FIX #3541 Bypass authentication when user was created using LDAP

2015-10-18 21:33:47 +02:00 · 2015-10-18 21:33:47 +02:00 · fd3ba13130
commit fd3ba13130
parent bf6b48f5a0
1 changed files with 1 additions and 1 deletions
--- a/htdocs/core/login/functions_dolibarr.php
+++ b/htdocs/core/login/functions_dolibarr.php
@ -91,7 +91,7 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=
 				if (! $passok)
 				{
 					if ((! $passcrypted || $passtyped)
-						&& ($passtyped == $passclear))
+						&& ($passclear && ($passtyped == $passclear)))
 					{
 						$passok=true;
 						dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ok - found pass in database");