261 $s = ( $time_rem == 1 ) ? '' : $lang->get('meta_plural'); |
261 $s = ( $time_rem == 1 ) ? '' : $lang->get('meta_plural'); |
262 |
262 |
263 $captcha_string = ( $__login_status['lockout_policy'] == 'captcha' ) ? $lang->get('user_err_locked_out_captcha_blurb') : ''; |
263 $captcha_string = ( $__login_status['lockout_policy'] == 'captcha' ) ? $lang->get('user_err_locked_out_captcha_blurb') : ''; |
264 $errstring = $lang->get('user_err_locked_out', array('plural' => $s, 'captcha_blurb' => $captcha_string, 'time_rem' => $time_rem)); |
264 $errstring = $lang->get('user_err_locked_out', array('plural' => $s, 'captcha_blurb' => $captcha_string, 'time_rem' => $time_rem)); |
265 |
265 |
|
266 break; |
|
267 default: |
|
268 $errstring = $lang->get($errstring); |
266 break; |
269 break; |
267 } |
270 } |
268 echo '<div class="error-box-mini">'.$errstring.'</div>'; |
271 echo '<div class="error-box-mini">'.$errstring.'</div>'; |
269 } |
272 } |
270 if ( $p = $paths->getAllParams() ) |
273 if ( $p = $paths->getAllParams() ) |
341 </tr> |
344 </tr> |
342 <?php |
345 <?php |
343 } |
346 } |
344 ?> |
347 ?> |
345 <?php |
348 <?php |
|
349 $code = $plugins->setHook('login_form_html'); |
|
350 foreach ( $code as $cmd ) |
|
351 { |
|
352 eval($cmd); |
|
353 } |
346 if ( $level <= USER_LEVEL_MEMBER ) |
354 if ( $level <= USER_LEVEL_MEMBER ) |
347 { |
355 { |
348 // "remember me" switch |
356 // "remember me" switch |
349 // first order of business is to determine what the checkbox should say |
357 // first order of business is to determine what the checkbox should say |
350 $session_time = intval(getConfig('session_remember_time', '30')); |
358 $session_time = intval(getConfig('session_remember_time', '30')); |
502 'error' => $e->getMessage() |
510 'error' => $e->getMessage() |
503 ); |
511 ); |
504 return false; |
512 return false; |
505 } |
513 } |
506 |
514 |
507 $result = $session->login_without_crypto($_POST['username'], $password, false, intval($_POST['auth_level']), $captcha_hash, $captcha_code, isset($_POST['remember'])); |
515 // These are to allow auth plugins to work universally between JSON and HTML login forms |
|
516 $userinfo =& $_POST; |
|
517 $req = array( |
|
518 'level' => intval($_POST['auth_level']), |
|
519 'remember' => isset($_POST['remember']) |
|
520 ); |
|
521 |
|
522 // At this point if any extra fields were injected into the login form, we need to let plugins process it |
|
523 |
|
524 /** |
|
525 * Called upon processing an incoming login request from the plain HTML login form.. If you added anything to the form, |
|
526 * that will be in the $userinfo array here and on $_POST. Expected return values are: true if your plugin has |
|
527 * not only succeeded but ALSO issued a session key (bypass the whole Enano builtin login process) and an associative array |
|
528 * with "mode" set to "error" and an error string in "error" to send an error back to the client. Any return value other |
|
529 * than these will be ignored. |
|
530 * @hook login_process_userdata_json |
|
531 */ |
|
532 |
|
533 $skip_normal_login = false; |
|
534 |
|
535 $code = $plugins->setHook('login_process_userdata_json'); |
|
536 foreach ( $code as $cmd ) |
|
537 { |
|
538 $result = eval($cmd); |
|
539 if ( $result === true ) |
|
540 { |
|
541 $skip_normal_login = true; |
|
542 $result = array('success' => true); |
|
543 break; |
|
544 } |
|
545 else if ( is_array($result) ) |
|
546 { |
|
547 if ( isset($result['mode']) && $result['mode'] === 'error' && isset($result['error']) ) |
|
548 { |
|
549 $__login_status = array( |
|
550 'mode' => 'error', |
|
551 'error' => $result['error'] |
|
552 ); |
|
553 return false; |
|
554 } |
|
555 } |
|
556 } |
|
557 |
|
558 if ( !$skip_normal_login ) |
|
559 { |
|
560 $result = $session->login_without_crypto($_POST['username'], $password, false, intval($_POST['auth_level']), $captcha_hash, $captcha_code, isset($_POST['remember'])); |
|
561 } |
508 |
562 |
509 if($result['success']) |
563 if($result['success']) |
510 { |
564 { |
511 $session->start(); |
565 $session->start(); |
512 |
566 |