We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit e55ebbc1 authored by Mike Sheldon's avatar Mike Sheldon

Give a more specific message when a user tries to login with an account that hasn't been activated.

parent 0b526683
......@@ -41,10 +41,12 @@ if(isset($_POST['login'])) {
if(empty($errors)) {
try {
$sql = 'SELECT uniqueid FROM Users WHERE '
$sql = 'SELECT uniqueid, active FROM Users WHERE '
. ' lower(username) = ' . $adodb->qstr(strtolower($username))
. ' AND password = ' . $adodb->qstr(md5($password)) . ' AND active = 1';
$userid = $adodb->GetOne($sql);
. ' AND password = ' . $adodb->qstr(md5($password));
$row = $adodb->GetRow($sql);
$userid = $row['uniqueid'];
$active = $row['active'];
}
catch (exception $e) {
$errors .= 'A database error happened.';
......@@ -52,6 +54,9 @@ if(isset($_POST['login'])) {
if(!$userid) {
$errors .= 'Invalid username or password. Would you like to <a href="' . $base_url . '/reset.php">recover your password?</a>';
$smarty->assign('invalid', true);
} elseif (!$active) {
$errors .= 'This account hasn\'t been activated. Please follow the link in the e-mail you received when you signed up to activate your account.</a>';
$smarty->assign('invalid', true);
} else {
// Give the user a session id, like any other client
$session_id = md5(md5($password) . time());
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment