diff --git a/core/authentication/app_languages.php b/core/authentication/app_languages.php index d256b9d675..c9043852bf 100644 --- a/core/authentication/app_languages.php +++ b/core/authentication/app_languages.php @@ -78,8 +78,8 @@ $text['label-email_description']['zh-cn'] = "检查您的电子邮件以获取 $text['label-email_description']['ja-jp'] = "メールで確認コードを確認してください。"; $text['label-email_description']['ko-kr'] = "이메일에서 확인 코드를 확인하세요."; -$text['label-totp_description']['en-us'] = "Enter your verification code."; -$text['label-totp_description']['en-gb'] = "Enter your verification code."; +$text['label-totp_description']['en-us'] = "Enter your Authenticator code."; +$text['label-totp_description']['en-gb'] = "Enter your Authenticator code."; $text['label-totp_description']['ar-eg'] = "أدخل رمز التحقق الخاص بك."; $text['label-totp_description']['de-at'] = "Geben Sie Ihren Bestätigungs-Code ein."; $text['label-totp_description']['de-ch'] = "Geben Sie Ihren Bestätigungs-Code ein."; @@ -104,6 +104,32 @@ $text['label-totp_description']['zh-cn'] = "輸入您的驗證碼。"; $text['label-totp_description']['ja-jp'] = "確認コードを入力してください。"; $text['label-totp_description']['ko-kr'] = "인증 코드를 입력하세요."; +$text['label-password_description']['en-us'] = "Enter your password."; +$text['label-password_description']['en-gb'] = "Enter your password."; +$text['label-password_description']['ar-eg'] = "ادخل رقمك السري."; +$text['label-password_description']['de-at'] = "Geben Sie Ihr Passwort ein."; +$text['label-password_description']['de-ch'] = "Geben Sie Ihr Passwort ein."; +$text['label-password_description']['de-de'] = "Geben Sie Ihr Passwort ein."; +$text['label-password_description']['el-gr'] = "Εισάγετε τον κωδικό σας."; +$text['label-password_description']['es-cl'] = "Ingresa tu contraseña."; +$text['label-password_description']['es-mx'] = "Ingresa tu contraseña."; +$text['label-password_description']['fr-ca'] = "Tapez votre mot de passe."; +$text['label-password_description']['fr-fr'] = "Tapez votre mot de passe."; +$text['label-password_description']['he-il'] = "הכנס את הסיסמה שלך."; +$text['label-password_description']['it-it'] = "Inserisci la tua password."; +$text['label-password_description']['nl-nl'] = "Voer uw wachtwoord in."; +$text['label-password_description']['pl-pl'] = "Wprowadź hasło."; +$text['label-password_description']['pt-br'] = "Coloque sua senha."; +$text['label-password_description']['pt-pt'] = "Coloque sua senha."; +$text['label-password_description']['ro-ro'] = "Introduceți parola."; +$text['label-password_description']['ru-ru'] = "Введите ваш пароль."; +$text['label-password_description']['sv-se'] = "Ange ditt lösenord."; +$text['label-password_description']['uk-ua'] = "Введіть ваш пароль."; +$text['label-password_description']['tr-tr'] = "Şifrenizi girin."; +$text['label-password_description']['zh-cn'] = "輸入您的密碼。"; +$text['label-password_description']['ja-jp'] = "パスワードを入力してください。"; +$text['label-password_description']['ko-kr'] = "비밀번호를 입력하세요."; + $text['description-totp']['en-us'] = "Scan the code with an authentication application or password manager. Then use it to generate the token for the login."; $text['description-totp']['en-gb'] = "Scan the code with an authentication application or password manager. Then use it to generate the token for the login."; $text['description-totp']['ar-eg'] = "امسح الرمز ضوئيًا باستخدام تطبيق المصادقة أو مدير كلمات المرور. ثم استخدمه لإنشاء الرمز المميز لتسجيل الدخول."; diff --git a/core/authentication/resources/classes/authentication.php b/core/authentication/resources/classes/authentication.php index 3f6e496062..d89046a862 100644 --- a/core/authentication/resources/classes/authentication.php +++ b/core/authentication/resources/classes/authentication.php @@ -1,4 +1,28 @@ + Portions created by the Initial Developer are Copyright (C) 2008-2023 + the Initial Developer. All Rights Reserved. + + Contributor(s): + Mark J Crane +*/ /** * authentication @@ -69,10 +93,10 @@ class authentication { $object = new $class_name(); $object->domain_name = $this->domain_name; $object->domain_uuid = $this->domain_uuid; - if ($plugin == 'database' && isset($this->key)) { + if ($name == 'database' && isset($this->key)) { $object->key = $this->key; } - if ($plugin == 'database' && isset($this->username)) { + if ($name == 'database' && isset($this->username)) { $object->username = $this->username; $object->password = $this->password; } diff --git a/core/authentication/resources/classes/plugins/database.php b/core/authentication/resources/classes/plugins/database.php index 296ae90ca2..4e3b955d0c 100644 --- a/core/authentication/resources/classes/plugins/database.php +++ b/core/authentication/resources/classes/plugins/database.php @@ -1,4 +1,28 @@ + Portions created by the Initial Developer are Copyright (C) 2008-2023 + the Initial Developer. All Rights Reserved. + + Contributor(s): + Mark J Crane +*/ /** * plugin_database @@ -83,6 +107,11 @@ class plugin_database { $view->assign("login_logo_height", $settings['theme']['login_logo_height']); $view->assign("login_logo_source", $settings['theme']['logo']); $view->assign("message_delay", $settings['theme']['message_delay']); + if (!empty($_SESSION['username'])) { + $view->assign("login_password_description", $text['label-password_description']); + $view->assign("username", $_SESSION['username']); + $view->assign("button_cancel", $text['button-cancel']); + } //messages $view->assign('messages', message::html(true, ' ')); @@ -277,4 +306,4 @@ class plugin_database { } } -?> +?> \ No newline at end of file diff --git a/core/authentication/resources/classes/plugins/email.php b/core/authentication/resources/classes/plugins/email.php index ae65c13c0e..266f64061c 100644 --- a/core/authentication/resources/classes/plugins/email.php +++ b/core/authentication/resources/classes/plugins/email.php @@ -1,4 +1,28 @@ + Portions created by the Initial Developer are Copyright (C) 2008-2023 + the Initial Developer. All Rights Reserved. + + Contributor(s): + Mark J Crane +*/ /** * plugin_email @@ -75,7 +99,10 @@ class plugin_email { $view->assign("login_logo_height", $settings['theme']['login_logo_height']); $view->assign("login_logo_source", $settings['theme']['logo']); $view->assign("button_login", $text['button-login']); - $view->assign("button_cancel", $text['button-cancel']); + if (!empty($_SESSION['username'])) { + $view->assign("username", $_SESSION['username']); + $view->assign("button_cancel", $text['button-cancel']); + } //show the views $content = $view->render('username.htm'); @@ -256,12 +283,10 @@ class plugin_email { $view->assign("login_logo_height", $settings['theme']['login_logo_height']); $view->assign("login_logo_source", $settings['theme']['logo']); $view->assign("button_verify", $text['label-verify']); - $view->assign("button_cancel", $text['button-cancel']); - - //debug information - //echo "
\n";
-				//print_r($text);
-				//echo "
\n"; + if (!empty($_SESSION['username'])) { + $view->assign("username", $_SESSION['username']); + $view->assign("button_cancel", $text['button-cancel']); + } //show the views $content = $view->render('email.htm'); @@ -273,7 +298,7 @@ class plugin_email { if (isset($_POST['authentication_code'])) { //check if the authentication code has expired. if expired return false - if ($_SESSION["user"]["authentication"]["email"]["epoch"] + 3 > time()) { + if (!empty($_SESSION["user"]) && $_SESSION["user"]["authentication"]["email"]["epoch"] + 3 > time()) { //authentication code expired $result["plugin"] = "email"; $result["domain_name"] = $_SESSION["domain_name"]; @@ -286,7 +311,7 @@ class plugin_email { } //get the user details - $sql = "select user_uuid, user_email, contact_uuid, user_email_secret\n"; + $sql = "select user_uuid, user_email, contact_uuid\n"; $sql .= "from v_users\n"; $sql .= "where (\n"; $sql .