[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SF.net SVN: ledger-smb: [1692] trunk
- Subject: SF.net SVN: ledger-smb: [1692] trunk
- From: ..hidden..
- Date: Tue, 02 Oct 2007 18:32:37 -0700
Revision: 1692
http://ledger-smb.svn.sourceforge.net/ledger-smb/?rev=1692&view=rev
Author: aurynn_cmd
Date: 2007-10-02 18:32:37 -0700 (Tue, 02 Oct 2007)
Log Message:
-----------
Disabled login checking in LedgerSMB.pm, temporarily.
Whitespace cleanup in DB.pm
Modifications to remove user_conf from User.pm
Modified Paths:
--------------
trunk/LedgerSMB/Session/DB.pm
trunk/LedgerSMB/User.pm
trunk/LedgerSMB.pm
trunk/scripts/admin.pl
trunk/sql/modules/admin.sql
Modified: trunk/LedgerSMB/Session/DB.pm
===================================================================
--- trunk/LedgerSMB/Session/DB.pm 2007-10-02 23:37:32 UTC (rev 1691)
+++ trunk/LedgerSMB/Session/DB.pm 2007-10-03 01:32:37 UTC (rev 1692)
@@ -41,17 +41,17 @@
my $checkQuery = $dbh->prepare(
"SELECT u.username, s.transaction_id
- FROM session as s, users as u
- WHERE s.session_id = ?
- AND s.users_id = u.id
- AND s.last_used > now() - ?::interval"
+ FROM session as s, users as u
+ WHERE s.session_id = ?
+ AND s.users_id = u.id
+ AND s.last_used > now() - ?::interval"
);
my $updateAge = $dbh->prepare(
"UPDATE session
- SET last_used = now(),
- transaction_id = ?
- WHERE session_id = ?;"
+ SET last_used = now(),
+ transaction_id = ?
+ WHERE session_id = ?;"
);
#must be an integer
@@ -269,11 +269,11 @@
#password was good, convert to md5 password and null crypted
my $updatePassword = $dbh->prepare(
"UPDATE users_conf
- SET password = md5(?),
- crypted_password = null
- FROM users
- WHERE users_conf.id = users.id
- AND users.username = ?;"
+ SET password = md5(?),
+ crypted_password = null
+ FROM users
+ WHERE users_conf.id = users.id
+ AND users.username = ?;"
);
$updatePassword->execute( $password, $username )
Modified: trunk/LedgerSMB/User.pm
===================================================================
--- trunk/LedgerSMB/User.pm 2007-10-02 23:37:32 UTC (rev 1691)
+++ trunk/LedgerSMB/User.pm 2007-10-03 01:32:37 UTC (rev 1692)
@@ -80,16 +80,16 @@
# for now, this is querying the table directly... ugly
my $fetchUserPrefs = $dbh->prepare(
"SELECT acs, address, businessnumber,
- company, countrycode, currency,
- dateformat, dbdriver, dbhost, dbname,
- dboptions, dbpasswd, dbport, dbuser,
- email, fax, menuwidth, name, numberformat,
- password, print, printer, role, sid,
- signature, stylesheet, tel, templates,
- timeout, vclimit, u.username
- FROM users_conf as uc, users as u
- WHERE u.username = ?
- AND u.id = uc.id;"
+ company, countrycode, currency,
+ dateformat, dbdriver, dbhost, dbname,
+ dboptions, dbpasswd, dbport, dbuser,
+ email, fax, menuwidth, name, numberformat,
+ password, print, printer, role, sid,
+ signature, stylesheet, tel, templates,
+ timeout, vclimit, u.username
+ FROM users_conf as uc, users as u
+ WHERE u.username = ?
+ AND u.id = uc.id;"
);
$fetchUserPrefs->execute($login);
@@ -175,23 +175,37 @@
my $dbh = ${LedgerSMB::Sysconfig::GLOBALDBH};
# for now, this is querying the table directly... ugly
- my $fetchUserPrefs = $dbh->prepare(
- "SELECT acs, address, businessnumber,
- company, countrycode, currency,
- dateformat, dbdriver, dbhost, dbname,
- dboptions, dbpasswd, dbport, dbuser,
- email, fax, menuwidth, name, numberformat,
- password, print, printer, role, sid,
- signature, stylesheet, tel, templates,
- timeout, vclimit, u.username
- FROM users_conf as uc, users as u
- WHERE u.username = ?
- AND u.id = uc.id;"
- );
+# my $fetchUserPrefs = $dbh->prepare(
+# "SELECT acs, address, businessnumber,
+# company, countrycode, currency,
+# dateformat, dbdriver, dbhost, dbname,
+# dboptions, dbpasswd, dbport, dbuser,
+# email, fax, menuwidth, name, numberformat,
+# password, print, printer, role, sid,
+# signature, stylesheet, tel, templates,
+# timeout, vclimit, u.username
+# FROM users_conf as uc, users as u
+# WHERE u.username = ?
+# AND u.id = uc.id;"
+# );
- $fetchUserPrefs->execute($login);
+ my $fetchUserSettings = $dbh->prepare("
+ SELECT
+ u.username,
+ uc.dbname,
+ uc.port,
+ uc.host
+
+ FROM users u
+ JOIN user_connection uc ON uc.user_id = u.id
+ WHERE u.username = ?
+ ");
+
+ $fetchUserSettings->execute($login);
- my $userHashRef = $fetchUserPrefs->fetchrow_hashref;
+ #$fetchUserPrefs->execute($login);
+
+ my $userHashRef = $fetchUserSettings->fetchrow_hashref;
if ( !$userHashRef ) {
&error( $self, "Access Denied" );
}
@@ -200,18 +214,18 @@
$myconfig{$key} = $value;
}
- chomp( $myconfig{'dbport'} );
+ chomp( $myconfig{'port'} );
chomp( $myconfig{'dbname'} );
- chomp( $myconfig{'dbhost'} );
+ chomp( $myconfig{'host'} );
$myconfig{'login'} = $login;
$myconfig{'dbconnect'} =
'dbi:Pg:dbname='
. $myconfig{'dbname'}
. ';host='
- . $myconfig{'dbhost'}
+ . $myconfig{'host'}
. ';port='
- . $myconfig{'dbport'};
+ . $myconfig{'port'};
return \%myconfig;
}
@@ -252,8 +266,8 @@
# we got a connection, check the version
my $query = qq|
- SELECT value FROM defaults
- WHERE setting_key = 'version'|;
+ SELECT value FROM defaults
+ WHERE setting_key = 'version'|;
my $sth = $dbh->prepare($query);
$sth->execute || $form->dberror( __FILE__ . ':' . __LINE__ . $query );
@@ -276,10 +290,10 @@
$form->update_defaults( \%myconfig, "employeenumber", $dbh );
$query = qq|
- INSERT INTO employee
- (login, employeenumber, name,
- workphone, role)
- VALUES (?, ?, ?, ?, ?)|;
+ INSERT INTO employee
+ (login, employeenumber, name,
+ workphone, role)
+ VALUES (?, ?, ?, ?, ?)|;
$sth = $dbh->prepare($query);
$sth->execute(
$login, $employeenumber, $myconfig{name},
@@ -325,8 +339,8 @@
$dbh->{pg_encode_utf8} = 1;
my $query = qq|
- SELECT count(*) FROM recurring
- WHERE enddate >= current_date AND nextdate <= current_date|;
+ SELECT count(*) FROM recurring
+ WHERE enddate >= current_date AND nextdate <= current_date|;
($_) = $dbh->selectrow_array($query);
$dbh->disconnect;
@@ -421,9 +435,9 @@
$dbh->{pg_enable_utf8} = 1;
$query = qq|
- SELECT tablename FROM pg_tables
- WHERE tablename = 'defaults'
- AND tableowner = ?|;
+ SELECT tablename FROM pg_tables
+ WHERE tablename = 'defaults'
+ AND tableowner = ?|;
my $sth = $dbh->prepare($query);
$sth->execute( $form->{dbuser} )
|| $form->dberror( __FILE__ . ':' . __LINE__ . $query );
@@ -652,10 +666,10 @@
if ( $form->{dbdriver} =~ /Pg/ ) {
$query = qq|
- SELECT d.datname
- FROM pg_database d, pg_user u
- WHERE d.datdba = u.usesysid
- AND u.usename = ?|;
+ SELECT d.datname
+ FROM pg_database d, pg_user u
+ WHERE d.datdba = u.usesysid
+ AND u.usename = ?|;
my $sth = $dbh->prepare($query);
$sth->execute( $form->{dbuser} )
|| $form->dberror( __FILE__ . ':' . __LINE__ . $query );
