Better login error messages, merge manage.php into userinfo.php

2017-05-06 23:22:07 -06:00 · 2017-05-06 23:22:07 -06:00 · 52c50ee615
commit 52c50ee615
parent 4d4ac5db3a
6 changed files with 49 additions and 33 deletions
--- a/action.php
+++ b/action.php
@ -6,7 +6,6 @@
 require_once __DIR__ . "/required.php";
 require_once __DIR__ . "/lib/login.php";
 require_once __DIR__ . "/lib/userinfo.php";
-require_once __DIR__ . "/lib/manage.php";


 dieifnotloggedin();
--- a/index.php
+++ b/index.php
@ -14,7 +14,8 @@ $multiauth = false;
 if (checkLoginServer()) {
    if ($VARS['progress'] == "1") {
        if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) {
-            if (authenticate_user($VARS['username'], $VARS['password'])) {
+            $errmsg = "";
+            if (authenticate_user($VARS['username'], $VARS['password'], $errmsg)) {
                switch (get_account_status($VARS['username'])) {
                    case "LOCKED_OR_DISABLED":
                        $alert = lang("account locked", false);
@ -42,9 +43,13 @@ if (checkLoginServer()) {
                        die("Logged in, go to app.php");
                    }
                }
+            } else {
+                if (!is_empty($errmsg)) {
+                    $alert = lang2("login server error", ['arg' => $errmsg], false);
                } else {
                    $alert = lang("login incorrect", false);
                }
+            }
        } else {
            $alert = lang("captcha error", false);
        }
@ -73,7 +78,7 @@ if (checkLoginServer()) {
    <head>
        <meta charset="UTF-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
-        <meta name="viewport" contgreent="width=device-width, initial-scale=1">
+        <meta name="viewport" content="width=device-width, initial-scale=1">

        <title><?php echo SITE_TITLE; ?></title>

--- a/lib/gettaskman.php
+++ b/lib/gettaskman.php
@ -4,7 +4,6 @@ require_once __DIR__ . "/../required.php";
 redirectifnotloggedin();

 require_once __DIR__ . "/userinfo.php";
-require_once __DIR__ . "/manage.php";

 $managed_uids = getManagedUIDs($_SESSION['uid']);

--- a/lib/login.php
+++ b/lib/login.php
@ -45,7 +45,7 @@ function checkLoginServer() {
 * @param string $password
 * @return boolean True if OK, else false
 */
-function authenticate_user($username, $password) {
+function authenticate_user($username, $password, &$errmsg) {
    $client = new GuzzleHttp\Client();

    $response = $client
@ -66,6 +66,7 @@ function authenticate_user($username, $password) {
    if ($resp['status'] == "OK") {
        return true;
    } else {
+        $errmsg = $resp['msg'];
        return false;
    }
 }
@ -188,7 +189,6 @@ function doLoginUser($username) {
        $_SESSION['uid'] = $userinfo['uid'];
        $_SESSION['email'] = $userinfo['email'];
        $_SESSION['realname'] = $userinfo['name'];
-        $_SESSION['password'] = $password;
        $_SESSION['loggedin'] = true;
        return true;
    } else {
--- a/lib/manage.php
+++ b/lib/manage.php
@ -1,25 +0,0 @@
-<?php
-
-function getManagedUIDs($manageruid) {
-    $client = new GuzzleHttp\Client();
-
-    $response = $client
-            ->request('POST', PORTAL_API, [
-        'form_params' => [
-            'key' => PORTAL_KEY,
-            'action' => "getmanaged",
-            'uid' => $manageruid
-        ]
-    ]);
-
-    if ($response->getStatusCode() > 299) {
-        sendError("Login server error: " . $response->getBody());
-    }
-
-    $resp = json_decode($response->getBody(), TRUE);
-    if ($resp['status'] == "OK") {
-        return $resp['employees'];
-    } else {
-        return [];
-    }
-}
--- a/lib/userinfo.php
+++ b/lib/userinfo.php
@ -1,5 +1,9 @@
 <?php
-
+/**
+ * Get user info for the given username.
+ * @param int $u username
+ * @return [string] Array of [uid, username, name]
+ */
 function getUserByUsername($u) {
    $client = new GuzzleHttp\Client();

@ -25,6 +29,11 @@ function getUserByUsername($u) {
    }
 }

+/**
+ * Get user info for the given UID.
+ * @param int $u user ID
+ * @return [string] Array of [uid, username, name]
+ */
 function getUserByID($u) {
    $client = new GuzzleHttp\Client();

@ -82,3 +91,32 @@ function isManagerOf($m, $e) {
        return ["name" => $u, "username" => $u, "uid" => $u];
    }
 }
+
+/**
+ * Get an array of UIDs the given UID is a manager of.
+ * @param int $manageruid The UID of the manager to find employees for.
+ * @return [int]
+ */
+function getManagedUIDs($manageruid) {
+    $client = new GuzzleHttp\Client();
+
+    $response = $client
+            ->request('POST', PORTAL_API, [
+        'form_params' => [
+            'key' => PORTAL_KEY,
+            'action' => "getmanaged",
+            'uid' => $manageruid
+        ]
+    ]);
+
+    if ($response->getStatusCode() > 299) {
+        sendError("Login server error: " . $response->getBody());
+    }
+
+    $resp = json_decode($response->getBody(), TRUE);
+    if ($resp['status'] == "OK") {
+        return $resp['employees'];
+    } else {
+        return [];
+    }
+}