);
$loggedin = 1;
}
- elsif ( $sessionID = $query->cookie("CGISESSID")) { # assignment, not comparison (?)
+ elsif ( $sessionID = $query->cookie("CGISESSID")) { # assignment, not comparison
my $session = get_session($sessionID);
C4::Context->_new_userenv($sessionID);
if ($session){
_session_log(sprintf "%20s from %16s logged in at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},localtime);
$cookie = $query->cookie(CGISESSID => $sessionID);
if ( $flags = haspermission( $dbh, $userid, $flagsrequired ) ) {
- $loggedin = 1;
+ $loggedin = 1;
}
else {
$info{'nopermission'} = 1;
$branchname = GetBranchName($branchcode);
}
my $branches = GetBranches();
+ if (C4::Context->boolean_preference('IndependantBranches') && C4::Context->boolean_preference('Autolocation')){
+ # we have to check they are coming from the right ip range
+ my $domain = $branches->{$branchcode}->{'branchip'};
+ if ($ip !~ /^$domain/){
+ $loggedin=0;
+ $info{'wrongip'} = 1;
+ }
+ }
+
my @branchesloop;
foreach my $br ( keys %$branches ) {
# now we work with the treatment of ip
$info{'invalid_username_or_password'} = 1;
C4::Context->_unset_userenv($sessionID);
}
+
}
}
my $insecure = C4::Context->boolean_preference('insecure');
IndependantBranches => C4::Context->preference("IndependantBranches"),
AutoLocation => C4::Context->preference("AutoLocation"),
yuipath => C4::Context->preference("yuipath"),
+ wrongip => $info{'wrongip'}
);
+
$template->param( loginprompt => 1 ) unless $info{'nopermission'};
my $self_url = $query->url( -absolute => 1 );
<div id="login_error"><strong>Error: </strong>IP address has changed, please log in again </div>
<!-- /TMPL_IF -->
+<!-- TMPL_IF NAME="wrongip" -->
+<div id="login_error"><strong>Error: </strong>Independent Branches and Autolocation are switched on and you are logging in with an IP address that doesn't match your branch. </div>
+<!-- /TMPL_IF -->
+
<!-- TMPL_IF NAME="invalid_username_or_password" -->
<div id="login_error"><strong>Error: </strong>Invalid username or password</div>
<!-- /TMPL_IF -->