3 commits - hosted/js lib/hosted
Torsten Grote
grote at kolabsys.com
Thu Jul 26 18:02:39 CEST 2012
hosted/js/kolab_hosted.js | 51 ++++++++--------
lib/hosted/kolab_client_task_signup.php | 102 +++++++++++++++-----------------
2 files changed, 77 insertions(+), 76 deletions(-)
New commits:
commit d72a65514e28d73b13209183567609e2a2e1f564
Author: Torsten Grote <grote at kolabsys.com>
Date: Thu Jul 26 17:27:22 2012 +0200
highlight non-matching passwords with javascript
diff --git a/hosted/js/kolab_hosted.js b/hosted/js/kolab_hosted.js
index daac6f9..8565079 100644
--- a/hosted/js/kolab_hosted.js
+++ b/hosted/js/kolab_hosted.js
@@ -71,22 +71,27 @@ kadm.check_user_availability = function()
kadm.http_post('signup.check_user', {data: data});
} else {
// TODO use translatable string
- kadm.update_user_info('This will not produce a valid email address!');
+ kadm.update_user_info('This will not produce a valid email address!', 'uid');
}
};
-kadm.update_user_info = function(msg)
+kadm.update_user_info = function(msg, part)
{
+ var span_id = 'availability';
+ if(!part.localeCompare('userpassword')) {
+ span_id = 'pass_match';
+ }
+
// display message next to form field
- if($('span[id="availability"]').length) {
+ if($('span[id="'+span_id+'"]').length) {
// update existing span area
- $('span[id="availability"]').html(msg);
+ $('span[id="'+span_id+'"]').html(msg);
}
else {
- // add span area and inform about non-availability
- $('input[name="uid"]').after(' <span id="availability" style="font-weight:bold;margin-left:1em;color:red;">' + msg + '</span>');
+ // add span area and add message
+ $('input[name="'+part+'"]').after(' <span id="'+span_id+'" style="font-weight:bold;margin-left:1em;color:red;">' + msg + '</span>');
}
-
+
// enable/disable button
if(msg == '') {
$('input[type="button"]').removeAttr("disabled");
@@ -96,6 +101,17 @@ kadm.update_user_info = function(msg)
};
+function password_match()
+{
+ if($('input[name="userpassword"]').val().localeCompare($('input[name="userpassword2"]').val())) {
+ // TODO make message translatable
+ kadm.update_user_info("The passwords don't match!", 'userpassword');
+ }
+ else {
+ kadm.update_user_info("", 'userpassword');
+ }
+}
+
// TODO use form.validate api call for that
function isValidEmailAddress(emailAddress) {
var pattern = new RegExp(/^((([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+(\.([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+)*)|((\x22)((((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(([\x01-\x08\x0b\x0c\x0e-\x1f\x7f]|\x21|[\x23-\x5b]|[\x5d-\x7e]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(\\([\x01-\x09\x0b\x0c\x0d-\x7f]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]))))*(((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(\x22)))@((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.?$/i);
diff --git a/lib/hosted/kolab_client_task_signup.php b/lib/hosted/kolab_client_task_signup.php
index 2083071..50b784b 100644
--- a/lib/hosted/kolab_client_task_signup.php
+++ b/lib/hosted/kolab_client_task_signup.php
@@ -111,11 +111,11 @@ class kolab_client_task_signup extends kolab_client_task
if($result->get('count') > 0) {
// TODO make this message translatable
- $this->output->command('update_user_info("User does already exist!")');
+ $this->output->command('update_user_info("User does already exist!", "uid")');
return false;
}
- $this->output->command('update_user_info("")');
+ $this->output->command('update_user_info("", "uid")');
return true;
}
@@ -137,8 +137,10 @@ class kolab_client_task_signup extends kolab_client_task
}
// Check again for user availability before adding user
+ // this also logs into the API
// TODO perform security check on value of $data['uid'] and $data['domain']
if(!$this->action_check_user($data)) {
+ $this->output->command('form_value_error', 'uid');
return;
}
@@ -230,7 +232,8 @@ class kolab_client_task_signup extends kolab_client_task
// Add password confirmation
if (isset($fields['userpassword'])) {
$fields['userpassword2'] = $fields['userpassword'];
- // TODO check for password match with ajax
+ $fields['userpassword']['onchange'] = 'password_match()';
+ $fields['userpassword2']['onchange'] = 'password_match()';
}
// Change field labels for hosted case
commit 592454daf41860de5024f249d9453fd8fbf27a2c
Author: Torsten Grote <grote at kolabsys.com>
Date: Thu Jul 26 15:37:57 2012 +0200
login into API only when necessary
diff --git a/lib/hosted/kolab_client_task_signup.php b/lib/hosted/kolab_client_task_signup.php
index 6cd6b84..2083071 100644
--- a/lib/hosted/kolab_client_task_signup.php
+++ b/lib/hosted/kolab_client_task_signup.php
@@ -42,15 +42,6 @@ class kolab_client_task_signup extends kolab_client_task
// Assign self to template variable
$this->output->assign('engine', $this);
-
- // Login ($result is a kolab_client_api_result instance))
- // TODO login in own method only when needed
- $result = $this->api->login($this->config_get('bind_dn'), $this->config_get('bind_pw'), $this->config_get('primary_domain') );
-
- // Set the session token we got in the API client instance, so subsequent
- // API calls are made in the same session.
