Supression du code user et gestion changement mot de passe adherent

2025-02-20 13:46:52 +01:00 · 2007-02-27 20:40:19 +00:00 · 2007-02-27 20:40:19 +00:00 · 1da80f653a
commit 1da80f653a
parent e4a9a1fdfc
8 changed files with 307 additions and 155 deletions
--- a/htdocs/adherents/adherent.class.php
+++ b/htdocs/adherents/adherent.class.php
@ -348,7 +348,7 @@ class Adherent
 		$sql.= " '".addslashes($this->login)."'";
 		$sql.= ")";

-		dolibarr_syslog("Adherent.class::create sql=".$sql);
+		dolibarr_syslog("Adherent::create sql=".$sql);
 		$result = $this->db->query($sql);
 		if ($result)
 		{
@ -373,11 +373,10 @@ class Adherent
 	            $result=$interface->run_triggers('MEMBER_CREATE',$this,$user,$langs,$conf);
                if ($result < 0) $this->errors=$interface->errors;
 	            // Fin appel triggers
-	
 				if (sizeof($this->errors))
 				{
 					$this->db->rollback();
-					return -1;
+					return -3;
 				}
 				else
 				{
@ -389,7 +388,7 @@ class Adherent
 			{
 				$this->error='Failed to get last insert id';
 				$this->db->rollback();
-				return -1;
+				return -2;
 			}				
 		}
 		else
@ -411,7 +410,7 @@ class Adherent
 	{
 		global $conf,$langs;

-		dolibarr_syslog("Adherent.class::update user=".$user->id." notrigger=".$notrigger);
+		dolibarr_syslog("Adherent::update user=".$user->id." notrigger=".$notrigger);

 		// Verification parametres
 		if ($conf->global->ADHERENT_MAIL_REQUIRED && ! ValidEMail($this->email))
@ -469,17 +468,18 @@ class Adherent
 				$attr=substr($key,8);
 				$sql.=",$attr";
 			}
-			$sql .= ") VALUES ($this->id";
+			$sql .= ") VALUES (".$this->id;
 			foreach($this->array_options as $key => $value)
 			{
 				$sql.=",'".$this->array_options[$key]."'";
 			}
-			$sql.=");";
+			$sql.=")";

 			$result = $this->db->query($sql);
 			if (! $result)
 			{
 				$this->error=$this->db->error();
+				dolibarr_syslog("Adherent::update ".$this->error);
 				$this->db->rollback();
 				return -2;
 			}
@ -516,17 +516,17 @@ class Adherent
 		// Suppression options
 		$sql = "DELETE FROM ".MAIN_DB_PREFIX."adherent_options WHERE adhid = ".$rowid;
 		
-		dolibarr_syslog("Adherent.class::delete sql=".$sql);
+		dolibarr_syslog("Adherent::delete sql=".$sql);
 		$resql=$this->db->query($sql);
 		if ($resql)
 		{
 			$sql = "DELETE FROM ".MAIN_DB_PREFIX."cotisation WHERE fk_adherent = ".$rowid;
-			dolibarr_syslog("Adherent.class::delete sql=".$sql);
+			dolibarr_syslog("Adherent::delete sql=".$sql);
 			$resql=$this->db->query( $sql);
 			if ($resql)
 			{
 				$sql = "DELETE FROM ".MAIN_DB_PREFIX."adherent WHERE rowid = ".$rowid;
-				dolibarr_syslog("Adherent.class::delete sql=".$sql);
+				dolibarr_syslog("Adherent::delete sql=".$sql);
 				$resql=$this->db->query($sql);
 				if ($resql)
 				{
@ -576,6 +576,73 @@ class Adherent
 	
