Skip to content
Snippets Groups Projects
Commit 5de8e4e4 authored by kevin.dezaphi's avatar kevin.dezaphi
Browse files

FIX #8337 fix authentification ldap when the account is locked

parent e4ee807a
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
apps/maarch_entreprise/log.php
+ 14
1
View file @ 5de8e4e4
...@@ -215,7 +215,6 @@ if (!empty($_SESSION['error'])) { ...@@ -215,7 +215,6 @@ if (!empty($_SESSION['error'])) {
//TODO: protect sql injection with PDO //TODO: protect sql injection with PDO
require_once 'core/class/class_db_pdo.php'; require_once 'core/class/class_db_pdo.php';
\SrcCore\models\AuthenticationModel::resetFailedAuthentication(['userId' => $login]);
// Instantiate database. // Instantiate database.
$database = new Database(); $database = new Database();
$stmt = $database->query( $stmt = $database->query(
...@@ -224,6 +223,20 @@ if (!empty($_SESSION['error'])) { ...@@ -224,6 +223,20 @@ if (!empty($_SESSION['error'])) {
); //permet de rechercher les utilisateurs dans le LDAP sans prendre en compte la casse ); //permet de rechercher les utilisateurs dans le LDAP sans prendre en compte la casse
$result = $stmt->fetch(); $result = $stmt->fetch();
if (!empty($result['locked_until'])) {
$lockedDate = new \DateTime($result['locked_until']);
$currentDate = new \DateTime();
if ($currentDate < $lockedDate) {
$_SESSION['error'] = _ACCOUNT_LOCKED_UNTIL . " {$lockedDate->format('d/m/Y H:i')}";
header(
'location: ' . $_SESSION['config']['businessappurl']
. 'index.php?display=true&page=login'
);
exit;
}
}
\Core\Models\AuthenticationModel::resetFailedAuthentication(['userId' => $login]);
if ($result) { if ($result) {
$_SESSION['error'] = ''; $_SESSION['error'] = '';
if (!empty($standardConnect) && $standardConnect == 'true') { if (!empty($standardConnect) && $standardConnect == 'true') {
......
sql/develop.sql
+ 1
1
View file @ 5de8e4e4
...@@ -524,4 +524,4 @@ INSERT INTO status (id, label_status, is_system, img_filename, maarch_module, ca ...@@ -524,4 +524,4 @@ INSERT INTO status (id, label_status, is_system, img_filename, maarch_module, ca
DELETE FROM parameters WHERE id = 'homepage_message'; DELETE FROM parameters WHERE id = 'homepage_message';
INSERT INTO parameters (id, description, param_value_string) VALUES ('homepage_message', 'Texte apparaissant dans la banière sur la page d''acceuil, laisser vide pour supprimer la banière.', 'Bienvenue dans votre <b>G</b>estion <b>E</b>lectronique du <b>C</b>ourrier.'); INSERT INTO parameters (id, description, param_value_string) VALUES ('homepage_message', 'Texte apparaissant dans la bannière sur la page d''accueil, mettre un espace pour supprimer la bannière.', 'Bienvenue dans votre <b>G</b>estion <b>E</b>lectronique du <b>C</b>ourrier.');
\ No newline at end of file \ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment