Mercurial > defr > drupal > core

comparison modules/user/user.module @ 11:589fb7c02327 6.5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Drupal 6.5
author Franck Deroche <webmaster@defr.org>
date Tue, 23 Dec 2008 14:32:19 +0100
parents acef7ccb09b5
children 4347c45bb494
comparison
equal deleted inserted replaced
10:6f15c9d74937 11:589fb7c02327
1 <?php 1 <?php
2 // $Id: user.module,v 1.892.2.6 2008/08/12 05:11:22 dries Exp $ 2 // $Id: user.module,v 1.892.2.8 2008/10/08 20:12:18 goba Exp $
3 3
4 /** 4 /**
5 * @file 5 * @file
6 * Enables the user registration and login system. 6 * Enables the user registration and login system.
7 */ 7 */
1332 * A $user object, if successful. 1332 * A $user object, if successful.
1333 */ 1333 */
1334 function user_authenticate($form_values = array()) { 1334 function user_authenticate($form_values = array()) {
1335 global $user; 1335 global $user;
1336 1336
1337 // Load the account to check if the e-mail is denied by an access rule.
1338 // Doing this check here saves us a user_load() in user_login_name_validate()
1339 // and introduces less code change for a security fix.
1340 $account = user_load(array('name' => $form_values['name'], 'pass' => trim($form_values['pass']), 'status' => 1));
1341 if ($account && drupal_is_denied('mail', $account->mail)) {
1342 form_set_error('name', t('The name %name is registered using a reserved e-mail address and therefore could not be logged in.', array('%name' => $account->name)));
1343 }
1344
1337 // Name and pass keys are required. 1345 // Name and pass keys are required.
1338 if (!empty($form_values['name']) && !empty($form_values['pass']) && 1346 // The user is about to be logged in, so make sure no error was previously
1339 $account = user_load(array('name' => $form_values['name'], 'pass' => trim($form_values['pass']), 'status' => 1))) { 1347 // encountered in the validation process.
1348 if (!form_get_errors() && !empty($form_values['name']) && !empty($form_values['pass']) && $account) {
1340 $user = $account; 1349 $user = $account;
1341 user_authenticate_finalize($form_values); 1350 user_authenticate_finalize($form_values);
1342 return $user; 1351 return $user;
1343 } 1352 }
1344 } 1353 }
2062 $tokens = array( 2071 $tokens = array(
2063 '!username' => $account->name, 2072 '!username' => $account->name,
2064 '!site' => variable_get('site_name', 'Drupal'), 2073 '!site' => variable_get('site_name', 'Drupal'),
2065 '!login_url' => user_pass_reset_url($account), 2074 '!login_url' => user_pass_reset_url($account),
2066 '!uri' => $base_url, 2075 '!uri' => $base_url,
2067 '!uri_brief' => substr($base_url, strlen('http://')), 2076 '!uri_brief' => preg_replace('!^https?://!', '', $base_url),
2068 '!mailto' => $account->mail, 2077 '!mailto' => $account->mail,
2069 '!date' => format_date(time(), 'medium', '', NULL, $language->language), 2078 '!date' => format_date(time(), 'medium', '', NULL, $language->language),
2070 '!login_uri' => url('user', array('absolute' => TRUE, 'language' => $language)), 2079 '!login_uri' => url('user', array('absolute' => TRUE, 'language' => $language)),
2071 '!edit_uri' => url('user/'. $account->uid .'/edit', array('absolute' => TRUE, 'language' => $language)), 2080 '!edit_uri' => url('user/'. $account->uid .'/edit', array('absolute' => TRUE, 'language' => $language)),
2072 ); 2081 );