Conditions | 117 |
Paths | 0 |
Total Lines | 495 |
Code Lines | 284 |
Lines | 0 |
Ratio | 0 % |
Changes | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
1 | <?php |
||
574 | function testLogin() |
||
575 | { |
||
576 | $login = ''; |
||
577 | if (defined('NOLOGIN')) { |
||
578 | return; |
||
579 | } |
||
580 | |||
581 | // $authmode lists the different means of identification to be tested in order of preference. |
||
582 | // Example: 'http', 'dolibarr', 'ldap', 'http,forceuser', '...' |
||
583 | if (defined('MAIN_AUTHENTICATION_MODE')) { |
||
584 | $dolibarr_main_authentication = constant('MAIN_AUTHENTICATION_MODE'); |
||
585 | } else { |
||
586 | // Authentication mode |
||
587 | if (empty($dolibarr_main_authentication)) { |
||
588 | $dolibarr_main_authentication = 'http,dolibarr'; |
||
589 | } |
||
590 | // Authentication mode: forceuser |
||
591 | if ($dolibarr_main_authentication == 'forceuser' && empty($dolibarr_auto_user)) { |
||
592 | $dolibarr_auto_user = 'auto'; |
||
593 | } |
||
594 | } |
||
595 | |||
596 | // Set authmode |
||
597 | $this->authmode = explode(',', $dolibarr_main_authentication); |
||
598 | |||
599 | // No authentication mode |
||
600 | if (!count($this->authmode)) { |
||
601 | Globals::$langs->load('main'); |
||
602 | dol_print_error('', Globals::$langs->trans("ErrorConfigParameterNotDefined", 'dolibarr_main_authentication')); |
||
603 | die('No authmode has been defined!'); |
||
604 | } |
||
605 | |||
606 | // If login request was already post, we retrieve login from the session |
||
607 | // Call module if not realized that his request. |
||
608 | // At the end of this phase, the variable $login is defined. |
||
609 | $resultFetchUser = ''; |
||
610 | $test = true; |
||
611 | |||
612 | if (!isset($_SESSION["dol_login"])) { |
||
613 | // It is not already authenticated and it requests the login / password |
||
614 | // include_once DOL_BASE_PATH . '/core/lib/security2.lib.php'; |
||
615 | |||
616 | $dol_dst_observed = DolUtils::GETPOST("dst_observed", 'int', 3); |
||
617 | $dol_dst_first = DolUtils::GETPOST("dst_first", 'int', 3); |
||
618 | $dol_dst_second = DolUtils::GETPOST("dst_second", 'int', 3); |
||
619 | $dol_screenwidth = DolUtils::GETPOST("screenwidth", 'int', 3); |
||
620 | $dol_screenheight = DolUtils::GETPOST("screenheight", 'int', 3); |
||
621 | $dol_hide_topmenu = DolUtils::GETPOST('dol_hide_topmenu', 'int', 3); |
||
622 | $dol_hide_leftmenu = DolUtils::GETPOST('dol_hide_leftmenu', 'int', 3); |
||
623 | $dol_optimize_smallscreen = DolUtils::GETPOST('dol_optimize_smallscreen', 'int', 3); |
||
624 | $dol_no_mouse_hover = DolUtils::GETPOST('dol_no_mouse_hover', 'int', 3); |
||
625 | $dol_use_jmobile = DolUtils::GETPOST('dol_use_jmobile', 'int', 3); |
||
626 | |||
627 | // dol_syslog("POST key=".join(array_keys($_POST),',').' value='.join($_POST,',')); |
||
628 | // If in demo mode, we check we go to home page through the public/demo/index.php page |
||
629 | if (!empty($dolibarr_main_demo) && $_SERVER['PHP_SELF'] == DOL_BASE_URI . '/index.php') { |
||
630 | // We ask index page |
||
631 | if (empty($_SERVER['HTTP_REFERER']) || !preg_match('/public/', $_SERVER['HTTP_REFERER'])) { |
||
632 | DolUtils::dol_syslog("Call index page from another url than demo page (call is done from page " . $_SERVER['HTTP_REFERER'] . ")"); |
||
633 | $url = ''; |
||
