Business/AccountHub
2
0
Fork 2
Code Issues 3 Pull Requests Releases 3 Wiki Activity

Improve error handling "friendliness"

Browse Source
This commit is contained in:
Skylar Ittner 2017-05-07 13:02:18 -06:00
parent 95c5d54b04
commit 1b334ff894
3 changed files with 21 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
index.php
View File

@ -15,7 +15,8 @@ if ($VARS['progress'] == "1") {
if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) { if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) {
$autherror = ""; $autherror = "";
if (user_exists($VARS['username'])) { if (user_exists($VARS['username'])) {
switch (get_account_status($VARS['username'])) { $status = get_account_status($VARS['username'], $error);
switch ($status) {
case "LOCKED_OR_DISABLED": case "LOCKED_OR_DISABLED":
$alert = lang("account locked", false); $alert = lang("account locked", false);
break; break;
@ -32,6 +33,13 @@ if ($VARS['progress'] == "1") {
sendLoginAlertEmail($VARS['username']); sendLoginAlertEmail($VARS['username']);
$userpass_ok = true; $userpass_ok = true;
break; break;
default:
if (!is_empty($error)) {
$alert = $error;
break;
}
$alert = lang("login error", false);
break;
} }
if ($userpass_ok) { if ($userpass_ok) {
if (authenticate_user($VARS['username'], $VARS['password'], $autherror)) { if (authenticate_user($VARS['username'], $VARS['password'], $autherror)) {

1
lang/en_us.php
View File

@ -10,6 +10,7 @@ define("STRINGS", [
"2fa incorrect" => "Authentication code incorrect.", "2fa incorrect" => "Authentication code incorrect.",
"login incorrect" => "Login incorrect.", "login incorrect" => "Login incorrect.",
"login successful" => "Login successful.", "login successful" => "Login successful.",
"login error" => "There was a server problem. Try again later.",
"account locked" => "This account has been disabled. Contact technical support.", "account locked" => "This account has been disabled. Contact technical support.",
"password expired" => "You must change your password before continuing.", "password expired" => "You must change your password before continuing.",
"account terminated" => "Account terminated. Access denied.", "account terminated" => "Account terminated. Access denied.",

20
lib/login.php
View File

@ -96,16 +96,16 @@ function authenticate_user($username, $password, &$errormsg) {
return authenticate_user_ldap($username, $password, $errormsg) === TRUE; return authenticate_user_ldap($username, $password, $errormsg) === TRUE;
} else if ($loc == "LDAP_ONLY") { } else if ($loc == "LDAP_ONLY") {
try { try {
if (authenticate_user_ldap($username, $password) === TRUE) { if (authenticate_user_ldap($username, $password, $errormsg) === TRUE) {
$user = $ldap->getRepository('user')->findOneByUsername($username); $user = $ldap->getRepository('user')->findOneByUsername($username);
//var_dump($user); //var_dump($user);
adduser($user->getUsername(), null, $user->getName(), ($user->hasEmailAddress() ? $user->getEmailAddress() : null), "", "", 2); adduser($user->getUsername(), null, $user->getName(), ($user->hasEmailAddress() ? $user->getEmailAddress() : null), "", "", 2);
return true; return true;
} else {
return false;
} }
return false;
} catch (Exception $e) { } catch (Exception $e) {
sendError("LDAP error: " . $e->getMessage()); $errormsg = $e->getMessage();
return false;
} }
} else { } else {
return false; return false;
@ -134,7 +134,7 @@ function user_exists_local($username) {
* @param string $password * @param string $password
* @return string * @return string
*/ */
function get_account_status($username) { function get_account_status($username, &$error) {
global $database; global $database;
$username = strtolower($username); $username = strtolower($username);
$loc = account_location($username); $loc = account_location($username);
@ -153,7 +153,7 @@ function get_account_status($username) {
)[0]['statuscode']; )[0]['statuscode'];
return $statuscode; return $statuscode;
} else if ($loc == "LDAP" || $loc == "LDAP_ONLY") { } else if ($loc == "LDAP" || $loc == "LDAP_ONLY") {
return get_account_status_ldap($username); return get_account_status_ldap($username, $error);
} else { } else {
// account isn't setup properly // account isn't setup properly
return "OTHER"; return "OTHER";
@ -268,7 +268,8 @@ function authenticate_user_ldap($username, $password, &$errormsg) {
return $msg; return $msg;
} }
} catch (Exception $e) { } catch (Exception $e) {
sendError("LDAP error: " . $e->getMessage()); $errormsg = $e->getMessage();
return $e->getMessage();
} }
} }
@ -296,7 +297,7 @@ function user_exists_ldap($username) {
} }
} }
function get_account_status_ldap($username) { function get_account_status_ldap($username, &$error) {
global $ldap; global $ldap;
try { try {
$username = strtolower($username); $username = strtolower($username);
@ -340,7 +341,8 @@ function get_account_status_ldap($username) {
return "OTHER"; return "OTHER";
} }
} catch (Exception $e) { } catch (Exception $e) {
sendError("LDAP error: " . $e->getMessage()); $error = $e->getMessage();
return false;
} }
} }