update our login action for elgg 1.7; add needed username param to first time login forward

c88851e8 · Eric Rasmussen · e25636e9 · c88851e8
Commit c88851e8 authored 15 years ago by Eric Rasmussen
--- a/plugins/cas_auth_unl/actions/login.php
+++ b/plugins/cas_auth_unl/actions/login.php
 <?php
-	/**
+/**
-	 * Elgg UNL CAS authentication login action
+ * Elgg UNL CAS authentication login action
-	 * 
+ * 
-	 * @package cas_auth_unl
+ * @package cas_auth_unl
-	 * @license BSD http://www1.unl.edu/wdn/wiki/Software_License
+ * @license BSD http://www1.unl.edu/wdn/wiki/Software_License
-	 * @author University of Nebraska-Lincoln
+ * @author University of Nebraska-Lincoln
-	 * @copyright 2010 Regents of the University of Nebraska 
+ * @copyright 2010 Regents of the University of Nebraska 
-	 * @link http://www.unl.edu/
+ * @link http://www.unl.edu/
-	 * 
+ * 
-	 * Builds upon the original login action at elgg/actions/login.php by Curverider Ltd
+ * Builds upon the original login action at elgg/actions/login.php by Curverider Ltd
-	 * 
+ * 
-	 */
+ */
-	// Safety first
+// Get $_GET inputs 
-		action_gatekeeper();
+$username = get_input('username');
+$password = get_input("password");
-    // Get $_GET inputs
+$persistent = get_input("persistent", false);
+$usecas = get_input('usecas'); 
-        $username = get_input('username');
+//this is available once they have given their email
-        $password = get_input("password");
+$email = get_input('email');
-        $persistent = get_input("persistent", false);
+//look for view=mobile
-        $usecas = get_input('usecas'); 
+$view = get_input('view');
-        //this is available once they have given their email
-        $email = get_input('email');
-        //look for view=mobile
-        $view = get_input('view');
-    // 1. Do the regular elgg login if username and password are set 
-    	$result = false;          
-        if (!empty($username) && !empty($password)) {
-        	if ($user = authenticate($username,$password)) {
-        		$result = login($user, $persistent);
-        	}
-        }
-    // 2. Otherwise try CAS if that button was clicked
+// 1. Do the regular elgg login if username and password are set 
-        if ($usecas == 'yes') {
+$result = false;          
-			$casObject = new elggSimpleCas();
+if (!empty($username) && !empty($password)) {
-			if (!$casObject->checkCas()) {
+  	if ($user = authenticate($username,$password)) {
-				global $CONFIG;
+   		$result = login($user, $persistent);
-				$ts = time();
+   	}
-				$token = generate_action_token($ts); 
+}
-		        SimpleCAS::setURL($CONFIG->url.'action/login?usecas=yes&__elgg_ts='.$ts.'&__elgg_token='.$token.'&view='.$view);
-        		$casObject->forceCas();
-			} else {
-				$cas_user = $casObject->getUserCas(); 
-				if ($user = $casObject->casAuthenticate($cas_user,$email,$view)) {
-					$result = login($user);
-					if ($result)
-						$_SESSION['loggedInWithCas'] = true;
-				} 
-			}
-    	} 
-    // Set the system_message as appropriate
+// 2. Otherwise try CAS if that button was clicked
+if ($usecas == 'yes') {
-        if ($result) {
+	$casObject = new elggSimpleCas();
-            system_message(elgg_echo('loginok'));
+	if (!$casObject->checkCas()) {
-            if ($_SESSION['last_forward_from'])
+		global $CONFIG;
-            {
+		$ts = time();
-            	$forward_url = $_SESSION['last_forward_from'];
+		$token = generate_action_token($ts); 
-            	$_SESSION['last_forward_from'] = "";
+        SimpleCAS::setURL($CONFIG->url.'action/login?usecas=yes&__elgg_ts='.$ts.'&__elgg_token='.$token.'&view='.$view);
-            	forward($forward_url);
+   		$casObject->forceCas();
-            }
+	} else {
-            else
+		$cas_user = $casObject->getUserCas(); 
-            {
+		if ($user = $casObject->casAuthenticate($cas_user,$email,$view)) {
-            	if (
+			$result = login($user);
-            		(isadminloggedin()) &&
+			if ($result)
-            		(!datalist_get('first_admin_login'))
+				$_SESSION['loggedInWithCas'] = true;
-            	) 
+		} 
-            	{
+	}
-            		system_message(elgg_echo('firstadminlogininstructions'));
+}
-            		datalist_set('first_admin_login', time());
+// Set the system_message as appropriate
+if ($result) {
-            		forward('pg/admin/plugins');
+    system_message(elgg_echo('loginok'));
-            	} else	{ 
+    if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
-            		$lastlogin_date = $_SESSION['user']->last_login;
+        $forward_url = $_SESSION['last_forward_from'];
-            		if (!$lastlogin_date && $view != 'mobile')
+        unset($_SESSION['last_forward_from']);
-            			forward("mod/profile/edit.php?firstlogin=yes");
+        forward($forward_url);
-            		else
+    } else {
-            			forward("pg/dashboard/");
+        if ( (isadminloggedin()) && (!datalist_get('first_admin_login'))) {
-            	}
+            system_message(elgg_echo('firstadminlogininstructions'));
+            datalist_set('first_admin_login', time());
+            forward('pg/admin/plugins');
+        } else if ($_SESSION['user']->last_login == '0' && $view != 'mobile') {
+            forward('mod/profile/edit.php?username='.$_SESSION['username'].'&firstlogin=yes');
+        } else if (get_input('returntoreferer')) {
+            forward($_SERVER['HTTP_REFERER']);
+        } else {
+            forward('pg/dashboard/');
+        }
+    }
+} else {
+    $error_msg = elgg_echo('loginerror');
+    // figure out why the login failed
+    if (!empty($username) && !empty($password)) {
+        // See if it exists and is disabled
+        $access_status = access_get_show_hidden_status();
+        access_show_hidden_entities(true);
+        if (($user = get_user_by_username($username)) && !$user->validated) {
+            // give plugins a chance to respond
+            if (!trigger_plugin_hook('unvalidated_login_attempt','user',array('entity'=>$user))) {
+                // if plugins have not registered an action, the default action is to
+                // trigger the validation event again and assume that the validation
+                // event will display an appropriate message
+                trigger_elgg_event('validate', 'user', $user);
            }
        } else {
-        	$error_msg = elgg_echo('loginerror');
+            register_error(elgg_echo('loginerror'));
-        	// figure out why the login failed
-        	if (!empty($username) && !empty($password)) {
-        		// See if it exists and is disabled
-				$access_status = access_get_show_hidden_status();
-				access_show_hidden_entities(true);
-        		if (($user = get_user_by_username($username)) && !$user->validated) {
-        			// give plugins a chance to respond
-        			if (!trigger_plugin_hook('unvalidated_login_attempt','user',array('entity'=>$user))) {
-        				// if plugins have not registered an action, the default action is to
-        				// trigger the validation event again and assume that the validation
-        				// event will display an appropriate message
-						trigger_elgg_event('validate', 'user', $user);
-        			}
-        		} else {
-        			 register_error(elgg_echo('loginerror'));
-        		}
-        		access_show_hidden_entities($access_status);
-        	} else {
-            	register_error(elgg_echo('loginerror'));
-        	}
        }
+        access_show_hidden_entities($access_status);
-?>
+    } else {
\ No newline at end of file
+        register_error(elgg_echo('loginerror'));
+    }
+}