634 | $url .= ($url ? '&' : '') . ($dol_hide_topmenu ? 'dol_hide_topmenu=' . $dol_hide_topmenu : ''); |
||
635 | $url .= ($url ? '&' : '') . ($dol_hide_leftmenu ? 'dol_hide_leftmenu=' . $dol_hide_leftmenu : ''); |
||
636 | $url .= ($url ? '&' : '') . ($dol_optimize_smallscreen ? 'dol_optimize_smallscreen=' . $dol_optimize_smallscreen : ''); |
||
637 | $url .= ($url ? '&' : '') . ($dol_no_mouse_hover ? 'dol_no_mouse_hover=' . $dol_no_mouse_hover : ''); |
||
638 | $url .= ($url ? '&' : '') . ($dol_use_jmobile ? 'dol_use_jmobile=' . $dol_use_jmobile : ''); |
||
639 | $url = DOL_BASE_URI . '/public/demo/index.php' . ($url ? '?' . $url : ''); |
||
640 | echo $url; |
||
641 | throw Exception('x'); |
||
642 | header("Location: " . $url); |
||
643 | exit; |
||
644 | } |
||
645 | } |
||
646 | |||
647 | // Verification security graphic code |
||
648 | if (DolUtils::GETPOST("username", "alpha", 2) && !empty(Globals::$conf->global->MAIN_SECURITY_ENABLECAPTCHA)) { |
||
649 | $sessionkey = 'dol_antispam_value'; |
||
650 | $ok = (array_key_exists($sessionkey, $_SESSION) === true && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code']))); |
||
651 | |||
652 | // Check code |
||
653 | if (!$ok) { |
||
654 | DolUtils::dol_syslog('Bad value for code, connexion refused'); |
||
655 | |||
656 | // Load translation files required by page |
||
657 | Globals::$langs->loadLangs(array('main', 'errors')); |
||
658 | |||
659 | $_SESSION["dol_loginmesg"] = Globals::$langs->trans("ErrorBadValueForCode"); |
||
660 | $test = false; |
||
661 | |||
662 | // Call trigger for the "security events" log |
||
663 | Globals::$user->trigger_mesg = 'ErrorBadValueForCode - login=' . DolUtils::GETPOST("username", "alpha", 2); |
||
664 | |||
665 | // Call of triggers |
||
666 | //include_once DOL_BASE_PATH . '/core/class/interfaces.class.php'; |
||
667 | $interface = new Interfaces($db); |
||
668 | $result = $interface->run_triggers('USER_LOGIN_FAILED', Globals::$user, Globals::$user, Globals::$langs, Globals::$conf); |
||
669 | if ($result < 0) { |
||
670 | $error++; |
||
671 | } |
||
672 | |||
673 | // End Call of triggers |
||
674 | // Hooks on failed login |
||
675 | $action = ''; |
||
676 | Globals::$hookManager->initHooks(array('login')); |
||
677 | $parameters = array('dol_authmode' => $this->dol_authmode, 'dol_loginmesg' => $_SESSION["dol_loginmesg"]); |
||
678 | $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action); // Note that $action and $object may have been modified by some hooks |
||
679 | if ($reshook < 0) { |
||
680 | $error++; |
||
681 | } |
||
682 | |||
683 | // Note: exit is done later |
||
684 | } |
||
685 | } |
||
686 | |||
687 | $allowedmethodtopostusername = 2; |
||
688 | if (defined('MAIN_AUTHENTICATION_POST_METHOD')) { |
||
689 | $allowedmethodtopostusername = constant('MAIN_AUTHENTICATION_POST_METHOD'); |
||
690 | } |
||
691 | $usertotest = (!empty($_COOKIE['login_dolibarr']) ? $_COOKIE['login_dolibarr'] : DolUtils::GETPOST("username", "alpha", $allowedmethodtopostusername)); |
||
692 | $passwordtotest = DolUtils::GETPOST('password', 'none', $allowedmethodtopostusername); |
||
693 | $entitytotest = (DolUtils::GETPOST('entity', 'int') ? DolUtils::GETPOST('entity', 'int') : (!empty(Globals::$conf->entity) ? Globals::$conf->entity : 1)); |
||
694 | |||
695 | // Define if we received data to test the login. |
||
696 | /* |
||
697 | $goontestloop = false; |
