- Rewrite de administration login system to a simple PHP session one

app/controllers/AdminController.php

@@ -6,29 +6,15 @@ class AdminController extends BaseController {
     }
 
     function dispatch() {
-        if(!isset($_SERVER['PHP_AUTH_USER'])) {
-            $this->authenticate();
-        } else {
-            $conf = \system\Conf::getServerConf();
-
-            if($_SERVER['PHP_AUTH_USER'] == (string)$conf['user'] && sha1($_SERVER['PHP_AUTH_PW']) == (string)$conf['pass']){
-                $this->page->setTitle(t('%s - Administration Panel', APP_TITLE));
+        session_start();
+        
+        if(isset($_SESSION['admin']) && $_SESSION['admin'] == true) {            
+            $this->page->setTitle(t('%s - Administration Panel', APP_TITLE));
 
-                $this->page->menuAddLink(t('Home'), 'main');
-                $this->page->menuAddLink(t('Administration'), 'admin', true);
-            } else
-                $this->authenticate();
+            $this->page->menuAddLink(t('Home'), 'main');
+            $this->page->menuAddLink(t('Administration'), 'admin', true);
+        } else {
+            $this->name = 'adminlogin';
         }
     }
-
-    /**
-     * Return a basic auth page for the administration area
-     */
-    protected function authenticate(){
-        header('WWW-Authenticate: Basic realm="Enter credentials admin/password"');
-        header('HTTP/1.0 401 Unauthorized');
-        echo 'Why are you hitting cancel?';
-        exit;
-    }
-
 }

app/controllers/AdminloginController.php

@@ -0,0 +1,22 @@
+<?php
+
+class AdminloginController extends BaseController {
+    function load() {
+        $this->session_only = false;
+    }
+
+    function dispatch() {
+        $this->page->setTitle(t('%s - Administration Panel', APP_TITLE));
+
+        $this->page->menuAddLink(t('Home'), 'main');
+        $this->page->menuAddLink(t('Administration'), 'admin', true);
+        
+        $conf = \system\Conf::getServerConf();
+        
+        if($conf['user'] == $_POST['username'] 
+        && $conf['pass'] == sha1($_POST['password'])) {
+            $_SESSION['admin'] = true;
+            $this->name = 'admin';
+        }
+    }
+}

app/views/adminlogin.tpl

@@ -0,0 +1,10 @@
+<div id="main">
+    <div id="center" >
+		<div class="fixed_block">
+			<h1><?php echo t('Login'); ?></h1>
+		</div>
+		<div class="moving_block" >
+			<?php $this->widget('AdminLogin');?>
+		</div>
+    </div>
+</div>

app/views/main.tpl

@@ -4,7 +4,6 @@
 <?php $this->widget('Presence');?>
 <?php $this->widget('Chat');?>
 <?php $this->widget('VisioExt');?>
-<?php $this->widget('Ack');?>
     
 <div id="main">    
     <div id="left">

app/views/page.tpl

@@ -72,6 +72,7 @@
 
         <div id="content">
             <?php $this->widget('Notification');?>
+            <?php $this->widget('Ack');?>
             <?php $this->content();?>
           
             <footer>

app/widgets/AdminLogin/AdminLogin.php

@@ -0,0 +1,25 @@
+<?php
+
+/**
+ * @package Widgets
+ *
+ * @file AdminLogin.php
+ * This file is part of MOVIM.
+ *
+ * @brief The login administration widget.
+ *
+ * @author Timothée Jaussoin <edhelas@gmail.com>
+ *
+ * Copyright (C)2013 MOVIM project
+ *
+ * See COPYING for licensing information.
+ */
+ 
+class AdminLogin extends WidgetBase {  
+    function WidgetLoad()
+    {
+
+
+    }
+    
+}

app/widgets/AdminLogin/adminlogin.tpl

@@ -0,0 +1,19 @@
+<form method="post" class="paddedtop">
+    <fieldset>
+        <div class="element">
+            <label for="username">{$c->t('Username')}</label>
+            <input type="text" name="username" class="content">
+        </div>
+        <div class="element">
+            <label for="password">{$c->t('Password')}</label>
+            <input type="password" name="password" class="content">
+        </div>
+        
+        <input 
+            class="button color green oppose" 
+            type="submit" 
+            
+            name="submit" 
+            value="{$c->t('Submit')}" />
+    </fieldset>
+</form>