[Koha-cvs] CVS: koha/C4 Auth.pm,1.39,1.40 Context.pm,1.21,1.22 Suggestions.pm,1.5,1.6
Henri-Damien LAURENT
hdl at users.sourceforge.net
Tue Jul 26 09:50:29 CEST 2005
Update of /cvsroot/koha/koha/C4
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21911/C4
Modified Files:
Auth.pm Context.pm Suggestions.pm
Log Message:
Adding Branch Independancy.
Still under development.
Index: Auth.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Auth.pm,v
retrieving revision 1.39
retrieving revision 1.40
diff -C2 -r1.39 -r1.40
*** Auth.pm 20 Jun 2005 14:10:00 -0000 1.39
--- Auth.pm 26 Jul 2005 07:50:27 -0000 1.40
***************
*** 300,353 ****
undef, $sessionID);
if ($logout) {
! # voluntary logout the user
! $dbh->do("DELETE FROM sessions WHERE sessionID=?", undef, $sessionID);
! $sessionID = undef;
! $userid = undef;
! open L, ">>/tmp/sessionlog";
! my $time=localtime(time());
! printf L "%20s from %16s logged out at %30s (manually).\n", $userid, $ip, $time;
! close L;
! }
! if ($userid) {
! if ($lasttime<time()-$timeout) {
! # timed logout
! $info{'timed_out'} = 1;
! $dbh->do("DELETE FROM sessions WHERE sessionID=?", undef, $sessionID);
! $userid = undef;
! $sessionID = undef;
! open L, ">>/tmp/sessionlog";
! my $time=localtime(time());
! printf L "%20s from %16s logged out at %30s (inactivity).\n", $userid, $ip, $time;
! close L;
! } elsif ($ip ne $ENV{'REMOTE_ADDR'}) {
! # Different ip than originally logged in from
! $info{'oldip'} = $ip;
! $info{'newip'} = $ENV{'REMOTE_ADDR'};
! $info{'different_ip'} = 1;
$dbh->do("DELETE FROM sessions WHERE sessionID=?", undef, $sessionID);
$sessionID = undef;
$userid = undef;
open L, ">>/tmp/sessionlog";
my $time=localtime(time());
! printf L "%20s from logged out at %30s (ip changed from %16s to %16s).\n", $userid, $time, $ip, $info{'newip'};
close L;
! } else {
! $cookie=$query->cookie(-name => 'sessionID',
! -value => $sessionID,
! -expires => '');
! $dbh->do("UPDATE sessions SET lasttime=? WHERE sessionID=?",
! undef, (time(), $sessionID));
! $flags = haspermission($dbh, $userid, $flagsrequired);
! if ($flags) {
! $loggedin = 1;
} else {
! $info{'nopermission'} = 1;
}
}
- }
}
unless ($userid) {
$sessionID=int(rand()*100000).'-'.time();
$userid=$query->param('userid');
my $password=$query->param('password');
my ($return, $cardnumber) = checkpw($dbh,$userid,$password);
--- 300,361 ----
undef, $sessionID);
if ($logout) {
! # voluntary logout the user
$dbh->do("DELETE FROM sessions WHERE sessionID=?", undef, $sessionID);
+ C4::Context->_unset_userenv($sessionID);
+ warn "DEL USERENV0";
$sessionID = undef;
$userid = undef;
open L, ">>/tmp/sessionlog";
my $time=localtime(time());
! printf L "%20s from %16s logged out at %30s (manually).\n", $userid, $ip, $time;
close L;
! }
! if ($userid) {
! if ($lasttime<time()-$timeout) {
! # timed logout
! $info{'timed_out'} = 1;
! $dbh->do("DELETE FROM sessions WHERE sessionID=?", undef, $sessionID);
! C4::Context->_unset_userenv($sessionID);
! warn "DEL USERENV1";
! $userid = undef;
! $sessionID = undef;
! open L, ">>/tmp/sessionlog";
! my $time=localtime(time());
! printf L "%20s from %16s logged out at %30s (inactivity).\n", $userid, $ip, $time;
! close L;
! } elsif ($ip ne $ENV{'REMOTE_ADDR'}) {
! # Different ip than originally logged in from
! $info{'oldip'} = $ip;
! $info{'newip'} = $ENV{'REMOTE_ADDR'};
! $info{'different_ip'} = 1;
! $dbh->do("DELETE FROM sessions WHERE sessionID=?", undef, $sessionID);
! C4::Context->_unset_userenv($sessionID);
! warn "DEL USERENV2";
! $sessionID = undef;
! $userid = undef;
! open L, ">>/tmp/sessionlog";
! my $time=localtime(time());
! printf L "%20s from logged out at %30s (ip changed from %16s to %16s).\n", $userid, $time, $ip, $info{'newip'};
! close L;
} else {
! $cookie=$query->cookie(-name => 'sessionID',
! -value => $sessionID,
! -expires => '');
! $dbh->do("UPDATE sessions SET lasttime=? WHERE sessionID=?",
! undef, (time(), $sessionID));
! $flags = haspermission($dbh, $userid, $flagsrequired);
! if ($flags) {
! $loggedin = 1;
! } else {
! $info{'nopermission'} = 1;
! }
}
}
}
unless ($userid) {
$sessionID=int(rand()*100000).'-'.time();
$userid=$query->param('userid');
+ warn "NEWUSERENV : ".$sessionID;
+ C4::Context->_new_userenv($sessionID);
my $password=$query->param('password');
my ($return, $cardnumber) = checkpw($dbh,$userid,$password);
***************
*** 364,375 ****
--- 372,386 ----
-value => $sessionID,
-expires => '');
+
if ($flags = haspermission($dbh, $userid, $flagsrequired)) {
$loggedin = 1;
} else {
$info{'nopermission'} = 1;
+ C4::Context->_unset_userenv($sessionID);
}
} else {
if ($userid) {
$info{'invalid_username_or_password'} = 1;
+ C4::Context->_unset_userenv($sessionID);
}
}
***************
*** 419,435 ****
my ($dbh, $userid, $password) = @_;
# INTERNAL AUTH
! my $sth=$dbh->prepare("select password,cardnumber from borrowers where userid=?");
$sth->execute($userid);
if ($sth->rows) {
! my ($md5password,$cardnumber) = $sth->fetchrow;
if (md5_base64($password) eq $md5password) {
return 1,$cardnumber;
}
}
! my $sth=$dbh->prepare("select password from borrowers where cardnumber=?");
$sth->execute($userid);
if ($sth->rows) {
! my ($md5password) = $sth->fetchrow;
if (md5_base64($password) eq $md5password) {
return 1,$userid;
}
--- 430,450 ----
my ($dbh, $userid, $password) = @_;
# INTERNAL AUTH
! my $sth=$dbh->prepare("select password,cardnumber,borrowernumber,userid,firstname,surname,flags,branchcode from borrowers where userid=?");
$sth->execute($userid);
if ($sth->rows) {
! my ($md5password,$cardnumber,$bornum,$userid,$firstname,$surname,$userflags,$branchcode) = $sth->fetchrow;
if (md5_base64($password) eq $md5password) {
+ warn "setuserenv1 $bornum,$userid,$cardnumber,$firstname,$surname,$branchcode,$userflags";
+ C4::Context->set_userenv($bornum,$userid,$cardnumber,$firstname,$surname,$branchcode,$userflags);
return 1,$cardnumber;
}
}
! my $sth=$dbh->prepare("select password,cardnumber,borrowernumber,userid,firstname,surname,flags,branchcode from borrowers where cardnumber=?");
$sth->execute($userid);
if ($sth->rows) {
! my ($md5password,$cardnumber,$bornum,$userid,$firstname,$surname,$userflags,$branchcode) = $sth->fetchrow;
if (md5_base64($password) eq $md5password) {
+ warn "setuserenv2 $bornum,$userid,$cardnumber,$firstname,$surname,$branchcode,$userflags";
+ C4::Context->set_userenv($bornum,$userid,$cardnumber,$firstname,$surname,$branchcode,$userflags);
return 1,$userid;
}
***************
*** 437,440 ****
--- 452,457 ----
if ($userid eq C4::Context->config('user') && $password eq C4::Context->config('pass')) {
# Koha superuser account
+ warn "setuserenv3";
+ C4::Context->set_userenv(0,0,C4::Context->config('user'),C4::Context->config('user'),C4::Context->config('user'),"",1);
return 2;
}
Index: Context.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Context.pm,v
retrieving revision 1.21
retrieving revision 1.22
diff -C2 -r1.21 -r1.22
*** Context.pm 20 Jun 2005 14:10:01 -0000 1.21
--- Context.pm 26 Jul 2005 07:50:27 -0000 1.22
***************
*** 598,601 ****
--- 598,687 ----
}
+ =item userenv
+
+ %userenv = C4::Context->userenv;
+
+ Returns a hash with userenvironment variables.
