@@ -114,6 +114,7 @@ if (!is_empty($_GET['page'])) { | |||
?> | |||
</ul> | |||
<ul class="nav navbar-nav navbar-right"> | |||
<li><span class="navbar-text navbar-link"><i class="fa fa-user fa-fw"></i> <?php echo $_SESSION['realname'] ?></span></li> | |||
<li><a href="action.php?action=signout"><i class="fa fa-sign-out fa-fw"></i> <?php lang("sign out") ?></a></li> | |||
</ul> | |||
</div> |
@@ -14,7 +14,8 @@ $multiauth = false; | |||
if (checkLoginServer()) { | |||
if ($VARS['progress'] == "1") { | |||
if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) { | |||
if (authenticate_user($VARS['username'], $VARS['password'])) { | |||
$errmsg = ""; | |||
if (authenticate_user($VARS['username'], $VARS['password'], $errmsg)) { | |||
switch (get_account_status($VARS['username'])) { | |||
case "LOCKED_OR_DISABLED": | |||
$alert = lang("account locked", false); | |||
@@ -43,7 +44,11 @@ if (checkLoginServer()) { | |||
} | |||
} | |||
} else { | |||
$alert = lang("login incorrect", false); | |||
if (!is_empty($errmsg)) { | |||
$alert = lang2("login server error", ['arg' => $errmsg], false); | |||
} else { | |||
$alert = lang("login incorrect", false); | |||
} | |||
} | |||
} else { | |||
$alert = lang("captcha error", false); |
@@ -45,7 +45,7 @@ function checkLoginServer() { | |||
* @param string $password | |||
* @return boolean True if OK, else false | |||
*/ | |||
function authenticate_user($username, $password) { | |||
function authenticate_user($username, $password, &$errmsg) { | |||
$client = new GuzzleHttp\Client(); | |||
$response = $client | |||
@@ -66,6 +66,7 @@ function authenticate_user($username, $password) { | |||
if ($resp['status'] == "OK") { | |||
return true; | |||
} else { | |||
$errmsg = $resp['msg']; | |||
return false; | |||
} | |||
} | |||
@@ -98,6 +99,34 @@ function user_exists($username) { | |||
} | |||
} | |||
/** | |||
* Check if a UID exists. | |||
* @param String $uid | |||
*/ | |||
function uid_exists($uid) { | |||
$client = new GuzzleHttp\Client(); | |||
$response = $client | |||
->request('POST', PORTAL_API, [ | |||
'form_params' => [ | |||
'key' => PORTAL_KEY, | |||
'action' => "userexists", | |||
'uid' => $uid | |||
] | |||
]); | |||
if ($response->getStatusCode() > 299) { | |||
sendError("Login server error: " . $response->getBody()); | |||
} | |||
$resp = json_decode($response->getBody(), TRUE); | |||
if ($resp['status'] == "OK" && $resp['exists'] === true) { | |||
return true; | |||
} else { | |||
return false; | |||
} | |||
} | |||
/** | |||
* Get the account status: NORMAL, TERMINATED, LOCKED_OR_DISABLED, | |||
* CHANGE_PASSWORD, or ALERT_ON_ACCESS |