 	}

+	
+		/**
+	 *    \brief     Change le mot de passe d'un utilisateur
+	 *    \param     user             Object user de l'utilisateur qui fait la modification
+	 *    \param     password         Nouveau mot de passe (à générer si non communiqué)
+	 *    \param     isencrypted      0 ou 1 si il faut crypter le mot de passe en base (0 par défaut)
+	 *    \return    string           mot de passe, < 0 si erreur
+	 */
+    function password($user, $password='', $isencrypted=0)
+    {
+        global $langs;
+
+        dolibarr_syslog("Adherent::Password user=".$user->id." password=".eregi_replace('.','*',$password)." isencrypted=".$isencrypted);
+
+        // Si nouveau mot de passe non communiqué, on génère par module
+        if (! $password)
+        {
+        	// TODO Mettre appel au module de génération de mot de passe
+        	$password=creer_pass_aleatoire_1('');
+        	//$password=creer_pass_aleatoire_2('');
+        }
+
+		// Cryptage mot de passe
+        if ($isencrypted)
+        {
+        	// Crypte avec systeme encodage par defaut du PHP
+            //$sqlpass = crypt($password, makesalt());
+            $password_indatabase = md5($password);
+        }
+        else
+        {
+            $password_indatabase = $password;
+        }
+
+		// Mise a jour
+        $sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET pass = '".addslashes($password_indatabase)."'";
+        $sql.= " WHERE rowid = ".$this->id;
+
+        $result = $this->db->query($sql);
+        if ($result)
+        {
+            if ($this->db->affected_rows())
+            {
+		        $this->pass=$password;
+		        $this->pass_indatabase=$password_indatabase;
+
+                // Appel des triggers
+                include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
+                $interface=new Interfaces($this->db);
+                $result=$interface->run_triggers('MEMBER_NEW_PASSWORD',$this,$user,$lang,$conf);
+                if ($result < 0) $this->errors=$interface->errors;
+                // Fin appel triggers
+
+                return $this->pass;
+            }
+            else {
+                return -2;
+            }
+        }
+        else
+        {
+            dolibarr_print_error($this->db);
+            return -1;
+        }
+    }
+	
+	
 	/**
 	*		\brief      Fonction qui récupére l'adhérent en donnant son login
 	*		\param	    login		login de l'adhérent
@ -624,7 +691,7 @@ class Adherent
        $sql.= " FROM ".MAIN_DB_PREFIX."adherent_type as t, ".MAIN_DB_PREFIX."adherent as d";
        $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_pays as p ON d.pays = p.rowid";
        $sql.= " WHERE d.rowid = ".$rowid." AND d.fk_adherent_type = t.rowid";
-		dolibarr_syslog("Adherent.class::fetch sql=".$sql);
+		dolibarr_syslog("Adherent::fetch sql=".$sql);
 		
        $resql=$this->db->query($sql);
        if ($resql)
@ -780,7 +847,7 @@ class Adherent
        $sql = "INSERT INTO ".MAIN_DB_PREFIX."cotisation (fk_adherent, datec, dateadh, cotisation)";
        $sql .= " VALUES (".$this->id.", now(), ".$this->db->idate($date).", ".$montant.")";

-        dolibarr_syslog("Adherent.class::cotisation sql=".$sql);
+        dolibarr_syslog("Adherent::cotisation sql=".$sql);
        $resql=$this->db->query($sql);
        if ($resql)
        {
@ -791,7 +858,7 @@ class Adherent
            $sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET datefin = ".$this->db->idate($datefin);
            $sql.= " WHERE rowid =". $this->id;
            
-            dolibarr_syslog("Adherent.class::cotisation sql=".$sql);
+            dolibarr_syslog("Adherent::cotisation sql=".$sql);
            $resql=$this->db->query($sql);
            if ($resql)
            {
@ -859,7 +926,7 @@ class Adherent
            else
            {
                $this->error=$this->db->error();
-                dolibarr_syslog("Adherent.class::cotisation error ".$this->error);
+                dolibarr_syslog("Adherent::cotisation error ".$this->error);
                $this->db->rollback();
                return -2;
            }
@ -867,7 +934,7 @@ class Adherent
        else
        {
            $this->error=$this->db->error();
-            dolibarr_syslog("Adherent.class::cotisation error ".$this->error);
+            dolibarr_syslog("Adherent::cotisation error ".$this->error);
            $this->db->rollback();
            return -1;
        }
@ -887,7 +954,7 @@ class Adherent
 		$sql.= " fk_user_valid=".$user->id;
 		$sql.= " WHERE rowid = ".$this->id;

