mirror of
https://github.com/e107inc/e107.git
synced 2025-08-03 21:27:25 +02:00
Do not populate e_user_model as a logged in user if login failed
Fixes: #4236
This commit is contained in:
@@ -342,8 +342,8 @@ class userlogin
|
|||||||
* Note: PASSWORD IS NOT VERIFIED BY THIS ROUTINE
|
* Note: PASSWORD IS NOT VERIFIED BY THIS ROUTINE
|
||||||
* @param string $username - as entered
|
* @param string $username - as entered
|
||||||
* @param boolean $forceLogin - TRUE if login is being forced from clicking signup link; normally FALSE
|
* @param boolean $forceLogin - TRUE if login is being forced from clicking signup link; normally FALSE
|
||||||
* @return TRUE if name exists, and $this->userData array set up
|
* @return boolean TRUE if name exists, and $this->userData array set up
|
||||||
* otherwise FALSE
|
* FALSE otherwise
|
||||||
*/
|
*/
|
||||||
protected function lookupUser($username, $forceLogin)
|
protected function lookupUser($username, $forceLogin)
|
||||||
{
|
{
|
||||||
@@ -540,7 +540,7 @@ class userlogin
|
|||||||
global $pref, $sql;
|
global $pref, $sql;
|
||||||
|
|
||||||
$doCheck = FALSE; // Flag set if need to ban check
|
$doCheck = FALSE; // Flag set if need to ban check
|
||||||
|
$this->userData = array();
|
||||||
|
|
||||||
switch($reason)
|
switch($reason)
|
||||||
{
|
{
|
||||||
|
@@ -377,7 +377,15 @@
|
|||||||
|
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
/**
|
||||||
|
* @see https://github.com/e107inc/e107/issues/4236
|
||||||
|
*/
|
||||||
|
public function testUserLoginWrongCredentialsNotUser()
|
||||||
|
{
|
||||||
|
$user = e107::getUser();
|
||||||
|
$user->login("e107", "DefinitelyTheWrongPassword");
|
||||||
|
|
||||||
|
$this->assertFalse($user->isUser());
|
||||||
|
$this->assertEmpty($user->getData());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user