Fix: create session and cookie for multi-company
This commit is contained in:
Regis Houssin
parent
74f43ba723
commit
260f762e97
@ -64,14 +64,12 @@ class Conf
|
||||
* \param $entity Id of company
|
||||
* \return int < 0 if KO, >= 0 if OK
|
||||
*/
|
||||
function setValues($db,$entity=1)
|
||||
function setValues($db)
|
||||
{
|
||||
dol_syslog("Conf::setValues");
|
||||
|
||||
$this->global->PRODUIT_CONFIRM_DELETE_LINE=1; // Par defaut, a oui
|
||||
|
||||
$this->entity = $entity;
|
||||
|
||||
|
||||
/*
|
||||
* Definition de toutes les Constantes globales d'environnement
|
||||
* - En constante php (TODO a virer)
|
||||
|
||||
@ -112,6 +112,15 @@ analyse_sql_injection($_POST);
|
||||
// This is to make Dolibarr working with Plesk
|
||||
set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
|
||||
|
||||
// Retrieve the entity
|
||||
if (isset($_POST["entity"])) $_SESSION["dol_entity"] = $_POST["entity"];
|
||||
$entityCookieName = "DOLENTITYID_dolibarr";
|
||||
if (isset($_COOKIE[$entityCookieName]))
|
||||
{
|
||||
$conf->entity = $_COOKIE[$entityCookieName];
|
||||
$_SESSION["dol_entity"] = $conf->entity;
|
||||
}
|
||||
|
||||
// Set and init common variables
|
||||
require_once("master.inc.php");
|
||||
|
||||
@ -231,7 +240,7 @@ if (! isset($_SESSION["dol_login"]))
|
||||
// Appel des triggers
|
||||
include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
|
||||
$interface=new Interfaces($db);
|
||||
$result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf);
|
||||
$result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,$_POST["entity"]);
|
||||
if ($result < 0) { $error++; }
|
||||
// Fin appel triggers
|
||||
}
|
||||
@ -264,24 +273,10 @@ if (! isset($_SESSION["dol_login"]))
|
||||
$test=false;
|
||||
$conf->authmode=$mode; // This properties is defined only when logged
|
||||
|
||||
// TODO Should not have setting and redirection header here.
|
||||
// Cookie add must be set at same place than "New session for this login"
|
||||
// and header call must be removed. Also entity must be set in session.
|
||||
// Call function to check entity
|
||||
// TODO Call function to check entity
|
||||
if ($conf->multicompany->enabled && isset($_POST["entity"]))
|
||||
{
|
||||
$entitytotest=$_POST["entity"];
|
||||
|
||||
// Create entity cookie
|
||||
$entityCookieName = "DOLENTITYID_dolibarr";
|
||||
if (!isset($HTTP_COOKIE_VARS[$entityCookieName]))
|
||||
{
|
||||
setcookie($entityCookieName, $entitytotest, 0, "/", "", 0);
|
||||
}
|
||||
|
||||
// Reload index.php
|
||||
$url=DOL_URL_ROOT."/index.php";
|
||||
header("Location: ".$url);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -309,7 +304,7 @@ if (! isset($_SESSION["dol_login"]))
|
||||
// Appel des triggers
|
||||
include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
|
||||
$interface=new Interfaces($db);
|
||||
$result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf);
|
||||
$result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,$_POST["entity"]);
|
||||
if ($result < 0) { $error++; }
|
||||
// Fin appel triggers
|
||||
}
|
||||
@ -349,7 +344,7 @@ if (! isset($_SESSION["dol_login"]))
|
||||
// Appel des triggers
|
||||
include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
|
||||
$interface=new Interfaces($db);
|
||||
$result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf);
|
||||
$result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,$_POST["entity"]);
|
||||
if ($result < 0) { $error++; }
|
||||
// Fin appel triggers
|
||||
|
||||
@ -363,8 +358,8 @@ else
|
||||
// Remarks: On ne sauvegarde pas objet user car pose pb dans certains cas mal identifies
|
||||
$login=$_SESSION["dol_login"];
|
||||
$resultFetchUser=$user->fetch($login);
|
||||
|
||||
dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login);
|
||||
|
||||
if ($resultFetchUser <= 0)
|
||||
{
|
||||
// Account has been removed after login
|
||||
@ -390,7 +385,7 @@ else
|
||||
// Appel des triggers
|
||||
include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
