$run = true;
OC_Hook::emit( "OC_User", "pre_login", array( "run" => &$run, "uid" => $uid ));
- if( $run && self::checkPassword( $uid, $password )){
- $_SESSION['user_id'] = $uid;
- OC_Crypt::init($uid,$password);
- OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid ));
- return true;
- }
- else{
+ if( $run ){
+ $uid=self::checkPassword( $uid, $password );
+ if($uid){
+ $_SESSION['user_id'] = $uid;
+ OC_Crypt::init($uid,$password);
+ OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid ));
+ return true;
+ }else{
+ return false;
+ }
+ }else{
return false;
}
}
foreach(self::$_usedBackends as $backend){
if($backend->implementsActions(OC_USER_BACKEND_CHECK_PASSWORD)){
$result=$backend->checkPassword( $uid, $password );
- if($result===true){
- return true;
+ if($result){
+ return $result;
}
}
}
* Check if the password is correct without logging in the user
*/
public function checkPassword( $uid, $password ){
- $query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid = ? AND password = ?" );
+ $query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid LIKE ? AND password = ?" );
$result = $query->execute( array( $uid, sha1( $password )));
if( $result->numRows() > 0 ){
- return true;
- }
- else{
+ $row=$result->fetchRow();
+ return $row['uid'];
+ }else{
return false;
}
}