From 1b334ff8940007b038308bacd20e36b05678d479 Mon Sep 17 00:00:00 2001 From: Skylar Ittner Date: Sun, 7 May 2017 13:02:18 -0600 Subject: [PATCH] Improve error handling "friendliness" --- index.php | 10 +++++++++- lang/en_us.php | 1 + lib/login.php | 20 +++++++++++--------- 3 files changed, 21 insertions(+), 10 deletions(-) diff --git a/index.php b/index.php index 64308a2..38a2eec 100644 --- a/index.php +++ b/index.php @@ -15,7 +15,8 @@ if ($VARS['progress'] == "1") { if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) { $autherror = ""; if (user_exists($VARS['username'])) { - switch (get_account_status($VARS['username'])) { + $status = get_account_status($VARS['username'], $error); + switch ($status) { case "LOCKED_OR_DISABLED": $alert = lang("account locked", false); break; @@ -32,6 +33,13 @@ if ($VARS['progress'] == "1") { sendLoginAlertEmail($VARS['username']); $userpass_ok = true; break; + default: + if (!is_empty($error)) { + $alert = $error; + break; + } + $alert = lang("login error", false); + break; } if ($userpass_ok) { if (authenticate_user($VARS['username'], $VARS['password'], $autherror)) { diff --git a/lang/en_us.php b/lang/en_us.php index 304445c..996715b 100644 --- a/lang/en_us.php +++ b/lang/en_us.php @@ -10,6 +10,7 @@ define("STRINGS", [ "2fa incorrect" => "Authentication code incorrect.", "login incorrect" => "Login incorrect.", "login successful" => "Login successful.", + "login error" => "There was a server problem. Try again later.", "account locked" => "This account has been disabled. Contact technical support.", "password expired" => "You must change your password before continuing.", "account terminated" => "Account terminated. Access denied.", diff --git a/lib/login.php b/lib/login.php index 2a121b1..92bc140 100644 --- a/lib/login.php +++ b/lib/login.php @@ -96,16 +96,16 @@ function authenticate_user($username, $password, &$errormsg) { return authenticate_user_ldap($username, $password, $errormsg) === TRUE; } else if ($loc == "LDAP_ONLY") { try { - if (authenticate_user_ldap($username, $password) === TRUE) { + if (authenticate_user_ldap($username, $password, $errormsg) === TRUE) { $user = $ldap->getRepository('user')->findOneByUsername($username); //var_dump($user); adduser($user->getUsername(), null, $user->getName(), ($user->hasEmailAddress() ? $user->getEmailAddress() : null), "", "", 2); return true; - } else { - return false; } + return false; } catch (Exception $e) { - sendError("LDAP error: " . $e->getMessage()); + $errormsg = $e->getMessage(); + return false; } } else { return false; @@ -134,7 +134,7 @@ function user_exists_local($username) { * @param string $password * @return string */ -function get_account_status($username) { +function get_account_status($username, &$error) { global $database; $username = strtolower($username); $loc = account_location($username); @@ -153,7 +153,7 @@ function get_account_status($username) { )[0]['statuscode']; return $statuscode; } else if ($loc == "LDAP" || $loc == "LDAP_ONLY") { - return get_account_status_ldap($username); + return get_account_status_ldap($username, $error); } else { // account isn't setup properly return "OTHER"; @@ -268,7 +268,8 @@ function authenticate_user_ldap($username, $password, &$errormsg) { return $msg; } } catch (Exception $e) { - sendError("LDAP error: " . $e->getMessage()); + $errormsg = $e->getMessage(); + return $e->getMessage(); } } @@ -296,7 +297,7 @@ function user_exists_ldap($username) { } } -function get_account_status_ldap($username) { +function get_account_status_ldap($username, &$error) { global $ldap; try { $username = strtolower($username); @@ -340,7 +341,8 @@ function get_account_status_ldap($username) { return "OTHER"; } } catch (Exception $e) { - sendError("LDAP error: " . $e->getMessage()); + $error = $e->getMessage(); + return false; } }