From 8494eff8bc0d85d2d8f939e3225b933998bf824a Mon Sep 17 00:00:00 2001 From: Chris Cormack Date: Fri, 10 Aug 2007 10:48:29 -0500 Subject: [PATCH] Removing warn in Auth.pm Changing InstallAuth.pm to use CGI::Session Signed-off-by: Joshua Ferraro --- C4/Auth.pm | 1 - installer/InstallAuth.pm | 54 ++++++++++++++++++++-------------------- 2 files changed, 27 insertions(+), 28 deletions(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index 06401fe976..9a349b5c13 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -120,7 +120,6 @@ C4::Auth - Authenticates Koha users sub get_template_and_user { my $in = shift; - warn "GET Template"; my $template = gettemplate( $in->{'template_name'}, $in->{'type'}, $in->{'query'} ); my ( $user, $cookie, $sessionID, $flags ) = checkauth( diff --git a/installer/InstallAuth.pm b/installer/InstallAuth.pm index 63fcfd82b7..3cf1f3a2a0 100644 --- a/installer/InstallAuth.pm +++ b/installer/InstallAuth.pm @@ -221,7 +221,7 @@ has authenticated. sub checkauth { my $query = shift; - +warn "here i am"; # $authnotrequired will be set for scripts which will run without authentication my $authnotrequired = shift; my $flagsrequired = shift; @@ -237,21 +237,18 @@ sub checkauth { my %info; my ( $userid, $cookie, $sessionID, $flags, $envcookie ); my $logout = $query->param('logout.x'); - if ( $sessionID = $query->cookie('sessionID') ) { + if ( $sessionID = $query->cookie("CGISESSID") ) { C4::Context->_new_userenv($sessionID); - if ( my %hash = $query->cookie('userenv') ) { - C4::Context::set_userenv( - $hash{number}, $hash{id}, - $hash{cardnumber}, $hash{firstname}, - $hash{surname}, $hash{branch}, - $hash{branchname}, $hash{flags}, - $hash{emailaddress}, $hash{branchprinter} - ); - $cookie = $query->cookie( - -name => 'sessionID', - -value => $sessionID, - -expires => '' - ); + my $session = new CGI::Session("driver:MySQL", $sessionID, {Handle=>$dbh}); + if ( my $session ) { + C4::Context::set_userenv( + $session->param('number'), $session->param('id'), + $session->param('cardnumber'), $session->param('firstname'), + $session->param('surname'), $session->param('branch'), + $session->param('branchname'), $session->param('flags'), + $session->param('emailaddress'), $session->param('branchprinter') + ); + $cookie = $query->cookie(CGISESSID => $session->id); $loggedin=1; $userid = $hash{cardnumber}; } @@ -271,7 +268,8 @@ sub checkauth { } } unless ($userid) { - $sessionID = int( rand() * 100000 ) . '-' . time(); + my $session = new CGI::Session("driver:MySQL", undef, {Handle=>$dbh}); + $sessionID = $session->id; $userid = $query->param('userid'); C4::Context->_new_userenv($sessionID); my $password = $query->param('password'); @@ -284,11 +282,7 @@ sub checkauth { printf L "%20s from %16s logged in at %30s.\n", $userid, $ENV{'REMOTE_ADDR'}, $time; close L; - $cookie = $query->cookie( - -name => 'sessionID', - -value => $sessionID, - -expires => '' - ); + $cookie = $query->cookie(CGISESSID => $sessionID); if ( $return == 2 ) { #Only superlibrarian should have access to this page. #Since if it is a user, it is supposed that there is a borrower table @@ -303,11 +297,17 @@ sub checkauth { "NO_LIBRARY_SET", 1,"" ); - $envcookie = $query->cookie( - -name => 'userenv', - -value => $hash, - -expires => '' - ); + $session->param('number',0); + $session->param('id',C4::Context->config('user')); + $session->param('cardnumber',C4::Context->config('user')); + $session->param('firstname',C4::Context->config('user')); + $session->param('surname',C4::Context->config('user'),); + $session->param('branch','NO_LIBRARY_SET'); + $session->param('branchname','NO_LIBRARY_SET'); + $session->param('flags',1); + $session->param('emailaddress', C4::Context->preference('KohaAdminEmailAddress')); + $session->param('ip',$session->remote_addr()); + $session->param('lasttime',time()); $userid=C4::Context->config('user'); } } @@ -326,7 +326,7 @@ sub checkauth { # successful login unless ($cookie) { $cookie = $query->cookie( - -name => 'sessionID', + -name => 'CGISESSID', -value => '', -expires => '' ); -- 2.39.5