alxarafe /
alixar
@@ -29,273 +29,273 @@ |
||
| 29 | 29 | */ |
| 30 | 30 | abstract class DoliDB implements Database |
| 31 | 31 | { |
| 32 | - /** @var resource Database handler */ |
|
| 33 | - public $db; |
|
| 34 | - /** @var string Database type */ |
|
| 35 | - public $type; |
|
| 36 | - /** @var string Charset used to force charset when creating database */ |
|
| 37 | - public $forcecharset='utf8'; |
|
| 38 | - /** @var string Collate used to force collate when creating database */ |
|
| 39 | - public $forcecollate='utf8_unicode_ci'; |
|
| 40 | - /** @var resource Resultset of last query */ |
|
| 41 | - private $_results; |
|
| 42 | - /** @var bool true if connected, else false */ |
|
| 43 | - public $connected; |
|
| 44 | - /** @var bool true if database selected, else false */ |
|
| 45 | - public $database_selected; |
|
| 46 | - /** @var string Selected database name */ |
|
| 47 | - public $database_name; |
|
| 48 | - /** @var string Database username */ |
|
| 49 | - public $database_user; |
|
| 50 | - /** @var string Database host */ |
|
| 51 | - public $database_host; |
|
| 52 | - /** @var int Database port */ |
|
| 53 | - public $database_port; |
|
| 54 | - /** @var int >=1 if a transaction is opened, 0 otherwise */ |
|
| 55 | - public $transaction_opened; |
|
| 56 | - /** @var string Last successful query */ |
|
| 57 | - public $lastquery; |
|
| 58 | - /** @var string Last failed query */ |
|
| 59 | - public $lastqueryerror; |
|
| 60 | - /** @var string Last error message */ |
|
| 61 | - public $lasterror; |
|
| 62 | - /** @var string Last error number. For example: 'DB_ERROR_RECORD_ALREADY_EXISTS', '12345', ... */ |
|
| 63 | - public $lasterrno; |
|
| 32 | + /** @var resource Database handler */ |
|
| 33 | + public $db; |
|
| 34 | + /** @var string Database type */ |
|
| 35 | + public $type; |
|
| 36 | + /** @var string Charset used to force charset when creating database */ |
|
| 37 | + public $forcecharset='utf8'; |
|
| 38 | + /** @var string Collate used to force collate when creating database */ |
|
| 39 | + public $forcecollate='utf8_unicode_ci'; |
|
| 40 | + /** @var resource Resultset of last query */ |
|
| 41 | + private $_results; |
|
| 42 | + /** @var bool true if connected, else false */ |
|
| 43 | + public $connected; |
|
| 44 | + /** @var bool true if database selected, else false */ |
|
| 45 | + public $database_selected; |
|
| 46 | + /** @var string Selected database name */ |
|
| 47 | + public $database_name; |
|
| 48 | + /** @var string Database username */ |
|
| 49 | + public $database_user; |
|
| 50 | + /** @var string Database host */ |
|
| 51 | + public $database_host; |
|
| 52 | + /** @var int Database port */ |
|
| 53 | + public $database_port; |
|
| 54 | + /** @var int >=1 if a transaction is opened, 0 otherwise */ |
|
| 55 | + public $transaction_opened; |
|
| 56 | + /** @var string Last successful query */ |
|
| 57 | + public $lastquery; |
|
| 58 | + /** @var string Last failed query */ |
|
| 59 | + public $lastqueryerror; |
|
| 60 | + /** @var string Last error message */ |
|
| 61 | + public $lasterror; |
|
| 62 | + /** @var string Last error number. For example: 'DB_ERROR_RECORD_ALREADY_EXISTS', '12345', ... */ |
|
| 63 | + public $lasterrno; |
|
| 64 | 64 | |
| 65 | - /** @var bool Status */ |
|
| 66 | - public $ok; |
|
| 67 | - /** @var string */ |
|
| 68 | - public $error; |
|
| 65 | + /** @var bool Status */ |
|
| 66 | + public $ok; |
|
| 67 | + /** @var string */ |
|
| 68 | + public $error; |
|
| 69 | 69 | |
| 70 | - /** |
|
| 71 | - * Format a SQL IF |
|
| 72 | - * |
|
| 73 | - * @param string $test Test string (example: 'cd.statut=0', 'field IS NULL') |
|
| 74 | - * @param string $resok resultat si test egal |
|
| 75 | - * @param string $resko resultat si test non egal |
|
| 76 | - * @return string SQL string |
|
| 77 | - */ |
|
| 78 | - function ifsql($test,$resok,$resko) |
|
| 79 | - { |
|
| 80 | - return 'IF('.$test.','.$resok.','.$resko.')'; |
|
| 81 | - } |
|
| 70 | + /** |
|
| 71 | + * Format a SQL IF |
|
| 72 | + * |
|
| 73 | + * @param string $test Test string (example: 'cd.statut=0', 'field IS NULL') |
|
| 74 | + * @param string $resok resultat si test egal |
|
| 75 | + * @param string $resko resultat si test non egal |
|
| 76 | + * @return string SQL string |
|
| 77 | + */ |
|
| 78 | + function ifsql($test,$resok,$resko) |
|
| 79 | + { |
|
| 80 | + return 'IF('.$test.','.$resok.','.$resko.')'; |
|
| 81 | + } |
|
| 82 | 82 | |
| 83 | - /** |
|
| 84 | - * Convert (by PHP) a GM Timestamp date into a string date with PHP server TZ to insert into a date field. |
|
| 85 | - * Function to use to build INSERT, UPDATE or WHERE predica |
|
| 86 | - * |
|
| 87 | - * @param int $param Date TMS to convert |
|
| 88 | - * @return string Date in a string YYYY-MM-DD HH:MM:SS |
|
| 89 | - */ |
|
| 90 | - function idate($param) |
|
| 91 | - { |
|
| 92 | - // TODO GMT $param should be gmt, so we should add tzouptut to 'gmt' |
|
| 93 | - return dol_print_date($param,"%Y-%m-%d %H:%M:%S"); |
|
| 94 | - } |
|
| 83 | + /** |
|
| 84 | + * Convert (by PHP) a GM Timestamp date into a string date with PHP server TZ to insert into a date field. |
|
| 85 | + * Function to use to build INSERT, UPDATE or WHERE predica |
|
| 86 | + * |
|
| 87 | + * @param int $param Date TMS to convert |
|
| 88 | + * @return string Date in a string YYYY-MM-DD HH:MM:SS |
|
| 89 | + */ |
|
| 90 | + function idate($param) |
|
| 91 | + { |
|
| 92 | + // TODO GMT $param should be gmt, so we should add tzouptut to 'gmt' |
|
| 93 | + return dol_print_date($param,"%Y-%m-%d %H:%M:%S"); |
|
| 94 | + } |
|
| 95 | 95 | |
| 96 | - /** |
|
| 97 | - * Return last error code |
|
| 98 | - * |
|
| 99 | - * @return string lasterrno |
|
| 100 | - */ |
|
| 101 | - function lasterrno() |
|
| 102 | - { |
|
| 103 | - return $this->lasterrno; |
|
| 104 | - } |
|
| 96 | + /** |
|
| 97 | + * Return last error code |
|
| 98 | + * |
|
| 99 | + * @return string lasterrno |
|
| 100 | + */ |
|
| 101 | + function lasterrno() |
|
| 102 | + { |
|
| 103 | + return $this->lasterrno; |
|
| 104 | + } |
|
| 105 | 105 | |
| 106 | - /** |
|
| 107 | - * Start transaction |
|
| 108 | - * |
|
| 109 | - * @return int 1 if transaction successfuly opened or already opened, 0 if error |
|
| 110 | - */ |
|
| 111 | - function begin() |
|
| 112 | - { |
|
| 113 | - if (! $this->transaction_opened) |
|
| 114 | - { |
|
| 115 | - $ret=$this->query("BEGIN"); |
|
| 116 | - if ($ret) |
|
| 117 | - { |
|
| 118 | - $this->transaction_opened++; |
|
| 119 | - dol_syslog("BEGIN Transaction",LOG_DEBUG); |
|
| 120 | - dol_syslog('',0,1); |
|
| 121 | - } |
|
| 122 | - return $ret; |
|
| 123 | - } |
|
| 124 | - else |
|
| 125 | - { |
|
| 126 | - $this->transaction_opened++; |
|
| 127 | - dol_syslog('',0,1); |
|
| 128 | - return 1; |
|
| 129 | - } |
|
| 130 | - } |
|
| 106 | + /** |
|
| 107 | + * Start transaction |
|
| 108 | + * |
|
| 109 | + * @return int 1 if transaction successfuly opened or already opened, 0 if error |
|
| 110 | + */ |
|
| 111 | + function begin() |
|
| 112 | + { |
|
| 113 | + if (! $this->transaction_opened) |
|
| 114 | + { |
|
| 115 | + $ret=$this->query("BEGIN"); |
|
| 116 | + if ($ret) |
|
| 117 | + { |
|
| 118 | + $this->transaction_opened++; |
|
| 119 | + dol_syslog("BEGIN Transaction",LOG_DEBUG); |
|
| 120 | + dol_syslog('',0,1); |
|
| 121 | + } |
|
| 122 | + return $ret; |
|
| 123 | + } |
|
| 124 | + else |
|
| 125 | + { |
|
| 126 | + $this->transaction_opened++; |
|
| 127 | + dol_syslog('',0,1); |
|
| 128 | + return 1; |
|
| 129 | + } |
|
| 130 | + } |
|
| 131 | 131 | |
| 132 | - /** |
|
| 133 | - * Validate a database transaction |
|
| 134 | - * |
|
| 135 | - * @param string $log Add more log to default log line |
|
| 136 | - * @return int 1 if validation is OK or transaction level no started, 0 if ERROR |
|
| 137 | - */ |
|
| 138 | - function commit($log='') |
|
| 139 | - { |
|
| 140 | - dol_syslog('',0,-1); |
|
| 141 | - if ($this->transaction_opened<=1) |
|
| 142 | - { |
|
| 143 | - $ret=$this->query("COMMIT"); |
|
| 144 | - if ($ret) |
|
| 145 | - { |
|
| 146 | - $this->transaction_opened=0; |
|
| 147 | - dol_syslog("COMMIT Transaction".($log?' '.$log:''),LOG_DEBUG); |
|
| 148 | - return 1; |
|
| 149 | - } |
|
| 150 | - else |
|
| 151 | - { |
|
| 152 | - return 0; |
|
| 153 | - } |
|
| 154 | - } |
|
| 155 | - else |
|
| 156 | - { |
|
| 157 | - $this->transaction_opened--; |
|
| 158 | - return 1; |
|
| 159 | - } |
|
| 160 | - } |
|
| 132 | + /** |
|
| 133 | + * Validate a database transaction |
|
| 134 | + * |
|
| 135 | + * @param string $log Add more log to default log line |
|
| 136 | + * @return int 1 if validation is OK or transaction level no started, 0 if ERROR |
|
| 137 | + */ |
|
| 138 | + function commit($log='') |
|
| 139 | + { |
|
| 140 | + dol_syslog('',0,-1); |
|
| 141 | + if ($this->transaction_opened<=1) |
|
| 142 | + { |
|
| 143 | + $ret=$this->query("COMMIT"); |
|
| 144 | + if ($ret) |
|
| 145 | + { |
|
| 146 | + $this->transaction_opened=0; |
|
| 147 | + dol_syslog("COMMIT Transaction".($log?' '.$log:''),LOG_DEBUG); |
|
| 148 | + return 1; |
|
| 149 | + } |
|
| 150 | + else |
|
| 151 | + { |
|
| 152 | + return 0; |
|
| 153 | + } |
|
| 154 | + } |
|
| 155 | + else |
|
| 156 | + { |
|
| 157 | + $this->transaction_opened--; |
|
| 158 | + return 1; |
|
| 159 | + } |
|
| 160 | + } |
|
| 161 | 161 | |
| 162 | - /** |
|
| 163 | - * Annulation d'une transaction et retour aux anciennes valeurs |
|
| 164 | - * |
|
| 165 | - * @param string $log Add more log to default log line |
|
| 166 | - * @return resource|int 1 si annulation ok ou transaction non ouverte, 0 en cas d'erreur |
|
| 167 | - */ |
|
| 168 | - function rollback($log='') |
|
| 169 | - { |
|
| 170 | - dol_syslog('',0,-1); |
|
| 171 | - if ($this->transaction_opened<=1) |
|
| 172 | - { |
|
| 173 | - $ret=$this->query("ROLLBACK"); |
|
| 174 | - $this->transaction_opened=0; |
|
| 175 | - dol_syslog("ROLLBACK Transaction".($log?' '.$log:''),LOG_DEBUG); |
