[pLog-svn] r4534 - in
plugins/branches/lifetype-1.1/secretblog/class: security view
oscar at devel.lifetype.net
oscar at devel.lifetype.net
Thu Jan 11 18:25:13 GMT 2007
Author: oscar
Date: 2007-01-11 18:25:13 +0000 (Thu, 11 Jan 2007)
New Revision: 4534
Added:
plugins/branches/lifetype-1.1/secretblog/class/view/secretblogpluginpasswordformview.class.php
Modified:
plugins/branches/lifetype-1.1/secretblog/class/security/secretblogfilter.class.php
Log:
The plugin doesn't still work for me (the password needs to be entered next time), but this change may be useful for those for whom the plugin works. Now instead of displaying the standard "your request has been blocked" message, the plugin will use its own full template to display a text box asking for the password. The default one is very basic so users are encouraged to customize it.
Modified: plugins/branches/lifetype-1.1/secretblog/class/security/secretblogfilter.class.php
===================================================================
--- plugins/branches/lifetype-1.1/secretblog/class/security/secretblogfilter.class.php 2007-01-11 18:17:21 UTC (rev 4533)
+++ plugins/branches/lifetype-1.1/secretblog/class/security/secretblogfilter.class.php 2007-01-11 18:25:13 UTC (rev 4534)
@@ -1,7 +1,7 @@
<?php
include_once( PLOG_CLASS_PATH."class/security/pipelinefilter.class.php" );
- include_once( PLOG_CLASS_PATH . 'class/template/template.class.php' );
+ include_once( PLOG_CLASS_PATH."class/template/template.class.php" );
class SecretBlogFilter extends PipelineFilter
{
@@ -17,26 +17,24 @@
$blogInfo = $this->_pipelineRequest->getBlogInfo();
$blogSettings = $blogInfo->getSettings();
$request = $this->_pipelineRequest->getHttpRequest();
- $session = HttpVars::getSession();
+ $session = HttpVars::getSession();
// is the plugin enabled? If not, we can quit right away
if( !$blogSettings->getValue( "plugin_secretblog_enabled" )) {
$result = new PipelineResult( true );
- return( $result );
+ return( $result );
}
// if this is already rejected, there is no reason to do anything here
- if ( $this->_pipelineRequest->getRejectedState() )
+ if ( $this->_pipelineRequest->getRejectedState())
return new PipelineResult();
// there are three possible situations:
// - user not authenticated
// - user not authenticated but blogPassword parameter in the request
// - user authenticated
-
- if( $this->isUserAuthenticated( $blogInfo )) {
- $result = new PipelineResult( true );
- return( $result );
+ if( $this->isUserAuthenticated( $blogInfo )) {
+ $result = new PipelineResult( true );
}
else {
// is there a "blogPassword" parameter in the session?
@@ -46,25 +44,26 @@
$blogSettings = $blogInfo->getSettings();
$blogPassword = $blogSettings->getValue( "plugin_secretblog_password" );
if( $blogPassword == md5( $password )) {
- // set the password in the session
- $session["blogPassword"] = md5( $password );
- HttpVars::setSession( $session );
// and return everything ok...
$result = new PipelineResult( true );
- return( $result );
+ // set the password in the session
+ $session["blogPassword"] = $blogPassword;
+ HttpVars::setSession( $session );
}
else {
// password wasn't correct, try again!
- print( $this->renderPasswordForm( $blogInfo ));
- die();
+ $result = new PipelineResult( false, 600, "Error" );
+ $result->setView( $this->getPasswordFormView( $blogInfo ));
}
}
else {
// no password, no authentication info in the session!
- print( $this->renderPasswordForm( $blogInfo ));
- die();
+ $result = new PipelineResult( false, 601, "Error" );
+ $result->setView( $this->getPasswordFormView( $blogInfo ));
}
}
+
+ return( $result );
}
/**
@@ -73,11 +72,10 @@
*/
function isUserAuthenticated( $blogInfo )
{
- // retrieve the session
- $session = HttpVars::getSession();
// and look for our information
- $sessionPassword = $session["blogPassword"];
- if( $sessionPassword ) {
+ $session = HttpVars::getSession();
+ if( isset( $session["blogPassword"] )) {
+ $sessionPassword = $session["blogPassword"];
$blogSettings = $blogInfo->getSettings();
$blogPassword = $blogSettings->getValue( "plugin_secretblog_password" );
if( $sessionPassword == $blogPassword )
@@ -93,16 +91,15 @@
* @private
* Shows the authentication form
*/
- function renderPasswordForm( $blogInfo )
+ function getPasswordFormView( $blogInfo )
{
- include_once( PLOG_CLASS_PATH."class/template/templateservice.class.php" );
- $ts = new TemplateService();
- $t = $ts->PluginTemplate( "secretblog", "passwordform" );
- $t->assign( "locale", $blogInfo->getLocale() );
- $t->assign( "articleId", $articleId );
- $t->assign( "url", $blogInfo->getBlogRequestGenerator());
- $t->assign( "blog", $blogInfo );
- return( $t->fetch());
+ include_once( PLOG_CLASS_PATH."plugins/secretblog/class/view/secretblogpluginpasswordformview.class.php" );
+ $view = new SecretBlogPluginPasswordFormView ($blogInfo );
+ $view->setValue( "locale", $blogInfo->getLocale() );
+ $view->setValue( "url", $blogInfo->getBlogRequestGenerator());
+ $view->setValue( "blog", $blogInfo );
+
+ return( $view );
}
}
?>
\ No newline at end of file
Added: plugins/branches/lifetype-1.1/secretblog/class/view/secretblogpluginpasswordformview.class.php
===================================================================
--- plugins/branches/lifetype-1.1/secretblog/class/view/secretblogpluginpasswordformview.class.php 2007-01-11 18:17:21 UTC (rev 4533)
+++ plugins/branches/lifetype-1.1/secretblog/class/view/secretblogpluginpasswordformview.class.php 2007-01-11 18:25:13 UTC (rev 4534)
@@ -0,0 +1,12 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/view/plugintemplatedview.class.php" );
+
+ class SecretBlogPluginPasswordFormView extends PluginTemplatedView
+ {
+ function SecretBlogPluginPasswordFormView( $blogInfo )
+ {
+ $this->PluginTemplatedView( $blogInfo, "secretblog", "passwordform" );
+ }
+ }
+?>
\ No newline at end of file
More information about the pLog-svn
mailing list