From 0a4aece4943ccea8f897ec983123d3eb09ecbb8e Mon Sep 17 00:00:00 2001
From: Luis Fernando Saisa Lopez <luis.saisa@colosa.com>
Date: Fri, 19 Sep 2014 10:45:24 -0400
Subject: [PATCH] BUG 15836 "Error al validar las politicas de..." SOLVED
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Error al validar las politicas de seguridad
- Problema resuelto, se valida al usuario cuando falla al loguearse, si se tiene a un mismo usuario y falla en tres
  veces previa configuracion, el usuario se inactiva tal como se hacíanteriormente, si un usuario falla al loguearse
  en dos ocaciones y en su tercer intento se loguea con otro usuario distinto este usuario no se inactivara.

  Disponible para la version 2.8 de ProcessMaker.
---
 workflow/engine/methods/login/authentication.php | 7 +++++++
 workflow/engine/methods/login/login.php          | 6 ++++++
 2 files changed, 13 insertions(+)

diff --git a/workflow/engine/methods/login/authentication.php b/workflow/engine/methods/login/authentication.php
index 7473ded99..38f5ed874 100755
--- a/workflow/engine/methods/login/authentication.php
+++ b/workflow/engine/methods/login/authentication.php
@@ -92,7 +92,14 @@ try {
             $errLabel = 'WRONG_LOGIN_CREDENTIALS';
         }
 
+        $_SESSION["USERNAME_PREVIOUS1"] = $_SESSION["USERNAME_PREVIOUS2"];
+        $_SESSION["USERNAME_PREVIOUS2"] = $usr;
+
         if (!isset($uid) || $uid < 0) {
+            if ($_SESSION["USERNAME_PREVIOUS1"] != "" && $_SESSION["USERNAME_PREVIOUS2"] != "" && $_SESSION["USERNAME_PREVIOUS1"] != $_SESSION["USERNAME_PREVIOUS2"]) {
+                $_SESSION["FAILED_LOGINS"] = 0;
+            }
+
             if (isset($_SESSION['FAILED_LOGINS']) && ($uid == -1 || $uid == -2)) {
                 $_SESSION['FAILED_LOGINS']++;
             }
diff --git a/workflow/engine/methods/login/login.php b/workflow/engine/methods/login/login.php
index 378537f7b..d6817e320 100755
--- a/workflow/engine/methods/login/login.php
+++ b/workflow/engine/methods/login/login.php
@@ -44,9 +44,13 @@ $msgType = $_SESSION['G_MESSAGE_TYPE'];
 
 if (!isset($_SESSION['FAILED_LOGINS'])) {
     $_SESSION['FAILED_LOGINS'] = 0;
+    $_SESSION["USERNAME_PREVIOUS1"] = "";
+    $_SESSION["USERNAME_PREVIOUS2"] = "";
 }
 
 $sFailedLogins = $_SESSION['FAILED_LOGINS'];
+$usernamePrevious1 = $_SESSION["USERNAME_PREVIOUS1"];
+$usernamePrevious2 = $_SESSION["USERNAME_PREVIOUS2"];
 
 $aFields['LOGIN_VERIFY_MSG'] = G::loadTranslation('LOGIN_VERIFY_MSG');
 //$aFields['LOGIN_VERIFY_MSG'] = Bootstrap::loadTranslation('LOGIN_VERIFY_MSG');
@@ -120,6 +124,8 @@ if (strlen($msgType) > 0) {
 }
 
 $_SESSION['FAILED_LOGINS'] = $sFailedLogins;
+$_SESSION["USERNAME_PREVIOUS1"] = $usernamePrevious1;
+$_SESSION["USERNAME_PREVIOUS2"] = $usernamePrevious2;
 
 //translation
 //$Translations = G::getModel("Translation");