maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

show whether a customer is deavtivated after successful login rather then nothing at all

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2015-02-08 16:07:24 +01:00
parent f711b03b4f
commit f36dbc1938
1 changed files with 22 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
index.php
View File

@@ -119,6 +119,13 @@ if ($action == 'login') {
redirectTo('index.php', array('showmessage' => '3')); redirectTo('index.php', array('showmessage' => '3'));
exit; exit;
} elseif (validatePasswordLogin($userinfo, $password, $table, $uid)) { } elseif (validatePasswordLogin($userinfo, $password, $table, $uid)) {
// only show "you're banned" if the login was successfull
// because we don't want to publish that the user does exist
if ($userinfo['deactivated']) {
unset($userinfo);
redirectTo('index.php', array('showmessage' => '5'));
exit;
} else {
// login correct // login correct
// reset loginfail_counter, set lastlogin_succ // reset loginfail_counter, set lastlogin_succ
$stmt = Database::prepare("UPDATE $table $stmt = Database::prepare("UPDATE $table
@@ -128,6 +135,7 @@ if ($action == 'login') {
Database::pexecute($stmt, array("lastlogin_succ" => time(), "uid" => $userinfo[$uid])); Database::pexecute($stmt, array("lastlogin_succ" => time(), "uid" => $userinfo[$uid]));
$userinfo['userid'] = $userinfo[$uid]; $userinfo['userid'] = $userinfo[$uid];
$userinfo['adminsession'] = $adminsession; $userinfo['adminsession'] = $adminsession;
}
} else { } else {
// login incorrect // login incorrect
$stmt = Database::prepare("UPDATE $table $stmt = Database::prepare("UPDATE $table
@@ -269,6 +277,9 @@ if ($action == 'login') {
case 7: case 7:
$message = $lng['pwdreminder']['wrongcode']; $message = $lng['pwdreminder']['wrongcode'];
break; break;
case 8:
$message = $lng['pwdreminder']['notallowed'];
break;
} }
$update_in_progress = ''; $update_in_progress = '';
@@ -326,8 +337,8 @@ if ($action == 'forgotpwd') {
/* Check whether user is banned */ /* Check whether user is banned */
if ($user['deactivated']) { if ($user['deactivated']) {
$message = $lng['pwdreminder']['notallowed']; redirectTo('index.php', array('showmessage' => '8'));
redirectTo('index.php', array('showmessage' => '5')); exit;
} }
if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) { if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) {