Fix escape error message
This commit is contained in:
Laurent Destailleur
parent
03d2d24244
commit
10ddd621ca
@ -111,7 +111,7 @@ function checkLoginPassEntity($usertotest, $passwordtotest, $entitytotest, $auth
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('other', 'main', 'errors'));
|
||||
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorFailedToLoadLoginFileForMode", $mode);
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorFailedToLoadLoginFileForMode", $mode);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -76,13 +76,13 @@ function check_user_password_dolibarr($usertotest, $passwordtotest, $entitytotes
|
||||
if ($obj->datestartvalidity && $db->jdate($obj->datestartvalidity) > $now) {
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorLoginDateValidity");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity");
|
||||
return '--bad-login-validity--';
|
||||
}
|
||||
if ($obj->dateendvalidity && $db->jdate($obj->dateendvalidity) < dol_get_first_hour($now)) {
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorLoginDateValidity");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity");
|
||||
return '--bad-login-validity--';
|
||||
}
|
||||
|
||||
@ -129,7 +129,7 @@ function check_user_password_dolibarr($usertotest, $passwordtotest, $entitytotes
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorBadLoginPassword");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorBadLoginPassword");
|
||||
}
|
||||
|
||||
// We must check entity
|
||||
@ -153,7 +153,7 @@ function check_user_password_dolibarr($usertotest, $passwordtotest, $entitytotes
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorBadLoginPassword");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorBadLoginPassword");
|
||||
}
|
||||
} else {
|
||||
dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentication KO db error for '".$usertotest."' error=".$db->lasterror(), LOG_ERR);
|
||||
|
||||
@ -38,7 +38,7 @@ function check_user_password_empty($usertotest, $passwordtotest, $entitytotest)
|
||||
dol_syslog("functions_empty::check_user_password_empty usertotest=".$usertotest);
|
||||
|
||||
$login = '';
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("FailedToLogin");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("FailedToLogin");
|
||||
|
||||
return $login;
|
||||
}
|
||||
|
||||
@ -50,13 +50,13 @@ function check_user_password_http($usertotest, $passwordtotest, $entitytotest)
|
||||
if ($tmpuser->datestartvalidity && $db->jdate($tmpuser->datestartvalidity) >= $now) {
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorLoginDateValidity");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity");
|
||||
return '--bad-login-validity--';
|
||||
}
|
||||
if ($tmpuser->dateendvalidity && $db->jdate($tmpuser->dateendvalidity) <= dol_get_first_hour($now)) {
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorLoginDateValidity");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity");
|
||||
return '--bad-login-validity--';
|
||||
}
|
||||
}
|
||||
|
||||
@ -59,7 +59,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'other'));
|
||||
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorLDAPFunctionsAreDisabledOnThisPHP").' '.$langs->trans("TryAnotherConnectionMode");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLDAPFunctionsAreDisabledOnThisPHP").' '.$langs->transnoentitiesnoconv("TryAnotherConnectionMode");
|
||||
return;
|
||||
}
|
||||
|
||||
@ -123,7 +123,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
|
||||
$ldap->close();
|
||||
sleep(1);
|
||||
$langs->load('ldap');
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("YouMustChangePassNextLogon", $usertotest, $ldap->domainFQDN);
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("YouMustChangePassNextLogon", $usertotest, $ldap->domainFQDN);
|
||||
return '';
|
||||
}
|
||||
} else {
|
||||
@ -169,14 +169,14 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
|
||||
$ldap->close();
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorLoginDateValidity");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity");
|
||||
return '--bad-login-validity--';
|
||||
}
|
||||
if ($tmpuser->dateendvalidity && $db->jdate($tmpuser->dateendvalidity) <= dol_get_first_hour($now)) {
|
||||
$ldap->close();
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorLoginDateValidity");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity");
|
||||
return '--bad-login-validity--';
|
||||
}
|
||||
|
||||
@ -247,7 +247,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'other'));
|
||||
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorBadLoginPassword");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorBadLoginPassword");
|
||||
}
|
||||
} else {
|
||||
/* Login failed. Return false, together with the error code and text from
|
||||
@ -268,7 +268,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
|
||||
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'other', 'errors'));
|
||||
$_SESSION["dol_loginmesg"] = ($ldap->error ? $ldap->error : $langs->trans("ErrorBadLoginPassword"));
|
||||
$_SESSION["dol_loginmesg"] = ($ldap->error ? $ldap->error : $langs->transnoentitiesnoconv("ErrorBadLoginPassword"));
|
||||
}
|
||||
|
||||
$ldap->close();
|
||||
|
||||
@ -45,11 +45,11 @@ function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
|
||||
// Get identity from user and redirect browser to OpenID Server
