[ic] UserDB Login Inactive Flag.

Kevin Walsh interchange-users@icdevgroup.org
Mon Sep 2 09:38:02 2002


> 
> First I added INACTIVE, and INACTIVE_FLAG to $self.
> 
> 	my $self = {
> 			USERNAME  	=> $options{username}	||
> 						   $Vend::username		||
> 						   $CGI::values{mv_username} ||
> 						   '',
> 			OLDPASS  	=> $options{oldpass}	|| $CGI::values{mv_password_old} || '',
> 			PASSWORD  	=> $options{password}	|| $CGI::values{mv_password} || '',
> 			VERIFY  	=> $options{verify}		|| $CGI::values{mv_verify}	 || '',
> 			NICKNAME   	=> $options{nickname}	|| '',
> 			PROFILE   	=> $options{profile}	|| '',
> 			LAST   		=> '',
> 			USERMINLEN	=> $options{userminlen}	|| 2,
> 			PASSMINLEN	=> $options{passminlen}	|| 4,
> +			INACTIVE	=> $options{inactive} || 0,
> +			INACTIVE_FLAG	=> 1
> .deletia.
> 			};
> 
> then in sub Login I added
> 
> 	# Fail if inactive flag set
> 	my $inactive_error = ::errmsg("User is disabled.");
> 	if ($self->{INACTIVE} eq $self->{INACTIVE_FLAG}) {
> 			logError("Inactive user attempted login with user name '%s'");
> 			die $inactive_error, "\n";
> 	}
> 
> Was I correct in asuming that $options refers to the userDB db fields?  I'm
> not getting any errors, but it inactive users are still logging in, I'm
> seeing neither logError or $inactive_error.
> 
The %options hash refers to the [userdb] tag parameters, not columns
from the userdb table.  If you really must hard-code your facility
into UserDB.pm, rather than checking externally, then you could use
$user_data->{inactive}.

Untested pseudo-patch follows.  Interpret and use at your own risk.

    my $self = {
        ...
        LOCATION => {
            USERNAME => $options{user_field} || 'username',
            BILLING => $options{bill_field} || 'accounts',
            ...
+           INACTIVE => $options{inactive_field} || 'inactive',
        },
        ...
    };

    ...

    sub login {
        ...
+       if ($self->{PRESENT}->{$self->{LOCATION}{INACTIVE}} &&
+           $user_data->{$self->{LOCATION}{INACTIVE}}
+       ){
+           logError("Inactive user attempted login with user name '%s'",
+               $self->{USERNAME},
+           );
+           die ::errmsg('User account has been disabled.');
+       }
        ...
    }

You could try using the userdb account expiration facility, rather
than adding an "inactive" flag.  You can look at UserDB.pm to see
how to set that up.

You could use the UserDB directive to load the "inactive" flag into
a scratch variable on login, and then use something along the lines
of:

    [if type="explicit" compare="[userdb login]"]
        [if scratch inactive]
            [userdb logout]
        [/if]
    [/if]

Have fun. :-)

-- 
   _/   _/  _/_/_/_/  _/    _/  _/_/_/  _/    _/
  _/_/_/   _/_/      _/    _/    _/    _/_/  _/   K e v i n   W a l s h
 _/ _/    _/          _/ _/     _/    _/  _/_/    kevin@cursor.biz
_/   _/  _/_/_/_/      _/    _/_/_/  _/    _/