Show
Ignore:
Timestamp:
04/16/06 19:02:08 (3 years ago)
Author:
sdcosta
Message:

Changes to the login system so that the password is not sent in cleartext and firefox remembers it. Mobile login will be fixed in the next changeset.
Please reset your password using the password reset plugin http://plugins.gregarius.net/index.php?req=info&id=29

Files:
1 modified

Legend:

Unmodified
Added
Removed

  • trunk/rss/admin/users.php

    r1421 r1441  
    4848    <!-- 
    4949        function on_submit_password_match() { 
    50             pass=document.getElementById('admin_pass').value; 
    51             pass2=document.getElementById('admin_pass2').value; 
     50            pass=document.getElementById('password').value; 
     51            pass2=document.getElementById('password2').value; 
    5252            if(pass !== pass2){ 
    5353                msg = '<?php echo LBL_ADMIN_PASS_NO_MATCH ?>'; 
    5454                document.getElementById('admin_match_result').innerHTML = msg; 
    55                 document.getElementById('admin_pass').value = ''; 
    56                 document.getElementById('admin_pass2').value = ''; 
     55                document.getElementById('password').value = ''; 
     56                document.getElementById('password2').value = ''; 
    5757                return false; 
    5858            }else{ 
    59                 return true; 
     59                document.getElementById('password2').value = ''; 
     60                return loginHandler(); 
    6061            } 
    6162        }    
     
    7071    echo "<form action=\"".$_SERVER['PHP_SELF'] . "\" onsubmit=\"return on_submit_password_match();\" method=\"post\">\n" 
    7172    ."<fieldset style=\"width:400px;\">" 
    72     ."<p><label style=\"display:block\" for=\"admin_uname\">".LBL_USERNAME.":</label>\n" 
    73     ."<input type=\"text\" id=\"admin_uname\" name=\"admin_uname\" /></p>\n" 
    74     ."<p><label style=\"display:block\" for=\"admin_pass\">".LBL_PASSWORD.":</label>\n" 
    75     ."<input type=\"password\" id=\"admin_pass\" name=\"admin_pass\" /></p>\n" 
    76     ."<p><label style=\"display:block\" for=\"admin_pass2\">".LBL_PASSWORD2.":</label>\n" 
    77     ."<input type=\"password\" id=\"admin_pass2\" name=\"admin_pass2\" /></p>\n" 
     73    ."<p><label style=\"display:block\" for=\"username\">".LBL_USERNAME.":</label>\n" 
     74    ."<input type=\"text\" id=\"username\" name=\"username\" /></p>\n" 
     75    ."<p><label style=\"display:block\" for=\"password\">".LBL_PASSWORD.":</label>\n" 
     76    ."<input type=\"password\" id=\"password\" name=\"password\" /></p>\n" 
     77    ."<p><label style=\"display:block\" for=\"password2\">".LBL_PASSWORD2.":</label>\n" 
     78    ."<input type=\"password\" id=\"password2\" name=\"password2\" /></p>\n" 
    7879    ."<p><input type=\"submit\" value=\"".LBL_ADMIN_OK."\" /></p>\n" 
    7980    ."<div style=\"display:inline;\" id=\"admin_match_result\"></div>\n" 
     
    9192  echo "\n<div id=\"channel_admin\" class=\"frame\">"; 
    9293         
    93     echo "<form id=\"admin_login\" style=\"text-align:center\" action=\"".$_SERVER['PHP_SELF'] ."\" method=\"post\">\n" 
     94    echo "<form id=\"admin_login\" onsubmit=\"return loginHandler();\"  
     95        style=\"text-align:center\" action=\"".$_SERVER['PHP_SELF'] ."\" method=\"post\">\n" 
    9496    ."<fieldset>" 
    9597    ."<legend>" . LBL_ADMIN_LOGIN . "</legend>\n"