X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FLogin.php;h=7a3b6ae45775c82e0be800ece1937ceaf953822c;hb=b176cb88f2eb0ef246e1e0772bf06dabe3a7a3b3;hp=541b79885f9712e0d45c5efa38aae2336c54efc8;hpb=91facd2d0a2869e2c26a5943d8afe1849d3891f8;p=friendica.git

diff --git a/src/Module/Login.php b/src/Module/Login.php
index 541b79885f..7a3b6ae457 100644
--- a/src/Module/Login.php
+++ b/src/Module/Login.php
@@ -6,22 +6,21 @@ namespace Friendica\Module;
 
 use Exception;
 use Friendica\BaseModule;
-use Friendica\Core\Addon;
 use Friendica\Core\Authentication;
 use Friendica\Core\Config;
+use Friendica\Core\Hook;
 use Friendica\Core\L10n;
 use Friendica\Core\Logger;
 use Friendica\Core\Renderer;
+use Friendica\Core\Session;
 use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Model\User;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Network;
+use Friendica\Util\Strings;
 use LightOpenID;
 
-require_once 'boot.php';
-require_once 'include/text.php';
-
 /**
  * Login module
  *
@@ -33,11 +32,11 @@ class Login extends BaseModule
 	{
 		$a = self::getApp();
 
-		if (x($_SESSION, 'theme')) {
+		if (!empty($_SESSION['theme'])) {
 			unset($_SESSION['theme']);
 		}
 
-		if (x($_SESSION, 'mobile-theme')) {
+		if (!empty($_SESSION['mobile-theme'])) {
 			unset($_SESSION['mobile-theme']);
 		}
 
@@ -45,15 +44,15 @@ class Login extends BaseModule
 			$a->internalRedirect();
 		}
 
-		return self::form($_SESSION['return_path'], intval(Config::get('config', 'register_policy')) !== REGISTER_CLOSED);
+		return self::form(defaults($_SESSION, 'return_path', null), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
 	}
 
 	public static function post()
 	{
-		$return_path = $_SESSION['return_path'];
+		$return_path = defaults($_SESSION, 'return_path', '');
 		session_unset();
 		$_SESSION['return_path'] = $return_path;
-		
+
 		// OpenId Login
 		if (
 			empty($_POST['password'])
@@ -67,7 +66,7 @@ class Login extends BaseModule
 			self::openIdAuthentication($openid_url, !empty($_POST['remember']));
 		}
 
-		if (x($_POST, 'auth-params') && $_POST['auth-params'] === 'login') {
+		if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
 			self::passwordAuthentication(
 				trim($_POST['username']),
 				trim($_POST['password']),
@@ -81,6 +80,7 @@ class Login extends BaseModule
 	 *
 	 * @param string $openid_url OpenID URL string
 	 * @param bool   $remember   Whether to set the session remember flag
+	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 */
 	private static function openIdAuthentication($openid_url, $remember)
 	{
@@ -114,6 +114,7 @@ class Login extends BaseModule
 	 * @param string $username User name
 	 * @param string $password Clear password
 	 * @param bool   $remember Whether to set the session remember flag
+	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 */
 	private static function passwordAuthentication($username, $password, $remember)
 	{
@@ -133,7 +134,7 @@ class Login extends BaseModule
 		 * Addons should never set 'authenticated' except to indicate success - as hooks may be chained
 		 * and later addons should not interfere with an earlier one that succeeded.
 		 */
-		Addon::callHooks('authenticate', $addon_auth);
+		Hook::callAll('authenticate', $addon_auth);
 
 		try {
 			if ($addon_auth['authenticated']) {
@@ -148,7 +149,7 @@ class Login extends BaseModule
 				);
 			}
 		} catch (Exception $e) {
-			Logger::log('authenticate: failed login attempt: ' . notags($username) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
+			Logger::warning('authenticate: failed login attempt', ['action' => 'login', 'username' => Strings::escapeTags($username), 'ip' => $_SERVER['REMOTE_ADDR']]);
 			info('Login failed. Please check your credentials.' . EOL);
 			$a->internalRedirect();
 		}
@@ -160,9 +161,10 @@ class Login extends BaseModule
 		// if we haven't failed up this point, log them in.
 		$_SESSION['remember'] = $remember;
 		$_SESSION['last_login_date'] = DateTimeFormat::utcNow();
-		Authentication::setAuthenticatedSessionForUser($record, true, true);
 
