login form: username field label
$this->nameField->attr('id+name', 'login_name');
$this->nameField->attr('class', $this->className() . 'Name');
$this->passField = $this->modules->get('InputfieldText');
$this->passField->set('label', $this->_('Password')); // Login form: password field label
$this->passField->attr('id+name', 'login_pass');
$this->passField->attr('type', 'password');
$this->passField->attr('class', $this->className() . 'Pass');
$this->submitField = $this->modules->get('InputfieldSubmit');
$this->submitField->attr('name', 'login_submit');
$this->submitField->attr('value', $this->_('Login')); // Login form: submit login button
$this->form = $this->modules->get('InputfieldForm');
// we'll retain an ID field in the GET url, if it was there
$this->form->attr('action', "./" . ($this->id ? "?id={$this->id}" : ''));
$this->form->attr('id', $this->className() . 'Form');
$this->form->add($this->nameField);
$this->form->add($this->passField);
$this->form->add($this->submitField);
return $this->form;
}
/**
* Render the login form
*
*/
protected function ___renderLoginForm() {
if(isset($_GET['login'])) {
$this->afterLoginRedirect();
} else {
// note the space after 'Login ' is intentional to separate it from the Login button for translation purposes
$this->setFuel('processHeadline', $this->_('Login ')); // Headline for login form page
$this->passField->attr('value', '');
$out = $this->form->render();
$links = '';
if($this->allowForgot) {
$links .= ""; // Forgot password link text
}
$home = $this->pages->get("/");
$links .= "";
if($links) $out .= "$links
";
return $out;
}
}
/**
* Log the user out
*
*/
public function ___executeLogout() {
if($this->user->hasPermission('page-edit')) {
$url = $this->config->urls->admin;
$this->message($this->_("You have logged out"));
} else {
$url = $this->config->urls->root;
}
$this->session->logout();
$this->session->redirect($url);
}
/**
* Redirect to admin root after login
*
* Called only if the login request originated on the actual login page.
*
*/
protected function ___afterLoginRedirect() {
$this->session->redirect($this->pages->get($this->config->adminRootPageID)->url);
}
}