/** * Executes index action * * @param sfRequest $request A request object */ public function executeLogin(sfWebRequest $request) { // In theory, an authenticated user shouldn't request this action. // But there could be a problem with the forum integration: a user could be logged in // on Plancake but logged out on the forum so it is better to be easy and don't // uncomment the following PcUtils::redirectLoggedInUser($this->getUser(), $this); $this->form = new LoginForm(array('return-url' => $request->getParameter('return-url'))); if ($request->isMethod('post')) { $this->form->bind($request->getParameter('login')); if ($this->form->isValid()) { $fields = $request->getParameter('login'); if ($user = PcUserPeer::isCorrectAuthentication($fields['email'], $fields['password'])) { // WOW : correct authentication... // ...but we still need to check whether the user is awaiting activation if ($user->getAwaitingActivation()) { PcWatchdog::alert('Still awaiting activation', 'For the user ' . $user->getId()); $this->forward('customAuth', 'stillAwaitingActivation'); } if ($user->getBlocked()) { $this->forward('customAuth', 'accountBlocked'); } $loginSuccess = CustomAuth::login($this->getUser(), $user, isset($fields['rememberme'])); if ($loginSuccess) { if (isset($fields['return-url']) && strlen($fields['return-url']) > 0) { $this->redirect($fields['return-url']); } else { PcUtils::redirectToApp($this); } } else { $this->getUser()->setFlash('login_wrong_auth', __('WEBSITE_LOGIN_ACCOUNT_LOCKED_ERROR')); } } else { $registrationLink = sfContext::getInstance()->getController()->genUrl('@registration'); $passwordForgottenLink = sfContext::getInstance()->getController()->genUrl('@forgotten-password'); if (!PcUserPeer::emailExist($fields['email'])) { $this->getUser()->setFlash('login_wrong_auth', sprintf(__('WEBSITE_LOGIN_EMAIL_NOT_REGISTERED_ERROR'), $registrationLink)); } else { if ($isAttack = CustomAuth::checkAgainstBruteForceAttack($fields['email'])) { $this->getUser()->setFlash('login_wrong_auth', __('WEBSITE_LOGIN_ACCOUNT_LOCKED_ERROR')); } else { $this->getUser()->setFlash('login_wrong_auth', sprintf(__('WEBSITE_LOGIN_DETAILS_ERROR'), $passwordForgottenLink)); } } } } } }