7 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
9 # set the version for version checking
21 my $sessionID=$query->cookie('sessionID');
23 warn "SID: ".$sessionID;
26 my $sth=$dbh->prepare("select userid,ip,lasttime from sessions where sessionid=?");
27 $sth->execute($sessionID);
29 my ($userid, $ip, $lasttime) = $sth->fetchrow;
30 if ($lasttime<time()-20) {
32 warn "$sessionID logged out due to inactivity.";
33 $message="You have been logged out due to inactivity.";
34 my $sti=$dbh->prepare("delete from sessions where sessionID=?");
35 $sti->execute($sessionID);
36 open L, ">>/tmp/sessionlog";
37 print L "$userid from $ip logged out at ".localtime(time())." (inactivity).\n";
39 } elsif ($ip ne $ENV{'REMOTE_ADDR'}) {
40 # Different ip than originally logged in from
41 warn "$sessionID came from a new ip address.";
42 $message="ERROR ERROR ERROR ERROR<br>Attempt to re-use a cookie from a different ip address.";
44 my $cookie=$query->cookie(-name => 'sessionID',
47 warn "$sessionID had a valid cookie.";
48 my $sti=$dbh->prepare("update sessions set lasttime=? where sessionID=?");
49 $sti->execute(time(), $sessionID);
50 return ($userid, $cookie, $sessionID);
56 warn "$sessionID wasn't in sessions table.";
58 ($sessionID) || ($sessionID=int(rand()*100000).'-'.time());
59 my $userid=$query->param('userid');
60 my $password=$query->param('password');
61 if ($userid eq 'librarian' && $password eq 'koha') {
62 my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
63 $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
64 open L, ">>/tmp/sessionlog";
65 print L "$userid from ".$ENV{'REMOTE_ADDR'}." logged in at ".localtime(time()).".\n";
67 return ($userid, $sessionID, $sessionID);
68 } elsif ($userid eq 'patron' && $password eq 'koha') {
69 my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
70 $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
71 open L, ">>/tmp/sessionlog";
72 print L "$userid from ".$ENV{'REMOTE_ADDR'}." at ".localtime(time()).".\n";
74 return ($userid, $sessionID, $sessionID);
77 $message="Invalid userid or password entered.";
80 foreach (param $query) {
81 $parameters->{$_}=$query->{$_};
83 my $cookie=$query->cookie(-name => 'sessionID',
86 print $query->header(-cookie=>$cookie);
89 <body background=/images/kohaback.jpg>
94 <tr><th colspan=2><font size=+2>Koha Login</font></th></tr>
95 <tr><td>Name:</td><td><input name=userid></td></tr>
96 <tr><td>Password:</td><td><input type=password name=password></td></tr>
97 <tr><td colspan=2 align=center><input type=submit value=login></td></tr>
108 END { } # module clean-up code here (global destructor)