- $this->token = $result->get('session_token');
- $this->api->set_session_token($this->token);
// Run security checks
// TODO figure out to reenable this
@@ -69,8 +60,25 @@ class kolab_client_task_signup extends kolab_client_task
}
}
+ private function login($domain=NULL)
+ {
+ if(is_null($domain)) {
+ $domain = $this->config_get('primary_domain');
+ }
+
+ // Login ($result is a kolab_client_api_result instance)
+ $result = $this->api->login($this->config_get('bind_dn'), $this->config_get('bind_pw'), $domain);
+
+ // Set the session token we got in the API client instance, so subsequent
+ // API calls are made in the same session.
+ $this->token = $result->get('session_token');
+ $this->api->set_session_token($this->token);
+ }
+
public function action_default()
{
+ $this->login();
+
$data = $this->get_input('data', 'POST');
$form = $this->user_form($data);
@@ -93,6 +101,8 @@ class kolab_client_task_signup extends kolab_client_task
public function action_check_user($data = array()) {
if(count($data) == 0) $data = $this->get_input('data', 'POST');
+ $this->login($data['domain']);
+
// Assemble mail attribute
$mail = $data['uid'].'@'.$data['domain'];
@@ -109,15 +119,6 @@ class kolab_client_task_signup extends kolab_client_task
return true;
}
- // switching to proper domain is necessary before calling users.list for that domain
- public function action_switch_domain($data = array()) {
- if(count($data) == 0) $data = $this->get_input('data', 'POST');
-
- // Login in user-chosen domain
- // TODO perform security check on value of $data['domain']
- $result = $this->api->get('system.select_domain', array('domain' => $data['domain']));
- }
-
public function action_add_user() {
$data = $this->get_input('data', 'POST');
@@ -135,9 +136,6 @@ class kolab_client_task_signup extends kolab_client_task
return;
}
- // Log in to proper domain
- $this->action_switch_domain($data);
-
// Check again for user availability before adding user
// TODO perform security check on value of $data['uid'] and $data['domain']
if(!$this->action_check_user($data)) {
commit 6524000850b81410e8c459db205b20e0f1ce4d8c
Author: Torsten Grote <grote at kolabsys.com>
Date: Thu Jul 26 15:02:12 2012 +0200
don't expose API session to browser
diff --git a/hosted/js/kolab_hosted.js b/hosted/js/kolab_hosted.js
index 793dde0..daac6f9 100644
--- a/hosted/js/kolab_hosted.js
+++ b/hosted/js/kolab_hosted.js
@@ -62,35 +62,20 @@ kadm.check_user_availability = function()
// get form data and build new email address
var data = kadm.serialize_form('#signup-form');
var mail = data['uid'] + '@' + data['domain'];
-
+
if(isValidEmailAddress(mail)) {
// update future mail form field
$('input[name="mail"]').val(mail);
-
- // switch domain before checking for user availability
- kadm.http_post('signup.check_user', {data: {'domain': data['domain']}});
// check if user with that email address already exists
- kadm.api_post('users.list', {'search': {'mail': {'value': mail} } }, 'check_user_availability_response');
+ kadm.http_post('signup.check_user', {data: data});
} else {
- update_user_info('This will not produce a valid email address!');
+ // TODO use translatable string
+ kadm.update_user_info('This will not produce a valid email address!');
}
};
-kadm.check_user_availability_response = function(response)
-{
- if (!kadm.api_response(response))
- return;
-
- // setup up user message
- var msg = '';
- if(response['result']['count'] > 0) msg = 'User does already exist!';
-
- update_user_info(msg);
-};
-
-
-function update_user_info(msg)
+kadm.update_user_info = function(msg)
{
// display message next to form field
if($('span[id="availability"]').length) {
@@ -110,6 +95,8 @@ function update_user_info(msg)
}
};
+
+// TODO use form.validate api call for that
function isValidEmailAddress(emailAddress) {
var pattern = new RegExp(/^((([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+(\.([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+)*)|((\x22)((((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(([\x01-\x08\x0b\x0c\x0e-\x1f\x7f]|\x21|[\x23-\x5b]|[\x5d-\x7e]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(\\([\x01-\x09\x0b\x0c\x0d-\x7f]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]))))*(((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(\x22)))@((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.?$/i);
return pattern.test(emailAddress);
diff --git a/lib/hosted/kolab_client_task_signup.php b/lib/hosted/kolab_client_task_signup.php
index 4c1aaa2..6cd6b84 100644
--- a/lib/hosted/kolab_client_task_signup.php
+++ b/lib/hosted/kolab_client_task_signup.php
@@ -34,41 +34,23 @@ class kolab_client_task_signup extends kolab_client_task
*/
public function run()
{
+ // don't set any cookies
+ ini_set('session.use_cookies', '0');
+
// Initialize locales
$this->locale_init();
// Assign self to template variable
$this->output->assign('engine', $this);
- // Session handling
- $timeout = $this->config_get('session_timeout', 3600);
-
- // TODO
- // Do not use the API token for the user browser session.
- // Use a different token for the user browser session, to verify whether subsequent interactions
- // belong to the same user nicely progressing through the signup (and not bastardizing the process).
- //
- // Do not maintain the API session across hits to this interface.
- //
- // So...
- //
- // One session token for user browser <-> hosted/index.php
- // One API session token for a single run/hit of/against hosted/index.php
- if (empty($_SESSION['user']) || empty($_SESSION['user']['token']) || ($timeout && $_SESSION['time'] && $_SESSION['time'] < time() - $timeout)) {
- // Login ($result is a kolab_client_api_result instance))
- $result = $this->api->login($this->config_get('bind_dn'), $this->config_get('bind_pw'), $this->config_get('primary_domain') );
-
- // Set the session token we got in the API client instance, so subsequent
- // API calls are made in the same session.
- $this->token = $result->get('session_token');
- $this->api->set_session_token($this->token);
-
- // TODO don't expose session to browser
- $_SESSION['user']['token'] = $this->token;
-
- // update session time
- $_SESSION['time'] = time();
- }
+ // Login ($result is a kolab_client_api_result instance))
+ // TODO login in own method only when needed
+ $result = $this->api->login($this->config_get('bind_dn'), $this->config_get('bind_pw'), $this->config_get('primary_domain') );
+
+ // Set the session token we got in the API client instance, so subsequent
+ // API calls are made in the same session.
+ $this->token = $result->get('session_token');
+ $this->api->set_session_token($this->token);
// Run security checks
// TODO figure out to reenable this
@@ -89,9 +71,6 @@ class kolab_client_task_signup extends kolab_client_task
public function action_default()
{
- // keep session
- $this->output->set_env('token', $_SESSION['user']['token']);
-
$data = $this->get_input('data', 'POST');
$form = $this->user_form($data);
@@ -109,7 +88,27 @@ class kolab_client_task_signup extends kolab_client_task
$this->output->assign('form', $form);
$this->output->set_object('taskcontent', $form);
}
-
+
+ // check if user already exists
+ public function action_check_user($data = array()) {
+ if(count($data) == 0) $data = $this->get_input('data', 'POST');
+
+ // Assemble mail attribute
+ $mail = $data['uid'].'@'.$data['domain'];
+
+ $post = array('search' => array('mail' => array('value' => $mail) ) );
+ $result = $this->api->post('users.list', null, $post);
+
+ if($result->get('count') > 0) {
+ // TODO make this message translatable
+ $this->output->command('update_user_info("User does already exist!")');
+ return false;
+ }
+
+ $this->output->command('update_user_info("")');
+ return true;
+ }
+
// switching to proper domain is necessary before calling users.list for that domain
public function action_switch_domain($data = array()) {
if(count($data) == 0) $data = $this->get_input('data', 'POST');
@@ -139,19 +138,10 @@ class kolab_client_task_signup extends kolab_client_task
// Log in to proper domain
$this->action_switch_domain($data);
- // Assemble mail attribute and throw away submitted attribute
- $mail = $data['uid'].'@'.$data['domain'];
- $data['mail'] = $mail;
-
// Check again for user availability before adding user
// TODO perform security check on value of $data['uid'] and $data['domain']
- $post = array('search' => array('mail' => array('value' => $mail) ) );
- $result = $this->api->post('users.list', null, $post);
-
- if($result->get('count') > 0) {
- // TODO make this message translatable
- $this->output->command('display_message', 'A user with that username already exists. Please choose another one.', 'error');
- return false;
+ if(!$this->action_check_user($data)) {
+ return;
}
// Remove domain from $data before adding user
@@ -230,12 +220,19 @@ class kolab_client_task_signup extends kolab_client_task
// Hide cn field
if (isset($fields['cn'])) {
+ // TODO use type info from user types table
$fields['cn']['type'] = kolab_form::INPUT_HIDDEN;
+
+ // TODO auto generate value again with indirect API call
+ $fields['cn']['value'] = 'temporary fake cn';
+ $fields['sn']['onchange'] = '';
+ $fields['givenname']['onchange'] = '';
}
// Add password confirmation
if (isset($fields['userpassword'])) {
$fields['userpassword2'] = $fields['userpassword'];
+ // TODO check for password match with ajax
}
// Change field labels for hosted case
More information about the commits
mailing list