[Koha-cvs] CVS: koha/C4 Auth.pm,1.9.2.10,1.9.2.11
Finlay Thompson
finlayt at users.sourceforge.net
Tue Oct 1 09:15:57 CEST 2002
Update of /cvsroot/koha/koha/C4
In directory usw-pr-cvs1:/tmp/cvs-serv22065/C4
Modified Files:
Tag: rel-1-2
Auth.pm
Log Message:
Added a getborrowernumber method here to get borrowernumber from the userid that checkauth returns. Needed in opac-user.pl
Index: Auth.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Auth.pm,v
retrieving revision 1.9.2.10
retrieving revision 1.9.2.11
diff -C2 -r1.9.2.10 -r1.9.2.11
*** Auth.pm 9 Sep 2002 18:44:39 -0000 1.9.2.10
--- Auth.pm 1 Oct 2002 07:15:55 -0000 1.9.2.11
***************
*** 35,38 ****
--- 35,39 ----
@EXPORT = qw(
&checkauth
+ &getborrowernumber
);
***************
*** 42,49 ****
my $dbh=shift;
my $userflags;
! my $sth=$dbh->prepare("select flags from borrowers where cardnumber=?");
$sth->execute($cardnumber);
my ($flags) = $sth->fetchrow;
! $sth=$dbh->prepare("select bit,flag from userflags");
$sth->execute;
while (my ($bit, $flag) = $sth->fetchrow) {
--- 43,50 ----
my $dbh=shift;
my $userflags;
! my $sth=$dbh->prepare("SELECT flags FROM borrowers WHERE cardnumber=?");
$sth->execute($cardnumber);
my ($flags) = $sth->fetchrow;
! $sth=$dbh->prepare("SELECT bit, flag FROM userflags");
$sth->execute;
while (my ($bit, $flag) = $sth->fetchrow) {
***************
*** 52,58 ****
--- 53,64 ----
}
}
+ warn "Userflags: \n";
+ foreach my $f (keys %$userflags) {
+ warn ": Flag: $f => $userflags->{$f}\n ";
+ }
return $userflags;
}
+
sub checkauth {
my $query=shift;
***************
*** 68,73 ****
}
my $sessionID=$query->cookie('sessionID');
! my $message='';
!
my $dbh=C4Connect();
my $sth=$dbh->prepare("select userid,ip,lasttime from sessions where sessionid=?");
--- 74,78 ----
}
my $sessionID=$query->cookie('sessionID');
! my $message = '';
my $dbh=C4Connect();
my $sth=$dbh->prepare("select userid,ip,lasttime from sessions where sessionid=?");
***************
*** 75,78 ****
--- 80,84 ----
if ($sth->rows) {
my ($userid, $ip, $lasttime) = $sth->fetchrow;
+ warn "userid, ip, lasttime = ".$userid.", ".$ip.", ".$lasttime."\n";
if ($lasttime<time()-7200) {
# timed logout
***************
*** 80,87 ****
my $sti=$dbh->prepare("delete from sessions where sessionID=?");
$sti->execute($sessionID);
! my $scriptname=$ENV{'SCRIPT_NAME'};
my $selfurl=$query->self_url();
! $sti=$dbh->prepare("insert into sessionqueries (sessionID, userid, value) values (?, ?, ?)");
$sti->execute($sessionID, $userid, $selfurl);
open L, ">>/tmp/sessionlog";
my $time=localtime(time());
--- 86,94 ----
my $sti=$dbh->prepare("delete from sessions where sessionID=?");
$sti->execute($sessionID);
! # my $scriptname=$ENV{'SCRIPT_NAME'};
my $selfurl=$query->self_url();
! $sti=$dbh->prepare("insert into sessionqueries (sessionID, userid, url) values (?, ?, ?)");
$sti->execute($sessionID, $userid, $selfurl);
+ $sti->finish;
open L, ">>/tmp/sessionlog";
my $time=localtime(time());
***************
*** 91,95 ****
# Different ip than originally logged in from
my $newip=$ENV{'REMOTE_ADDR'};
-
$message="ERROR ERROR ERROR ERROR<br>Attempt to re-use a cookie from a different ip address.<br>(authenticated from $ip, this request from $newip)";
} else {
--- 98,101 ----
***************
*** 130,135 ****
}
}
!
!
if ($authnotrequired) {
--- 136,140 ----
}
}
! $sth->finish;
if ($authnotrequired) {
***************
*** 138,141 ****
--- 143,147 ----
-expires => '+1y');
return('', $cookie, '');
+
} else {
($sessionID) || ($sessionID=int(rand()*100000).'-'.time());
***************
*** 195,201 ****
}
my $parameters;
! foreach (param $query) {
! $parameters->{$_}=$query->{$_};
! }
my $cookie=$query->cookie(-name => 'sessionID',
-value => $sessionID,
--- 201,207 ----
}
my $parameters;
! # foreach (param $query) {
! # $parameters->{$_}=$query->{$_};
! # }
my $cookie=$query->cookie(-name => 'sessionID',
-value => $sessionID,
***************
*** 208,227 ****
<h2>$message</h2>
! <form method=post>
! <table border=0 cellpadding=10 cellspacing=0 width=60%>
! <tr><td align=center valign=top>
!
! <table border=0 bgcolor=#dddddd cellpadding=10 cellspacing=0>
! <tr><th colspan=2 background=/images/background-mem.gif><font size=+2>Koha Login</font></th></tr>
! <tr><td>Name:</td><td><input name=userid></td></tr>
<tr><td>Password:</td><td><input type=password name=password></td></tr>
! <tr><td colspan=2 align=center><input type=submit value=login></td></tr>
</table>
<!--
! </td><td align=center valign=top>
! <table border=0 bgcolor=#dddddd cellpadding=10 cellspacing=0>
! <tr><th background=/images/background-mem.gif><font size=+2>Demo Information</font></th></tr>
<td>
Log in as librarian/koha or patron/koha. The timeout is set to 40 seconds of
--- 214,233 ----
<h2>$message</h2>
! <form method="post">
! <table border="0" cellpadding="10" cellspacing="0" width="60%">
! <tr><td align="center" valign="top">
!
! <table border="0" bgcolor="#dddddd" cellpadding="10" cellspacing="0">
! <tr><th colspan="2" background="/images/background-mem.gif"><font size="+2">Koha Login</font></th></tr>
! <tr><td>Name:</td><td><input name="userid"></td></tr>
<tr><td>Password:</td><td><input type=password name=password></td></tr>
! <tr><td colspan="2" align="center"><input type="submit" value="login"></td></tr>
</table>
<!--
! </td><td align="center" valign="top">
! <table border="0" bgcolor="#dddddd" cellpadding="10" cellspacing="0">
! <tr><th background="/images/background-mem.gif"><font size="+2">Demo Information</font></th></tr>
<td>
Log in as librarian/koha or patron/koha. The timeout is set to 40 seconds of
***************
*** 281,284 ****
--- 287,309 ----
return 0;
}
+
+ sub getborrowernumber {
+ my ($userid) = @_;
+ my $dbh=C4Connect();
+ my $sth=$dbh->prepare("select borrowernumber from borrowers where userid=?");
+ $sth->execute($userid);
+ if ($sth->rows) {
+ my ($bnumber) = $sth->fetchrow;
+ return $bnumber;
+ }
+ my $sth=$dbh->prepare("select borrowernumber from borrowers where cardnumber=?");
+ $sth->execute($userid);
+ if ($sth->rows) {
+ my ($bnumber) = $sth->fetchrow;
+ return $bnumber;
+ }
+ return 0;
+ }
+
More information about the Koha-cvs
mailing list