summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorfisharebest <fisharebest@gmail.com>2011-11-02 21:13:10 +0000
committerfisharebest <fisharebest@gmail.com>2011-11-02 21:13:10 +0000
commit4a051c0ffe31bdc5c9cf76284fd4116d0566693e (patch)
treeca3dc18ae9f552e24f11f5e34d8eb3ba64e6d2d8 /includes
parent555d08f10c2efeff96db129c71fec27ee3447041 (diff)
downloadwebtrees-4a051c0ffe31bdc5c9cf76284fd4116d0566693e.tar.gz
webtrees-4a051c0ffe31bdc5c9cf76284fd4116d0566693e.tar.bz2
webtrees-4a051c0ffe31bdc5c9cf76284fd4116d0566693e.zip
Provide feedback for login when username/password is correct, but account is not verified or approved.
Diffstat (limited to 'includes')
-rw-r--r--includes/authentication.php32
1 files changed, 19 insertions, 13 deletions
diff --git a/includes/authentication.php b/includes/authentication.php
index 9484f0fc93..73f60b1411 100644
--- a/includes/authentication.php
+++ b/includes/authentication.php
@@ -35,16 +35,10 @@ if (!defined('WT_WEBTREES')) {
exit;
}
-/**
- * authenticate a username and password
- *
- * This function takes the given <var>$username</var> and <var>$password</var> and authenticates
- * them against the database. The passwords are encrypted using the crypt() function.
- * The username is stored in the <var>$_SESSION["wt_user"]</var> session variable.
- * @param string $user_name the username for the user attempting to login
- * @param string $password the plain text password to test
- * @return the user_id if successful, false otherwise
- */
+// authenticate a username and password
+//
+// On success, store the user-id in the session and return it
+// On failure, return an error code
function authenticateUser($user_name, $password) {
// If we were already logged in, log out first
if (getUserId()) {
@@ -53,17 +47,29 @@ function authenticateUser($user_name, $password) {
if ($user_id=get_user_id($user_name)) {
if (check_user_password($user_id, $password)) {
- if (get_user_setting($user_id, 'verified') && get_user_setting($user_id, 'verified_by_admin') || get_user_setting($user_id, 'canadmin')) {
+ $is_admin=get_user_setting($user_id, 'canadmin');
+ $verified=get_user_setting($user_id, 'verified');
+ $approved=get_user_setting($user_id, 'verified_by_admin');
+ if ($verified && $approved || $is_admin) {
// Whenever we change our authorisation level change the session ID
Zend_Session::regenerateId();
$_SESSION['wt_user'] = $user_id;
AddToLog('Login successful', 'auth');
return $user_id;
+ } elseif (!$is_admin && !$verified) {
+ AddToLog('Login failed ->'.$user_name.'<- not verified', 'auth');
+ return -1;
+ } elseif (!$is_admin && !$approved) {
+ AddToLog('Login failed ->'.$user_name.'<- not approved', 'auth');
+ return -2;
}
+ } else {
+ AddToLog('Login failed ->'.$user_name.'<- bad password', 'auth');
+ return -3;
}
}
- AddToLog('Login failed ->'.$user_name.'<-', 'auth');
- return false;
+ AddToLog('Login failed ->'.$user_name.'<- bad username', 'auth');
+ return -4;
}
/**