||
698 | if (isset($_SERVER["REMOTE_USER"]) && in_array('http', $this->authmode)) { |
||
699 | $goontestloop = true; |
||
700 | } |
||
701 | if ($dolibarr_main_authentication == 'forceuser' && !empty($dolibarr_auto_user)) { |
||
702 | $goontestloop = true; |
||
703 | } |
||
704 | if (DolUtils::GETPOST("username", "alpha", $allowedmethodtopostusername) || !empty($_COOKIE['login_dolibarr']) || DolUtils::GETPOST('openid_mode', 'alpha', 1)) { |
||
705 | $goontestloop = true; |
||
706 | } |
||
707 | */ |
||
708 | |||
709 | $goontestloop = (isset($_SERVER["REMOTE_USER"]) && in_array('http', $this->authmode)) || |
||
710 | ($dolibarr_main_authentication == 'forceuser' && !empty($dolibarr_auto_user)) || |
||
711 | (DolUtils::GETPOST("username", "alpha", $allowedmethodtopostusername) || |
||
712 | !empty($_COOKIE['login_dolibarr']) || |
||
713 | DolUtils::GETPOST('openid_mode', 'alpha', 1)); |
||
714 | |||
715 | if (!is_object(Globals::$langs)) { // This can occurs when calling page with NOREQUIRETRAN defined, however we need langs for error messages. |
||
716 | // include_once DOL_BASE_PATH . '/core/class/translate.class.php'; |
||
717 | Globals::$langs = new Translate("", Globals::$conf); |
||
718 | $langcode = (DolUtils::GETPOST('lang', 'aZ09', 1) ? DolUtils::GETPOST('lang', 'aZ09', 1) : (empty(Globals::$conf->global->MAIN_LANG_DEFAULT) ? 'auto' : Globals::$conf->global->MAIN_LANG_DEFAULT)); |
||
719 | if (defined('MAIN_LANG_DEFAULT')) { |
||
720 | $langcode = constant('MAIN_LANG_DEFAULT'); |
||
721 | } |
||
722 | Globals::$langs->setDefaultLang($langcode); |
||
723 | } |
||
724 | |||
725 | // Validation of login/pass/entity |
||
726 | // If ok, the variable login will be returned |
||
727 | // If error, we will put error message in session under the name dol_loginmesg |
||
728 | if ($test && $goontestloop) { |
||
729 | $login = Security2::checkLoginPassEntity($usertotest, $passwordtotest, $entitytotest, $this->authmode); |
||
730 | |||
731 | if ($login) { |
||
732 | $this->dol_authmode = Globals::$conf->authmode; // This properties is defined only when logged, to say what mode was successfully used |
||
733 | $dol_tz = $_POST["tz"]; |
||
734 | $dol_tz_string = $_POST["tz_string"]; |
||
735 | $dol_tz_string = preg_replace('/\s*\(.+\)$/', '', $dol_tz_string); |
||
736 | $dol_tz_string = preg_replace('/,/', '/', $dol_tz_string); |
||
737 | $dol_tz_string = preg_replace('/\s/', '_', $dol_tz_string); |
||
738 | $dol_dst = 0; |
||
739 | if (isset($_POST["dst_first"]) && isset($_POST["dst_second"])) { |
||
740 | // include_once DOL_BASE_PATH . '/core/lib/date.lib.php'; |
||
741 | $datenow = DolUtils::dol_now(); |
||
742 | $datefirst = DateLib::dol_stringtotime($_POST["dst_first"]); |
||
743 | $datesecond = DateLib::dol_stringtotime($_POST["dst_second"]); |
||
744 | if ($datenow >= $datefirst && $datenow < $datesecond) { |
||
745 | $dol_dst = 1; |
||
746 | } |
||
747 | } |
||
748 | //print $datefirst.'-'.$datesecond.'-'.$datenow.'-'.$dol_tz.'-'.$dol_tzstring.'-'.$dol_dst; exit; |
||
749 | } |
||
750 | |||
751 | if (!$login) { |
||
752 | DolUtils::dol_syslog('Bad password, connexion refused', LOG_DEBUG); |
||
753 | // Load translation files required by page |
||
754 | Globals::$langs->loadLangs(array('main', 'errors')); |
||
755 | |||
756 | // Bad password. No authmode has found a good password. |
||
