From 02ae3f2f3a0cad5eb00b9a4d8cf0b70d21f3854d Mon Sep 17 00:00:00 2001
From: Prytoegrian <5312739+prytoegrian@users.noreply.github.com>
Date: Sun, 9 Sep 2018 12:11:52 +0200
Subject: [PATCH] Correction connexion LDAP (et consorts) (#694)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* Utilisation de pwd2 qui n'est pas randomisé
* Compatibilité modification
* Correction star
---
App/Libraries/Ldap.php | 4 +-
.../HautResponsable/Utilisateur.php | 136 +++++++++---------
2 files changed, 70 insertions(+), 70 deletions(-)
diff --git a/App/Libraries/Ldap.php b/App/Libraries/Ldap.php
index a552a2911..061446b0a 100644
--- a/App/Libraries/Ldap.php
+++ b/App/Libraries/Ldap.php
@@ -49,7 +49,7 @@ public function searchLdap($search)
private function getInfosUser($nom)
{
$data = [];
- $filter = "(&(" . $this->configuration['attrNomAff'] . "=" . $nom . "*)
+ $filter = "(&(" . $this->configuration['attrNomAff'] . "=*" . $nom . "*)
(" . $this->configuration['attrFiltre'] . "=" . $this->configuration['filtre'] . "))";
$attributs = [$this->configuration['attrLogin'], $this->configuration['attrNom'], $this->configuration['attrPrenom']];
@@ -83,4 +83,4 @@ public function getEmailUser($login)
return "";
}
-}
\ No newline at end of file
+}
diff --git a/App/ProtoControllers/HautResponsable/Utilisateur.php b/App/ProtoControllers/HautResponsable/Utilisateur.php
index 390e8b5f4..fe41c4c41 100644
--- a/App/ProtoControllers/HautResponsable/Utilisateur.php
+++ b/App/ProtoControllers/HautResponsable/Utilisateur.php
@@ -307,7 +307,7 @@ public static function getFormUser($userId = NIL_INT)
$return .= \App\ProtoControllers\HautResponsable\Utilisateur::getFormUserGroupes($formValue);
$return .= '
';
}
-
+
$return .= '';
$return .= ' ' . _('form_cancel') . '';
$return .= '';
@@ -317,12 +317,12 @@ public static function getFormUser($userId = NIL_INT)
/**
* formulaire de gestion des soldes d'un utilisateur
- *
+ *
* @param array $data
* @param int $userId
- *
- * @return string
- *
+ *
+ * @return string
+ *
*/
private static function getFormUserSoldes($data, $userId)
{
@@ -396,7 +396,7 @@ private static function getFormUserSoldes($data, $userId)
/**
* Formulaire d'affectation aux groupes pour un nouvel utilisateur
- *
+ *
* @param array $data
* @return string
*/
@@ -453,7 +453,7 @@ private static function getFormUserGroupes($data)
/**
* Formulaire de confirmation de suppression d'un utilisateur
- *
+ *
* @param string $login
* @return string
*/
@@ -466,7 +466,7 @@ public static function getFormDeleteUser($login)
$notice = '';
if (!empty($_POST)) {
- $formValue =
+ $formValue =
[
'login' => $_POST['new_login'],
'_METHOD' => $_POST['_METHOD'],
@@ -525,12 +525,12 @@ public static function getFormDeleteUser($login)
/**
* Nettoyage des données postés par le formulaire
- *
- * @param type $htmlPost
+ *
+ * @param array $htmlPost
* @param \includes\SQL $sql
* @param \App\Libraries\Configuration $config
- *
- * @return type
+ *
+ * @return array
*/
public static function dataForm2Array($htmlPost, \includes\SQL $sql, \App\Libraries\Configuration $config)
{
@@ -559,8 +559,8 @@ public static function dataForm2Array($htmlPost, \includes\SQL $sql, \App\Librar
$data['pwd1'] = $htmlPost['new_password1'] == "" ? "" : md5($htmlPost['new_password1']);
$data['pwd2'] = $htmlPost['new_password2'] == "" ? "" : md5($htmlPost['new_password2']);
} else {
- $data['pwd1'] = md5(uniqid('', true));
- $data['pwd2'] = md5('none');
+ $data['pwd1'] = md5('none');
+ $data['pwd2'] = md5(uniqid('', true));
}
if (array_key_exists('_METHOD', $htmlPost)) {
@@ -616,7 +616,7 @@ private static function postFormUtilisateur(array $post, array &$errors, &$notic
$errors[] = _('non autorisé');
return $return;
}
-
+
if (!empty($post['_METHOD'])) {
switch ($post['_METHOD']) {
case 'DELETE':
@@ -648,12 +648,12 @@ private static function postFormUtilisateur(array $post, array &$errors, &$notic
/**
* Controle la conformité du formulaire de création
- *
- * @param aray $data
+ *
+ * @param array $data
* @param array $errors
* @param \includes\SQL $sql
* @param \App\Libraries\Configuration $config
- *
+ *
* @return boolean
*/
private static function isFormInsertValide($data, &$errors, \includes\SQL $sql, \App\Libraries\Configuration $config)
@@ -677,7 +677,7 @@ private static function isFormInsertValide($data, &$errors, \includes\SQL $sql,
/**
* Controle la conformité du formulaire de mise à jour
- *
+ *
* @param array $data
* @param array $errors
* @param \includes\SQL $sql
@@ -694,8 +694,8 @@ private static function isFormUpdateValide($data, &$errors, \includes\SQL $sql,
}
$groupesId = \App\ProtoControllers\Groupe::getListeId($sql);
- if ('N' === $data['isResp']
- && (\App\ProtoControllers\Groupe::isResponsableGroupe($data['login'], $groupesId, $sql)
+ if ('N' === $data['isResp']
+ && (\App\ProtoControllers\Groupe::isResponsableGroupe($data['login'], $groupesId, $sql)
|| \App\ProtoControllers\Groupe::isGrandResponsableGroupe($data['login'], $groupesId, $sql))) {
$errors[] = _('Cette utilisateur est responsable d\'au moins un groupe');
$return = false;
@@ -713,7 +713,7 @@ private static function isFormUpdateValide($data, &$errors, \includes\SQL $sql,
/**
* Controle la conformité du formulaire (création et mise à jour)
- *
+ *
* @param array $data
* @param array $errors
* @param \includes\SQL $sql
@@ -787,10 +787,10 @@ public static function isFormValide($data, &$errors, \includes\SQL $sql, \App\Li
/**
* Supprime un utilisateur
- *
+ *
* @param string $user
* @param array $errors
- *
+ *
* @return boolean
*/
private static function deleteUtilisateur($user, &$errors)
@@ -837,10 +837,10 @@ private static function deleteUtilisateur($user, &$errors)
/**
* Controle la possibilité de supprimer un utilisateur
- *
+ *
* @param string $user
* @param \includes\SQL $sql
- *
+ *
* @return boolean
*/
public static function isDeletable($user, \includes\SQL $sql)
@@ -857,7 +857,7 @@ public static function isDeletable($user, \includes\SQL $sql)
/**
* Création d'un nouvel utilisateur
- *
+ *
* @param array $data
* @param array $errors
* @return boolean
@@ -880,7 +880,7 @@ private static function insertUtilisateur($data, &$errors)
if ($insertInfos && $insertSoldes && $insertGroupes) {
return $sql->getPdoObj()->commit();
}
-
+
$sql->getPdoObj()->rollback();
return false;
}
@@ -888,14 +888,14 @@ private static function insertUtilisateur($data, &$errors)
private static function insertInfosUtilisateur($data, \includes\SQL $sql)
{
$req = "INSERT INTO conges_users SET
- u_login='" . $data['login'] . "',
- u_nom='" . $data['nom'] . "',
