Hi, I see two places in sfDoctrineGuard where it's implemented :
1 - In http://trac.symfony-project.org/browser/plugins/sfDoctrineGuardPlugin/trunk/lib/validator/sfGuardValidatorUser.class.php#L35 if ($username && $user = Doctrine::getTable('sfGuardUser')- >retrieveByUsername($username)) retrieveByUsername is a custom method defined in http://trac.symfony-project.org/browser/plugins/sfDoctrineGuardPlugin/trunk/lib/model/doctrine/PluginsfGuardUserTable.class.php#L7 doing : public static function retrieveByUsername($username, $isActive = true) { .... ->addWhere('u.is_active = ?', $isActive) .... } 2 - In In http://trac.symfony-project.org/browser/plugins/sfDoctrineGuardPlugin/trunk/lib/validator/sfGuardValidatorUser.class.php#L38 if ($user->getIsActive() && $user->checkPassword($password)) Looks good huh ? Cheers [MA]Pascal On Sep 10, 10:32 pm, Tom Boutell <[email protected]> wrote: > Today it was pointed out to me that sfDoctrineApplyPlugin still lets > you log in if you haven't validated your account yet. > > "Impossible," I thought. "I know for a fact that I'm setting is_active > explicitly to false when I save a new account. And I only set it to > true when you validate your account. > > As it turns out that's true. It does get saved with is_active set to > false. But it doesn't matter because sfDoctrineGuardPlugin doesn't > actually check is_active in sfGuardAuth. > > I figured I must just be missing it, so I grepped my way through the > whole thing... nope. It is not checked anywhere. Not in the form, not > in the validator, not in the action. > > And it's not checked in the old Symfony 1.0 Propel version of > sfGuardPlugin, either. > > This leaves me with questions: > > 1. Is this a bug (going wayyyy back), or did I miss something? > 2. If I did miss something, what is the real purpose of is_active? > 3. If it is a bug, will it be fixed promptly? > > I'd like to get this figured out quickly so that I can work around it > in sfDoctrineApplyPlugin and sfApplyPlugin if that is necessary. > > Thanks! > > -- > Tom Boutell > P'unk Avenue > 215 755 1330 > punkave.com > window.punkave.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