|
| 176 | - return $ret; |
|
| 177 | - } |
|
| 178 | - else |
|
| 179 | - { |
|
| 180 | - $this->transaction_opened--; |
|
| 181 | - return 1; |
|
| 182 | - } |
|
| 183 | - } |
|
| 162 | + /** |
|
| 163 | + * Annulation d'une transaction et retour aux anciennes valeurs |
|
| 164 | + * |
|
| 165 | + * @param string $log Add more log to default log line |
|
| 166 | + * @return resource|int 1 si annulation ok ou transaction non ouverte, 0 en cas d'erreur |
|
| 167 | + */ |
|
| 168 | + function rollback($log='') |
|
| 169 | + { |
|
| 170 | + dol_syslog('',0,-1); |
|
| 171 | + if ($this->transaction_opened<=1) |
|
| 172 | + { |
|
| 173 | + $ret=$this->query("ROLLBACK"); |
|
| 174 | + $this->transaction_opened=0; |
|
| 175 | + dol_syslog("ROLLBACK Transaction".($log?' '.$log:''),LOG_DEBUG); |
|
| 176 | + return $ret; |
|
| 177 | + } |
|
| 178 | + else |
|
| 179 | + { |
|
| 180 | + $this->transaction_opened--; |
|
| 181 | + return 1; |
|
| 182 | + } |
|
| 183 | + } |
|
| 184 | 184 | |
| 185 | - /** |
|
| 186 | - * Define limits and offset of request |
|
| 187 | - * |
|
| 188 | - * @param int $limit Maximum number of lines returned (-1=conf->liste_limit, 0=no limit) |
|
| 189 | - * @param int $offset Numero of line from where starting fetch |
|
| 190 | - * @return string String with SQL syntax to add a limit and offset |
|
| 191 | - */ |
|
| 192 | - function plimit($limit=0,$offset=0) |
|
| 193 | - { |
|
| 194 | - global $conf; |
|
| 195 | - if (empty($limit)) return ""; |
|
| 196 | - if ($limit < 0) $limit=$conf->liste_limit; |
|
| 197 | - if ($offset > 0) return " LIMIT $offset,$limit "; |
|
| 198 | - else return " LIMIT $limit "; |
|
| 199 | - } |
|
| 185 | + /** |
|
| 186 | + * Define limits and offset of request |
|
| 187 | + * |
|
| 188 | + * @param int $limit Maximum number of lines returned (-1=conf->liste_limit, 0=no limit) |
|
| 189 | + * @param int $offset Numero of line from where starting fetch |
|
| 190 | + * @return string String with SQL syntax to add a limit and offset |
|
| 191 | + */ |
|
| 192 | + function plimit($limit=0,$offset=0) |
|
| 193 | + { |
|
| 194 | + global $conf; |
|
| 195 | + if (empty($limit)) return ""; |
|
| 196 | + if ($limit < 0) $limit=$conf->liste_limit; |
|
| 197 | + if ($offset > 0) return " LIMIT $offset,$limit "; |
|
| 198 | + else return " LIMIT $limit "; |
|
| 199 | + } |
|
| 200 | 200 | |
| 201 | - /** |
|
| 202 | - * Return version of database server into an array |
|
| 203 | - * |
|
| 204 | - * @return array Version array |
|
| 205 | - */ |
|
| 206 | - function getVersionArray() |
|
| 207 | - { |
|
| 208 | - return preg_split("/[\.,-]/",$this->getVersion()); |
|
| 209 | - } |
|
| 201 | + /** |
|
| 202 | + * Return version of database server into an array |
|
| 203 | + * |
|
| 204 | + * @return array Version array |
|
| 205 | + */ |
|
| 206 | + function getVersionArray() |
|
| 207 | + { |
|
| 208 | + return preg_split("/[\.,-]/",$this->getVersion()); |
|
| 209 | + } |
|
| 210 | 210 | |
| 211 | - /** |
|
| 212 | - * Return last request executed with query() |
|
| 213 | - * |
|
| 214 | - * @return string Last query |
|
| 215 | - */ |
|
| 216 | - function lastquery() |
|
| 217 | - { |
|
| 218 | - return $this->lastquery; |
|
| 219 | - } |
|
| 211 | + /** |
|
| 212 | + * Return last request executed with query() |
|
| 213 | + * |
|
| 214 | + * @return string Last query |
|
| 215 | + */ |
|
| 216 | + function lastquery() |
|
| 217 | + { |
|
| 218 | + return $this->lastquery; |
|
| 219 | + } |
|
| 220 | 220 | |
| 221 | - /** |
|
| 222 | - * Define sort criteria of request |
|
| 223 | - * |
|
| 224 | - * @param string $sortfield List of sort fields, separated by comma. Example: 't1.fielda,t2.fieldb' |
|
| 225 | - * @param string $sortorder Sort order, separated by comma. Example: 'ASC,DESC'; |
|
| 226 | - * @return string String to provide syntax of a sort sql string |
|
| 227 | - */ |
|
| 228 | - function order($sortfield=null,$sortorder=null) |
|
| 229 | - { |
|
| 230 | - if (! empty($sortfield)) |
|
| 231 | - { |
|
| 232 | - $return=''; |
|
| 233 | - $fields=explode(',',$sortfield); |
|
| 234 | - $orders=explode(',',$sortorder); |
|
| 235 | - $i=0; |
|
| 236 | - foreach($fields as $val) |
|
| 237 | - { |
|
| 238 | - if (! $return) $return.=' ORDER BY '; |
|
| 239 | - else $return.=', '; |
|
| 221 | + /** |
|
| 222 | + * Define sort criteria of request |
|
| 223 | + * |
|
| 224 | + * @param string $sortfield List of sort fields, separated by comma. Example: 't1.fielda,t2.fieldb' |
|
| 225 | + * @param string $sortorder Sort order, separated by comma. Example: 'ASC,DESC'; |
|
| 226 | + * @return string String to provide syntax of a sort sql string |
|
| 227 | + */ |
|
| 228 | + function order($sortfield=null,$sortorder=null) |
|
| 229 | + { |
|
| 230 | + if (! empty($sortfield)) |
|
| 231 | + { |
|
| 232 | + $return=''; |
|
| 233 | + $fields=explode(',',$sortfield); |
|
| 234 | + $orders=explode(',',$sortorder); |
|
| 235 | + $i=0; |
|
| 236 | + foreach($fields as $val) |
|
| 237 | + { |
|
| 238 | + if (! $return) $return.=' ORDER BY '; |
|
| 239 | + else $return.=', '; |
|
| 240 | 240 | |
| 241 | - $return.=preg_replace('/[^0-9a-z_\.]/i','',$val); |
|
| 241 | + $return.=preg_replace('/[^0-9a-z_\.]/i','',$val); |
|
| 242 | 242 | |
| 243 | - $tmpsortorder = trim($orders[$i]); |
|
| 243 | + $tmpsortorder = trim($orders[$i]); |
|
| 244 | 244 | |
| 245 | - // Only ASC and DESC values are valid SQL |
|
| 246 | - if (strtoupper($tmpsortorder) === 'ASC') { |
|
| 247 | - $return .= ' ASC'; |
|
| 248 | - } elseif (strtoupper($tmpsortorder) === 'DESC') { |
|
| 249 | - $return .= ' DESC'; |
|
| 250 | - } |
|
| 245 | + // Only ASC and DESC values are valid SQL |
|
| 246 | + if (strtoupper($tmpsortorder) === 'ASC') { |
|
| 247 | + $return .= ' ASC'; |
|
| 248 | + } elseif (strtoupper($tmpsortorder) === 'DESC') { |
|
| 249 | + $return .= ' DESC'; |
|
| 250 | + } |
|
| 251 | 251 | |
| 252 | - $i++; |
|
| 253 | - } |
|
| 254 | - return $return; |
|
| 255 | - } |
|
| 256 | - else |
|
| 257 | - { |
|
| 258 | - return ''; |
|
| 259 | - } |
|
| 260 | - } |
|
| 252 | + $i++; |
|
| 253 | + } |
|
| 254 | + return $return; |
|
| 255 | + } |
|
| 256 | + else |
|
| 257 | + { |
|
| 258 | + return ''; |
|
| 259 | + } |
|
| 260 | + } |
|
| 261 | 261 | |
| 262 | - /** |
|
| 263 | - * Return last error label |
|
| 264 | - * |
|
| 265 | - * @return string Last error |
|
| 266 | - */ |
|
| 267 | - function lasterror() |
|
| 268 | - { |
|
| 269 | - return $this->lasterror; |
|
| 270 | - } |
|
| 262 | + /** |
|
| 263 | + * Return last error label |
|
| 264 | + * |
|
| 265 | + * @return string Last error |
|
| 266 | + */ |
|
| 267 | + function lasterror() |
|
| 268 | + { |
|
| 269 | + return $this->lasterror; |
|
| 270 | + } |
|
| 271 | 271 | |
| 272 | - /** |
|
| 273 | - * Convert (by PHP) a PHP server TZ string date into a Timestamps date (GMT if gm=true) |
|
| 274 | - * 19700101020000 -> 3600 with TZ+1 and gmt=0 |
|
| 275 | - * 19700101020000 -> 7200 whaterver is TZ if gmt=1 |
|
| 276 | - * |
|
| 277 | - * @param string $string Date in a string (YYYYMMDDHHMMSS, YYYYMMDD, YYYY-MM-DD HH:MM:SS) |
|
| 278 | - * @param bool $gm 1=Input informations are GMT values, otherwise local to server TZ |
|
| 279 | - * @return int|string Date TMS or '' |
|
| 280 | - */ |
|
| 281 | - function jdate($string, $gm=false) |
|
| 282 | - { |
|
| 283 | - // TODO GMT must set param gm to true by default |
|
| 284 | - if ($string==0 || $string=="0000-00-00 00:00:00") return ''; |
|
| 285 | - $string=preg_replace('/([^0-9])/i','',$string); |
|
| 286 | - $tmp=$string.'000000'; |
|
| 287 | - $date=dol_mktime(substr($tmp,8,2),substr($tmp,10,2),substr($tmp,12,2),substr($tmp,4,2),substr($tmp,6,2),substr($tmp,0,4),$gm); |
|
| 288 | - return $date; |
|
| 289 | - } |
|
| 272 | + /** |
|
| 273 | + * Convert (by PHP) a PHP server TZ string date into a Timestamps date (GMT if gm=true) |
|
| 274 | + * 19700101020000 -> 3600 with TZ+1 and gmt=0 |
|
| 275 | + * 19700101020000 -> 7200 whaterver is TZ if gmt=1 |
|
| 276 | + * |
|
| 277 | + * @param string $string Date in a string (YYYYMMDDHHMMSS, YYYYMMDD, YYYY-MM-DD HH:MM:SS) |
|
| 278 | + * @param bool $gm 1=Input informations are GMT values, otherwise local to server TZ |
|
| 279 | + * @return int|string Date TMS or '' |
|
| 280 | + */ |
|
| 281 | + function jdate($string, $gm=false) |
|
| 282 | + { |
|
| 283 | + // TODO GMT must set param gm to true by default |
|
| 284 | + if ($string==0 || $string=="0000-00-00 00:00:00") return ''; |
|
| 285 | + $string=preg_replace('/([^0-9])/i','',$string); |
|
| 286 | + $tmp=$string.'000000'; |
|
| 287 | + $date=dol_mktime(substr($tmp,8,2),substr($tmp,10,2),substr($tmp,12,2),substr($tmp,4,2),substr($tmp,6,2),substr($tmp,0,4),$gm); |
|
| 288 | + return $date; |
|
| 289 | + } |
|
| 290 | 290 | |
| 291 | - /** |
|
| 292 | - * Return last query in error |
|
| 293 | - * |
|
| 294 | - * @return string lastqueryerror |
|
| 295 | - */ |
|
| 296 | - function lastqueryerror() |
|
| 297 | - { |
|
| 298 | - return $this->lastqueryerror; |
|
| 299 | - } |
|
| 291 | + /** |
|
| 292 | + * Return last query in error |
|
| 293 | + * |
|
| 294 | + * @return string lastqueryerror |
|
| 295 | + */ |
|
| 296 | + function lastqueryerror() |
|
| 297 | + { |
|
| 298 | + return $this->lastqueryerror; |
|
| 299 | + } |
|
| 300 | 300 | } |
| 301 | 301 | |
@@ -40,7 +40,7 @@ discard block |
||
| 40 | 40 | } |
| 41 | 41 | else |
| 42 | 42 | { |
| 43 | - // Reload to get all modified line records and be ready for hooks |
|
| 43 | + // Reload to get all modified line records and be ready for hooks |
|
| 44 | 44 | $ret = $object->fetch($id); |
| 45 | 45 | $ret = $object->fetch_thirdparty(); |
| 46 | 46 | /*if (empty($object->id) || ! $object->id > 0) |
@@ -50,10 +50,10 @@ discard block |
||
| 50 | 50 | }*/ |
| 51 | 51 | |
| 52 | 52 | // Save last template used to generate document |
| 53 | - if (GETPOST('model','alpha')) |
|
| 54 | - { |
|
| 55 | - $object->setDocModel($user, GETPOST('model','alpha')); |
|
| 56 | - } |
|
| 53 | + if (GETPOST('model','alpha')) |
|
| 54 | + { |
|
| 55 | + $object->setDocModel($user, GETPOST('model','alpha')); |
|
| 56 | + } |
|
| 57 | 57 | |
| 58 | 58 | // Special case to force bank account |
| 59 | 59 | //if (property_exists($object, 'fk_bank')) |
@@ -91,17 +91,17 @@ discard block |
||
| 91 | 91 | } |
| 92 | 92 | else |
| 93 | 93 | { |
| 94 | - if (empty($donotredirect)) // This is set when include is done by bulk action "Bill Orders" |
|
| 95 | - { |
|
| 96 | - setEventMessages($langs->trans("FileGenerated"), null); |
|
| 94 | + if (empty($donotredirect)) // This is set when include is done by bulk action "Bill Orders" |
|
| 95 | + { |
|
| 96 | + setEventMessages($langs->trans("FileGenerated"), null); |
|
| 97 | 97 | |
| 98 | - $urltoredirect = $_SERVER['REQUEST_URI']; |
|
| 99 | - $urltoredirect = preg_replace('/#builddoc$/', '', $urltoredirect); |
|
| 100 | - $urltoredirect = preg_replace('/action=builddoc&?/', '', $urltoredirect); // To avoid infinite loop |
|
| 98 | + $urltoredirect = $_SERVER['REQUEST_URI']; |
|
| 99 | + $urltoredirect = preg_replace('/#builddoc$/', '', $urltoredirect); |
|
| 100 | + $urltoredirect = preg_replace('/action=builddoc&?/', '', $urltoredirect); // To avoid infinite loop |
|
| 101 | 101 | |
| 102 | - header('Location: '.$urltoredirect.'#builddoc'); |
|
| 103 | - exit; |
|
| 104 | - } |
|
| 102 | + header('Location: '.$urltoredirect.'#builddoc'); |
|
| 103 | + exit; |
|
| 104 | + } |
|
| 105 | 105 | } |
| 106 | 106 | } |
| 107 | 107 | } |
@@ -78,8 +78,8 @@ discard block |
||
| 78 | 78 | else |
| 79 | 79 | { |
| 80 | 80 | $usedbyinclude = 1; // Used into next include |
| 81 | - $showtitlebefore = GETPOST('showtitlebefore','int'); |
|
| 82 | - include DOL_DOCUMENT_ROOT.'/core/ajax/selectsearchbox.php'; |
|
| 81 | + $showtitlebefore = GETPOST('showtitlebefore','int'); |
|
| 82 | + include DOL_DOCUMENT_ROOT.'/core/ajax/selectsearchbox.php'; |
|
| 83 | 83 | |
| 84 | 84 | $accesskeyalreadyassigned=array(); |
| 85 | 85 | foreach($arrayresult as $key => $val) |
@@ -103,7 +103,7 @@ discard block |
||
| 103 | 103 | $reshook=$hookmanager->executeHooks('printSearchForm',$parameters); // Note that $action and $object may have been modified by some hooks |
| 104 | 104 | if (empty($reshook)) |
| 105 | 105 | { |
| 106 | - $searchform.=$hookmanager->resPrint; |
|
| 106 | + $searchform.=$hookmanager->resPrint; |
|
| 107 | 107 | } |
| 108 | 108 | else $searchform=$hookmanager->resPrint; |
| 109 | 109 | |
@@ -40,23 +40,23 @@ discard block |
||
| 40 | 40 | // Add attribute |
| 41 | 41 | if ($action == 'add') |
| 42 | 42 | { |
| 43 | - if ($_POST["button"] != $langs->trans("Cancel")) |
|
| 44 | - { |
|
| 45 | - // Check values |
|
| 46 | - if (! $type) |
|
| 47 | - { |
|
| 48 | - $error++; |
|
| 49 | - $langs->load("errors"); |
|
| 50 | - $mesg[]=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Type")); |
|
| 51 | - $action = 'create'; |
|
| 52 | - } |
|
| 53 | - if ($type=='varchar' && $extrasize <= 0) |
|
| 54 | - { |
|
| 55 | - $error++; |
|
| 56 | - $langs->load("errors"); |
|
| 57 | - $mesg[]=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Size")); |
|
| 58 | - $action = 'edit'; |
|
| 59 | - } |
|
| 43 | + if ($_POST["button"] != $langs->trans("Cancel")) |
|
| 44 | + { |
|
| 45 | + // Check values |
|
| 46 | + if (! $type) |
|
| 47 | + { |
|
| 48 | + $error++; |
|
| 49 | + $langs->load("errors"); |
|
| 50 | + $mesg[]=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Type")); |
|
| 51 | + $action = 'create'; |
|
| 52 | + } |
|
| 53 | + if ($type=='varchar' && $extrasize <= 0) |
|
| 54 | + { |
|
| 55 | + $error++; |
|
| 56 | + $langs->load("errors"); |
|
| 57 | + $mesg[]=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Size")); |
|
| 58 | + $action = 'edit'; |
|
| 59 | + } |
|
| 60 | 60 | if ($type=='varchar' && $extrasize > $maxsizestring) |
| 61 | 61 | { |
| 62 | 62 | $error++; |
@@ -73,168 +73,168 @@ discard block |
||
| 73 | 73 | } |
| 74 | 74 | if ($type=='select' && !$param) |
| 75 | 75 | { |
| 76 | - $error++; |
|
| 77 | - $langs->load("errors"); |
|
| 78 | - $mesg[]=$langs->trans("ErrorNoValueForSelectType"); |
|
| 79 | - $action = 'create'; |
|
| 76 | + $error++; |
|
| 77 | + $langs->load("errors"); |
|
| 78 | + $mesg[]=$langs->trans("ErrorNoValueForSelectType"); |
|
| 79 | + $action = 'create'; |
|
| 80 | 80 | } |
| 81 | 81 | if ($type=='sellist' && !$param) |
| 82 | 82 | { |
| 83 | - $error++; |
|
| 84 | - $langs->load("errors"); |
|
| 85 | - $mesg[]=$langs->trans("ErrorNoValueForSelectListType"); |
|
| 86 | - $action = 'create'; |
|
| 83 | + $error++; |
|
| 84 | + $langs->load("errors"); |
|
| 85 | + $mesg[]=$langs->trans("ErrorNoValueForSelectListType"); |
|
| 86 | + $action = 'create'; |
|
| 87 | 87 | } |
| 88 | 88 | if ($type=='checkbox' && !$param) |
| 89 | 89 | { |
| 90 | - $error++; |
|
| 91 | - $langs->load("errors"); |
|
| 92 | - $mesg[]=$langs->trans("ErrorNoValueForCheckBoxType"); |
|
| 93 | - $action = 'create'; |
|
| 90 | + $error++; |
|
| 91 | + $langs->load("errors"); |
|
| 92 | + $mesg[]=$langs->trans("ErrorNoValueForCheckBoxType"); |
|
| 93 | + $action = 'create'; |
|
| 94 | 94 | } |
| 95 | 95 | if ($type=='link' && !$param) |
| 96 | 96 | { |
| 97 | - $error++; |
|
| 98 | - $langs->load("errors"); |
|
| 99 | - $mesg[]=$langs->trans("ErrorNoValueForLinkType"); |
|
| 100 | - $action = 'create'; |
|
| 97 | + $error++; |
|
| 98 | + $langs->load("errors"); |
|
| 99 | + $mesg[]=$langs->trans("ErrorNoValueForLinkType"); |
|
| 100 | + $action = 'create'; |
|
| 101 | 101 | } |
| 102 | 102 | if ($type=='radio' && !$param) |
| 103 | 103 | { |
| 104 | - $error++; |
|
| 105 | - $langs->load("errors"); |
|
| 106 | - $mesg[]=$langs->trans("ErrorNoValueForRadioType"); |
|
| 107 | - $action = 'create'; |
|
| 104 | + $error++; |
|
| 105 | + $langs->load("errors"); |
|
| 106 | + $mesg[]=$langs->trans("ErrorNoValueForRadioType"); |
|
| 107 | + $action = 'create'; |
|
| 108 | 108 | } |
| 109 | 109 | if ((($type=='radio') || ($type=='checkbox')) && $param) |
| 110 | 110 | { |
| 111 | - // Construct array for parameter (value of select list) |
|
| 112 | - $parameters = $param; |
|
| 113 | - $parameters_array = explode("\r\n",$parameters); |
|
| 114 | - foreach($parameters_array as $param_ligne) |
|
| 115 | - { |
|
| 116 | - if (!empty($param_ligne)) { |
|
| 117 | - if (preg_match_all('/,/',$param_ligne,$matches)) |
|
| 118 | - { |
|
| 119 | - if (count($matches[0])>1) { |
|
| 120 | - $error++; |
|
| 121 | - $langs->load("errors"); |
|
| 122 | - $mesg[]=$langs->trans("ErrorBadFormatValueList",$param_ligne); |
|
| 123 | - $action = 'create'; |
|
| 124 | - } |
|
| 125 | - } |
|
| 126 | - else |
|
| 127 | - { |
|
| 128 | - $error++; |
|
| 129 | - $langs->load("errors"); |
|
| 130 | - $mesg[]=$langs->trans("ErrorBadFormatValueList",$param_ligne); |
|
| 131 | - $action = 'create'; |
|
| 132 | - } |
|
| 133 | - } |
|
| 134 | - } |
|
| 111 | + // Construct array for parameter (value of select list) |
|
| 112 | + $parameters = $param; |
|
| 113 | + $parameters_array = explode("\r\n",$parameters); |
|
| 114 | + foreach($parameters_array as $param_ligne) |
|
| 115 | + { |
|
| 116 | + if (!empty($param_ligne)) { |
|
| 117 | + if (preg_match_all('/,/',$param_ligne,$matches)) |
|
| 118 | + { |
|
| 119 | + if (count($matches[0])>1) { |
|
| 120 | + $error++; |
|
| 121 | + $langs->load("errors"); |
|
| 122 | + $mesg[]=$langs->trans("ErrorBadFormatValueList",$param_ligne); |
|
| 123 | + $action = 'create'; |
|
| 124 | + } |
|
| 125 | + } |
|
| 126 | + else |
|
| 127 | + { |
|
| 128 | + $error++; |
|
| 129 | + $langs->load("errors"); |
|
| 130 | + $mesg[]=$langs->trans("ErrorBadFormatValueList",$param_ligne); |
|
| 131 | + $action = 'create'; |
|
| 132 | + } |
|
| 133 | + } |
|
| 134 | + } |
|
| 135 | 135 | } |
| 136 | 136 | |
| 137 | - if (! $error) |
|
| 138 | - { |
|
| 139 | - // attrname must be alphabetical and lower case only |
|
| 140 | - if (isset($_POST["attrname"]) && preg_match("/^[a-z0-9-_]+$/",$_POST['attrname']) && !is_numeric($_POST["attrname"])) |
|
| 141 | - { |
|
| 142 | - // Construct array for parameter (value of select list) |
|
| 143 | - $default_value = GETPOST('default_value','alpha'); |
|
| 144 | - $parameters = $param; |
|
| 145 | - $parameters_array = explode("\r\n",$parameters); |
|
| 146 | - //In sellist we have only one line and it can have come to do SQL expression |
|
| 147 | - if ($type=='sellist') { |
|
| 148 | - foreach($parameters_array as $param_ligne) |
|
| 149 | - { |
|
| 150 | - $params['options'] = array($parameters=>null); |
|
| 151 | - } |
|
| 152 | - } |
|
| 153 | - else |
|
| 154 | - { |
|
| 155 | - //Esle it's separated key/value and coma list |
|
| 156 | - foreach($parameters_array as $param_ligne) |
|
| 157 | - { |
|
| 158 | - list($key,$value) = explode(',',$param_ligne); |
|
| 159 | - $params['options'][$key] = $value; |
|
| 160 | - } |
|
| 161 | - } |
|
| 137 | + if (! $error) |
|
| 138 | + { |
|
| 139 | + // attrname must be alphabetical and lower case only |
|
| 140 | + if (isset($_POST["attrname"]) && preg_match("/^[a-z0-9-_]+$/",$_POST['attrname']) && !is_numeric($_POST["attrname"])) |
|
| 141 | + { |
|
| 142 | + // Construct array for parameter (value of select list) |
|
| 143 | + $default_value = GETPOST('default_value','alpha'); |
|
| 144 | + $parameters = $param; |
|
| 145 | + $parameters_array = explode("\r\n",$parameters); |
|
| 146 | + //In sellist we have only one line and it can have come to do SQL expression |
|
| 147 | + if ($type=='sellist') { |
|
| 148 | + foreach($parameters_array as $param_ligne) |
|
| 149 | + { |
|
| 150 | + $params['options'] = array($parameters=>null); |
|
| 151 | + } |
|
| 152 | + } |
|
| 153 | + else |
|
| 154 | + { |
|
| 155 | + //Esle it's separated key/value and coma list |
|
| 156 | + foreach($parameters_array as $param_ligne) |
|
| 157 | + { |
|
| 158 | + list($key,$value) = explode(',',$param_ligne); |
