private static function internalUserAccountValidation($uid, $reportErrors = false, $userObj = false)
{
if (!$uid || !is_numeric($uid) || (int) $uid != $uid) {
// We got something other than a uid from the authentication process.
if (!LogUtil::hasErrors() && $reportErrors) {
LogUtil::registerError(__('Sorry! Login failed. The information you provided was incorrect.'));
}
} else {
if (!$userObj) {
// Need to make sure the Users module stuff is loaded and available, especially if we are authenticating during
// an upgrade or install.
ModUtil::loadApi('Users', 'user', true);
// The user's credentials have authenticated with the authentication module's method, but
// now we have to check the account status itself. If the account status would not allow the
// user to log in, then we return false.
$userObj = self::getVars($uid);
if (!$userObj) {
// Might be a registration
$userObj = self::getVars($uid, false, 'uid', true);
}
}
if (!$userObj || !is_array($userObj)) {
// Note that we have not actually logged into anything yet, just authenticated.
throw new Zikula_Exception_Fatal(__f('A %1$s (%2$s) was returned by the authenticating module, but a user account record (or registration request record) could not be found.', array('uid', $uid)));
}
if (!isset($userObj['activated'])) {
// Provide a sane value.
$userObj['activated'] = UsersConstant::ACTIVATED_INACTIVE;
}
if ($userObj['activated'] != UsersConstant::ACTIVATED_ACTIVE) {
if ($reportErrors) {
$displayVerifyPending = ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_LOGIN_DISPLAY_VERIFY_STATUS, UsersConstant::DEFAULT_LOGIN_DISPLAY_VERIFY_STATUS);
$displayApprovalPending = ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_LOGIN_DISPLAY_APPROVAL_STATUS, UsersConstant::DEFAULT_LOGIN_DISPLAY_VERIFY_STATUS);
if ($userObj['activated'] == UsersConstant::ACTIVATED_PENDING_REG && ($displayApprovalPending || $displayVerifyPending)) {
$moderationOrder = ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_REGISTRATION_APPROVAL_SEQUENCE, UsersConstant::DEFAULT_REGISTRATION_APPROVAL_SEQUENCE);
if (!$userObj['isverified'] && ($moderationOrder == UsersConstant::APPROVAL_AFTER || $moderationOrder == UsersConstant::APPROVAL_ANY || !empty($userObj['approved_by'])) && $displayVerifyPending) {
$message = __('Your request to register with this site is still waiting for verification of your e-mail address. Please check your inbox for a message from us.');
} elseif (empty($userObj['approved_by']) && ($moderationOrder == UsersConstant::APPROVAL_BEFORE || $moderationOrder == UsersConstant::APPROVAL_ANY) && $displayApprovalPending) {
$message = __('Your request to register with this site is still waiting for approval from a site administrator.');
}
if (isset($message) && !empty($message)) {
return LogUtil::registerError($message);
}
// It is a pending registration but the site admin elected to not display this to the user.
// No exception here because the answer is simply "no." This will fall through to return false.
} elseif ($userObj['activated'] == UsersConstant::ACTIVATED_INACTIVE && ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_LOGIN_DISPLAY_INACTIVE_STATUS, UsersConstant::DEFAULT_LOGIN_DISPLAY_INACTIVE_STATUS)) {
$message = __('Your account has been disabled. Please contact a site administrator for more information.');
} elseif ($userObj['activated'] == UsersConstant::ACTIVATED_PENDING_DELETE && ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_LOGIN_DISPLAY_DELETE_STATUS, UsersConstant::DEFAULT_LOGIN_DISPLAY_DELETE_STATUS)) {
$message = __('Your account has been disabled and is scheduled for removal. Please contact a site administrator for more information.');
} else {
$message = __('Sorry! Either there is no active user in our system with that information, or the information you provided does not match the information for your account.');
}
LogUtil::registerError($message);
}
$userObj = false;
}
}
return $userObj;
}
}
}
switch (true) {
case $return === true:
// prevent rendering of the theme.
