mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-04-21 13:11:52 +02:00
Code Issues Releases Wiki Activity

Fixes #1684 Login failure with email and salt.

Browse Source
This commit is contained in:
Cameron 2016-06-06 15:42:42 -07:00
parent 815ca78cdf
commit 32bd1d04ab
3 changed files with 33 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
e107_admin/auth.php
View File

@ -152,11 +152,10 @@ else
$class_list[] = e_UC_MEMBER;
$class_list[] = e_UC_PUBLIC;
$user_logging_opts = e107::getConfig()->get('user_audit_opts');
if (isset($user_logging_opts[USER_AUDIT_LOGIN]) && in_array(varset($pref['user_audit_class'], ''), $class_list))
{ // Need to note in user audit trail
e107::getAdminLog()->user_audit(USER_AUDIT_LOGIN, '', $user_id, $user_name);
if (in_array(varset($pref['user_audit_class'], ''), $class_list))
{
e107::getAdminLog()->user_audit(USER_AUDIT_LOGIN, 'Login via admin page', $row['user_id'], $row['user_name']);
}
$edata_li = array("user_id"=>$row['user_id'], "user_name"=>$row['user_name'], 'class_list'=>implode(',', $class_list), 'user_admin'=> $row['user_admin']);

7
e107_handlers/admin_log_class.php
View File

@ -434,6 +434,13 @@ class e_admin_log
return false;
}
if(empty($event_data))
{
$backt = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS,4);
$event_data = $backt;
}
if($this->rldb == null)
{
$this->rldb = e107::getDb('rldb'); // Better use our own db - don't know what else is going on

40
e107_handlers/login.php
View File

@ -253,10 +253,11 @@ class userlogin
// $user_logging_opts = e107::getConfig()->get('user_audit_opts');
if (in_array(varset($pref['user_audit_class'],''), $class_list))
/* if (in_array(varset($pref['user_audit_class'],''), $class_list))
{ // Need to note in user audit trail
e107::getLog()->user_audit(USER_AUDIT_LOGIN,'', $user_id, $user_name);
}
$log = e107::getLog();
$log->user_audit(USER_AUDIT_LOGIN,'', $user_id, $user_name);
}*/
$edata_li = array('user_id' => $user_id, 'user_name' => $user_name, 'class_list' => implode(',',$class_list), 'remember_me' => $autologin, 'user_admin'=>$user_admin, 'user_email'=> $user_email);
e107::getEvent()->trigger("login", $edata_li);
@ -434,9 +435,7 @@ class userlogin
$requiredPassword = $this->userData['user_password'];
}
// FIXME - [SecretR] $username is not set and I really can't get the idea.
//$username = $this->userData['user_loginname']; // TODO for Steve - temporary fix, where $username comes from?
// Now check password
if ($forceLogin)
{
@ -458,29 +457,34 @@ class userlogin
return $this->invalidLogin($username,LOGIN_CHAP_FAIL);
}
}
else
else // Plaintext password
{
// Plaintext password
$login_name = ($this->lookEmail) ? $this->userData['user_loginname'] : $username;
$auditLog = array(
'lookEmail' => $this->lookEmail,
'user_loginname' => $this->userData['user_loginname'],
'type' => (($this->lookEmail) ? 'email' : 'userlogin'),
'login_name' => $login_name,
'userpass' => $userpass,
'username' => $username,
'pwdHash' => $requiredPassword
'pwdHash' => $requiredPassword
);
$log->user_audit(USER_AUDIT_LOGIN, $auditLog, $this->userData['user_id'], $this->userData['user_name']);
if (($pass_result = $this->userMethods->CheckPassword($userpass,($this->lookEmail ? $this->userData['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID)
if (($pass_result = $this->userMethods->CheckPassword($userpass, $login_name, $requiredPassword)) === PASSWORD_INVALID)
{
$auditLog['result'] = $pass_result;
$log->user_audit(USER_AUDIT_LOGIN, $auditLog, $this->userData['user_id'], $this->userData['user_name']);
return $this->invalidLogin($username,LOGIN_BAD_PW);
}
$auditLog['result'] = $pass_result;
$log->user_audit(USER_AUDIT_LOGIN, $auditLog, $this->userData['user_id'], $this->userData['user_name']);
}
$this->passResult = $pass_result;
}
return TRUE;
return true;
}