Assembla home | Assembla project page

My Start Page

Context Navigation

source: branches/1.2/content/plugins/user_signin/user_signin.php @ 1354

Revision 1354, 27.6 KB checked in by nick_ramsay, 3 years ago (diff)
[Branch 1.2] Custom iconv function, plus more SMTP email fixes

Line
1	<?php
2	/**
3	* name: User Signin
4	* description: Provides user registration and login
5	* version: 0.4
6	* folder: user_signin
7	* type: signin
8	* class: UserSignin
9	* hooks: install_plugin, theme_index_top, admin_header_include_raw, navigation_users, theme_index_main, admin_sidebar_plugin_settings, admin_plugin_settings
10	* author: Nick Ramsay
11	* authorurl: http://hotarucms.org/member.php?1-Nick
12	*
13	* PHP version 5
14	*
15	* LICENSE: Hotaru CMS is free software: you can redistribute it and/or
16	* modify it under the terms of the GNU General Public License as
17	* published by the Free Software Foundation, either version 3 of
18	* the License, or (at your option) any later version.
19	*
20	* Hotaru CMS is distributed in the hope that it will be useful, but WITHOUT
21	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
22	* FITNESS FOR A PARTICULAR PURPOSE.
23	*
24	* You should have received a copy of the GNU General Public License along
25	* with Hotaru CMS. If not, see http://www.gnu.org/licenses/.
26	*
27	* @category Content Management System
28	* @package HotaruCMS
29	* @author Nick Ramsay <admin@hotarucms.org>
30	* @copyright Copyright (c) 2009, Hotaru CMS
31	* @license http://www.gnu.org/copyleft/gpl.html GNU General Public License
32	* @link http://www.hotarucms.org/
33	*/
34
35	class UserSignin
36	{
37	/**
38	* Install plugin
39	*/
40	public function install_plugin($h)
41	{
42	// Permissions
43	$site_perms = $h->getDefaultPermissions('all');
44	if (!isset($site_perms['can_login'])) {
45	$perms['options']['can_login'] = array('yes', 'no');
46	$perms['can_login']['admin'] = 'yes';
47	$perms['can_login']['supermod'] = 'yes';
48	$perms['can_login']['moderator'] = 'yes';
49	$perms['can_login']['member'] = 'yes';
50	$perms['can_login']['undermod'] = 'yes';
51	$perms['can_login']['default'] = 'no';
52	$h->updateDefaultPermissions($perms);
53	}
54
55	// Plugin settings
56	$user_signin_settings = $h->getSerializedSettings();
57	if (!isset($user_signin_settings['recaptcha_enabled'])) { $user_signin_settings['recaptcha_enabled'] = ""; }
58	if (!isset($user_signin_settings['recaptcha_pubkey'])) { $user_signin_settings['recaptcha_pubkey'] = ""; }
59	if (!isset($user_signin_settings['recaptcha_privkey'])) { $user_signin_settings['recaptcha_privkey'] = ""; }
60	if (!isset($user_signin_settings['emailconf_enabled'])) { $user_signin_settings['emailconf_enabled'] = ""; }
61	if (!isset($user_signin_settings['registration_status'])) { $user_signin_settings['registration_status'] = "member"; }
62	if (!isset($user_signin_settings['email_notify'])) { $user_signin_settings['email_notify'] = ""; }
63	if (!isset($user_signin_settings['email_notify_mods'])) { $user_signin_settings['email_notify_mods'] = array(); }
64
65	$h->updateSetting('user_signin_settings', serialize($user_signin_settings));
66	}
67
68
69	/**
70	* Determine what page we're looking at
71	*/
72	public function theme_index_top($h)
73	{
74	switch ($h->pageName)
75	{
76	case 'logout':
77	$h->currentUser->destroyCookieAndSession();
78	header("Location: " . BASEURL);
79	exit;
80	break;
81	case 'login':
82	$h->pageTitle = $h->lang["user_signin_login"];
83	$h->pageType = 'login';
84	if ($this->login($h)) {
85	// success, return to front page, logged IN.
