Skip to content
Snippets Groups Projects
Commit 7e246961 authored by Regis Houssin's avatar Regis Houssin
Browse files 

Change-Id: I5f8bcf59cf2fc0d902edb4d61f8c20a2880765a2
parent ba459532
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
htdocs/core/lib/security2.lib.php
+ 1
1
View file @ 7e246961
...@@ -54,7 +54,7 @@ function checkLoginPassEntity($usertotest,$passwordtotest,$entitytotest,$authmod ...@@ -54,7 +54,7 @@ function checkLoginPassEntity($usertotest,$passwordtotest,$entitytotest,$authmod
global $conf,$langs; global $conf,$langs;
//global $dolauthmode; // To return authentication finally used //global $dolauthmode; // To return authentication finally used
// Check parameetrs // Check parameters
if ($entitytotest == '') $entitytotest=1; if ($entitytotest == '') $entitytotest=1;
dol_syslog("checkLoginPassEntity usertotest=".$usertotest." entitytotest=".$entitytotest." authmode=".join(',',$authmode)); dol_syslog("checkLoginPassEntity usertotest=".$usertotest." entitytotest=".$entitytotest." authmode=".join(',',$authmode));
......
htdocs/core/login/functions_dolibarr.php
+ 13
2
View file @ 7e246961
...@@ -36,9 +36,14 @@ ...@@ -36,9 +36,14 @@
function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=1) function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=1)
{ {
global $db,$conf,$langs; global $db,$conf,$langs;
global $mc;
dol_syslog("functions_dolibarr::check_user_password_dolibarr usertotest=".$usertotest); dol_syslog("functions_dolibarr::check_user_password_dolibarr usertotest=".$usertotest);
// Force master entity in transversal mode
$entity=$entitytotest;
if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)) $entity=1;
$login=''; $login='';
if (! empty($usertotest)) if (! empty($usertotest))
...@@ -48,10 +53,10 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest= ...@@ -48,10 +53,10 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=
$usernamecol = 'login'; $usernamecol = 'login';
$entitycol = 'entity'; $entitycol = 'entity';
$sql ='SELECT pass, pass_crypted'; $sql ='SELECT rowid, entity, pass, pass_crypted';
$sql.=' FROM '.$table; $sql.=' FROM '.$table;
$sql.=' WHERE '.$usernamecol." = '".$db->escape($usertotest)."'"; $sql.=' WHERE '.$usernamecol." = '".$db->escape($usertotest)."'";
$sql.=' AND '.$entitycol." IN (0," . ($entitytotest ? $entitytotest : 1) . ")"; $sql.=' AND '.$entitycol." IN (0," . ($entity ? $entity : 1) . ")";
dol_syslog("functions_dolibarr::check_user_password_dolibarr sql=".$sql); dol_syslog("functions_dolibarr::check_user_password_dolibarr sql=".$sql);
$resql=$db->query($sql); $resql=$db->query($sql);
...@@ -92,6 +97,12 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest= ...@@ -92,6 +97,12 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=
} }
} }
if ($passok && ! empty($obj->entity) && (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)))
{
$ret=$mc->checkRight($obj->rowid, $entitytotest);
if ($ret < 0) $passok=false;
}
// Password ok ? // Password ok ?
if ($passok) if ($passok)
{ {
......
htdocs/user/class/user.class.php
+ 1
1
View file @ 7e246961
...@@ -150,7 +150,7 @@ class User extends CommonObject ...@@ -150,7 +150,7 @@ class User extends CommonObject
$sql.= " u.ref_int, u.ref_ext"; $sql.= " u.ref_int, u.ref_ext";
$sql.= " FROM ".MAIN_DB_PREFIX."user as u"; $sql.= " FROM ".MAIN_DB_PREFIX."user as u";
if(! empty($conf->multicompany->enabled) && $conf->entity == 1) if (! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode))
{ {
$sql.= " WHERE u.entity IS NOT NULL"; $sql.= " WHERE u.entity IS NOT NULL";
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment