Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

2025-02-06 07:04:57 +00:00 · 2022-11-17 17:44:05 +01:00 · 2022-11-17 17:44:05 +01:00 · 9dbe4e25aa
commit 9dbe4e25aa
parent 330073f52a 2e4b19e4ef
4 changed files with 10 additions and 12 deletions
--- a/1
+++ b/1
@ -259,6 +259,7 @@
 - new hook in rest api to add more routes in extensions
 - uploaded serveral documents at once by fast upload will assign random
  sequence number to allow manually sorting the documents afterwards
+- fix counting of login failures if both ldap and db authentication is done

 --------------------------------------------------------------------------------
                     Changes in version 5.1.27
--- a/controllers/class.Login.php
+++ b/controllers/class.Login.php
@ -116,6 +116,15 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {

 		/* If the user is still not authenticated, then exit with an error */
 		if(!is_object($user)) {
+			/* if counting of login failures is turned on, then increment its value */
+			if($settings->_loginFailure) {
+				$user = $dms->getUserByLogin($login);
+				if($user) {
+					$failures = $user->addLoginFailure();
+					if($failures >= $settings->_loginFailure)
+						$user->setDisabled(true);
+				}
+			}
 			$this->callHook('loginFailed');
 			$this->setErrorMsg("login_error_text");
 			return false;
--- a/inc/inc.ClassDbAuthentication.php
+++ b/inc/inc.ClassDbAuthentication.php
@ -43,12 +43,6 @@ class SeedDMS_DbAuthentication extends SeedDMS_Authentication {
 			// Assume that the password has been sent via HTTP POST. It would be careless
 			// (and dangerous) for passwords to be sent via GET.
 			if (!seed_pass_verify($password, $user->getPwd())) {
-				/* if counting of login failures is turned on, then increment its value */
-				if($settings->_loginFailure) {
-					$failures = $user->addLoginFailure();
-					if($failures >= $settings->_loginFailure)
-						$user->setDisabled(true);
-				}
 				$user = false;
 			}
 		}
--- a/inc/inc.ClassLdapAuthentication.php
+++ b/inc/inc.ClassLdapAuthentication.php
@ -134,12 +134,6 @@ class SeedDMS_LdapAuthentication extends SeedDMS_Authentication {
 					}
 				}
 			} elseif($user) {
-				$userid = $user->getID();
-				if($settings->_loginFailure) {
-					$failures = $user->addLoginFailure();
-					if($failures >= $settings->_loginFailure)
-						$user->setDisabled(true);
-				}
 				$user = false;
 			}
 			ldap_close($ds);