From 17388eccad82a2cb33ac71a59cd59ff8644837ed Mon Sep 17 00:00:00 2001 From: tonnesen Date: Thu, 11 Jul 2002 05:46:58 +0000 Subject: [PATCH] Updates to authentications cripts. userpage.pl is the page for authenticated users in the OPAC to set preferences, get personal information, etc. --- C4/Auth.pm | 11 ++++------- userpage.pl | 44 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+), 7 deletions(-) create mode 100755 userpage.pl diff --git a/C4/Auth.pm b/C4/Auth.pm index 2b89796bb1..d109cb6578 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -32,16 +32,14 @@ sub checkauth { } my $sessionID=$query->cookie('sessionID'); my $message=''; - warn "SID: ".$sessionID; my $dbh=C4Connect(); my $sth=$dbh->prepare("select userid,ip,lasttime from sessions where sessionid=?"); $sth->execute($sessionID); if ($sth->rows) { my ($userid, $ip, $lasttime) = $sth->fetchrow; - if ($lasttimeprepare("delete from sessions where sessionID=?"); $sti->execute($sessionID); @@ -56,14 +54,12 @@ sub checkauth { } elsif ($ip ne $ENV{'REMOTE_ADDR'}) { # Different ip than originally logged in from my $newip=$ENV{'REMOTE_ADDR'}; - warn "$sessionID came from a new ip address (authenticated from $ip, this request from $newip)."; $message="ERROR ERROR ERROR ERROR
Attempt to re-use a cookie from a different ip address.
(authenticated from $ip, this request from $newip)"; } else { my $cookie=$query->cookie(-name => 'sessionID', -value => $sessionID, -expires => '+1y'); - warn "$sessionID had a valid cookie."; my $sti=$dbh->prepare("update sessions set lasttime=? where sessionID=?"); $sti->execute(time(), $sessionID); return ($userid, $cookie, $sessionID); @@ -72,7 +68,6 @@ sub checkauth { - warn "$sessionID wasn't in sessions table."; if ($authnotrequired) { my $cookie=$query->cookie(-name => 'sessionID', -value => '', @@ -83,7 +78,9 @@ sub checkauth { my $userid=$query->param('userid'); my $password=$query->param('password'); if (checkpw($dbh, $userid, $password)) { - my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)"); + my $sti=$dbh->prepare("delete from sessions where sessionID=? and userid=?"); + $sti->execute($sessionID, $userid); + $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)"); $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time()); $sti=$dbh->prepare("select value from sessionqueries where sessionID=? and userid=?"); $sti->execute($sessionID, $userid); diff --git a/userpage.pl b/userpage.pl new file mode 100755 index 0000000000..e270fe3fa0 --- /dev/null +++ b/userpage.pl @@ -0,0 +1,44 @@ +#!/usr/bin/perl +use HTML::Template; +use strict; +require Exporter; +use C4::Database; +use C4::Output; # contains picktemplate +use CGI; +use C4::Search; +use C4::Auth; + +my $query=new CGI; +my ($loggedinuser, $cookie, $sessionID) = checkauth($query); + + + +my %configfile; +open (KC, "/etc/koha.conf"); +while () { + chomp; + (next) if (/^\s*#/); + if (/(.*)\s*=\s*(.*)/) { + my $variable=$1; + my $value=$2; + # Clean up white space at beginning and end + $variable=~s/^\s*//g; + $variable=~s/\s*$//g; + $value=~s/^\s*//g; + $value=~s/\s*$//g; + $configfile{$variable}=$value; + } +} + + + +my $includes=$configfile{'includes'}; +($includes) || ($includes="/usr/local/www/hdl/htdocs/includes"); +my $templatebase="user/userpage.tmpl"; +my $theme=picktemplate($includes, $templatebase); + +my $template = HTML::Template->new(filename => "$includes/templates/$theme/$templatebase", die_on_bad_params => 0, path => [$includes]); + +$template->param(loggedinuser => $loggedinuser); + +print "Content-Type: text/html\n\n", $template->output; -- 2.39.5