public function admin_kick() { if (!CheckAcl::can('forceLogout')) { return Error::set('You are not allowed to force logout a user.'); } if (empty($_POST['username'])) { return Error::set('No username was found.'); } if (!apc_exists(Cache::PREFIX . 'user_' . $_POST['username'])) { return Error::set('This user is already logged out.'); } Session::forceLogout($_POST['username'], apc_fetch(Cache::PREFIX . 'user_' . $_POST['username'])); header('Location: ' . Url::format('/user/view/' . $_POST['username'])); }
/** * Authenticate a user. * * @param string $username The username to use. * @param string $password The password to use. * * @return mixed User data on success, or error string. */ public function authenticate($username, $password) { $auths = array('Password', 'Certificate', 'CAP'); $applicable = array(); foreach ($auths as $auth) { $good = call_user_func(array($this, 'qualify' . $auth), $username, $password); if ($good) { $applicable[] = $auth; } } foreach ($applicable as $auth) { $good = call_user_func(array($this, 'check' . $auth), $username, $password); if ($good != false) { if ($good['status'] == self::ACCT_LOCKED) { return 'User banned.'; } $key = Cache::PREFIX . 'Session_user_' . $good['username']; if (apc_exists($key)) { Session::forceLogout($good['username'], apc_fetch($key)); } Session::setBatchVars($good); return $good; } } return 'Invalid username/password'; }