From fbe28b2bc7ec0479ae30f810a9b757bebe464b58 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@users.sourceforge.net>
Date: Tue, 2 Oct 2007 18:16:29 +0000
Subject: [PATCH] Fix: Meilleure gestion erreur

---
 htdocs/main.inc.php   |  5 +++--
 htdocs/user.class.php | 42 +++++++++++++++++++++---------------------
 2 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index d410b99f815..60ebeb50e25 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -446,7 +446,8 @@ if (! session_id() || ! isset($_SESSION["dol_login"]))
 		session_name($sessionname);
 		session_start();
 		$langs->load('main');
-		$_SESSION["loginmesg"]=$langs->trans("ErrorCantLoadUserFromDolibarrDatabase",$login);
+		if ($result == 0) $_SESSION["loginmesg"]=$langs->trans("ErrorCantLoadUserFromDolibarrDatabase",$login);
+		if ($result < 0) $_SESSION["loginmesg"]=$user->error;
 		header('Location: '.DOL_URL_ROOT.'/index.php');
 		exit;
 	}
@@ -457,7 +458,7 @@ else
 	// Remarks: On ne sauvegarde pas objet user car pose pb dans certains cas mal identifiés
 	$login=$_SESSION["dol_login"];
 	dolibarr_syslog("This is an already user logged session. _SESSION['dol_login']=".$login);
-	$user->fetch($login);
+	$result=$user->fetch($login);
 	$login=$user->login;
 }
 
diff --git a/htdocs/user.class.php b/htdocs/user.class.php
index 23d99caa5ac..151ac4b95c2 100644
--- a/htdocs/user.class.php
+++ b/htdocs/user.class.php
@@ -115,7 +115,7 @@ class User
 	/**
 	*	\brief      Charge un objet user avec toutes ces caractéristiques depuis un id ou login
 	*	\param      login       Si défini, login a utiliser pour recherche
-	*	\return		int			<0 si ko, >0 si ok
+	*	\return		int			<0 if KO, 0 not found, >0 if OK
 	*/
 	function fetch($login='')
 	{
@@ -197,10 +197,10 @@ class User
 			else
 			{
 				$this->error="USERNOTFOUND";
-				dolibarr_syslog("User::fetch Error -2, fails to get user - ".$this->error." - sql=".$sql);
+				dolibarr_syslog("User::fetch Error 0, fails to get user - ".$this->error." - sql=".$sql);
 
 				$this->db->free($result);
-				return -2;
+				return 0;
 			} 			
 		}
 		else
@@ -924,18 +924,18 @@ class User
         dolibarr_syslog("User::update notrigger=".$notrigger.", nosyncmember=".$nosyncmember);
 
         // Nettoyage parametres
-        $this->nom          = addslashes(trim($this->nom));
-        $this->prenom       = addslashes(trim($this->prenom));
+        $this->nom          = trim($this->nom);
+        $this->prenom       = trim($this->prenom);
         $this->fullname     = $this->prenom." ".$this->nom;
-        $this->login        = addslashes(trim($this->login));
+        $this->login        = trim($this->login);
         $this->pass         = trim($this->pass);
         $this->office_phone = trim($this->office_phone);
         $this->office_fax   = trim($this->office_fax);
         $this->user_mobile  = trim($this->user_mobile);
-        $this->email        = addslashes(trim($this->email));
-        $this->note         = addslashes(trim($this->note));
-        $this->webcal_login = addslashes(trim($this->webcal_login));
-        $this->phenix_login = addslashes(trim($this->phenix_login));
+        $this->email        = trim($this->email);
+        $this->note         = trim($this->note);
+        $this->webcal_login = trim($this->webcal_login);
+        $this->phenix_login = trim($this->phenix_login);
         if ($this->phenix_pass != $this->phenix_pass_crypted)
         {
         	$this->phenix_pass  = md5(trim($this->phenix_pass));
@@ -946,18 +946,18 @@ class User
         
         // Mise a jour autres infos
         $sql = "UPDATE ".MAIN_DB_PREFIX."user SET";
-        $sql.= " name = '".$this->nom."'";
-        $sql.= ", firstname = '".$this->prenom."'";
-        $sql.= ", login = '".$this->login."'";
+        $sql.= " name = '".addslashes($this->nom)."'";
+        $sql.= ", firstname = '".addslashes($this->prenom)."'";
+        $sql.= ", login = '".addslashes($this->login)."'";
         $sql.= ", admin = ".$this->admin;
-        $sql.= ", office_phone = '".$this->office_phone."'";
-        $sql.= ", office_fax = '".$this->office_fax."'";
-        $sql.= ", user_mobile = '".$this->user_mobile."'";
-        $sql.= ", email = '".$this->email."'";
-        $sql.= ", webcal_login = '".$this->webcal_login."'";
-        $sql.= ", phenix_login = '".$this->phenix_login."'";
-        $sql.= ", phenix_pass = '".$this->phenix_pass."'";
-        $sql.= ", note = '".$this->note."'";
+        $sql.= ", office_phone = '".addslashes($this->office_phone)."'";
+        $sql.= ", office_fax = '".addslashes($this->office_fax)."'";
+        $sql.= ", user_mobile = '".addslashes($this->user_mobile)."'";
+        $sql.= ", email = '".addslashes($this->email)."'";
+        $sql.= ", webcal_login = '".addslashes($this->webcal_login)."'";
+        $sql.= ", phenix_login = '".addslashes($this->phenix_login)."'";
+        $sql.= ", phenix_pass = '".addslashes($this->phenix_pass)."'";
+        $sql.= ", note = '".addslashes($this->note)."'";
         $sql.= " WHERE rowid = ".$this->id;
 
         dolibarr_syslog("User::update sql=".$sql);