Extra logging with user-login audit is enabled.

2025-08-05 06:07:32 +02:00 · 2016-06-06 12:48:26 -07:00
parent 17ae1802f0
commit e2fc90e8a3
2 changed files with 13 additions and 2 deletions
--- a/e107_handlers/login.php
+++ b/e107_handlers/login.php
@@ -449,7 +449,18 @@ class userlogin
 			else
 			{
 				// Plaintext password
-			  	//$this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Plaintext login",$aLogVal, FALSE,LOG_TO_ROLLING);
+			  	$auditLog = array(
 					'lookEmail'         => $this->lookEmail,
 					'user_loginname'    => $this->userData['user_loginname'],
 					'userpass'          => $userpass,
 					'username'      => $username,
 					'pwdHash'       => $requiredPassword
 				);
 				e107::getAdminLog()->user_audit(USER_AUDIT_LOGIN, $auditLog, $this->userData['user_id'], $this->userData['user_name']);
 				if (($pass_result = $this->userMethods->CheckPassword($userpass,($this->lookEmail ? $this->userData['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID)
 				{
 					return $this->invalidLogin($username,LOGIN_BAD_PW);
--- a/e107_handlers/user_handler.php
+++ b/e107_handlers/user_handler.php
@@ -180,7 +180,7 @@ class UserHandler
 	 *	@param string $login_name - string used to log in (could actually be email address)
 	 *	@param string $stored_hash - required value for password to match
 	 *
-	 *	@return PASSWORD_INVALID|PASSWORD_VALID|string
+	 *	@return string PASSWORD_INVALID|PASSWORD_VALID|string
 	 *		PASSWORD_INVALID if no match
 	 *		PASSWORD_VALID if valid password
 	 *		Return a new hash to store if valid password but non-preferred encoding