- u_prenom='" . $data['prenom'] . "',
- u_is_resp='" . $data['isResp'] . "',
- u_is_admin='" . $data['isAdmin'] . "',
- planning_id = 0,
+ u_login='" . $data['login'] . "',
+ u_nom='" . $data['nom'] . "',
+ u_prenom='" . $data['prenom'] . "',
+ u_is_resp='" . $data['isResp'] . "',
+ u_is_admin='" . $data['isAdmin'] . "',
+ planning_id = 0,
u_is_hr='" . $data['isHR'] . "',
- u_passwd='" . $data['pwd1'] . "',
+ u_passwd='" . $data['pwd1'] . "',
u_quotite=" . $data['quotite'] . ",
u_email = '" . $data['email'] . "',
u_heure_solde=" . \App\Helpers\Formatter::hour2Time($data['soldeHeure']) . ",
@@ -912,8 +912,8 @@ private static function insertSoldeUtilisateur($data, \includes\SQL $sql)
foreach ($typeAbsencesConges as $typeId => $info) {
$valuesStd[] = "('" . $data['login'] . "' ,"
. $typeId . ", "
- . $data['joursAn'][$typeId] . ", "
- . $data['soldes'][$typeId] . ", "
+ . $data['joursAn'][$typeId] . ", "
+ . $data['soldes'][$typeId] . ", "
. $data['reliquats'][$typeId] . ")" ;
}
$req = "INSERT INTO conges_solde_user (su_login, su_abs_id, su_nb_an, su_solde, su_reliquat) VALUES " . implode(",", $valuesStd);
@@ -922,8 +922,8 @@ private static function insertSoldeUtilisateur($data, \includes\SQL $sql)
if ($config->isCongesExceptionnelsActive()) {
$typeAbsencesExceptionnels = \App\ProtoControllers\Conge::getTypesAbsences($sql, 'conges_exceptionnels');
foreach ($typeAbsencesExceptionnels as $typeId => $info) {
- $valuesExc[] = "('" . $data['login'] . "' ,"
- . $typeId . ", 0, "
+ $valuesExc[] = "('" . $data['login'] . "' ,"
+ . $typeId . ", 0, "
. $data['soldes'][$typeId] . ", 0)" ;
}
@@ -946,7 +946,7 @@ private static function insertGroupesUtilisateur($data, \includes\SQL $sql)
/**
* Mise à jour d'un utilisateur
- *
+ *
* @param array $data
* @param array $errors
* @return boolean
@@ -983,10 +983,10 @@ private static function putUtilisateur($data, &$errors)
private static function updateInfosUtilisateur($data, \includes\SQL $sql)
{
- $req = 'UPDATE conges_users
+ $req = 'UPDATE conges_users
SET u_nom="' . $data['nom'] . '",
- u_prenom="' . $data['prenom'] . '",
- u_is_resp="' . $data['isResp'] . '",
+ u_prenom="' . $data['prenom'] . '",
+ u_is_resp="' . $data['isResp'] . '",
u_heure_solde='. \App\Helpers\Formatter::hour2Time($data['soldeHeure']) . ',
u_is_admin="' . $data['isAdmin'] . '",
u_is_hr="' . $data['isHR'] . '",
@@ -1001,10 +1001,10 @@ private static function updateSoldeUtilisateur($data, \includes\SQL $sql)
$config = new \App\Libraries\Configuration($sql);
$typeAbsencesConges = \App\ProtoControllers\Conge::getTypesAbsences($sql, 'conges');
foreach ($typeAbsencesConges as $typeId => $info) {
- $valuesStd[] = '(\'' . $data['joursAn'][$typeId] . '\', \''
- . $data['soldes'][$typeId] . '\', \''
- . $data['reliquats'][$typeId] . '\', "'
- . $data['oldLogin'] . '", '
+ $valuesStd[] = '(\'' . $data['joursAn'][$typeId] . '\', \''
+ . $data['soldes'][$typeId] . '\', \''
+ . $data['reliquats'][$typeId] . '\', "'
+ . $data['oldLogin'] . '", '
. (int) $typeId . ')';
}
$req = 'REPLACE INTO conges_solde_user (su_nb_an, su_solde, su_reliquat, su_login, su_abs_id) VALUES ' . implode(",", $valuesStd);
@@ -1014,67 +1014,67 @@ private static function updateSoldeUtilisateur($data, \includes\SQL $sql)