757 | // We set a generic message if not defined inside function checkLoginPassEntity or subfunctions |
||
758 | if (empty($_SESSION["dol_loginmesg"])) { |
||
759 | $_SESSION["dol_loginmesg"] = Globals::$langs->trans("ErrorBadLoginPassword"); |
||
760 | } |
||
761 | |||
762 | // Call trigger for the "security events" log |
||
763 | Globals::$user->trigger_mesg = Globals::$langs->trans("ErrorBadLoginPassword") . ' - login=' . DolUtils::GETPOST("username", "alpha", 2); |
||
764 | |||
765 | // Call of triggers |
||
766 | //include_once DOL_BASE_PATH . '/core/class/interfaces.class.php'; |
||
767 | $interface = new Interfaces(); |
||
768 | $result = $interface->run_triggers('USER_LOGIN_FAILED', Globals::$user, Globals::$user, Globals::$langs, Globals::$conf, DolUtils::GETPOST("username", "alpha", 2)); |
||
769 | if ($result < 0) { |
||
770 | $error++; |
||
771 | } |
||
772 | // End Call of triggers |
||
773 | // Hooks on failed login |
||
774 | $action = ''; |
||
775 | Globals::$hookManager->initHooks(array('login')); |
||
776 | $parameters = array('dol_authmode' => $this->dol_authmode, 'dol_loginmesg' => $_SESSION["dol_loginmesg"]); |
||
777 | $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action); // Note that $action and $object may have been modified by some hooks |
||
778 | if ($reshook < 0) { |
||
779 | $error++; |
||
780 | } |
||
781 | |||
782 | // Note: exit is done in next chapter |
||
783 | } |
||
784 | } |
||
785 | |||
786 | // End test login / passwords |
||
787 | if (!$login || (in_array('ldap', $this->authmode) && empty($passwordtotest))) { // With LDAP we refused empty password because some LDAP are "opened" for anonymous access so connexion is a success. |
||
788 | // No data to test login, so we show the login page |
||
789 | DolUtils::dol_syslog("--- Access to " . $_SERVER["PHP_SELF"] . " showing the login form and exit"); |
||
790 | if (defined('NOREDIRECTBYMAINTOLOGIN')) { |
||
791 | return 'ERROR_NOT_LOGGED'; |
||
792 | } else { |
||
793 | Security2::dol_loginfunction($this); |
||
794 | } |
||
795 | exit; |
||
796 | } |
||
797 | |||
798 | $resultFetchUser = Globals::$user->fetch('', $login, '', 1, ($entitytotest > 0 ? $entitytotest : -1)); |
||
799 | if ($resultFetchUser <= 0) { |
||
800 | DolUtils::dol_syslog('User not found, connexion refused'); |
||
801 | session_destroy(); |
||
802 | session_name($this->sessionname); |
||
803 | session_set_cookie_params(0, '/', null, false, true); // Add tag httponly on session cookie |
||
804 | session_start(); // Fixing the bug of register_globals here is useless since session is empty |
||
805 | |||
806 | if ($resultFetchUser == 0) { |
||
807 | // Load translation files required by page |
||
808 | Globals::$langs->loadLangs(array('main', 'errors')); |
||
809 | |||
810 | $_SESSION["dol_loginmesg"] = Globals::$langs->trans("ErrorCantLoadUserFromDolibarrDatabase", $login); |
||
811 | |||
812 | Globals::$user->trigger_mesg = 'ErrorCantLoadUserFromDolibarrDatabase - login=' . $login; |
||
813 | } |
||
814 | if ($resultFetchUser < 0) { |
||
815 | $_SESSION["dol_loginmesg"] = Globals::$user->error; |
||
816 | |||
817 | Globals::$user->trigger_mesg = Globals::$user->error; |
||
818 | } |
||
819 | |||
820 | // Call triggers for the "security events" log |
||
821 | //include_once DOL_BASE_PATH . '/core/class/interfaces.class.php'; |
||
822 | $interface = new Interfaces(); |
