forked from Business/AccountHub
Improve error handling "friendliness"
This commit is contained in:
parent
95c5d54b04
commit
1b334ff894
10
index.php
10
index.php
@ -15,7 +15,8 @@ if ($VARS['progress'] == "1") {
|
||||
if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) {
|
||||
$autherror = "";
|
||||
if (user_exists($VARS['username'])) {
|
||||
switch (get_account_status($VARS['username'])) {
|
||||
$status = get_account_status($VARS['username'], $error);
|
||||
switch ($status) {
|
||||
case "LOCKED_OR_DISABLED":
|
||||
$alert = lang("account locked", false);
|
||||
break;
|
||||
@ -32,6 +33,13 @@ if ($VARS['progress'] == "1") {
|
||||
sendLoginAlertEmail($VARS['username']);
|
||||
$userpass_ok = true;
|
||||
break;
|
||||
default:
|
||||
if (!is_empty($error)) {
|
||||
$alert = $error;
|
||||
break;
|
||||
}
|
||||
$alert = lang("login error", false);
|
||||
break;
|
||||
}
|
||||
if ($userpass_ok) {
|
||||
if (authenticate_user($VARS['username'], $VARS['password'], $autherror)) {
|
||||
|
@ -10,6 +10,7 @@ define("STRINGS", [
|
||||
"2fa incorrect" => "Authentication code incorrect.",
|
||||
"login incorrect" => "Login incorrect.",
|
||||
"login successful" => "Login successful.",
|
||||
"login error" => "There was a server problem. Try again later.",
|
||||
"account locked" => "This account has been disabled. Contact technical support.",
|
||||
"password expired" => "You must change your password before continuing.",
|
||||
"account terminated" => "Account terminated. Access denied.",
|
||||
|
@ -96,16 +96,16 @@ function authenticate_user($username, $password, &$errormsg) {
|
||||
return authenticate_user_ldap($username, $password, $errormsg) === TRUE;
|
||||
} else if ($loc == "LDAP_ONLY") {
|
||||
try {
|
||||
if (authenticate_user_ldap($username, $password) === TRUE) {
|
||||
if (authenticate_user_ldap($username, $password, $errormsg) === TRUE) {
|
||||
$user = $ldap->getRepository('user')->findOneByUsername($username);
|
||||
//var_dump($user);
|
||||
adduser($user->getUsername(), null, $user->getName(), ($user->hasEmailAddress() ? $user->getEmailAddress() : null), "", "", 2);
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
return false;
|
||||
} catch (Exception $e) {
|
||||
sendError("LDAP error: " . $e->getMessage());
|
||||
$errormsg = $e->getMessage();
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
return false;
|
||||
@ -134,7 +134,7 @@ function user_exists_local($username) {
|
||||
* @param string $password
|
||||
* @return string
|
||||
*/
|
||||
function get_account_status($username) {
|
||||
function get_account_status($username, &$error) {
|
||||
global $database;
|
||||
$username = strtolower($username);
|
||||
$loc = account_location($username);
|
||||
@ -153,7 +153,7 @@ function get_account_status($username) {
|
||||
)[0]['statuscode'];
|
||||
return $statuscode;
|
||||
} else if ($loc == "LDAP" || $loc == "LDAP_ONLY") {
|
||||
return get_account_status_ldap($username);
|
||||
return get_account_status_ldap($username, $error);
|
||||
} else {
|
||||
// account isn't setup properly
|
||||
return "OTHER";
|
||||
@ -268,7 +268,8 @@ function authenticate_user_ldap($username, $password, &$errormsg) {
|
||||
return $msg;
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
sendError("LDAP error: " . $e->getMessage());
|
||||
$errormsg = $e->getMessage();
|
||||
return $e->getMessage();
|
||||
}
|
||||
}
|
||||
|
||||
@ -296,7 +297,7 @@ function user_exists_ldap($username) {
|
||||
}
|
||||
}
|
||||
|
||||
function get_account_status_ldap($username) {
|
||||
function get_account_status_ldap($username, &$error) {
|
||||
global $ldap;
|
||||
try {
|
||||
$username = strtolower($username);
|
||||
@ -340,7 +341,8 @@ function get_account_status_ldap($username) {
|
||||
return "OTHER";
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
sendError("LDAP error: " . $e->getMessage());
|
||||
$error = $e->getMessage();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user