-		dolibarr_syslog("Adherent.class::validate sql=".$sql);
+		dolibarr_syslog("Adherent::validate sql=".$sql);
 		$result = $this->db->query($sql);
 		if ($result)
 		{
--- a/htdocs/adherents/fiche.php
+++ b/htdocs/adherents/fiche.php
@ -190,6 +190,15 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"])
 	$result=$adh->update($user,0);
 	if ($result >= 0 && ! sizeof($adh->errors))
 	{
+		if (isset($_POST["password"]) && $_POST["password"] !='')
+		{
+			$ret=$edituser->password($user,$password,$conf->password_encrypted,1);
+			if ($ret < 0)
+			{
+				$message.='<div class="error">'.$edituser->error.'</div>';
+			}
+		}
+
 		Header("Location: fiche.php?rowid=".$adh->id);
 		exit;
 	}
@ -201,8 +210,7 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"])
 		}
 		else
 		{
-
-		foreach($adh->errors as $error)
+			foreach($adh->errors as $error)
 			{
 				if ($errmsg) $errmsg.='<br>';
 				$errmsg.=$error;
@ -241,7 +249,7 @@ if ($_POST["action"] == 'add')
    $phone_mobile=$_POST["phone_mobile"];
    $email=$_POST["member_email"];
    $login=$_POST["member_login"];
-    $pass=$_POST["member_pass"];
+    $pass=$_POST["password"];
    $photo=$_POST["photo"];
    $comment=$_POST["comment"];
    $morphy=$_POST["morphy"];
@ -284,7 +292,7 @@ if ($_POST["action"] == 'add')
        $errmsg .= $langs->trans("ErrorFieldRequired",$langs->trans("Login"))."<br>\n";
    }
    else {
-        $sql = "SELECT login FROM ".MAIN_DB_PREFIX."adherent WHERE login='$login';";
+        $sql = "SELECT login FROM ".MAIN_DB_PREFIX."adherent WHERE login='".$login."'";
        $result = $db->query($sql);
        if ($result) {
            $num = $db->num_rows($result);
@ -315,10 +323,18 @@ if ($_POST["action"] == 'add')

    if (! $error)
    {
-        // Email a peu pres correct et le login n'existe pas
-        if ($adh->create($user) > 0)
+		$db->begin();
+
+		// Email a peu pres correct et le login n'existe pas
+        $result=$adh->create($user);
+		if ($result > 0)
        {
-            if ($cotisation > 0)
+			if (isset($_POST['password']) && trim($_POST['password']))
+			{
+				$adh->password($user,trim($_POST['password']),$conf->password_encrypted);
+			}
+
+			if ($cotisation > 0)
            {
                $crowid=$adh->cotisation($datecotisation, $cotisation);

@ -350,11 +366,19 @@ if ($_POST["action"] == 'add')
                    }
                }
            }
+			
+			$db->commit();
+
            Header("Location: liste.php?statut=-1");
            exit;
        }
-        else {
-            dolibarr_print_error($db);
+        else
+		{
+			$db->rollback();
+
+			$message='<div class="error">'.$adh->error.'</div>';
+			
+			$action = 'create';   
        }
    }
    else {
@ -682,7 +706,19 @@ if ($action == 'create')
    print '<tr><td>'.$langs->trans("Login").'*</td><td><input type="text" name="member_login" size="40" value="'.$adh->login.'"></td></tr>';
 	
 	// Mot de passe
-    print '<tr><td>'.$langs->trans("Password").'*</td><td><input type="password" name="member_pass" size="40" value="'.$adh->pass.'"></td></tr>';
+	$generated_password='';
+	if ($conf->global->USER_PASSWORD_GENERATED)
+	{
+		$nomclass="modGeneratePass".ucfirst($conf->global->USER_PASSWORD_GENERATED);
+		$nomfichier=$nomclass.".class.php";
+		//print DOL_DOCUMENT_ROOT."/includes/modules/security/generate/".$nomclass;
+		require_once(DOL_DOCUMENT_ROOT."/includes/modules/security/generate/".$nomfichier);
+		$genhandler=new $nomclass($db,$conf,$lang,$user);
+		$generated_password=$genhandler->getNewGeneratedPassword();
+	}
+    print '<tr><td>'.$langs->trans("Password").'*</td><td>';
+	print '<input size="30" maxsize="32" type="text" name="password" value="'.$generated_password.'">';
+	print '</td></tr>';

 	// Type
    print '<tr><td>'.$langs->trans("MemberType").'*</td><td>';
--- a/htdocs/includes/triggers/interface_demo.class.php-NORUN
+++ b/htdocs/includes/triggers/interface_demo.class.php-NORUN
@ -296,6 +296,10 @@ class InterfaceDemo
        {
            dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
        }
+        elseif ($action == 'MEMBER_NEW_PASSWORD')
+        {
+            dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
+        }
        elseif ($action == 'MEMBER_RESILIATE')
        {
            dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
--- a/htdocs/includes/triggers/interface_ldap.class.php
+++ b/htdocs/includes/triggers/interface_ldap.class.php
@ -36,6 +36,8 @@ require_once (DOL_DOCUMENT_ROOT."/lib/ldap.class.php");
 class InterfaceLdap
 {
    var $db;
+    var $error;
+
    
    /**
     *   \brief      Constructeur.
@ -113,7 +115,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->add($dn,$info,$user);
+	    	    $result=$ldap->add($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
    		}
        }
        elseif ($action == 'USER_MODIFY')
@ -127,7 +131,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->update($dn,$info,$user);
+	    	    $result=$ldap->update($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
    		}
        }
        elseif ($action == 'USER_NEW_PASSWORD')
@ -149,7 +155,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->delete($dn,$info,$user);
+	    	    $result=$ldap->delete($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
    		}
        }

@ -164,7 +172,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->add($dn,$info,$user);
+	    	    $result=$ldap->add($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
    		}
 		}
        elseif ($action == 'GROUP_MODIFY')
@ -177,7 +187,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->update($dn,$info,$user);
+	    	    $result=$ldap->update($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
    		}
 		}
        elseif ($action == 'GROUP_DELETE')
@ -190,7 +202,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->delete($dn,$info,$user);
+	    	    $result=$ldap->delete($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
    		}
 		}
 		
@ -206,7 +220,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->add($dn,$info,$user);
+	    	    $result=$ldap->add($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
    		}
        }
        elseif ($action == 'CONTACT_MODIFY')
@ -220,7 +236,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->update($dn,$info,$user);
+	    	    $result=$ldap->update($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
    		}
        }
        elseif ($action == 'CONTACT_DELETE')
@ -234,7 +252,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->delete($dn,$info,$user);
+	    	    $result=$ldap->delete($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
 			}
        }

@ -250,7 +270,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->add($dn,$info,$user);
+	    	    $result=$ldap->add($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
    		}
        }
        elseif ($action == 'MEMBER_VALIDATE')
@ -278,9 +300,15 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);
 				
-	    	    return $ldap->update($dn,$info,$user);
+	    	    $result=$ldap->update($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
    		}
        }
+        elseif ($action == 'MEMBER_NEW_PASSWORD')
+        {
+            dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
+        }
        elseif ($action == 'MEMBER_RESILIATE')
        {
            dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
@ -299,7 +327,9 @@ class InterfaceLdap
 				$info=$object->_load_ldap_info();
 				$dn=$object->_load_ldap_dn($info);

-				return $ldap->delete($dn,$info,$user);
+				$result=$ldap->delete($dn,$info,$user);
+				if ($result < 0) $this->error=$langs->trans("ErrorLDAP")." ".$ldap->error;
+				return $result;
 			}
        }

