Closes #190. Note however that logins will be broken until #104 has been resolved!

git-svn-id: https://code.elgg.org/elgg/trunk@1647 36083f99-b078-4883-b0ff-0f9b5a30f544
author: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> 2008-08-01 11:47:09 +0000
committer: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> 2008-08-01 11:47:09 +0000
commit: 2ce92903011fac8c5246c8384b440e5f3daa190f (patch)
tree: 35d0022aab71644f36fb76f4218ec021c22fe0b5 /engine/lib/sessions.php
parent: 677c4d7722473de9a9d32c03fd6be5b2f30e10c2 (diff)
download: elgg-2ce92903011fac8c5246c8384b440e5f3daa190f.tar.gz
elgg-2ce92903011fac8c5246c8384b440e5f3daa190f.tar.bz2
1 files changed, 5 insertions, 0 deletions
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index 2c84b2d1f..a47415d64 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -75,7 +75,12 @@
 			{
 				//$dbpassword = md5($credentials['password']);
             
+				
 	            if ($user = get_user_by_username($credentials['username'])) {
+	            	// Let admins log in without validating their email, but normal users must have validated their email
+					if ((!$user->admin) && (!$user->validated_email))
+						return false;
+	            	
 	                 if ($user->password == generate_user_password($user, $credentials['password'])) {
 	                 	return true;
 	                 }
author	marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>	2008-08-01 11:47:09 +0000
committer	marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>	2008-08-01 11:47:09 +0000
commit	2ce92903011fac8c5246c8384b440e5f3daa190f (patch)
tree	35d0022aab71644f36fb76f4218ec021c22fe0b5 /engine/lib/sessions.php
parent	677c4d7722473de9a9d32c03fd6be5b2f30e10c2 (diff)
download	elgg-2ce92903011fac8c5246c8384b440e5f3daa190f.tar.gz elgg-2ce92903011fac8c5246c8384b440e5f3daa190f.tar.bz2