| リビジョン | 60cdb049374677019e660524c4adfc3c05140a08 (tree) |
|---|---|
| 日時 | 2016-02-25 23:40:20 |
| 作者 |  umorigu <umorigu@gmai...> |
| コミッター | umorigu |
BugTrack2/375 Show "Invalid username or password" on failed login
plugin/loginform.inc.php (diff)| @@ -33,6 +33,7 @@ function plugin_loginform_action() | ||
| 33 | 33 | . ($page_after_login ? '&page_after_login=' . rawurlencode($page_after_login) : ''); |
| 34 | 34 | $username = isset($_POST['username']) ? $_POST['username'] : ''; |
| 35 | 35 | $password = isset($_POST['password']) ? $_POST['password'] : ''; |
| 36 | + $isset_user_credential = $username || $password ; | |
| 36 | 37 | if ($username && $password && form_auth($username, $password)) { |
| 37 | 38 | // Sign in successfully completed |
| 38 | 39 | form_auth_redirect($url_after_login, $page_after_login); |
| @@ -62,12 +63,8 @@ function plugin_loginform_action() | ||
| 62 | 63 | ); |
| 63 | 64 | } else { |
| 64 | 65 | // login |
| 65 | - $action_url_html = htmlsc($action_url); | |
| 66 | - $username_html = htmlsc($username); | |
| 67 | - $username_label_html = htmlsc($_loginform_messages['username']); | |
| 68 | - $password_label_html = htmlsc($_loginform_messages['password']); | |
| 69 | - $login_label_html = htmlsc($_loginform_messages['login']); | |
| 70 | - $body = <<< EOT | |
| 66 | + ob_start(); | |
| 67 | +?> | |
| 71 | 68 | <style> |
| 72 | 69 | .loginformcontainer { |
| 73 | 70 | text-align: center; |
| @@ -89,23 +86,32 @@ function plugin_loginform_action() | ||
| 89 | 86 | .loginform .loginbutton { |
| 90 | 87 | margin-top: 1em; |
| 91 | 88 | } |
| 89 | + .loginform .errormessage { | |
| 90 | + color: red; | |
| 91 | + } | |
| 92 | 92 | </style> |
| 93 | 93 | <div class="loginformcontainer"> |
| 94 | -<form name="loginform" class="loginform" action="$action_url_html" method="post"> | |
| 94 | +<form name="loginform" class="loginform" action="<?php echo htmlsc($action_url) ?>" method="post"> | |
| 95 | 95 | <div> |
| 96 | 96 | <table style="border:0"> |
| 97 | 97 | <tbody> |
| 98 | 98 | <tr> |
| 99 | - <td class="label"><label for="_plugin_loginform_username">$username_label_html</label></td> | |
| 100 | - <td><input type="text" name="username" value="$username_html" id="_plugin_loginform_username"></td> | |
| 99 | + <td class="label"><label for="_plugin_loginform_username"><?php echo htmlsc($_loginform_messages['username']) ?></label></td> | |
| 100 | + <td><input type="text" name="username" value="<?php echo htmlsc($username) ?>" id="_plugin_loginform_username"></td> | |
| 101 | 101 | </tr> |
| 102 | 102 | <tr> |
| 103 | - <td class="label"><label for="_plugin_loginform_password">$password_label_html</label></td> | |
| 103 | + <td class="label"><label for="_plugin_loginform_password"><?php echo htmlsc($_loginform_messages['password']) ?></label></td> | |
| 104 | 104 | <td><input type="password" name="password" id="_plugin_loginform_password"></td> |
| 105 | 105 | </tr> |
| 106 | +<?php if ($isset_user_credential): ?> | |
| 106 | 107 | <tr> |
| 107 | 108 | <td></td> |
| 108 | - <td class="login-button-container"><input type="submit" value="$login_label_html" class="loginbutton"></td> | |
| 109 | + <td class="errormessage"><?php echo $_loginform_messages['invalid_username_or_password'] ?></td> | |
| 110 | + </tr> | |
| 111 | +<?php endif ?> | |
| 112 | + <tr> | |
| 113 | + <td></td> | |
| 114 | + <td class="login-button-container"><input type="submit" value="<?php echo htmlsc($_loginform_messages['login']) ?>" class="loginbutton"></td> | |
| 109 | 115 | </tr> |
| 110 | 116 | </tbody> |
| 111 | 117 | </table> |
| @@ -130,7 +136,9 @@ window.addEventListener && window.addEventListener("DOMContentLoaded", function( | ||
| 130 | 136 | }); |
| 131 | 137 | //--> |
| 132 | 138 | </script> |
| 133 | -EOT; | |
| 139 | +<?php | |
| 140 | + $body = ob_get_contents(); | |
| 141 | + ob_end_clean(); | |
| 134 | 142 | return array( |
| 135 | 143 | 'msg' => $_loginform_messages['login'], |
| 136 | 144 | 'body' => $body, |
haifun
Fork