blob: ef6b0b8984f08a22a2f6a2cfb7ee585c429176c6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
<?php
/**
* Elgg login action
*
* @package Elgg
* @subpackage Core
* @author Curverider Ltd
* @link http://elgg.org/
*/
// Get username and password
$username = get_input('username');
$password = get_input("password");
$persistent = get_input("persistent", false);
// If all is present and correct, try to log in
$result = false;
if (!empty($username) && !empty($password)) {
// check first if this is an email address and do a login
// email addies will be validated
if (strpos($username, '@') !== FALSE && ($user=get_user_by_email($username))) {
$username = $user[0]->username;
}
if ($user = authenticate($username, $password)) {
$result = login($user, $persistent);
}
}
// Set the system_message as appropriate
if ($result) {
system_message(elgg_echo('loginok'));
if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
$forward_url = $_SESSION['last_forward_from'];
unset($_SESSION['last_forward_from']);
forward($forward_url);
} else {
if (get_input('returntoreferer')) {
forward($_SERVER['HTTP_REFERER']);
} else {
// forward to index for front page overrides.
// index will forward to dashboard if appropriate.
forward('index.php');
}
}
} else {
$error_msg = elgg_echo('loginerror');
// figure out why the login failed
if (!empty($username) && !empty($password)) {
// See if it exists and is disabled
$access_status = access_get_show_hidden_status();
access_show_hidden_entities(true);
if (($user = get_user_by_username($username)) && !$user->validated) {
// give plugins a chance to respond
if (!trigger_plugin_hook('unvalidated_login_attempt','user',array('entity'=>$user))) {
// if plugins have not registered an action, the default action is to
// trigger the validation event again and assume that the validation
// event will display an appropriate message
trigger_elgg_event('validate', 'user', $user);
}
} else {
register_error(elgg_echo('loginerror'));
}
access_show_hidden_entities($access_status);
} else {
register_error(elgg_echo('loginerror'));
}
}
|