|
| 159 | + $params['options'][$key] = $value; |
|
| 160 | + } |
|
| 161 | + } |
|
| 162 | 162 | |
| 163 | - // Visibility: -1=not visible by default in list, 1=visible, 0=hidden |
|
| 164 | - $visibility = GETPOST('list', 'alpha'); |
|
| 165 | - if ($type == 'separate') $visibility=3; |
|
| 163 | + // Visibility: -1=not visible by default in list, 1=visible, 0=hidden |
|
| 164 | + $visibility = GETPOST('list', 'alpha'); |
|
| 165 | + if ($type == 'separate') $visibility=3; |
|
| 166 | 166 | |
| 167 | 167 | $result=$extrafields->addExtraField( |
| 168 | - GETPOST('attrname', 'alpha'), |
|
| 169 | - GETPOST('label', 'alpha'), |
|
| 170 | - $type, |
|
| 171 | - GETPOST('pos', 'int'), |
|
| 172 | - $extrasize, |
|
| 173 | - $elementtype, |
|
| 174 | - (GETPOST('unique', 'alpha')?1:0), |
|
| 175 | - (GETPOST('required', 'alpha')?1:0), |
|
| 176 | - $default_value, |
|
| 177 | - $params, |
|
| 178 | - (GETPOST('alwayseditable', 'alpha')?1:0), |
|
| 179 | - (GETPOST('perms', 'alpha')?GETPOST('perms', 'alpha'):''), |
|
| 180 | - $visibility, |
|
| 181 | - GETPOST('help','alpha'), |
|
| 168 | + GETPOST('attrname', 'alpha'), |
|
| 169 | + GETPOST('label', 'alpha'), |
|
| 170 | + $type, |
|
| 171 | + GETPOST('pos', 'int'), |
|
| 172 | + $extrasize, |
|
| 173 | + $elementtype, |
|
| 174 | + (GETPOST('unique', 'alpha')?1:0), |
|
| 175 | + (GETPOST('required', 'alpha')?1:0), |
|
| 176 | + $default_value, |
|
| 177 | + $params, |
|
| 178 | + (GETPOST('alwayseditable', 'alpha')?1:0), |
|
| 179 | + (GETPOST('perms', 'alpha')?GETPOST('perms', 'alpha'):''), |
|
| 180 | + $visibility, |
|
| 181 | + GETPOST('help','alpha'), |
|
| 182 | 182 | GETPOST('computed_value','alpha'), |
| 183 | - (GETPOST('entitycurrentorall', 'alpha')?0:''), |
|
| 183 | + (GETPOST('entitycurrentorall', 'alpha')?0:''), |
|
| 184 | 184 | GETPOST('langfile', 'alpha'), |
| 185 | 185 | 1, |
| 186 | 186 | (GETPOST('totalizable', 'alpha')?1:0) |
| 187 | 187 | ); |
| 188 | - if ($result > 0) |
|
| 189 | - { |
|
| 190 | - setEventMessages($langs->trans('SetupSaved'), null, 'mesgs'); |
|
| 191 | - header("Location: ".$_SERVER["PHP_SELF"]); |
|
| 192 | - exit; |
|
| 193 | - } |
|
| 194 | - else |
|
| 195 | - { |
|
| 188 | + if ($result > 0) |
|
| 189 | + { |
|
| 190 | + setEventMessages($langs->trans('SetupSaved'), null, 'mesgs'); |
|
| 191 | + header("Location: ".$_SERVER["PHP_SELF"]); |
|
| 192 | + exit; |
|
| 193 | + } |
|
| 194 | + else |
|
| 195 | + { |
|
| 196 | 196 | $error++; |
| 197 | - $mesg=$extrafields->error; |
|
| 197 | + $mesg=$extrafields->error; |
|
| 198 | 198 | setEventMessages($mesg, null, 'errors'); |
| 199 | - } |
|
| 200 | - } |
|
| 201 | - else |
|
| 202 | - { |
|
| 199 | + } |
|
| 200 | + } |
|
| 201 | + else |
|
| 202 | + { |
|
| 203 | 203 | $error++; |
| 204 | - $langs->load("errors"); |
|
| 205 | - $mesg=$langs->trans("ErrorFieldCanNotContainSpecialNorUpperCharacters",$langs->transnoentities("AttributeCode")); |
|
| 206 | - setEventMessages($mesg, null, 'errors'); |
|
| 207 | - $action = 'create'; |
|
| 208 | - } |
|
| 209 | - } |
|
| 210 | - else |
|
| 211 | - { |
|
| 212 | - setEventMessages($mesg, null, 'errors'); |
|
| 213 | - } |
|
| 214 | - } |
|
| 204 | + $langs->load("errors"); |
|
| 205 | + $mesg=$langs->trans("ErrorFieldCanNotContainSpecialNorUpperCharacters",$langs->transnoentities("AttributeCode")); |
|
| 206 | + setEventMessages($mesg, null, 'errors'); |
|
| 207 | + $action = 'create'; |
|
| 208 | + } |
|
| 209 | + } |
|
| 210 | + else |
|
| 211 | + { |
|
| 212 | + setEventMessages($mesg, null, 'errors'); |
|
| 213 | + } |
|
| 214 | + } |
|
| 215 | 215 | } |
| 216 | 216 | |
| 217 | 217 | // Rename field |
| 218 | 218 | if ($action == 'update') |
| 219 | 219 | { |
| 220 | - if ($_POST["button"] != $langs->trans("Cancel")) |
|
| 221 | - { |
|
| 220 | + if ($_POST["button"] != $langs->trans("Cancel")) |
|
| 221 | + { |
|
| 222 | 222 | // Check values |
| 223 | - if (! $type) |
|
| 224 | - { |
|
| 225 | - $error++; |
|
| 226 | - $langs->load("errors"); |
|
| 227 | - $mesg[]=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Type")); |
|
| 228 | - $action = 'edit'; |
|
| 229 | - } |
|
| 230 | - if ($type=='varchar' && $extrasize <= 0) |
|
| 231 | - { |
|
| 232 | - $error++; |
|
| 233 | - $langs->load("errors"); |
|
| 234 | - $mesg[]=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Size")); |
|
| 235 | - $action = 'edit'; |
|
| 236 | - } |
|
| 237 | - if ($type=='varchar' && $extrasize > $maxsizestring) |
|
| 223 | + if (! $type) |
|
| 224 | + { |
|
| 225 | + $error++; |
|
| 226 | + $langs->load("errors"); |
|
| 227 | + $mesg[]=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Type")); |
|
| 228 | + $action = 'edit'; |
|
| 229 | + } |
|
| 230 | + if ($type=='varchar' && $extrasize <= 0) |
|
| 231 | + { |
|
| 232 | + $error++; |
|
| 233 | + $langs->load("errors"); |
|
| 234 | + $mesg[]=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Size")); |
|
| 235 | + $action = 'edit'; |
|
| 236 | + } |
|
| 237 | + if ($type=='varchar' && $extrasize > $maxsizestring) |
|
| 238 | 238 | { |
| 239 | 239 | $error++; |
| 240 | 240 | $langs->load("errors"); |
@@ -250,143 +250,143 @@ discard block |
||
| 250 | 250 | } |
| 251 | 251 | if ($type=='select' && !$param) |
| 252 | 252 | { |
| 253 | - $error++; |
|
| 254 | - $langs->load("errors"); |
|
| 255 | - $mesg[]=$langs->trans("ErrorNoValueForSelectType"); |
|
| 256 | - $action = 'edit'; |
|
| 253 | + $error++; |
|
| 254 | + $langs->load("errors"); |
|
| 255 | + $mesg[]=$langs->trans("ErrorNoValueForSelectType"); |
|
| 256 | + $action = 'edit'; |
|
| 257 | 257 | } |
| 258 | 258 | if ($type=='sellist' && !$param) |
| 259 | 259 | { |
| 260 | - $error++; |
|
| 261 | - $langs->load("errors"); |
|
| 262 | - $mesg[]=$langs->trans("ErrorNoValueForSelectListType"); |
|
| 263 | - $action = 'edit'; |
|
| 260 | + $error++; |
|
| 261 | + $langs->load("errors"); |
|
| 262 | + $mesg[]=$langs->trans("ErrorNoValueForSelectListType"); |
|
| 263 | + $action = 'edit'; |
|
| 264 | 264 | } |
| 265 | 265 | if ($type=='checkbox' && !$param) |
| 266 | 266 | { |
| 267 | - $error++; |
|
| 268 | - $langs->load("errors"); |
|
| 269 | - $mesg[]=$langs->trans("ErrorNoValueForCheckBoxType"); |
|
| 270 | - $action = 'edit'; |
|
| 267 | + $error++; |
|
| 268 | + $langs->load("errors"); |
|
| 269 | + $mesg[]=$langs->trans("ErrorNoValueForCheckBoxType"); |
|
| 270 | + $action = 'edit'; |
|
| 271 | 271 | } |
| 272 | 272 | if ($type=='radio' && !$param) |
| 273 | 273 | { |
| 274 | - $error++; |
|
| 275 | - $langs->load("errors"); |
|
| 276 | - $mesg[]=$langs->trans("ErrorNoValueForRadioType"); |
|
| 277 | - $action = 'edit'; |
|
| 274 | + $error++; |
|
| 275 | + $langs->load("errors"); |
|
| 276 | + $mesg[]=$langs->trans("ErrorNoValueForRadioType"); |
|
| 277 | + $action = 'edit'; |
|
| 278 | 278 | } |
| 279 | 279 | if ((($type=='radio') || ($type=='checkbox')) && $param) |
| 280 | 280 | { |
| 281 | - // Construct array for parameter (value of select list) |
|
| 282 | - $parameters = $param; |
|
| 283 | - $parameters_array = explode("\r\n",$parameters); |
|
| 284 | - foreach($parameters_array as $param_ligne) |
|
| 285 | - { |
|
| 286 | - if (!empty($param_ligne)) { |
|
| 287 | - if (preg_match_all('/,/',$param_ligne,$matches)) |
|
| 288 | - { |
|
| 289 | - if (count($matches[0])>1) { |
|
| 290 | - $error++; |
|
| 291 | - $langs->load("errors"); |
|
| 292 | - $mesg[]=$langs->trans("ErrorBadFormatValueList",$param_ligne); |
|
| 293 | - $action = 'edit'; |
|
| 294 | - } |
|
| 295 | - } |
|
| 296 | - else |
|
| 297 | - { |
|
| 298 | - $error++; |
|
| 299 | - $langs->load("errors"); |
|
| 300 | - $mesg[]=$langs->trans("ErrorBadFormatValueList",$param_ligne); |
|
| 301 | - $action = 'edit'; |
|
| 302 | - } |
|
| 303 | - } |
|
| 304 | - } |
|
| 281 | + // Construct array for parameter (value of select list) |
|
| 282 | + $parameters = $param; |
|
| 283 | + $parameters_array = explode("\r\n",$parameters); |
|
| 284 | + foreach($parameters_array as $param_ligne) |
|
| 285 | + { |
|
| 286 | + if (!empty($param_ligne)) { |
|
| 287 | + if (preg_match_all('/,/',$param_ligne,$matches)) |
|
| 288 | + { |
|
| 289 | + if (count($matches[0])>1) { |
|
| 290 | + $error++; |
|
| 291 | + $langs->load("errors"); |
|
| 292 | + $mesg[]=$langs->trans("ErrorBadFormatValueList",$param_ligne); |
|
| 293 | + $action = 'edit'; |
|
| 294 | + } |
|
| 295 | + } |
|
| 296 | + else |
|
| 297 | + { |
|
| 298 | + $error++; |
|
| 299 | + $langs->load("errors"); |
|
| 300 | + $mesg[]=$langs->trans("ErrorBadFormatValueList",$param_ligne); |
|
| 301 | + $action = 'edit'; |
|
| 302 | + } |
|
| 303 | + } |
|
| 304 | + } |
|
| 305 | 305 | } |
| 306 | 306 | |
| 307 | - if (! $error) |
|
| 308 | - { |
|
| 307 | + if (! $error) |
|
| 308 | + { |
|
| 309 | 309 | if (isset($_POST["attrname"]) && preg_match("/^\w[a-zA-Z0-9-_]*$/",$_POST['attrname'])) |
| 310 | - { |
|
| 311 | - $pos = GETPOST('pos','int'); |
|
| 312 | - // Construct array for parameter (value of select list) |
|
| 313 | - $parameters = $param; |
|
| 314 | - $parameters_array = explode("\r\n",$parameters); |
|
| 315 | - //In sellist we have only one line and it can have come to do SQL expression |
|
| 316 | - if ($type=='sellist') { |
|
| 317 | - foreach($parameters_array as $param_ligne) |
|
| 318 | - { |
|
| 319 | - $params['options'] = array($parameters=>null); |
|
| 320 | - } |
|
| 321 | - } |
|
| 322 | - else |
|
| 323 | - { |
|
| 324 | - //Esle it's separated key/value and coma list |
|
| 325 | - foreach($parameters_array as $param_ligne) |
|
| 326 | - { |
|
| 327 | - list($key,$value) = explode(',',$param_ligne); |
|
| 328 | - $params['options'][$key] = $value; |
|
| 329 | - } |
|
| 330 | - } |
|
| 310 | + { |
|
| 311 | + $pos = GETPOST('pos','int'); |
|
| 312 | + // Construct array for parameter (value of select list) |
|
| 313 | + $parameters = $param; |
|
| 314 | + $parameters_array = explode("\r\n",$parameters); |
|
