=== modified file 'moodle/lang/en_utf8/moodle.php' --- old/moodle/lang/en_utf8/moodle.php 2009-11-05 03:34:11 +0000 +++ new/moodle/lang/en_utf8/moodle.php 2009-11-09 02:26:33 +0000 @@ -436,6 +436,7 @@ $string['deletingcourse'] = 'Deleting $a'; $string['deletingexistingcoursedata'] = 'Deleting existing course data'; $string['deletingolddata'] = 'Deleting old data'; +$string['deniedlogin'] = 'Login access denied.'; $string['department'] = 'Department'; $string['desc'] = 'Descending'; $string['description'] = 'Description'; @@ -921,6 +922,7 @@ $string['loginalready'] = 'You are already logged in'; $string['loginas'] = 'Login as'; $string['loginaspasswordexplain'] = '

You must enter the special \"loginas password\" to use this feature.
If you do not know it, ask your server administrator.

'; +$string['loginerror'] = 'Login error. Please contact your site administrator.'; $string['loginguest'] = 'Login as a guest'; $string['loginsite'] = 'Login to the site'; $string['loginsteps'] = 'Hi! For full access to courses you\'ll need to take === modified file 'moodle/lib/moodlelib.php' --- old/moodle/lib/moodlelib.php 2009-11-05 03:34:11 +0000 +++ new/moodle/lib/moodlelib.php 2009-11-09 02:20:28 +0000 @@ -3519,10 +3519,13 @@ foreach ($auths as $auth) { $authplugin = get_auth_plugin($auth); - // on auth fail fall through to the next plugin - if (!$authplugin->user_login($username, $password)) { - continue; - } + // on AUTH_FAIL (or 'false', for backward-compat) fall through to the next plugin + $rc = $authplugin->user_login($username, $password); + if ($rc === false or $rc === AUTH_FAIL) { + continue; + } elseif ($rc === AUTH_DENIED) { + return $rc; + } // successful authentication if ($user->id) { // User already exists in database === modified file 'moodle/login/index.php' --- old/moodle/login/index.php 2009-11-05 03:34:11 +0000 +++ new/moodle/login/index.php 2009-11-09 02:23:57 +0000 @@ -135,7 +135,7 @@ } update_login_count(); - if ($user) { + if (is_object($user)) { // language setup if ($user->username == 'guest') { @@ -226,9 +226,15 @@ exit; } else { - if (empty($errormsg)) { + if ($user === AUTH_FAIL or $user === false) { $errormsg = get_string("invalidlogin"); $errorcode = 3; + } elseif ($user === AUTH_DENIED) { + $errormsg = get_string("deniedlogin"); + $errorcode = 5; + } elseif ($user === AUTH_ERROR or empty($errormsg)) { + $errormsg = get_string("loginerror"); + $errorcode = 6; } // TODO: if the user failed to authenticate, check if the username corresponds to a remote mnet user