1 files changed, 26 insertions, 21 deletions

diff --git a/plugins/auth_internal/init.php b/plugins/auth_internal/init.php
index e910e52aa..87c8555c0 100644
--- a/plugins/auth_internal/init.php
+++ b/plugins/auth_internal/init.php
@@ -1,7 +1,5 @@
 <?php
 class Auth_Internal extends Plugin implements IAuthModule {
-
-	private $link;
 	private $host;
 
 	function about() {
@@ -12,7 +10,6 @@ class Auth_Internal extends Plugin implements IAuthModule {
 	}
 
 	function init($host) {
-		$this->link = $host->get_link();
 		$this->host = $host;
 
 		$host->add_hook($host::HOOK_AUTH_USER, $this);
@@ -22,15 +19,17 @@ class Auth_Internal extends Plugin implements IAuthModule {
 
 		$pwd_hash1 = encrypt_password($password);
 		$pwd_hash2 = encrypt_password($password, $login);
-		$login = db_escape_string($this->link, $login);
-		$otp = db_escape_string($this->link, $_REQUEST["otp"]);
+		$login = db_escape_string($login);
+		$otp = db_escape_string($_REQUEST["otp"]);
 
-		if (get_schema_version($this->link) > 96) {
+		if (get_schema_version() > 96) {
 			if (!defined('AUTH_DISABLE_OTP') || !AUTH_DISABLE_OTP) {
-				$result = db_query($this->link, "SELECT otp_enabled,salt FROM ttrss_users WHERE
+
+				$result = db_query("SELECT otp_enabled,salt FROM ttrss_users WHERE
 					login = '$login'");
 
 				if (db_num_rows($result) > 0) {
+
 					require_once "lib/otphp/vendor/base32.php";
 					require_once "lib/otphp/lib/otp.php";
 					require_once "lib/otphp/lib/totp.php";
@@ -52,17 +51,18 @@ class Auth_Internal extends Plugin implements IAuthModule {
 							$return = urlencode($_REQUEST["return"]);
 							?><html>
 								<head><title>Tiny Tiny RSS</title></head>
-							<body>
+								<?php stylesheet_tag("utility.css") ?>
+							<body class="otp"><div class="content">
 							<form action="public.php?return=<?php echo $return ?>"
-									method="POST">
+									method="POST" class="otpform">
 								<input type="hidden" name="op" value="login">
 								<input type="hidden" name="login" value="<?php echo htmlspecialchars($login) ?>">
 								<input type="hidden" name="password" value="<?php echo htmlspecialchars($password) ?>">
 
 								<label><?php echo __("Please enter your one time password:") ?></label>
-								<input type="password" size="6" name="otp"/>
+								<input autocomplete="off" size="6" name="otp" value=""/>
 								<input type="submit" value="Continue"/>
-							</form>
+							</form></div>
 							<script type="text/javascript">
 								document.forms[0].otp.focus();
 							</script>
@@ -74,9 +74,9 @@ class Auth_Internal extends Plugin implements IAuthModule {
 			}
 		}
 
-		if (get_schema_version($this->link) > 87) {
+		if (get_schema_version() > 87) {
 
-			$result = db_query($this->link, "SELECT salt FROM ttrss_users WHERE
+			$result = db_query("SELECT salt FROM ttrss_users WHERE
 				login = '$login'");
 
 			if (db_num_rows($result) != 1) {
@@ -94,7 +94,7 @@ class Auth_Internal extends Plugin implements IAuthModule {
 
 				// verify and upgrade password to new salt base
 
-				$result = db_query($this->link, $query);
+				$result = db_query($query);
 
 				if (db_num_rows($result) == 1) {
 					// upgrade password to MODE2
@@ -102,7 +102,7 @@ class Auth_Internal extends Plugin implements IAuthModule {
 					$salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
 					$pwd_hash = encrypt_password($password, $salt, true);
 
-					db_query($this->link, "UPDATE ttrss_users SET
+					db_query("UPDATE ttrss_users SET
 						pwd_hash = '$pwd_hash', salt = '$salt' WHERE login = '$login'");
 
 					$query = "SELECT id
@@ -130,7 +130,7 @@ class Auth_Internal extends Plugin implements IAuthModule {
 					pwd_hash = '$pwd_hash2')";
 		}
 
-		$result = db_query($this->link, $query);
+		$result = db_query($query);
 
 		if (db_num_rows($result) == 1) {
 			return db_fetch_result($result, 0, "id");
@@ -140,9 +140,9 @@ class Auth_Internal extends Plugin implements IAuthModule {
 	}
 
 	function check_password($owner_uid, $password) {
-		$owner_uid = db_escape_string($this->link, $owner_uid);
+		$owner_uid = db_escape_string($owner_uid);
 
-		$result = db_query($this->link, "SELECT salt,login FROM ttrss_users WHERE
+		$result = db_query("SELECT salt,login FROM ttrss_users WHERE
 			id = '$owner_uid'");
 
 		$salt = db_fetch_result($result, 0, "salt");
@@ -163,20 +163,20 @@ class Auth_Internal extends Plugin implements IAuthModule {
 				id = '$owner_uid' AND pwd_hash = '$password_hash'";
 		}
 
-		$result = db_query($this->link, $query);
+		$result = db_query($query);
 
 		return db_num_rows($result) != 0;
 	}
 
 	function change_password($owner_uid, $old_password, $new_password) {
-		$owner_uid = db_escape_string($this->link, $owner_uid);
+		$owner_uid = db_escape_string($owner_uid);
 
 		if ($this->check_password($owner_uid, $old_password)) {
 
 			$new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
 			$new_password_hash = encrypt_password($new_password, $new_salt, true);
 
-			db_query($this->link, "UPDATE ttrss_users SET
+			db_query("UPDATE ttrss_users SET
 				pwd_hash = '$new_password_hash', salt = '$new_salt', otp_enabled = false
 					WHERE id = '$owner_uid'");
 
@@ -187,5 +187,10 @@ class Auth_Internal extends Plugin implements IAuthModule {
 			return "ERROR: ".__('Old password is incorrect.');
 		}
 	}
+
+	function api_version() {
+		return 2;
+	}
+
 }
 ?>