From 0a2bafaa6d605be7b23339056eb1da59e60ac739 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sat, 27 Jun 2015 21:52:23 +0200
Subject: [PATCH] The trigger USER_LOGIN* are deprecated. They are still
 working but you should prefer use the hook afterLogin or afterLoginFailed
 instead.

---
 ChangeLog           |  5 +--
 htdocs/main.inc.php | 88 ++++++++++++++++++++++++++++++++-------------
 2 files changed, 66 insertions(+), 27 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 6022577180a..ed418b08f5c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -43,8 +43,9 @@ Dolibarr better:
 - Hooks 'printLeftBlock' and 'formConfirm' are now compliant with hook development rules. They are
   "addreplace" hooks, so you must return content with "->resprints='mycontent'" and not with "return 'mycontent'"  
 - All fields "fk_societe" were renamed into "fk_soc".
-- Method select_PriceBaseType and load_PriceBaseType were merged into selectPriceBaseType
-
+- Method select_PriceBaseType and load_PriceBaseType were merged into selectPriceBaseType.
+- The trigger USER_LOGIN* are deprecated. They are still working but you should prefer use the 
+  hook afterLogin or afterLoginFailed instead.
 
 ***** ChangeLog for 3.7.2 compared to 3.7.1 *****
 FIX [ bug #2855 ] Wrong translation key in localtax report page
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 98679f5be37..3c31ff2578d 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -422,6 +422,15 @@ if (! defined('NOLOGIN'))
                     $error++;
                 }
                 // End Call of triggers
+
+                // Hooks on failed login
+		        $action='';
+		        $hookmanager->initHooks(array('login'));
+		        $parameters=array('dol_authmode'=>$dol_authmode, 'dol_loginmesg'=>$_SESSION["dol_loginmesg"]);
+		        $reshook=$hookmanager->executeHooks('afterLoginFailed',$parameters,$user,$action);    // Note that $action and $object may have been modified by some hooks
+		        if ($reshook < 0) $error++;
+
+		        // Note: exit is done later
             }
         }
 
@@ -479,6 +488,7 @@ if (! defined('NOLOGIN'))
                 // We set a generic message if not defined inside function checkLoginPassEntity or subfunctions
                 if (empty($_SESSION["dol_loginmesg"])) $_SESSION["dol_loginmesg"]=$langs->trans("ErrorBadLoginPassword");
 
+                // TODO We should use a hook afterLoginFailed here, not a trigger.
                 // Call of triggers
                 include_once DOL_DOCUMENT_ROOT.'/core/class/interfaces.class.php';
                 $interface=new Interfaces($db);
@@ -487,6 +497,15 @@ if (! defined('NOLOGIN'))
                     $error++;
                 }
                 // End Call of triggers
+
+                // Hooks on failed login
+		        $action='';
+		        $hookmanager->initHooks(array('login'));
+		        $parameters=array('dol_authmode'=>$dol_authmode, 'dol_loginmesg'=>$_SESSION["dol_loginmesg"]);
+		        $reshook=$hookmanager->executeHooks('afterLoginFailed',$parameters,$user,$action);    // Note that $action and $object may have been modified by some hooks
+		        if ($reshook < 0) $error++;
+
+		        // Note: exit is done in next chapter
             }
         }
 
@@ -521,7 +540,7 @@ if (! defined('NOLOGIN'))
                 $_SESSION["dol_loginmesg"]=$user->error;
             }
 
-            // TODO We should use a hook here, not a trigger.
+            // TODO We should use a hook afterLoginFailed here, not a trigger.
             // Call triggers
             include_once DOL_DOCUMENT_ROOT . '/core/class/interfaces.class.php';
             $interface=new Interfaces($db);
@@ -531,6 +550,13 @@ if (! defined('NOLOGIN'))
             }
             // End call triggers
 
