Apps/NotePost
2
0
Fork 0
Code Issues 3 Pull Requests Releases Wiki Activity

Nicer access denied message

Browse Source
This commit is contained in:
Skylar Ittner 2018-12-27 00:15:27 -07:00
parent 1729b842ba
commit d7ca7125ce
3 changed files with 36 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
index.php
View File

@ -13,8 +13,19 @@ if (!empty($_SESSION['loggedin']) && $_SESSION['loggedin'] === true && !isset($_
die(); die();
} }
if (!empty($_GET['logout'])) { /**
// Show a logout message instead of immediately redirecting to login flow * Show a simple HTML page with a line of text and a button. Matches the UI of
* the AccountHub login flow.
*
* @global type $SETTINGS
* @global type $SECURE_NONCE
* @global type $Strings
* @param string $title Text to show, passed through i18n
* @param string $button Button text, passed through i18n
* @param string $url URL for the button
*/
function showHTML(string $title, string $button, string $url) {
global $SETTINGS, $SECURE_NONCE, $Strings;
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<meta charset="UTF-8"> <meta charset="UTF-8">
@ -26,7 +37,6 @@ if (!empty($_GET['logout'])) {
<link rel="icon" href="static/img/logo.svg"> <link rel="icon" href="static/img/logo.svg">
<link href="static/css/bootstrap.min.css" rel="stylesheet"> <link href="static/css/bootstrap.min.css" rel="stylesheet">
<link href="static/css/svg-with-js.min.css" rel="stylesheet">
<style nonce="<?php echo $SECURE_NONCE; ?>"> <style nonce="<?php echo $SECURE_NONCE; ?>">
.display-5 { .display-5 {
font-size: 2.5rem; font-size: 2.5rem;
@ -40,11 +50,6 @@ if (!empty($_GET['logout'])) {
border: 1px solid grey; border: 1px solid grey;
border-radius: 15%; border-radius: 15%;
} }
.blank-image {
height: 100px;
margin: 2em auto;
}
</style> </style>
<div class="container mt-4"> <div class="container mt-4">
@ -54,24 +59,25 @@ if (!empty($_GET['logout'])) {
</div> </div>
<div class="col-12 text-center"> <div class="col-12 text-center">
<h1 class="display-5 mb-4"><?php $Strings->get("You have been logged out.") ?></h1> <h1 class="display-5 mb-4"><?php $Strings->get($title); ?></h1>
</div> </div>
<div class="col-12 col-sm-8 col-lg-6"> <div class="col-12 col-sm-8 col-lg-6">
<div class="card mt-4"> <div class="card mt-4">
<div class="card-body"> <div class="card-body">
<a href="./index.php" class="btn btn-primary btn-block"><?php $Strings->get("Log in again"); ?></a> <a href="<?php echo $url; ?>" class="btn btn-primary btn-block"><?php $Strings->get($button); ?></a>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
<script src="static/js/fontawesome-all.min.js"></script>
<?php <?php
die();
} }
if (!empty($_GET['logout'])) {
showHTML("You have been logged out.", "Log in again", "./index.php");
die();
}
if (empty($_SESSION["login_code"])) { if (empty($_SESSION["login_code"])) {
$redirecttologin = true; $redirecttologin = true;
} else { } else {
@ -84,13 +90,15 @@ if (empty($_SESSION["login_code"])) {
$user = new User($uidinfo['uid'] * 1); $user = new User($uidinfo['uid'] * 1);
foreach ($SETTINGS['permissions'] as $perm) { foreach ($SETTINGS['permissions'] as $perm) {
if (!$user->hasPermission($perm)) { if (!$user->hasPermission($perm)) {
die($Strings->get("no access permission", false)); showHTML("no access permission", "sign out", "./action.php?action=signout");
die();
} }
} }
Session::start($user); Session::start($user);
$_SESSION["login_code"] = null; $_SESSION["login_code"] = null;
header('Location: app.php'); header('Location: app.php');
die("Logged in, go to app.php"); showHTML("Logged in", "Continue", "./app.php");
die();
} else { } else {
throw new Exception(); throw new Exception();
} }
@ -113,7 +121,10 @@ if ($redirecttologin) {
$_SESSION["login_code"] = $codedata["code"]; $_SESSION["login_code"] = $codedata["code"];
header("Location: " . $codedata["loginurl"] . "?code=" . htmlentities($codedata["code"]) . "&redirect=" . htmlentities($redirecturl)); $locationurl = $codedata["loginurl"] . "?code=" . htmlentities($codedata["code"]) . "&redirect=" . htmlentities($redirecturl);
header("Location: $locationurl");
showHTML("Continue", "Continue", $locationurl);
die();
} catch (Exception $ex) { } catch (Exception $ex) {
sendError($ex->getMessage()); sendError($ex->getMessage());
} }

6
langs/en/core.json
View File

@ -1,11 +1,7 @@
{ {
"You have been logged out.": "You have been logged out.",
"Log in again": "Log in again",
"login server unavailable": "Login server unavailable. Try again later or contact technical support.",
"sign out": "Sign out", "sign out": "Sign out",
"404 error": "404 Error", "404 error": "404 Error",
"page not found": "Page not found.", "page not found": "Page not found.",
"invalid parameters": "Invalid request parameters.", "invalid parameters": "Invalid request parameters.",
"login server error": "The login server returned an error: {arg}", "login server error": "The login server returned an error: {arg}"
"no access permission": "You do not have permission to access this system."
} }

8
langs/en/index.json Normal file
View File

@ -0,0 +1,8 @@
{
"You have been logged out.": "You have been logged out.",
"Log in again": "Log in again",
"login server unavailable": "Login server unavailable. Try again later or contact technical support.",
"no access permission": "You do not have permission to access this system.",
"Logged in": "Logged in",
"Continue": "Continue"
}