Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x

[quix0rs-gnu-social.git] / lib / util.php

diff --git a/lib/util.php b/lib/util.php
index 46aa7f90121f0edfc258e312ae48cf364ab1b3bf..65bc6544daf6d63ed85de10d3ad9ffb5dbc75e24 100644 (file)
--- a/lib/util.php
+++ b/lib/util.php
@@ -57,12 +57,11 @@ function common_init_language()
     // we can set in another locale that may not be set up
     // (say, ga_ES for Galego/Galician) it seems to take it.
     common_init_locale("en_US");
-    
+
     $language = common_language();
     $locale_set = common_init_locale($language);
     setlocale(LC_CTYPE, 'C');
-    
-    // So we don't have to make people install the gettext locales
+    // So we do not have to make people install the gettext locales
     $path = common_config('site','locale_path');
     bindtextdomain("statusnet", $path);
     bind_textdomain_codeset("statusnet", "UTF-8");
@@ -119,22 +118,41 @@ function common_munge_password($password, $id)
 // check if a username exists and has matching password
 function common_check_user($nickname, $password)
 {
-    // NEVER allow blank passwords, even if they match the DB
-    if (mb_strlen($password) == 0) {
-        return false;
-    }
+    $authenticated = false;
+    $eventResult = Event::handle('CheckPassword', array($nickname, $password, &$authenticated));
     $user = User::staticGet('nickname', $nickname);
     if (is_null($user) || $user === false) {
-        return false;
+        //user does not exist
+        if($authenticated){
+            //a handler said these are valid credentials, so see if a plugin wants to auto register the user
+            if(Event::handle('AutoRegister', array($nickname))){
+                //no handler registered the user
+                return false;
+            }else{
+                $user = User::staticGet('nickname', $nickname);
+                if (is_null($user) || $user === false) {
+                    common_log(LOG_WARNING, "A plugin handled the AutoRegister event, but did not actually register the user, nickname: $nickname");
+                    return false;
+                }else{
+                    return $user;
+                }
+            }
+        }else{
+            //no handler indicated the credentials were valid, and we know their not valid because the user isn't in the database
+            return false;
+        }
     } else {
-        $authenticated = false;
-        Event::handle('CheckPassword', array($nickname, $password, &$authenticated));
-        if(! $authenticated){
-            //no handler asserted the user, so check ourselves
-            if (0 == strcmp(common_munge_password($password, $user->id),
-                            $user->password)) {
-                //internal checking passed
-                $authenticated = true;
+        if($eventResult && ! $authenticated){
+            //no handler was authoritative
+            if (mb_strlen($password) == 0) {
+                // NEVER allow blank passwords, even if they match the DB
+                return false;
+            }else{
+                if (0 == strcmp(common_munge_password($password, $user->id),
+                                $user->password)) {
+                    //internal checking passed
+                    $authenticated = true;
+                }
             }
         }
         if($authenticated){
@@ -1093,7 +1111,11 @@ function common_log_objstring(&$object)
     $arr = $object->toArray();
     $fields = array();
     foreach ($arr as $k => $v) {
-        $fields[] = "$k='$v'";
+        if (is_object($v)) {
+            $fields[] = "$k='".get_class($v)."'";
+        } else {
+            $fields[] = "$k='$v'";
+        }
     }
     $objstring = $object->tableName() . '[' . implode(',', $fields) . ']';
     return $objstring;