|
||||
$interface=new Interfaces($db);
|
||||
$result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf);
|
||||
$result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,$_POST["entity"]);
|
||||
if ($result < 0) { $error++; }
|
||||
// Fin appel triggers
|
||||
|
||||
@ -406,7 +401,6 @@ if (! isset($_SESSION["dol_login"]))
|
||||
|
||||
// New session for this login
|
||||
$_SESSION["dol_login"]=$user->login;
|
||||
|
||||
$_SESSION["dol_authmode"]=$conf->authmode;
|
||||
dol_syslog("This is a new started user session. _SESSION['dol_login']=".$_SESSION["dol_login"].' Session id='.session_id());
|
||||
|
||||
@ -417,7 +411,7 @@ if (! isset($_SESSION["dol_login"]))
|
||||
// Appel des triggers
|
||||
include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
|
||||
$interface=new Interfaces($db);
|
||||
$result=$interface->run_triggers('USER_LOGIN',$user,$user,$langs,$conf);
|
||||
$result=$interface->run_triggers('USER_LOGIN',$user,$user,$langs,$conf,$_POST["entity"]);
|
||||
if ($result < 0) { $error++; }
|
||||
// Fin appel triggers
|
||||
|
||||
@ -432,6 +426,17 @@ if (! isset($_SESSION["dol_login"]))
|
||||
{
|
||||
$db->commit();
|
||||
}
|
||||
|
||||
// Create entity cookie
|
||||
if ($conf->multicompany->enabled && isset($_POST["entity"]))
|
||||
{
|
||||
$entity = $_POST["entity"];
|
||||
$entityCookieName = "DOLENTITYID_dolibarr";
|
||||
if (!isset($HTTP_COOKIE_VARS[$entityCookieName]))
|
||||
{
|
||||
setcookie($entityCookieName, $entity, 0, "/", "", 0);
|
||||
}
|
||||
}
|
||||
|
||||
// Module webcalendar
|
||||
if (! empty($conf->webcal->enabled) && $user->webcal_login != "")
|
||||
|
||||
@ -66,9 +66,9 @@ if (! $result && $_SERVER["GATEWAY_INTERFACE"])
|
||||
}
|
||||
if (empty($dolibarr_main_db_host))
|
||||
{
|
||||
print 'Error: Dolibarr setup was run but was not completed.<br>'."\n";
|
||||
print 'Error: Dolibarr setup was run but was not completed.<br>'."\n";
|
||||
print 'Please, run <a href="install/index.php">Dolibarr install process</a> until the end...'."\n";
|
||||
exit;
|
||||
exit;
|
||||
}
|
||||
if (empty($dolibarr_main_db_type)) $dolibarr_main_db_type='mysql'; // Pour compatibilite avec anciennes configs, si non defini, on prend 'mysql'
|
||||
if (empty($dolibarr_main_data_root))
|
||||
@ -91,7 +91,7 @@ define('DOL_URL_ROOT', $pos); // URL racine relative
|
||||
*/
|
||||
if (! file_exists(DOL_DOCUMENT_ROOT ."/lib/functions.lib.php"))
|
||||
{
|
||||
print "Error: Dolibarr config file content seems to be not correctly defined.<br>\n";
|
||||
print "Error: Dolibarr config file content seems to be not correctly defined.<br>\n";
|
||||
print "Please run dolibarr setup by calling page <b>/install</b>.<br>\n";
|
||||
exit;
|
||||
}
|
||||
@ -113,6 +113,10 @@ if (! empty($dolibarr_main_db_encrypted_pass))
|
||||
require_once(DOL_DOCUMENT_ROOT."/core/conf.class.php");
|
||||
|
||||
$conf = new Conf();
|
||||
|
||||
// Retrieve the entity
|
||||
if (isset($_SESSION["dol_entity"])) $conf->entity = $_SESSION["dol_entity"];
|
||||
|
||||
// Identifiant propres au serveur base de donnee
|
||||
$conf->db->host = $dolibarr_main_db_host;
|
||||
if (empty($dolibarr_main_db_port)) $dolibarr_main_db_port=0; // Pour compatibilite avec anciennes configs, si non defini, on prend 'mysql'
|
||||
@ -204,13 +208,7 @@ if (! defined('NOREQUIREUSER'))
|
||||
*/
|
||||
if (! defined('NOREQUIREDB'))
|
||||
{
|
||||
// TODO Should remove this to not define entity here but later once value of entity has been read from
|
||||
// session in main.inc.php.
|
||||
// master.inc.php (used also by scripts) should be safe of any command that depends on screen code.
|
||||
$entityCookieName = "DOLENTITYID_dolibarr";
|
||||
$entity = 1; // By default;
|
||||
if (isset($_COOKIE[$entityCookieName])) $entity=$_COOKIE[$entityCookieName]?$_COOKIE[$entityCookieName]:1;
|
||||
$conf->setValues($db,$entity);
|
||||
$conf->setValues($db);
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
Loading…
Reference in New Issue
Block a user