[Koha-cvs] CVS: koha/C4 Auth.pm,1.7,1.8

Steve Tonnesen tonnesen at users.sourceforge.net
Tue Jul 9 07:37:55 CEST 2002 

Update of /cvsroot/koha/koha/C4
In directory usw-pr-cvs1:/tmp/cvs-serv20328

Modified Files:
	Auth.pm 
Log Message:
Auth.pm now caches form submissions and resubmits them if a user logs back in
after being logged out for inactivity.  Also switched from crypt passwords to
md5 passwords stored in borrowers table.  Used Digest::MD5 module.  I ain't
gonna reinvent _that_ wheel.  :)


Index: Auth.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Auth.pm,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -r1.7 -r1.8
*** Auth.pm	5 Jul 2002 20:33:23 -0000	1.7
--- Auth.pm	9 Jul 2002 05:37:53 -0000	1.8
***************
*** 2,5 ****
--- 2,8 ----
  
  use strict;
+ use Digest::MD5 qw(md5_base64);
+ 
+ 
  require Exporter;
  use C4::Database;
***************
*** 37,41 ****
      if ($sth->rows) {
  	my ($userid, $ip, $lasttime) = $sth->fetchrow;
! 	if ($lasttime<time()-40 && $userid ne 'tonnesen') {
  	    # timed logout
  	    warn "$sessionID logged out due to inactivity.";
--- 40,44 ----
      if ($sth->rows) {
  	my ($userid, $ip, $lasttime) = $sth->fetchrow;
! 	if ($lasttime<time()-15 && $userid ne 'tonnesen') {
  	    # timed logout
  	    warn "$sessionID logged out due to inactivity.";
***************
*** 43,46 ****
--- 46,53 ----
  	    my $sti=$dbh->prepare("delete from sessions where sessionID=?");
  	    $sti->execute($sessionID);
+ 	    my $scriptname=$ENV{'SCRIPT_NAME'};
+ 	    my $selfurl=$query->self_url();
+ 	    $sti=$dbh->prepare("insert into sessionqueries (sessionID, userid, value) values (?, ?, ?)");
+ 	    $sti->execute($sessionID, $userid, $selfurl);
  	    open L, ">>/tmp/sessionlog";
  	    my $time=localtime(time());
***************
*** 79,82 ****
--- 86,98 ----
  	    my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
  	    $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
+ 	    $sti=$dbh->prepare("select value from sessionqueries where sessionID=? and userid=?");
+ 	    $sti->execute($sessionID, $userid);
+ 	    if ($sti->rows) {
+ 		my $stj=$dbh->prepare("delete from sessionqueries where sessionID=?");
+ 		$stj->execute($sessionID);
+ 		my ($selfurl) = $sti->fetchrow;
+ 		print $query->redirect($selfurl);
+ 		exit;
+ 	    }
  	    open L, ">>/tmp/sessionlog";
  	    my $time=localtime(time());
***************
*** 154,159 ****
      $sth->execute($userid);
      if ($sth->rows) {
! 	my ($cryptpassword) = $sth->fetchrow;
! 	if (crypt($password, $cryptpassword) eq $cryptpassword) {
  	    return 1;
  	}
--- 170,175 ----
      $sth->execute($userid);
      if ($sth->rows) {
! 	my ($md5password) = $sth->fetchrow;
! 	if (md5_base64($password) eq $md5password) {
  	    return 1;
  	}
***************
*** 162,167 ****
      $sth->execute($userid);
      if ($sth->rows) {
! 	my ($cryptpassword) = $sth->fetchrow;
! 	if (crypt($password, $cryptpassword) eq $cryptpassword) {
  	    return 1;
  	}
--- 178,183 ----
      $sth->execute($userid);
      if ($sth->rows) {
! 	my ($md5password) = $sth->fetchrow;
! 	if (md5_base64($password) eq $md5password) {
  	    return 1;
  	}

More information about the Koha-cvs mailing list