From: vincent@cubedesigners.com Date: Tue, 27 Oct 2009 09:26:01 +0000 (+0000) Subject: (no commit message) X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=f806f9d1d79d48d94216e8df286f6d1d5bc2f439;p=cubeextranet.git --- diff --git a/inc/extranet/Controlleur/class.extranet.core.php b/inc/extranet/Controlleur/class.extranet.core.php index 2d4ca7139..433def2cf 100644 --- a/inc/extranet/Controlleur/class.extranet.core.php +++ b/inc/extranet/Controlleur/class.extranet.core.php @@ -50,6 +50,7 @@ class extranetCore extends cubeCore { { // On regarde si user_email et user_password ont été postées // Si c'est le cas, on les copie dans la session + $_SESSION['errorLogin']=false; if (isset($_POST['user_email'])) { $_SESSION['user_email'] = $_POST['user_email']; } @@ -69,6 +70,11 @@ class extranetCore extends cubeCore { // Utilisateur connecté à l'interface $dao = new extranetDAOUtilisateur($this->con); $this->user = $dao->selectByLoginPassword($_SESSION['user_email'], $_SESSION['user_password']); + if($this->user==false){ + $_SESSION['errorLogin']=true; + return; + + } if ($this->user->grade == 0) { $daoClient = new extranetDAOClient($this->con); $this->user->collegues = $daoClient->getColleguesList($this->user->utilisateur_id); diff --git a/inc/extranet/Controlleur/class.extranet.url.php b/inc/extranet/Controlleur/class.extranet.url.php index 840dfa537..c86ffc5f5 100644 --- a/inc/extranet/Controlleur/class.extranet.url.php +++ b/inc/extranet/Controlleur/class.extranet.url.php @@ -38,11 +38,12 @@ class extranetUrl { { global $core; - if ($tentative = isset($_SESSION['tentative'])) { - unset($_SESSION['tentative']); + $tentative = isset($_SESSION['errorLogin']) && $_SESSION['errorLogin']; + if($tentative){ + $_SESSION['errorLogin']=false; } - $message = $tentative?'

' . __('E-mail / mot de passe incorrects') . '

':''; + $message = $tentative?'


' . __('Identifiants incorrects') . '

':''; $res = extranetPage::barre(); $res .= extranetPage::tMain(); diff --git a/inc/extranet/DAO/class.extranet.dao.utilisateur.php b/inc/extranet/DAO/class.extranet.dao.utilisateur.php index 13ba94abe..37dc303ea 100644 --- a/inc/extranet/DAO/class.extranet.dao.utilisateur.php +++ b/inc/extranet/DAO/class.extranet.dao.utilisateur.php @@ -90,8 +90,9 @@ class extranetDAOUtilisateur extends extranetDAO { public function selectByLoginPassword($login, $password) { - $r = $this->con->select('SELECT * FROM utilisateurs WHERE (email=\'' . $this->con->escape($login) . '\' OR login=\'' . $this->con->escape($login) . '\') AND (password=\'' . $this->con->escape($password) . '\' OR ws_password=\'' . $this->con->escape($password) . '\') LIMIT 1'); - if (!$r->count()) { + $sql = 'SELECT * FROM utilisateurs WHERE (email=\'' . $this->con->escape($login) . '\' OR login=\'' . $this->con->escape($login) . '\') AND (password=\'' . $this->con->escape($password) . '\' OR ws_password=\'' . $this->con->escape($password) . '\') LIMIT 1'; + $r = $this->con->select($sql); + if ($r->count() == 0) { return false; } $utilisateur = $this->singleton($r);