Fix: When using a disabled user, web service must be forbidden

2012-03-20 17:18:20 +01:00 · 2012-03-20 17:18:20 +01:00 · c0013a4581
commit c0013a4581
parent 6d7aba45de
1 changed files with 6 additions and 0 deletions
--- a/htdocs/core/lib/ws.lib.php
+++ b/htdocs/core/lib/ws.lib.php
@ -65,6 +65,12 @@ function check_authentication($authentication,&$error,&$errorcode,&$errorlabel)
            $errorcode='BAD_CREDENTIALS'; $errorlabel='Bad value for login or password';
        }

+		if (! $error && $fuser->statut == 0)
+		{
+			$error++;
+			$errorcode='ERROR_USER_DISABLED'; $errorlabel='This user has been locked or disabled';
+		}
+		
    	// Validation of login
 		if (! $error)
 		{