--- a/htdocs/lib/functions.inc.php
+++ b/htdocs/lib/functions.inc.php
@ -1292,9 +1292,9 @@ function accessforbidden($message='',$printheader=1)
                    Toutefois, il faut essayer de ne l'appeler qu'au sein de pages php, les classes devant
                    renvoyer leur erreur par l'intermédiaire de leur propriété "error".
        \param      db      Handler de base utilisé
-        \param      msg     Message complémentaire à afficher
+        \param      error	Chaine erreur ou tableau de chaines erreur complémentaires à afficher
 */
-function dolibarr_print_error($db='',$msg='')
+function dolibarr_print_error($db='',$error='')
 {
    global $langs,$argv;
    $syslog = '';
@ -1349,18 +1349,24 @@ function dolibarr_print_error($db='',$msg='')
        $syslog.=", db_error=".$db->error();
    }

-    if ($msg)
+    if ($error)
    {
-        if ($_SERVER['DOCUMENT_ROOT'])  // Mode web
-        {
-            print "<b>".$langs->trans("Message").":</b> ".$msg."<br>\n" ;
-        }
-        else                            // Mode CLI
-        {
-            print $langs->transnoentities("Message").":\n".$msg."\n" ;
-        }
-        $syslog.=", msg=".$msg;
-    }
+		if (is_array($error)) $errors=$error;
+		else $errors=array($error);
+		
+		foreach($errors as $msg)
+		{
+	        if ($_SERVER['DOCUMENT_ROOT'])  // Mode web
+	        {
+	            print "<b>".$langs->trans("Message").":</b> ".$msg."<br>\n" ;
+	        }
+	        else                            // Mode CLI
+	        {
+	            print $langs->transnoentities("Message").":\n".$msg."\n" ;
+	        }
+	        $syslog.=", msg=".$msg;
+		}
+	}

    dolibarr_syslog("Error $syslog");
 }
--- a/htdocs/user.class.php
+++ b/htdocs/user.class.php
@ -54,7 +54,6 @@ class User
  var $nom;
  var $prenom;
  var $note;
-  var $code;
  var $email;
  var $office_tel;
  var $office_fax;
@ -115,7 +114,7 @@ class User
    
    // Recupere utilisateur
    $sql = "SELECT u.rowid, u.name, u.firstname, u.email, u.office_phone, u.office_fax, u.user_mobile,";
-    $sql.= " u.code, u.admin, u.login, u.pass, u.webcal_login, u.note,";
+    $sql.= " u.admin, u.login, u.pass, u.webcal_login, u.note,";
    $sql.= " u.fk_societe, u.fk_socpeople, u.ldap_sid,";
    $sql.= " u.statut, u.lang,";
    $sql.= " ".$this->db->pdate("u.datec")." as datec,";
@ -145,8 +144,8 @@ class User
 	    $this->prenom = $obj->firstname;
 	    
 	    $this->fullname = trim($this->prenom . ' ' . $this->nom);
-	    $this->code = $obj->code;
 	    $this->login = $obj->login;
+	    $this->code = $obj->login;	// \deprecated
 	    $this->pass_indatabase = $obj->pass;
 	    if (! $conf->password_encrypted) $this->pass = $obj->pass;
 	    $this->office_phone = $obj->office_phone;
@ -836,7 +835,6 @@ class User
        $this->email=trim($this->email);
        $this->note=trim($this->note);
        $this->admin=$this->admin?$this->admin:0;
-        $this->code = $this->login;

        dolibarr_syslog("User::update notrigger=".$notrigger." nom=".$this->nom.", prenom=".$this->prenom);
        $error=0;
@ -870,7 +868,6 @@ class User
        $sql .= ", user_mobile = '$this->user_mobile'";
        $sql .= ", email = '".addslashes($this->email)."'";
        $sql .= ", webcal_login = '$this->webcal_login'";
-        $sql .= ", code = '$this->code'";
        $sql .= ", note = '".addslashes($this->note)."'";
        $sql .= " WHERE rowid = ".$this->id;