86	$return = $h->cage->post->testUri('return');
87	if ($return) {
88	header("Location: " . $return);
89	} else {
90	header("Location: " . BASEURL);
91	}
92	}
93	break;
94	case 'register':
95	$h->pageTitle = $h->lang["user_signin_register"];
96	$h->pageType = 'register';
97	$user_signin_settings = $h->getSerializedSettings('user_signin');
98	$h->vars['useRecaptcha'] = $user_signin_settings['recaptcha_enabled'];
99	$h->vars['useEmailConf'] = $user_signin_settings['emailconf_enabled'];
100	$h->vars['regStatus'] = $user_signin_settings['registration_status'];
101	$h->vars['useEmailNotify'] = $user_signin_settings['email_notify'];
102
103	$userid = $this->register($h);
104	if ($userid) {
105	// success!
106	if ($h->vars['useEmailConf']) {
107	$h->vars['send_email_confirmation'] = true;
108	$this->sendConfirmationEmail($h, $userid);
109	// fall through and display "email sent" message
110	} else {
111	// redirect to login page
112	header("Location: " . BASEURL . "index.php?page=login");
113	}
114	}
115	break;
116	case 'emailconf':
117	$h->pageTitle = $h->lang['user_signin_register_emailconf'];
118	$h->pageType = 'register';
119	break;
120	}
121	}
122
123
124	/**
125	* Include jQuery for hiding and showing email options in plugin settings
126	*/
127	public function admin_header_include_raw($h)
128	{
129	if ($h->isSettingsPage('user_signin')) {
130	echo "<script type='text/javascript'>\n";
131	echo "$(document).ready(function(){\n";
132	echo "$('#email_notify').click(function () {\n";
133	echo "$('#email_notify_options').slideToggle();\n";
134	echo "});\n";
135	echo "});\n";
136	echo "</script>\n";
137	}
138	}
139
140
141	/**
142	* Add links to the end of the navigation bar
143	*/
144	public function navigation_users($h)
145	{
146	if ($h->currentUser->loggedIn) {
147
148	if ($h->pageName == 'logout') { $status = "id='navigation_active'"; } else { $status = ""; }
149	echo "<li><a " . $status . " href='" . $h->url(array('page'=>'logout')) . "'>" . $h->lang["user_signin_logout"] . "</a></li>\n";
150
151	if ($h->currentUser->getPermission('can_access_admin') == 'yes') {
152
153	if ($h->pageName == 'admin') { $status = "id='navigation_active'"; } else { $status = ""; }
154	echo "<li><a " . $status . " href='" . $h->url(array(), 'admin') . "'>" . $h->lang["user_signin_admin"] . "</a></li>\n";
155	}
156	} else {
157
158	// Allow other plugins to override the Login / Register links
159	$result = $h->pluginHook('user_signin_navigation_logged_out');
160	if (!$result)
161	{
162	// determine where to return the user to after logging in:
163	if (!$h->cage->get->keyExists('return')) {
164	$host = $h->cage->server->sanitizeTags('HTTP_HOST');
165	$uri = $h->cage->server->sanitizeTags('REQUEST_URI');
166	$return = 'http://' . $host . $uri;
167	$return = urlencode(htmlentities($return,ENT_QUOTES,'UTF-8'));
168	} else {
169	$return = urlencode($h->cage->get->testUri('return')); // use existing return parameter
170	}
171
172	if (strpos($return, urlencode(BASEURL)) === false) { $return = urlencode(BASEURL); }
173
174	// No plugin results, show the regular Login / Register links:
175	if ($h->pageName == 'login') { $status = "id='navigation_active'"; } else { $status = ""; }
176
177	if (!$h->isPage('login')) {
178	echo "<li><a " . $status . " href='" . BASEURL . "index.php?page=login&return=" . $return . "'>" . $h->lang["user_signin_login"] . "</a></li>\n";
179	} else {
180	echo "<li><a " . $status . " href='" . $h->url(array('page'=>'login')) . "'>" . $h->lang["user_signin_login"] . "</a></li>\n";
181	}
182
183	if ($h->pageName == 'register') { $status = "id='navigation_active'"; } else { $status = ""; }
184	echo "<li><a " . $status . " href='" . $h->url(array('page'=>'register')) . "'>" . $h->lang["user_signin_register"] . "</a></li>\n";
185	}
186	}
187	}
188
189
190	/**
191	* Display the right page
192	*/
193	public function theme_index_main($h)
194	{
195	if (($h->pageType != 'login') && ($h->pageType != 'register')) { return false; }
196
197	switch($h->pageName) {
198	case 'login':
199	$h->displayTemplate('user_signin_login');
200	return true;
201	break;
202	case 'register':
203	if (isset($h->vars['send_email_confirmation'])) {
204	$h->messages[$h->lang['user_signin_register_emailconf_sent']] = 'green';
205	$h->showMessages();
206	return true;
207	}
208	$result = $h->pluginHook('user_signin_pre_display_register_template');
209	if (!$result) {
210	// show this form if not overridden by a plugin
211	$h->displayTemplate('user_signin_register', 'user_signin');
212	return true;
213	}
214	return true;
215	break;
216	case 'emailconf':
217	$user_signin_settings = $h->getSerializedSettings();
218	$h->vars['useEmailNotify'] = $user_signin_settings['email_notify'];
219	$h->vars['regStatus'] = $user_signin_settings['registration_status'];
220	$this->checkEmailConfirmation($h);
221	$h->showMessages();
222	return true;
223	break;
224	}
225
226	if ($denied) {
227	$h->messages[$h->lang["user_signin_access_denied"]] = 'red';
228	$h->showMessages();
229	}
230	}
231
232
233	/**
234	* User Login
235	*
236	* @return bool
237	*/
238	public function login($h)
239	{
240	if (!$username_check = $h->cage->post->testUsername('username')) { $username_check = ""; }
241	if (!$password_check = $h->cage->post->testPassword('password')) { $password_check = ""; }
242	if ($h->cage->post->getInt('remember') == 1) { $remember = 1; } else { $remember = 0; }
243
244	if (($h->cage->post->testPage('page') == 'login') \|\| $h->cage->post->keyExists('forgotten_password')) {
245	// if either the login or forgot password form is submitted, check the CSRF key
246	if (!$h->csrf()) {
247	$h->messages[$h->lang['error_csrf']] = 'red';
248	return false;
249	}
250	}
251
252	if ($username_check != "" \|\| $password_check != "") {
253	$login_result = $h->currentUser->loginCheck($h, $username_check, $password_check);
254	if ($login_result) {
255	//success
256	$h->currentUser->name = $username_check;
257	$result = $this->loginSuccess($h, $remember);
258	return $result;
259	} else {
260	// login failed
261	$h->messages[$h->lang["user_signin_login_failed"]] = 'red';
262	}
263
264	} else {
265
266	if ($h->cage->post->testPage('page') == 'login') {
267	// login failed
268	$h->messages[$h->lang["user_signin_login_failed"]] = 'red';
269	}
270	$username_check = '';
271	$password_check = '';
272
273	// forgotten password request
274	if ($h->cage->post->keyExists('forgotten_password')) {
275	$this->password($h);
276	unset($h->messages[$h->lang["user_signin_login_failed"]]);
277	}
278
279	// confirming forgotten password email
280	$passconf = $h->cage->get->getAlnum('passconf');
281	$userid = $h->cage->get->testInt('userid');
282
283	if ($passconf && $userid) {
284	if ($h->currentUser->newRandomPassword($h, $userid, $passconf)) {
285	$h->messages[$h->lang['user_signin_email_password_conf_success']] = 'green';
286	} else {
287	$h->messages[$h->lang['user_signin_email_password_conf_fail']] = 'red';
288	}
289	}
290	}
291
292	return false;
293	}
294
295
296	/**
297	* Login Success
298	*
299	* @return bool
300	*/
301	public function loginSuccess($h, $remember = 0)
302	{
303	$h->currentUser->getUserBasic(0, $h->currentUser->name);
304
305	$user_signin_settings = $h->getSerializedSettings('user_signin');
306	$h->vars['useEmailConf'] = $user_signin_settings['emailconf_enabled'];
307
308	if ($h->vars['useEmailConf'] && ($h->currentUser->emailValid == 0)) {
309	$this->sendConfirmationEmail($h, $h->currentUser->id);
310	$h->messages[$h->lang["user_signin_login_failed_email_not_validated"]] = 'red';
311	$h->messages[$h->lang["user_signin_login_failed_email_request_sent"]] = 'green';
312	return false;
313	}
314
315	if ($h->currentUser->getPermission('can_login') == 'no') {
316	if ($h->currentUser->role == 'pending') {
317	$h->messages[$h->lang["user_signin_login_failed_not_approved"]] = 'red';
318	} else {
319	$h->messages[$h->lang["user_signin_login_failed_no_permission"]] = 'red';
320	}
321	return false;
322	}
323
324	$h->currentUser->setCookie($h, $remember);
325	$h->currentUser->loggedIn = true;
326	$h->currentUser->updateUserLastLogin($h);
327	$h->currentUser->updateUserLastVisit($h);
328
329	return true;
330	}
331
332
333	/**
334	* Password forgotten
335	*
336	* @return bool
337	*/
338	public function password($h)
339	{
340	// Check email
341	if (!$email_check = $h->cage->post->testEmail('email')) {
342	$email_check = '';
343	// login failed
344	$h->messages[$h->lang["user_signin_email_invalid"]] = 'red';
345	return false;
346	}
347
348	$valid_email = $h->emailExists($email_check);
349	$userid = $h->getUserIdFromEmail($valid_email);
350
351	if ($valid_email && $userid) {
352	//success
353	$h->currentUser->sendPasswordConf($h, $userid, $valid_email);
354	$h->messages[$h->lang['user_signin_email_password_conf_sent']] = 'green';
355	return true;
356	} else {
357	// login failed
358	$h->messages[$h->lang["user_signin_email_invalid"]] = 'red';
359	return false;
360	}
361	}
362
363
364	/**
365	* Register a new user
366	*
367	* @return false
368	*/
369	public function register($h)
370	{
371	if ($h->vars['useRecaptcha']) {
372	require_once(PLUGINS . 'user_signin/recaptcha/recaptchalib.php');
373	}
374
375	$error = 0;
376	if ($h->cage->post->getAlpha('users_type') == 'register') {
377
378	// check CSRF key
379	if (!$h->csrf()) {
380	$h->messages[$h->lang['error_csrf']] = 'red';
381	$error = 1;
382	}
383
384	$username_check = $h->cage->post->testUsername('username'); // alphanumeric, dashes and underscores okay, case insensitive
385	if ($username_check) {
386	$h->currentUser->name = $username_check;
387	} else {
388	$h->messages[$h->lang['user_signin_register_username_error']] = 'red';
389	$error = 1;
390	}
391
392	$password_check = $h->cage->post->testPassword('password');
393	$password2_check = $h->cage->post->testPassword('password2');
394
395	// plugins like RPX can override the password values:
396	$result = $h->pluginHook('user_signin_register_password_check');
397	if ($result) {
398	reset($result); // make sure the array is ordered
399	$passwords = $result[key($result)]; // get the value from the first array position - should be an array
400	if (is_array($passwords)) {
401	$password_check = $passwords['password'];
402	$password2_check = $passwords['password2'];
403	}
404	}
405
406	if ($password_check) {
407	if ($password_check == $password2_check) {
408	// safe, the two new password fields match
409	$h->currentUser->password = $h->currentUser->generateHash($password_check);
410	} else {
411	$h->messages[$h->lang['user_signin_register_password_match_error']] = 'red';
412	$error = 1;
413	}
414
415	} else {
416	$h->messages[$h->lang['user_signin_register_password_error']] = 'red';
417	$error = 1;
418	}
419
420	$email_check = $h->cage->post->testEmail('email');
421	if ($email_check) {
422	$h->currentUser->email = $email_check;
423	} else {
424	$h->messages[$h->lang['user_signin_register_email_error']] = 'red';
425	$error = 1;
426	}
427
428	if ($h->vars['useRecaptcha']) {
429
430	$user_signin_settings = $h->getSerializedSettings();
431	$recaptcha_pubkey = $user_signin_settings['recaptcha_pubkey'];
432	$recaptcha_privkey = $user_signin_settings['recaptcha_privkey'];
433
434	$rc_resp = null;
435	$rc_error = null;
436
437	// was there a reCAPTCHA response?
438	if ($h->cage->post->keyExists('recaptcha_response_field')) {
439	$rc_resp = recaptcha_check_answer($recaptcha_privkey,
440	$h->cage->server->getRaw('REMOTE_ADDR'),
441	$h->cage->post->getRaw('recaptcha_challenge_field'),
442	$h->cage->post->getRaw('recaptcha_response_field'));
443
444	if ($rc_resp->is_valid) {
445	// success, do nothing.
