diff --git a/apps/maarch_entreprise/log.php b/apps/maarch_entreprise/log.php
index 0a51aa6b6dc2a694c2ad5bb52e62a9348b7df5e6..397cfcf19c6b5cc188a6961e0a1c34833b72b2b7 100755
--- a/apps/maarch_entreprise/log.php
+++ b/apps/maarch_entreprise/log.php
@@ -82,13 +82,19 @@ $businessAppTools = new business_app_tools();
 
 if (count($_SESSION['config']) <= 0) {
     $tmpPath = explode(
-        DIRECTORY_SEPARATOR, str_replace(
-            '/', DIRECTORY_SEPARATOR, $_SERVER['SCRIPT_FILENAME']
+        DIRECTORY_SEPARATOR,
+        str_replace(
+            '/',
+            DIRECTORY_SEPARATOR,
+            $_SERVER['SCRIPT_FILENAME']
         )
     );
     $serverPath = implode(
-        DIRECTORY_SEPARATOR, array_slice(
-            $tmpPath, 0, array_search('apps', $tmpPath)
+        DIRECTORY_SEPARATOR,
+        array_slice(
+            $tmpPath,
+            0,
+            array_search('apps', $tmpPath)
         )
     ).DIRECTORY_SEPARATOR;
 
@@ -213,7 +219,6 @@ if (!empty($_SESSION['error'])) {
             }
 
             if ($ad->authenticate($loginToAd, $password)) {
-                //TODO: protect sql injection with PDO
                 require_once 'core/class/class_db_pdo.php';
 
                 // Instantiate database.
@@ -223,6 +228,7 @@ if (!empty($_SESSION['error'])) {
                     array($login)
                 ); //permet de rechercher les utilisateurs dans le LDAP sans prendre en compte la casse
                 $result = $stmt->fetch();
+                $login = $result['user_id'];
 
                 if (!empty($result['locked_until'])) {
                     $lockedDate = new \DateTime($result['locked_until']);