@@ -673,17 +687,17 @@
$dbh->{pg_enable_utf8};
$query = qq|
- SELECT tablename
- FROM pg_tables
- WHERE tablename = 'defaults'|;
+ SELECT tablename
+ FROM pg_tables
+ WHERE tablename = 'defaults'|;
my $sth = $dbh->prepare($query);
$sth->execute
|| $form->dberror( __FILE__ . ':' . __LINE__ . $query );
if ( $sth->fetchrow_array ) {
$query = qq|
- SELECT value FROM defaults
- WHERE setting_key = 'version'|;
+ SELECT value FROM defaults
+ WHERE setting_key = 'version'|;
my $sth = $dbh->prepare($query);
$sth->execute;
@@ -746,8 +760,8 @@
# check version
$query = qq|
- SELECT value FROM defaults
- WHERE setting_key = 'version'|;
+ SELECT value FROM defaults
+ WHERE setting_key = 'version'|;
my $sth = $dbh->prepare($query);
# no error check, let it fall through
@@ -904,18 +918,18 @@
# for now, this is updating the table directly... ugly
my $userConfUpdate = $dbh->prepare(
"UPDATE users_conf
- SET acs = ?, address = ?, businessnumber = ?,
- company = ?, countrycode = ?, currency = ?,
- dateformat = ?, dbdriver = ?,
- dbhost = ?, dbname = ?, dboptions = ?,
- dbpasswd = ?, dbport = ?, dbuser = ?,
- email = ?, fax = ?, menuwidth = ?,
- name = ?, numberformat = ?,
- print = ?, printer = ?, role = ?,
- sid = ?, signature = ?, stylesheet = ?,
- tel = ?, templates = ?, timeout = ?,
- vclimit = ?
- WHERE id = ?;"
+ SET acs = ?, address = ?, businessnumber = ?,
+ company = ?, countrycode = ?, currency = ?,
+ dateformat = ?, dbdriver = ?,
+ dbhost = ?, dbname = ?, dboptions = ?,
+ dbpasswd = ?, dbport = ?, dbuser = ?,
+ email = ?, fax = ?, menuwidth = ?,
+ name = ?, numberformat = ?,
+ print = ?, printer = ?, role = ?,
+ sid = ?, signature = ?, stylesheet = ?,
+ tel = ?, templates = ?, timeout = ?,
+ vclimit = ?
+ WHERE id = ?;"
);
$userConfUpdate->execute(
@@ -943,8 +957,8 @@
$userConfUpdate = $dbh->prepare(
"UPDATE users_conf
- SET password = md5(?)
- WHERE id = ?"
+ SET password = md5(?)
+ WHERE id = ?"
);
$userConfUpdate->execute( $self->{password}, $userID );
@@ -956,16 +970,16 @@
my $userConfInsert = $dbh->prepare(
"INSERT INTO users_conf(acs, address, businessnumber,
- company, countrycode, currency,
- dateformat, dbdriver,
- dbhost, dbname, dboptions, dbpasswd,
- dbport, dbuser, email, fax, menuwidth,
- name, numberformat, print, printer, role,
- sid, signature, stylesheet, tel, templates,
- timeout, vclimit, id, password)
- VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
- ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
- ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, md5(?));"
+ company, countrycode, currency,
+ dateformat, dbdriver,
+ dbhost, dbname, dboptions, dbpasswd,
+ dbport, dbuser, email, fax, menuwidth,
+ name, numberformat, print, printer, role,
+ sid, signature, stylesheet, tel, templates,
+ timeout, vclimit, id, password)
+ VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
+ ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
+ ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, md5(?));"
);
$userConfInsert->execute(
@@ -1017,10 +1031,10 @@
if ($id) {
$query = qq|UPDATE employee SET
- role = ?,
- email = ?,
- name = ?
- WHERE login = ?|;
+ role = ?,
+ email = ?,
+ name = ?