||
823 | $result = $interface->run_triggers('USER_LOGIN_FAILED', Globals::$user, Globals::$user, Globals::$langs, Globals::$conf); |
||
824 | if ($result < 0) { |
||
825 | $error++; |
||
826 | } |
||
827 | // End call triggers |
||
828 | // Hooks on failed login |
||
829 | $action = ''; |
||
830 | Globals::$hookManager->initHooks(array('login')); |
||
831 | $parameters = array('dol_authmode' => $this->dol_authmode, 'dol_loginmesg' => $_SESSION["dol_loginmesg"]); |
||
832 | $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action); // Note that $action and $object may have been modified by some hooks |
||
833 | if ($reshook < 0) { |
||
834 | $error++; |
||
835 | } |
||
836 | |||
837 | $paramsurl = array(); |
||
838 | if (DolUtils::GETPOST('textbrowser', 'int')) { |
||
839 | $paramsurl[] = 'textbrowser=' . DolUtils::GETPOST('textbrowser', 'int'); |
||
840 | } |
||
841 | if (DolUtils::GETPOST('nojs', 'int')) { |
||
842 | $paramsurl[] = 'nojs=' . DolUtils::GETPOST('nojs', 'int'); |
||
843 | } |
||
844 | if (DolUtils::GETPOST('lang', 'aZ09')) { |
||
845 | $paramsurl[] = 'lang=' . DolUtils::GETPOST('lang', 'aZ09'); |
||
846 | } |
||
847 | echo 'Location: ' . DOL_BASE_URI . '/index.php' . (count($paramsurl) ? '?' . implode('&', $paramsurl) : ''); |
||
848 | throw Exception('x'); |
||
849 | header('Location: ' . DOL_BASE_URI . '/index.php' . (count($paramsurl) ? '?' . implode('&', $paramsurl) : '')); |
||
850 | exit; |
||
851 | } |
||
852 | } |
||
853 | |||
854 | if (isset($_SESSION['dol_login'])) { |
||
855 | // We are already into an authenticated session |
||
856 | $login = $_SESSION["dol_login"]; |
||
857 | $entity = $_SESSION["dol_entity"]; |
||
858 | DolUtils::dol_syslog("- This is an already logged session. _SESSION['dol_login']=" . $login . " _SESSION['dol_entity']=" . $entity, LOG_DEBUG); |
||
859 | |||
860 | $resultFetchUser = Globals::$user->fetch('', $login, '', 1, ($entity > 0 ? $entity : -1)); |
||
861 | if ($resultFetchUser <= 0) { |
||
862 | // Account has been removed after login |
||
863 | DolUtils::dol_syslog("Can't load user even if session logged. _SESSION['dol_login']=" . $login, LOG_WARNING); |
||
864 | session_destroy(); |
||
865 | session_name($this->sessionname); |
||
866 | session_set_cookie_params(0, '/', null, false, true); // Add tag httponly on session cookie |
||
867 | session_start(); // Fixing the bug of register_globals here is useless since session is empty |
||
868 | |||
869 | if ($resultFetchUser == 0) { |
||
870 | // Load translation files required by page |
||
871 | Globals::$langs->loadLangs(array('main', 'errors')); |
||
872 | |||
873 | $_SESSION["dol_loginmesg"] = Globals::$langs->trans("ErrorCantLoadUserFromDolibarrDatabase", $login); |
||
874 | |||
875 | Globals::$user->trigger_mesg = 'ErrorCantLoadUserFromDolibarrDatabase - login=' . $login; |
||
876 | } |
||
877 | if ($resultFetchUser < 0) { |
||
878 | $_SESSION["dol_loginmesg"] = Globals::$user->error; |
||
879 | |||
880 | Globals::$user->trigger_mesg = Globals::$user->error; |
||
881 | } |
||
882 | |||
883 | // Call triggers for the "security events" log |
||
884 | //include_once DOL_BASE_PATH . '/core/class/interfaces.class.php'; |
||
885 | $interface = new Interfaces($db); |
||
886 | $result = $interface->run_triggers('USER_LOGIN_FAILED', Globals::$user, Globals::$user, Globals::$langs, Globals::$conf); |
||
