From fad92747bec989fd6728eb7349c9ede4674764ff Mon Sep 17 00:00:00 2001
From: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Thu, 30 Sep 2010 19:56:49 +0000
Subject: Fixes #617, #2271 User validation removed from core to
 UserValidationByEmail plugin. Without a validation plugin, users can login
 immediately. Fixes #2243 Removed "You have validated your email" email. Users
 are logged in immediately after registration or validating email. Refs #2409
 Added register, user plugin hook that is called only on self registration.
 Can be used to halt registration.

git-svn-id: http://code.elgg.org/elgg/trunk@6983 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/sessions.php | 18 ++++++------------
 1 file changed, 6 insertions(+), 12 deletions(-)

(limited to 'engine/lib/sessions.php')

diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index 3af571f5c..a61402577 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -160,19 +160,13 @@ function pam_auth_userpass($credentials = NULL) {
 
 	if (is_array($credentials) && ($credentials['username']) && ($credentials['password'])) {
 		if ($user = get_user_by_username($credentials['username'])) {
-
-			// Let admins log in without validating their email, but normal users must have validated their email or been admin created
-			if ((!$user->isAdmin()) && (!$user->validated) && (!$user->admin_created)) {
-				return false;
-			}
-
 			// User has been banned, so prevent from logging in
 			if ($user->isBanned()) {
-				return false;
+				return FALSE;
 			}
 
 			if ($user->password == generate_user_password($user, $credentials['password'])) {
-				return true;
+				return TRUE;
 			} else {
 				// Password failed, log.
 				log_login_failure($user->guid);
@@ -181,7 +175,7 @@ function pam_auth_userpass($credentials = NULL) {
 		}
 	}
 
-	return false;
+	return FALSE;
 }
 
 /**
@@ -303,17 +297,17 @@ function login(ElggUser $user, $persistent = false) {
 		$code = (md5($user->name . $user->username . time() . rand()));
 		$_SESSION['code'] = $code;
 		$user->code = md5($code);
-		setcookie("elggperm", $code, (time()+(86400 * 30)),"/");
+		setcookie("elggperm", $code, (time()+(86400 * 30)), "/");
 	}
 
-	if (!$user->save() || !trigger_elgg_event('login','user',$user)) {
+	if (!$user->save() || !trigger_elgg_event('login', 'user', $user)) {
 		unset($_SESSION['username']);
 		unset($_SESSION['name']);
 		unset($_SESSION['code']);
 		unset($_SESSION['guid']);
 		unset($_SESSION['id']);
 		unset($_SESSION['user']);
-		setcookie("elggperm", "", (time()-(86400 * 30)),"/");
+		setcookie("elggperm", "", (time()-(86400 * 30)), "/");
 		return false;
 	}
 
-- 
cgit v1.2.3