N°5394 - use session for the FSM

N°5510 - Exception "$amount: Expected 5% to be within 0% and 1%" when compiling a theme
N°5509 - User Provisioning Issue
2026-02-20 10:54:12 +01:00 · 2022-09-12 10:56:25 +02:00 · 2022-09-09 09:20:52 +02:00 · 2022-09-08 09:58:29 +02:00 · 2022-09-01 16:08:16 +02:00
7 changed files with 18 additions and 24 deletions
--- a/application/loginbasic.class.inc.php
+++ b/application/loginbasic.class.inc.php
@@ -62,6 +62,7 @@ class LoginBasic extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			Session::Set('auth_user', $sAuthUser);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -70,8 +71,7 @@ class LoginBasic extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'basic')
 		{
-			list($sAuthUser) = $this->GetAuthUserAndPassword();
-			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode'));
+			LoginWebPage::OnLoginSuccess(Session::Get('auth_user'), 'internal', Session::Get('login_mode'));
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
--- a/application/loginexternal.class.inc.php
+++ b/application/loginexternal.class.inc.php
@@ -45,6 +45,7 @@ class LoginExternal extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			Session::Set('auth_user', $sAuthUser);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -53,8 +54,7 @@ class LoginExternal extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'external')
 		{
-			$sAuthUser = $this->GetAuthUser();
-			LoginWebPage::OnLoginSuccess($sAuthUser, 'external', Session::Get('login_mode'));
+			LoginWebPage::OnLoginSuccess(Session::Get('auth_user'), 'external', Session::Get('login_mode'));
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
--- a/application/loginform.class.inc.php
+++ b/application/loginform.class.inc.php
@@ -71,6 +71,7 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			Session::Set('auth_user', $sAuthUser);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -82,17 +83,8 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 	{
 		if (Session::Get('login_mode') == 'form')
 		{
-			if (Session::IsSet('auth_user'))
-			{
-				// If FSM reenter this state (example 2FA) then the auth_user is not resubmitted
-				$sAuthUser = Session::Get('auth_user');
-			}
-			else
-			{
-				$sAuthUser = utils::ReadPostedParam('auth_user', '', 'raw_data');
-			}
 			// Store 'auth_user' in session for further use
-			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode'));
+			LoginWebPage::OnLoginSuccess(Session::Get('auth_user'), 'internal', Session::Get('login_mode'));
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
--- a/application/loginurl.class.inc.php
+++ b/application/loginurl.class.inc.php
@@ -60,6 +60,7 @@ class LoginURL extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			Session::Set('auth_user', $sAuthUser);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -68,8 +69,7 @@ class LoginURL extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'url')
 		{
-			$sAuthUser = utils::ReadParam('auth_user', '', false, 'raw_data');
-			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode'));
+			LoginWebPage::OnLoginSuccess(Session::Get('auth_user'), 'internal', Session::Get('login_mode'));
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
--- a/application/loginwebpage.class.inc.php
+++ b/application/loginwebpage.class.inc.php
@@ -112,7 +112,7 @@ class LoginWebPage extends NiceWebPage
 	 */
 	public static function SynchronizeProfiles(&$oUser, array $aProfiles, $sOrigin)
 	{
-		$oProfilesSet = $oUser->Get(‘profile_list’);
+		$oProfilesSet = $oUser->Get('profile_list');
 		//delete old profiles
 		$aExistingProfiles = [];
 		while ($oProfile = $oProfilesSet->Fetch())
--- a/datamodels/2.x/itop-portal-base/portal/public/css/variables.scss
+++ b/datamodels/2.x/itop-portal-base/portal/public/css/variables.scss
@@ -612,7 +612,7 @@ $popover-arrow-color:                 $popover-bg !default;
 //** Popover outer arrow width
 $popover-arrow-outer-width:           ($popover-arrow-width + 1) !default;
 //** Popover outer arrow color
-$popover-arrow-outer-color:           fadein($popover-border-color, 5%) !default;
+$popover-arrow-outer-color:           fade-in($popover-border-color, 0.05) !default;
 //** Popover outer arrow fallback color
 $popover-arrow-outer-fallback-color:  darken($popover-fallback-border-color, 20%) !default;

--- a/sources/application/Helper/Session.php
+++ b/sources/application/Helper/Session.php
@@ -25,16 +25,18 @@ class Session

 	public static function Start()
 	{
+		if (!self::$bIsInitialized) {
+			session_name('itop-'.md5(APPROOT));
+		}
 		self::$bIsInitialized = true;
 		if (!self::$bSessionStarted) {
-			session_name('itop-'.md5(APPROOT));
 			if (!is_null(self::$iSessionId)) {
-				session_id(self::$iSessionId);
-				self::$bSessionStarted = session_start();
-			} else {
-				self::$bSessionStarted = session_start();
-				self::$iSessionId = session_id();
+				if (session_id(self::$iSessionId) === false) {
+					session_regenerate_id();
+				}
 			}
+			self::$bSessionStarted = session_start();
+			self::$iSessionId = session_id();
 		}
 	}
Author	SHA1	Message	Date
Eric Espie	2a064fd97d	N°5394 - use session for the FSM	2022-09-12 10:56:25 +02:00
Eric Espie	ca3c0cb163	N°5510 - Exception "$amount: Expected 5% to be within 0% and 1%" when compiling a theme	2022-09-09 09:20:52 +02:00
Eric Espie	44c0e236b0	N°5509 - User Provisioning Issue	2022-09-08 09:58:29 +02:00
Eric Espie	6190429f51	N°5394 - Rework session start	2022-09-01 16:08:16 +02:00