Commit 47d0f36c authored by Nigel McNie's avatar Nigel McNie
Browse files

Removed a bunch of code that allows the admin user to log in if the 0.8 code...

Removed a bunch of code that allows the admin user to log in if the 0.8 code is in place but the upgrade hasn't happened yet. This can be handled better with the 'disablelogin' feature of upgrading. Also removed a couple of unnecessary debugging lines
parent fcb6c32d
......@@ -271,7 +271,6 @@ class User {
/** @todo document this method */
public function set_activity_preference($activity, $method) {
log_debug("set_activity_preference($activity, $method)");
set_activity_preference($this->get('id'), $activity, $method);
$activityprefs = $this->get('activityprefs');
$activityprefs[$activity] = $method;
......@@ -291,7 +290,6 @@ class User {
/** @todo document this method */
public function set_account_preference($field, $value) {
log_debug("set_account_preference($field, $value)");
set_account_preference($this->get('id'), $field, $value);
$accountprefs = $this->get('accountprefs');
$accountprefs[$field] = $value;
......@@ -378,36 +376,6 @@ class LiveUser extends User {
* @return bool
*/
public function login($username, $password, $institution) {
if ($username == 'admin' && $institution == 'mahara') {
// it's our Admin. Do the new auth tables exist yet?
if (get_config('version') < 2007062900) {
// Get the user - be picky about what we accept, i.e. username, id and institution
// must all match
$user = get_record('usr', 'institution','mahara','username','admin','id','1');
if ($user->salt == null) {
// This allows "plaintext" passwords, which are eaiser for an admin to
// create by hacking in the database directly. The application does not
// create passwords in this form.
$this->authenticate($user);
return $password == $user->password;
}
if ($user->salt == '*') {
// This is a special salt that means this user simply CAN'T log in.
// It is used on the root user (id=0)
return false;
}
// The main type - a salted sha1
$sha1sent = sha1($user->salt . $password);
if ($sha1sent == $user->password) {
$this->authenticate($user);
return true;
}
return false;
}
}
$users = get_records_select_array('usr', 'LOWER(username) = ? AND institution = ?', array($username, $institution), 'authinstance', '*');
if ($users == false) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment