Accueil Explorer Aide
Connexion
epsylon
/
Elgg-Lorea-Hydra
Suivre 1
Voter 0
Fork 0
Fichiers Tickets 0 Pull Requests 0
Aborescence: e48014c2e0
Branches Tags
Elgg-Lorea-H...
/
mod
/
elgg-fail2ban
/
actions
/
login.php

login.php 2.2 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 
  1. <?php
    2. 

  2. 

  3. // set forward url
    4. 

  4. if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
    5. 

  5. 	$forward_url = $_SESSION['last_forward_from'];
    6. 

  6. 	unset($_SESSION['last_forward_from']);
    7. 

  7. } elseif (get_input('returntoreferer')) {
    8. 

  8. 	$forward_url = REFERER;
    9. 

  9. } else {
    10. 

  10. 	// forward to main index page
    11. 

  11. 	$forward_url = '';
    12. 

  12. }
    13. 

  13. 

  14. $username = get_input('username');
    15. 

  15. $password = get_input('password', null, false);
    16. 

  16. $persistent = get_input("persistent", false);
    17. 

  17. $result = false;
    18. 

  18. 

  19. if (empty($username) || empty($password)) {
    20. 

  20. 	register_error(elgg_echo('login:empty'));
    21. 

  21. 	forward();
    22. 

  22. }
    23. 

  23. 

  24. // check if logging in with email address
    25. 

  25. if (strpos($username, '@') !== false && ($users = get_user_by_email($username))) {
    26. 

  26. 	$username = $users[0]->username;
    27. 

  27. }
    28. 

  28. 

  29. $result = elgg_authenticate($username, $password);
    30. 

  30. 

  31. // Open log
    32. 

  32. openlog("elgg({$_SERVER['HTTP_HOST']})", LOG_PID, LOG_AUTH);
    33. 

  33. $ip = $_SERVER['REMOTE_ADDR'];
    34. 

  34. if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    35. 

  35. 	 $proxies = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); // We are behind a proxy 
    36. 

  36. 	 $ip = trim($proxies[0]);
    37. 

  37. }
    38. 

  38. 

  39. if ($result !== true) {
    40. 

  40.         // Log authentication error, in a format almost identical to the SSH rule (for compatibility)
    41. 

  41.         syslog(LOG_NOTICE,"Authentication failure for $username from $ip");
    42. 

  42.       
    43. 

  43. 	register_error($result);
    44. 

  44. 	forward(REFERER);
    45. 

  45. }
    46. 

  46. 

  47. // We got here, so login was successful
    48. 

  48. syslog(LOG_INFO,"Accepted password for $username from $ip");
    49. 

  49. 

  50. closelog();
    51. 

  51. 

  52. $user = get_user_by_username($username);
    53. 

  53. if (!$user) {
    54. 

  54. 	register_error(elgg_echo('login:baduser'));
    55. 

  55. 	forward(REFERER);
    56. 

  56. }
    57. 

  57. 

  58. try {
    59. 

  59. 	login($user, $persistent);
    60. 

  60. 	// re-register at least the core language file for users with language other than site default
    61. 

  61. 	register_translations(dirname(dirname(__FILE__)) . "/languages/");
    62. 

  62. } catch (LoginException $e) {
    63. 

  63. 	register_error($e->getMessage());
    64. 

  64. 	forward(REFERER);
    65. 

  65. }
    66. 

  66. 

  67. // elgg_echo() caches the language and does not provide a way to change the language.
    68. 

  68. // @todo we need to use the config object to store this so that the current language
    69. 

  69. // can be changed. Refs #4171
    70. 

  70. if ($user->language) {
    71. 

  71. 	$message = elgg_echo('loginok', array(), $user->language);
    72. 

  72. } else {
    73. 

  73. 	$message = elgg_echo('loginok');
    74. 

  74. }
    75. 

  75. 

  76. system_message($message);
    77. 

  77. forward($forward_url);
    78. 

  78.