Page 1 of 1
Logout from index.php
Posted: Tue Jan 22, 2008 1:42 am
by g00se
Hi!
I'm using a special configured variant of s9y. I use a variant of the httpauth plugin to let the server do the authentification. He does the auth automatically via Kerberos, so if somebody tries to enter the serendipity_admin.php the auth is already done when s9y get's a chance to start working
.
So the logon works. Also I like to use the login plugin (currently unmodified) and the login works, but I can't logoff from the index.php. The logoff button doesn't work. It's does only a side refresh.
The parameter is
.
The only solution I've seen is to log is to use
Code: Select all
serendipity_admin.php?serendipity[adminModule]=logout
The problem is that I would like to logoff without using the admin page.
PS: loginform does say
// Logout is performed in bundled event plugin!
but I doesn't found anything...
Does anybody knows how to get the plugin working?
Re: Logout from index.php
Posted: Tue Jan 22, 2008 11:57 am
by garvinhicking
Hi!
Yeah, the logout cannot be performed within the sidebar plugin, because when it starts, the page has already re-authenticated a user.
There should be a plugin serendipity_event_loginform or serendipity_event_login which is a event plugin that should deal with the logout.
Regards,
Garvin
Posted: Tue Jan 22, 2008 12:22 pm
by g00se
Does something like that exist? Or how can it be done?
(Just point at some files...)
I just quick and dirty modified the loginform plugin:
Code: Select all
56a57
>
59,64c60,61
< echo '<div class="serendipity_center serendipity_msg_important">' . WRONG_USERNAME_OR_PASSWORD . '</div>';
< } elseif (serendipity_userLoggedIn()) {
< if (isset($serendipity['POST']['logout'])) {
< serendipity_logout();
< return true;
< }
---
> echo '<div class="serendipity_center serendipity_msg_important">' . WRONG_USERNAME_OR_PASSWORD . '</div>';
> } elseif (serendipity_userLoggedIn()) {
67,68c64,65
< echo '<input type="hidden" name="serendipity[action]" value="logout" />';
< echo '<input type="submit" name="serendipity[logout]" value="' . LOGOUT . ' >" />';
---
> echo '<input type="hidden" name="serendipity[logout]" value="true" />';
> echo '<input type="submit" name="serendipity[action]" value="' . LOGOUT . ' >" />';
So the loginform does perform the logout if $serendipity['POST'][logout] is set...
The question is that okay or does is a event plugin a better solution?
Posted: Tue Jan 22, 2008 12:32 pm
by garvinhicking
Hi!
Do you have a unified diff for this? I can't make anything out of this diff, neither can I apply it with 'patch'.
Regards,
Garvin
Posted: Tue Jan 22, 2008 1:09 pm
by g00se
Here is the file...
Code: Select all
<?php # $Id: serendipity_plugin_loginform.php,v 1.14 2006/12/01 09:00:55 garvinhicking Exp $
if (IN_serendipity !== true) {
die ("Don't hack!");
}
// Probe for a language include with constants. Still include defines later on, if some constants were missing
$probelang = dirname(__FILE__) . '/' . $serendipity['charset'] . 'lang_' . $serendipity['lang'] . '.inc.php';
if (file_exists($probelang)) {
include $probelang;
}
include dirname(__FILE__) . '/lang_en.inc.php';
class serendipity_plugin_loginform extends serendipity_plugin {
function introspect(&$propbag)
{
$propbag->add('name', PLUGIN_LOGINFORM_NAME);
$propbag->add('description', PLUGIN_LOGINFORM_DESC);
$propbag->add('stackable', false);
$propbag->add('author', 'Garvin Hicking');
$propbag->add('version', '1.06');
$propbag->add('requirements', array(
'serendipity' => '0.8',
'smarty' => '2.6.7',
'php' => '4.1.0'
));
$propbag->add('configuration', array('title'));
$propbag->add('groups', array('FRONTEND_FEATURES'));
// Register (multiple) dependencies. KEY is the name of the depending plugin. VALUE is a mode of either 'remove' or 'keep'.
