You are here

Home » API reference » Security Questions 6.2 » security_questions.module

function _security_questions_user_authenticate in Security Questions 6.2

Helper function for security_questions_user_login_name_validate() and security_questions_user_login_authenticate_validate().

As in user_authenticate(), checks that the user exists (with the supplied password, if given) and that the user's email is not reserved, but does not trigger an actual login.

Parameters

$name: A user name.

$pass: A password. Will be FALSE when called from security_questions_user_login_name_validate().

Return value

The user's ID, if authentication succeeds. Otherwise, FALSE.

2 calls to _security_questions_user_authenticate()
security_questions_user_login_authenticate_validate in ./security_questions.module
Validation handler for _security_questions_user_login_form_alter().
security_questions_user_login_name_validate in ./security_questions.module
Validation handler for _security_questions_user_login_form_alter().

File

./security_questions.module, line 301
Main module file for security_questions.

Code

function _security_questions_user_authenticate($name, $pass = FALSE) {

  // Load the account with the information available.
  if ($pass === FALSE) {
    $account = user_load(array(
      'name' => $name,
      'status' => 1,
    ));
  }
  else {
    $account = user_load(array(
      'name' => $name,
      'pass' => trim($pass),
      'status' => 1,
    ));
  }

  // If no matching account was found, output an error similar to
  // user_login_final_validate().
  if (!$account) {
    if ($pass === FALSE) {
      form_set_error('name', t('Sorry, unrecognized username. <a href="@password">Have you forgotten your username?</a>', array(
        '@password' => url('user/password'),
      )));
    }
    else {
      form_set_error('name', t('Sorry, unrecognized username or password. <a href="@password">Have you forgotten your password?</a>', array(
        '@password' => url('user/password'),
      )));
    }
  }
  elseif (drupal_is_denied('mail', $account->mail)) {
    form_set_error('name', t('The name %name is registered using a reserved e-mail address and therefore could not be logged in.', array(
      '%name' => $account->name,
    )));
  }

  // Log an error and return FALSE if any of the above checks failed.
  if (form_get_errors()) {
    watchdog('user', 'Login attempt failed for %user.', array(
      '%user' => $name,
    ));
    return FALSE;
  }

  // Otherwise, return the authenticated user's ID.
  return $account->uid;
}