Index: trunk/Vanilla/templates/vanilla+authentication/home.mtml =================================================================== --- trunk/Vanilla/templates/vanilla+authentication/home.mtml (revision 914) +++ trunk/Vanilla/templates/vanilla+authentication/home.mtml (revision 914) @@ -0,0 +1,5 @@ + + +

<__trans phrase="No entries. Authentication example only">

+ + Index: trunk/Vanilla/templates/vanilla+authentication/readme_javascript.txt =================================================================== --- trunk/Vanilla/templates/vanilla+authentication/readme_javascript.txt (revision 916) +++ trunk/Vanilla/templates/vanilla+authentication/readme_javascript.txt (revision 916) @@ -0,0 +1,70 @@ +<$mt:var name="user-auth" value="signin-content"$> + + Set show_userpic to 1 to enable userpics in the signin line + - Requires Community Solution + - Note: This will update username to link to Community Solution "edit profile" script. This script assumes that you are using profiles and thus links to "view profile" screen. If the template set is not using profiles then the Community Solution "Profile Edit" Global System Template should be updated. + +<$mt:var name="show_userpic" value="1"$> + +/* Blog Variables *****************************************************************/ +var is_preview; +var user; + +/* Utility Functions *****************************************************************/ + function mtHide(id) // Simple routine for showing a DOM element (applying a CSS display attribute of 'none'). + function mtShow(id) // Simple routine for showing a DOM element (applying a CSS display attribute of 'block'). +function mtFireEvent(eventName,param) // Calls the event named, if there are handlers for it. +function mtFixDate(date) // ** +function mtEscapeJS(s) // Simple function that escapes single quote characters for storing in a cookie. +function mtUnescapeJS(s) // Simple function that unescapes single quote characters that were stored in a cookie. +function mtAttachEvent(eventName,func) // A utility function for assigning/adding handlers to window events. +function mtGetXmlHttp() // Returns a XMLHttpRequest object (for Ajax operations). + +/* Cookie *****************************************************************/ +var mtCookieName = "<$mt:UserSessionCookieName$>"; // The cookie name to use for storing the blog-side comment session cookie. +var mtCookieDomain = "<$mt:UserSessionCookieDomain$>"; +var mtCookiePath = "<$mt:UserSessionCookiePath$>"; +var mtCookieTimeout = <$mt:UserSessionCookieTimeout$>; +function mtSaveUser(f) // Persists a copy of the current user cookie into the browser cookie stash. +function mtClearUser() // Clears the blog-side user cookie. +function mtSetCookie(name, value, expires, path, domain, secure) // Sets a browser cookie. +function mtGetCookie(name) // Retrieves a browser cookie. +function mtDeleteCookie(name, path, domain, secure) // Deletes a browser cookie. +function mtBakeUserCookie(u) // Serializes a user object into a string, suitable for storing as a cookie. +function mtUnbakeUserCookie(s) // Unserializes a user cookie and returns a user object with the restored state. + +/* Login Functions *****************************************************************/ +#_login/#_logout // If request contains a '#_login' or '#_logout' hash, use this to also delete the blog-side user cookie, since we're coming back from a login, logout or edit profile operation. +function mtFetchUser(cb) // Issues a request to the MT comment script to retrieve the currently logged-in user (if any). +function mtUpdateSignInWidget(u) // A routine that displays various phrases based upon users authenticated status +function mtGetUser() // Retrieves an object of the currently logged in user's state. If no user is logged in or cookied, this will return null. +function mtSaveUser(f) // Persists a copy of the current user cookie into the browser cookie stash. +function mtSignIn() // Handles the action of the "Sign in" link. First clears any existing user cookie, then directs to the MT comment script to sign the user in. +function mtSignInOnClick(sign_in_element) // **Handles the action of the "Sign in" link. +function mtSetUserOrLogin(u) // **Handles