Add uid_exists($uid), better login error messages

3 년 전 · de4dcc37bc
--- a/app.php
+++ b/app.php
@@ -114,6 +114,7 @@ if (!is_empty($_GET['page'])) {
                            ?>
                        </ul>
                        <ul class="nav navbar-nav navbar-right">
                            <li><span class="navbar-text navbar-link"><i class="fa fa-user fa-fw"></i> <?php echo $_SESSION['realname'] ?></span></li>
                            <li><a href="action.php?action=signout"><i class="fa fa-sign-out fa-fw"></i> <?php lang("sign out") ?></a></li>
                        </ul>
                    </div>
--- a/index.php
+++ b/index.php
@@ -14,7 +14,8 @@ $multiauth = false;
 if (checkLoginServer()) {
    if ($VARS['progress'] == "1") {
        if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) {
            if (authenticate_user($VARS['username'], $VARS['password'])) {
            $errmsg = "";
            if (authenticate_user($VARS['username'], $VARS['password'], $errmsg)) {
                switch (get_account_status($VARS['username'])) {
                    case "LOCKED_OR_DISABLED":
                        $alert = lang("account locked", false);
@@ -43,7 +44,11 @@ if (checkLoginServer()) {
                    }
                }
            } else {
                $alert = lang("login incorrect", false);
                if (!is_empty($errmsg)) {
                    $alert = lang2("login server error", ['arg' => $errmsg], false);
                } else {
                    $alert = lang("login incorrect", false);
                }
            }
        } else {
            $alert = lang("captcha error", false);
--- a/lib/login.php
+++ b/lib/login.php
@@ -45,7 +45,7 @@ function checkLoginServer() {
 * @param string $password
 * @return boolean True if OK, else false
 */
 function authenticate_user($username, $password) {
 function authenticate_user($username, $password, &$errmsg) {
    $client = new GuzzleHttp\Client();

    $response = $client
@@ -66,6 +66,7 @@ function authenticate_user($username, $password) {
    if ($resp['status'] == "OK") {
        return true;
    } else {
        $errmsg = $resp['msg'];
        return false;
    }
 }
@@ -98,6 +99,34 @@ function user_exists($username) {
    }
 }

 /**
 * Check if a UID exists.
 * @param String $uid
 */
 function uid_exists($uid) {
    $client = new GuzzleHttp\Client();

    $response = $client
            ->request('POST', PORTAL_API, [
        'form_params' => [
            'key' => PORTAL_KEY,
            'action' => "userexists",
            'uid' => $uid
        ]
    ]);

    if ($response->getStatusCode() > 299) {
        sendError("Login server error: " . $response->getBody());
    }

    $resp = json_decode($response->getBody(), TRUE);
    if ($resp['status'] == "OK" && $resp['exists'] === true) {
        return true;
    } else {
        return false;
    }
 }

 /**
 * Get the account status: NORMAL, TERMINATED, LOCKED_OR_DISABLED,
 * CHANGE_PASSWORD, or ALERT_ON_ACCESS