From 25530a3caf7ea6714f22830a4792756507a722b0 Mon Sep 17 00:00:00 2001
From: cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Sun, 14 Nov 2010 23:22:13 +0000
Subject: Refs #1417 Elgg core now passes back useful messages to user when log
 in fails - uservalidationbyemail is next

git-svn-id: http://code.elgg.org/elgg/trunk@7317 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 actions/login.php | 64 ++++++++++++++++++++++++-------------------------------
 1 file changed, 28 insertions(+), 36 deletions(-)

(limited to 'actions')

diff --git a/actions/login.php b/actions/login.php
index 936d0a7d9..1b4fbe1fd 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -12,53 +12,45 @@ $persistent = get_input("persistent", FALSE);
 $result = FALSE;
 
 if (empty($username) || empty($password)) {
-	register_error(elgg_echo('loginerror'));
+	register_error(elgg_echo('login:empty'));
 	forward();
 }
 
-// check first if logging in with email address
+// check if logging in with email address
+// @todo Are usernames with @ not allowed?
 if (strpos($username, '@') !== FALSE && ($users = get_user_by_email($username))) {
 	$username = $users[0]->username;
 }
 
-if ($user = authenticate($username, $password)) {
-	$result = login($user, $persistent);
+$result = elgg_authenticate($username, $password);
+if ($result !== true) {
+	register_error($result);
+	forward(REFERER);
 }
 
-// forward to correct page
-if ($result) {
-	system_message(elgg_echo('loginok'));
+$user = get_user_by_username($username);
+if (!$user) {
+	register_error(elgg_echo('login:baduser'));
+	forward(REFERER);
+}
 
-	if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
-		$forward_url = $_SESSION['last_forward_from'];
-		unset($_SESSION['last_forward_from']);
+try {
+	login($user, $persistent);
+} catch (LoginException $e) {
+	register_error($e->getMessage());
+	forward(REFERER);
+}
 
-		forward($forward_url);
-	} else {
-		if (get_input('returntoreferer')) {
-			forward(REFERER);
-		} else {
-			// forward to index for front page overrides.
-			// index will forward to dashboard if appropriate.
-			forward('index.php');
-		}
-	}
+// forward to correct page
+if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
+	$forward_url = $_SESSION['last_forward_from'];
+	unset($_SESSION['last_forward_from']);
+} elseif (get_input('returntoreferer')) {
+	$forward_url = REFERER;
 } else {
-	register_error(elgg_echo('loginerror'));
-	//	// let a plugin hook say why login failed or react to it.
-	//	$params = array(
-	//		'username' => $username,
-	//		'password' => $password,
-	//		'persistent' => $persistent,
-	//		'user' => $user
-	//	);
-	//
-	//	// Returning FALSE to this function will generate a standard
-	//	// "Could not log you in" message.
-	//	// Plugins should use this hook to provide details, and then return TRUE.
-	//	if (!elgg_trigger_plugin_hook('failed_login', 'user', $params, FALSE)) {
-	//		register_error(elgg_echo('loginerror'));
-	//	}
+	// forward to main index page
+	$forward_url = '';
 }
 
-forward(REFERRER);
+system_message(elgg_echo('loginok'));
+forward($forward_url);
-- 
cgit v1.2.3