mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-05-02 02:07:52 +02:00
Code Issues Releases Wiki Activity

Extra logging with user-login audit is enabled.

Browse Source
This commit is contained in:
Cameron 2016-06-06 12:48:26 -07:00
parent 17ae1802f0
commit e2fc90e8a3
2 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
e107_handlers/login.php
View File

@ -449,7 +449,18 @@ class userlogin
else
{
// Plaintext password
//$this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Plaintext login",$aLogVal, FALSE,LOG_TO_ROLLING);
$auditLog = array(
'lookEmail' => $this->lookEmail,
'user_loginname' => $this->userData['user_loginname'],
'userpass' => $userpass,
'username' => $username,
'pwdHash' => $requiredPassword
);
e107::getAdminLog()->user_audit(USER_AUDIT_LOGIN, $auditLog, $this->userData['user_id'], $this->userData['user_name']);
if (($pass_result = $this->userMethods->CheckPassword($userpass,($this->lookEmail ? $this->userData['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID)
{
return $this->invalidLogin($username,LOGIN_BAD_PW);

2
e107_handlers/user_handler.php
View File

@ -180,7 +180,7 @@ class UserHandler
* @param string $login_name - string used to log in (could actually be email address)
* @param string $stored_hash - required value for password to match
*
* @return PASSWORD_INVALID|PASSWORD_VALID|string
* @return string PASSWORD_INVALID|PASSWORD_VALID|string
* PASSWORD_INVALID if no match
* PASSWORD_VALID if valid password
* Return a new hash to store if valid password but non-preferred encoding