diff options
| author | kevinjardine <kevinjardine@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-02-24 15:27:49 +0000 |
|---|---|---|
| committer | kevinjardine <kevinjardine@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-02-24 15:27:49 +0000 |
| commit | f8bb7299ba4f1af6cfa4f9912d3e8d16a96b9b72 (patch) | |
| tree | 58f26cc42992217f1cfe18886d76c136b78ff91f /actions | |
| parent | c3c299a5995106c429819e641310844d1d9145ef (diff) | |
| download | elgg-f8bb7299ba4f1af6cfa4f9912d3e8d16a96b9b72.tar.gz elgg-f8bb7299ba4f1af6cfa4f9912d3e8d16a96b9b72.tar.bz2 | |
Attempts by unvalidated users to login or request new passwords now trigger plugin hooks (if available) or trigger the user validation event by default. Thus, in the default case, the user will be remailed a validation link. Addresses part of http://trac.elgg.org/elgg/ticket/759 .
git-svn-id: https://code.elgg.org/elgg/trunk@2924 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'actions')
| -rw-r--r-- | actions/login.php | 22 | ||||
| -rw-r--r-- | actions/user/requestnewpassword.php | 26 |
2 files changed, 39 insertions, 9 deletions
diff --git a/actions/login.php b/actions/login.php index b43a9e5e7..82b4d10b4 100644 --- a/actions/login.php +++ b/actions/login.php @@ -41,7 +41,27 @@ else forward("pg/dashboard/");
} else {
- register_error(elgg_echo('loginerror'));
+ $error_msg = elgg_echo('loginerror');
+ // figure out why the login failed
+ if (!empty($username) && !empty($password)) {
+ // See if it exists and is disabled
+ $access_status = access_get_show_hidden_status();
+ access_show_hidden_entities(true);
+ if (($user = get_user_by_username($username)) && !$user->validated) {
+ // give plugins a chance to respond
+ if (!trigger_plugin_hook('unvalidated_login_attempt','user',array('entity'=>$user))) {
+ // if plugins have not registered an action, the default action is to
+ // trigger the validation event again and assume that the validation
+ // event will display an appropriate message
+ trigger_elgg_event('validate', 'user', $user);
+ }
+ } else {
+ register_error(elgg_echo('loginerror'));
+ }
+ access_show_hidden_entities($access_status);
+ } else {
+ register_error(elgg_echo('loginerror'));
+ }
}
?>
\ No newline at end of file diff --git a/actions/user/requestnewpassword.php b/actions/user/requestnewpassword.php index de7147a7b..0e685adde 100644 --- a/actions/user/requestnewpassword.php +++ b/actions/user/requestnewpassword.php @@ -16,18 +16,28 @@ action_gatekeeper(); $username = get_input('username'); - +
+ $access_status = access_get_show_hidden_status();
+ access_show_hidden_entities(true); $user = get_user_by_username($username); if ($user) - { - if (send_new_password_request($user->guid)) - system_message(elgg_echo('user:password:resetreq:success')); - else - register_error(elgg_echo('user:password:resetreq:fail')); + {
+ if ($user->validated) { + if (send_new_password_request($user->guid)) + system_message(elgg_echo('user:password:resetreq:success')); + else + register_error(elgg_echo('user:password:resetreq:fail'));
+ } else if (!trigger_plugin_hook('unvalidated_requestnewpassword','user',array('entity'=>$user))) {
+ // if plugins have not registered an action, the default action is to
+ // trigger the validation event again and assume that the validation
+ // event will display an appropriate message
+ trigger_elgg_event('validate', 'user', $user);
+ } } else - register_error(sprintf(elgg_echo('user:username:notfound'), $username)); - + register_error(sprintf(elgg_echo('user:username:notfound'), $username));
+ + access_show_hidden_entities($access_status); forward($_SERVER['HTTP_REFERER']); exit; ?>
\ No newline at end of file |