lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FIX #12908

Browse Source
This commit is contained in:
Laurent Destailleur 2020-01-28 21:23:05 +01:00
parent 9acda3545e
commit be2d6494a7
2 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/adherents/card.php
View File

@ -202,7 +202,7 @@ if (empty($reshook))
{
// Creation user
$nuser = new User($db);
$result = $nuser->create_from_member($object, GETPOST('login'));
$result = $nuser->create_from_member($object, GETPOST('login', 'alphanohtml'));
if ($result < 0)
{

23
htdocs/user/class/user.class.php
View File

@ -1394,19 +1394,22 @@ class User extends CommonObject
// phpcs:enable
global $conf, $user, $langs;
// Positionne parametres
// Set properties on new user
$this->admin = 0;
$this->lastname = $member->lastname;
$this->firstname = $member->firstname;
$this->gender = $member->gender;
$this->email = $member->email;
$this->fk_member = $member->id;
$this->pass = $member->pass;
$this->address = $member->address;
$this->zip = $member->zip;
$this->town = $member->town;
$this->state_id = $member->state_id;
$this->country_id = $member->country_id;
$this->socialnetworks = $member->socialnetworks;
$this->pass = $member->pass;
$this->pass_crypted = $member->pass_indatabase_crypted;
if (empty($login)) $login = strtolower(substr($member->firstname, 0, 4)).strtolower(substr($member->lastname, 0, 4));
$this->login = $login;
@ -1417,8 +1420,20 @@ class User extends CommonObject
$result = $this->create($user);
if ($result > 0)
{
$newpass = $this->setPassword($user, $this->pass);
if (is_numeric($newpass) && $newpass < 0) $result = -2;
if (! empty($this->pass)) { // If a clear password was received (this situation should not happen anymore now), we use it to save it into database
$newpass = $this->setPassword($user, $this->pass);
if (is_numeric($newpass) && $newpass < 0) $result = -2;
} elseif (! empty($this->pass_crypted)) { // If a crypted password is already known, we save it directly into database because the previous create did not save it.
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql .= " SET pass_crypted = '".$this->db->escape($this->pass_crypted)."'";
$sql .= " WHERE rowid=".$this->id;
$resql = $this->db->query($sql);
if (! $resql)
{
$result = -1;
}
}
if ($result > 0 && $member->fk_soc) // If member is linked to a thirdparty
{