aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/sessions.php
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib/sessions.php')
-rw-r--r--engine/lib/sessions.php5
1 files changed, 5 insertions, 0 deletions
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index 2c84b2d1f..a47415d64 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -75,7 +75,12 @@
{
//$dbpassword = md5($credentials['password']);
+
if ($user = get_user_by_username($credentials['username'])) {
+ // Let admins log in without validating their email, but normal users must have validated their email
+ if ((!$user->admin) && (!$user->validated_email))
+ return false;
+
if ($user->password == generate_user_password($user, $credentials['password'])) {
return true;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 11:11:28 +0000