Item12180: Detect gross time skew between client and server. Accept <…

…CR> to submit pasword. Set input focus when modal refreshed.

git-svn-id: http://svn.foswiki.org/trunk@16489 0b4bb1d4-4e5a-0410-9cc4-b2b747904278

core/lib/Foswiki/Configure/Dispatch.pm

@@ -22,7 +22,11 @@ use version 0.77;
 
 # minimum version of client JavaScript that configure requires.
 #
-my $minScriptVersion = version->parse("v3.124");
+my $minScriptVersion = version->parse("v3.125");
+
+# Maximum acceptable time skew between client and server (seconds)
+#
+my $maxTimeSkew = 5 * 60;    # No reason this can't be much less if NTP is used.
 
 use Foswiki::Configure (qw/:DEFAULT :auth :cgi :config :session :trace/);
 
@@ -353,6 +357,31 @@ sub _validatefeedbackUI {
     # Fast null response to version check request.
     htmlResponse('') unless $ENV{CONTENT_LENGTH};
 
+    my $clientTime = $query->http('X-Foswiki-ClientTime') || 0;
+    my $serverTime = time;
+    my $skew       = abs( $clientTime - $serverTime );
+    if ( $skew > $maxTimeSkew ) {
+        require POSIX;
+        my $tz = localtime($serverTime);    # Initialize tzname
+        $tz = POSIX::tzname() || 'server local';
+        if ( $maxTimeSkew >= 60 ) {
+            my $mins = sprintf( "%.0f", $maxTimeSkew / 60 );
+            $mins .= $mins == 1 ? ' minute' : ' minutes';
+            $maxTimeSkew = "$maxTimeSkew seconds ($mins)";
+        }
+        $clientTime =
+          gmtime($clientTime) . ' UTC' . ', ' . localtime($clientTime) . " $tz";
+        $serverTime =
+          gmtime($serverTime) . ' UTC' . ', ' . localtime($serverTime) . " $tz";
+
+        scriptVersionError(
+            7,
+            clientTime  => $clientTime,
+            serverTime  => $serverTime,
+            maxTimeSkew => $maxTimeSkew
+        );
+    }
+
     ::_loadBasicModule('Foswiki::Configure::Feedback');
     return;
 }

core/lib/Foswiki/Configure/resources/scripts.js

@@ -9,7 +9,7 @@ var configure = (function ($) {
 
 	"use strict";
 
-        var VERSION = "v3.124";
+        var VERSION = "v3.125";
         /* Do not merge, move or change format of VERSION, parsed by perl.
          */
 
@@ -878,6 +878,36 @@ function submitform() {
     document.update.submit();
 }
 
+function submitOnEnter(field, e ) {
+    "use strict";
+
+    var keycode;
+    if (window.event) keycode = window.event.keyCode;
+    else if (e) keycode = e.which;
+    else return true;
+
+    if (keycode == 13) {
+        field.form.submit();
+        return false;
+    }
+    return true;
+}
+
+function feedbackOnEnter(field, e ) {
+    "use strict";
+
+    var keycode;
+    if (window.event) keycode = window.event.keyCode;
+    else if (e) keycode = e.which;
+    else return true;
+
+    if (keycode == 13) {
+        $(field.form).find('.foswikiButton:first').click();
+        return false;
+    }
+    return true;
+}
+
 var feedback = ( function ($) {
     "use strict";
 
@@ -915,6 +945,7 @@ var feedback = ( function ($) {
             if( $('#configureModalContents').html(m).size() ) {
                 if( feedback.modalIsOpen() ) {
                     modalObject.resize(true);
+                    modalObject.elts.cont.find(":input.foswikiFocus:first").focus();
                 } else {
                     $('#activateConfigureModalWindow').click();
                 }
@@ -939,8 +970,9 @@ var feedback = ( function ($) {
              * switch to <code> as <pre> s used by CGI::Carp.  This should be removed
              * once the nyroModal CSS is fixed.
              */
-            m = m.replace(/<(\/)?pre>/gi, "<$1code>").replace(/\n/g, '<br />');
-
+            if( /<pre>/.test(m) ) {
+                m = m.replace(/<(\/)?pre>/gi, "<$1code>").replace(/\n/g, '<br />');
+            }
             feedback.modalWindow(m.replace(/\r?\n/mgi, '<crlf>').replace(/^.*<body[^>]*>/mgi, '').
                                    replace(/<\/body>.*$/mgi, '').replace(/<\/?html>/mgi, '').
                                    replace(/<crlf>/mg, "\n"));
@@ -962,7 +994,8 @@ var feedback = ( function ($) {
                 },
                 headers: {
                     'X-Foswiki-FeedbackRequest': 'V1.0',
-                    'X-Foswiki-ScriptVersion': configure.getVERSION()
+                    'X-Foswiki-ScriptVersion': configure.getVERSION(),
+                    'X-Foswiki-ClientTime': Math.round((new Date).getTime()/1000)
                 },
                 processData: false,
                 data: requestData,
@@ -1137,6 +1170,7 @@ var feedback = ( function ($) {
 
