Login form requires Javascript
Bug #891383 reported by
Hugh Davenport
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Won't Fix
|
Medium
|
Son Nguyen |
Bug Description
The login form requires javascript to be enabled, yet this should be the case. With some small code hacking to remove the js form and disable js I can still login fine.
The js wrapper to the login form is meant to check whether cookies are enabled, but it seems that it doesn't do that...
Message displayed to the user if js is disabled is
'Your browser does not have javascript enabled for this site. Mahara requires javascript to be enabled before you can log in'
I would recommend removing the dependency on javascript for login, make the assumtion that cookies are enabled (if they aren't the user will quickly find out! as they will have to relogin after every page).
Changed in mahara: | |
importance: | Low → High |
milestone: | none → 1.7.0 |
tags: | added: bite-sized |
Changed in mahara: | |
assignee: | nobody → Son Nguyen (ngson2000) |
status: | Triaged → In Progress |
Changed in mahara: | |
milestone: | 1.7.0 → 1.8.0 |
Changed in mahara: | |
importance: | High → Medium |
Changed in mahara: | |
milestone: | 1.8rc1 → 1.8.0 |
Changed in mahara: | |
milestone: | 1.8.0 → none |
To post a comment you must log in.
To fix this, we need to remove the function get_login_form_js, which is used to generate the sidebar login form, and the login form for the login page. It is also used in the saml authentication plugin. The contents of the function are as follows:
/** form_js( $form) { array(" \n", "\t"), '', $form)))); notenabled = json_encode( get_string( 'cookiesnotenab led')); 'cookieprefix' ) . 'ctest'; javascript" > container' ); innerHTML = '$form'; 1;expires= 1/1/1990 00:00:00'; dNodes( loginbox, P(null, $strcookiesnote nabled) );
* Returns javascript to assist with the rendering of the login forms. The
* javascript is used to detect whether cookies are enabled, and not show the
* login form if they are not.
*
* @param string $form A rendered login form
* @return string The form with extra javascript added for cookie detection
* @private
*/
function get_login_
$form = str_replace('/', '\/', str_replace("'", "\'", (str_replace(
$strcookies
$cookiename = get_config(
return <<<EOF
<script type="text/
var loginbox = $('loginform_
document.cookie = "$cookiename=1";
if (document.cookie) {
loginbox.
document.cookie = '$cookiename=
}
else {
replaceChil
}
</script>
EOF;
}
The cookie check fails though.. so it doesn't serve much purpose at all, and I think starting to get rid of the js requirement is a good idea