lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FIX #6445

Browse Source
This commit is contained in:
Laurent Destailleur 2017-03-10 14:48:26 +01:00
parent f7b387513f
commit 135358780c
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
htdocs/core/login/functions_dolibarr.php
View File

@ -47,7 +47,7 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=
{
dol_syslog("functions_dolibarr::check_user_password_dolibarr usertotest=".$usertotest." passwordtotest=".preg_replace('/./','*',$passwordtotest)." entitytotest=".$entitytotest);
// If test username/password asked, we define $test=false and $login var if ok, set $_SESSION["dol_loginmesg"] if ko
// If test username/password asked, we define $test=false if ko and $login var to login if ok, set also $_SESSION["dol_loginmesg"] if ko
$table = MAIN_DB_PREFIX."user";
$usernamecol1 = 'login';
$usernamecol2 = 'email';
@ -59,6 +59,9 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=
if (preg_match('/@/',$usertotest)) $sql.=' OR '.$usernamecol2." = '".$db->escape($usertotest)."'";
$sql.=') AND '.$entitycol." IN (0," . ($entity ? $entity : 1) . ")";
$sql.=' AND statut = 1';
// Required to first found the user into entity, then the superadmin.
// For the case (TODO and that we must avoid) a user has renamed its login with same value than a user in entity 0.
$sql.=' ORDER BY entity DESC';
$resql=$db->query($sql);
if ($resql)