Elgg  Version 3.0
login.php
Go to the documentation of this file.
1 <?php
6 /* @var $request \Elgg\Request */
7 
8 $username = get_input('username');
9 $password = get_input('password', null, false);
10 $persistent = (bool) get_input("persistent");
11 $result = false;
12 
13 if (empty($username) || empty($password)) {
15 }
16 
17 // check if logging in with email address
18 if (strpos($username, '@') !== false && ($users = get_user_by_email($username))) {
19  $username = $users[0]->username;
20 }
21 
23 
24 try {
26  if ($result !== true) {
27  // was due to missing hash?
28  if ($user && !$user->password_hash) {
29  // if we did this in pam_auth_userpass(), visitors could sniff account usernames from
30  // email addresses. Instead, this lets us give the visitor only the information
31  // they provided.
32  elgg_get_session()->set('forgotpassword:hash_missing', get_input('username'));
33  $output = [
34  'forward' => elgg_generate_url('account:password:reset'),
35  ];
36  return elgg_ok_response($output, '', elgg_generate_url('account:password:reset'));
37  }
38 
39  throw new LoginException($result);
40  }
41 
42  if (!$user) {
43  throw new LoginException(elgg_echo('login:baduser'));
44  }
45 
47 } catch (LoginException $e) {
48  return elgg_error_response($e->getMessage(), REFERRER, ELGG_HTTP_UNAUTHORIZED);
49 }
50 
51 if ($request->isXhr()) {
52  // Hold the system messages until the client refreshes the page.
53  $request->setParam('elgg_fetch_messages', 0);
54 }
55 
57  'user' => $user,
58 ];
59 $message = elgg_echo('loginok', [], $user->getLanguage(get_current_language()));
61 
_elgg_get_login_forward_url(\Elgg\Request $request,\ElggUser $user)
Determine which URL the user should be forwarded to upon successful login.
Definition: sessions.php:345
if(empty($username)||empty($password)) if(strpos($username, '@')!==false &&($users=get_user_by_email($username))) $user
Definition: login.php:22
get_user_by_email($email)
Get an array of users from an email address.
Definition: users.php:83
get_current_language()
Get the current system/user language or "en".
Definition: languages.php:47
$request
Page handler for autocomplete endpoint.
Definition: livesearch.php:9
elgg_get_session()
Gets Elgg&#39;s session object.
Definition: sessions.php:20
const ELGG_HTTP_UNAUTHORIZED
Definition: constants.php:80
catch(LoginException $e) if($request->isXhr()) $output
Definition: login.php:56
elgg_echo($message_key, array $args=[], $language="")
Given a message key, returns an appropriately translated full-text string.
Definition: languages.php:21
get_user_by_username($username)
Get user by username.
Definition: users.php:61
$persistent
Definition: login.php:10
const REFERRER
Definition: constants.php:42
$username
Elgg login action.
Definition: login.php:8
$result
Definition: login.php:11
get_input($variable, $default=null, $filter_result=true)
Get some input from variables passed submitted through GET or POST.
Definition: input.php:27
elgg_error_response($error= '', $forward_url=REFERRER, $status_code=ELGG_HTTP_OK)
Prepare an error response to be returned by a page or an action handler.
elgg_generate_url($name, array $parameters=[])
Generate a URL for named route.
Definition: pagehandler.php:58
$password
Definition: login.php:9
elgg_ok_response($content= '', $message= '', $forward_url=null, $status_code=ELGG_HTTP_OK)
Prepares a successful response to be returned by a page or an action handler.
const ELGG_HTTP_BAD_REQUEST
Definition: constants.php:79
elgg_authenticate($username, $password)
Perform user authentication with a given username and password.
Definition: sessions.php:98
$forward_url
Definition: login.php:60
login(\ElggUser $user, $persistent=false)
Logs in a specified .
Definition: sessions.php:273
catch(LoginException $e) if($request->isXhr()) $message
Definition: login.php:59