446	} else {
447	# set the error code so that we can display it
448	$rc_error = $rc_resp->error;
449	$h->messages[$h->lang['user_signin_register_recaptcha_error']] = 'red';
450	$error = 1;
451	}
452	} else {
453	$h->messages[$h->lang['user_signin_register_recaptcha_empty']] = 'red';
454	$error = 1;
455	}
456	}
457
458	// let plugins run their own registration checks:
459	$h->vars['reg_error'] = $error;
460	$h->pluginHook('user_signin_register_error_check');
461	$error = $h->vars['reg_error'];
462	}
463
464	if (!isset($username_check) && !isset($password_check) && !isset($password2_check) && !isset($email_check)) {
465	$username_check = "";
466	$password_check = "";
467	$password2_check = "";
468	$email_check = "";
469	// do nothing
470	} elseif ($error == 0) {
471	$blocked = $this->checkBlocked($h, $username_check, $email_check); // true if blocked, false if safe
472	$exists = $h->userExists(0, $username_check, $email_check);
473	if (!$blocked && ($exists == 'no')) {
474
475	// SUCCESS!!!
476	$h->currentUser->role = $h->vars['regStatus'];
477	$h->pluginHook('user_signin_register_pre_add_user');
478	if ($h->vars['useEmailConf']) { $h->currentUser->role = 'pending'; }
479	$h->currentUser->addUserBasic($h);
480	$last_insert_id = $h->db->get_var($h->db->prepare("SELECT LAST_INSERT_ID()"));
481
482	$h->pluginHook('user_signin_register_post_add_user', '', array($last_insert_id));
483
484	// notify chosen mods of new user by email IF email confirmation is DISABLED:
485	// If email confirmation is ENABLED, the email gets sent in checkEmailConfirmation().
486	if (($h->vars['useEmailNotify']) && (!$h->vars['useEmailConf']) && (file_exists(PLUGINS . 'users/libs/UserFunctions.php')))
487	{
488	require_once(PLUGINS . 'users/libs/UserFunctions.php');
489	$uf = new UserFunctions();
490	$uf->notifyMods($h, 'user', $h->currentUser->role, $last_insert_id);
491	}
492
493	return $last_insert_id; // so we can retrieve this user's details for the email confirmation step;
494	} elseif ($exists == 'id') {
495	$h->messages[$h->lang['user_signin_register_id_exists']] = 'red';
496
497	} elseif ($exists == 'name') {
498	$h->messages[$h->lang['user_signin_register_username_exists']] = 'red';
499
500	} elseif ($exists == 'email') {
501	$h->messages[$h->lang['user_signin_register_email_exists']] = 'red';
502	} elseif ($blocked) {
503	$h->messages[$h->lang['user_signin_register_user_blocked']] = 'red';
504	} else {
505	// allow plugin to override the default "unexpected error" message:
506	$result = $h->pluginHook('user_signin_register_error_message');
507	if (!$result) {
508	$h->messages[$h->lang["user_signin_register_unexpected_error"]] = 'red';
509	}
510	}
511	} else {
512	// error must = 1 so fall through and display the form again
513	}
514	return false;
515	}
516
517
518	/**
519	* Check if user is on the blocked list
520	*
521	* @param string $username
522	* @param string $email
523	* @return bool - true if blocked
524	*/
525	public function checkBlocked($h, $username, $email)
526	{
527	// Is user IP address blocked?
528	$ip = $h->cage->server->testIp('REMOTE_ADDR');
529	if ($h->isBlocked('ip', $ip)) {
530	return true;
531	}
532
533	// Is email domain blocked?
534	$email_bits = explode('@', $email);
535	$email_domain = $email_bits[1];
536	if ($h->isBlocked('email', $email_domain)) {
537	return true;
538	}
539
540	// Is email blocked?
541	if ($h->isBlocked('email', $email)) {
542	return true;
543	}
544
545	// Is username blocked?