887 | if ($result < 0) { |
||
888 | $error++; |
||
889 | } |
||
890 | // End call triggers |
||
891 | // Hooks on failed login |
||
892 | $action = ''; |
||
893 | Globals::$hookManager->initHooks(array('login')); |
||
894 | $parameters = array('dol_authmode' => $this->dol_authmode, 'dol_loginmesg' => $_SESSION["dol_loginmesg"]); |
||
895 | $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action); // Note that $action and $object may have been modified by some hooks |
||
896 | if ($reshook < 0) { |
||
897 | $error++; |
||
898 | } |
||
899 | |||
900 | $paramsurl = array(); |
||
901 | if (DolUtils::GETPOST('textbrowser', 'int')) { |
||
902 | $paramsurl[] = 'textbrowser=' . DolUtils::GETPOST('textbrowser', 'int'); |
||
903 | } |
||
904 | if (DolUtils::GETPOST('nojs', 'int')) { |
||
905 | $paramsurl[] = 'nojs=' . DolUtils::GETPOST('nojs', 'int'); |
||
906 | } |
||
907 | if (DolUtils::GETPOST('lang', 'aZ09')) { |
||
908 | $paramsurl[] = 'lang=' . DolUtils::GETPOST('lang', 'aZ09'); |
||
909 | } |
||
910 | echo 'Location: ' . DOL_BASE_URI . '/index.php' . (count($paramsurl) ? '?' . implode('&', $paramsurl) : ''); |
||
911 | throw Exception('x'); |
||
912 | header('Location: ' . DOL_BASE_URI . '/index.php' . (count($paramsurl) ? '?' . implode('&', $paramsurl) : '')); |
||
913 | exit; |
||
914 | } else { |
||
915 | // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context |
||
916 | Globals::$hookManager->initHooks(array('main')); |
||
917 | |||
918 | // Code for search criteria persistence. |
||
919 | if (!empty($_GET['save_lastsearch_values'])) { // We must use $_GET here |
||
920 | $relativepathstring = preg_replace('/\?.*$/', '', $_SERVER["HTTP_REFERER"]); |
||
921 | $relativepathstring = preg_replace('/^https?:\/\/[^\/]*/', '', $relativepathstring); // Get full path except host server |
||
922 | // Clean $relativepathstring |
||
923 | if (constant('DOL_BASE_URI')) { |
||
924 | $relativepathstring = preg_replace('/^' . preg_quote(constant('DOL_BASE_URI'), '/') . '/', '', $relativepathstring); |
||
925 | } |
||
926 | $relativepathstring = preg_replace('/^\//', '', $relativepathstring); |
||
927 | $relativepathstring = preg_replace('/^custom\//', '', $relativepathstring); |
||
928 | //var_dump($relativepathstring); |
||
929 | // We click on a link that leave a page we have to save search criteria, contextpage, limit and page. We save them from tmp to no tmp |
||
930 | if (!empty($_SESSION['lastsearch_values_tmp_' . $relativepathstring])) { |
||
931 | $_SESSION['lastsearch_values_' . $relativepathstring] = $_SESSION['lastsearch_values_tmp_' . $relativepathstring]; |
||
932 | unset($_SESSION['lastsearch_values_tmp_' . $relativepathstring]); |
||
933 | } |
||
934 | if (!empty($_SESSION['lastsearch_contextpage_tmp_' . $relativepathstring])) { |
||
935 | $_SESSION['lastsearch_contextpage_' . $relativepathstring] = $_SESSION['lastsearch_contextpage_tmp_' . $relativepathstring]; |
||
936 | unset($_SESSION['lastsearch_contextpage_tmp_' . $relativepathstring]); |
||
937 | } |
||
938 | if (!empty($_SESSION['lastsearch_page_tmp_' . $relativepathstring]) && $_SESSION['lastsearch_page_tmp_' . $relativepathstring] > 1) { |
||
939 | $_SESSION['lastsearch_page_' . $relativepathstring] = $_SESSION['lastsearch_page_tmp_' . $relativepathstring]; |
||
940 | unset($_SESSION['lastsearch_page_tmp_' . $relativepathstring]); |
||
941 | } |