-		if (x($_SESSION, 'return_path')) {
+		Session::setAuthenticatedForUser($a, $record, true, true);
+
+		if (!empty($_SESSION['return_path'])) {
 			$return_path = $_SESSION['return_path'];
 			unset($_SESSION['return_path']);
 		} else {
@@ -210,7 +212,7 @@ class Login extends BaseModule
 
 					// Do the authentification if not done by now
 					if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
-						Authentication::setAuthenticatedSessionForUser($user);
+						Session::setAuthenticatedForUser($a, $user);
 
 						if (Config::get('system', 'paranoia')) {
 							$_SESSION['addr'] = $data->ip;
@@ -220,15 +222,15 @@ class Login extends BaseModule
 			}
 		}
 
-		if (isset($_SESSION) && x($_SESSION, 'authenticated')) {
-			if (x($_SESSION, 'visitor_id') && !x($_SESSION, 'uid')) {
+		if (!empty($_SESSION['authenticated'])) {
+			if (!empty($_SESSION['visitor_id']) && empty($_SESSION['uid'])) {
 				$contact = DBA::selectFirst('contact', [], ['id' => $_SESSION['visitor_id']]);
 				if (DBA::isResult($contact)) {
 					self::getApp()->contact = $contact;
 				}
 			}
 
-			if (x($_SESSION, 'uid')) {
+			if (!empty($_SESSION['uid'])) {
 				// already logged in user returning
 				$check = Config::get('system', 'paranoia');
 				// extra paranoia - if the IP changed, log them out
@@ -263,7 +265,8 @@ class Login extends BaseModule
 					$_SESSION['last_login_date'] = DateTimeFormat::utcNow();
 					$login_refresh = true;
 				}
-				Authentication::setAuthenticatedSessionForUser($user, false, false, $login_refresh);
+
+				Session::setAuthenticatedForUser($a, $user, false, false, $login_refresh);
 			}
 		}
 	}
@@ -271,14 +274,15 @@ class Login extends BaseModule
 	/**
 	 * @brief Wrapper for adding a login box.
 	 *
-	 * @param string $return_path The path relative to the base the user should be sent
-	 *							 back to after login completes
-	 * @param bool $register If $register == true provide a registration link.
-	 *						 This will most always depend on the value of config.register_policy.
-	 * @param array $hiddens  optional
+	 * @param string $return_path  The path relative to the base the user should be sent
+	 *                             back to after login completes
+	 * @param bool   $register     If $register == true provide a registration link.
+	 *                             This will most always depend on the value of config.register_policy.
+	 * @param array  $hiddens      optional
 	 *
 	 * @return string Returns the complete html for inserting into the page
 	 *
+	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 * @hooks 'login_hook' string $o
 	 */
 	public static function form($return_path = null, $register = false, $hiddens = [])
@@ -300,16 +304,16 @@ class Login extends BaseModule
 		}
 
 		if (local_user()) {
-			$tpl = get_markup_template('logout.tpl');
+			$tpl = Renderer::getMarkupTemplate('logout.tpl');
 		} else {
 			$a->page['htmlhead'] .= Renderer::replaceMacros(
-				get_markup_template('login_head.tpl'),
+				Renderer::getMarkupTemplate('login_head.tpl'),
 				[
 					'$baseurl' => $a->getBaseURL(true)
 				]
 			);
 
-			$tpl = get_markup_template('login.tpl');
+			$tpl = Renderer::getMarkupTemplate('login.tpl');
 			$_SESSION['return_path'] = $return_path;
 		}
 
@@ -342,7 +346,7 @@ class Login extends BaseModule
 			]
 		);
 
-		Addon::callHooks('login_hook', $o);
+		Hook::callAll('login_hook', $o);
 
 		return $o;
 	}