if ($config->isCongesExceptionnelsActive()) {
$typeAbsencesExceptionnels = \App\ProtoControllers\Conge::getTypesAbsences($sql, 'conges_exceptionnels');
foreach ($typeAbsencesExceptionnels as $typeId => $info) {
- $valuesExc[] = '(0, \''
- . $data['soldes'][$typeId] . '\', 0, "'
- . $data['oldLogin'] . '", '
+ $valuesExc[] = '(0, \''
+ . $data['soldes'][$typeId] . '\', 0, "'
+ . $data['oldLogin'] . '", '
. (int) $typeId . ')';
}
$req = 'REPLACE INTO conges_solde_user (su_nb_an, su_solde, su_reliquat, su_login, su_abs_id) VALUES ' . implode(",", $valuesExc);
$returnExc = $sql->query($req);
}
-
+
return $returnStd && $returnExc;
}
private static function updateLoginUtilisateur($data, \includes\SQL $sql)
{
- $req = 'UPDATE conges_echange_rtt
+ $req = 'UPDATE conges_echange_rtt
SET e_login="' . $data['login'] . '"
WHERE e_login="' . $data['oldLogin'] . '" ';
$sql->query($req);
// update table edition_papier
- $req = 'UPDATE conges_edition_papier
- SET ep_login="' . $data['login'] . '"
+ $req = 'UPDATE conges_edition_papier
+ SET ep_login="' . $data['login'] . '"
WHERE ep_login="' . $data['oldLogin'] . '" ';
$sql->query($req);
// update table groupe_grd_resp
- $req = 'UPDATE conges_groupe_grd_resp
+ $req = 'UPDATE conges_groupe_grd_resp
SET ggr_login= "' . $data['login'] . '"
WHERE ggr_login="' . $data['oldLogin'] . '" ';
$sql->query($req);
// update table groupe_resp
- $req = 'UPDATE conges_groupe_resp
- SET gr_login="' . $data['login'] . '"
+ $req = 'UPDATE conges_groupe_resp
+ SET gr_login="' . $data['login'] . '"
WHERE gr_login="' . $data['oldLogin'] . '" ';
$sql->query($req);
// update table conges_groupe_users
- $req = 'UPDATE conges_groupe_users
- SET gu_login="' . $data['login'] . '"
+ $req = 'UPDATE conges_groupe_users
+ SET gu_login="' . $data['login'] . '"
WHERE gu_login="' . $data['oldLogin'] . '" ';
$sql->query($req);
// update table periode
- $req = 'UPDATE conges_periode
- SET p_login="' . $data['login'] . '"
+ $req = 'UPDATE conges_periode
+ SET p_login="' . $data['login'] . '"
WHERE p_login="' . $data['oldLogin'] . '" ';
$sql->query($req);
$req = 'UPDATE conges_solde_user
- SET su_login="' . $data['login'] . '"
+ SET su_login="' . $data['login'] . '"
WHERE su_login="' . $data['oldLogin'] . '" ' ;
$sql->query($req);
$req = 'UPDATE heure_additionnelle
- SET login="' . $data['login'] . '"
+ SET login="' . $data['login'] . '"
WHERE login="' . $data['oldLogin'] . '" ' ;
$sql->query($req);
$req = 'UPDATE heure_repos
- SET login="' . $data['login'] . '"
+ SET login="' . $data['login'] . '"
WHERE login="' . $data['oldLogin'] . '" ' ;
$sql->query($req);
@@ -1087,16 +1087,16 @@ private static function updateLoginUtilisateur($data, \includes\SQL $sql)
private static function updateEmailUtilisateur($data, \includes\SQL $sql)
{
- $req = 'UPDATE conges_users
- SET u_email = "'. $data['email'] . '"
+ $req = 'UPDATE conges_users
+ SET u_email = "'. $data['email'] . '"
WHERE u_login="' . $data['oldLogin'] . '"' ;
return $sql->query($req);
}
private static function updatePasswordUtilisateur($data, \includes\SQL $sql)
{
- $req = 'UPDATE conges_users
- SET u_passwd = "' . $data['pwd1'] . '"
+ $req = 'UPDATE conges_users
+ SET u_passwd = "' . $data['pwd1'] . '"
WHERE u_login="' . $data['oldLogin'] . '"' ;
return $sql->query($req);
}