From 53f3f1d2c381849a3ae3f661eea2b58425cb4657 Mon Sep 17 00:00:00 2001
From: Chris Cormack <crc@liblime.com>
Date: Sun, 6 Jan 2008 17:06:55 -0600
Subject: [PATCH] Fix for bug 1442, if you have independent branches on and
 autolocation on,

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
---
 C4/Auth.pm                                       | 16 ++++++++++++++--
 .../intranet-tmpl/prog/en/modules/auth.tmpl      |  4 ++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/C4/Auth.pm b/C4/Auth.pm
index 590ea3f369..c392e44998 100755
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -456,7 +456,7 @@ sub checkauth {
         );
         $loggedin = 1;
     }
-    elsif ( $sessionID = $query->cookie("CGISESSID")) {     # assignment, not comparison (?)
+    elsif ( $sessionID = $query->cookie("CGISESSID")) {     # assignment, not comparison 
         my $session = get_session($sessionID);
         C4::Context->_new_userenv($sessionID);
         if ($session){
@@ -535,7 +535,7 @@ sub checkauth {
             _session_log(sprintf "%20s from %16s logged in  at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},localtime);
             $cookie = $query->cookie(CGISESSID => $sessionID);
             if ( $flags = haspermission( $dbh, $userid, $flagsrequired ) ) {
-                $loggedin = 1;
+				$loggedin = 1;
             }
             else {
                 $info{'nopermission'} = 1;
@@ -590,6 +590,15 @@ sub checkauth {
                     $branchname = GetBranchName($branchcode);
                 }
                 my $branches = GetBranches();
+                if (C4::Context->boolean_preference('IndependantBranches') && C4::Context->boolean_preference('Autolocation')){
+				    # we have to check they are coming from the right ip range
+					my $domain = $branches->{$branchcode}->{'branchip'};
+					if ($ip !~ /^$domain/){
+						$loggedin=0;
+						$info{'wrongip'} = 1;
+					}
+				}
+
                 my @branchesloop;
                 foreach my $br ( keys %$branches ) {
                     #     now we work with the treatment of ip
@@ -644,6 +653,7 @@ sub checkauth {
                 $info{'invalid_username_or_password'} = 1;
                 C4::Context->_unset_userenv($sessionID);
             }
+
         }
     }
     my $insecure = C4::Context->boolean_preference('insecure');
@@ -706,7 +716,9 @@ sub checkauth {
         IndependantBranches     => C4::Context->preference("IndependantBranches"),
         AutoLocation       => C4::Context->preference("AutoLocation"),
         yuipath            => C4::Context->preference("yuipath"),
+		wrongip            => $info{'wrongip'}
     );
+    
     $template->param( loginprompt => 1 ) unless $info{'nopermission'};
 
     my $self_url = $query->url( -absolute => 1 );
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl b/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl
index 2e34168215..b895f1b152 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl
@@ -27,6 +27,10 @@
 <div id="login_error"><strong>Error: </strong>IP address has changed, please log in again </div>
 <!-- /TMPL_IF -->
 
+<!-- TMPL_IF NAME="wrongip" -->
+<div id="login_error"><strong>Error: </strong>Independent Branches and Autolocation are switched on and you are logging in with an IP address that doesn't match your branch. </div>
+<!-- /TMPL_IF -->
+
 <!-- TMPL_IF NAME="invalid_username_or_password" -->
 <div id="login_error"><strong>Error: </strong>Invalid username or password</div>
 <!-- /TMPL_IF -->
-- 
2.39.2