Pārlūkot izejas kodu

Add uid_exists($uid), better login error messages

master
Skylar Ittner pirms 2 gadiem
vecāks
revīzija
de4dcc37bc
3 mainītis faili ar 38 papildinājumiem un 3 dzēšanām
  1. 1
    0
      app.php
  2. 7
    2
      index.php
  3. 30
    1
      lib/login.php

+ 1
- 0
app.php Parādīt failu

@@ -114,6 +114,7 @@ if (!is_empty($_GET['page'])) {
?>
</ul>
<ul class="nav navbar-nav navbar-right">
<li><span class="navbar-text navbar-link"><i class="fa fa-user fa-fw"></i> <?php echo $_SESSION['realname'] ?></span></li>
<li><a href="action.php?action=signout"><i class="fa fa-sign-out fa-fw"></i> <?php lang("sign out") ?></a></li>
</ul>
</div>

+ 7
- 2
index.php Parādīt failu

@@ -14,7 +14,8 @@ $multiauth = false;
if (checkLoginServer()) {
if ($VARS['progress'] == "1") {
if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) {
if (authenticate_user($VARS['username'], $VARS['password'])) {
$errmsg = "";
if (authenticate_user($VARS['username'], $VARS['password'], $errmsg)) {
switch (get_account_status($VARS['username'])) {
case "LOCKED_OR_DISABLED":
$alert = lang("account locked", false);
@@ -43,7 +44,11 @@ if (checkLoginServer()) {
}
}
} else {
$alert = lang("login incorrect", false);
if (!is_empty($errmsg)) {
$alert = lang2("login server error", ['arg' => $errmsg], false);
} else {
$alert = lang("login incorrect", false);
}
}
} else {
$alert = lang("captcha error", false);

+ 30
- 1
lib/login.php Parādīt failu

@@ -45,7 +45,7 @@ function checkLoginServer() {
* @param string $password
* @return boolean True if OK, else false
*/
function authenticate_user($username, $password) {
function authenticate_user($username, $password, &$errmsg) {
$client = new GuzzleHttp\Client();

$response = $client
@@ -66,6 +66,7 @@ function authenticate_user($username, $password) {
if ($resp['status'] == "OK") {
return true;
} else {
$errmsg = $resp['msg'];
return false;
}
}
@@ -98,6 +99,34 @@ function user_exists($username) {
}
}

/**
* Check if a UID exists.
* @param String $uid
*/
function uid_exists($uid) {
$client = new GuzzleHttp\Client();

$response = $client
->request('POST', PORTAL_API, [
'form_params' => [
'key' => PORTAL_KEY,
'action' => "userexists",
'uid' => $uid
]
]);

if ($response->getStatusCode() > 299) {
sendError("Login server error: " . $response->getBody());
}

$resp = json_decode($response->getBody(), TRUE);
if ($resp['status'] == "OK" && $resp['exists'] === true) {
return true;
} else {
return false;
}
}

/**
* Get the account status: NORMAL, TERMINATED, LOCKED_OR_DISABLED,
* CHANGE_PASSWORD, or ALERT_ON_ACCESS

Notiek ielāde…
Atcelt
Saglabāt