branching between users cookied in app vs not logged in +function mtSignOut(entry_id) // Handles sign out from the web site. First clears any existing user cookie, then direts to the MT comment script to sign the user out. +function mtSignOutOnClick() // Handles the action of the "Sign out" link. + +/* Commenting *****************************************************************/ +function mtEntryOnLoad() // Called when an entry archive page is loaded. This routine controls which elements of the comment form are shown or hidden, depending on commenter type and blog configuration. +function mtEntryOnUnload() // ** +function mtShowGreeting() // Handles the display of the greeting message, depending on what kind of user is logged in and blog comment policy. +function mtUserOnLoad() // Function to hide/show/prepopulate fields based upon type of user that has authenticated +function mtRememberMeOnClick(b) // Called when the 'Remember me' checkbox is changed. If the checkbox is cleared, the cached user cookie is immediately cleared. +function mtReplyCommentOnClick(parent_id, author) // Handles the action of the 'Reply' links. +function mtSetCommentParentID() // Sets the parent comment ID when replying to a comment. +function mtCommentOnSubmit(f) // Called when comment form is sent. Required parameter: Form DOM object of comment form. If form has a 'bakecookie' member, it will be used to signal storing the anonymous commenter information to a cookie. If form has a 'armor' member, it will be used to store a token that is checked by the comment script. +function mtCommentSessionVerify(app_user) // ** +function mtCommentFormOnFocus() // Called when an input field on the comment form receives focus. +function mtShowCaptcha() // Displays a captcha field for anonymous commenters. + +/* Initialize *****************************************************************/ +function mtInit() // Initialize + +/* Edit Entry *****************************************************************/ +function mtEditLink(entry_id, author_id) // Used to display an edit link for the given entry. + +/* Date Formatting *****************************************************************/ +function mtRelativeDate(ts, fds) // Displays a relative date. 'ts' is a Date object, 'fds' is a string of the date which will be displayed if the given date is older than 1 week. + +/* END Movable Type Javascript *****************************************************************/ Index: trunk/Vanilla/templates/vanilla+authentication/wrapper.mtml =================================================================== --- trunk/Vanilla/templates/vanilla+authentication/wrapper.mtml (revision 909) +++ trunk/Vanilla/templates/vanilla+authentication/wrapper.mtml (revision 909) @@ -0,0 +1,36 @@ + + + + <$mt:BlogName encode_html="1"$> + + " /> + + + + +

<$mt:BlogName encode_html="1"$>

+ +
+ <__trans phrase="Sign In"> +
+ + + + + <$mt:Var name="contents"$> + + + + +

<__trans phrase="_POWERED_BY"> and the Vanilla template set

+ + + + + Index: trunk/Vanilla/templates/vanilla+authentication/javascript.mtml =================================================================== --- trunk/Vanilla/templates/vanilla+authentication/javascript.mtml (revision 915) +++ trunk/Vanilla/templates/vanilla+authentication/javascript.mtml (revision 915) @@ -0,0 +1,531 @@ +<$mt:var name="user-auth" value="signin-content"$> + + Set show_userpic to 1 to enable userpics in the signin line + - Requires Community Solution + - Note: This will update username to link to Community Solution "edit profile" script. This script assumes that you are using profiles and thus links to "view profile" screen. If the template set is not using profiles then the Community Solution "Profile Edit" Global System Template should be updated. + +<$mt:var name="show_userpic" value="1"$> + +/* Section *****************************************************************/ + +// The cookie name to use for storing the blog-side comment session cookie. +var mtCookieName = "<$mt:UserSessionCookieName$>"; +var mtCookieDomain = "<$mt:UserSessionCookieDomain$>"; +var mtCookiePath = "<$mt:UserSessionCookiePath$>"; +var mtCookieTimeout = <$mt:UserSessionCookieTimeout$>; +var is_preview; +var user; + +/* Login Functions *****************************************************************/ + + +/*** + * Issues a request to the MT comment script to retrieve the currently + * logged-in user (if any). + */ + +var mtFetchedUser = false; + +function mtFetchUser(cb) { + if (!cb) cb = 'mtSetUser'; + if ( ( cb == 'mtSetUser' ) && mtGetUser() ) { + var url = document.URL; + url = url.replace(/#.