fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in bugfix/PMCORE-4045 (pull request #8636)

Browse Source 
PMCORE-4045 Manipulation of login records

Approved-by: Julio Cesar Laura Avendaño
This commit is contained in:
Roly Gutierrez
2022-11-16 20:16:33 +00:00
committed by Julio Cesar Laura Avendaño
parent a1b4733d56 f3c78c5af6
commit 8640a0b209
4 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
workflow/engine/methods/login/authentication.php
View File

@@ -112,7 +112,7 @@ try {
$_SESSION["USERNAME_PREVIOUS1"] = (isset($_SESSION["USERNAME_PREVIOUS2"]))? $_SESSION["USERNAME_PREVIOUS2"] : ""; $_SESSION["USERNAME_PREVIOUS1"] = (isset($_SESSION["USERNAME_PREVIOUS2"]))? $_SESSION["USERNAME_PREVIOUS2"] : "";
$_SESSION["USERNAME_PREVIOUS2"] = $usr; $_SESSION["USERNAME_PREVIOUS2"] = $usr;
$_SESSION["FAILED_LOGINS"] = (isset($frm['FAILED_LOGINS']))? $frm['FAILED_LOGINS'] : 0; $_SESSION["FAILED_LOGINS"] = is_numeric(Cache::get("FAILED_LOGINS{$usr}")) ? Cache::get("FAILED_LOGINS{$usr}") : 0;
if (!isset($uid) || $uid < 0) { if (!isset($uid) || $uid < 0) {
if ($_SESSION["USERNAME_PREVIOUS1"] != "" && $_SESSION["USERNAME_PREVIOUS2"] != "" && $_SESSION["USERNAME_PREVIOUS1"] != $_SESSION["USERNAME_PREVIOUS2"]) { if ($_SESSION["USERNAME_PREVIOUS1"] != "" && $_SESSION["USERNAME_PREVIOUS2"] != "" && $_SESSION["USERNAME_PREVIOUS1"] != $_SESSION["USERNAME_PREVIOUS2"]) {
@@ -139,6 +139,7 @@ try {
$oStatement = $oConnection->prepareStatement("UPDATE USERS SET USR_STATUS = 'INACTIVE' WHERE USR_UID = '" . $sUserUID . "'"); $oStatement = $oConnection->prepareStatement("UPDATE USERS SET USR_STATUS = 'INACTIVE' WHERE USR_UID = '" . $sUserUID . "'");
$oStatement->executeQuery(); $oStatement->executeQuery();
unset($_SESSION['FAILED_LOGINS']); unset($_SESSION['FAILED_LOGINS']);
Cache::forget("FAILED_LOGINS{$usr}");
$errLabel = G::LoadTranslation('ID_ACCOUNT') . ' "' . $usr . '" ' . G::LoadTranslation('ID_ACCOUNT_DISABLED_CONTACT_ADMIN'); $errLabel = G::LoadTranslation('ID_ACCOUNT') . ' "' . $usr . '" ' . G::LoadTranslation('ID_ACCOUNT_DISABLED_CONTACT_ADMIN');
} }
//Log failed authentications //Log failed authentications
@@ -267,6 +268,7 @@ try {
//$_SESSION['USR_ROLENAME'] = $rol['ROL_NAME']; //$_SESSION['USR_ROLENAME'] = $rol['ROL_NAME'];
unset($_SESSION['FAILED_LOGINS']); unset($_SESSION['FAILED_LOGINS']);
Cache::forget("FAILED_LOGINS{$usr}");
// Assign the uid of user to userloggedobj // Assign the uid of user to userloggedobj
$RBAC->loadUserRolePermission($RBAC->sSystem, $uid); $RBAC->loadUserRolePermission($RBAC->sSystem, $uid);

3
workflow/engine/methods/login/login.php
View File

@@ -1,5 +1,6 @@
<?php <?php
use Illuminate\Support\Facades\Cache;
use ProcessMaker\Core\System; use ProcessMaker\Core\System;
use ProcessMaker\Plugins\PluginRegistry; use ProcessMaker\Plugins\PluginRegistry;
@@ -246,7 +247,7 @@ if (isset($oConf->aConfig["login_defaultLanguage"]) && $oConf->aConfig["login_de
$G_PUBLISH = new Publisher(); $G_PUBLISH = new Publisher();
$version = explode('.', trim(file_get_contents(PATH_GULLIVER . 'VERSION'))); $version = explode('.', trim(file_get_contents(PATH_GULLIVER . 'VERSION')));
$version = isset($version[0]) ? intval($version[0]) : 0; $version = isset($version[0]) ? intval($version[0]) : 0;
$aFields["FAILED_LOGINS"] = $sFailedLogins; Cache::put("FAILED_LOGINS{$usernamePrevious2}", $sFailedLogins, 1800); //this value will be lost after 30 minutes
if ($version >= 3) { if ($version >= 3) {
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/loginpm3', '', $aFields, SYS_URI . 'login/authentication.php'); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/loginpm3', '', $aFields, SYS_URI . 'login/authentication.php');
} else { } else {

2
workflow/engine/xmlform/login/loginpm3.html
View File

@@ -16,8 +16,6 @@
{$form.USR_PASSWORD_MASK} {$form.USR_PASSWORD_MASK}
{$form.USER_LANG} {$form.USER_LANG}
{$form.URL} {$form.URL}
{$form.FAILED_LOGINS}
</fieldset> </fieldset>
<fieldset> <fieldset>
<label class="panel-login"> <label class="panel-login">

1
workflow/engine/xmlform/login/loginpm3.xml
View File

@@ -19,7 +19,6 @@ SELECT LANG_ID, LANG_NAME FROM langOptions
<en><![CDATA[Language]]></en> <en><![CDATA[Language]]></en>
</USER_LANG> </USER_LANG>
<URL type="hidden"/> <URL type="hidden"/>
<FAILED_LOGINS type="hidden"/>
<LOGIN_VERIFY_MSG type="private" showInTable="0"/> <LOGIN_VERIFY_MSG type="private" showInTable="0"/>
<BSUBMIT type="button"> <BSUBMIT type="button">
<en><![CDATA[Login]]></en> <en><![CDATA[Login]]></en>