More phplib fun!
We’re using default_auth on our site and thanks to some help I managed to make phplib play nicely with our template system. That is, until my boss tested it and discovered that if you enter an incorrect username/password the phplib loginform appears. Look around line 174 of auth.inc for the culprit.
After I was almost finished a long email to the phplib list I figured out what to do. If the user types in an incorrect username/password then log them in as “nobody”!
The fix to do that took all of 5 seconds and is below:
Edit local.inc, look for
auth_validatelogin(), this is around line 146 of my local.inc, and modify those lines to look like the following:
if( $this->db->num_rows() )
$uid = $this->db->f(“uid”);
$this->auth["perm"] = $this->db->f(“perms”);
$this->auth["uname"] = $this->db->f(“username”);
// Log them in as “nobody”
$this->auth["perm"] = “”;
$this->auth["uid"] = “nobody”;
$uid = “nobody”;
When you try and login now with incorrect details the loginform will be printed again within the confines of your site templates and nobody will be the wiser as to the grief this caused you!
You might also like