Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Supression du code user et gestion changement mot de passe adherent

Browse Source
This commit is contained in:
Laurent Destailleur
2007-02-27 20:40:19 +00:00
parent e4a9a1fdfc
commit 1da80f653a
8 changed files with 307 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
htdocs/adherents/adherent.class.php
View File

@@ -348,7 +348,7 @@ class Adherent
$sql.= " '".addslashes($this->login)."'";
$sql.= ")";
dolibarr_syslog("Adherent.class::create sql=".$sql);
dolibarr_syslog("Adherent::create sql=".$sql);
$result = $this->db->query($sql);
if ($result)
{
@@ -373,11 +373,10 @@ class Adherent
$result=$interface->run_triggers('MEMBER_CREATE',$this,$user,$langs,$conf);
if ($result < 0) $this->errors=$interface->errors;
// Fin appel triggers
if (sizeof($this->errors))
{
$this->db->rollback();
return -1;
return -3;
}
else
{
@@ -389,7 +388,7 @@ class Adherent
{
$this->error='Failed to get last insert id';
$this->db->rollback();
return -1;
return -2;
}
}
else
@@ -411,7 +410,7 @@ class Adherent
{
global $conf,$langs;
dolibarr_syslog("Adherent.class::update user=".$user->id." notrigger=".$notrigger);
dolibarr_syslog("Adherent::update user=".$user->id." notrigger=".$notrigger);
// Verification parametres
if ($conf->global->ADHERENT_MAIL_REQUIRED && ! ValidEMail($this->email))
@@ -469,17 +468,18 @@ class Adherent
$attr=substr($key,8);
$sql.=",$attr";
}
$sql .= ") VALUES ($this->id";
$sql .= ") VALUES (".$this->id;
foreach($this->array_options as $key => $value)
{
$sql.=",'".$this->array_options[$key]."'";
}
$sql.=");";
$sql.=")";
$result = $this->db->query($sql);
if (! $result)
{
$this->error=$this->db->error();
dolibarr_syslog("Adherent::update ".$this->error);
$this->db->rollback();
return -2;
}
@@ -516,17 +516,17 @@ class Adherent
// Suppression options
$sql = "DELETE FROM ".MAIN_DB_PREFIX."adherent_options WHERE adhid = ".$rowid;
dolibarr_syslog("Adherent.class::delete sql=".$sql);
dolibarr_syslog("Adherent::delete sql=".$sql);
$resql=$this->db->query($sql);
if ($resql)
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."cotisation WHERE fk_adherent = ".$rowid;
dolibarr_syslog("Adherent.class::delete sql=".$sql);
dolibarr_syslog("Adherent::delete sql=".$sql);
$resql=$this->db->query( $sql);
if ($resql)
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."adherent WHERE rowid = ".$rowid;
dolibarr_syslog("Adherent.class::delete sql=".$sql);
dolibarr_syslog("Adherent::delete sql=".$sql);
$resql=$this->db->query($sql);
if ($resql)
{
@@ -576,6 +576,73 @@ class Adherent
}
/**
* \brief Change le mot de passe d'un utilisateur
* \param user Object user de l'utilisateur qui fait la modification
* \param password Nouveau mot de passe (<28> g<>n<EFBFBD>rer si non communiqu<71>)
* \param isencrypted 0 ou 1 si il faut crypter le mot de passe en base (0 par d<>faut)
* \return string mot de passe, < 0 si erreur
*/
function password($user, $password='', $isencrypted=0)
{
global $langs;
dolibarr_syslog("Adherent::Password user=".$user->id." password=".eregi_replace('.','*',$password)." isencrypted=".$isencrypted);
// Si nouveau mot de passe non communiqu<71>, on g<>n<EFBFBD>re par module
if (! $password)
{
// TODO Mettre appel au module de g<>n<EFBFBD>ration de mot de passe
$password=creer_pass_aleatoire_1('');
//$password=creer_pass_aleatoire_2('');
}
// Cryptage mot de passe
if ($isencrypted)
{
// Crypte avec systeme encodage par defaut du PHP
//$sqlpass = crypt($password, makesalt());
$password_indatabase = md5($password);
}
else
{
$password_indatabase = $password;
}
// Mise a jour
$sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET pass = '".addslashes($password_indatabase)."'";
$sql.= " WHERE rowid = ".$this->id;
$result = $this->db->query($sql);
if ($result)
{
if ($this->db->affected_rows())
{
$this->pass=$password;
$this->pass_indatabase=$password_indatabase;
// Appel des triggers
include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
$interface=new Interfaces($this->db);
$result=$interface->run_triggers('MEMBER_NEW_PASSWORD',$this,$user,$lang,$conf);
if ($result < 0) $this->errors=$interface->errors;
// Fin appel triggers
return $this->pass;
}
else {
return -2;
}
}
else
{
dolibarr_print_error($this->db);
return -1;
}
}
/**
* \brief Fonction qui r<>cup<75>re l'adh<64>rent en donnant son login
* \param login login de l'adh<64>rent
@@ -624,7 +691,7 @@ class Adherent
$sql.= " FROM ".MAIN_DB_PREFIX."adherent_type as t, ".MAIN_DB_PREFIX."adherent as d";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_pays as p ON d.pays = p.rowid";
$sql.= " WHERE d.rowid = ".$rowid." AND d.fk_adherent_type = t.rowid";
dolibarr_syslog("Adherent.class::fetch sql=".$sql);
dolibarr_syslog("Adherent::fetch sql=".$sql);
$resql=$this->db->query($sql);
if ($resql)
@@ -780,7 +847,7 @@ class Adherent
$sql = "INSERT INTO ".MAIN_DB_PREFIX."cotisation (fk_adherent, datec, dateadh, cotisation)";
$sql .= " VALUES (".$this->id.", now(), ".$this->db->idate($date).", ".$montant.")";
dolibarr_syslog("Adherent.class::cotisation sql=".$sql);
dolibarr_syslog("Adherent::cotisation sql=".$sql);
$resql=$this->db->query($sql);
if ($resql)
{
@@ -791,7 +858,7 @@ class Adherent
$sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET datefin = ".$this->db->idate($datefin);
$sql.= " WHERE rowid =". $this->id;
dolibarr_syslog("Adherent.class::cotisation sql=".$sql);
dolibarr_syslog("Adherent::cotisation sql=".$sql);
$resql=$this->db->query($sql);
if ($resql)
{
@@ -859,7 +926,7 @@ class Adherent
else
{
$this->error=$this->db->error();
dolibarr_syslog("Adherent.class::cotisation error ".$this->error);
dolibarr_syslog("Adherent::cotisation error ".$this->error);
$this->db->rollback();
return -2;
}
@@ -867,7 +934,7 @@ class Adherent
else
{
$this->error=$this->db->error();
dolibarr_syslog("Adherent.class::cotisation error ".$this->error);
dolibarr_syslog("Adherent::cotisation error ".$this->error);
$this->db->rollback();
return -1;
}
@@ -887,7 +954,7 @@ class Adherent
$sql.= " fk_user_valid=".$user->id;
$sql.= " WHERE rowid = ".$this->id;
dolibarr_syslog("Adherent.class::validate sql=".$sql);
dolibarr_syslog("Adherent::validate sql=".$sql);
$result = $this->db->query($sql);
if ($result)
{

50
htdocs/adherents/fiche.php
View File

@@ -190,6 +190,15 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"])
$result=$adh->update($user,0);
if ($result >= 0 && ! sizeof($adh->errors))
{
if (isset($_POST["password"]) && $_POST["password"] !='')
{
$ret=$edituser->password($user,$password,$conf->password_encrypted,1);
if ($ret < 0)
{
$message.='<div class="error">'.$edituser->error.'</div>';
}
}
Header("Location: fiche.php?rowid=".$adh->id);
exit;
}
@@ -201,7 +210,6 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"])
}
else
{
foreach($adh->errors as $error)
{
if ($errmsg) $errmsg.='<br>';
@@ -241,7 +249,7 @@ if ($_POST["action"] == 'add')
$phone_mobile=$_POST["phone_mobile"];
$email=$_POST["member_email"];
$login=$_POST["member_login"];
$pass=$_POST["member_pass"];
$pass=$_POST["password"];
$photo=$_POST["photo"];
$comment=$_POST["comment"];
$morphy=$_POST["morphy"];
@@ -284,7 +292,7 @@ if ($_POST["action"] == 'add')
$errmsg .= $langs->trans("ErrorFieldRequired",$langs->trans("Login"))."<br>\n";
}
else {
$sql = "SELECT login FROM ".MAIN_DB_PREFIX."adherent WHERE login='$login';";
$sql = "SELECT login FROM ".MAIN_DB_PREFIX."adherent WHERE login='".$login."'";
$result = $db->query($sql);
if ($result) {
$num = $db->num_rows($result);
@@ -315,9 +323,17 @@ if ($_POST["action"] == 'add')
if (! $error)
{
$db->begin();
// Email a peu pres correct et le login n'existe pas
if ($adh->create($user) > 0)
$result=$adh->create($user);
if ($result > 0)
{
if (isset($_POST['password']) && trim($_POST['password']))
{
$adh->password($user,trim($_POST['password']),$conf->password_encrypted);
}
if ($cotisation > 0)
{
$crowid=$adh->cotisation($datecotisation, $cotisation);
@@ -350,11 +366,19 @@ if ($_POST["action"] == 'add')
}
}
}
$db->commit();
Header("Location: liste.php?statut=-1");
exit;
}
else {
dolibarr_print_error($db);
else
{
$db->rollback();
$message='<div class="error">'.$adh->error.'</div>';
$action = 'create';
}
}
else {
@@ -682,7 +706,19 @@ if ($action == 'create')
print '<tr><td>'.$langs->trans("Login").'*</td><td><input type="text" name="member_login" size="40" value="'.$adh->login.'"></td></tr>';
// Mot de passe
print '<tr><td>'.$langs->trans("Password").'*</td><td><input type="password" name="member_pass" size="40" value="'.$adh->pass.'"></td></tr>';
$generated_password='';
if ($conf->global->USER_PASSWORD_GENERATED)
{
$nomclass="modGeneratePass".ucfirst($conf->global->USER_PASSWORD_GENERATED);
$nomfichier=$nomclass.".class.php";
//print DOL_DOCUMENT_ROOT."/includes/modules/security/generate/".$nomclass;
require_once(DOL_DOCUMENT_ROOT."/includes/modules/security/generate/".$nomfichier);
$genhandler=new $nomclass($db,$conf,$lang,$user);
$generated_password=$genhandler->getNewGeneratedPassword();
}
print '<tr><td>'.$langs->trans("Password").'*</td><td>';
print '<input size="30" maxsize="32" type="text" name="password" value="'.$generated_password.'">';
print '</td></tr>';
// Type
print '<tr><td>'.$langs->trans("MemberType").'*</td><td>';

4
htdocs/includes/triggers/interface_demo.class.php-NORUN
View File

@@ -296,6 +296,10 @@ class InterfaceDemo
{
dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
}
elseif ($action == 'MEMBER_NEW_PASSWORD')
{
dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
}
elseif ($action == 'MEMBER_RESILIATE')
{
dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);

54
htdocs/includes/triggers/interface_ldap.class.php
View File

@@ -36,6 +36,8 @@ require_once (DOL_DOCUMENT_ROOT."/lib/ldap.class.php");
class InterfaceLdap
{
var $db;
var $error;
/**
* \brief Constructeur.
@@ -113,7 +115,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->add($dn,$info,$user);
$result=$ldap->add($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
elseif ($action == 'USER_MODIFY')
@@ -127,7 +131,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->update($dn,$info,$user);
$result=$ldap->update($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
elseif ($action == 'USER_NEW_PASSWORD')
@@ -149,7 +155,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->delete($dn,$info,$user);
$result=$ldap->delete($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
@@ -164,7 +172,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->add($dn,$info,$user);
$result=$ldap->add($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
elseif ($action == 'GROUP_MODIFY')
@@ -177,7 +187,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->update($dn,$info,$user);
$result=$ldap->update($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
elseif ($action == 'GROUP_DELETE')
@@ -190,7 +202,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->delete($dn,$info,$user);
$result=$ldap->delete($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
@@ -206,7 +220,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->add($dn,$info,$user);
$result=$ldap->add($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
elseif ($action == 'CONTACT_MODIFY')
@@ -220,7 +236,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->update($dn,$info,$user);
$result=$ldap->update($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
elseif ($action == 'CONTACT_DELETE')
@@ -234,7 +252,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->delete($dn,$info,$user);
$result=$ldap->delete($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
@@ -250,7 +270,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->add($dn,$info,$user);
$result=$ldap->add($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
elseif ($action == 'MEMBER_VALIDATE')
@@ -278,9 +300,15 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->update($dn,$info,$user);
$result=$ldap->update($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}
elseif ($action == 'MEMBER_NEW_PASSWORD')
{
dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
}
elseif ($action == 'MEMBER_RESILIATE')
{
dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
@@ -299,7 +327,9 @@ class InterfaceLdap
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
return $ldap->delete($dn,$info,$user);
$result=$ldap->delete($dn,$info,$user);
if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
return $result;
}
}

12
htdocs/lib/functions.inc.php
View File

@@ -1292,9 +1292,9 @@ function accessforbidden($message='',$printheader=1)
Toutefois, il faut essayer de ne l'appeler qu'au sein de pages php, les classes devant
renvoyer leur erreur par l'interm<72>diaire de leur propri<72>t<EFBFBD> "error".
\param db Handler de base utilis<69>
\param msg Message compl<70>mentaire <20> afficher
\param error Chaine erreur ou tableau de chaines erreur compl<70>mentaires <20> afficher
*/
function dolibarr_print_error($db='',$msg='')
function dolibarr_print_error($db='',$error='')
{
global $langs,$argv;
$syslog = '';
@@ -1349,7 +1349,12 @@ function dolibarr_print_error($db='',$msg='')
$syslog.=", db_error=".$db->error();
}
if ($msg)
if ($error)
{
if (is_array($error)) $errors=$error;
else $errors=array($error);
foreach($errors as $msg)
{
if ($_SERVER['DOCUMENT_ROOT']) // Mode web
{
@@ -1361,6 +1366,7 @@ function dolibarr_print_error($db='',$msg='')
}
$syslog.=", msg=".$msg;
}
}
dolibarr_syslog("Error $syslog");
}

10
htdocs/user.class.php
View File

@@ -54,7 +54,6 @@ class User
var $nom;
var $prenom;
var $note;
var $code;
var $email;
var $office_tel;
var $office_fax;
@@ -115,7 +114,7 @@ class User
// Recupere utilisateur
$sql = "SELECT u.rowid, u.name, u.firstname, u.email, u.office_phone, u.office_fax, u.user_mobile,";
$sql.= " u.code, u.admin, u.login, u.pass, u.webcal_login, u.note,";
$sql.= " u.admin, u.login, u.pass, u.webcal_login, u.note,";
$sql.= " u.fk_societe, u.fk_socpeople, u.ldap_sid,";
$sql.= " u.statut, u.lang,";
$sql.= " ".$this->db->pdate("u.datec")." as datec,";
@@ -145,8 +144,8 @@ class User
$this->prenom = $obj->firstname;
$this->fullname = trim($this->prenom . ' ' . $this->nom);
$this->code = $obj->code;
$this->login = $obj->login;
$this->code = $obj->login; // \deprecated
$this->pass_indatabase = $obj->pass;
if (! $conf->password_encrypted) $this->pass = $obj->pass;
$this->office_phone = $obj->office_phone;
@@ -836,7 +835,6 @@ class User
$this->email=trim($this->email);
$this->note=trim($this->note);
$this->admin=$this->admin?$this->admin:0;
$this->code = $this->login;
dolibarr_syslog("User::update notrigger=".$notrigger." nom=".$this->nom.", prenom=".$this->prenom);
$error=0;
@@ -870,7 +868,6 @@ class User
$sql .= ", user_mobile = '$this->user_mobile'";
$sql .= ", email = '".addslashes($this->email)."'";
$sql .= ", webcal_login = '$this->webcal_login'";
$sql .= ", code = '$this->code'";
$sql .= ", note = '".addslashes($this->note)."'";
$sql .= " WHERE rowid = ".$this->id;
@@ -982,7 +979,7 @@ class User
include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
$interface=new Interfaces($this->db);
$result=$interface->run_triggers('USER_NEW_PASSWORD',$this,$user,$lang,$conf);
if ($result < 0) $error++;
if ($result < 0) $this->errors=$interface->errors;
// Fin appel triggers
return $this->pass;
@@ -1391,7 +1388,6 @@ class User
$this->prenom='SPECIMEN';
$this->fullname=trim($this->prenom.' '.$this->nom);
$this->note='This is a note';
$this->code='DOSP';
$this->email='email@specimen.com';
$this->office_tel='0999999999';
$this->office_fax='0999999998';