| 315 | + //In sellist we have only one line and it can have come to do SQL expression |
|
| 316 | + if ($type=='sellist') { |
|
| 317 | + foreach($parameters_array as $param_ligne) |
|
| 318 | + { |
|
| 319 | + $params['options'] = array($parameters=>null); |
|
| 320 | + } |
|
| 321 | + } |
|
| 322 | + else |
|
| 323 | + { |
|
| 324 | + //Esle it's separated key/value and coma list |
|
| 325 | + foreach($parameters_array as $param_ligne) |
|
| 326 | + { |
|
| 327 | + list($key,$value) = explode(',',$param_ligne); |
|
| 328 | + $params['options'][$key] = $value; |
|
| 329 | + } |
|
| 330 | + } |
|
| 331 | 331 | |
| 332 | - // Visibility: -1=not visible by default in list, 1=visible, 0=hidden |
|
| 333 | - $visibility = GETPOST('list', 'alpha'); |
|
| 334 | - if ($type == 'separate') $visibility=3; |
|
| 332 | + // Visibility: -1=not visible by default in list, 1=visible, 0=hidden |
|
| 333 | + $visibility = GETPOST('list', 'alpha'); |
|
| 334 | + if ($type == 'separate') $visibility=3; |
|
| 335 | 335 | |
| 336 | 336 | $result=$extrafields->update( |
| 337 | - GETPOST('attrname', 'alpha'), |
|
| 338 | - GETPOST('label', 'alpha'), |
|
| 339 | - $type, |
|
| 340 | - $extrasize, |
|
| 341 | - $elementtype, |
|
| 342 | - (GETPOST('unique', 'alpha')?1:0), |
|
| 343 | - (GETPOST('required', 'alpha')?1:0), |
|
| 344 | - $pos, |
|
| 345 | - $params, |
|
| 346 | - (GETPOST('alwayseditable', 'alpha')?1:0), |
|
| 347 | - (GETPOST('perms', 'alpha')?GETPOST('perms', 'alpha'):''), |
|
| 348 | - $visibility, |
|
| 349 | - GETPOST('help','alpha'), |
|
| 350 | - GETPOST('default_value','alpha'), |
|
| 351 | - GETPOST('computed_value','alpha'), |
|
| 352 | - (GETPOST('entitycurrentorall', 'alpha')?0:''), |
|
| 337 | + GETPOST('attrname', 'alpha'), |
|
| 338 | + GETPOST('label', 'alpha'), |
|
| 339 | + $type, |
|
| 340 | + $extrasize, |
|
| 341 | + $elementtype, |
|
| 342 | + (GETPOST('unique', 'alpha')?1:0), |
|
| 343 | + (GETPOST('required', 'alpha')?1:0), |
|
| 344 | + $pos, |
|
| 345 | + $params, |
|
| 346 | + (GETPOST('alwayseditable', 'alpha')?1:0), |
|
| 347 | + (GETPOST('perms', 'alpha')?GETPOST('perms', 'alpha'):''), |
|
| 348 | + $visibility, |
|
| 349 | + GETPOST('help','alpha'), |
|
| 350 | + GETPOST('default_value','alpha'), |
|
| 351 | + GETPOST('computed_value','alpha'), |
|
| 352 | + (GETPOST('entitycurrentorall', 'alpha')?0:''), |
|
| 353 | 353 | GETPOST('langfile'), |
| 354 | 354 | 1, |
| 355 | 355 | (GETPOST('totalizable', 'alpha')?1:0) |
| 356 | - ); |
|
| 357 | - if ($result > 0) |
|
| 358 | - { |
|
| 359 | - setEventMessages($langs->trans('SetupSaved'), null, 'mesgs'); |
|
| 360 | - header("Location: ".$_SERVER["PHP_SELF"]); |
|
| 361 | - exit; |
|
| 362 | - } |
|
| 363 | - else |
|
| 364 | - { |
|
| 356 | + ); |
|
| 357 | + if ($result > 0) |
|
| 358 | + { |
|
| 359 | + setEventMessages($langs->trans('SetupSaved'), null, 'mesgs'); |
|
| 360 | + header("Location: ".$_SERVER["PHP_SELF"]); |
|
| 361 | + exit; |
|
| 362 | + } |
|
| 363 | + else |
|
| 364 | + { |
|
| 365 | 365 | $error++; |
| 366 | - $mesg=$extrafields->error; |
|
| 367 | - setEventMessages($mesg, null, 'errors'); |
|
| 368 | - } |
|
| 369 | - } |
|
| 370 | - else |
|
| 371 | - { |
|
| 372 | - $error++; |
|
| 373 | - $langs->load("errors"); |
|
| 374 | - $mesg=$langs->trans("ErrorFieldCanNotContainSpecialCharacters",$langs->transnoentities("AttributeCode")); |
|
| 375 | - setEventMessages($mesg, null, 'errors'); |
|
| 376 | - } |
|
| 377 | - } |
|
| 378 | - else |
|
| 379 | - { |
|
| 380 | - setEventMessages($mesg, null, 'errors'); |
|
| 381 | - } |
|
| 382 | - } |
|
| 366 | + $mesg=$extrafields->error; |
|
| 367 | + setEventMessages($mesg, null, 'errors'); |
|
| 368 | + } |
|
| 369 | + } |
|
| 370 | + else |
|
| 371 | + { |
|
| 372 | + $error++; |
|
| 373 | + $langs->load("errors"); |
|
| 374 | + $mesg=$langs->trans("ErrorFieldCanNotContainSpecialCharacters",$langs->transnoentities("AttributeCode")); |
|
| 375 | + setEventMessages($mesg, null, 'errors'); |
|
| 376 | + } |
|
| 377 | + } |
|
| 378 | + else |
|
| 379 | + { |
|
| 380 | + setEventMessages($mesg, null, 'errors'); |
|
| 381 | + } |
|
| 382 | + } |
|
| 383 | 383 | } |
| 384 | 384 | |
| 385 | 385 | // Delete attribute |
| 386 | 386 | if ($action == 'delete') |
| 387 | 387 | { |
| 388 | - if(isset($_GET["attrname"]) && preg_match("/^\w[a-zA-Z0-9-_]*$/",$_GET["attrname"])) |
|
| 389 | - { |
|
| 388 | + if(isset($_GET["attrname"]) && preg_match("/^\w[a-zA-Z0-9-_]*$/",$_GET["attrname"])) |
|
| 389 | + { |
|
| 390 | 390 | $result=$extrafields->delete($_GET["attrname"],$elementtype); |
| 391 | 391 | if ($result >= 0) |
| 392 | 392 | { |
@@ -394,12 +394,12 @@ discard block |
||
| 394 | 394 | exit; |
| 395 | 395 | } |
| 396 | 396 | else $mesg=$extrafields->error; |
| 397 | - } |
|
| 398 | - else |
|
| 399 | - { |
|
| 400 | - $error++; |
|
| 401 | - $langs->load("errors"); |
|
| 402 | - $mesg=$langs->trans("ErrorFieldCanNotContainSpecialCharacters",$langs->transnoentities("AttributeCode")); |
|
| 403 | - } |
|
| 397 | + } |
|
| 398 | + else |
|
| 399 | + { |
|
| 400 | + $error++; |
|
| 401 | + $langs->load("errors"); |
|
| 402 | + $mesg=$langs->trans("ErrorFieldCanNotContainSpecialCharacters",$langs->transnoentities("AttributeCode")); |
|
| 403 | + } |
|
| 404 | 404 | } |
| 405 | 405 | |
@@ -34,16 +34,16 @@ |
||
| 34 | 34 | */ |
| 35 | 35 | function check_user_password_forceuser($usertotest,$passwordtotest,$entitytotest) |
| 36 | 36 | { |
| 37 | - // Variable dolibarr_auto_user must be defined in conf.php file |
|
| 38 | - global $dolibarr_auto_user; |
|
| 37 | + // Variable dolibarr_auto_user must be defined in conf.php file |
|
| 38 | + global $dolibarr_auto_user; |
|
| 39 | 39 | |
| 40 | - dol_syslog("functions_forceuser::check_user_password_forceuser"); |
|
| 40 | + dol_syslog("functions_forceuser::check_user_password_forceuser"); |
|
| 41 | 41 | |
| 42 | - $login=$dolibarr_auto_user; |
|
| 43 | - if (empty($login)) $login='auto'; |
|
| 42 | + $login=$dolibarr_auto_user; |
|
| 43 | + if (empty($login)) $login='auto'; |
|
| 44 | 44 | |
| 45 | - if ($_SESSION["dol_loginmesg"]) $login=''; |
|
| 45 | + if ($_SESSION["dol_loginmesg"]) $login=''; |
|
| 46 | 46 | |
| 47 | - dol_syslog("functions_forceuser::check_user_password_forceuser ok. forced user = ".$login); |
|
| 48 | - return $login; |
|
| 47 | + dol_syslog("functions_forceuser::check_user_password_forceuser ok. forced user = ".$login); |
|
| 48 | + return $login; |
|
| 49 | 49 | } |
@@ -35,124 +35,124 @@ |
||
| 35 | 35 | */ |
| 36 | 36 | function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=1) |
| 37 | 37 | { |
| 38 | - global $db,$conf,$langs; |
|
| 39 | - |
|
| 40 | - // Force master entity in transversal mode |
|
| 41 | - $entity=$entitytotest; |
|
| 42 | - if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $entity=1; |
|
| 43 | - |
|
| 44 | - $login=''; |
|
| 45 | - |
|
| 46 | - if (! empty($usertotest)) |
|
| 47 | - { |
|
| 48 | - dol_syslog("functions_dolibarr::check_user_password_dolibarr usertotest=".$usertotest." passwordtotest=".preg_replace('/./','*',$passwordtotest)." entitytotest=".$entitytotest); |
|
| 49 | - |
|
| 50 | - // If test username/password asked, we define $test=false if ko and $login var to login if ok, set also $_SESSION["dol_loginmesg"] if ko |
|
| 51 | - $table = MAIN_DB_PREFIX."user"; |
|
| 52 | - $usernamecol1 = 'login'; |
|
| 53 | - $usernamecol2 = 'email'; |
|
| 54 | - $entitycol = 'entity'; |
|
| 55 | - |
|
| 56 | - $sql ='SELECT rowid, login, entity, pass, pass_crypted'; |
|
| 57 | - $sql.=' FROM '.$table; |
|
| 58 | - $sql.=' WHERE ('.$usernamecol1." = '".$db->escape($usertotest)."'"; |
|
| 59 | - if (preg_match('/@/',$usertotest)) $sql.=' OR '.$usernamecol2." = '".$db->escape($usertotest)."'"; |
|
| 60 | - $sql.=') AND '.$entitycol." IN (0," . ($entity ? $entity : 1) . ")"; |
|
| 61 | - $sql.=' AND statut = 1'; |
|
| 62 | - // Required to first found the user into entity, then the superadmin. |
|
| 63 | - // For the case (TODO and that we must avoid) a user has renamed its login with same value than a user in entity 0. |
|
| 64 | - $sql.=' ORDER BY entity DESC'; |
|
| 65 | - |
|
| 66 | - $resql=$db->query($sql); |
|
| 67 | - if ($resql) |
|
| 68 | - { |
|
| 69 | - $obj=$db->fetch_object($resql); |
|
| 70 | - if ($obj) |
|
| 71 | - { |
|
| 72 | - $passclear=$obj->pass; |
|
| 73 | - $passcrypted=$obj->pass_crypted; |
|
| 74 | - $passtyped=$passwordtotest; |
|
| 75 | - |
|
| 76 | - $passok=false; |
|
| 77 | - |
|
| 78 | - // Check crypted password |
|
| 79 | - $cryptType=''; |
|
| 80 | - if (! empty($conf->global->DATABASE_PWD_ENCRYPTED)) $cryptType=$conf->global->DATABASE_PWD_ENCRYPTED; |
|
| 81 | - |
|
| 82 | - // By default, we used MD5 |
|
| 83 | - if (! in_array($cryptType,array('md5'))) $cryptType='md5'; |
|
| 84 | - // Check crypted password according to crypt algorithm |
|
| 85 | - if ($cryptType == 'md5') |
|
| 86 | - { |
|
| 87 | - if (dol_verifyHash($passtyped, $passcrypted)) |
|
| 88 | - { |
|
| 89 | - $passok=true; |
|
| 90 | - dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ok - ".$cryptType." of pass is ok"); |
|
| 91 | - } |
|
| 92 | - } |
|
| 93 | - |
|
| 94 | - // For compatibility with old versions |
|
| 95 | - if (! $passok) |
|
| 96 | - { |
|
| 97 | - if ((! $passcrypted || $passtyped) |
|
| 98 | - && ($passclear && ($passtyped == $passclear))) |
|
| 99 | - { |
|
| 100 | - $passok=true; |
|
| 101 | - dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ok - found pass in database"); |
|
| 102 | - } |
|
| 103 | - } |
|
| 104 | - |
|
| 105 | - // Password ok ? |
|
| 106 | - if ($passok) |
|
| 107 | - { |
|
| 108 | - $login=$obj->login; |
|
| 109 | - } |
|
| 110 | - else |
|
| 111 | - { |
|
| 112 | - dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ko bad password for '".$usertotest."'"); |
|
| 113 | - sleep(2); // Anti brut force protection |
|
| 114 | - |
|
| 115 | - // Load translation files required by the page |
|
| 38 | + global $db,$conf,$langs; |
|
| 39 | + |
|
| 40 | + // Force master entity in transversal mode |
|
| 41 | + $entity=$entitytotest; |
|
| 42 | + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $entity=1; |
|
| 43 | + |
|
| 44 | + $login=''; |
|
| 45 | + |
|
| 46 | + if (! empty($usertotest)) |
|
| 47 | + { |
|
| 48 | + dol_syslog("functions_dolibarr::check_user_password_dolibarr usertotest=".$usertotest." passwordtotest=".preg_replace('/./','*',$passwordtotest)." entitytotest=".$entitytotest); |
|
| 49 | + |
|
| 50 | + // If test username/password asked, we define $test=false if ko and $login var to login if ok, set also $_SESSION["dol_loginmesg"] if ko |
|
| 51 | + $table = MAIN_DB_PREFIX."user"; |
|
| 52 | + $usernamecol1 = 'login'; |
|
| 53 | + $usernamecol2 = 'email'; |
|
| 54 | + $entitycol = 'entity'; |
|
| 55 | + |
|
| 56 | + $sql ='SELECT rowid, login, entity, pass, pass_crypted'; |
|
| 57 | + $sql.=' FROM '.$table; |
|
| 58 | + $sql.=' WHERE ('.$usernamecol1." = '".$db->escape($usertotest)."'"; |
|
| 59 | + if (preg_match('/@/',$usertotest)) $sql.=' OR '.$usernamecol2." = '".$db->escape($usertotest)."'"; |
|
| 60 | + $sql.=') AND '.$entitycol." IN (0," . ($entity ? $entity : 1) . ")"; |
|
| 61 | + $sql.=' AND statut = 1'; |
|
| 62 | + // Required to first found the user into entity, then the superadmin. |
|
| 63 | + // For the case (TODO and that we must avoid) a user has renamed its login with same value than a user in entity 0. |
|
| 64 | + $sql.=' ORDER BY entity DESC'; |
|
| 65 | + |
|
| 66 | + $resql=$db->query($sql); |
|
| 67 | + if ($resql) |
|
| 68 | + { |
|
| 69 | + $obj=$db->fetch_object($resql); |
|
| 70 | + if ($obj) |
|
| 71 | + { |
|
| 72 | + $passclear=$obj->pass; |
|
| 73 | + $passcrypted=$obj->pass_crypted; |
|
| 74 | + $passtyped=$passwordtotest; |
|
| 75 | + |
|
| 76 | + $passok=false; |
|
| 77 | + |
|
| 78 | + // Check crypted password |
|
| 79 | + $cryptType=''; |
|
| 80 | + if (! empty($conf->global->DATABASE_PWD_ENCRYPTED)) $cryptType=$conf->global->DATABASE_PWD_ENCRYPTED; |
|
| 81 | + |
|
| 82 | + // By default, we used MD5 |
|
| 83 | + if (! in_array($cryptType,array('md5'))) $cryptType='md5'; |
|
| 84 | + // Check crypted password according to crypt algorithm |
|
| 85 | + if ($cryptType == 'md5') |
|
| 86 | + { |
|
| 87 | + if (dol_verifyHash($passtyped, $passcrypted)) |
|
| 88 | + { |
|
| 89 | + $passok=true; |
|
| 90 | + dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ok - ".$cryptType." of pass is ok"); |
|
| 91 | + } |
|
| 92 | + } |
|
| 93 | + |
|
| 94 | + // For compatibility with old versions |
|
| 95 | + if (! $passok) |
|
| 96 | + { |
|
| 97 | + if ((! $passcrypted || $passtyped) |
|
| 98 | + && ($passclear && ($passtyped == $passclear))) |
|
| 99 | + { |
|
| 100 | + $passok=true; |
|
| 101 | + dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ok - found pass in database"); |
|
| 102 | + } |
|
| 103 | + } |
|
| 104 | + |
|
| 105 | + // Password ok ? |
|
| 106 | + if ($passok) |
|
| 107 | + { |
|
| 108 | + $login=$obj->login; |
|
| 109 | + } |
|
| 110 | + else |
|
| 111 | + { |
|
| 112 | + dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ko bad password for '".$usertotest."'"); |
|
| 113 | + sleep(2); // Anti brut force protection |
|
| 114 | + |
|
| 115 | + // Load translation files required by the page |
|
| 116 | 116 | $langs->loadLangs(array('main', 'errors')); |
| 117 | 117 | |
| 118 | - $_SESSION["dol_loginmesg"]=$langs->trans("ErrorBadLoginPassword"); |
|
| 119 | - } |
|
| 120 | - |
|
| 121 | - // We must check entity |
|
| 122 | - if ($passok && ! empty($conf->multicompany->enabled)) // We must check entity |
|
| 123 | - { |
|
| 124 | - global $mc; |
|
| 125 | - |
|
| 126 | - if (! isset($mc)) $conf->multicompany->enabled = false; // Global not available, disable $conf->multicompany->enabled for safety |
|
| 127 | - else |
|
| 128 | - { |
|
| 129 | - $ret = $mc->checkRight($obj->rowid, $entitytotest); |
|
| 130 | - if ($ret < 0) |
|
| 131 | - { |
|
| 132 | - dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ko entity '" . $entitytotest . "' not allowed for user '" . $obj->rowid . "'"); |
|
| 133 | - $login = ''; // force authentication failure |
|
| 134 | - } |
|
| 135 | - } |
|
| 136 | - } |
|
| 137 | - } |
|
| 138 | - else |
|
| 139 | - { |
|
| 140 | - dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ko user not found for '".$usertotest."'"); |
|
| 141 | - sleep(1); |
|
| 142 | - |
|
| 143 | - // Load translation files required by the page |
|
| 118 | + $_SESSION["dol_loginmesg"]=$langs->trans("ErrorBadLoginPassword"); |
|
| 119 | + } |
|
| 120 | + |
|
| 121 | + // We must check entity |
|
| 122 | + if ($passok && ! empty($conf->multicompany->enabled)) // We must check entity |
|
| 123 | + { |
|
| 124 | + global $mc; |
|
| 125 | + |
|
| 126 | + if (! isset($mc)) $conf->multicompany->enabled = false; // Global not available, disable $conf->multicompany->enabled for safety |
|
| 127 | + else |
|
| 128 | + { |
|
| 129 | + $ret = $mc->checkRight($obj->rowid, $entitytotest); |
|
| 130 | + if ($ret < 0) |
|
| 131 | + { |
|
| 132 | + dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ko entity '" . $entitytotest . "' not allowed for user '" . $obj->rowid . "'"); |
|
| 133 | + $login = ''; // force authentication failure |
|
| 134 | + } |
|
| 135 | + } |
|
| 136 | + } |
|
| 137 | + } |
|
| 138 | + else |
|
| 139 | + { |
|
| 140 | + dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ko user not found for '".$usertotest."'"); |
|
| 141 | + sleep(1); |
|
| 142 | + |
|
| 143 | + // Load translation files required by the page |
|
| 144 | 144 | $langs->loadLangs(array('main', 'errors')); |
| 145 | 145 | |
| 146 | - $_SESSION["dol_loginmesg"]=$langs->trans("ErrorBadLoginPassword"); |
|
| 147 | - } |
|
| 148 | - } |
|
| 149 | - else |
|
| 150 | - { |
|
| 151 | - dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ko db error for '".$usertotest."' error=".$db->lasterror()); |
|
| 152 | - sleep(1); |
|
| 153 | - $_SESSION["dol_loginmesg"]=$db->lasterror(); |
|
| 154 | - } |
|
| 155 | - } |
|
| 156 | - |
|
| 157 | - return $login; |
|
| 146 | + $_SESSION["dol_loginmesg"]=$langs->trans("ErrorBadLoginPassword"); |
|
| 147 | + } |
|
| 148 | + } |
|
| 149 | + else |
|
| 150 | + { |
|
| 151 | + dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ko db error for '".$usertotest."' error=".$db->lasterror()); |
|
| 152 | + sleep(1); |
|
| 153 | + $_SESSION["dol_loginmesg"]=$db->lasterror(); |
|
| 154 | + } |
|
| 155 | + } |
|
| 156 | + |
|
| 157 | + return $login; |
|
| 158 | 158 | } |
@@ -33,13 +33,13 @@ |
||
| 33 | 33 | */ |
| 34 | 34 | function check_user_password_http($usertotest,$passwordtotest,$entitytotest) |
| 35 | 35 | { |
| 36 | - dol_syslog("functions_http::check_user_password_http _SERVER[REMOTE_USER]=".(empty($_SERVER["REMOTE_USER"])?'':$_SERVER["REMOTE_USER"])); |
|
| 36 | + dol_syslog("functions_http::check_user_password_http _SERVER[REMOTE_USER]=".(empty($_SERVER["REMOTE_USER"])?'':$_SERVER["REMOTE_USER"])); |
|
| 37 | 37 | |
| 38 | - $login=''; |
|
| 39 | - if (! empty($_SERVER["REMOTE_USER"])) |
|
| 40 | - { |
|
| 41 | - $login=$_SERVER["REMOTE_USER"]; |
|
| 42 | - } |
|
| 38 | + $login=''; |
|
| 39 | + if (! empty($_SERVER["REMOTE_USER"])) |
|
| 40 | + { |
|
| 41 | + $login=$_SERVER["REMOTE_USER"]; |
|
| 42 | + } |
|
| 43 | 43 | |
| 44 | - return $login; |
|
| 44 | + return $login; |
|
| 45 | 45 | } |
@@ -34,190 +34,190 @@ discard block |
||
| 34 | 34 | */ |
| 35 | 35 | function check_user_password_ldap($usertotest,$passwordtotest,$entitytotest) |
| 36 | 36 | { |
| 37 | - global $db,$conf,$langs; |
|
| 38 | - global $_POST; |
|
| 39 | - global $dolibarr_main_auth_ldap_host,$dolibarr_main_auth_ldap_port; |
|
| 40 | - global $dolibarr_main_auth_ldap_version,$dolibarr_main_auth_ldap_servertype; |
|
| 41 | - global $dolibarr_main_auth_ldap_login_attribute,$dolibarr_main_auth_ldap_dn; |
|
| 42 | - global $dolibarr_main_auth_ldap_admin_login,$dolibarr_main_auth_ldap_admin_pass; |
|
| 43 | - global $dolibarr_main_auth_ldap_filter; |
|
| 44 | - global $dolibarr_main_auth_ldap_debug; |
|
| 45 | - |
|
| 46 | - // Force master entity in transversal mode |
|
| 47 | - $entity=$entitytotest; |
|
| 48 | - if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $entity=1; |
|
| 49 | - |
|
| 50 | - $login=''; |
|
| 51 | - $resultFetchUser=''; |
|
| 52 | - |
|
| 53 | - if (! function_exists("ldap_connect")) |
|
| 54 | - { |
|
| 55 | - dol_syslog("functions_ldap::check_user_password_ldap Authentification ko failed to connect to LDAP. LDAP functions are disabled on this PHP"); |
|
| 56 | - sleep(1); |
|
| 57 | - |
|
| 58 | - // Load translation files required by the page |
|
| 37 | + global $db,$conf,$langs; |
|
| 38 | + global $_POST; |
|
| 39 | + global $dolibarr_main_auth_ldap_host,$dolibarr_main_auth_ldap_port; |
|
| 40 | + global $dolibarr_main_auth_ldap_version,$dolibarr_main_auth_ldap_servertype; |
|
| 41 | + global $dolibarr_main_auth_ldap_login_attribute,$dolibarr_main_auth_ldap_dn; |
|
| 42 | + global $dolibarr_main_auth_ldap_admin_login,$dolibarr_main_auth_ldap_admin_pass; |
|
| 43 | + global $dolibarr_main_auth_ldap_filter; |
|
| 44 | + global $dolibarr_main_auth_ldap_debug; |
|
| 45 | + |
|
| 46 | + // Force master entity in transversal mode |
|
| 47 | + $entity=$entitytotest; |
|
| 48 | + if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) $entity=1; |
|
| 49 | + |
|
| 50 | + $login=''; |
|
| 51 | + $resultFetchUser=''; |
|
| 52 | + |
|
| 53 | + if (! function_exists("ldap_connect")) |
|
| 54 | + { |
|
| 55 | + dol_syslog("functions_ldap::check_user_password_ldap Authentification ko failed to connect to LDAP. LDAP functions are disabled on this PHP"); |
|
| 56 | + sleep(1); |
|
| 57 | + |
|
| 58 | + // Load translation files required by the page |
|
| 59 | 59 | $langs->loadLangs(array('main', 'other')); |
| 60 | 60 | |
| 61 | - $_SESSION["dol_loginmesg"]=$langs->trans("ErrorLDAPFunctionsAreDisabledOnThisPHP").' '.$langs->trans("TryAnotherConnectionMode"); |
