Move login form to a separate page

Do not show the login form on every page. Move it to a separate login
page and add a link to the navigation bar. Also, add a logout link for
logged-in users.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>

4 files changed, 58 insertions, 50 deletions

diff --git a/web/html/login.php b/web/html/login.php
new file mode 100644
index 0000000..7f4f342
--- /dev/null
+++ b/web/html/login.php
@@ -0,0 +1,55 @@
+<?php
+set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
+
+include_once("aur.inc.php");
+set_lang();
+check_sid();
+
+if (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) {
+	$login = try_login();
+	$login_error = $login['error'];
+}
+
+html_header('AUR ' . __("Login"));
+?>
+<div id="dev-login" class="box">
+	<h2>AUR <?php echo __('Login') ?></h2>
+	<?php if (isset($_COOKIE["AURSID"])): ?>
+	<p>
+		<?php echo __("Logged-in as: %s", '<strong>' . username_from_sid($_COOKIE["AURSID"]) . '</strong>'); ?>
+		<a href="logout.php">[<?php print __("Logout"); ?>]</a>
+	</p>
+	<?php elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?>
+	<form method="post" action="<?php echo htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) ?>">
+		<fieldset>
+			<legend><?php echo __('Enter login credentials') ?></legend>
+			<?php if (!empty($login_error)): ?>
+			<ul class="errorlist"><li><?php echo $login_error ?></li></ul>
+			<?php endif; ?>
+			<p>
+				<label for="id_username"><?php print __('Username') . ':'; ?></label>
+				<input id="id_username" type="text" name="user" size="30" maxlength="<?php print USERNAME_MAX_LEN; ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" />
+			</p>
+			<p>
+				<label for="id_password"><?php print __('Password') . ':'; ?></label>
+				<input id="id_password" type="password" name="passwd" size="30" maxlength="<?php print PASSWD_MAX_LEN; ?>" />
+			</p>
+			<p>
+				<input type="checkbox" name="remember_me" id="id_remember_me" />
+				<label for="id_remember_me"><?php print __("Remember me"); ?></label>
+			</p>
+			<p>
+				<input type="submit" class="button" value="<?php  print __("Login"); ?>" />
+				<a href="passreset.php">[<?php echo __('Forgot Password') ?>]</a>
+			</p>
+		</fieldset>
+	</form>
+	<?php else: ?>
+	<p>
+		<?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."),
+			'<a href="' . $AUR_LOCATION . htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) . '">', '</a>'); ?>
+	</p>
+	<?php endif; ?>
+</div>
+<?php
+html_footer(AUR_VERSION);
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index 985558f..991fb14 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -286,18 +286,8 @@ function db_query($query="", $db_handle="") {
 # common header
 #
 function html_header($title="") {
-	global $_SERVER;
-	global $_COOKIE;
-	global $_POST;
 	global $LANG;
 	global $SUPPORTED_LANGS;
-	global $DISABLE_HTTP_LOGIN;
-	global $AUR_LOCATION;
-
-	if (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) {
-		$login = try_login();
-		$login_error = $login['error'];
-	}
 
 	$title = htmlspecialchars($title, ENT_QUOTES);
 
diff --git a/web/template/header.php b/web/template/header.php
index 885a74f..db1fd84 100644
--- a/web/template/header.php
+++ b/web/template/header.php
@@ -42,12 +42,13 @@
 						<?php if (check_user_privileges()): ?><li><a href="tu.php"><?php print __("Trusted User"); ?></a></li><?php endif; ?>
 						<li><a href="packages.php?SeB=m&amp;K=<?php print username_from_sid($_COOKIE["AURSID"]); ?>"><?php print __("My Packages"); ?></a></li>
 						<li><a href="pkgsubmit.php"><?php print __("Submit"); ?></a></li>
+						<li><a href="logout.php"><?php print __("Logout"); ?></a></li>
+					<?php else: ?>
+						<li><a href="login.php"><?php print __("Login"); ?></a></li>
 					<?php endif; ?>
 				</ul>
 			</div><!-- #archdev-navbar -->
 
-			<?php include("login_form.php"); ?>
-
 			<div id="lang_sub">
 				<?php
 				reset($SUPPORTED_LANGS);
diff --git a/web/template/login_form.php b/web/template/login_form.php
deleted file mode 100644
index 21bdaa7..0000000
--- a/web/template/login_form.php
+++ /dev/null
@@ -1,38 +0,0 @@
-<div id="login_bar" class="pgbox">
-<?php
-if (isset($_COOKIE["AURSID"])) {
-	print __("Logged-in as: %s", '<b>' . username_from_sid($_COOKIE["AURSID"]) . '</b>');
-?>
- <a href="logout.php">[<?php print __("Logout"); ?>]</a>
-<?php
-}
-elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) {
-	if ($login_error) {
-		print "<span class='error'>" . $login_error . "</span><br />\n";
-	}
-?>
-<form method="post" action="<?php echo htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) ?>">
-	<div>
-	<label for="user"><?php print __('Username') . ':'; ?></label>
-	<input type="text" name="user" id="user" size="30" maxlength="<?php print USERNAME_MAX_LEN; ?>" value="<?php
-	if (isset($_POST['user'])) {
-		print htmlspecialchars($_POST['user'], ENT_QUOTES);
-	} ?>" />
-	<label for="passwd"><?php print __('Password') . ':'; ?></label>
-	<input type="password" name="passwd" id="passwd" size="30" maxlength="<?php print PASSWD_MAX_LEN; ?>" />
-	<input type="checkbox" name="remember_me" id="remember_me" />
-	<label for="remember_me"><?php print __("Remember me"); ?></label>
-	<input type="submit" class="button" value="<?php  print __("Login"); ?>" />
-	<a href="passreset.php">[<?php echo __('Forgot Password') ?>]</a>
-	</div>
-</form>
-<?php
-}
-else {
-?>
-<span class='error'>
-	<?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."),
-		'<a href="' . $AUR_LOCATION . htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) . '">', '</a>'); ?>
-</span>
-<?php } ?>
-</div>