System::shutDown();
break;
case $httpCode == 403:
if (!UserUtil::isLoggedIn()) {
$url = ModUtil::url('Users', 'user', 'login', array('returnpage' => urlencode(System::getCurrentUri())));
LogUtil::registerError(LogUtil::getErrorMsgPermission(), $httpCode, $url);
System::shutDown();
}
// there is no break here deliberately.
// there is no break here deliberately.
case $return === false:
if (!LogUtil::hasErrors()) {
LogUtil::registerError(__f('Could not load the \'%1$s\' module at \'%2$s\'.', array($module, $func)), $httpCode, null);
}
echo ModUtil::func('Errors', 'user', 'main', array('message' => $message, 'exception' => $e));
break;
case $httpCode == 200:
echo $return;
break;
default:
LogUtil::registerError(__f('The \'%1$s\' module returned an error in \'%2$s\'.', array($module, $func)), $httpCode, null);
echo ModUtil::func('Errors', 'user', 'main', array('message' => $message, 'exception' => $e));
break;
}
Zikula_View_Theme::getInstance()->themefooter();
System::shutdown();
}
if (!ModUtil::available($modinfo['name'])) {
die(new Zikula_Response_Ajax_NotFound(__f("Error! The '%s' module is not available.", DataUtil::formatForDisplay($module))));
}
if (!ModUtil::load($modinfo['name'], $type)) {
die(new Zikula_Response_Ajax_NotFound(__f("Error! The '%s' module is not available.", DataUtil::formatForDisplay($module))));
}
// Handle database transactions
if (System::getVar('Z_CONFIG_USE_TRANSACTIONS')) {
$dbConn = Doctrine_Manager::getInstance()->getCurrentConnection();
$dbConn->beginTransaction();
}
// Dispatch controller.
try {
$response = ModUtil::func($modinfo['name'], $type, $func);
if (System::isLegacyMode() && $response == false && LogUtil::hasErrors()) {
throw new Zikula_Exception_Fatal(__('An unknown error occurred in module %s, controller %s, action %s', array($modinfo['name'], $type, $func)));
}
} catch (Zikula_Exception_NotFound $e) {
$response = new Zikula_Response_Ajax_NotFound($e->getMessage());
} catch (Zikula_Exception_Forbidden $e) {
$response = new Zikula_Response_Ajax_Forbidden($e->getMessage());
} catch (Zikula_Exception_Fatal $e) {
$response = new Zikula_Response_Ajax_Fatal($e->getMessage());
} catch (PDOException $e) {
$response = new Zikula_Response_Ajax_Fatal($e->getMessage());
} catch (Exception $e) {
$response = new Zikula_Response_Ajax_Fatal($e->getMessage());
}
// Handle database transactions
if (System::getVar('Z_CONFIG_USE_TRANSACTIONS')) {
/**
* Immediately stops execution and returns an error message.
*
* @param string $message Error text.
* @param array $other Optional data to attach to the response.
* @param boolean $createauthid Flag to create or not a new authkey.
* @param boolean $displayalert Flag to display the error as an alert or not.
* @param string $code Optional error code, default '400 Bad data'.
*
* @throws Zikula_Exception_Forbidden If there are errors in when legacymode is disabled.
*
* @deprecated since 1.3.0
*
* @return void
*/
public static function error($message = '', $other = array(), $createauthid = false, $displayalert = true, $code = '400 Bad data')
{
if (!System::isLegacyMode()) {
if (LogUtil::hasErrors()) {
if (!$message) {
throw new Zikula_Exception_Forbidden();
}
}
throw new Zikula_Exception_Forbidden($message);
}
// Below for reference - to be deleted.
if (empty($message)) {
$type = LogUtil::getErrorType();
$code = $type ? $type : $code;
$message = LogUtil::getErrorMessagesText("\n");
}
if (!empty($message)) {
$data = array('errormessage' => $message);
if (is_array($other)) {
$data = array_merge($data, $other);
}
}
$data['displayalert'] = ($displayalert === true ? '1' : '0');
self::output($data, $createauthid, false, true, $code);
}
