179 } |
180 } |
180 if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in ) |
181 if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in ) |
181 $paths->main_page(); |
182 $paths->main_page(); |
182 $template->header(); |
183 $template->header(); |
183 echo '<form action="'.makeUrl($paths->nslist['Special'].'Login').'" method="post" name="loginform" onsubmit="runEncryption();">'; |
184 echo '<form action="'.makeUrl($paths->nslist['Special'].'Login').'" method="post" name="loginform" onsubmit="runEncryption();">'; |
184 $header = ( $level > USER_LEVEL_MEMBER ) ? 'Please re-enter your login details' : 'Please enter your username and password to log in.'; |
185 $header = ( $level > USER_LEVEL_MEMBER ) ? $lang->get('user_login_message_short_elev') : $lang->get('user_login_message_short'); |
185 if ( isset($_POST['login']) ) |
186 if ( isset($_POST['login']) ) |
186 { |
187 { |
187 $errstring = $__login_status['error']; |
188 $errstring = $__login_status['error']; |
188 switch($__login_status['error']) |
189 switch($__login_status['error']) |
189 { |
190 { |
190 case 'key_not_found': |
191 case 'key_not_found': |
191 $errstring = 'Enano couldn\'t look up the encryption key used to encrypt your password. This most often happens if a cache rotation occurred during your login attempt, or if you refreshed the login page.'; |
192 $errstring = $lang->get('user_err_key_not_found'); |
192 break; |
193 break; |
193 case 'key_wrong_length': |
194 case 'key_wrong_length': |
194 $errstring = 'The encryption key was the wrong length.'; |
195 $errstring = $lang->get('user_err_key_wrong_length'); |
195 break; |
196 break; |
196 case 'too_big_for_britches': |
197 case 'too_big_for_britches': |
197 $errstring = 'You are trying to authenticate at a level that your user account does not permit.'; |
198 $errstring = $lang->get('user_err_too_big_for_britches'); |
198 break; |
199 break; |
199 case 'invalid_credentials': |
200 case 'invalid_credentials': |
200 $errstring = 'You have entered an invalid username or password. Please enter your login details again.'; |
201 $errstring = $lang->get('user_err_invalid_credentials'); |
201 if ( $__login_status['lockout_policy'] == 'lockout' ) |
202 if ( $__login_status['lockout_policy'] == 'lockout' ) |
202 { |
203 { |
203 $errstring .= ' You have used up '.$__login_status['lockout_fails'].' out of '.$__login_status['lockout_threshold'].' login attempts. After you have used up all '.$data['lockout_threshold'].' login attempts, you will be locked out from logging in for '.$__login_status['lockout_duration'].' minutes.'; |
204 $errstring .= $lang->get('err_invalid_credentials_lockout', array('lockout_fails' => $__login_status['lockout_fails'])); |
204 } |
205 } |
205 else if ( $__login_status['lockout_policy'] == 'captcha' ) |
206 else if ( $__login_status['lockout_policy'] == 'captcha' ) |
206 { |
207 { |
207 $errstring .= ' You have used up '.$__login_status['lockout_fails'].' out of '.$__login_status['lockout_threshold'].' login attempts. After you have used up all '.$data['lockout_threshold'].' login attempts, you will have to enter a visual confirmation code before logging in, effective for '.$__login_status['lockout_duration'].' minutes.'; |
208 $errstring .= $lang->get('user_err_invalid_credentials_lockout_captcha', array('lockout_fails' => $__login_status['lockout_fails'])); |
208 } |
209 } |
209 break; |
210 break; |
210 case 'backend_fail': |
211 case 'backend_fail': |
211 $errstring = 'You entered the right credentials and everything was validated, but for some reason Enano couldn\'t register your session. This is an internal problem with the site and you are encouraged to contact site administration.'; |
212 $errstring = $lang->get('user_err_backend_fail'); |
212 break; |
213 break; |
213 case 'locked_out': |