+	        // Hooks on failed login
+	        $action='';
+	        $hookmanager->initHooks(array('login'));
+	        $parameters=array('dol_authmode'=>$dol_authmode, 'dol_loginmesg'=>$_SESSION["dol_loginmesg"]);
+	        $reshook=$hookmanager->executeHooks('afterLoginFailed',$parameters,$user,$action);    // Note that $action and $object may have been modified by some hooks
+	        if ($reshook < 0) $error++;
+
             header('Location: '.DOL_URL_ROOT.'/index.php');
             exit;
         }
@@ -574,6 +600,13 @@ if (! defined('NOLOGIN'))
             }
             // End call triggers
 
+	        // Hooks on failed login
+	        $action='';
+	        $hookmanager->initHooks(array('login'));
+	        $parameters=array('dol_authmode'=>$dol_authmode, 'dol_loginmesg'=>$_SESSION["dol_loginmesg"]);
+	        $reshook=$hookmanager->executeHooks('afterLoginFailed',$parameters,$user,$action);    // Note that $action and $object may have been modified by some hooks
+	        if ($reshook < 0) $error++;
+
             header('Location: '.DOL_URL_ROOT.'/index.php');
             exit;
         }
@@ -623,34 +656,12 @@ if (! defined('NOLOGIN'))
 
         $user->update_last_login_date();
 
-        $user->trigger_mesg = 'TZ='.$_SESSION["dol_tz"].';TZString='.$_SESSION["dol_tz_string"].';Screen='.$_SESSION["dol_screenwidth"].'x'.$_SESSION["dol_screenheight"];
-
-        // TODO We should use a hook here, not a trigger
-        // Call triggers
-        include_once DOL_DOCUMENT_ROOT . '/core/class/interfaces.class.php';
-        $interface=new Interfaces($db);
-        $result=$interface->run_triggers('USER_LOGIN',$user,$user,$langs,$conf);
-        if ($result < 0) {
-            $error++;
-        }
-        // End call triggers
-
-        if ($error)
-        {
-            $db->rollback();
-            session_destroy();
-            dol_print_error($db,'Error in some triggers on action USER_LOGIN');
-            exit;
-        }
-        else
-        {
-            $db->commit();
-        }
 
         // Create entity cookie, just used for login page
         // TODO Multicompany Move this into hook
         if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_COOKIE_ENABLED) && isset($_POST["entity"]))
         {
+        	dol_syslog("You are using a bugged version of a module using deprecated code instead that should be located into the hook 'afterLogin' instead", LOG_WARNING);
             include_once DOL_DOCUMENT_ROOT.'/core/class/cookie.class.php';
 
             $entity = $_SESSION["dol_login"].'|'.$_POST["entity"];
@@ -666,12 +677,39 @@ if (! defined('NOLOGIN'))
             $entityCookie->_setCookie($entityCookieName, $entity, $ttl);
         }
 
+
+        $loginfo = 'TZ='.$_SESSION["dol_tz"].';TZString='.$_SESSION["dol_tz_string"].';Screen='.$_SESSION["dol_screenwidth"].'x'.$_SESSION["dol_screenheight"];
+
+        $user->trigger_mesg = $loginfo;
+
+        // TODO We should use hook afterLogin here, not a trigger
+        // Call triggers
+        include_once DOL_DOCUMENT_ROOT . '/core/class/interfaces.class.php';
+        $interface=new Interfaces($db);
+        $result=$interface->run_triggers('USER_LOGIN',$user,$user,$langs,$conf);
+        if ($result < 0) {
+            $error++;
+        }
+        // End call triggers
+
         // Hooks on successfull login
         $action='';
         $hookmanager->initHooks(array('login'));
-        $parameters=array('dol_authmode'=>$dol_authmode);
+        $parameters=array('dol_authmode'=>$dol_authmode, 'dol_loginfo'=>$loginfo);
         $reshook=$hookmanager->executeHooks('afterLogin',$parameters,$user,$action);    // Note that $action and $object may have been modified by some hooks
         if ($reshook < 0) $error++;
+
+        if ($error)
+        {
+            $db->rollback();
+            session_destroy();
+            dol_print_error($db,'Error in some hooks afterLogin (or old trigger USER_LOGIN)');
+            exit;
+        }
+        else
+		{
+            $db->commit();
+        }
     }
 
 
-- 
GitLab