diff --git a/index.php b/index.php index 545a9ee..fd4aaea 100644 --- a/index.php +++ b/index.php @@ -13,8 +13,20 @@ if (!empty($_SESSION['loggedin']) && $_SESSION['loggedin'] === true && !isset($_ die(); } -if (!empty($_GET['logout'])) { - // Show a logout message instead of immediately redirecting to login flow + +/** + * Show a simple HTML page with a line of text and a button. Matches the UI of + * the AccountHub login flow. + * + * @global type $SETTINGS + * @global type $SECURE_NONCE + * @global type $Strings + * @param string $title Text to show, passed through i18n + * @param string $button Button text, passed through i18n + * @param string $url URL for the button + */ +function showHTML(string $title, string $button, string $url) { + global $SETTINGS, $SECURE_NONCE, $Strings; ?> @@ -26,8 +38,20 @@ if (!empty($_GET['logout'])) { - - +
@@ -36,24 +60,25 @@ if (!empty($_GET['logout'])) {
-

get("You have been logged out.") ?>

+

get($title); ?>

- get("Log in again"); ?> + get($button); ?>
- - getMessage()); } -} \ No newline at end of file +} diff --git a/langs/en/core.json b/langs/en/core.json index 28afcee..f2d85fb 100644 --- a/langs/en/core.json +++ b/langs/en/core.json @@ -1,26 +1,7 @@ { - "sign in": "Sign In", - "username": "Username", - "password": "Password", - "continue": "Continue", - "authcode": "Authentication code", - "2fa prompt": "Enter the six-digit code from your mobile authenticator app.", - "2fa incorrect": "Authentication code incorrect.", - "login incorrect": "Login incorrect.", - "login server unavailable": "Login server unavailable. Try again later or contact technical support.", - "account locked": "This account has been disabled. Contact technical support.", - "password expired": "You must change your password before continuing.", - "account terminated": "Account terminated. Access denied.", - "account state error": "Your account state is not stable. Log out, restart your browser, and try again.", - "welcome user": "Welcome, {user}!", "sign out": "Sign out", "404 error": "404 Error", "page not found": "Page not found.", "invalid parameters": "Invalid request parameters.", - "login server error": "The login server returned an error: {arg}", - "login server user data error": "The login server refused to provide account information. Try again or contact technical support.", - "captcha error": "There was a problem with the CAPTCHA (robot test). Try again.", - "no access permission": "You do not have permission to access this system.", - "generic op error": "An unknown error occurred. Try again later.", - "home": "Home" + "login server error": "The login server returned an error: {arg}" } diff --git a/langs/en/index.json b/langs/en/index.json new file mode 100644 index 0000000..f5f262b --- /dev/null +++ b/langs/en/index.json @@ -0,0 +1,7 @@ +{ + "You have been logged out.": "You have been logged out.", + "Log in again": "Log in again", + "login server unavailable": "Login server unavailable. Try again later or contact technical support.", + "no access permission": "You do not have permission to access this system.", + "Logged in": "Logged in" +} diff --git a/langs/en/login.json b/langs/en/login.json index 9add11c..2a333e5 100644 --- a/langs/en/login.json +++ b/langs/en/login.json @@ -8,5 +8,18 @@ "Current password for {user}": "Current password for {user}", "New password": "New password", "New password (again)": "New password (again)", - "Fill in all three boxes.": "Fill in all three boxes." + "Fill in all three boxes.": "Fill in all three boxes.", + "sign in": "Sign In", + "username": "Username", + "password": "Password", + "continue": "Continue", + "authcode": "Authentication code", + "2fa prompt": "Enter the six-digit code from your mobile authenticator app.", + "2fa incorrect": "Authentication code incorrect.", + "login incorrect": "Login incorrect.", + "login server unavailable": "Login server unavailable. Try again later or contact technical support.", + "account locked": "This account has been disabled. Contact technical support.", + "password expired": "You must change your password before continuing.", + "account terminated": "Account terminated. Access denied.", + "account state error": "Your account state is not stable. Log out, restart your browser, and try again." } diff --git a/required.php b/required.php index 20d83fb..6c6bd1a 100644 --- a/required.php +++ b/required.php @@ -33,7 +33,6 @@ session_start(); // stick some cookies in it // renew session cookie setcookie(session_name(), session_id(), time() + $session_length, "/", false, false); -$captcha_server = ($SETTINGS['captcha']['enabled'] === true ? preg_replace("/http(s)?:\/\//", "", $SETTINGS['captcha']['server']) : ""); if ($_SESSION['mobile'] === TRUE) { header("Content-Security-Policy: " . "default-src 'self';" @@ -43,8 +42,8 @@ if ($_SESSION['mobile'] === TRUE) { . "frame-src 'none'; " . "font-src 'self'; " . "connect-src *; " - . "style-src 'self' 'unsafe-inline' $captcha_server; " - . "script-src 'self' 'unsafe-inline' $captcha_server"); + . "style-src 'self' 'unsafe-inline'; " + . "script-src 'self' 'unsafe-inline'"); } else { header("Content-Security-Policy: " . "default-src 'self';" @@ -54,8 +53,8 @@ if ($_SESSION['mobile'] === TRUE) { . "frame-src 'none'; " . "font-src 'self'; " . "connect-src *; " - . "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; " - . "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server"); + . "style-src 'self' 'nonce-$SECURE_NONCE'; " + . "script-src 'self' 'nonce-$SECURE_NONCE'"); } // diff --git a/static/css/index.css b/static/css/index.css deleted file mode 100644 index 81e0ba0..0000000 --- a/static/css/index.css +++ /dev/null @@ -1,15 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -.banner-image { - max-height: 100px; - margin: 2em auto; - border: 1px solid grey; - border-radius: 15%; -} - -.footer { - margin-top: 10em; - text-align: center; -} \ No newline at end of file