[Vtigercrm-commits] [vtiger-commits] r10245 - in /vtigercrm/branches/5.0.3/soap: thunderbirdplugin.php wordplugin.php

[vtigercrm-commits at vtiger.fosslabs.com]

Author: saraj
Date: Mon Feb 26 08:39:56 2007
New Revision: 10245

Log:
inactive user able to login through thunderbird plugin - fixed. Fixes #3084

Modified:
    vtigercrm/branches/5.0.3/soap/thunderbirdplugin.php
    vtigercrm/branches/5.0.3/soap/wordplugin.php

Modified: vtigercrm/branches/5.0.3/soap/thunderbirdplugin.php
==============================================================================
--- vtigercrm/branches/5.0.3/soap/thunderbirdplugin.php (original)
+++ vtigercrm/branches/5.0.3/soap/thunderbirdplugin.php Mon Feb 26 08:39:56 2007
@@ -490,20 +490,27 @@
   $return_access = 'failure';
   require_once('modules/Users/Users.php');
 	$objuser = new Users();
-  if($password != "" && $user_name != '')
-	{
-		$objuser->column_fields['user_name'] = $user_name;
-		$encrypted_password = $objuser->encrypt_password($password);
-		$query = "select id from vtiger_users where user_name='$user_name' and user_password='$encrypted_password'";
-		$result = $adb->query($query);
-		if($adb->num_rows($result) > 0)
+	if($password != "" && $user_name != '')
+	{
+		if($objuser->is_authenticated())
 		{
-			$return_access = 'success';
-			$log->debug("Logged in sucessfully from thunderbirdplugin");
-		}else
+			$objuser->column_fields['user_name'] = $user_name;
+			$encrypted_password = $objuser->encrypt_password($password);
+			$query = "select id from vtiger_users where user_name='$user_name' and user_password='$encrypted_password'";
+			$result = $adb->query($query);
+			if($adb->num_rows($result) > 0)
+			{
+				$return_access = 'success';
+				$log->debug("Logged in sucessfully from thunderbirdplugin");
+			}else
+			{
+				$return_access = 'failure';
+				$log->debug("Logged in failure from thunderbirdplugin");
+			}
+		}
+		else
 		{
 			$return_access = 'failure';
-			$log->debug("Logged in failure from thunderbirdplugin");
 		}
 	}else
 	{

Modified: vtigercrm/branches/5.0.3/soap/wordplugin.php
==============================================================================
--- vtigercrm/branches/5.0.3/soap/wordplugin.php (original)
+++ vtigercrm/branches/5.0.3/soap/wordplugin.php Mon Feb 26 08:39:56 2007
@@ -327,18 +327,26 @@
 	$objuser = new Users();
 	if($password != "" && $user_name != '')
 	{
-		$objuser->column_fields['user_name'] = $user_name;
-		$encrypted_password = $objuser->encrypt_password($password);
-		$query = "select id from vtiger_users where user_name='$user_name' and user_password='$encrypted_password'";
-		$result = $adb->query($query);
-		if($adb->num_rows($result) > 0)
+		if($objuser->is_authenticated())
 		{
-			$return_access = "TempSessionID";
-			$log->debug("Logged in sucessfully from wordplugin");
-		}else
+			$objuser->column_fields['user_name'] = $user_name;
+			$encrypted_password = $objuser->encrypt_password($password);
+			$query = "select id from vtiger_users where user_name='$user_name' and user_password='$encrypted_password'";
+			$result = $adb->query($query);
+			if($adb->num_rows($result) > 0)
+			{
+				$return_access = "TempSessionID";
+				$log->debug("Logged in sucessfully from wordplugin");
+			}else
+			{
+				$return_access = "false";
+				$log->debug("Logged in failure from wordplugin");
+			}
+		}
+		else
 		{
 			$return_access = "false";
-			$log->debug("Logged in failure from wordplugin");
+			$log->debug("Logged in failure from wordplugin when the user is not authenticated");
 		}
 	}else
 	{