<?php /** * Elgg login action * * @package Elgg.Core * @subpackage User.Authentication */ $username = get_input('username'); $password = get_input("password"); $persistent = get_input("persistent", FALSE); $result = FALSE; if (empty($username) || empty($password)) { register_error(elgg_echo('login:empty')); forward(); } // check if logging in with email address // @todo Are usernames with @ not allowed? if (strpos($username, '@') !== FALSE && ($users = get_user_by_email($username))) { $username = $users[0]->username; } $result = elgg_authenticate($username, $password); if ($result !== true) { register_error($result); forward(REFERER); } $user = get_user_by_username($username); if (!$user) { register_error(elgg_echo('login:baduser')); forward(REFERER); } try { login($user, $persistent); } catch (LoginException $e) { register_error($e->getMessage()); forward(REFERER); } // forward to correct page if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) { $forward_url = $_SESSION['last_forward_from']; unset($_SESSION['last_forward_from']); } elseif (get_input('returntoreferer')) { $forward_url = REFERER; } else { // forward to main index page $forward_url = ''; } system_message(elgg_echo('loginok')); forward($forward_url);