@ -982,7 +979,7 @@ class User
                include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
                $interface=new Interfaces($this->db);
                $result=$interface->run_triggers('USER_NEW_PASSWORD',$this,$user,$lang,$conf);
-                if ($result < 0) $error++;
+                if ($result < 0) $this->errors=$interface->errors;
                // Fin appel triggers

                return $this->pass;
@ -1391,7 +1388,6 @@ class User
 		$this->prenom='SPECIMEN';
 		$this->fullname=trim($this->prenom.' '.$this->nom);
 		$this->note='This is a note';
-		$this->code='DOSP';
 		$this->email='email@specimen.com';
 		$this->office_tel='0999999999';
 		$this->office_fax='0999999998';
--- a/htdocs/user/fiche.php
+++ b/htdocs/user/fiche.php
@ -131,45 +131,45 @@ if ($_POST["action"] == 'add' && $canadduser)

 	if (! $message)
 	{
-	  $edituser = new User($db);
+		$edituser = new User($db);

-	  $edituser->nom           = trim($_POST["nom"]);
-	  $edituser->prenom        = trim($_POST["prenom"]);
-	  $edituser->login         = trim($_POST["login"]);
-	  $edituser->admin         = trim($_POST["admin"]);
-	  $edituser->office_phone  = trim($_POST["office_phone"]);
-	  $edituser->office_fax    = trim($_POST["office_fax"]);
-	  $edituser->user_mobile   = trim($_POST["user_mobile"]);
-	  $edituser->email         = trim($_POST["email"]);
-	  $edituser->webcal_login  = trim($_POST["webcal_login"]);
-	  $edituser->note          = trim($_POST["note"]);
-	  $edituser->ldap_sid      = trim($_POST["ldap_sid"]);
-	  
-	  $db->begin();
-	  
-	  $id = $edituser->create($user);
-	  
-	  if ($id > 0)
-	    {
-	      if (isset($_POST['password']) && trim($_POST['password']))
+		$edituser->nom           = trim($_POST["nom"]);
+		$edituser->prenom        = trim($_POST["prenom"]);
+		$edituser->login         = trim($_POST["login"]);
+		$edituser->admin         = trim($_POST["admin"]);
+		$edituser->office_phone  = trim($_POST["office_phone"]);
+		$edituser->office_fax    = trim($_POST["office_fax"]);
+		$edituser->user_mobile   = trim($_POST["user_mobile"]);
+		$edituser->email         = trim($_POST["email"]);
+		$edituser->webcal_login  = trim($_POST["webcal_login"]);
+		$edituser->note          = trim($_POST["note"]);
+		$edituser->ldap_sid      = trim($_POST["ldap_sid"]);
+		
+		$db->begin();
+		
+		$id = $edituser->create($user);
+		
+		if ($id > 0)
 		{
-		  $edituser->password($user,trim($_POST['password']),$conf->password_encrypted);
+			if (isset($_POST['password']) && trim($_POST['password']))
+			{
+				$edituser->password($user,trim($_POST['password']),$conf->password_encrypted);
+			}
+			
+			$db->commit();
+			
+			Header("Location: fiche.php?id=$id");
+			exit;
+		}
+		else
+		{
+			$db->rollback();
+			
+			//$message='<div class="error">'.$langs->trans("ErrorLoginAlreadyExists",$edituser->login).'</div>';
+			$message='<div class="error">'.$edituser->error.'</div>';
+			
+			$action="create";       // Go back to create page
 		}
-	      
-	      $db->commit();
-	      
-	      Header("Location: fiche.php?id=$id");
-	      exit;
-	    }
-	  else
-	    {
-	      $db->rollback();
-	      
-	      //$message='<div class="error">'.$langs->trans("ErrorLoginAlreadyExists",$edituser->login).'</div>';
-	      $message='<div class="error">'.$edituser->error.'</div>';
-	      
-	      $action="create";       // Go back to create page
-	    }

