Changeset 219
- Timestamp:
- 02/27/09 21:35:34 (1 year ago)
- Files:
-
- trunk/modules/auth/libraries/Auth_form_processing.php (modified) (1 diff)
- trunk/modules/auth/libraries/Userlib.php (modified) (2 diffs)
- trunk/modules/auth/models/user_model.php (modified) (3 diffs)
- trunk/user_guide/general/changelog.html (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/modules/auth/libraries/Auth_form_processing.php
r218 r219 142 142 143 143 // See if a user exists with the given credentials 144 $ query= $this->CI->user_model->validateLogin($values['login_field'],$values['password']);145 if ( $ query->num_rows() == 1)144 $result = $this->CI->user_model->validateLogin($values['login_field'],$values['password']); 145 if ( $result['valid'] ) 146 146 { 147 147 // We we have a valid user 148 $user = $ query->row();148 $user = $result['query']->row(); 149 149 150 150 // Check if the users account hasn't been activated yet trunk/modules/auth/libraries/Userlib.php
r203 r219 67 67 68 68 // Check its valid 69 $ query= $this->CI->user_model->validateLogin($autologin['login_field'],$autologin['password']);70 if($ query->num_rows() == 1)69 $result = $this->CI->user_model->validateLogin($autologin['login_field'],$autologin['password']); 70 if($result['valid']) 71 71 { 72 72 // Log user in … … 94 94 if($CI->session) 95 95 { 96 $email = $CI->session->userdata('email'); 97 $group = $CI->session->userdata('group'); 98 99 if ($email !== FALSE && $group !== FALSE) 96 $logedin = FALSE; 97 98 // If the system is setup to store details in the database 99 // only do a quick check since the user can't tamper with the values 100 if(config_item('sess_use_database') === TRUE) 101 { 102 $email = $CI->session->userdata('email'); 103 $username = $CI->session->userdata('username'); 104 105 $loggedin = ($email !== FALSE && $username !== FALSE); 106 107 } 108 else 109 { 110 // Query the database to verify the details are correct 111 switch($CI->preference->item('login_field')) 112 { 113 case 'email': 114 $check = $CI->session->userdata('email'); 115 break; 116 117 default: 118 $check = $CI->session->userdata('username'); 119 } 120 $result = $CI->user_model->validateLogin($check,$CI->session->userdata('password')); 121 $loggedin = $result['valid']; 122 } 123 124 if ($loggedin) 100 125 { 101 126 // Logged in trunk/modules/auth/models/user_model.php
r203 r219 46 46 * @param string $login_field Email/Username 47 47 * @param string $password Users password 48 * @return Query48 * @return array('valid'=>bool,'query'=>Query) 49 49 */ 50 50 function validateLogin($login_field, $password) 51 51 { 52 if( !$password OR !$login_field) 53 { 54 // If there is no password 55 return array('valid'=>FALSE,'query'=>NULL); 56 } 57 52 58 switch($this->preference->item('login_field')) 53 59 { … … 68 74 $this->db->where('password',$password); 69 75 70 return $this->fetch('Users','id,active'); 76 $query = $this->fetch('Users','id,active'); 77 $found = ($query->num_rows() == 1); 78 return array('valid'=>$found,'query'=>$query); 71 79 } 72 80 … … 142 150 } 143 151 144 $this->db->select('users.id, users.username, users.email, users. active, users.last_visit, users.created, users.modified, groups.name `group`, groups.id group_id'.$profile_columns);152 $this->db->select('users.id, users.username, users.email, users.password, users.active, users.last_visit, users.created, users.modified, groups.name `group`, groups.id group_id'.$profile_columns); 145 153 $this->db->from($this->_TABLES['Users'] . " users"); 146 154 $this->db->join($this->_TABLES['UserProfiles'] . " profiles",'users.id=profiles.user_id'); trunk/user_guide/general/changelog.html
r218 r219 63 63 <h3>Modifications</h3> 64 64 <ul> 65 <li>Improved the <dfn>is_user()</dfn> method so if <dfn>$config['sess_use_database']</dfn> is <var>FALSE</var> then extra user checks are performed. For this to work the value returned by validateLogin() has changed, See <a href="http://trac2.assembla.com/backendpro/ticket/80">Enhancement #80</a></li> 65 66 <li>Removed PHP short tags from files, See <a href="http://trac2.assembla.com/backendpro/ticket/42">Task #42</a></li> 66 67 <li>Added some extra language strings for the dropdown options inside <var>application/controllers/admin/settings.php</var>, See <a href="http://trac2.assembla.com/backendpro/ticket/73">Enhancement #73</a></li>