27
htdocs/user/fiche.php
View File

@@ -203,6 +203,19 @@ if ($_POST["action"] == 'update' && ! $_POST["cancel"] && $caneditfield)
{
$message="";
if (! $_POST["nom"])
{
$message='<div class="error">'.$langs->trans("NameNotDefined").'</div>';
$action="edit"; // Go back to create page
}
if (! $_POST["login"])
{
$message='<div class="error">'.$langs->trans("LoginNotDefined").'</div>';
$action="edit"; // Go back to create page
}
if (! $message)
{
$db->begin();
$edituser = new User($db, $_GET["id"]);
@@ -234,9 +247,9 @@ if ($_POST["action"] == 'update' && ! $_POST["cancel"] && $caneditfield)
$message.='<div class="error">'.$edituser->error.'</div>';
}
}
if ($ret >= 0 && isset($_POST["password"]) && $_POST["password"] !='' )
if ($ret >= 0 && isset($_POST["password"]) && $_POST["password"] !='')
{
$ret=$edituser->password($user,$password,$conf->password_encrypted,1);
$ret=$edituser->password($user,$_POST["password"],$conf->password_encrypted,1);
if ($ret < 0)
{
$message.='<div class="error">'.$edituser->error.'</div>';
@@ -268,7 +281,7 @@ if ($_POST["action"] == 'update' && ! $_POST["cancel"] && $caneditfield)
{
$db->rollback();
}
}
}
// Action modif mot de passe
@@ -450,7 +463,7 @@ if (($action == 'create') || ($action == 'adduserldap'))
print '<table class="border" width="100%">';
// Nom
print "<tr>".'<td valign="top">'.$langs->trans("Lastname").'</td>';
print "<tr>".'<td valign="top">'.$langs->trans("Lastname").'*</td>';
print '<td>';
if ($ldap_nom)
{
@@ -478,7 +491,7 @@ if (($action == 'create') || ($action == 'adduserldap'))
print '</td></tr>';
// Login
print '<tr><td valign="top">'.$langs->trans("Login").'</td>';
print '<tr><td valign="top">'.$langs->trans("Login").'*</td>';
print '<td>';
if ($ldap_login)
{
@@ -1100,7 +1113,7 @@ else
print '</td></tr>';
// Nom
print "<tr>".'<td valign="top">'.$langs->trans("Name").'</td>';
print "<tr>".'<td valign="top">'.$langs->trans("Name").'*</td>';
print '<td>';
if ($caneditfield) print '<input size="30" type="text" class="flat" name="nom" value="'.$fuser->nom.'">';
else print $fuser->nom;
@@ -1114,7 +1127,7 @@ else
print '</td></tr>';
// Login
print "<tr>".'<td valign="top">'.$langs->trans("Login").'</td>';
print "<tr>".'<td valign="top">'.$langs->trans("Login").'*</td>';
print '<td>';
if ($user->admin) print '<input size="12" maxlength="24" type="text" class="flat" name="login" value="'.$fuser->login.'">';
else print $fuser->login.'<input type="hidden" name="login" value="'.$fuser->login.'">';

2
htdocs/user/home.php
View File

@@ -105,7 +105,7 @@ if ($resql)
print "<td><a href=\"".DOL_URL_ROOT."/user/fiche.php?id=$obj->rowid\">".img_object($langs->trans("ShowUser"),"user")." ".$obj->firstname." ".$obj->name."</a>";
if ($obj->admin) print img_picto($langs->trans("Administrator"),'star');
print "</td>";
print "<td align=\"left\">".$obj->login.' ('.$obj->code.')</td>';
print "<td align=\"left\">".$obj->login.'</td>';
print "<td>";
if ($obj->fk_societe)
{