lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

NEW Save date to invalidate other session into user table

Browse Source
This commit is contained in:
Laurent Destailleur 2023-01-12 14:40:00 +01:00
parent 8c1ce7873f
commit c50c553999
3 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
htdocs/install/mysql/migration/17.0.0-18.0.0.sql
View File

@ -56,3 +56,6 @@ ALTER TABLE llx_payment_salary MODIFY COLUMN datep datetime;
INSERT INTO llx_c_tva(rowid,fk_pays,code,taux,localtax1,localtax1_type,localtax2,localtax2_type,recuperableonly,note,active) values (1179, 117, 'I-28' , 28, 0, '0', 0, '0', 0, 'IGST', 1);
INSERT INTO llx_c_tva(rowid,fk_pays,code,taux,localtax1,localtax1_type,localtax2,localtax2_type,recuperableonly,note,active) values (1176, 117, 'C+S-18', 0, 9, '1', 9, '1', 0, 'CGST+SGST - Same state sales', 1);
ALTER TABLE llx_user ADD COLUMN flagdelsessionsbefore datetime DEFAULT NULL;

1
htdocs/install/mysql/tables/llx_user.sql
View File

@ -84,6 +84,7 @@ create table llx_user
datelastpassvalidation datetime, -- last date we change password or we made a disconnect all
datestartvalidity datetime,
dateendvalidity datetime,
flagdelsessionsbefore datetime DEFAULT NULL, -- set this to a date if we need to launch an external process to invalidate all sessions for the same login created before this date
iplastlogin varchar(250),
ippreviouslogin varchar(250),
egroupware_id integer,

10
htdocs/user/class/user.class.php
View File

@ -1776,9 +1776,9 @@ class User extends CommonObject
}
}
if ($result > 0 && $member->fk_soc) { // If member is linked to a thirdparty
if ($result > 0 && $member->socid) { // If member is linked to a thirdparty
$sql = "UPDATE ".$this->db->prefix()."user";
$sql .= " SET fk_soc=".((int) $member->fk_soc);
$sql .= " SET fk_soc=".((int) $member->socid);
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::create_from_member", LOG_DEBUG);
@ -2243,9 +2243,10 @@ class User extends CommonObject
* @param int $notrigger 1=Does not launch triggers
* @param int $nosyncmember Do not synchronize linked member
* @param int $passwordalreadycrypted 0=Value is cleartext password, 1=Value is crypted value.
* @param int $flagdelsessionsbefore 1=Save also the current date to ask to invalidate all other session before this date.
* @return string If OK return clear password, 0 if no change (warning, you may retreive 1 instead of 0 even if password was same), < 0 if error
*/
public function setPassword($user, $password = '', $changelater = 0, $notrigger = 0, $nosyncmember = 0, $passwordalreadycrypted = 0)
public function setPassword($user, $password = '', $changelater = 0, $notrigger = 0, $nosyncmember = 0, $passwordalreadycrypted = 0, $flagdelsessionsbefore = 1)
{
global $conf, $langs;
require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
@ -2297,6 +2298,9 @@ class User extends CommonObject
$sql = "UPDATE ".$this->db->prefix()."user";
$sql .= " SET pass_crypted = '".$this->db->escape($password_crypted)."',";
$sql .= " pass_temp = null";
if (empty($flagdelsessionsbefore)) {
$sql .= ", flagdelsessionsbefore = '".$this->db->idate(dol_now() - 5, 'gmt')."'";
}
if (!empty($conf->global->DATABASE_PWD_ENCRYPTED)) {
$sql .= ", pass = null";
} else {