214 case 'locked_out': |
214 $attempts = intval($__login_status['lockout_fails']); |
215 $attempts = intval($__login_status['lockout_fails']); |
215 if ( $attempts > $__login_status['lockout_threshold']) |
216 if ( $attempts > $__login_status['lockout_threshold']) |
216 $attempts = $__login_status['lockout_threshold']; |
217 $attempts = $__login_status['lockout_threshold']; |
217 |
218 |
218 $server_time = time(); |
219 $server_time = time(); |
219 $time_rem = $__login_status['lockout_duration'] - round( ( $server_time - $__login_status['lockout_last_time'] ) / 60 ); |
220 $time_rem = ( $__login_status['lockout_last_time'] == time() ) ? $__login_status['lockout_duration'] : $__login_status['lockout_duration'] - round( ( $server_time - $__login_status['lockout_last_time'] ) / 60 ); |
|
221 if ( $time_rem < 1 ) |
|
222 $time_rem = $__login_status['lockout_duration']; |
220 |
223 |
221 $s = ( $time_rem == 1 ) ? '' : 's'; |
224 $s = ( $time_rem == 1 ) ? '' : $lang->get('meta_plural'); |
222 $errstring = "You have used up all {$__login_status['lockout_threshold']} allowed login attempts. Please wait {$time_rem} minute$s before attempting to log in again"; |
225 |
223 if ( $__login_status['lockout_policy'] == 'captcha' ) |
226 $captcha_string = ( $__login_status['lockout_policy'] == 'captcha' ) ? $lang->get('err_locked_out_captcha_blurb') : ''; |
224 $errstring .= ', or enter the visual confirmation code shown above in the appropriate box'; |
227 $errstring = $lang->get('user_err_locked_out', array('plural' => $s, 'captcha_blurb' => $captcha_string, 'time_rem' => $time_rem)); |
225 $errstring .= '.'; |
228 |
226 break; |
229 break; |
227 } |
230 } |
228 echo '<div class="error-box-mini">'.$errstring.'</div>'; |
231 echo '<div class="error-box-mini">'.$errstring.'</div>'; |
229 } |
232 } |
230 if ( $p = $paths->getAllParams() ) |
233 if ( $p = $paths->getAllParams() ) |
244 <tr> |
247 <tr> |
245 <td colspan="3" class="row1"> |
248 <td colspan="3" class="row1"> |
246 <?php |
249 <?php |
247 if ( $level <= USER_LEVEL_MEMBER ) |
250 if ( $level <= USER_LEVEL_MEMBER ) |
248 { |
251 { |
249 echo '<p>Logging in enables you to use your preferences and access member information. If you don\'t have a username and password here, you can <a href="'.makeUrl($paths->nslist['Special'].'Register').'">create an account</a>.</p>'; |
252 echo '<p>' . $lang->get('user_login_body', array('reg_link' => makeUrlNS('Special', 'Register'))) . '</p>'; |
250 } |
253 } |
251 else |
254 else |
252 { |
255 { |
253 echo '<p>You are requesting that a sensitive operation be performed. To continue, please re-enter your password to confirm your identity.</p>'; |
256 echo '<p>' . $lang->get('user_login_body_elev') . '</p>'; |
254 } |
257 } |
255 ?> |
258 ?> |
256 </td> |
259 </td> |
257 </tr> |
260 </tr> |
258 <tr> |
261 <tr> |
259 <td class="row2"> |
262 <td class="row2"> |
260 Username: |
263 <?php echo $lang->get('user_login_field_username'); ?>: |
261 </td> |
264 </td> |
262 <td class="row1"> |
265 <td class="row1"> |
263 <input name="username" size="25" type="text" <?php |
266 <input name="username" size="25" type="text" <?php |
264 if ( $level <= USER_LEVEL_MEMBER ) |
267 if ( $level <= USER_LEVEL_MEMBER ) |
265 { |
268 { |
275 } |
278 } |
276 ?> /> |
279 ?> /> |
277 </td> |
280 </td> |
278 <?php if ( $level <= USER_LEVEL_MEMBER ) { ?> |
281 <?php if ( $level <= USER_LEVEL_MEMBER ) { ?> |
279 <td rowspan="<?php echo ( ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) ) ? '4' : '2'; ?>" class="row3"> |
282 <td rowspan="<?php echo ( ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) ) ? '4' : '2'; ?>" class="row3"> |
280 <small>Forgot your password? <a href="<?php echo makeUrlNS('Special', 'PasswordReset'); ?>">No problem.</a><br /> |
283 <small><?php echo $lang->get('user_login_forgotpass_blurb', array('forgotpass_link' => makeUrlNS('Special', 'PasswordReset'))); ?><br /> |
281 Maybe you need to <a href="<?php echo makeUrlNS('Special', 'Register'); ?>">create an account</a>.</small> |
284 <?php echo $lang->get('user_login_createaccount_blurb', array('reg_link' => makeUrlNS('Special', 'Register'))); ?></small> |
282 </td> |
285 </td> |
283 <?php } ?> |
286 <?php } ?> |
284 </tr> |
287 </tr> |
285 <tr> |
288 <tr> |
286 <td class="row2">Password:<br /></td><td class="row1"><input name="pass" size="25" type="password" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '2' : '1'; ?>" /></td> |
289 <td class="row2"> |
|
290 <?php echo $lang->get('user_login_field_password'); ?>: |
|
291 </td><td class="row1"><input name="pass" size="25" type="password" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '2' : '1'; ?>" /></td> |
287 </tr> |
292 </tr> |
288 <?php |
293 <?php |
289 if ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) |
294 if ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) |
290 { |
295 { |
291 ?> |
296 ?> |
292 <tr> |
297 <tr> |
293 <td class="row2" rowspan="2">Code in image:<br /></td><td class="row1"><input type="hidden" name="captcha_hash" value="<?php echo $lockdata['captcha']; ?>" /><input name="captcha_code" size="25" type="text" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '4'; ?>" /></td> |
298 <td class="row2" rowspan="2"><?php echo $lang->get('user_login_field_captcha'); ?>:<br /></td><td class="row1"><input type="hidden" name="captcha_hash" value="<?php echo $lockdata['captcha']; ?>" /><input name="captcha_code" size="25" type="text" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '4'; ?>" /></td> |
294 </tr> |
299 </tr> |
295 <tr> |
300 <tr> |
296 <td class="row3"> |
301 <td class="row3"> |
297 <img src="<?php echo makeUrlNS('Special', 'Captcha/' . $lockdata['captcha']) ?>" onclick="this.src=this.src+'/a';" style="cursor: pointer;" /> |
302 <img src="<?php echo makeUrlNS('Special', 'Captcha/' . $lockdata['captcha']) ?>" onclick="this.src=this.src+'/a';" style="cursor: pointer;" /> |
298 </td> |
303 </td> |
301 } |
306 } |
302 ?> |
307 ?> |
303 <?php if ( $level <= USER_LEVEL_MEMBER ) { ?> |
308 <?php if ( $level <= USER_LEVEL_MEMBER ) { ?> |
304 <tr> |
309 <tr> |
305 <td class="row3" colspan="3"> |
310 <td class="row3" colspan="3"> |
306 <p><b>Important note regarding cryptography:</b> Some countries do not allow the import or use of cryptographic technology. If you live in one of the countries listed below, you should <a href="<?php if($p=$paths->getParam(0))$u='/'.$p;else $u='';echo makeUrl($paths->page.$u, 'level='.$level.'&use_crypt=0', true); ?>">log in without using encryption</a>.</p> |
311 <?php |
307 <p>This restriction applies to the following countries: Belarus, China, India, Israel, Kazakhstan, Mongolia, Pakistan, Russia, Saudi Arabia, Singapore, Tunisia, Venezuela, and Vietnam.</p> |
312 $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : ''; |
|
313 $nocrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=0", true); |
|
314 echo '<p><b>' . $lang->get('user_login_nocrypt_title') . ':</b> ' . $lang->get('user_login_nocrypt_body', array('nocrypt_link' => $nocrypt_link)) . '</p>'; |
|
315 echo '<p>' . $lang->get('user_login_nocrypt_countrylist') . '</p>'; |
|
316 ?> |
308 </td> |
317 </td> |
309 </tr> |
318 </tr> |
310 <?php } ?> |
319 <?php } ?> |
311 <tr> |
320 <tr> |
312 <th colspan="3" style="text-align: center" class="subhead"><input type="submit" name="login" value="Log in" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '2'; ?>" /></th> |
321 <th colspan="3" style="text-align: center" class="subhead"><input type="submit" name="login" value="Log in" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '2'; ?>" /></th> |