Fix: wrong user fetch when same login in different entity

Dolibarr · Mar 17, 2017 · 9e944e4 · 9e944e4
1 parent 53abc32
commit 9e944e4
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
@@ -576,9 +576,10 @@ function analyseVarsForSqlAndScriptsInjection(&$var, $type)
     {
         // We are already into an authenticated session
         $login=$_SESSION["dol_login"];
-        dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login, LOG_DEBUG);
+        $entity=$_SESSION["dol_entity"];
+        dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login." _SESSION['dol_entity']=".$entity, LOG_DEBUG);
 
-        $resultFetchUser=$user->fetch('',$login);
+        $resultFetchUser=$user->fetch('',$login,'',1,($entity > 0 ? $entity : -1));
         if ($resultFetchUser <= 0)
         {
             // Account has been removed after login