546	if ($h->isBlocked('user', $username)) {
547	return true;
548	}
549
550	$h->pluginHook('user_signin_register_check_blocked'); // Stop Spam is one plugin that uses this
551	if (isset($h->vars['block']) && $h->vars['block'] == true) { return true; }
552
553	return false; // not blocked
554	}
555
556
557	/**
558	* Send an email to the newly registered user
559	*
560	* @param int $user_id
561	*/
562	public function sendConfirmationEmail($h, $user_id)
563	{
564	$user = new UserAuth();
565	$user->getUserBasic($h, $user_id);
566
567	// generate the email confirmation code
568	$email_conf = md5(crypt(md5($user->email),md5($user->email)));
569
570	// store the hash in the user table
571	$sql = "UPDATE " . TABLE_USERS . " SET user_email_conf = %s WHERE user_id = %d";
572	$h->db->query($h->db->prepare($sql, $email_conf, $user->id));
573
574	$line_break = "\r\n\r\n";
575	$next_line = "\r\n";
576
577	// send email
578	$subject = $h->lang['user_signin_register_emailconf_subject'];
579	$body = $h->lang['user_signin_register_emailconf_body_hello'] . " " . $user->name;
580	$body .= $line_break;
581	$body .= $h->lang['user_signin_register_emailconf_body_welcome'];
582	$body .= $line_break;
583	$body .= $h->lang['user_signin_register_emailconf_body_click'];
584	$body .= $line_break;
585	$body .= BASEURL . "index.php?page=emailconf&plugin=users&id=" . $user->id . "&conf=" . $email_conf;
586	$body .= $line_break;
587	$body .= $h->lang['user_signin_register_emailconf_body_regards'];
588	$body .= $next_line;
589	$body .= $h->lang['user_signin_register_emailconf_body_sign'];
590	$to = $user->email;
591
592	/*
593	echo "To: " . $to . "<br />";
594	echo "Subject: " . $subject . "<br />";
595	echo "Body: " . $body . "<br />";
596	echo "Headers: " . $headers . "<br />";
597	*/
598
599	$h->email($to, $subject, $body);
600	}
601
602
603	/**
604	* Check email confirmation code
605	*
606	* @return true;
607	*/
608	public function checkEmailConfirmation($h)
609	{
610	$user_id = $h->cage->get->getInt('id');
611	$conf = $h->cage->get->getAlnum('conf');
612
613	$user = new UserAuth();
614	$user->getUserBasic($h, $user_id);
615
616	if (!$user_id \|\| !$conf) {
617	$h->messages[$h->lang['user_signin_register_emailconf_fail']] = 'red';
618	}
619
620	$sql = "SELECT user_email_conf FROM " . TABLE_USERS . " WHERE user_id = %d";
621	$user_email_conf = $h->db->get_var($h->db->prepare($sql, $user_id));
622
623	if ($conf === $user_email_conf)
624	{
625	// update role:
626	$user->role = $h->vars['regStatus'];
627
628	$h->pluginHook('user_signin_email_conf_post_role');
629
630	// update user with new permissions:
631	$new_perms = $user->getDefaultPermissions($h, $user->role);
632	unset($new_perms['options']); // don't need this for individual users
633	$user->setAllPermissions($new_perms);
634	$user->updatePermissions($h);
635	$user->updateUserBasic($h);
636
637	// set email valid to 1:
638	$sql = "UPDATE " . TABLE_USERS . " SET user_email_valid = %d WHERE user_id = %d";
639	$h->db->query($h->db->prepare($sql, 1, $user->id));
640
641	// notify chosen mods of new user by email:
642	if (($h->vars['useEmailNotify'] == 'checked') && (file_exists(PLUGINS . 'users/libs/UserFunctions.php'))) {
643	require_once(PLUGINS . 'users/libs/UserFunctions.php');
644	$uf = new UserFunctions();
645	$uf->notifyMods($h, 'user', $user->role, $user->id);
646	}
647
648	$success_message = $h->lang['user_signin_register_emailconf_success'] . " <br /><b><a href='" . $h->url(array('page'=>'login')) . "'>" . $h->lang['user_signin_register_emailconf_success_login'] . "</a></b>";
649	$h->messages[$success_message] = 'green';
650	} else {
651	$h->messages[$h->lang['user_signin_register_emailconf_fail']] = 'red';
652	}
653
654	return true;
655	}
656
657
658	/**
659	* Check login permission during cookie check
660	*
661	* @return true;
662	*/
663	public function userauth_checkcookie_success()
664	{
665	$fail_array = array('killspammed', 'banned', 'suspended');
666	if (!in_array($h->currentUser->role, $fail_array)) { echo "SAFE!"; return true; }
667
668	if ($h->currentUser->getPermission('can_login') == 'no') {
669	$h->currentUser->destroyCookieAndSession();
670	$h->currentUser->setLoggedOutUser($h);
671	header("Location: " . BASEURL);
672	exit;
673	}
674
675	}
676	}
677
678	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: