Mercurial > hg > fapweb
changeset 315:100d9f7f9dde
Implement bits of user login checking.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Wed, 27 Nov 2013 03:45:18 +0200 |
parents | 50527339b615 |
children | 54dfab6ba12c |
files | usrlogin.php |
diffstat | 1 files changed, 17 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/usrlogin.php Wed Nov 27 03:16:36 2013 +0200 +++ b/usrlogin.php Wed Nov 27 03:45:18 2013 +0200 @@ -34,21 +34,29 @@ switch (stGetSetting("voteKeyMode")) { case VOTE_ACTIVATE: + if ($key["active"] == 0) + $error = 3; break; case VOTE_ASSIGN: + $sql = stPrepareSQL("SELECT id FROM attendees WHERE key_id=%d", $key["id"]); + if (stFetchSQL($sql) === false) + $error = 3; break; } - if (!stSessionStart(SESS_USER, $password, "userTimeout")) + if ($error == 0) { - error_log("User session AUTH LOGIN failed (session setup)"); - $error = 2; - } - else - { - stSetSessionItem("key_id", $key["id"]); - stSetSessionItem("mode", stGetRequestItem("mode", "error")); + if (!stSessionStart(SESS_USER, $password, "userTimeout")) + { + error_log("User session AUTH LOGIN failed (session setup)"); + $error = 2; + } + else + { + stSetSessionItem("key_id", $key["id"]); + stSetSessionItem("mode", stGetRequestItem("mode", "error")); + } } } else @@ -62,4 +70,5 @@ header("Location: ". ($nextPage !== FALSE ? $nextPage : stGetSetting("defaultPage")). ($error ? "?error=".$error : ""); + ?> \ No newline at end of file