// If the mode 'remove' is set, removing the plugin results in a removal of the depending plugin. 'Keep' meens to
// not touch the depending plugin.
$this->dependencies = array('serendipity_event_loginform' => 'remove');
}
function introspect_config_item($name, &$propbag)
{
switch($name) {
case 'title':
$propbag->add('type', 'string');
$propbag->add('name', TITLE);
$propbag->add('description', TITLE);
$propbag->add('default', '');
break;
default:
return false;
}
return true;
}
function generate_content(&$title) {
global $serendipity;
$title = $this->get_config('title', $title);
$url = serendipity_currentURL();
if (isset($serendipity['POST']['action']) && !isset($serendipity['POST']['logout']) && !serendipity_userLoggedIn()) {
echo '<div class="serendipity_center serendipity_msg_important">' . WRONG_USERNAME_OR_PASSWORD . '</div>';
} elseif (serendipity_userLoggedIn()) {
if (isset($serendipity['POST']['logout'])) {
serendipity_logout();
return true;
}
echo '<div class="serendipity_center">' . WELCOME_BACK . ' ' . $_SESSION['serendipityUser'] . '</div>';
echo '<form id="loginform" action="' . $url . '" method="post">';
echo '<input type="hidden" name="serendipity[action]" value="logout" />';
echo '<input type="submit" name="serendipity[logout]" value="' . LOGOUT . ' >" />';
$show_entry = false;
$show_media = false;
if (function_exists('serendipity_checkPermission')) {
if (serendipity_checkPermission('adminEntries')) {
$show_entry = true;
}
if (serendipity_checkPermission('adminImages') && serendipity_checkPermission('adminImagesAdd')) {
$show_media = true;
}
} elseif (!$serendipity['no_create']) {
$show_entry = true;
$show_media = true;
}
if ($show_entry) {
echo '<div class="loginform_link_entry"><a href="' . $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new">' . NEW_ENTRY . '</a></div>';
}
if ($show_media) {
echo '<div class="loginform_link_media"><a href="' . $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[adminModule]=media&serendipity[adminAction]=addSelect">' . ADD_MEDIA . '</a></div>';
}
echo '</form>';
return true;
}
// Logout is performed in bundled event plugin!
echo '<form id="loginform" action="' . $url . '" method="post">';
echo '<div>';
echo USERNAME . ' <input type="text" name="serendipity[user]" value="" /><br />';
echo PASSWORD . ' <input type="password" name="serendipity[pass]" value="" /><br />';
echo '<input id="autologin" type="checkbox" name="serendipity[auto]" style="float: left; display: inline; width: 20px" /><label for="autologin"> ' . AUTOMATIC_LOGIN . '</label><br />';
echo '<input type="submit" name="serendipity[action]" value="' . LOGIN . ' >" />';
echo '</div>';
echo '</form>';
return true;
}
}
/* vim: set sts=4 ts=4 expandtab : */
Posted: Tue Jan 22, 2008 1:48 pm
by garvinhicking
Hi!
Hm, I believe this might not work. Raise your error_Reporting, I think you'll see some error notices that headers/cookies cannot be set at this place.
The logout routine is performed in serendpity_event_loginform ( a seperate plugin).
HTH,
Garvin
Posted: Tue Jan 22, 2008 2:19 pm
by g00se
Nope, I got no error using this code (just rechecked) and my error_reporting is set by s9y.
Would you like to look at my installation?
Besides I just checked out event_loginform and installed and it does also work
. Could you add a note in plugin_loginform that a event_loginform exists, just for the next one...
PS: I do use different installations of s9y for testing.
Greetz
Posted: Tue Jan 22, 2008 2:32 pm
by garvinhicking
Hi!
I'm just wondering about the errors, because the header() call to unset a cookie should actually be too late in code?
Regards,
Garvin
Posted: Tue Jan 22, 2008 3:16 pm
by g00se
I know what you mean, but I not sure at which point the function is called... Sorry. On the other side I believe the provided solution of a event is the better way.
Thanks