Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Removing warn in Auth.pm

Changing InstallAuth.pm to use CGI::Session

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
  • Loading branch information...
commit 8494eff8bc0d85d2d8f939e3225b933998bf824a 1 parent 3d72e5f
Chris Cormack authored Joshua Ferraro committed
Showing with 27 additions and 28 deletions.
  1. +0 −1  C4/Auth.pm
  2. +27 −27 installer/InstallAuth.pm
View
1  C4/Auth.pm
@@ -120,7 +120,6 @@ C4::Auth - Authenticates Koha users
sub get_template_and_user {
my $in = shift;
- warn "GET Template";
my $template =
gettemplate( $in->{'template_name'}, $in->{'type'}, $in->{'query'} );
my ( $user, $cookie, $sessionID, $flags ) = checkauth(
View
54 installer/InstallAuth.pm
@@ -221,7 +221,7 @@ has authenticated.
sub checkauth {
my $query = shift;
-
+warn "here i am";
# $authnotrequired will be set for scripts which will run without authentication
my $authnotrequired = shift;
my $flagsrequired = shift;
@@ -237,21 +237,18 @@ sub checkauth {
my %info;
my ( $userid, $cookie, $sessionID, $flags, $envcookie );
my $logout = $query->param('logout.x');
- if ( $sessionID = $query->cookie('sessionID') ) {
+ if ( $sessionID = $query->cookie("CGISESSID") ) {
C4::Context->_new_userenv($sessionID);
- if ( my %hash = $query->cookie('userenv') ) {
- C4::Context::set_userenv(
- $hash{number}, $hash{id},
- $hash{cardnumber}, $hash{firstname},
- $hash{surname}, $hash{branch},
- $hash{branchname}, $hash{flags},
- $hash{emailaddress}, $hash{branchprinter}
- );
- $cookie = $query->cookie(
- -name => 'sessionID',
- -value => $sessionID,
- -expires => ''
- );
+ my $session = new CGI::Session("driver:MySQL", $sessionID, {Handle=>$dbh});
+ if ( my $session ) {
+ C4::Context::set_userenv(
+ $session->param('number'), $session->param('id'),
+ $session->param('cardnumber'), $session->param('firstname'),
+ $session->param('surname'), $session->param('branch'),
+ $session->param('branchname'), $session->param('flags'),
+ $session->param('emailaddress'), $session->param('branchprinter')
+ );
+ $cookie = $query->cookie(CGISESSID => $session->id);
$loggedin=1;
$userid = $hash{cardnumber};
}
@@ -271,7 +268,8 @@ sub checkauth {
}
}
unless ($userid) {
- $sessionID = int( rand() * 100000 ) . '-' . time();
+ my $session = new CGI::Session("driver:MySQL", undef, {Handle=>$dbh});
+ $sessionID = $session->id;
$userid = $query->param('userid');
C4::Context->_new_userenv($sessionID);
my $password = $query->param('password');
@@ -284,11 +282,7 @@ sub checkauth {
printf L "%20s from %16s logged in at %30s.\n", $userid,
$ENV{'REMOTE_ADDR'}, $time;
close L;
- $cookie = $query->cookie(
- -name => 'sessionID',
- -value => $sessionID,
- -expires => ''
- );
+ $cookie = $query->cookie(CGISESSID => $sessionID);
if ( $return == 2 ) {
#Only superlibrarian should have access to this page.
#Since if it is a user, it is supposed that there is a borrower table
@@ -303,11 +297,17 @@ sub checkauth {
"NO_LIBRARY_SET",
1,""
);
- $envcookie = $query->cookie(
- -name => 'userenv',
- -value => $hash,
- -expires => ''
- );
+ $session->param('number',0);
+ $session->param('id',C4::Context->config('user'));
+ $session->param('cardnumber',C4::Context->config('user'));
+ $session->param('firstname',C4::Context->config('user'));
+ $session->param('surname',C4::Context->config('user'),);
+ $session->param('branch','NO_LIBRARY_SET');
+ $session->param('branchname','NO_LIBRARY_SET');
+ $session->param('flags',1);
+ $session->param('emailaddress', C4::Context->preference('KohaAdminEmailAddress'));
+ $session->param('ip',$session->remote_addr());
+ $session->param('lasttime',time());
$userid=C4::Context->config('user');
}
}
@@ -326,7 +326,7 @@ sub checkauth {
# successful login
unless ($cookie) {
$cookie = $query->cookie(
- -name => 'sessionID',
+ -name => 'CGISESSID',
-value => '',
-expires => ''
);
Please sign in to comment.
Something went wrong with that request. Please try again.