||
942 | if (!empty($_SESSION['lastsearch_limit_tmp_' . $relativepathstring]) && $_SESSION['lastsearch_limit_tmp_' . $relativepathstring] != Globals::$conf->liste_limit) { |
||
943 | $_SESSION['lastsearch_limit_' . $relativepathstring] = $_SESSION['lastsearch_limit_tmp_' . $relativepathstring]; |
||
944 | unset($_SESSION['lastsearch_limit_tmp_' . $relativepathstring]); |
||
945 | } |
||
946 | } |
||
947 | |||
948 | $action = ''; |
||
949 | $reshook = Globals::$hookManager->executeHooks('updateSession', array(), Globals::$user, $action); |
||
950 | if ($reshook < 0) { |
||
951 | setEventMessages(Globals::$hookManager->error, Globals::$hookManager->errors, 'errors'); |
||
952 | } |
||
953 | } |
||
954 | } |
||
955 | |||
956 | // Is it a new session that has started ? |
||
957 | // If we are here, this means authentication was successfull. |
||
958 | if (!isset($_SESSION["dol_login"])) { |
||
959 | // New session for this login has started. |
||
960 | $error = 0; |
||
961 | |||
962 | // Store value into session (values always stored) |
||
963 | $_SESSION["dol_login"] = Globals::$user->login; |
||
964 | $_SESSION["dol_authmode"] = isset($this->dol_authmode) ? $this->dol_authmode : ''; |
||
965 | $_SESSION["dol_tz"] = isset($dol_tz) ? $dol_tz : ''; |
||
966 | $_SESSION["dol_tz_string"] = isset($dol_tz_string) ? $dol_tz_string : ''; |
||
967 | $_SESSION["dol_dst"] = isset($dol_dst) ? $dol_dst : ''; |
||
968 | $_SESSION["dol_dst_observed"] = isset($dol_dst_observed) ? $dol_dst_observed : ''; |
||
969 | $_SESSION["dol_dst_first"] = isset($dol_dst_first) ? $dol_dst_first : ''; |
||
970 | $_SESSION["dol_dst_second"] = isset($dol_dst_second) ? $dol_dst_second : ''; |
||
971 | $_SESSION["dol_screenwidth"] = isset($dol_screenwidth) ? $dol_screenwidth : ''; |
||
972 | $_SESSION["dol_screenheight"] = isset($dol_screenheight) ? $dol_screenheight : ''; |
||
973 | $_SESSION["dol_company"] = Globals::$conf->global->MAIN_INFO_SOCIETE_NOM ?? ''; |
||
974 | $_SESSION["dol_entity"] = Globals::$conf->entity; |
||
975 | |||
976 | // Store value into session (values stored only if defined) |
||
977 | if (!empty($dol_hide_topmenu)) { |
||
978 | $_SESSION['dol_hide_topmenu'] = $dol_hide_topmenu; |
||
979 | } |
||
980 | if (!empty($dol_hide_leftmenu)) { |
||
981 | $_SESSION['dol_hide_leftmenu'] = $dol_hide_leftmenu; |
||
982 | } |
||
983 | if (!empty($dol_optimize_smallscreen)) { |
||
984 | $_SESSION['dol_optimize_smallscreen'] = $dol_optimize_smallscreen; |
||
985 | } |
||
986 | if (!empty($dol_no_mouse_hover)) { |
||
987 | $_SESSION['dol_no_mouse_hover'] = $dol_no_mouse_hover; |
||
988 | } |
||
989 | if (!empty($dol_use_jmobile)) { |
||
990 | $_SESSION['dol_use_jmobile'] = $dol_use_jmobile; |
||
991 | } |
||
992 | |||
993 | DolUtils::dol_syslog("This is a new started user session. _SESSION['dol_login']=" . $_SESSION["dol_login"] . " Session id=" . session_id()); |
||
994 | |||
995 | // Config::$dbEngine->begin(); |
||
996 | Config::$dbEngine->beginTransaction(); |
||
997 | |||
998 | Globals::$user->update_last_login_date(); |
||
999 | |||
1000 | $loginfo = 'TZ=' . $_SESSION["dol_tz"] . ';TZString=' . $_SESSION["dol_tz_string"] . ';Screen=' . $_SESSION["dol_screenwidth"] . 'x' . $_SESSION["dol_screenheight"]; |
||
1001 | |||
1002 | // Call triggers for the "security events" log |
||
1003 | Globals::$user->trigger_mesg = $loginfo; |
||
