public function onLogin($doValidate = true) { require_once GWF_CORE_PATH . 'module/Login/GWF_LoginFailure.php'; $isAjax = isset($_GET['ajax']); $form = $this->getForm(); if ($doValidate) { if (false !== ($errors = $form->validate($this->module, $isAjax))) { if ($isAjax) { return $errors; } else { return $errors . $this->form(); } } } $username = Common::getPostString('username'); $password = Common::getPostString('password'); $users = GDO::table('GWF_User'); if (false === ($user = $users->selectFirstObject('*', sprintf('user_name=\'%s\' AND user_options&%d=0', $users->escape($username), GWF_User::DELETED)))) { if ($isAjax) { return $this->module->error('err_login'); } else { return $this->module->error('err_login') . $this->form(); } } elseif (true !== ($error = $this->checkBruteforce($user, $isAjax))) { if ($isAjax) { return $error; } else { return $error . $this->form(); } } elseif (false === GWF_Hook::call(GWF_HOOK::LOGIN_PRE, $user, array($password, ''))) { return ''; #GWF_HTML::err('ERR_GENERAL', array( __FILE__, __LINE__)); } elseif (false === GWF_Password::checkPasswordS($password, $user->getVar('user_password'))) { if ($isAjax) { return $this->onLoginFailed($user, $isAjax); } else { return $this->onLoginFailed($user, $isAjax) . $this->form(); } } GWF_Password::clearMemory('password'); return $this->onLoggedIn($user, $isAjax); }