Mahara

Login form requires Javascript

Bug #891383 reported by Hugh Davenport
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mahara
Won't Fix
Medium
Son Nguyen

Bug Description

The login form requires javascript to be enabled, yet this should be the case. With some small code hacking to remove the js form and disable js I can still login fine.

The js wrapper to the login form is meant to check whether cookies are enabled, but it seems that it doesn't do that...

Message displayed to the user if js is disabled is
 'Your browser does not have javascript enabled for this site. Mahara requires javascript to be enabled before you can log in'

I would recommend removing the dependency on javascript for login, make the assumtion that cookies are enabled (if they aren't the user will quickly find out! as they will have to relogin after every page).

Revision history for this message
Hugh Davenport (hugh-davenport) wrote :

To fix this, we need to remove the function get_login_form_js, which is used to generate the sidebar login form, and the login form for the login page. It is also used in the saml authentication plugin. The contents of the function are as follows:

/**
 * Returns javascript to assist with the rendering of the login forms. The
 * javascript is used to detect whether cookies are enabled, and not show the
 * login form if they are not.
 *
 * @param string $form A rendered login form
 * @return string The form with extra javascript added for cookie detection
 * @private
 */
function get_login_form_js($form) {
    $form = str_replace('/', '\/', str_replace("'", "\'", (str_replace(array("\n", "\t"), '', $form))));
    $strcookiesnotenabled = json_encode(get_string('cookiesnotenabled'));
    $cookiename = get_config('cookieprefix') . 'ctest';
    return <<<EOF
<script type="text/javascript">
var loginbox = $('loginform_container');
document.cookie = "$cookiename=1";
if (document.cookie) {
    loginbox.innerHTML = '$form';
    document.cookie = '$cookiename=1;expires=1/1/1990 00:00:00';
}
else {
    replaceChildNodes(loginbox, P(null, $strcookiesnotenabled));
}
</script>
EOF;
}

The cookie check fails though.. so it doesn't serve much purpose at all, and I think starting to get rid of the js requirement is a good idea

Revision history for this message
Richard Mansfield (richard-mansfield) wrote : Re: [Mahara-contributors] [Bug 891383] Re: Login form requires Javascript

Nigel deliberately made the login form js-only while Mahara is still
dependent on js. He figured we should fix the important things that
still have a js requirement before letting people log in and cruelly
dashing their hopes.

Revision history for this message
Hugh Davenport (hugh-davenport) wrote :

Right, makes sense. I will probably be going through and filing bugs for any other parts that fail when js is disabled. Once we have all them done then this bug can be finished.

Kristina Hoeppner (kris-hoeppner)
Changed in mahara:
importance: Low → High
milestone: none → 1.7.0
tags: added: bite-sized
Revision history for this message
Kristina Hoeppner (kris-hoeppner) wrote :

added to blueprint https://blueprints.launchpad.net/mahara/+spec/no-javascript

Son Nguyen (ngson2000)
Changed in mahara:
assignee: nobody → Son Nguyen (ngson2000)
status: Triaged → In Progress
Revision history for this message
Melissa Draper (melissa) wrote :

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 milestone 1.8
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBAgAGBQJRIwvSAAoJEJHQT0Mtn5aHiTAQAMvv3UB+Std5sp7MNLJisIWM
F3w5pbCldLn86j6IA8nIGNAqebAOLiQ3AW3a5zO1LZ3lHy3Yp8En4sIPSOkF2U8L
6U/DF9pDo/z7cuo+GhtlgRe7oUyklpWNjgsF4/yw8ppYLuQ6eLgQiopyuZX6N7+a
NTQfXknHZIIEe4XhWmV2b9GGVF4Mhg1RUshsJe5/FvvC9ybXV+TTL/8HfFcdVL8e
lJfqu6Kjf4ueyp5dUXtHkh+GArjmT+O6j+bFRgR9rpvS4140JZimj05ZvjWzb6oS
zYgtyNap/T0rcyZP/upNweEhaWGAdJAMoO+GOIcSMDgTdWaAXyLlEgVfFOhx2IhT
sH6Dfuld4bCRsRLcrQwpKwcOB9xEYleCAXSeaZsVry9rfj2LWcrXzrBhPDsa7JQ0
qcPzymGh8kHHpVJPuaX3ztyaKPdS4jP8mz6CGnTwZ2ot2dDbbMBal4fkZfQ4j/cR
j1V9Q6HBU9RkcjXvcGFvYyA9HPMPVETQyx9mu/KYVtGf88Y9ucLlflQDsPskhZdQ
H8l9vEzdJLURAyq/YXKdrR14g9OgA+aqIWIO2E1YhjSO2kUAMBeRFjU/FEhftxPw
DkoR86wtix4QHeStPaA9PyPA1X825tdRQ9itqpBqbIgkKpD1Ue6hzf0aOvKX8+FJ
NSqftjUQEqadBbaQTqkP
=t4IF
-----END PGP SIGNATURE-----

Son Nguyen (ngson2000)
Changed in mahara:
milestone: 1.7.0 → 1.8.0
Robert Lyon (robertl-9)
Changed in mahara:
importance: High → Medium
Aaron Wells (u-aaronw)
Changed in mahara:
milestone: 1.8rc1 → 1.8.0
Revision history for this message
Aaron Wells (u-aaronw) wrote :

There is a patch for this : https://reviews.mahara.org/#/c/1743/

But it needs some updating.

Aaron Wells (u-aaronw)
Changed in mahara:
milestone: 1.8.0 → none
Revision history for this message
Robert Lyon (robertl-9) wrote :

Time has marched on and supported browsers all use javascript now so will close this bug

Changed in mahara:
status: In Progress → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.