From 94beb69d55615f26ec3f0f2015cd50d3c1be7ea3 Mon Sep 17 00:00:00 2001
From: Petr Skoda <skodak@moodle.org>
Date: Mon, 5 Jul 2010 21:51:58 +0000
Subject: [PATCH] MDL-13563 preventing login of users with suspended flag

---
 lib/moodlelib.php | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index ceb78995265..939fd478e57 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -3522,6 +3522,11 @@ function authenticate_user_login($username, $password) {
 
     if ($user = get_complete_user_data('username', $username)) {
         $auth = empty($user->auth) ? 'manual' : $user->auth;  // use manual if auth not set
+        if ($user->suspended) {
+            add_to_log(0, 'login', 'error', 'index.php', $username);
+            error_log('[client '.getremoteaddr()."]  $CFG->wwwroot  Suspended Login:  $username  ".$_SERVER['HTTP_USER_AGENT']);
+            return false;
+        }
         if ($auth=='nologin' or !is_enabled_auth($auth)) {
             add_to_log(0, 'login', 'error', 'index.php', $username);
             error_log('[client '.getremoteaddr()."]  $CFG->wwwroot  Disabled Login:  $username  ".$_SERVER['HTTP_USER_AGENT']);
@@ -3577,9 +3582,17 @@ function authenticate_user_login($username, $password) {
             $hauth->user_authenticated_hook($user, $username, $password);
         }
 
-        if ($user->id===0) {
+        if (empty($user->id)) {
             return false;
         }
+
+        if ($user->suspended) {
+            // just in case some auth plugin suspended account
+            add_to_log(0, 'login', 'error', 'index.php', $username);
+            error_log('[client '.getremoteaddr()."]  $CFG->wwwroot  Suspended Login:  $username  ".$_SERVER['HTTP_USER_AGENT']);
+            return false;
+        }
+
         return $user;
     }