+
+ This hash is cached for future use: if you call
+ C<C4::Context-E<gt>userenv> twice, you will get the same hash without real DB access
+
+ Returns Null if userenv is not set.
+ userenv is set in _new_userenv, called in Auth.pm
+
+ =cut
+ #'
+ sub userenv
+ {
+ warn "activeuser : ".$context->{"activeuser"}."hash :".$context->{$context->{"activeuser"}};
+ my $var = $context->{$context->{"activeuser"}};
+ foreach my $key (sort keys %$context){
+ warn "key : ".$key;
+ }
+ return $context->{$context->{"activeuser"}};
+ }
+
+ =item set_userenv
+
+ C4::Context->set_userenv;
+
+ Builds a hash for user environment variables.
+
+ This hash shall be cached for future use: if you call
+ C<C4::Context-E<gt>userenv> twice, you will get the same hash without real DB access
+
+ set_userenv is called in Auth.pm
+
+ =cut
+ #'
+ sub set_userenv
+ {
+ my ($usernum, $userid, $usercnum, $userfirstname, $usersurname, $userbranch, $userflags)= @_;
+ $context->{$context->{"activeuser"}}=\{
+ "number" => $usernum,
+ "id" => $userid,
+ "cardnumber" => $usercnum,
+ "firstname" => $userfirstname,
+ "surname" => $usersurname,
+ "branch" => $userbranch,
+ "flags" => $userflags
+ }
+ }
+
+ =item _new_userenv
+
+ C4::Context->_new_userenv($session);
+
+ Builds a hash for user environment variables.
+
+ This hash shall be cached for future use: if you call
+ C<C4::Context-E<gt>userenv> twice, you will get the same hash without real DB access
+
+ _new_userenv is called in Auth.pm
+
+ =cut
+ #'
+ sub _new_userenv
+ {
+ my ($sessionID)= @_;
+ $context->{"activeuser"} = \$sessionID;
+ $context->{$sessionID}=\();
+ }
+
+ =item _unset_userenv
+
+ C4::Context->_unset_userenv;
+
+ Destroys the hash for activeuser user environment variables.
+
+ =cut
+ #'
+
+ sub _unset_userenv
+ {
+ my ($sessionID)= @_;
+ undef $context->{$sessionID};
+ undef $context->{"activeuser"} if ($context->{"activeuser"} eq $sessionID);
+ }
Index: Suggestions.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Suggestions.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -r1.5 -r1.6
*** Suggestions.pm 4 May 2005 15:40:02 -0000 1.5
--- Suggestions.pm 26 Jul 2005 07:50:27 -0000 1.6
***************
*** 166,171 ****
my ($status) = @_;
my $dbh = C4::Context->dbh;
! my $sth = $dbh->prepare("select count(*) from suggestions where status=?");
! $sth->execute($status);
my ($result) = $sth->fetchrow;
return $result;
--- 166,179 ----
my ($status) = @_;
my $dbh = C4::Context->dbh;
! my $sth;
! if (C4::Context->preference("IndependantBranches")){
! my $userenv = C4::Context->userenv;
! warn "IndependantBranches : Count Suggestions : ".$userenv->{branch};
! $sth = $dbh->prepare("select count(*) from suggestions,borrowers where status=? and borrowers.borrowernumber=suggestions.suggestedby and (borrowers.branchcode='' or borrowers.branchcode =?)");
! $sth->execute($status,$userenv->{branch});
! } else {
! $sth = $dbh->prepare("select count(*) from suggestions where status=?");
! $sth->execute($status);
! }
my ($result) = $sth->fetchrow;
return $result;
More information about the Koha-cvs
mailing list