From 99786a5a1615b7cb4910838939f6d2b1886be0fd Mon Sep 17 00:00:00 2001
From: mdtrooper <tres.14159@gmail.com>
Date: Mon, 19 Jan 2015 14:35:56 +0100
Subject: [PATCH] Fixed the custom config values for user in the first login.
---
pandora_console/include/config_process.php | 28 ++-------------
pandora_console/include/functions_config.php | 35 ++++++++++++++++--
pandora_console/index.php | 38 ++++++++++++--------
3 files changed, 58 insertions(+), 43 deletions(-)
diff --git a/pandora_console/include/config_process.php b/pandora_console/include/config_process.php
index 90a7916637..61ff814fac 100644
--- a/pandora_console/include/config_process.php
+++ b/pandora_console/include/config_process.php
@@ -115,6 +115,7 @@ require_once ($ownDir. 'functions_config.php');
date_default_timezone_set("Europe/Madrid");
+
config_process_config();
if (!isset($config["homeurl_static"])) {
@@ -142,32 +143,9 @@ else {
$config["global_block_size"] = $config["block_size"];
$config["global_flash_charts"] = $config["flash_charts"];
+
if (isset ($config['id_user'])) {
- $userinfo = get_user_info ($config['id_user']);
-
- // Refresh the last_connect info in the user table
- // if last update was more than 5 minutes ago
- if($userinfo['last_connect'] < (time()-SECONDS_1MINUTE)) {
- update_user($config['id_user'], array('last_connect' => time()));
- }
-
- // If block_size or flash_chart are provided then override global settings
- if (!empty($userinfo["block_size"]) && ($userinfo["block_size"] != 0))
- $config["block_size"] = $userinfo["block_size"];
-
- if ($userinfo["flash_chart"] != -1)
- $config["flash_charts"] = $userinfo["flash_chart"];
-
- // Each user could have it's own timezone)
- if (isset($userinfo["timezone"])) {
- if ($userinfo["timezone"] != "") {
- date_default_timezone_set($userinfo["timezone"]);
- }
- }
-
- if (defined('METACONSOLE')) {
- $config['metaconsole_access'] = $userinfo["metaconsole_access"];
- }
+ config_user_set_custom_config();
}
// Check if inventory_changes_blacklist is setted, if not create it
diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php
index daf12e9367..b70b998439 100644
--- a/pandora_console/include/functions_config.php
+++ b/pandora_console/include/functions_config.php
@@ -1414,8 +1414,8 @@ function config_check () {
function config_return_in_bytes($val) {
$val = trim($val);
- $last = strtolower($val[strlen($val)-1]);
- switch($last) {
+ $last = strtolower($val[strlen($val) - 1]);
+ switch ($last) {
// The 'G' modifier is available since PHP 5.1.0
case 'g':
$val *= 1024;
@@ -1424,8 +1424,37 @@ function config_return_in_bytes($val) {
case 'k':
$val *= 1024;
}
-
+
return $val;
}
+function config_user_set_custom_config() {
+ global $config;
+
+ $userinfo = get_user_info ($config['id_user']);
+
+ // Refresh the last_connect info in the user table
+ // if last update was more than 5 minutes ago
+ if ($userinfo['last_connect'] < (time()-SECONDS_1MINUTE)) {
+ update_user($config['id_user'], array('last_connect' => time()));
+ }
+
+ // If block_size or flash_chart are provided then override global settings
+ if (!empty($userinfo["block_size"]) && ($userinfo["block_size"] != 0))
+ $config["block_size"] = $userinfo["block_size"];
+
+ if ($userinfo["flash_chart"] != -1)
+ $config["flash_charts"] = $userinfo["flash_chart"];
+
+ // Each user could have it's own timezone)
+ if (isset($userinfo["timezone"])) {
+ if ($userinfo["timezone"] != "") {
+ date_default_timezone_set($userinfo["timezone"]);
+ }
+ }
+
+ if (defined('METACONSOLE')) {
+ $config['metaconsole_access'] = $userinfo["metaconsole_access"];
+ }
+}
?>
diff --git a/pandora_console/index.php b/pandora_console/index.php
index a92726bb30..2610bd9996 100755
--- a/pandora_console/index.php
+++ b/pandora_console/index.php
@@ -69,6 +69,7 @@ if ((! file_exists ("include/config.php")) || (! is_readable ("include/config.ph
session_start ();
require_once ("include/config.php");
+
// If metaconsole activated, redirect to it
if ($config['metaconsole'] == 1 && $config['enterprise_installed'] == 1) {
header ("Location: " . $config['homeurl'] . "enterprise/meta");
@@ -177,34 +178,34 @@ if (! isset ($config['id_user'])) {
$pass = get_parameter_post ("pass"); //This is the variable with the password
$nick = db_escape_string_sql($nick);
$pass = db_escape_string_sql($pass);
-
+
//Since now, only the $pass variable are needed
unset ($_GET['pass'], $_POST['pass'], $_REQUEST['pass']);
-
+
// If the auth_code exists, we assume the user has come through the double auth page
if (isset ($_POST['auth_code'])) {
$double_auth_success = false;
-
+
// The double authentication is activated and the user has surpassed the first step (the login).
