From 99786a5a1615b7cb4910838939f6d2b1886be0fd Mon Sep 17 00:00:00 2001
From: mdtrooper <tres.14159@gmail.com>
Date: Mon, 19 Jan 2015 14:35:56 +0100
Subject: [PATCH] Fixed the custom config values for user in the first login.

---
 pandora_console/include/config_process.php   | 28 ++-------------
 pandora_console/include/functions_config.php | 35 ++++++++++++++++--
 pandora_console/index.php                    | 38 ++++++++++++--------
 3 files changed, 58 insertions(+), 43 deletions(-)

diff --git a/pandora_console/include/config_process.php b/pandora_console/include/config_process.php
index 90a7916637..61ff814fac 100644
--- a/pandora_console/include/config_process.php
+++ b/pandora_console/include/config_process.php
@@ -115,6 +115,7 @@ require_once ($ownDir. 'functions_config.php');
 
 date_default_timezone_set("Europe/Madrid");
 
+
 config_process_config();
 
 if (!isset($config["homeurl_static"])) {
@@ -142,32 +143,9 @@ else {
 $config["global_block_size"] = $config["block_size"];
 $config["global_flash_charts"] = $config["flash_charts"];
 
+
 if (isset ($config['id_user'])) {
-	$userinfo = get_user_info ($config['id_user']);
-	
-	// Refresh the last_connect info in the user table 
-	// if last update was more than 5 minutes ago
-	if($userinfo['last_connect'] < (time()-SECONDS_1MINUTE)) {
-		update_user($config['id_user'], array('last_connect' => time()));
-	}
-	
-	// If block_size or flash_chart are provided then override global settings
-	if (!empty($userinfo["block_size"]) && ($userinfo["block_size"] != 0))
-		$config["block_size"] = $userinfo["block_size"];
-	
-	if ($userinfo["flash_chart"] != -1)
-		$config["flash_charts"] = $userinfo["flash_chart"];
-	
-	// Each user could have it's own timezone)
-	if (isset($userinfo["timezone"])) {
-		if ($userinfo["timezone"] != "") {
-			date_default_timezone_set($userinfo["timezone"]);
-		}
-	}
-	
-	if (defined('METACONSOLE')) {
-		$config['metaconsole_access'] = $userinfo["metaconsole_access"];
-	}
+	config_user_set_custom_config();
 } 
 
 // Check if inventory_changes_blacklist is setted, if not create it
diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php
index daf12e9367..b70b998439 100644
--- a/pandora_console/include/functions_config.php
+++ b/pandora_console/include/functions_config.php
@@ -1414,8 +1414,8 @@ function config_check () {
 
 function config_return_in_bytes($val) {
 	$val = trim($val);
-	$last = strtolower($val[strlen($val)-1]);
-	switch($last) {
+	$last = strtolower($val[strlen($val) - 1]);
+	switch ($last) {
 		// The 'G' modifier is available since PHP 5.1.0
 		case 'g':
 			$val *= 1024;
@@ -1424,8 +1424,37 @@ function config_return_in_bytes($val) {
 		case 'k':
 			$val *= 1024;
 	}
-
+	
 	return $val;
 }
 
+function config_user_set_custom_config() {
+	global $config;
+	
+	$userinfo = get_user_info ($config['id_user']);
+	
+	// Refresh the last_connect info in the user table 
+	// if last update was more than 5 minutes ago
+	if ($userinfo['last_connect'] < (time()-SECONDS_1MINUTE)) {
+		update_user($config['id_user'], array('last_connect' => time()));
+	}
+	
+	// If block_size or flash_chart are provided then override global settings
+	if (!empty($userinfo["block_size"]) && ($userinfo["block_size"] != 0))
+		$config["block_size"] = $userinfo["block_size"];
+	
+	if ($userinfo["flash_chart"] != -1)
+		$config["flash_charts"] = $userinfo["flash_chart"];
+	
+	// Each user could have it's own timezone)
+	if (isset($userinfo["timezone"])) {
+		if ($userinfo["timezone"] != "") {
+			date_default_timezone_set($userinfo["timezone"]);
+		}
+	}
+	
+	if (defined('METACONSOLE')) {
+		$config['metaconsole_access'] = $userinfo["metaconsole_access"];
+	}
+}
 ?>
diff --git a/pandora_console/index.php b/pandora_console/index.php
index a92726bb30..2610bd9996 100755
--- a/pandora_console/index.php
+++ b/pandora_console/index.php
@@ -69,6 +69,7 @@ if ((! file_exists ("include/config.php")) || (! is_readable ("include/config.ph
 session_start ();
 require_once ("include/config.php");
 
