[Koha-cvs] CVS: koha/C4 Auth.pm,1.8,1.9

[Steve Tonnesen]

Update of /cvsroot/koha/koha/C4
In directory usw-pr-cvs1:/tmp/cvs-serv19034/C4

Modified Files:
	Auth.pm 
Log Message:
Updates to authentications cripts.  userpage.pl is the page for authenticated
users in the OPAC to set preferences, get personal information, etc.


Index: Auth.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Auth.pm,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -r1.8 -r1.9
*** Auth.pm	9 Jul 2002 05:37:53 -0000	1.8
--- Auth.pm	11 Jul 2002 05:46:58 -0000	1.9
***************
*** 33,37 ****
      my $sessionID=$query->cookie('sessionID');
      my $message='';
-     warn "SID: ".$sessionID;
  
      my $dbh=C4Connect();
--- 33,36 ----
***************
*** 40,46 ****
      if ($sth->rows) {
  	my ($userid, $ip, $lasttime) = $sth->fetchrow;
! 	if ($lasttime<time()-15 && $userid ne 'tonnesen') {
  	    # timed logout
- 	    warn "$sessionID logged out due to inactivity.";
  	    $message="You have been logged out due to inactivity.";
  	    my $sti=$dbh->prepare("delete from sessions where sessionID=?");
--- 39,44 ----
      if ($sth->rows) {
  	my ($userid, $ip, $lasttime) = $sth->fetchrow;
! 	if ($lasttime<time()-45 && $userid ne 'tonnesen') {
  	    # timed logout
  	    $message="You have been logged out due to inactivity.";
  	    my $sti=$dbh->prepare("delete from sessions where sessionID=?");
***************
*** 57,61 ****
  	    # Different ip than originally logged in from
  	    my $newip=$ENV{'REMOTE_ADDR'};
- 	    warn "$sessionID came from a new ip address (authenticated from $ip, this request from $newip).";
  
  	    $message="ERROR ERROR ERROR ERROR<br>Attempt to re-use a cookie from a different ip address.<br>(authenticated from $ip, this request from $newip)";
--- 55,58 ----
***************
*** 64,68 ****
  				      -value => $sessionID,
  				      -expires => '+1y');
- 	    warn "$sessionID had a valid cookie.";
  	    my $sti=$dbh->prepare("update sessions set lasttime=? where sessionID=?");
  	    $sti->execute(time(), $sessionID);
--- 61,64 ----
***************
*** 73,77 ****
  
  
-     warn "$sessionID wasn't in sessions table.";
      if ($authnotrequired) {
  	my $cookie=$query->cookie(-name => 'sessionID',
--- 69,72 ----
***************
*** 84,88 ****
  	my $password=$query->param('password');
  	if (checkpw($dbh, $userid, $password)) {
! 	    my $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
  	    $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
  	    $sti=$dbh->prepare("select value from sessionqueries where sessionID=? and userid=?");
--- 79,85 ----
  	my $password=$query->param('password');
  	if (checkpw($dbh, $userid, $password)) {
! 	    my $sti=$dbh->prepare("delete from sessions where sessionID=? and userid=?");
! 	    $sti->execute($sessionID, $userid);
! 	    $sti=$dbh->prepare("insert into sessions (sessionID, userid, ip,lasttime) values (?, ?, ?, ?)");
  	    $sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
  	    $sti=$dbh->prepare("select value from sessionqueries where sessionID=? and userid=?");