X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FLogin.php;h=966ded57faa3b94ffd6b086eb63f165914b7eb16;hb=2333526b8a28bd4d59fdf97d6cb9235aa7c15e76;hp=330988df50cc1b94ec8fb5314b38ae6715ce4e71;hpb=db441ca1ce08d5596641de9c672f4dc355343ed2;p=friendica.git

diff --git a/src/Module/Login.php b/src/Module/Login.php
index 330988df50..966ded57fa 100644
--- a/src/Module/Login.php
+++ b/src/Module/Login.php
@@ -6,12 +6,13 @@ namespace Friendica\Module;
 
 use Exception;
 use Friendica\BaseModule;
-use Friendica\Core\Addon;
 use Friendica\Core\Authentication;
 use Friendica\Core\Config;
+use Friendica\Core\Hook;
 use Friendica\Core\L10n;
 use Friendica\Core\Logger;
 use Friendica\Core\Renderer;
+use Friendica\Core\Session;
 use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Model\User;
@@ -20,9 +21,6 @@ use Friendica\Util\Network;
 use Friendica\Util\Strings;
 use LightOpenID;
 
-require_once 'boot.php';
-require_once 'include/text.php';
-
 /**
  * Login module
  *
@@ -34,27 +32,22 @@ class Login extends BaseModule
 	{
 		$a = self::getApp();
 
-		if (x($_SESSION, 'theme')) {
-			unset($_SESSION['theme']);
-		}
-
-		if (x($_SESSION, 'mobile-theme')) {
-			unset($_SESSION['mobile-theme']);
-		}
+		Session::remove('theme');
+		Session::remove('mobile-theme');
 
 		if (local_user()) {
 			$a->internalRedirect();
 		}
 
-		return self::form(defaults($_SESSION, 'return_path', null), intval(Config::get('config', 'register_policy')) !== REGISTER_CLOSED);
+		return self::form(Session::get('return_path'), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
 	}
 
 	public static function post()
 	{
-		$return_path = $_SESSION['return_path'];
+		$return_path = Session::get('return_path');
 		session_unset();
-		$_SESSION['return_path'] = $return_path;
-		
+		Session::set('return_path', $return_path);
+
 		// OpenId Login
 		if (
 			empty($_POST['password'])
@@ -68,7 +61,7 @@ class Login extends BaseModule
 			self::openIdAuthentication($openid_url, !empty($_POST['remember']));
 		}
 
-		if (x($_POST, 'auth-params') && $_POST['auth-params'] === 'login') {
+		if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
 			self::passwordAuthentication(
 				trim($_POST['username']),
 				trim($_POST['password']),
@@ -82,6 +75,7 @@ class Login extends BaseModule
 	 *
 	 * @param string $openid_url OpenID URL string
 	 * @param bool   $remember   Whether to set the session remember flag
+	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 */
 	private static function openIdAuthentication($openid_url, $remember)
 	{
@@ -115,6 +109,7 @@ class Login extends BaseModule
 	 * @param string $username User name
 	 * @param string $password Clear password
 	 * @param bool   $remember Whether to set the session remember flag
+	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 */
 	private static function passwordAuthentication($username, $password, $remember)
 	{
@@ -134,7 +129,7 @@ class Login extends BaseModule
 		 * Addons should never set 'authenticated' except to indicate success - as hooks may be chained
 		 * and later addons should not interfere with an earlier one that succeeded.
 		 */
-		Addon::callHooks('authenticate', $addon_auth);
+		Hook::callAll('authenticate', $addon_auth);
 
 		try {
 			if ($addon_auth['authenticated']) {
@@ -149,7 +144,7 @@ class Login extends BaseModule
 				);
 			}
 		} catch (Exception $e) {
-			Logger::log('authenticate: failed login attempt: ' . Strings::escapeTags($username) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
+			Logger::warning('authenticate: failed login attempt', ['action' => 'login', 'username' => Strings::escapeTags($username), 'ip' => $_SERVER['REMOTE_ADDR']]);
 			info('Login failed. Please check your credentials.' . EOL);
 			$a->internalRedirect();
 		}
@@ -159,16 +154,13 @@ class Login extends BaseModule
 		}
 
 		// if we haven't failed up this point, log them in.
-		$_SESSION['remember'] = $remember;
-		$_SESSION['last_login_date'] = DateTimeFormat::utcNow();
-		Authentication::setAuthenticatedSessionForUser($record, true, true);
+		Session::set('remember', $remember);
+		Session::set('last_login_date', DateTimeFormat::utcNow());
 
-		if (x($_SESSION, 'return_path')) {
-			$return_path = $_SESSION['return_path'];
-			unset($_SESSION['return_path']);
-		} else {
-			$return_path = '';
-		}
+		Session::setAuthenticatedForUser($a, $record, true, true);
+
+		$return_path = Session::get('return_path', '');
+		Session::remove('return_path');
 
 		$a->internalRedirect($return_path);
 	}
@@ -211,7 +203,7 @@ class Login extends BaseModule
 
 					// Do the authentification if not done by now
 					if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
-						Authentication::setAuthenticatedSessionForUser($user);
+						Session::setAuthenticatedForUser($a, $user);
 
 						if (Config::get('system', 'paranoia')) {
 							$_SESSION['addr'] = $data->ip;
@@ -221,15 +213,15 @@ class Login extends BaseModule
 			}
 		}
 
-		if (isset($_SESSION) && x($_SESSION, 'authenticated')) {
-			if (x($_SESSION, 'visitor_id') && !x($_SESSION, 'uid')) {
+		if (!empty($_SESSION['authenticated'])) {
+			if (!empty($_SESSION['visitor_id']) && empty($_SESSION['uid'])) {
 				$contact = DBA::selectFirst('contact', [], ['id' => $_SESSION['visitor_id']]);
 				if (DBA::isResult($contact)) {
 					self::getApp()->contact = $contact;
 				}
 			}
 
-			if (x($_SESSION, 'uid')) {
+			if (!empty($_SESSION['uid'])) {
 				// already logged in user returning
 				$check = Config::get('system', 'paranoia');
 				// extra paranoia - if the IP changed, log them out
@@ -264,7 +256,8 @@ class Login extends BaseModule
 					$_SESSION['last_login_date'] = DateTimeFormat::utcNow();
 					$login_refresh = true;
 				}
-				Authentication::setAuthenticatedSessionForUser($user, false, false, $login_refresh);
+
+				Session::setAuthenticatedForUser($a, $user, false, false, $login_refresh);
 			}
 		}
 	}
@@ -272,14 +265,15 @@ class Login extends BaseModule
 	/**
 	 * @brief Wrapper for adding a login box.
 	 *
-	 * @param string $return_path The path relative to the base the user should be sent
-	 *							 back to after login completes
-	 * @param bool $register If $register == true provide a registration link.
-	 *						 This will most always depend on the value of config.register_policy.
-	 * @param array $hiddens  optional
+	 * @param string $return_path  The path relative to the base the user should be sent
+	 *                             back to after login completes
+	 * @param bool   $register     If $register == true provide a registration link.
+	 *                             This will most always depend on the value of config.register_policy.
+	 * @param array  $hiddens      optional
 	 *
 	 * @return string Returns the complete html for inserting into the page
 	 *
+	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 * @hooks 'login_hook' string $o
 	 */
 	public static function form($return_path = null, $register = false, $hiddens = [])
@@ -287,7 +281,7 @@ class Login extends BaseModule
 		$a = self::getApp();
 		$o = '';
 		$reg = false;
-		if ($register) {
+		if ($register && intval($a->getConfig()->get('config', 'register_policy')) !== Register::CLOSED) {
 			$reg = [
 				'title' => L10n::t('Create a New Account'),
 				'desc' => L10n::t('Register')
@@ -343,7 +337,7 @@ class Login extends BaseModule
 			]
 		);
 
-		Addon::callHooks('login_hook', $o);
+		Hook::callAll('login_hook', $o);
 
 		return $o;
 	}