function urllogin_decode in urllogin 8
Same name and namespace in other branches
- 6 urllogin_security.inc \urllogin_decode()
- 7 urllogin_security.inc \urllogin_decode()
- 2.x urllogin_security.inc \urllogin_decode()
Decodes an encoded url string.
Decodes an encoded url string into a user ID and tests validity. If the uid matches the current one supplied, then it is valid even if link is expired. This is so that the user for whom the link is intended does not get an error message if they are logged in and click on an old link, but instead still get redirected.
Parameters
string $urlstr: Encoded url string.
int $codekey: Integer containing current active code (maximum allowable value)
int $codemin: Integer containing minimum allowable value of code.
string $passkey: String containing encryption key phrase.
string $errormsg: Contains error message if function fails.
int $currentuid: Contains optional current uid.
Return value
int Return UID if successful, -1 if fail, -2 if link expired
2 calls to urllogin_decode()
- UrlloginController::linkTest in src/
Controller/ UrlloginController.php - Diagnostic test page for setting up urllogin urls.
- UrlloginController::login in src/
Controller/ UrlloginController.php - This is the function that actually performs the login.
File
- ./
urllogin_security.inc, line 205 - Include file for urllogin security functions.
Code
function urllogin_decode($urlstr, $codekey, $codemin, $passkey, &$errormsg, $currentuid = -1) {
if (!urllogin_base64dec($i, $j, $x, $urlstr)) {
$errormsg = 'Invalid Base64 URL string';
return -1;
}
if (!urllogin_decrypt($i, $j, $x, $passkey)) {
$errormsg = "Invalid access string";
return -1;
}
if (($j < $codemin or $j > $codekey) and $i != $currentuid) {
$errormsg = "code: {$j} outside permitted range: {$codemin} to {$codekey}";
return -2;
}
return $i;
}