// Now the authentication code provided will be checked.
if (isset ($_SESSION['prepared_login_da'])) {
if (isset ($_SESSION['prepared_login_da']['id_user'])
&& isset ($_SESSION['prepared_login_da']['timestamp'])) {
-
+
// The user has a maximum of 5 minutes to introduce the double auth code
$dauth_period = SECONDS_2MINUTES;
$now = time();
$dauth_time = $_SESSION['prepared_login_da']['timestamp'];
-
+
if ($now - $dauth_period < $dauth_time) {
// Nick
$nick = $_SESSION["prepared_login_da"]['id_user'];
// Code
$code = (string) get_parameter_post ("auth_code");
-
+
if (!empty($code)) {
$result = validate_double_auth_code($nick, $code);
-
+
if ($result === true) {
// Double auth success
$double_auth_success = true;
@@ -214,7 +215,7 @@ if (! isset ($config['id_user'])) {
$login_screen = 'double_auth';
// Error message
$config["auth_error"] = __("Invalid code");
-
+
if (!isset($_SESSION['prepared_login_da']['attempts']))
$_SESSION['prepared_login_da']['attempts'] = 0;
$_SESSION['prepared_login_da']['attempts']++;
@@ -225,7 +226,7 @@ if (! isset ($config['id_user'])) {
$login_screen = 'double_auth';
// Error message
$config["auth_error"] = __("The code shouldn't be empty");
-
+
if (!isset($_SESSION['prepared_login_da']['attempts']))
$_SESSION['prepared_login_da']['attempts'] = 0;
$_SESSION['prepared_login_da']['attempts']++;
@@ -234,7 +235,7 @@ if (! isset ($config['id_user'])) {
else {
// Expired login
unset ($_SESSION['prepared_login_da']);
-
+
// Error message
$config["auth_error"] = __('Expired login');
}
@@ -242,7 +243,7 @@ if (! isset ($config['id_user'])) {
else {
// If the code doesn't exist, remove the prepared login
unset ($_SESSION['prepared_login_da']);
-
+
// Error message
$config["auth_error"] = __('Login error');
}
@@ -252,10 +253,10 @@ if (! isset ($config['id_user'])) {
// Error message
$config["auth_error"] = __('Login error');
}
-
+
// Remove the authenticator code
unset ($_POST['auth_code'], $code);
-
+
if (!$double_auth_success) {
$login_failed = true;
require_once ('general/login_page.php');
@@ -328,14 +329,14 @@ if (! isset ($config['id_user'])) {
'timestamp' => time(),
'attempts' => 0
);
-
+
// Load the page to introduce the double auth code
$login_screen = 'double_auth';
require_once ('general/login_page.php');
while (@ob_end_flush ());
exit ("</html>");
}
-
+
//login ok and password has not expired
$process_login = true;
@@ -395,6 +396,13 @@ if (! isset ($config['id_user'])) {
db_logon ($nick_in_db, $_SERVER['REMOTE_ADDR']);
$_SESSION['id_usuario'] = $nick_in_db;
$config['id_user'] = $nick_in_db;
+
+ //==========================================================
+ //-------- SET THE CUSTOM CONFIGS OF USER ------------------
+
+ config_user_set_custom_config();
+ //==========================================================
+
//Remove everything that might have to do with people's passwords or logins
unset ($pass, $login_good);