Hi,
I have an external Joomla authenticator script, but it turns out that it ignores if the user didn't activate, and it even ignores if the user is blocked.
I've used the following script with some slight modifications, but the basics are the same:
[url]
https://gist.github.com/AdamMadrzejewski/020c4fa4b1d0e7af78b8[/url]
Here's my code:
[code]...
if ($result)
{
$match = JUserHelper::verifyPassword($credentials['password'], $result->password, $result->id);
if ($match === true)
{
// Bring this in line with the rest of the system
$user = JUser::getInstance($result->id);
//perform the login action
$error = $app->login($credentials);
$logged_user = JFactory::getUser();
if($logged_user->block == 1 && $logged_user->activation) //some kind of check that's not working basically
{
echo $credentials['username'];
}
}
else
{
// Invalid password
die('');
}
} else {
// Invalid user
die('');
}[/code]
You can see that I tried playing around with the 'block' and 'activation' properties of the user object ([url]
https://stackoverflow.com/questions/18914703/jaccessgetusersbygroup-how-to-check-is-user-activated-in-joomla-and-sort-it-a[/url]) but it wasn't working properly.
What is the specific property (or properties) that I have to check, to deduct, whether a user that is trying to sign-in via this script is activated or not?