function tfa_code_form_submit in Two-factor Authentication (TFA) 6
Same name and namespace in other branches
- 7 tfa.pages.inc \tfa_code_form_submit()
Submit handler for TFA login form.
File
- ./
tfa.pages.inc, line 77 - tfa.pages.inc
Code
function tfa_code_form_submit($form, &$form_state) {
global $user;
$uid = $form_state['values']['uid'];
$account = user_load(array(
'uid' => $uid,
));
$edit = array();
$user = $account;
// Update the user table timestamp noting user has logged in.
$user->login = time();
db_query("UPDATE {users} SET login = %d WHERE uid = %d", $user->login, $user->uid);
// Regenerate the session ID to prevent against session fixation attacks.
sess_regenerate();
// Mark code as accepted to avoid repeating TFA process.
tfa_accept_code($account->uid);
watchdog('tfa', 'TFA login code accepted for @name. Session opened.', array(
'@name' => $user->name,
));
// Truncate flood for user.
db_query("DELETE FROM {flood} WHERE event = '%s' AND hostname = '%s'", 'tfa_send', ip_address());
db_query("DELETE FROM {flood} WHERE event = '%s' AND hostname = '%s'", 'tfa_validate', ip_address());
user_module_invoke('login', $edit, $user);
}