silverstripe-framework/security/LoginForm.php
Andrew O'Neil 808d6875cb #941 - Security flaw: SS prone to CSRF attack
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@43901 467b73ca-7a2a-4603-9d3b-597d59a354a9
2007-10-28 21:44:38 +00:00

51 lines
1.1 KiB
PHP

<?php
/**
* LoginForm base class
*
* @author Markus Lanthaler <markus@silverstripe.com>
*/
/**
* Abstract base class for a login form
*
* This class is used as a base class for the different log-in forms like
* {@link MemberLoginForm} or {@link OpenIDLoginForm}.
*
* @author Markus Lanthaler <markus@silverstripe.com>
*/
abstract class LoginForm extends Form {
function __construct($controller, $name, $fields, $actions) {
parent::__construct($controller, $name, $fields, $actions);
$this->disableSecurityToken();
}
/**
* Authenticator class to use with this login form
*
* Set this variable to the authenticator class to use with this login
* form.
* @var string
*/
protected $authenticator_class;
/**
* Get the authenticator class
* @return Authenticator Returns the authenticator class for this login form.
*/
public function getAuthenticator() {
if(!class_exists($this->authenticator_class) || !is_subclass_of($this->authenticator_class, 'Authenticator')) {
user_error('The form uses an invalid authenticator class!', E_USER_ERROR);
return;
}
return new $this->authenticator_class;
}
}
?>