 	}
 }
@ -203,72 +203,85 @@ if ($_POST["action"] == 'update' && ! $_POST["cancel"] && $caneditfield)
 {
 	$message="";

-	$db->begin();
-
-	$edituser = new User($db, $_GET["id"]);
-	$edituser->fetch();
-
-	//$edituser->oldpass_indatabase = $edituser->pass_indatabase;
-
-	$edituser->nom           = trim($_POST["nom"]);
-	$edituser->prenom        = trim($_POST["prenom"]);
-	$edituser->login         = trim($_POST["login"]);
-	$edituser->pass          = trim($_POST["pass"]);
-	$edituser->admin         = trim($_POST["admin"]);
-	$edituser->office_phone  = trim($_POST["office_phone"]);
-	$edituser->office_fax    = trim($_POST["office_fax"]);
-	$edituser->user_mobile   = trim($_POST["user_mobile"]);
-	$edituser->email         = trim($_POST["email"]);
-	$edituser->note          = trim($_POST["note"]);
-	$edituser->webcal_login  = trim($_POST["webcal_login"]);
-
-	$ret=$edituser->update();
-	if ($ret < 0)
+	if (! $_POST["nom"])
 	{
-		if ($db->errno() == 'DB_ERROR_RECORD_ALREADY_EXISTS')
-		{
-			$message.='<div class="error">'.$langs->trans("ErrorLoginAlreadyExists",$edituser->login).'</div>';
-		}
-		else
-		{
-			$message.='<div class="error">'.$edituser->error.'</div>';
-		}
+		$message='<div class="error">'.$langs->trans("NameNotDefined").'</div>';
+		$action="edit";       // Go back to create page
 	}
-	if ($ret >= 0 && isset($_POST["password"]) && $_POST["password"] !='' )
+	if (! $_POST["login"])
 	{
-		$ret=$edituser->password($user,$password,$conf->password_encrypted,1);
+		$message='<div class="error">'.$langs->trans("LoginNotDefined").'</div>';
+		$action="edit";       // Go back to create page
+	}
+
+	if (! $message)
+	{
+		$db->begin();
+
+		$edituser = new User($db, $_GET["id"]);
+		$edituser->fetch();
+
+		//$edituser->oldpass_indatabase = $edituser->pass_indatabase;
+
+		$edituser->nom           = trim($_POST["nom"]);
+		$edituser->prenom        = trim($_POST["prenom"]);
+		$edituser->login         = trim($_POST["login"]);
+		$edituser->pass          = trim($_POST["pass"]);
+		$edituser->admin         = trim($_POST["admin"]);
+		$edituser->office_phone  = trim($_POST["office_phone"]);
+		$edituser->office_fax    = trim($_POST["office_fax"]);
+		$edituser->user_mobile   = trim($_POST["user_mobile"]);
+		$edituser->email         = trim($_POST["email"]);
+		$edituser->note          = trim($_POST["note"]);
+		$edituser->webcal_login  = trim($_POST["webcal_login"]);
+
+		$ret=$edituser->update();
 		if ($ret < 0)
 		{
-			$message.='<div class="error">'.$edituser->error.'</div>';
-		}
-	}
-
-	if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name']))
-	{
-		// Si une photo est fournie avec le formulaire
-		if (! is_dir($conf->users->dir_output))
-		{
-			create_exdir($conf->users->dir_output);
-		}
-		if (is_dir($conf->users->dir_output))
-		{
-			$newfile=$conf->users->dir_output . "/" . $edituser->id . ".jpg";
-			if (! doliMoveFileUpload($_FILES['photo']['tmp_name'],$newfile))
+			if ($db->errno() == 'DB_ERROR_RECORD_ALREADY_EXISTS')
 			{
-				$message .= '<div class="error">'.$langs->trans("ErrorFailedToSaveFile").'</div>';
+				$message.='<div class="error">'.$langs->trans("ErrorLoginAlreadyExists",$edituser->login).'</div>';
+			}
+			else
+			{
+				$message.='<div class="error">'.$edituser->error.'</div>';
+			}
+		}
+		if ($ret >= 0 && isset($_POST["password"]) && $_POST["password"] !='')
+		{
+			$ret=$edituser->password($user,$_POST["password"],$conf->password_encrypted,1);
+			if ($ret < 0)
+			{
+				$message.='<div class="error">'.$edituser->error.'</div>';
 			}
 		}
-	}

