Business
/
NickelBox
2
0
Fork 0
Code Issues 7 Pull Requests Releases Wiki Activity

Add uid_exists($uid), better login error messages

Browse Source
master
Skylar Ittner 7 years ago
parent eaeb8806a1
commit de4dcc37bc
3 changed files with 38 additions and 3 deletions
Show Stats Download Patch File Download Diff File

1
app.php
Unescape Escape View File

@ -114,6 +114,7 @@ if (!is_empty($_GET['page'])) {
?> ?>
</ul> </ul>
<ul class="nav navbar-nav navbar-right"> <ul class="nav navbar-nav navbar-right">
<li><span class="navbar-text navbar-link"><i class="fa fa-user fa-fw"></i> <?php echo $_SESSION['realname'] ?></span></li>
<li><a href="action.php?action=signout"><i class="fa fa-sign-out fa-fw"></i> <?php lang("sign out") ?></a></li> <li><a href="action.php?action=signout"><i class="fa fa-sign-out fa-fw"></i> <?php lang("sign out") ?></a></li>
</ul> </ul>
</div> </div>

9
index.php
Unescape Escape View File

@ -14,7 +14,8 @@ $multiauth = false;
if (checkLoginServer()) { if (checkLoginServer()) {
if ($VARS['progress'] == "1") { if ($VARS['progress'] == "1") {
if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) { if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) {
if (authenticate_user($VARS['username'], $VARS['password'])) { $errmsg = "";
if (authenticate_user($VARS['username'], $VARS['password'], $errmsg)) {
switch (get_account_status($VARS['username'])) { switch (get_account_status($VARS['username'])) {
case "LOCKED_OR_DISABLED": case "LOCKED_OR_DISABLED":
$alert = lang("account locked", false); $alert = lang("account locked", false);
@ -43,7 +44,11 @@ if (checkLoginServer()) {
} }
} }
} else { } else {
$alert = lang("login incorrect", false); if (!is_empty($errmsg)) {
$alert = lang2("login server error", ['arg' => $errmsg], false);
} else {
$alert = lang("login incorrect", false);
}
} }
} else { } else {
$alert = lang("captcha error", false); $alert = lang("captcha error", false);

31
lib/login.php
Unescape Escape View File

@ -45,7 +45,7 @@ function checkLoginServer() {
* @param string $password * @param string $password
* @return boolean True if OK, else false * @return boolean True if OK, else false
*/ */
function authenticate_user($username, $password) { function authenticate_user($username, $password, &$errmsg) {
$client = new GuzzleHttp\Client(); $client = new GuzzleHttp\Client();
$response = $client $response = $client
@ -66,6 +66,7 @@ function authenticate_user($username, $password) {
if ($resp['status'] == "OK") { if ($resp['status'] == "OK") {
return true; return true;
} else { } else {
$errmsg = $resp['msg'];
return false; return false;
} }
} }
@ -98,6 +99,34 @@ function user_exists($username) {
} }
} }
/**
* Check if a UID exists.
* @param String $uid
*/
function uid_exists($uid) {
$client = new GuzzleHttp\Client();
$response = $client
->request('POST', PORTAL_API, [
'form_params' => [
'key' => PORTAL_KEY,
'action' => "userexists",
'uid' => $uid
]
]);
if ($response->getStatusCode() > 299) {
sendError("Login server error: " . $response->getBody());
}
$resp = json_decode($response->getBody(), TRUE);
if ($resp['status'] == "OK" && $resp['exists'] === true) {
return true;
} else {
return false;
}
}
/** /**
* Get the account status: NORMAL, TERMINATED, LOCKED_OR_DISABLED, * Get the account status: NORMAL, TERMINATED, LOCKED_OR_DISABLED,
* CHANGE_PASSWORD, or ALERT_ON_ACCESS * CHANGE_PASSWORD, or ALERT_ON_ACCESS

Write Preview
Loading…
Cancel
Save