ClientLogin hook, how to deny login if Inactive

[slig]

Hi, I'm trying to figure out how hooks work based on the (limited) documentation and it doesn't seem to work as expected. Does WHMCS have decisional logic around the hooks or are they just intended to perform some action, with whmcs continuing thereafter regardless of outcome?

 

I had a look at vatnumbervalidation.php, which sets $errormessage but this doesn't look to ever be used. Ideally I'm trying to intercept a client login attempt and redirect them to an external page if they are marked as 'inactive'. At this stage though I'd be happy with just a simple error message!

 

<?php

function loginDisabled($vars) {
       global $errormessage;

       if (!empty($vars['userid'])) {
               $rs = select_query("tblclients","id",array("status"=>"inactive","id"=>$vars['userid']));
               $data = mysql_fetch_assoc($rs);
               if (is_array($data) && ($data['id'] == $vars['userid'])) {
                       $errormessage  .= "<li>Logins disabled</li>";
                       return FALSE;
               }
       }
       return TRUE;
}

add_hook('ClientLogin', 0, 'loginDisabled');

 

docs mention neither the globals I can pick up (like errormessage for example), or whether bool's can be returned and acted upon.

 

ps: yes, I know 'closed' status denies logins, but closed status' can keep working as they are.

 

anyone know what gives? thanks!

Edited November 10, 2009 by slig

[slig]

On a further look hooks seem to run post authentication (thus creating a session which I do not want).

 

Anyone had experience creating authentication modules, assuming such a thing can exist?