public function do_login() { $ip = Loader::helper('validation/ip'); $vs = Loader::helper('validation/strings'); $loginData['success'] = 0; try { if (!$ip->check()) { throw new Exception($ip->getErrorMessage()); } if (OpenIDAuth::isEnabled() && $vs->notempty($this->post('uOpenID'))) { $oa = new OpenIDAuth(); $oa->setReturnURL($this->openIDReturnTo); $return = $oa->request($this->post('uOpenID')); $resp = $oa->getResponse(); if ($resp->code == OpenIDAuth::E_INVALID_OPENID) { throw new Exception(t('Invalid OpenID.')); } } if (!$vs->notempty($this->post('uName')) || !$vs->notempty($this->post('uPassword'))) { if (USER_REGISTRATION_WITH_EMAIL_ADDRESS) { throw new Exception(t('An email address and password are required.')); } else { throw new Exception(t('A username and password are required.')); } } $u = new User($this->post('uName'), $this->post('uPassword')); if ($u->isError()) { switch ($u->getError()) { case USER_NON_VALIDATED: throw new Exception(t('This account has not yet been validated. Please check the email associated with this account and follow the link it contains.')); break; case USER_INVALID: if (USER_REGISTRATION_WITH_EMAIL_ADDRESS) { throw new Exception(t('Invalid email address or password.')); } else { throw new Exception(t('Invalid username or password.')); } break; case USER_INACTIVE: throw new Exception(t('This user is inactive. Please contact us regarding this account.')); break; } } else { if (OpenIDAuth::isEnabled() && $_SESSION['uOpenIDExistingUser'] > 0) { $oa = new OpenIDAuth(); if ($_SESSION['uOpenIDExistingUser'] == $u->getUserID()) { // the account we logged in with is the same as the existing user from the open id. that means // we link the account to open id and keep the user logged in. $oa->linkUser($_SESSION['uOpenIDRequested'], $u); } else { // The user HAS logged in. But the account they logged into is NOT the same as the one // that links to their OpenID. So we log them out and tell them so. $u->logout(); throw new Exception(t('This account does not match the email address provided.')); } } $loginData['success'] = 1; $loginData['msg'] = t('Login Successful'); $loginData['uID'] = intval($u->getUserID()); } $loginData = $this->finishLogin($loginData); } catch (Exception $e) { $ip->logSignupRequest(); if ($ip->signupRequestThreshholdReached()) { $ip->createIPBan(); } $this->error->add($e); $loginData['error'] = $e->getMessage(); } if ($_REQUEST['format'] == 'JSON') { $jsonHelper = Loader::helper('json'); echo $jsonHelper->encode($loginData); die; } }