amarildo.pereira
/
pabx-app
forked from SimplesIP/pabx-app
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Corrigido bugs do multimepresas e finalizacao da tela de login

dev
Matheo Bonucia 10 months ago
parent
340a5213ea
commit
8f2461cd42
3 changed files with 18 additions and 81 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 26
      include/util/funcoesApl.php
  2. 14
      login.php
  3. 59
      login/processar_forms.php

26
include/util/funcoesApl.php
Unescape View File

@ -1339,7 +1339,7 @@ function GetOrganizacao()
INNER JOIN pbx_organizacao_usuarios pou ON po.id = pou.id_organizacao
INNER JOIN pbx_usuarios pu ON pu.id = pou.id_usuario
WHERE id_usuario = %s
AND (org_padrao = po.id OR po.id = (SELECT MAX(id_organizacao) FROM pbx_organizacao_usuarios WHERE id_usuario = pu.id))";
AND (org_padrao = po.id OR po.id = (SELECT MIN(id_organizacao) FROM pbx_organizacao_usuarios WHERE id_usuario = pu.id AND po.status='1'))";
$query = sprintf($query, $_SESSION['SSidUser']);
$result = pg_query($dbcon, $query);
$res = pg_fetch_assoc($result);
@ -4096,20 +4096,20 @@ function PaginaDados($idProg, &$sql, &$params, &$regPagina, &$offSet, &$pagMostr
*/
$org_id = GetOrganizacao();
// if (strpos($sql, 'org_id') === false && strpos($sql, 'id_organizacao') === false) {
// if (strpos($sql, 'where') !== false) {
// $sql = str_replace("where", "where org_id = {$org_id} and", $sql);
// } else if (strpos($sql, 'WHERE') !== false) {
// $sql = str_replace("WHERE", "WHERE org_id = {$org_id} AND", $sql);
// }
// }
if (strpos($sql, 'org_id') === false && strpos($sql, 'id_organizacao') === false) {
$org_condition = "org_id = {$org_id}";
// Substituir todas as ocorrências de 'where' ou 'WHERE' pela condição com 'AND'
$sql = str_replace(array('where', 'WHERE'), "WHERE $org_condition AND", $sql);
if (strpos($sql, 'where') !== false) {
$sql = str_replace("where", "where org_id = {$org_id} and", $sql);
} else if (strpos($sql, 'WHERE') !== false) {
$sql = str_replace("WHERE", "WHERE org_id = {$org_id} AND", $sql);
}
}
// if (strpos($sql, 'org_id') === false && strpos($sql, 'id_organizacao') === false) {
// $org_condition = "org_id = {$org_id}";
// // Substituir todas as ocorrências de 'where' ou 'WHERE' pela condição com 'AND'
// $sql = str_replace(array('where', 'WHERE'), "WHERE $org_condition AND", $sql);
// }
$totalReg = is_numeric($sql) ? $sql : PaginacaoTotalReg($sql, $idProg, $force);

14
login.php
Unescape View File

@ -1,18 +1,14 @@
<?php
$desabilitaLayout = 1;
$smarty->assign("desabilitaLayout", $desabilitaLayout);
$renderizarPagina = true;
include "login/api_banner.php";
include "util/funcoesLicenca.php";
$tentativaErro = 5;
if (!isset($_POST['btLogin'])) {
echo "<script> </script>";
} else {
if (isset($_POST['btLogin'])) {
$login = strtolower(substr($_POST["loginUser"], 0, 50));
// $login = isset($_POST['loginUser']) ? strtolower(substr($_POST['loginUser'], 0, 50)) : '';
// $senha = isset($_POST['loginPass']) ? substr($_POST['loginPass'], 0, 14) : '';
$senha = substr($_POST["loginPass"], 0, 14);
$validaTentativa = countTentativas($dbcon, $login, $tentativaErro);
@ -170,10 +166,9 @@ function ValidaRecuperaSenha($dbcon)
?>
<?php
$renderizarPagina = true;
if($renderizarPagina && ($_GET['action'] != 'recovery_password')){
?>
if($renderizarPagina && (!$_GET['action'])){
?>
<!DOCTYPE html>
<html>
@ -238,6 +233,7 @@ if($renderizarPagina && ($_GET['action'] != 'recovery_password')){
</script>
<?php
}else{
$renderizarPagina = false;
$desabilitaLayout = null;
$smarty->assign("desabilitaLayout", $desabilitaLayout);
?>

59
login/processar_forms.php
Unescape View File

@ -1,59 +0,0 @@
<?php
include "util/funcoesLicenca.php";
include "include/bd.php";
$tentativaErro = 5;
header('Content-Type: application/json');
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['loginUser']) && isset($_POST['loginPass'])) {
$login = strtolower(substr($_POST["loginUser"], 0, 50));
$password = substr($_POST["loginPass"], 0, 14);
$query = "select id, nome, apelido, matricula,
case when((select count(*)
from pbx_grupo_usuario a, pbx_grupo_funcoes b, pbx_funcoes c
where b.gp_id = a.gp_id
and c.fun_id = b.fun_id
and a.user_id = u.id
and c.fun_nome = 'mnSupervisor') > 0)then 1 else 0 end as supervisor,
cast( admin as int) as admin, case when(agente = true)then 1 else 0 end as agente,
def_senha,
senha_expira, senha_dias_expira,
senha_ult_atualiza,
senha_ult_atualiza + senha_dias_expira as senha_dt_expira,
case when((senha_ult_atualiza + senha_dias_expira) < CURRENT_DATE)then 1 else 0 end as senha_expirada,
penalidade, senha, termo_uso_privacidade
from pbx_usuarios u
WHERE (u.check_vl = md5($1) OR email = $2)
AND coalesce(status, true) = true AND coalesce(delete_,0) = 0";
$params = [md5($login) , $login];
$result = pg_query_params($dbcon, $query, $params);
if (!$result) {
echo json_encode(['status' => 'error', 'message' => 'Erro na consulta SQL: ' . pg_last_error($dbcon)]);
}
// Autentica usuário //
$senhaIsValid = false;
if (pg_num_rows($result)) {
$row = pg_fetch_array($result);
$senhaUser = $row['senha'];
$senhaLogin = md5($senha);
$senhaIsValid = $senhaUser == $senhaLogin;
if ($senhaIsValid) {
echo json_encode(['status' => 'success', 'message' => 'Autenticação bem-sucedida']);
} else {
echo json_encode(['status' => 'error', 'message' => 'Senha inválida']);
}
} else {
echo json_encode(['status' => 'error', 'message' => 'Usuário não encontrado']);
}
}
}
?>
Write Preview
Loading…
Cancel
Save