                     if( modalIsOpen ) {
                         modalObject.resize(true);
+                        modalObject.elts.cont.find(":input.foswikiFocus:first").focus();
                     } else {
                         if( openModal ) {
                             $('#activateConfigureModalWindow').click();

core/lib/Foswiki/Configure/templates/feedbackprotocol.tmpl

@@ -41,7 +41,18 @@
     Configure was unable to locate the version of its client javascript file.
     <p> Your Foswiki installation is corrupted or out of date.
 </#assign>
-
+<#assign scriptTimeSkew>
+    The time reported by your browser differs from the 
+    time reported by the server by more than ${maxTimeSkew}.<table><tbody>
+    <tr><td><strong>Browser time:</strong><td>${clientTime}
+    <tr><td><strong>Server time:</strong><td>${serverTime}</table>
+    <p> This can cause problems with authentication, logging and topic edits.
+   <p> Please correct the time on the machine running your browser and/or server.
+   <p> Note: The local times are in the server's time zone; the time zone of your 
+     browser does <strong>not</strong> need to match that of the server.
+   <p> We strongly suggest using NTP or SNTP ('Internet time' in windows) to maintain
+   the correct time for both clients and servers.
+</#assign>
 <body>
   <div class="configureFeedbackError">
     <h1><img src="%RESOURCEURI%icon_error.png">Invalid feedback request</h1>
@@ -64,7 +75,11 @@
         <#if etype == 6>
             ${scriptFileCorrupt}
        </#if>
+        <#if etype == 7>
+            ${scriptTimeSkew}
+       <#else>
         <p><b>Developers:</b> If you are running from trunk or pseudo-installed, executing ${resourcePath}/make_gz may resolve this error.
+       </#if>
    </div>
 </body>
 </html>

core/lib/Foswiki/Configure/templates/loginmodal.tmpl

@@ -13,9 +13,9 @@
 </#if>
 <#if displayStatus == 16><div class="foswikiNotification foswikiAlert"> Password incorrect. Try again below.</div></#if>
 <hr />
-  <form method="post" action="${formAction}" enctype="multipart/form-data" name="sessionTimeout">
+  <form method="post" action="${formAction}" enctype="multipart/form-data" name="sessionTimeout" >
     <input type="hidden" name="time" value="${time}"  />
-    <input type="password" name="password" size="30" maxlength="80" class='foswikiInputField' placeholder='Configure password' /><br />
+    <input type="password" name="password" size="30" maxlength="80" class='foswikiInputField foswikiFocus' placeholder='Configure password' onKeyPress="return feedbackOnEnter(this,event, '{ConfigureGUI}{Modals}{Login}feedreq2');" /><br />
 ${authenticationNeeded}
 <#assign actionButtonLabel>Login</#assign>
 ${actionButton}

core/lib/Foswiki/Configure/templates/passwordrequired.tmpl

@@ -4,5 +4,5 @@
   <h1>Configure Password Required</h1>
 <#if displayStatus == 16><div class="foswikiNotification foswikiAlert"> Password incorrect. Try again below.</div></#if>
 ${authenticationReason} requires you to enter the configure password.<p>
-    <input type="password" name="password" size="30" maxlength="80" class='foswikiInputField foswikiFocus' placeholder='Configure password' /><br />
+     <input type="password" name="password" size="30" maxlength="80" class='foswikiInputField foswikiFocus' placeholder='Configure password' onKeyPress="return feedbackOnEnter(this,event);" /><br />
 </div>