public function admin_kick()
{
if (!CheckAcl::can('forceLogout')) {
return Error::set('You are not allowed to force logout a user.');
}
if (empty($_POST['username'])) {
return Error::set('No username was found.');
}
if (!apc_exists(Cache::PREFIX . 'user_' . $_POST['username'])) {
return Error::set('This user is already logged out.');
}
Session::forceLogout($_POST['username'], apc_fetch(Cache::PREFIX . 'user_' . $_POST['username']));
header('Location: ' . Url::format('/user/view/' . $_POST['username']));
}
/**
* Authenticate a user.
*
* @param string $username The username to use.
* @param string $password The password to use.
*
* @return mixed User data on success, or error string.
*/
public function authenticate($username, $password)
{
$auths = array('Password', 'Certificate', 'CAP');
$applicable = array();
foreach ($auths as $auth) {
$good = call_user_func(array($this, 'qualify' . $auth), $username, $password);
if ($good) {
$applicable[] = $auth;
}
}
foreach ($applicable as $auth) {
$good = call_user_func(array($this, 'check' . $auth), $username, $password);
if ($good != false) {
if ($good['status'] == self::ACCT_LOCKED) {
return 'User banned.';
}
$key = Cache::PREFIX . 'Session_user_' . $good['username'];
if (apc_exists($key)) {
Session::forceLogout($good['username'], apc_fetch($key));
}
Session::setBatchVars($good);
return $good;
}
}
return 'Invalid username/password';
}