1004 | // Call triggers |
||
1005 | //include_once DOL_BASE_PATH . '/core/class/interfaces.class.php'; |
||
1006 | $interface = new Interfaces(/* $db */); |
||
1007 | $result = $interface->run_triggers('USER_LOGIN', Globals::$user /* , Globals::$user, Globals::$langs, Globals::$conf */); |
||
1008 | if ($result < 0) { |
||
1009 | $error++; |
||
1010 | } |
||
1011 | // End call triggers |
||
1012 | // Hooks on successfull login |
||
1013 | $action = ''; |
||
1014 | Globals::$hookManager->initHooks(array('login')); |
||
1015 | $parameters = array('dol_authmode' => $this->dol_authmode, 'dol_loginfo' => $loginfo); |
||
1016 | $reshook = Globals::$hookManager->executeHooks('afterLogin', $parameters, Globals::$user, $action); // Note that $action and $object may have been modified by some hooks |
||
1017 | if ($reshook < 0) { |
||
1018 | $error++; |
||
1019 | } |
||
1020 | |||
1021 | if ($error) { |
||
1022 | Config::$dbEngine->rollBack(); |
||
1023 | session_destroy(); |
||
1024 | dol_print_error($db, 'Error in some triggers USER_LOGIN or in some hooks afterLogin'); |
||
1025 | exit; |
||
1026 | } else { |
||
1027 | Config::$dbEngine->commit(); |
||
1028 | } |
||
1029 | |||
1030 | // Change landing page if defined. |
||
1031 | $landingpage = (empty(Globals::$user->conf->MAIN_LANDING_PAGE) ? (empty(Globals::$conf->global->MAIN_LANDING_PAGE) ? '' : Globals::$conf->global->MAIN_LANDING_PAGE) : Globals::$user->conf->MAIN_LANDING_PAGE); |
||
1032 | if (!empty($landingpage)) { // Example: /index.php |
||
1033 | $newpath = dol_buildpath($landingpage, 1); |
||
1034 | if ($_SERVER["PHP_SELF"] != $newpath) { // not already on landing page (avoid infinite loop) |
||
1035 | echo $newpath; |
||
1036 | throw Exception('x'); |
||
1037 | header('Location: ' . $newpath); |
||
1038 | exit; |
||
1039 | } |
||
1040 | } |
||
1041 | } |
||
1042 | |||
1043 | // If user admin, we force the rights-based modules |
||
1044 | if (Globals::$user->admin) { |
||
1045 | Globals::$user->rights->user->user->lire = 1; |
||
1046 | Globals::$user->rights->user->user->creer = 1; |
||
1047 | Globals::$user->rights->user->user->password = 1; |
||
1048 | Globals::$user->rights->user->user->supprimer = 1; |
||
1049 | Globals::$user->rights->user->self->creer = 1; |
||
1050 | Globals::$user->rights->user->self->password = 1; |
||
1051 | } |
||
1052 | |||
1053 | /* |
||
1054 | * Overwrite some configs globals (try to avoid this and have code to use instead Globals::$user->conf->xxx) |
||
1055 | */ |
||
1056 | |||
1057 | // Set liste_limit |
||
1058 | if (isset(Globals::$user->conf->MAIN_SIZE_LISTE_LIMIT)) { |
||
1059 | Globals::$conf->liste_limit = Globals::$user->conf->MAIN_SIZE_LISTE_LIMIT; // Can be 0 |
||
1060 | } |
||
1061 | if (isset(Globals::$user->conf->PRODUIT_LIMIT_SIZE)) { |
||
1062 | Globals::$conf->product->limit_size = Globals::$user->conf->PRODUIT_LIMIT_SIZE; // Can be 0 |
||
1063 | // Replace conf->css by personalized value if theme not forced |
||
1064 | } |
||
1065 | if (empty(Globals::$conf->global->MAIN_FORCETHEME) && !empty(Globals::$user->conf->MAIN_THEME)) { |
||
1066 | Globals::$conf->theme = Globals::$user->conf->MAIN_THEME; |
||
1067 | // Globals::$conf->css = "/theme/" . Globals::$conf->theme . "/style.css.php"; |
||
1068 | Globals::$conf->css = '?controller=theme/' . Globals::$conf->theme . '&method=style.css'; |
||
1069 | } |
||
1072 |