|
| 62 | - return; |
|
| 63 | - } |
|
| 64 | - |
|
| 65 | - if ($usertotest) |
|
| 66 | - { |
|
| 67 | - dol_syslog("functions_ldap::check_user_password_ldap usertotest=".$usertotest." passwordtotest=".preg_replace('/./','*',$passwordtotest)." entitytotest=".$entitytotest); |
|
| 68 | - |
|
| 69 | - // If test username/password asked, we define $test=false and $login var if ok, set $_SESSION["dol_loginmesg"] if ko |
|
| 70 | - $ldaphost=$dolibarr_main_auth_ldap_host; |
|
| 71 | - $ldapport=$dolibarr_main_auth_ldap_port; |
|
| 72 | - $ldapversion=$dolibarr_main_auth_ldap_version; |
|
| 73 | - $ldapservertype=(empty($dolibarr_main_auth_ldap_servertype) ? 'openldap' : $dolibarr_main_auth_ldap_servertype); |
|
| 74 | - |
|
| 75 | - $ldapuserattr=$dolibarr_main_auth_ldap_login_attribute; |
|
| 76 | - $ldapdn=$dolibarr_main_auth_ldap_dn; |
|
| 77 | - $ldapadminlogin=$dolibarr_main_auth_ldap_admin_login; |
|
| 78 | - $ldapadminpass=$dolibarr_main_auth_ldap_admin_pass; |
|
| 79 | - $ldapdebug=(empty($dolibarr_main_auth_ldap_debug) || $dolibarr_main_auth_ldap_debug=="false" ? false : true); |
|
| 80 | - |
|
| 81 | - if ($ldapdebug) print "DEBUG: Logging LDAP steps<br>\n"; |
|
| 82 | - |
|
| 83 | - require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php'; |
|
| 84 | - $ldap=new Ldap(); |
|
| 85 | - $ldap->server=explode(',',$ldaphost); |
|
| 86 | - $ldap->serverPort=$ldapport; |
|
| 87 | - $ldap->ldapProtocolVersion=$ldapversion; |
|
| 88 | - $ldap->serverType=$ldapservertype; |
|
| 89 | - $ldap->searchUser=$ldapadminlogin; |
|
| 90 | - $ldap->searchPassword=$ldapadminpass; |
|
| 91 | - |
|
| 92 | - if ($ldapdebug) |
|
| 93 | - { |
|
| 94 | - dol_syslog("functions_ldap::check_user_password_ldap Server:".join(',',$ldap->server).", Port:".$ldap->serverPort.", Protocol:".$ldap->ldapProtocolVersion.", Type:".$ldap->serverType); |
|
| 95 | - dol_syslog("functions_ldap::check_user_password_ldap uid/samacountname=".$ldapuserattr.", dn=".$ldapdn.", Admin:".$ldap->searchUser.", Pass:".$ldap->searchPassword); |
|
| 96 | - print "DEBUG: Server:".join(',',$ldap->server).", Port:".$ldap->serverPort.", Protocol:".$ldap->ldapProtocolVersion.", Type:".$ldap->serverType."<br>\n"; |
|
| 97 | - print "DEBUG: uid/samacountname=".$ldapuserattr.", dn=".$ldapdn.", Admin:".$ldap->searchUser.", Pass:".$ldap->searchPassword."<br>\n"; |
|
| 98 | - } |
|
| 99 | - |
|
| 100 | - $resultFetchLdapUser=0; |
|
| 101 | - |
|
| 102 | - // Define $userSearchFilter |
|
| 103 | - $userSearchFilter = ""; |
|
| 104 | - if (empty($dolibarr_main_auth_ldap_filter)) { |
|
| 105 | - $userSearchFilter = "(" . $ldapuserattr . "=" . $usertotest . ")"; |
|
| 106 | - } else { |
|
| 107 | - $userSearchFilter = str_replace('%1%', $usertotest, $dolibarr_main_auth_ldap_filter); |
|
| 108 | - } |
|
| 109 | - |
|
| 110 | - // If admin login provided |
|
| 111 | - // Code to get user in LDAP from an admin connection (may differ from user connection, done later) |
|
| 112 | - if ($ldapadminlogin) |
|
| 113 | - { |
|
| 114 | - $result=$ldap->connect_bind(); |
|
| 115 | - if ($result > 0) |
|
| 116 | - { |
|
| 117 | - $resultFetchLdapUser = $ldap->fetch($usertotest,$userSearchFilter); |
|
| 118 | - //dol_syslog('functions_ldap::check_user_password_ldap resultFetchLdapUser='.$resultFetchLdapUser); |
|
| 119 | - if ($resultFetchLdapUser > 0 && $ldap->pwdlastset == 0) // If ok but password need to be reset |
|
| 120 | - { |
|
| 121 | - dol_syslog('functions_ldap::check_user_password_ldap '.$usertotest.' must change password next logon'); |
|
| 122 | - if ($ldapdebug) print "DEBUG: User ".$usertotest." must change password<br>\n"; |
|
| 123 | - $ldap->close(); |
|
| 124 | - sleep(1); |
|
| 125 | - $langs->load('ldap'); |
|
| 126 | - $_SESSION["dol_loginmesg"]=$langs->trans("YouMustChangePassNextLogon",$usertotest,$ldap->domainFQDN); |
|
| 127 | - return ''; |
|
| 128 | - } |
|
| 129 | - } |
|
| 130 | - else |
|
| 131 | - { |
|
| 132 | - if ($ldapdebug) print "DEBUG: ".$ldap->error."<br>\n"; |
|
| 133 | - } |
|
| 134 | - $ldap->close(); |
|
| 135 | - } |
|
| 136 | - |
|
| 137 | - // Forge LDAP user and password to test with them |
|
| 138 | - // If LDAP need a dn with login like "uid=jbloggs,ou=People,dc=foo,dc=com", default dn may work even if previous code with |
|
| 139 | - // admin login no exectued. |
|
| 140 | - $ldap->searchUser=$ldapuserattr."=".$usertotest.",".$ldapdn; // Default dn (will work if LDAP accept a dn with login value inside) |
|
| 141 | - // But if LDAP need a dn with name like "cn=Jhon Bloggs,ou=People,dc=foo,dc=com", previous part must have been executed to have |
|
| 142 | - // dn detected into ldapUserDN. |
|
| 143 | - if ($resultFetchLdapUser && !empty($ldap->ldapUserDN)) $ldap->searchUser = $ldap->ldapUserDN; |
|
| 144 | - $ldap->searchPassword=$passwordtotest; |
|
| 145 | - |
|
| 146 | - // Test with this->seachUser and this->searchPassword |
|
| 147 | - //print $resultFetchLdapUser."-".$ldap->ldapUserDN."-".$ldap->searchUser.'-'.$ldap->searchPassword;exit; |
|
| 148 | - $result=$ldap->connect_bind(); |
|
| 149 | - if ($result > 0) |
|
| 150 | - { |
|
| 151 | - if ($result == 2) // Connection is ok for user/pass into LDAP |
|
| 152 | - { |
|
| 153 | - dol_syslog("functions_ldap::check_user_password_ldap Authentification ok"); |
|
| 154 | - $login=$usertotest; |
|
| 155 | - |
|
| 156 | - // ldap2dolibarr synchronisation |
|
| 157 | - if ($login && ! empty($conf->ldap->enabled) && $conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr') // ldap2dolibarr synchronisation |
|
| 158 | - { |
|
| 159 | - dol_syslog("functions_ldap::check_user_password_ldap Sync ldap2dolibarr"); |
|
| 160 | - |
|
| 161 | - // On charge les attributs du user ldap |
|
| 162 | - if ($ldapdebug) print "DEBUG: login ldap = ".$login."<br>\n"; |
|
| 163 | - $resultFetchLdapUser = $ldap->fetch($login,$userSearchFilter); |
|
| 164 | - |
|
| 165 | - if ($ldapdebug) print "DEBUG: UACF = ".join(',',$ldap->uacf)."<br>\n"; |
|
| 166 | - if ($ldapdebug) print "DEBUG: pwdLastSet = ".dol_print_date($ldap->pwdlastset,'day')."<br>\n"; |
|
| 167 | - if ($ldapdebug) print "DEBUG: badPasswordTime = ".dol_print_date($ldap->badpwdtime,'day')."<br>\n"; |
|
| 168 | - |
|
| 169 | - // On recherche le user dolibarr en fonction de son SID ldap |
|
| 170 | - $sid = $ldap->getObjectSid($login); |
|
| 171 | - if ($ldapdebug) print "DEBUG: sid = ".$sid."<br>\n"; |
|
| 172 | - |
|
| 173 | - $usertmp=new User($db); |
|
| 174 | - $resultFetchUser=$usertmp->fetch('',$login,$sid); |
|
| 175 | - if ($resultFetchUser > 0) |
|
| 176 | - { |
|
| 177 | - dol_syslog("functions_ldap::check_user_password_ldap Sync user found user id=".$usertmp->id); |
|
| 178 | - // On verifie si le login a change et on met a jour les attributs dolibarr |
|
| 179 | - |
|
| 180 | - if ($usertmp->login != $ldap->login && $ldap->login) |
|
| 181 | - { |
|
| 182 | - $usertmp->login = $ldap->login; |
|
| 183 | - $usertmp->update($usertmp); |
|
| 184 | - // TODO Que faire si update echoue car on update avec un login deja existant. |
|
| 185 | - } |
|
| 186 | - |
|
| 187 | - //$resultUpdate = $usertmp->update_ldap2dolibarr($ldap); |
|
| 188 | - } |
|
| 189 | - unset($usertmp); |
|
| 190 | - } |
|
| 191 | - |
|
| 192 | - if (! empty($conf->multicompany->enabled)) // We must check entity (even if sync is not active) |
|
| 193 | - { |
|
| 194 | - global $mc; |
|
| 195 | - |
|
| 196 | - $usertmp=new User($db); |
|
| 197 | - $usertmp->fetch('',$login); |
|
| 198 | - $ret=$mc->checkRight($usertmp->id, $entitytotest); |
|
| 199 | - if ($ret < 0) |
|
| 200 | - { |
|
| 201 | - dol_syslog("functions_ldap::check_user_password_ldap Authentification ko entity '".$entitytotest."' not allowed for user '".$usertmp->id."'"); |
|
| 202 | - $login=''; // force authentication failure |
|
| 203 | - } |
|
| 204 | - unset($usertmp); |
|
| 205 | - } |
|
| 206 | - } |
|
| 207 | - if ($result == 1) |
|
| 208 | - { |
|
| 209 | - dol_syslog("functions_ldap::check_user_password_ldap Authentification ko bad user/password for '".$usertotest."'"); |
|
| 210 | - sleep(1); |
|
| 211 | - |
|
| 212 | - // Load translation files required by the page |
|
| 61 | + $_SESSION["dol_loginmesg"]=$langs->trans("ErrorLDAPFunctionsAreDisabledOnThisPHP").' '.$langs->trans("TryAnotherConnectionMode"); |
|
| 62 | + return; |
|
| 63 | + } |
|
| 64 | + |
|
| 65 | + if ($usertotest) |
|
| 66 | + { |
|
| 67 | + dol_syslog("functions_ldap::check_user_password_ldap usertotest=".$usertotest." passwordtotest=".preg_replace('/./','*',$passwordtotest)." entitytotest=".$entitytotest); |
|
| 68 | + |
|
| 69 | + // If test username/password asked, we define $test=false and $login var if ok, set $_SESSION["dol_loginmesg"] if ko |
|
| 70 | + $ldaphost=$dolibarr_main_auth_ldap_host; |
|
| 71 | + $ldapport=$dolibarr_main_auth_ldap_port; |
|
| 72 | + $ldapversion=$dolibarr_main_auth_ldap_version; |
|
| 73 | + $ldapservertype=(empty($dolibarr_main_auth_ldap_servertype) ? 'openldap' : $dolibarr_main_auth_ldap_servertype); |
|
| 74 | + |
|
| 75 | + $ldapuserattr=$dolibarr_main_auth_ldap_login_attribute; |
|
| 76 | + $ldapdn=$dolibarr_main_auth_ldap_dn; |
|
| 77 | + $ldapadminlogin=$dolibarr_main_auth_ldap_admin_login; |
|
| 78 | + $ldapadminpass=$dolibarr_main_auth_ldap_admin_pass; |
|
| 79 | + $ldapdebug=(empty($dolibarr_main_auth_ldap_debug) || $dolibarr_main_auth_ldap_debug=="false" ? false : true); |
|
| 80 | + |
|
| 81 | + if ($ldapdebug) print "DEBUG: Logging LDAP steps<br>\n"; |
|
| 82 | + |
|
| 83 | + require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php'; |
|
| 84 | + $ldap=new Ldap(); |
|
| 85 | + $ldap->server=explode(',',$ldaphost); |
|
| 86 | + $ldap->serverPort=$ldapport; |
|
| 87 | + $ldap->ldapProtocolVersion=$ldapversion; |
|
| 88 | + $ldap->serverType=$ldapservertype; |
|
| 89 | + $ldap->searchUser=$ldapadminlogin; |
|
| 90 | + $ldap->searchPassword=$ldapadminpass; |
|
| 91 | + |
|
| 92 | + if ($ldapdebug) |
|
