Fix for bug 1442, if you have independent branches on and autolocation on,
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
This commit is contained in:
Chris Cormack
Joshua Ferraro
parent
16b4aa6382
commit
53f3f1d2c3
2 changed files with 18 additions and 2 deletions
16
C4/Auth.pm
16
C4/Auth.pm
|
|
@ -456,7 +456,7 @@ sub checkauth {
|
|||
);
|
||||
$loggedin = 1;
|
||||
}
|
||||
elsif ( $sessionID = $query->cookie("CGISESSID")) { # assignment, not comparison (?)
|
||||
elsif ( $sessionID = $query->cookie("CGISESSID")) { # assignment, not comparison
|
||||
my $session = get_session($sessionID);
|
||||
C4::Context->_new_userenv($sessionID);
|
||||
if ($session){
|
||||
|
|
@ -535,7 +535,7 @@ sub checkauth {
|
|||
_session_log(sprintf "%20s from %16s logged in at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},localtime);
|
||||
$cookie = $query->cookie(CGISESSID => $sessionID);
|
||||
if ( $flags = haspermission( $dbh, $userid, $flagsrequired ) ) {
|
||||
$loggedin = 1;
|
||||
$loggedin = 1;
|
||||
}
|
||||
else {
|
||||
$info{'nopermission'} = 1;
|
||||
|
|
@ -590,6 +590,15 @@ sub checkauth {
|
|||
$branchname = GetBranchName($branchcode);
|
||||
}
|
||||
my $branches = GetBranches();
|
||||
if (C4::Context->boolean_preference('IndependantBranches') && C4::Context->boolean_preference('Autolocation')){
|
||||
# we have to check they are coming from the right ip range
|
||||
my $domain = $branches->{$branchcode}->{'branchip'};
|
||||
if ($ip !~ /^$domain/){
|
||||
$loggedin=0;
|
||||
$info{'wrongip'} = 1;
|
||||
}
|
||||
}
|
||||
|
||||
my @branchesloop;
|
||||
foreach my $br ( keys %$branches ) {
|
||||
# now we work with the treatment of ip
|
||||
|
|
@ -644,6 +653,7 @@ sub checkauth {
|
|||
$info{'invalid_username_or_password'} = 1;
|
||||
C4::Context->_unset_userenv($sessionID);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
my $insecure = C4::Context->boolean_preference('insecure');
|
||||
|
|
@ -706,7 +716,9 @@ sub checkauth {
|
|||
IndependantBranches => C4::Context->preference("IndependantBranches"),
|
||||
AutoLocation => C4::Context->preference("AutoLocation"),
|
||||
yuipath => C4::Context->preference("yuipath"),
|
||||
wrongip => $info{'wrongip'}
|
||||
);
|
||||
|
||||
$template->param( loginprompt => 1 ) unless $info{'nopermission'};
|
||||
|
||||
my $self_url = $query->url( -absolute => 1 );
|
||||
|
|
|
|||
|
|
@ -27,6 +27,10 @@
|
|||
<div id="login_error"><strong>Error: </strong>IP address has changed, please log in again </div>
|
||||
<!-- /TMPL_IF -->
|
||||
|
||||
<!-- TMPL_IF NAME="wrongip" -->
|
||||
<div id="login_error"><strong>Error: </strong>Independent Branches and Autolocation are switched on and you are logging in with an IP address that doesn't match your branch. </div>
|
||||
<!-- /TMPL_IF -->
|
||||
|
||||
<!-- TMPL_IF NAME="invalid_username_or_password" -->
|
||||
<div id="login_error"><strong>Error: </strong>Invalid username or password</div>
|
||||
<!-- /TMPL_IF -->
|
||||
|
|
|
|||
Loading…
Reference in a new issue