Nicer access denied message

1 년 전 · d7ca7125ce
--- a/index.php
+++ b/index.php
@@ -13,8 +13,19 @@ if (!empty($_SESSION['loggedin']) && $_SESSION['loggedin'] === true && !isset($_
    die();
 }

 if (!empty($_GET['logout'])) {
    // Show a logout message instead of immediately redirecting to login flow
 /**
 * Show a simple HTML page with a line of text and a button.  Matches the UI of
 * the AccountHub login flow.
 *
 * @global type $SETTINGS
 * @global type $SECURE_NONCE
 * @global type $Strings
 * @param string $title Text to show, passed through i18n
 * @param string $button Button text, passed through i18n
 * @param string $url URL for the button
 */
 function showHTML(string $title, string $button, string $url) {
    global $SETTINGS, $SECURE_NONCE, $Strings;
    ?>
    <!DOCTYPE html>
    <meta charset="UTF-8">
@@ -26,7 +37,6 @@ if (!empty($_GET['logout'])) {
    <link rel="icon" href="static/img/logo.svg">

    <link href="static/css/bootstrap.min.css" rel="stylesheet">
    <link href="static/css/svg-with-js.min.css" rel="stylesheet">
    <style nonce="<?php echo $SECURE_NONCE; ?>">
        .display-5 {
            font-size: 2.5rem;
@@ -40,11 +50,6 @@ if (!empty($_GET['logout'])) {
            border: 1px solid grey;
            border-radius: 15%;
        }

        .blank-image {
            height: 100px;
            margin: 2em auto;
        }
    </style>

    <div class="container mt-4">
@@ -54,24 +59,25 @@ if (!empty($_GET['logout'])) {
            </div>

            <div class="col-12 text-center">
                <h1 class="display-5 mb-4"><?php $Strings->get("You have been logged out.") ?></h1>
                <h1 class="display-5 mb-4"><?php $Strings->get($title); ?></h1>
            </div>

            <div class="col-12 col-sm-8 col-lg-6">
                <div class="card mt-4">
                    <div class="card-body">
                        <a href="./index.php" class="btn btn-primary btn-block"><?php $Strings->get("Log in again"); ?></a>
                        <a href="<?php echo $url; ?>" class="btn btn-primary btn-block"><?php $Strings->get($button); ?></a>
                    </div>
                </div>
            </div>
        </div>
    </div>

    <script src="static/js/fontawesome-all.min.js"></script>
    <?php
    die();
 }

 if (!empty($_GET['logout'])) {
    showHTML("You have been logged out.", "Log in again", "./index.php");
    die();
 }
 if (empty($_SESSION["login_code"])) {
    $redirecttologin = true;
 } else {
@@ -84,13 +90,15 @@ if (empty($_SESSION["login_code"])) {
            $user = new User($uidinfo['uid'] * 1);
            foreach ($SETTINGS['permissions'] as $perm) {
                if (!$user->hasPermission($perm)) {
                    die($Strings->get("no access permission", false));
                    showHTML("no access permission", "sign out", "./action.php?action=signout");
                    die();
                }
            }
            Session::start($user);
            $_SESSION["login_code"] = null;
            header('Location: app.php');
            die("Logged in, go to app.php");
            showHTML("Logged in", "Continue", "./app.php");
            die();
        } else {
            throw new Exception();
        }
@@ -113,7 +121,10 @@ if ($redirecttologin) {

        $_SESSION["login_code"] = $codedata["code"];

        header("Location: " . $codedata["loginurl"] . "?code=" . htmlentities($codedata["code"]) . "&redirect=" . htmlentities($redirecturl));
        $locationurl = $codedata["loginurl"] . "?code=" . htmlentities($codedata["code"]) . "&redirect=" . htmlentities($redirecturl);
        header("Location: $locationurl");
        showHTML("Continue", "Continue", $locationurl);
        die();
    } catch (Exception $ex) {
        sendError($ex->getMessage());
    }
--- a/langs/en/core.json
+++ b/langs/en/core.json
@@ -1,11 +1,7 @@
 {
    "You have been logged out.": "You have been logged out.",
    "Log in again": "Log in again",
    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
    "sign out": "Sign out",
    "404 error": "404 Error",
    "page not found": "Page not found.",
    "invalid parameters": "Invalid request parameters.",
    "login server error": "The login server returned an error: {arg}",
    "no access permission": "You do not have permission to access this system."
    "login server error": "The login server returned an error: {arg}"
 }
--- a/langs/en/index.json
+++ b/langs/en/index.json
@@ -0,0 +1,8 @@
 {
    "You have been logged out.": "You have been logged out.",
    "Log in again": "Log in again",
    "login server unavailable": "Login server unavailable.  Try again later or contact technical support.",
    "no access permission": "You do not have permission to access this system.",
    "Logged in": "Logged in",
    "Continue": "Continue"
 }