| 93 | + { |
|
| 94 | + dol_syslog("functions_ldap::check_user_password_ldap Server:".join(',',$ldap->server).", Port:".$ldap->serverPort.", Protocol:".$ldap->ldapProtocolVersion.", Type:".$ldap->serverType); |
|
| 95 | + dol_syslog("functions_ldap::check_user_password_ldap uid/samacountname=".$ldapuserattr.", dn=".$ldapdn.", Admin:".$ldap->searchUser.", Pass:".$ldap->searchPassword); |
|
| 96 | + print "DEBUG: Server:".join(',',$ldap->server).", Port:".$ldap->serverPort.", Protocol:".$ldap->ldapProtocolVersion.", Type:".$ldap->serverType."<br>\n"; |
|
| 97 | + print "DEBUG: uid/samacountname=".$ldapuserattr.", dn=".$ldapdn.", Admin:".$ldap->searchUser.", Pass:".$ldap->searchPassword."<br>\n"; |
|
| 98 | + } |
|
| 99 | + |
|
| 100 | + $resultFetchLdapUser=0; |
|
| 101 | + |
|
| 102 | + // Define $userSearchFilter |
|
| 103 | + $userSearchFilter = ""; |
|
| 104 | + if (empty($dolibarr_main_auth_ldap_filter)) { |
|
| 105 | + $userSearchFilter = "(" . $ldapuserattr . "=" . $usertotest . ")"; |
|
| 106 | + } else { |
|
| 107 | + $userSearchFilter = str_replace('%1%', $usertotest, $dolibarr_main_auth_ldap_filter); |
|
| 108 | + } |
|
| 109 | + |
|
| 110 | + // If admin login provided |
|
| 111 | + // Code to get user in LDAP from an admin connection (may differ from user connection, done later) |
|
| 112 | + if ($ldapadminlogin) |
|
| 113 | + { |
|
| 114 | + $result=$ldap->connect_bind(); |
|
| 115 | + if ($result > 0) |
|
| 116 | + { |
|
| 117 | + $resultFetchLdapUser = $ldap->fetch($usertotest,$userSearchFilter); |
|
| 118 | + //dol_syslog('functions_ldap::check_user_password_ldap resultFetchLdapUser='.$resultFetchLdapUser); |
|
| 119 | + if ($resultFetchLdapUser > 0 && $ldap->pwdlastset == 0) // If ok but password need to be reset |
|
| 120 | + { |
|
| 121 | + dol_syslog('functions_ldap::check_user_password_ldap '.$usertotest.' must change password next logon'); |
|
| 122 | + if ($ldapdebug) print "DEBUG: User ".$usertotest." must change password<br>\n"; |
|
| 123 | + $ldap->close(); |
|
| 124 | + sleep(1); |
|
| 125 | + $langs->load('ldap'); |
|
| 126 | + $_SESSION["dol_loginmesg"]=$langs->trans("YouMustChangePassNextLogon",$usertotest,$ldap->domainFQDN); |
|
| 127 | + return ''; |
|
| 128 | + } |
|
| 129 | + } |
|
| 130 | + else |
|
| 131 | + { |
|
| 132 | + if ($ldapdebug) print "DEBUG: ".$ldap->error."<br>\n"; |
|
| 133 | + } |
|
| 134 | + $ldap->close(); |
|
| 135 | + } |
|
| 136 | + |
|
| 137 | + // Forge LDAP user and password to test with them |
|
| 138 | + // If LDAP need a dn with login like "uid=jbloggs,ou=People,dc=foo,dc=com", default dn may work even if previous code with |
|
| 139 | + // admin login no exectued. |
|
| 140 | + $ldap->searchUser=$ldapuserattr."=".$usertotest.",".$ldapdn; // Default dn (will work if LDAP accept a dn with login value inside) |
|
| 141 | + // But if LDAP need a dn with name like "cn=Jhon Bloggs,ou=People,dc=foo,dc=com", previous part must have been executed to have |
|
| 142 | + // dn detected into ldapUserDN. |
|
| 143 | + if ($resultFetchLdapUser && !empty($ldap->ldapUserDN)) $ldap->searchUser = $ldap->ldapUserDN; |
|
| 144 | + $ldap->searchPassword=$passwordtotest; |
|
| 145 | + |
|
| 146 | + // Test with this->seachUser and this->searchPassword |
|
| 147 | + //print $resultFetchLdapUser."-".$ldap->ldapUserDN."-".$ldap->searchUser.'-'.$ldap->searchPassword;exit; |
|
| 148 | + $result=$ldap->connect_bind(); |
|
| 149 | + if ($result > 0) |
|
| 150 | + { |
|
| 151 | + if ($result == 2) // Connection is ok for user/pass into LDAP |
|
| 152 | + { |
|
| 153 | + dol_syslog("functions_ldap::check_user_password_ldap Authentification ok"); |
|
| 154 | + $login=$usertotest; |
|
| 155 | + |
|
| 156 | + // ldap2dolibarr synchronisation |
|
| 157 | + if ($login && ! empty($conf->ldap->enabled) && $conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr') // ldap2dolibarr synchronisation |
|
| 158 | + { |
|
| 159 | + dol_syslog("functions_ldap::check_user_password_ldap Sync ldap2dolibarr"); |
|
| 160 | + |
|
| 161 | + // On charge les attributs du user ldap |
|
| 162 | + if ($ldapdebug) print "DEBUG: login ldap = ".$login."<br>\n"; |
|
| 163 | + $resultFetchLdapUser = $ldap->fetch($login,$userSearchFilter); |
|
| 164 | + |
|
| 165 | + if ($ldapdebug) print "DEBUG: UACF = ".join(',',$ldap->uacf)."<br>\n"; |
|
| 166 | + if ($ldapdebug) print "DEBUG: pwdLastSet = ".dol_print_date($ldap->pwdlastset,'day')."<br>\n"; |
|
| 167 | + if ($ldapdebug) print "DEBUG: badPasswordTime = ".dol_print_date($ldap->badpwdtime,'day')."<br>\n"; |
|
| 168 | + |
|
| 169 | + // On recherche le user dolibarr en fonction de son SID ldap |
|
| 170 | + $sid = $ldap->getObjectSid($login); |
|
| 171 | + if ($ldapdebug) print "DEBUG: sid = ".$sid."<br>\n"; |
|
| 172 | + |
|
| 173 | + $usertmp=new User($db); |
|
| 174 | + $resultFetchUser=$usertmp->fetch('',$login,$sid); |
|
| 175 | + if ($resultFetchUser > 0) |
|
| 176 | + { |
|
| 177 | + dol_syslog("functions_ldap::check_user_password_ldap Sync user found user id=".$usertmp->id); |
|
| 178 | + // On verifie si le login a change et on met a jour les attributs dolibarr |
|
| 179 | + |
|
| 180 | + if ($usertmp->login != $ldap->login && $ldap->login) |
|
| 181 | + { |
|
| 182 | + $usertmp->login = $ldap->login; |
|
| 183 | + $usertmp->update($usertmp); |
|
| 184 | + // TODO Que faire si update echoue car on update avec un login deja existant. |
|
| 185 | + } |
|
| 186 | + |
|
| 187 | + //$resultUpdate = $usertmp->update_ldap2dolibarr($ldap); |
|
| 188 | + } |
|
| 189 | + unset($usertmp); |
|
| 190 | + } |
|
| 191 | + |
|
| 192 | + if (! empty($conf->multicompany->enabled)) // We must check entity (even if sync is not active) |
|
| 193 | + { |
|
| 194 | + global $mc; |
|
| 195 | + |
|
| 196 | + $usertmp=new User($db); |
|
| 197 | + $usertmp->fetch('',$login); |
|
| 198 | + $ret=$mc->checkRight($usertmp->id, $entitytotest); |
|
| 199 | + if ($ret < 0) |
|
| 200 | + { |
|
| 201 | + dol_syslog("functions_ldap::check_user_password_ldap Authentification ko entity '".$entitytotest."' not allowed for user '".$usertmp->id."'"); |
|
| 202 | + $login=''; // force authentication failure |
|
| 203 | + } |
|
| 204 | + unset($usertmp); |
|
| 205 | + } |
|
| 206 | + } |
|
| 207 | + if ($result == 1) |
|
| 208 | + { |
|
| 209 | + dol_syslog("functions_ldap::check_user_password_ldap Authentification ko bad user/password for '".$usertotest."'"); |
|
| 210 | + sleep(1); |
|
| 211 | + |
|
| 212 | + // Load translation files required by the page |
|
| 213 | 213 | $langs->loadLangs(array('main', 'other')); |
| 214 | 214 | |
| 215 | - $_SESSION["dol_loginmesg"]=$langs->trans("ErrorBadLoginPassword"); |
|
| 216 | - } |
|
| 217 | - } |
|
| 218 | - else |
|
| 219 | - { |
|
| 220 | - /* Login failed. Return false, together with the error code and text from |
|
| 215 | + $_SESSION["dol_loginmesg"]=$langs->trans("ErrorBadLoginPassword"); |
|
| 216 | + } |
|
| 217 | + } |
|
| 218 | + else |
|
| 219 | + { |
|
| 220 | + /* Login failed. Return false, together with the error code and text from |
|
| 221 | 221 | ** the LDAP server. The common error codes and reasons are listed below : |
| 222 | 222 | ** (for iPlanet, other servers may differ) |
| 223 | 223 | ** 19 - Account locked out (too many invalid login attempts) |
@@ -225,24 +225,24 @@ discard block |
||
| 225 | 225 | ** 49 - Wrong password |
| 226 | 226 | ** 53 - Account inactive (manually locked out by administrator) |
| 227 | 227 | */ |
| 228 | - dol_syslog("functions_ldap::check_user_password_ldap Authentification ko failed to connect to LDAP for '".$usertotest."'"); |
|
| 229 | - if (is_resource($ldap->connection)) // If connection ok but bind ko |
|
| 230 | - { |
|
| 231 | - $ldap->ldapErrorCode = ldap_errno($ldap->connection); |
|
| 232 | - $ldap->ldapErrorText = ldap_error($ldap->connection); |
|
| 233 | - dol_syslog("functions_ldap::check_user_password_ldap ".$ldap->ldapErrorCode." ".$ldap->ldapErrorText); |
|
| 234 | - } |
|
| 235 | - sleep(2); // Anti brut force protection |
|
| 236 | - |
|
| 237 | - // Load translation files required by the page |
|
| 228 | + dol_syslog("functions_ldap::check_user_password_ldap Authentification ko failed to connect to LDAP for '".$usertotest."'"); |
|
| 229 | + if (is_resource($ldap->connection)) // If connection ok but bind ko |
|
| 230 | + { |
|
| 231 | + $ldap->ldapErrorCode = ldap_errno($ldap->connection); |
|
| 232 | + $ldap->ldapErrorText = ldap_error($ldap->connection); |
|
| 233 | + dol_syslog("functions_ldap::check_user_password_ldap ".$ldap->ldapErrorCode." ".$ldap->ldapErrorText); |
|
| 234 | + } |
|
| 235 | + sleep(2); // Anti brut force protection |
|
| 236 | + |
|
| 237 | + // Load translation files required by the page |
|
| 238 | 238 | $langs->loadLangs(array('main', 'other', 'errors')); |
| 239 | 239 | ; |
| 240 | - $_SESSION["dol_loginmesg"]=($ldap->error?$ldap->error:$langs->trans("ErrorBadLoginPassword")); |
|
| 241 | - } |
|
| 240 | + $_SESSION["dol_loginmesg"]=($ldap->error?$ldap->error:$langs->trans("ErrorBadLoginPassword")); |
|
| 241 | + } |
|
| 242 | 242 | |
| 243 | - $ldap->close(); |
|
| 244 | - } |
|
| 243 | + $ldap->close(); |
|
| 244 | + } |
|
| 245 | 245 | |
| 246 | - return $login; |
|
| 246 | + return $login; |
|
| 247 | 247 | } |
| 248 | 248 | |
@@ -33,12 +33,12 @@ |
||
| 33 | 33 | */ |
| 34 | 34 | function check_user_password_empty($usertotest,$passwordtotest,$entitytotest) |
| 35 | 35 | { |
| 36 | - global $langs; |
|
| 36 | + global $langs; |
|
| 37 | 37 | |
| 38 | - dol_syslog("functions_empty::check_user_password_empty usertotest=".$usertotest); |
|
| 38 | + dol_syslog("functions_empty::check_user_password_empty usertotest=".$usertotest); |
|
| 39 | 39 | |
| 40 | - $login=''; |
|
| 41 | - $_SESSION["dol_loginmesg"]=$langs->trans("FailedToLogin"); |
|
| 40 | + $login=''; |
|
| 41 | + $_SESSION["dol_loginmesg"]=$langs->trans("FailedToLogin"); |
|
| 42 | 42 | |
| 43 | - return $login; |
|
| 43 | + return $login; |
|
| 44 | 44 | } |
