[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Noalyss-commit] [noalyss] 08/09: Adapt to security change
From: |
Dany De Bontridder |
Subject: |
[Noalyss-commit] [noalyss] 08/09: Adapt to security change |
Date: |
Mon, 17 Jan 2022 14:58:31 -0500 (EST) |
sparkyx pushed a commit to branch devel
in repository noalyss.
commit ad125d0321e3ced5b2013aa92ecf383f14c15135
Author: sparkyx <danydb@noalyss.eu>
AuthorDate: Sun Jan 16 12:50:15 2022 +0100
Adapt to security change
---
include/class/user.class.php | 6 ++++--
unit-test/global.php | 2 +-
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/include/class/user.class.php b/include/class/user.class.php
index 6bd612b5..405c96fa 100644
--- a/include/class/user.class.php
+++ b/include/class/user.class.php
@@ -42,7 +42,7 @@ class User
var $name;
var $active; //!< 1 active , 0 disables
var $login; //!< login lower case
- var $password; //!< password
+ var $password; //!< md5 of the password
var $email; //!< user's email
var $access_mode; //!< MOBILE or PC depending if when connecting $login
contains @mobile
@@ -66,7 +66,9 @@ class User
function can_connect()
{
$cn=new \Database();
- $can_connect=$cn->get_value("select count(*) from ac_users where
use_login=$1 and use_pass=$2",
+ $can_connect=$cn->get_value("select count(*) from ac_users
+ where use_active=1 and
+ use_login=$1 and use_pass=$2",
[$this->login,$this->password]);
return $can_connect;
}
diff --git a/unit-test/global.php b/unit-test/global.php
index 309b5747..65d6ad84 100644
--- a/unit-test/global.php
+++ b/unit-test/global.php
@@ -32,7 +32,7 @@ $g_parameter = new Noalyss_Parameter_Folder($g_connection);
$_SESSION[SESSION_KEY.'use_name']='unit test';
$_SESSION[SESSION_KEY.'use_first_name']='automatic';
$_SESSION[SESSION_KEY.'g_user']='admin';
-$_SESSION[SESSION_KEY.'g_pass']='phpcompta';
+$_SESSION[SESSION_KEY.'g_pass']=md5('dany');
$_SESSION[SESSION_KEY.'g_pagesize']='50';
$_SESSION[SESSION_KEY.'csv_fieldsep']='0';
$_SESSION[SESSION_KEY.'csv_decimal']='1';
- [Noalyss-commit] [noalyss] branch devel updated (82808d24 -> 55f9dd9a), Dany De Bontridder, 2022/01/17
- [Noalyss-commit] [noalyss] 05/09: PHPUNIT : adapt test, Dany De Bontridder, 2022/01/17
- [Noalyss-commit] [noalyss] 06/09: Fix bug for Reconcilied, Dany De Bontridder, 2022/01/17
- [Noalyss-commit] [noalyss] 02/09: Bug #2118 Manage User problem, Dany De Bontridder, 2022/01/17
- [Noalyss-commit] [noalyss] 03/09: New #0002117: Lettrage : montre l'opération liée, Dany De Bontridder, 2022/01/17
- [Noalyss-commit] [noalyss] 07/09: Critical : password issue, Dany De Bontridder, 2022/01/17
- [Noalyss-commit] [noalyss] 08/09: Adapt to security change,
Dany De Bontridder <=
- [Noalyss-commit] [noalyss] 09/09: Task #0002126: Fiche : amélioration, Dany De Bontridder, 2022/01/17
- [Noalyss-commit] [noalyss] 04/09: Give error with PHPUNIT, Dany De Bontridder, 2022/01/17
- [Noalyss-commit] [noalyss] 01/09: TVA : cannot load when tva_id is empty, Dany De Bontridder, 2022/01/17