7 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
9 # set the version for version checking
21 # $authnotrequired will be set for scripts which will run without authentication
22 my $authnotrequired=shift;
23 if (my $userid=$ENV{'REMOTE_USERNAME'}) {
24 # Using Basic Authentication, no cookies required
25 my $cookie=$query->cookie(-name => 'sessionID',
28 return ($userid, $cookie, '');
30 my $sessionID=$query->cookie('sessionID');
32 warn "SID: ".$sessionID;
35 my $sth=$dbh->prepare("select userid,ip,lasttime from sessions where sessionid=?");
36 $sth->execute($sessionID);
38 my ($userid, $ip, $lasttime) = $sth->fetchrow;
39 if ($lasttime<time()-20 && $userid ne 'tonnesen') {
41 warn "$sessionID logged out due to inactivity.";
42 $message="You have been logged out due to inactivity.";
43 my $sti=$dbh->prepare("delete from sessions where sessionID=?");
44 $sti->execute($sessionID);
45 open L, ">>/tmp/sessionlog";
46 my $time=localtime(time());
47 printf L "%20s from %16s logged out at %30s (inactivity).\n", $userid, $ip, $time;
49 } elsif ($ip ne $ENV{'REMOTE_ADDR'}) {
50 # Different ip than originally logged in from
51 warn "$sessionID came from a new ip address.";
52 $message="ERROR ERROR ERROR ERROR<br>Attempt to re-use a cookie from a different ip address.";
54 my $cookie=$query->cookie(-name => 'sessionID',
57 warn "$sessionID had a valid cookie.";
58 my $sti=$dbh->prepare("update sessions set lasttime=? where sessionID=?");
59 $sti->execute(time(), $sessionID);
60 return ($userid, $cookie, $sessionID);
66 warn "$sessionID wasn't in sessions table.";
67 if ($authnotrequired) {
68 my $cookie=$query->cookie(-name => 'sessionID',
71 return('', $cookie, '');
73 ($sessionID) || ($sessionID=int(rand()*100000).'-'.time());
74 my $userid=$query->param('userid');
75 my $password=$query->param('password');
76 if (($userid eq 'librarian' || $userid eq 'tonnesen' || $userid eq 'patron') && $password eq 'koha') {
77 my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
78 $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
79 open L, ">>/tmp/sessionlog";
80 my $time=localtime(time());
81 printf L "%20s from %16s logged in at %30s.\n", $userid, $ENV{'REMOTE_ADDR'}, $time;
83 return ($userid, $sessionID, $sessionID);
86 $message="Invalid userid or password entered.";
89 foreach (param $query) {
90 $parameters->{$_}=$query->{$_};
92 my $cookie=$query->cookie(-name => 'sessionID',
95 print $query->header(-cookie=>$cookie);
98 <body background=/images/kohaback.jpg>
103 <table border=0 cellpadding=10 width=60%>
104 <tr><td align=center valign=top>
105 <table border=0 bgcolor=#dddddd cellpadding=10>
106 <tr><th colspan=2 background=/images/background-mem.gif><font size=+2>Koha Login</font></th></tr>
107 <tr><td>Name:</td><td><input name=userid></td></tr>
108 <tr><td>Password:</td><td><input type=password name=password></td></tr>
109 <tr><td colspan=2 align=center><input type=submit value=login></td></tr>
112 </td><td align=center valign=top>
114 <table border=0 bgcolor=#dddddd cellpadding=10>
115 <tr><th background=/images/background-mem.gif><font size=+2>Demo Information</font></th></tr>
117 Log in as librarian/koha or patron/koha. The timeout is set to 20 seconds of
118 inactivity for the purposes of this demo. You can navigate to the Circulation
119 or Acquisitions modules and you should see an indicator in the upper left of
120 the screen saying who you are logged in as. If you want to try it out with
121 a longer timout period, log in as tonnesen/koha and the timeout period will
138 END { } # module clean-up code here (global destructor)