You are here

function bakery_login_return in Bakery Single Sign-On System 7.2

Same name and namespace in other branches
  1. 6.2 bakery.module \bakery_login_return()
  2. 7.3 bakery.module \bakery_login_return()

Custom return for errors during slave login process.

1 string reference to 'bakery_login_return'
bakery_menu in ./bakery.module
Implements hook_menu().

File

./bakery.module, line 922
Module file for the Bakery.

Code

function bakery_login_return() {
  $cookie = bakery_taste_oatmeal_cookie();
  if ($cookie) {

    // Make sure we always have a default query key.
    $cookie['data'] += array(
      'query' => array(),
    );

    // Valid cookie, now destroy it.
    _bakery_eat_cookie('OATMEAL');
    if (!empty($cookie['data']['errors'])) {
      $errors = $cookie['data']['errors'];
      if (!empty($errors['incorrect-credentials'])) {
        drupal_set_message(t('Sorry, unrecognized username or password.'), 'error');
      }
      elseif (!empty($errors['name'])) {

        // In case an attacker got the hash we filter the argument here to avoid
        // exposing a XSS vector.
        drupal_set_message(filter_xss($errors['name']), 'error');
      }
    }

    // Prepare the url options array to pass to drupal_goto().
    $options = array(
      'query' => $cookie['data']['query'],
    );
    if (empty($cookie['data']['destination'])) {
      drupal_goto('user', $options);
    }
    else {
      $destination = $cookie['data']['destination'];
      if (($pos = strpos($cookie['data']['destination'], '?')) !== FALSE) {

        // Destination contains query arguments that must be extracted.
        $destination = substr($cookie['data']['destination'], 0, $pos);
        $options['query'] += drupal_get_query_array(substr($cookie['data']['destination'], $pos + 1));
      }
      drupal_goto($destination, $options);
    }
  }
  elseif (user_is_logged_in()) {
    drupal_goto();
  }
  drupal_access_denied();
}