= " username = :username\n"; @@ -303,17 +328,19 @@ class plugin_email { $this->user_uuid = $row['user_uuid']; $this->user_email = $row['user_email']; $this->contact_uuid = $row['contact_uuid']; - $this->user_email_secret = $row['user_email_secret']; unset($parameters); //validate the code - if ($_SESSION["user"]["authentication"]["email"]["code"] === $_POST['authentication_code']) { + if (!empty($_SESSION["user"]) && $_SESSION["user"]["authentication"]["email"]["code"] === $_POST['authentication_code']) { $auth_valid = true; } else { $auth_valid = false; } + //clear posted authentication code + unset($_POST['authentication_code']); + //get the user details if ($auth_valid) { //get user data from the database @@ -327,7 +354,6 @@ class plugin_email { $parameters['user_uuid'] = $_SESSION["user_uuid"]; $database = new database; $row = $database->select($sql, $parameters, 'row'); - //view_array($row); unset($parameters); //set a few session variables diff --git a/core/authentication/resources/classes/plugins/totp.php b/core/authentication/resources/classes/plugins/totp.php index 56aa99351b..97f510f061 100644 --- a/core/authentication/resources/classes/plugins/totp.php +++ b/core/authentication/resources/classes/plugins/totp.php @@ -1,4 +1,28 @@ + Portions created by the Initial Developer are Copyright (C) 2008-2023 + the Initial Developer. All Rights Reserved. + + Contributor(s): + Mark J Crane +*/ /** * plugin_totp @@ -81,8 +105,11 @@ class plugin_totp { $view->assign("login_logo_height", $settings['theme']['login_logo_height']); $view->assign("login_logo_source", $settings['theme']['logo']); $view->assign("button_login", $text['button-login']); - $view->assign("button_cancel", $text['button-cancel']); $view->assign("favicon", $settings['theme']['favicon']); + if (!empty($_SESSION['username'])) { + $view->assign("username", $_SESSION['username']); + $view->assign("button_cancel", $text['button-cancel']); + } //show the views $content = $view->render('username.htm'); @@ -175,7 +202,10 @@ class plugin_totp { $view->assign("login_logo_height", $settings['theme']['login_logo_height']); $view->assign("login_logo_source", $settings['theme']['logo']); $view->assign("favicon", $settings['theme']['favicon']); - $view->assign("button_cancel", $text['button-cancel']); + if (!empty($_SESSION['username'])) { + $view->assign("username", $_SESSION['username']); + $view->assign("button_cancel", $text['button-cancel']); + } //show the views if (!empty($_SESSION['authentication']['plugin']['database']['authorized']) && empty($this->user_totp_secret)) { @@ -284,6 +314,9 @@ class plugin_totp { $auth_valid = false; } + //clear posted authentication code + unset($_POST['authentication_code']); + //get the user details if ($auth_valid) { //get user data from the database @@ -298,14 +331,13 @@ class plugin_totp { $parameters['user_uuid'] = $_SESSION["user_uuid"]; $database = new database; $row = $database->select($sql, $parameters, 'row'); - //view_array($row); unset($parameters); } else { //destroy session session_unset(); session_destroy(); - //$_SESSION['authentication']['plugin'] + //send http 403 header('HTTP/1.0 403 Forbidden', true, 403); diff --git a/core/authentication/resources/views/email.htm b/core/authentication/resources/views/email.htm index 27d376c82b..88a384b50b 100644 --- a/core/authentication/resources/views/email.htm +++ b/core/authentication/resources/views/email.htm @@ -21,8 +21,10 @@
-

- + {if !empty($username)} +

+ + {/if}
diff --git a/core/authentication/resources/views/login.htm b/core/authentication/resources/views/login.htm index bc5ceee343..4f701d9af6 100644 --- a/core/authentication/resources/views/login.htm +++ b/core/authentication/resources/views/login.htm @@ -64,12 +64,22 @@

-
-
+
+ {if !empty($username)} +

+ + {/if}
diff --git a/core/authentication/resources/views/username.htm b/core/authentication/resources/views/username.htm index 197deea4ca..600ba3f324 100644 --- a/core/authentication/resources/views/username.htm +++ b/core/authentication/resources/views/username.htm @@ -19,8 +19,10 @@
-

- + {if !empty($username)} +

+ + {/if}