|
||||
if (GETPOSTISSET('username')) {
|
||||
$openid = new SimpleOpenID();
|
||||
$openid->SetIdentity($_POST['username']);
|
||||
$openid->SetIdentity(GETPOST('username'));
|
||||
$protocol = ($conf->file->main_force_https ? 'https://' : 'http://');
|
||||
$openid->SetTrustRoot($protocol.$_SERVER["HTTP_HOST"]);
|
||||
$openid->SetRequiredFields(array('email', 'fullname'));
|
||||
$_SESSION['dol_entity'] = $_POST["entity"];
|
||||
$_SESSION['dol_entity'] = GETPOST("entity", 'int');
|
||||
//$openid->SetOptionalFields(array('dob','gender','postcode','country','language','timezone'));
|
||||
if ($openid->sendDiscoveryRequestToGetXRDS()) {
|
||||
$openid->SetApprovedURL($protocol.$_SERVER["HTTP_HOST"].$_SERVER["SCRIPT_NAME"]); // Send Response from OpenID server to this script
|
||||
@ -62,15 +62,15 @@ function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
|
||||
} elseif ($_GET['openid_mode'] == 'id_res') {
|
||||
// Perform HTTP Request to OpenID server to validate key
|
||||
$openid = new SimpleOpenID();
|
||||
$openid->SetIdentity($_GET['openid_identity']);
|
||||
$openid->SetIdentity(GETPOST('openid_identity'));
|
||||
$openid_validation_result = $openid->ValidateWithServer();
|
||||
if ($openid_validation_result === true) {
|
||||
// OK HERE KEY IS VALID
|
||||
|
||||
$sql = "SELECT login, entity, datestartvalidity, dateendvalidity";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."user";
|
||||
$sql .= " WHERE openid = '".$db->escape($_GET['openid_identity'])."'";
|
||||
$sql .= " AND entity IN (0,".($_SESSION["dol_entity"] ? $_SESSION["dol_entity"] : 1).")";
|
||||
$sql .= " WHERE openid = '".$db->escape(GETPOST('openid_identity'))."'";
|
||||
$sql .= " AND entity IN (0,".($_SESSION["dol_entity"] ? ((int) $_SESSION["dol_entity"]) : 1).")";
|
||||
|
||||
dol_syslog("functions_openid::check_user_password_openid", LOG_DEBUG);
|
||||
$resql = $db->query($sql);
|
||||
@ -81,13 +81,13 @@ function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
|
||||
if ($obj->datestartvalidity && $db->jdate($obj->datestartvalidity) > $now) {
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorLoginDateValidity");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity");
|
||||
return '--bad-login-validity--';
|
||||
}
|
||||
if ($obj->dateendvalidity && $db->jdate($obj->dateendvalidity) < dol_get_first_hour($now)) {
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorLoginDateValidity");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity");
|
||||
return '--bad-login-validity--';
|
||||
}
|
||||
|
||||
|
||||
@ -332,7 +332,7 @@ if (isset($conf->file->main_authentication) && preg_match('/openid/', $conf->fil
|
||||
if (!empty($_SESSION['dol_loginmesg'])) {
|
||||
?>
|
||||
<div class="center login_main_message"><div class="error">
|
||||
<?php echo $_SESSION['dol_loginmesg']; ?>
|
||||
<?php echo dol_escape_htmltag($_SESSION['dol_loginmesg']); ?>
|
||||
</div></div>
|
||||
<?php
|
||||
}
|
||||
|
||||
@ -651,7 +651,7 @@ if (!defined('NOLOGIN')) {
|
||||
// Load translation files required by page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorBadValueForCode");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorBadValueForCode");
|
||||
$test = false;
|
||||
|
||||
// Call trigger for the "security events" log
|
||||
@ -745,7 +745,7 @@ if (!defined('NOLOGIN')) {
|
||||
// Bad password. No authmode has found a good password.
|
||||
// We set a generic message if not defined inside function checkLoginPassEntity or subfunctions
|
||||
if (empty($_SESSION["dol_loginmesg"])) {
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorBadLoginPassword");
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorBadLoginPassword");
|
||||
}
|
||||
|
||||
// Call trigger for the "security events" log
|
||||
@ -798,7 +798,7 @@ if (!defined('NOLOGIN')) {
|
||||
// Load translation files required by page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorCantLoadUserFromDolibarrDatabase", $login);
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorCantLoadUserFromDolibarrDatabase", $login);
|
||||
|
||||
$user->trigger_mesg = 'ErrorCantLoadUserFromDolibarrDatabase - login='.$login;
|
||||
}
|
||||
@ -862,7 +862,7 @@ if (!defined('NOLOGIN')) {
|
||||
// Load translation files required by page
|
||||
$langs->loadLangs(array('main', 'errors'));
|
||||
|
||||
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorCantLoadUserFromDolibarrDatabase", $login);
|
||||
$_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorCantLoadUserFromDolibarrDatabase", $login);
|
||||
|
||||
$user->trigger_mesg = 'ErrorCantLoadUserFromDolibarrDatabase - login='.$login;
|
||||
}
|
||||
|
||||
@ -97,7 +97,7 @@ if (empty($reshook)) {
|
||||
if ($edituser->pass_temp && dol_verifyHash($edituser->pass_temp.'-'.$edituser->id.'-'.$dolibarr_main_instance_unique_id, $passworduidhash)) {
|
||||
// Clear session
|
||||
unset($_SESSION['dol_login']);
|
||||
$_SESSION['dol_loginmesg'] = $langs->trans('NewPasswordValidated'); // Save message for the session page
|
||||
$_SESSION['dol_loginmesg'] = $langs->transnoentitiesnoconv('NewPasswordValidated'); // Save message for the session page
|
||||
|
||||
$newpassword = $edituser->setPassword($user, $edituser->pass_temp, 0);
|
||||
dol_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database");
|
||||
|
||||
Loading…
Reference in New Issue
Block a user