fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in bugfix/PMCORE-4045 (pull request #8636)

Browse Source 
PMCORE-4045 Manipulation of login records

Approved-by: Julio Cesar Laura Avendaño
This commit is contained in:
Roly Gutierrez
2022-11-16 20:16:33 +00:00
committed by Julio Cesar Laura Avendaño
parent a1b4733d56 f3c78c5af6
commit 8640a0b209
4 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
workflow/engine/methods/login/authentication.php
View File

@@ -112,7 +112,7 @@ try {
$_SESSION["USERNAME_PREVIOUS1"] = (isset($_SESSION["USERNAME_PREVIOUS2"]))? $_SESSION["USERNAME_PREVIOUS2"] : "";
$_SESSION["USERNAME_PREVIOUS2"] = $usr;
$_SESSION["FAILED_LOGINS"] = (isset($frm['FAILED_LOGINS']))? $frm['FAILED_LOGINS'] : 0;
$_SESSION["FAILED_LOGINS"] = is_numeric(Cache::get("FAILED_LOGINS{$usr}")) ? Cache::get("FAILED_LOGINS{$usr}") : 0;
if (!isset($uid) || $uid < 0) {
if ($_SESSION["USERNAME_PREVIOUS1"] != "" && $_SESSION["USERNAME_PREVIOUS2"] != "" && $_SESSION["USERNAME_PREVIOUS1"] != $_SESSION["USERNAME_PREVIOUS2"]) {
@@ -139,6 +139,7 @@ try {
$oStatement = $oConnection->prepareStatement("UPDATE USERS SET USR_STATUS = 'INACTIVE' WHERE USR_UID = '" . $sUserUID . "'");
$oStatement->executeQuery();
unset($_SESSION['FAILED_LOGINS']);
Cache::forget("FAILED_LOGINS{$usr}");
$errLabel = G::LoadTranslation('ID_ACCOUNT') . ' "' . $usr . '" ' . G::LoadTranslation('ID_ACCOUNT_DISABLED_CONTACT_ADMIN');
}
//Log failed authentications
@@ -267,6 +268,7 @@ try {
//$_SESSION['USR_ROLENAME'] = $rol['ROL_NAME'];
unset($_SESSION['FAILED_LOGINS']);
Cache::forget("FAILED_LOGINS{$usr}");
// Assign the uid of user to userloggedobj
$RBAC->loadUserRolePermission($RBAC->sSystem, $uid);

3
workflow/engine/methods/login/login.php
View File

@@ -1,5 +1,6 @@
<?php
use Illuminate\Support\Facades\Cache;
use ProcessMaker\Core\System;
use ProcessMaker\Plugins\PluginRegistry;
@@ -246,7 +247,7 @@ if (isset($oConf->aConfig["login_defaultLanguage"]) && $oConf->aConfig["login_de
$G_PUBLISH = new Publisher();
$version = explode('.', trim(file_get_contents(PATH_GULLIVER . 'VERSION')));
$version = isset($version[0]) ? intval($version[0]) : 0;
$aFields["FAILED_LOGINS"] = $sFailedLogins;
Cache::put("FAILED_LOGINS{$usernamePrevious2}", $sFailedLogins, 1800); //this value will be lost after 30 minutes
if ($version >= 3) {
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/loginpm3', '', $aFields, SYS_URI . 'login/authentication.php');
} else {