From 096b74d2f01e8426f8f28cd0edbb85ed37e3ba26 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Nana?= <sebastien.nana@maarch.org>
Date: Wed, 25 Nov 2009 16:24:57 +0000
Subject: [PATCH]
---
core/trunk/core/class/class_core_tools.php | 2 +-
core/trunk/core/class/class_security.php | 11 ++++++-----
2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/core/trunk/core/class/class_core_tools.php b/core/trunk/core/class/class_core_tools.php
index f65a5a205ff..cd2cfb7b5df 100644
--- a/core/trunk/core/class/class_core_tools.php
+++ b/core/trunk/core/class/class_core_tools.php
@@ -891,7 +891,7 @@ class core_tools extends functions
<title><?php echo $title;?></title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="Content-Language" content="<?php echo $_SESSION['config']['lang'];?>" />
- <link rel="icon" type="image/png" href="<?php echo $_SESSION['config']['businessappurl'];?>img/favicon.png"/>
+ <link rel="icon" type="image/png" href="<?php echo $_SESSION['config']['businessappurl'];?>static.php?filename=favicon.png"/>
<?php
if($load_css)
{
diff --git a/core/trunk/core/class/class_security.php b/core/trunk/core/class/class_security.php
index 1e2a78b17ac..c7dcb9a3d43 100644
--- a/core/trunk/core/class/class_security.php
+++ b/core/trunk/core/class/class_security.php
@@ -452,7 +452,7 @@ class security extends dbquery
$query = "select * from ".$_SESSION['tablename']['users']." where user_id like '".$this->protect_string_db($s_login)."' and password = '".$pass."' and STATUS <> 'DEL'";
$this->query($query);
-
+
if($this->nb_result() > 0)
{
$line = $this->fetch_object();
@@ -500,14 +500,14 @@ class security extends dbquery
$hist->add($_SESSION['tablename']['users'],$_SESSION['user']['UserId'],"LOGIN","IP : ".$ip.", BROWSER : ".$navigateur , $_SESSION['config']['databasetype']);
}
-
+
if($_SESSION['user']['change_pass'] == 'Y')
{
header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=change_pass");
exit();
}
- elseif(trim($_SESSION['requestUri']) <> "")
+ elseif(isset($_SESSION['requestUri']) && trim($_SESSION['requestUri']) <> ""&& !preg_match('/page=login/', $_SESSION['requestUri']))
{
header("location: ".$_SESSION['config']['businessappurl']."index.php?".$_SESSION['requestUri']);
exit();
@@ -527,8 +527,9 @@ class security extends dbquery
}
else
{
+
$_SESSION['error'] = _BAD_LOGIN_OR_PSW."…";
- header("location: ".$_SESSION['config']['businessappurl']."login.php?coreurl=".$_SESSION['config']['coreurl']);
+ header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=login&coreurl=".$_SESSION['config']['coreurl']);
exit();
}
}
@@ -626,7 +627,7 @@ class security extends dbquery
else
{
$_SESSION['error'] = _ERROR;
- header("location: ".$_SESSION['config']['businessappurl']."login.php?coreurl=".$_SESSION['config']['coreurl']);
+ header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=login&coreurl=".$_SESSION['config']['coreurl']);
exit();
}
}
--
GitLab