-	if ($ret >= 0)
-	{
-		$message.='<div class="ok">'.$langs->trans("UserModified").'</div>';
-		$db->commit();
-	} else
-	{
-		$db->rollback();
-	}
+		if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name']))
+		{
+			// Si une photo est fournie avec le formulaire
+			if (! is_dir($conf->users->dir_output))
+			{
+				create_exdir($conf->users->dir_output);
+			}
+			if (is_dir($conf->users->dir_output))
+			{
+				$newfile=$conf->users->dir_output . "/" . $edituser->id . ".jpg";
+				if (! doliMoveFileUpload($_FILES['photo']['tmp_name'],$newfile))
+				{
+					$message .= '<div class="error">'.$langs->trans("ErrorFailedToSaveFile").'</div>';
+				}
+			}
+		}

+		if ($ret >= 0)
+		{
+			$message.='<div class="ok">'.$langs->trans("UserModified").'</div>';
+			$db->commit();
+		} else
+		{
+			$db->rollback();
+		}
+	}
 }

 // Action modif mot de passe
@ -450,7 +463,7 @@ if (($action == 'create') || ($action == 'adduserldap'))
 	print '<table class="border" width="100%">';
 	
 	// Nom
-	print "<tr>".'<td valign="top">'.$langs->trans("Lastname").'</td>';
+	print "<tr>".'<td valign="top">'.$langs->trans("Lastname").'*</td>';
 	print '<td>';
 	if ($ldap_nom)
 	{
@ -478,7 +491,7 @@ if (($action == 'create') || ($action == 'adduserldap'))
 	print '</td></tr>';
 	
 	// Login
-	print '<tr><td valign="top">'.$langs->trans("Login").'</td>';
+	print '<tr><td valign="top">'.$langs->trans("Login").'*</td>';
 	print '<td>';
 	if ($ldap_login)
 	{
@ -1100,7 +1113,7 @@ else
            print '</td></tr>';

            // Nom
-            print "<tr>".'<td valign="top">'.$langs->trans("Name").'</td>';
+            print "<tr>".'<td valign="top">'.$langs->trans("Name").'*</td>';
            print '<td>';
            if ($caneditfield) print '<input size="30" type="text" class="flat" name="nom" value="'.$fuser->nom.'">';
            else print $fuser->nom;
@ -1114,7 +1127,7 @@ else
            print '</td></tr>';

            // Login
-            print "<tr>".'<td valign="top">'.$langs->trans("Login").'</td>';
+            print "<tr>".'<td valign="top">'.$langs->trans("Login").'*</td>';
            print '<td>';
            if ($user->admin) print '<input size="12" maxlength="24" type="text" class="flat" name="login" value="'.$fuser->login.'">';
            else print $fuser->login.'<input type="hidden" name="login" value="'.$fuser->login.'">';
--- a/htdocs/user/home.php
+++ b/htdocs/user/home.php
@ -105,7 +105,7 @@ if ($resql)
        print "<td><a href=\"".DOL_URL_ROOT."/user/fiche.php?id=$obj->rowid\">".img_object($langs->trans("ShowUser"),"user")." ".$obj->firstname." ".$obj->name."</a>";
        if ($obj->admin) print img_picto($langs->trans("Administrator"),'star');
        print "</td>";
-        print "<td align=\"left\">".$obj->login.' ('.$obj->code.')</td>';
+        print "<td align=\"left\">".$obj->login.'</td>';
        print "<td>";
        if ($obj->fk_societe)
        {