+$/, ''); + url += '#comments-open'; + location.href = url; + } else { + // we aren't using AJAX for this, since we may have to request + // from a different domain. JSONP to the rescue. + mtFetchedUser = true; + var script = document.createElement('script'); + var ts = new Date().getTime(); + script.src = '<$mt:CGIPath$><$mt:CommentScript$>?__mode=session_js&blog_id=<$mt:BlogID$>&jsonp=' + cb + '&ts=' + ts; + (document.getElementsByTagName('head'))[0].appendChild(script); + } +} + + + +/*** + * A routine that displays various phrases based upon users authenticated status + */ + + +// Signin +// You are signed in as UserName (Sign out) +// You do not have permission to sign in to this blog + +function mtUpdateSignInWidget(u) { + var el = document.getElementById('<$mt:var name="user-auth"$>'); + var content = ''; + var doit = 1; + if (!el) return; + if (u) { + if (u && u.is_authenticated) { + user = u; + mtSaveUser(); + } else { + // user really isn't logged in; so let's do this! + return mtSignIn(); + } + } else { + u = mtGetUser(); + } + if (u && u.name) { + + if (u.userpic) + content += ''; + + var url; + if (u.is_authenticated) { + if (u.is_author) { + + url = '<$mt:CGIPath$><$mt:CommunityScript$>?__mode=edit&blog_id=<$mt:BlogID$>'; + url += '&return_to=' + encodeURIComponent(document.URL); + + url = '<$mt:CGIPath$><$mt:CommentScript$>?__mode=edit_profile&blog_id=<$mt:BlogID$>'; + url += '&static=' + encodeURIComponent( location.href ); + + } else { + url = u.url; + } + } else if (u.url) { + url = u.url; + } else { + url = null; + } + content += '<__trans phrase="You are signed in as " escape="js">'; + if (url) + content += '' + u.name + ''; + else + content += u.name; + content += '. (<__trans phrase="sign out" escape="js">)'; + } else if (u && u.is_banned) { + content = '<__trans phrase="You do not have permission to sign in to this blog." escape="js">'; + } else { + // content = '\')"><__trans phrase="Sign In" escape="js">'; + doit = 0; + } + if (doit) { + el.innerHTML = content; + } +} + + + +/*** + * If request contains a '#_login' or '#_logout' hash, use this to + * also delete the blog-side user cookie, since we're coming back from + * a login, logout or edit profile operation. + */ +var clearCookie = ( window.location.hash && window.location.hash.match( /^#_log(in|out)/ ) ) ? true : false; +if (clearCookie) { + // clear any logged in state + mtClearUser(); + if (RegExp.$1 == 'in') + mtFetchUser(); +} else { + + /*** + * Uncondition this call to fetch the current user state (if available) + * from MT upon page load if no user cookie is already present. + * This is okay if you have a private install, such as an Intranet; + * not recommended for public web sites! + */ + + if ( is_preview && !user ) + mtFetchUser(); +} + + + + +/*** + * Retrieves an object of the currently logged in user's state. + * If no user is logged in or cookied, this will return null. + */ + +function mtGetUser() { + if (!user) { + var cookie = mtGetCookie(mtCookieName); + if (!cookie) return; + user = mtUnbakeUserCookie(cookie); + if (! user) { + user = {}; + user.is_anonymous = true; + user.can_post = false; + user.is_author = false; + user.is_banned = false; + user.is_trusted = false; + } + } + return user; +} + + +/*** + * Assigns a user object as the actively logged in user; also saves the + * user information in a browser cookie. + */ + +function mtSetUser(u) { + if (u) { + // persist this + user = u; + mtSaveUser(); + // sync up user greeting + mtFireEvent('usersignin'); + } +} + + +/*** + * Persists a copy of the current user cookie into the browser cookie stash. + */ + +function mtSaveUser(f) { + // We can't reliably store the user cookie during a preview. + if (is_preview) return; + + var u = mtGetUser(); + + if (f && (!u || u.is_anonymous)) { + if ( !u ) { + u = {}; + u.is_authenticated = false; + u.can_comment = true; + u.is_author = false; + u.is_banned = false; + u.is_anonymous = true; + u.is_trusted = false; + } + if (f.author != undefined) u.name = f.author.value; + if (f.email != undefined) u.email = f.email.value; + if (f.url != undefined) u.url = f.url.value; + } + + if (!u) return; + + var cache_period = mtCookieTimeout * 1000; + + // cache anonymous user info for a long period if the + // user has requested to be remembered + if (u.is_anonymous && f && f.bakecookie && f.bakecookie.checked) + cache_period = 365 * 24 * 60 * 60 * 1000; + + var now = new Date(); + mtFixDate(now); + now.setTime(now.getTime() + cache_period); + + var cmtcookie = mtBakeUserCookie(u); + mtSetCookie(mtCookieName, cmtcookie, now, mtCookiePath, mtCookieDomain, + location.protocol == 'https:'); +} + + +/*** + * Handles the action of the "Sign in" link. First clears any existing + * user cookie, then directs to the MT comment script to sign the user in. + */ + +function mtSignIn() { + var doc_url = document.URL; + doc_url = doc_url.replace(/#.+/, ''); + var url = '<$mt:SignInLink$>'; + if (is_preview) { + if ( document['comments_form'] ) { + var entry_id = document['comments_form'].entry_id.value; + url += '&entry_id=' + entry_id; + } else { + url += '&return_url=<$mt:BlogURL encode_url="1"$>'; + } + } else { + url += '&return_url=' + encodeURIComponent(doc_url); + } + mtClearUser(); + location.href = url; +} + +function mtSignInOnClick(sign_in_element) { + var el; + if (sign_in_element) { + // display throbber + el = document.getElementById(sign_in_element); + if (!el) // legacy MT 4.x element id + el = document.getElementById('comment-form-external-auth'); + } + if (el) + el.innerHTML = '<__trans phrase="Signing in..." escape="js">  '; + + mtClearUser(); // clear any 'anonymous' user cookie to allow sign in + mtFetchUser('mtSetUserOrLogin'); + return false; +} + +function mtSetUserOrLogin(u) { + if (u && u.is_authenticated) { + mtSetUser(u); + } else { + // user really isn't logged in; so let's do this! + mtSignIn(); + } +} + + +/*** + * Handles sign out from the web site. + * First clears any existing user cookie, then direts to the MT comment + * script to sign the user out. + */ + +function mtSignOut(entry_id) { + mtClearUser(); + var doc_url = document.URL; + doc_url = doc_url.replace(/#.+/, ''); + var url = '<$mt:SignOutLink$>'; + if (is_preview) { + if ( document['comments_form'] ) { + var entry_id = document['comments_form'].entry_id.value; + url += '&entry_id=' + entry_id; + } else { + url += '&return_url=<$mt:BlogURL encode_url="1"$>'; + } + } else { + url += '&return_url=' + encodeURIComponent(doc_url); + } + location.href = url; +} + + +/*** + * Handles the action of the "Sign out" link. + */ + +function mtSignOutOnClick() { + mtSignOut(); + return false; +} + + + +/* Cookie *****************************************************************/ + + +/*** + * Persists a copy of the current user cookie into the browser cookie stash. + */ + +function mtSaveUser(f) { + // We can't reliably store the user cookie during a preview. + if (is_preview) return; + + var u = mtGetUser(); + + if (f && (!u || u.is_anonymous)) { + if ( !u ) { + u = {}; + u.is_authenticated = false; + u.can_comment = true; + u.is_author = false; + u.is_banned = false; + u.is_anonymous = true; + u.is_trusted = false; + } + if (f.author != undefined) u.name = f.author.value; + if (f.email != undefined) u.email = f.email.value; + if (f.url != undefined) u.url = f.url.value; + } + + if (!u) return; + + var cache_period = mtCookieTimeout * 1000; + + // cache anonymous user info for a long period if the + // user has requested to be remembered + if (u.is_anonymous && f && f.bakecookie && f.bakecookie.checked) + cache_period = 365 * 24 * 60 * 60 * 1000; + + var now = new Date(); + mtFixDate(now); + now.setTime(now.getTime() + cache_period); + + var cmtcookie = mtBakeUserCookie(u); + mtSetCookie(mtCookieName, cmtcookie, now, mtCookiePath, mtCookieDomain, + location.protocol == 'https:'); +} + + +/*** + * Clears the blog-side user cookie. + */ + +function mtClearUser() { + user = null; + mtDeleteCookie(mtCookieName, mtCookiePath, mtCookieDomain, + location.protocol == 'https:'); +} + + +/*** + * Sets a browser cookie. + */ + +function mtSetCookie(name, value, expires, path, domain, secure) { + if (domain && domain.match(/^\.?localhost$/)) + domain = null; + var curCookie = name + "=" + escape(value) + + (expires ? "; expires=" + expires.toGMTString() : "") + + (path ? "; path=" + path : "") + + (domain ? "; domain=" + domain : "") + + (secure ? "; secure" : ""); + document.cookie = curCookie; +} + + +/*** + * Retrieves a browser cookie. + */ + +function mtGetCookie(name) { + var prefix = name + '='; + var c = document.cookie; + var cookieStartIndex = c.indexOf(prefix); + if (cookieStartIndex == -1) + return ''; + var cookieEndIndex = c.indexOf(";", cookieStartIndex + prefix.length); + if (cookieEndIndex == -1) + cookieEndIndex = c.length; + return unescape(c.substring(cookieStartIndex + prefix.length, cookieEndIndex)); +} + + +/*** + * Deletes a browser cookie. + */ + +function mtDeleteCookie(name, path, domain, secure) { + if (mtGetCookie(name)) { + if (domain && domain.match(/^\.?localhost$/)) + domain = null; + document.cookie = name + "=" + + (path ? "; path=" + path : "") + + (domain ? "; domain=" + domain : "") + + (secure ? "; secure" : "") + + "; expires=Thu, 01-Jan-70 00:00:01 GMT"; + } +} + + +/*** + * Serializes a user object into a string, suitable for storing as a cookie. + */ + +function mtBakeUserCookie(u) { + var str = ""; + if (u.name) str += "name:'" + mtEscapeJS(u.name) + "';"; + if (u.url) str += "url:'" + mtEscapeJS(u.url) + "';"; + if (u.email) str += "email:'" + mtEscapeJS(u.email) + "';"; + if (u.auth_type) str += "auth_type:'" + u.auth_type + "';"; + if (u.is_authenticated) str += "is_authenticated:'1';"; + if (u.profile) str += "profile:'" + mtEscapeJS(u.profile) + "';"; + if (u.userpic) str += "userpic:'" + mtEscapeJS(u.userpic) + "';"; + if (u.sid) str += "sid:'" + mtEscapeJS(u.sid) + "';"; + str += "is_trusted:'" + (u.is_trusted ? "1" : "0") + "';"; + str += "is_author:'" + (u.is_author ? "1" : "0") + "';"; + str += "is_banned:'" + (u.is_banned ? "1" : "0") + "';"; + str += "can_post:'" + (u.can_post ? "1" : "0") + "';"; + str += "can_comment:'" + (u.can_comment ? "1" : "0") + "';"; + str = str.replace(/;$/, ''); + return str; +} + + +/*** + * Unserializes a user cookie and returns a user object with the restored + * state. + */ + +function mtUnbakeUserCookie(s) { + if (!s) return; + + var u = {}; + var m; + while (m = s.match(/^((name|url|email|auth_type|is_authenticated|profile|userpic|sid|is_trusted|is_author|is_banned|can_post|can_comment):'([^']+?)';?)/)) { + s = s.substring(m[1].length); + if (m[2].match(/^(is|can)_/)) // boolean fields + u[m[2]] = m[3] == '1' ? true : false; + else + u[m[2]] = mtUnescapeJS(m[3]); + } + if (u.is_authenticated) { + u.is_anonymous = false; + } else { + u.is_anonymous = true; + u.can_post = false; + u.is_author = false; + u.is_banned = false; + u.is_trusted = false; + } + return u; +} + +/* Utility Functions *****************************************************************/ + + +/*** + * Calls the event named, if there are handlers for it. + */ + +function mtFireEvent(eventName,param) { + var fn = window['on' + eventName]; + if (typeof fn == 'function') return fn(param); + return; +} + +function mtFixDate(date) { + var skew = (new Date(0)).getTime(); + if (skew > 0) + date.setTime(date.getTime() - skew); +} + + +/*** + * Simple function that escapes single quote characters for storing + * in a cookie. + */ + +function mtEscapeJS(s) { + s = s.replace(/'/g, "'"); + return s; +} + + +/*** + * Simple function that unescapes single quote characters that were + * stored in a cookie. + */ + +function mtUnescapeJS(s) { + s = s.replace(/'/g, "'"); + return s; +} + + +/*** + * A utility function for assigning/adding handlers to window events. + */ + +function mtAttachEvent(eventName,func) { + var onEventName = 'on' + eventName; + var old = window[onEventName]; + if( typeof old != 'function' ) + window[onEventName] = func; + else { + window[onEventName] = function( evt ) { + old( evt ); + return func( evt ); + }; + } +} + +/* section *****************************************************************/