private static function internalUserAccountValidation($uid, $reportErrors = false, $userObj = false) { if (!$uid || !is_numeric($uid) || (int) $uid != $uid) { // We got something other than a uid from the authentication process. if (!LogUtil::hasErrors() && $reportErrors) { LogUtil::registerError(__('Sorry! Login failed. The information you provided was incorrect.')); } } else { if (!$userObj) { // Need to make sure the Users module stuff is loaded and available, especially if we are authenticating during // an upgrade or install. ModUtil::loadApi('Users', 'user', true); // The user's credentials have authenticated with the authentication module's method, but // now we have to check the account status itself. If the account status would not allow the // user to log in, then we return false. $userObj = self::getVars($uid); if (!$userObj) { // Might be a registration $userObj = self::getVars($uid, false, 'uid', true); } } if (!$userObj || !is_array($userObj)) { // Note that we have not actually logged into anything yet, just authenticated. throw new Zikula_Exception_Fatal(__f('A %1$s (%2$s) was returned by the authenticating module, but a user account record (or registration request record) could not be found.', array('uid', $uid))); } if (!isset($userObj['activated'])) { // Provide a sane value. $userObj['activated'] = UsersConstant::ACTIVATED_INACTIVE; } if ($userObj['activated'] != UsersConstant::ACTIVATED_ACTIVE) { if ($reportErrors) { $displayVerifyPending = ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_LOGIN_DISPLAY_VERIFY_STATUS, UsersConstant::DEFAULT_LOGIN_DISPLAY_VERIFY_STATUS); $displayApprovalPending = ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_LOGIN_DISPLAY_APPROVAL_STATUS, UsersConstant::DEFAULT_LOGIN_DISPLAY_VERIFY_STATUS); if ($userObj['activated'] == UsersConstant::ACTIVATED_PENDING_REG && ($displayApprovalPending || $displayVerifyPending)) { $moderationOrder = ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_REGISTRATION_APPROVAL_SEQUENCE, UsersConstant::DEFAULT_REGISTRATION_APPROVAL_SEQUENCE); if (!$userObj['isverified'] && ($moderationOrder == UsersConstant::APPROVAL_AFTER || $moderationOrder == UsersConstant::APPROVAL_ANY || !empty($userObj['approved_by'])) && $displayVerifyPending) { $message = __('Your request to register with this site is still waiting for verification of your e-mail address. Please check your inbox for a message from us.'); } elseif (empty($userObj['approved_by']) && ($moderationOrder == UsersConstant::APPROVAL_BEFORE || $moderationOrder == UsersConstant::APPROVAL_ANY) && $displayApprovalPending) { $message = __('Your request to register with this site is still waiting for approval from a site administrator.'); } if (isset($message) && !empty($message)) { return LogUtil::registerError($message); } // It is a pending registration but the site admin elected to not display this to the user. // No exception here because the answer is simply "no." This will fall through to return false. } elseif ($userObj['activated'] == UsersConstant::ACTIVATED_INACTIVE && ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_LOGIN_DISPLAY_INACTIVE_STATUS, UsersConstant::DEFAULT_LOGIN_DISPLAY_INACTIVE_STATUS)) { $message = __('Your account has been disabled. Please contact a site administrator for more information.'); } elseif ($userObj['activated'] == UsersConstant::ACTIVATED_PENDING_DELETE && ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_LOGIN_DISPLAY_DELETE_STATUS, UsersConstant::DEFAULT_LOGIN_DISPLAY_DELETE_STATUS)) { $message = __('Your account has been disabled and is scheduled for removal. Please contact a site administrator for more information.'); } else { $message = __('Sorry! Either there is no active user in our system with that information, or the information you provided does not match the information for your account.'); } LogUtil::registerError($message); } $userObj = false; } } return $userObj; }
} } switch (true) { case $return === true: // prevent rendering of the theme. System::shutDown(); break; case $httpCode == 403: if (!UserUtil::isLoggedIn()) { $url = ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri()))); LogUtil::registerError(LogUtil::getErrorMsgPermission(), $httpCode, $url); System::shutDown(); } // there is no break here deliberately. // there is no break here deliberately. case $return === false: if (!LogUtil::hasErrors()) { LogUtil::registerError(__f('Could not load the \'%1$s\' module at \'%2$s\'.', array($module, $func)), $httpCode, null); } echo ModUtil::func('Errors', 'user', 'main', array('message' => $message, 'exception' => $e)); break; case $httpCode == 200: echo $return; break; default: LogUtil::registerError(__f('The \'%1$s\' module returned an error in \'%2$s\'.', array($module, $func)), $httpCode, null); echo ModUtil::func('Errors', 'user', 'main', array('message' => $message, 'exception' => $e)); break; } Zikula_View_Theme::getInstance()->themefooter(); System::shutdown();
} if (!ModUtil::available($modinfo['name'])) { die(new Zikula_Response_Ajax_NotFound(__f("Error! The '%s' module is not available.", DataUtil::formatForDisplay($module)))); } if (!ModUtil::load($modinfo['name'], $type)) { die(new Zikula_Response_Ajax_NotFound(__f("Error! The '%s' module is not available.", DataUtil::formatForDisplay($module)))); } // Handle database transactions if (System::getVar('Z_CONFIG_USE_TRANSACTIONS')) { $dbConn = Doctrine_Manager::getInstance()->getCurrentConnection(); $dbConn->beginTransaction(); } // Dispatch controller. try { $response = ModUtil::func($modinfo['name'], $type, $func); if (System::isLegacyMode() && $response == false && LogUtil::hasErrors()) { throw new Zikula_Exception_Fatal(__('An unknown error occurred in module %s, controller %s, action %s', array($modinfo['name'], $type, $func))); } } catch (Zikula_Exception_NotFound $e) { $response = new Zikula_Response_Ajax_NotFound($e->getMessage()); } catch (Zikula_Exception_Forbidden $e) { $response = new Zikula_Response_Ajax_Forbidden($e->getMessage()); } catch (Zikula_Exception_Fatal $e) { $response = new Zikula_Response_Ajax_Fatal($e->getMessage()); } catch (PDOException $e) { $response = new Zikula_Response_Ajax_Fatal($e->getMessage()); } catch (Exception $e) { $response = new Zikula_Response_Ajax_Fatal($e->getMessage()); } // Handle database transactions if (System::getVar('Z_CONFIG_USE_TRANSACTIONS')) {
/** * Immediately stops execution and returns an error message. * * @param string $message Error text. * @param array $other Optional data to attach to the response. * @param boolean $createauthid Flag to create or not a new authkey. * @param boolean $displayalert Flag to display the error as an alert or not. * @param string $code Optional error code, default '400 Bad data'. * * @throws Zikula_Exception_Forbidden If there are errors in when legacymode is disabled. * * @deprecated since 1.3.0 * * @return void */ public static function error($message = '', $other = array(), $createauthid = false, $displayalert = true, $code = '400 Bad data') { if (!System::isLegacyMode()) { if (LogUtil::hasErrors()) { if (!$message) { throw new Zikula_Exception_Forbidden(); } } throw new Zikula_Exception_Forbidden($message); } // Below for reference - to be deleted. if (empty($message)) { $type = LogUtil::getErrorType(); $code = $type ? $type : $code; $message = LogUtil::getErrorMessagesText("\n"); } if (!empty($message)) { $data = array('errormessage' => $message); if (is_array($other)) { $data = array_merge($data, $other); } } $data['displayalert'] = ($displayalert === true ? '1' : '0'); self::output($data, $createauthid, false, true, $code); }