Index: securesite.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/securesite/Attic/securesite.module,v
retrieving revision 1.24.2.7
diff -u -F^f -r1.24.2.7 securesite.module
--- securesite.module	10 May 2007 08:48:14 -0000	1.24.2.7
+++ securesite.module	23 Aug 2007 04:24:17 -0000
@@ -259,55 +273,56 @@ function securesite_user_auth() {
   include_once('securesite.inc');
   $edit = $_POST['edit'];
   $securesite_enabled = variable_get('securesite_enabled', 0);
-  unset($content);
 
-  // Log failed requests.
+  // Step #1: Check if the user attempted to submit the login form. If so, getting here means they didn't enter their
+  // info correctly
   if ($_POST['securesite_login_form'] && $edit['name'] && $edit['pass']) {
     watchdog('user', t('Log-in attempt failed for %name.', array('%name' => securesite_theme_placeholder($edit['name']))));
     drupal_set_message(t('Sorry. Unrecognized username or password.'), 'error');
   }
 
-  // Set user messages.
-  if ($_POST['securesite_request_form'] && $edit['name'] && $edit['mail']) {
-    if (!$account = user_load(array('name' => $edit['name'], 'status' => 1))) {
+  // Step #2: Check if the user attempted to submit the password request form.  If so, check if we have information for
+  // the name/mail they entered and send it if we do
+  if ($_POST['securesite_request_form'] && ($edit['name'] || $edit['mail'])) {
+    if ($edit['name'] && (!$account = user_load(array('name' => $edit['name'], 'status' => 1)))) {
       drupal_set_message(t('Sorry. Unrecognized username or e-mail address.'), 'error');
     }
-    elseif (!$account = user_load(array('mail' => $edit['mail'], 'status' => 1))) {
+    elseif ($edit['mail'] && (!$account = user_load(array('mail' => $edit['mail'], 'status' => 1)))) {
       drupal_set_message(t('Sorry. Unrecognized username or e-mail address.'), 'error');
     }
-  }
 
-  // E-mail a user a new password.
-  if ($account->uid) {
-    $from = variable_get('site_mail', ini_get('sendmail_from'));
-
-    // Generate a new password for this user.
-    $pass = user_password();
-    user_save($account, array('pass' => $pass));
-
-    // Mail new password:
-    $variables = array(
-      '%username' => $account->name,
-      '!site' => variable_get('site_name', 'drupal'),
-      '!login_url' => user_pass_reset_url($account),
-      '!uri' => $base_url,
-      '!uri_brief' => preg_replace('`^https?://`i', '', $base_url),
-      '!mailto' => $account->mail, '!date' => format_date(time()), '!login_uri' => url('user', NULL, NULL, TRUE), '!edit_uri' => url('user/'. $account->uid .'/edit', NULL, NULL, TRUE));
-
-    $subject      = _user_mail_text('pass_subject', $variables);
-    $body         = _user_mail_text('pass_body', $variables);
-    $headers      = "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from";
-    $mail_success = drupal_mail("securesite-password", $account->mail, $subject, $body, $headers);
-
-    if ($mail_success) {
-      watchdog('user', t('Password mailed to %name at %email.', array('%name' => securesite_theme_placeholder($account->name), '%email' => securesite_theme_placeholder($account->mail))));
-      drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
-    }
-    else {
-      watchdog('user', t('Error mailing password to %name at %email.', array('%name' => securesite_theme_placeholder($account->name), '%email' => securesite_theme_placeholder($account->mail))), WATCHDOG_ERROR);
-      drupal_set_message(t('Unable to send mail. Please contact the site admin.', 'error'));
+    // E-mail a user a new password.
+    if ($account->uid) {
+      $from = variable_get('site_mail', ini_get('sendmail_from'));
+
+      // Generate a new password for this user.
+      $pass = user_password();
+      user_save($account, array('pass' => $pass));
+
+      // Mail new password:
+      $variables = array(
+        '%username' => $account->name,
+        '!site' => variable_get('site_name', 'drupal'),
+        '!login_url' => user_pass_reset_url($account),
+        '!uri' => $base_url,
+        '!uri_brief' => preg_replace('`^https?://`i', '', $base_url),
+        '!mailto' => $account->mail, '!date' => format_date(time()), '!login_uri' => url('user', NULL, NULL, TRUE), '!edit_uri' => url('user/'. $account->uid .'/edit', NULL, NULL, TRUE));
+
+      $subject      = _user_mail_text('pass_subject', $variables);
+      $body         = _user_mail_text('pass_body', $variables);
+      $headers      = "From: $from\nReply-to: $from\nX-Mailer: Drupal\nReturn-path: $from\nErrors-to: $from";
+      $mail_success = drupal_mail("securesite-password", $account->mail, $subject, $body, $headers);
+
+      if ($mail_success) {
+        watchdog('user', t('Password mailed to %name at %email.', array('%name' => securesite_theme_placeholder($account->name), '%email' => securesite_theme_placeholder($account->mail))));
+        drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
+      }
+      else {
+        watchdog('user', t('Error mailing password to %name at %email.', array('%name' => securesite_theme_placeholder($account->name), '%email' => securesite_theme_placeholder($account->mail))), WATCHDOG_ERROR);
+        drupal_set_message(t('Unable to send mail. Please contact the site admin.', 'error'));
+      }
+      //nowhere to go!! //securesite_goto();
     }
-    //nowhere to go!! //securesite_goto();
   }
 
   // Get content for dialog.
@@ -316,11 +331,18 @@ function securesite_user_auth() {
   }
   $content .= _securesite_request_form();
 
+  // Step #3: If using HTTP Auth, send the appropriate headers
   // HTTP AUTH
-  if (($securesite_enabled == 1 || $securesite_enabled == 2) && !$account->uid) {
+  if (($securesite_enabled == 1 || $securesite_enabled == 2) && !$account->uid  && !$_POST['securesite_request_form']) {
     $realm = variable_get('securesite_realm', variable_get('site_name', 'drupal'));
 
     if ($securesite_enabled == 2) {
+      /*********
+       * If not on the home page of the site, Opera will not show the auth dialog the first time after logout.  It will show
+       * the page displayed before logging out.  Reloading will cause the dialog to display
+       * Safari doesn't seem show the login/password request form when cancelling the auth dialog
+      *********/
+
       // Fix logout on cancel in Opera and IE
       $browser_user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
       if (strpos($browser_user_agent, "gecko") === FALSE) { // Firefox
@@ -336,7 +358,7 @@ function securesite_user_auth() {
     header('HTTP/1.0 401 Unauthorized');
   }
 
-  // Display dialog
+  // Step #4: Show the login form or password request form
   _securesite_dialog_page($content);
   drupal_set_title(t('Log in'));
   module_invoke_all('exit', request_uri());