-
Notifications
You must be signed in to change notification settings - Fork 11
/
phpBBUserValidation.php
64 lines (53 loc) · 1.74 KB
/
phpBBUserValidation.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<?php
namespace nill\forum;
/**
* Validation class
* @version 0.1
*/
class phpBBUserValidation extends \phpbb\auth\provider\base {
/**
* Database Authentication Constructor
*
* @param phpbb_db_driver $db
*/
public function __construct(\phpbb\db\driver\driver_interface $db) {
$this->db = $db;
}
/**
* {@inheritdoc}
*/
public function login($username, $password) {
// Auth plugins get the password untrimmed.
// For compatibility we trim() here.
$password = trim($password);
// do not allow empty password
if (!$password) {
return array(
'status' => LOGIN_ERROR_PASSWORD,
'error_msg' => 'NO_PASSWORD_SUPPLIED',
'user_row' => array('user_id' => ANONYMOUS),
);
}
if (!$username) {
return array(
'status' => LOGIN_ERROR_USERNAME,
'error_msg' => 'LOGIN_ERROR_USERNAME',
'user_row' => array('user_id' => ANONYMOUS),
);
}
//$username_clean = utf8_clean_string($username);
$username_clean = $username;
$sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, user_login_attempts
FROM ' . USERS_TABLE . "
WHERE username_clean = '" . $this->db->sql_escape($username_clean) . "'";
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
// Successful login... set user_login_attempts to zero...
return array(
'status' => LOGIN_SUCCESS,
'error_msg' => false,
'user_row' => $row,
);
}
}