Need to add in the call to CheckLoginOrDie() to catch other illegal

logins like unapproved user, expired password, etc. Needs some work though, since the auth code is not branded, and so the links are wrong. Will do that next, but want to get this in right away.

Need to add in the call to CheckLoginOrDie() to catch other illegal
logins like unapproved user, expired password, etc. Needs some work though, since the auth code is not branded, and so the links are wrong. Will do that next, but want to get this in right away.
bb2b0e56 · Leigh B Stoller · 7cc04178 · bb2b0e56 · bb2b0e56 · bb2b0e56
Commit bb2b0e56 authored Dec 10, 2014 by Leigh B Stoller
--- a/www/aptui/instantiate.php
+++ b/www/aptui/instantiate.php
@@ -33,14 +33,16 @@ $page_title = "Instantiate a Profile";
 $dblink = GetDBLink("sa");

 #
-# Get current user but make sure coming in on SSL.
+# Get current user but make sure coming in on SSL. Guest users allowed
+# via APT Portal.
 #
 RedirectSecure();
 $this_user = CheckLogin($check_status);
-if ($ISCLOUD) {
-    if (! ($CHECKLOGIN_STATUS & CHECKLOGIN_LOGGEDIN)) {
-	header("Location: login.php");
-    }
+if (isset($this_user)) {
+    CheckLoginOrDie();
+}
+elseif ($ISCLOUD) {
+    header("Location: login.php");
 }

 #

--- a/www/aptui/quickvm_sup.php
+++ b/www/aptui/quickvm_sup.php
@@ -742,6 +742,8 @@ function CheckLoginOrRedirect()
    if (! ($check_status & CHECKLOGIN_LOGGEDIN)) {
 	RedirectLoginPage();
    }
+    # Catch other illegal login issues.
+    CheckLoginOrDie();
    return $this_user;
 }


--- a/www/aptui/server-ajax.php
+++ b/www/aptui/server-ajax.php
@@ -134,6 +134,11 @@ function CheckLoginForAjax($guestokay = false)
 	SPITAJAX_ERROR(2, "Your login has timed out");
 	exit(2);
    }
+    # Known user, but not approved.
+    if ($check_status & CHECKLOGIN_UNAPPROVED) {
+	SPITAJAX_ERROR(2, "Your account has not been approved yet");
+	exit(2);
+    }
    # Logged in user always okay.
    if (isset($this_user)) {
 	if ($check_status & CHECKLOGIN_MAYBEVALID) {