+
 // If metaconsole activated, redirect to it
 if ($config['metaconsole'] == 1 && $config['enterprise_installed'] == 1) {
 	header ("Location: " . $config['homeurl'] . "enterprise/meta");
@@ -177,34 +178,34 @@ if (! isset ($config['id_user'])) {
 		$pass = get_parameter_post ("pass"); //This is the variable with the password
 		$nick = db_escape_string_sql($nick);
 		$pass = db_escape_string_sql($pass);
-
+		
 		//Since now, only the $pass variable are needed
 		unset ($_GET['pass'], $_POST['pass'], $_REQUEST['pass']);
-
+		
 		// If the auth_code exists, we assume the user has come through the double auth page
 		if (isset ($_POST['auth_code'])) {
 			$double_auth_success = false;
-
+			
 			// The double authentication is activated and the user has surpassed the first step (the login).
 			// Now the authentication code provided will be checked.
 			if (isset ($_SESSION['prepared_login_da'])) {
 				if (isset ($_SESSION['prepared_login_da']['id_user'])
 						&& isset ($_SESSION['prepared_login_da']['timestamp'])) {
-
+					
 					// The user has a maximum of 5 minutes to introduce the double auth code
 					$dauth_period = SECONDS_2MINUTES;
 					$now = time();
 					$dauth_time = $_SESSION['prepared_login_da']['timestamp'];
-
+					
 					if ($now - $dauth_period < $dauth_time) {
 						// Nick
 						$nick = $_SESSION["prepared_login_da"]['id_user'];
 						// Code
 						$code = (string) get_parameter_post ("auth_code");
-
+						
 						if (!empty($code)) {
 							$result = validate_double_auth_code($nick, $code);
-
+							
 							if ($result === true) {
 								// Double auth success
 								$double_auth_success = true;
@@ -214,7 +215,7 @@ if (! isset ($config['id_user'])) {
 								$login_screen = 'double_auth';
 								// Error message
 								$config["auth_error"] = __("Invalid code");
-
+								
 								if (!isset($_SESSION['prepared_login_da']['attempts']))
 									$_SESSION['prepared_login_da']['attempts'] = 0;
 								$_SESSION['prepared_login_da']['attempts']++;
@@ -225,7 +226,7 @@ if (! isset ($config['id_user'])) {
 							$login_screen = 'double_auth';
 							// Error message
 							$config["auth_error"] = __("The code shouldn't be empty");
-
+							
 							if (!isset($_SESSION['prepared_login_da']['attempts']))
 								$_SESSION['prepared_login_da']['attempts'] = 0;
 							$_SESSION['prepared_login_da']['attempts']++;
@@ -234,7 +235,7 @@ if (! isset ($config['id_user'])) {
 					else {
 						// Expired login
 						unset ($_SESSION['prepared_login_da']);
-
+						
 						// Error message
 						$config["auth_error"] = __('Expired login');
 					}
@@ -242,7 +243,7 @@ if (! isset ($config['id_user'])) {
 				else {
 					// If the code doesn't exist, remove the prepared login
 					unset ($_SESSION['prepared_login_da']);
-
+					
 					// Error message
 					$config["auth_error"] = __('Login error');
 				}
@@ -252,10 +253,10 @@ if (! isset ($config['id_user'])) {
 				// Error message
 				$config["auth_error"] = __('Login error');
 			}
-
+			
 			// Remove the authenticator code
 			unset ($_POST['auth_code'], $code);
-
+			
 			if (!$double_auth_success) {
 				$login_failed = true;
 				require_once ('general/login_page.php');
@@ -328,14 +329,14 @@ if (! isset ($config['id_user'])) {
 						'timestamp' => time(),
 						'attempts' => 0
 					);
-
+				
 				// Load the page to introduce the double auth code
 				$login_screen = 'double_auth';
 				require_once ('general/login_page.php');
 				while (@ob_end_flush ());
 				exit ("</html>");
 			}
-
+			
 			//login ok and password has not expired
 			$process_login = true;
 			
@@ -395,6 +396,13 @@ if (! isset ($config['id_user'])) {
 			db_logon ($nick_in_db, $_SERVER['REMOTE_ADDR']);
 			$_SESSION['id_usuario'] = $nick_in_db;
 			$config['id_user'] = $nick_in_db;
+			
+			//==========================================================
+			//-------- SET THE CUSTOM CONFIGS OF USER ------------------
+			
+			config_user_set_custom_config();
+			//==========================================================
+			
 			//Remove everything that might have to do with people's passwords or logins
 			unset ($pass, $login_good);