/** * Validate a user's credentials and log the user in. */ function signIn() { $this->validate(); $this->setupTemplate(); if (Validation::isLoggedIn()) { PKPRequest::redirect(null, 'user'); } if (Config::getVar('security', 'force_login_ssl') && Request::getProtocol() != 'https') { // Force SSL connections for login PKPRequest::redirectSSL(); } $user = Validation::login(Request::getUserVar('username'), Request::getUserVar('password'), $reason, Request::getUserVar('remember') == null ? false : true); if ($user !== false) { if (Config::getVar('security', 'force_login_ssl') && !Config::getVar('security', 'force_ssl')) { // Redirect back to HTTP if forcing SSL for login only PKPRequest::redirectNonSSL(); } else { if ($user->getMustChangePassword()) { // User must change their password in order to log in Validation::logout(); PKPRequest::redirect(null, null, 'changePassword', $user->getUsername()); } else { $source = Request::getUserVar('source'); if (isset($source) && !empty($source)) { PKPRequest::redirectUrl(Request::getProtocol() . '://' . Request::getServerHost() . $source, false); } else { Request::redirectHome(); } } } } else { $sessionManager =& SessionManager::getManager(); $session =& $sessionManager->getUserSession(); $templateMgr =& TemplateManager::getManager(); $templateMgr->assign('username', Request::getUserVar('username')); $templateMgr->assign('remember', Request::getUserVar('remember')); $templateMgr->assign('source', Request::getUserVar('source')); $templateMgr->assign('showRemember', Config::getVar('general', 'session_lifetime') > 0); $templateMgr->assign('error', $reason === null ? 'user.login.loginError' : ($reason === '' ? 'user.login.accountDisabled' : 'user.login.accountDisabledWithReason')); $templateMgr->assign('reason', $reason); $templateMgr->display('user/login.tpl'); } }