aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/sessions.php
diff options
context:
space:
mode:
authorbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-09-30 19:56:49 +0000
committerbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-09-30 19:56:49 +0000
commitfad92747bec989fd6728eb7349c9ede4674764ff (patch)
tree6f1c6ca613dff0af2a769c6b13aa97d00cb432a9 /engine/lib/sessions.php
parent9af90ffc9a20033ca9fdd9182122c01600a0867b (diff)
downloadelgg-fad92747bec989fd6728eb7349c9ede4674764ff.tar.gz
elgg-fad92747bec989fd6728eb7349c9ede4674764ff.tar.bz2
Fixes #617, #2271 User validation removed from core to UserValidationByEmail plugin. Without a validation plugin, users can login immediately.
Fixes #2243 Removed "You have validated your email" email. Users are logged in immediately after registration or validating email. Refs #2409 Added register, user plugin hook that is called only on self registration. Can be used to halt registration. git-svn-id: http://code.elgg.org/elgg/trunk@6983 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib/sessions.php')
-rw-r--r--engine/lib/sessions.php18
1 files changed, 6 insertions, 12 deletions
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index 3af571f5c..a61402577 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -160,19 +160,13 @@ function pam_auth_userpass($credentials = NULL) {
if (is_array($credentials) && ($credentials['username']) && ($credentials['password'])) {
if ($user = get_user_by_username($credentials['username'])) {
-
- // Let admins log in without validating their email, but normal users must have validated their email or been admin created
- if ((!$user->isAdmin()) && (!$user->validated) && (!$user->admin_created)) {
- return false;
- }
-
// User has been banned, so prevent from logging in
if ($user->isBanned()) {
- return false;
+ return FALSE;
}
if ($user->password == generate_user_password($user, $credentials['password'])) {
- return true;
+ return TRUE;
} else {
// Password failed, log.
log_login_failure($user->guid);
@@ -181,7 +175,7 @@ function pam_auth_userpass($credentials = NULL) {
}
}
- return false;
+ return FALSE;
}
/**
@@ -303,17 +297,17 @@ function login(ElggUser $user, $persistent = false) {
$code = (md5($user->name . $user->username . time() . rand()));
$_SESSION['code'] = $code;
$user->code = md5($code);
- setcookie("elggperm", $code, (time()+(86400 * 30)),"/");
+ setcookie("elggperm", $code, (time()+(86400 * 30)), "/");
}
- if (!$user->save() || !trigger_elgg_event('login','user',$user)) {
+ if (!$user->save() || !trigger_elgg_event('login', 'user', $user)) {
unset($_SESSION['username']);
unset($_SESSION['name']);
unset($_SESSION['code']);
unset($_SESSION['guid']);
unset($_SESSION['id']);
unset($_SESSION['user']);
- setcookie("elggperm", "", (time()-(86400 * 30)),"/");
+ setcookie("elggperm", "", (time()-(86400 * 30)), "/");
return false;
}