+ WHERE login = ?|;
@values = ( $self->{role}, $self->{email}, $self->{name}, $login );
@@ -1030,10 +1044,10 @@
my ($employeenumber) =
Form::update_defaults( "", \%$self, "employeenumber", $dbh );
$query = qq|
- INSERT INTO employee
- (login, employeenumber, name,
- workphone, role, email, sales)
- VALUES (?, ?, ?, ?, ?, ?, '1')|;
+ INSERT INTO employee
+ (login, employeenumber, name,
+ workphone, role, email, sales)
+ VALUES (?, ?, ?, ?, ?, ?, '1')|;
@values = (
$login, $employeenumber, $self->{name},
@@ -1075,10 +1089,10 @@
$sth->finish;
my $query = qq|
- UPDATE employee
- SET login = NULL,
- enddate = current_date
- WHERE login = ?|;
+ UPDATE employee
+ SET login = NULL,
+ enddate = current_date
+ WHERE login = ?|;
$sth = $dbh->prepare($query);
$sth->execute($login);
$dbh->commit;
Modified: trunk/LedgerSMB.pm
===================================================================
--- trunk/LedgerSMB.pm 2007-10-02 23:37:32 UTC (rev 1691)
+++ trunk/LedgerSMB.pm 2007-10-03 01:32:37 UTC (rev 1692)
@@ -178,50 +178,49 @@
}
$self->{_locale} = $locale;
- $self->{stylesheet} = $self->{_user}->{stylesheet};
- if ( $self->{password} ) {
- if (
- !Session::password_check(
- $self, $self->{login}, $self->{password}
- )
- )
- {
- if ($self->is_run_mode('cgi', 'mod_perl')) {
- $self->_get_password();
- }
- else {
- $self->error( __FILE__ . ':' . __LINE__ . ': '
- . $locale->text('Access Denied!') );
- }
- exit;
- }
- else {
- Session::session_create($self);
- }
+# if ( $self->{password} ) {
+# if (
+# !Session::password_check(
+# $self, $self->{ login }, $self->{ password }
+# )
+# )
+# {
+# if ($self->is_run_mode('cgi', 'mod_perl')) {
+# $self->_get_password();
+# }
+# else {
+# $self->error( __FILE__ . ':' . __LINE__ . ': '
+# . $locale->text('Access Denied!') );
+# }
+# exit;
+# }
+# else {
+# Session::session_create($self);
+# }
- }
- else {
- if ($self->is_run_mode('cgi', 'mod_perl')) {
- my %cookie;
- $ENV{HTTP_COOKIE} =~ s/;\s*/;/g;
- my @cookies = split /;/, $ENV{HTTP_COOKIE};
- foreach (@cookies) {
- my ( $name, $value ) = split /=/, $_, 2;
- $cookie{$name} = $value;
- }
+# }
+# else {
+# if ($self->is_run_mode('cgi', 'mod_perl')) {
+# my %cookie;
+# $ENV{HTTP_COOKIE} =~ s/;\s*/;/g;
+# my @cookies = split /;/, $ENV{HTTP_COOKIE};
+# foreach (@cookies) {
+# my ( $name, $value ) = split /=/, $_, 2;
+# $cookie{$name} = $value;
+# }
#check for valid session
- if ( !Session::session_check( $cookie{"LedgerSMB"}, $self) ) {
- $self->_get_password(1);
- exit;
- }
- }
- else {
- exit;
- }
- }
+# if ( !Session::session_check( $cookie{"LedgerSMB"}, $self) ) {
+# $self->_get_password(1);
+# exit;
+# }
+# }
+# else {
+# exit;
+# }
+# }
- $self->{stylesheet} = $self->{_user}->{stylesheet};
+# $self->{stylesheet} = $self->{_user}->{stylesheet};
$self->_db_init;
@@ -668,8 +667,8 @@
my $myconfig = $self->{_user};
my $dbh = DBI->connect(
- $myconfig->{dbconnect}, $myconfig->{dbuser},
- $myconfig->{dbpasswd}, { AutoCommit => 0 }
+ $myconfig->{ dbconnect }, $myconfig->{ username },
+ $self->{ password }, { AutoCommit => 0 }
) or $self->dberror;
$dbh->{pg_server_prepare} = 0;
@@ -750,7 +749,7 @@
my $self = shift @_;
if (!$ENV{REQUEST_METHOD} or
- ( $ENV{REQUEST_METHOD} ne ("HEAD" or "GET" or "POST") ) ) {
+ ( !grep {$ENV{REQUEST_METHOD} eq $_} ("HEAD", "GET", "POST") ) ) {
$self->error("Request method unset or set to unknown value");
}
Modified: trunk/scripts/admin.pl
===================================================================
--- trunk/scripts/admin.pl 2007-10-02 23:37:32 UTC (rev 1691)
+++ trunk/scripts/admin.pl 2007-10-03 01:32:37 UTC (rev 1692)
@@ -10,7 +10,6 @@
# uses the same page as create_user, only pre-populated.
#my ($class, $request) = @_;
- my $class = shift @_;
my $request = shift @_;
my $admin = LedgerSMB::DBObject::Admin->new(base=>$request, copy=>'all');
@@ -154,7 +153,7 @@
my ($class, $request) = @_;
- # check for login
+ # TODO: check for login stuff.
my $template;
$template = LedgerSMB::Template->new( user=>$user,
template=>'Admin/main', language=>$user->{language},
Modified: trunk/sql/modules/admin.sql
===================================================================
--- trunk/sql/modules/admin.sql 2007-10-02 23:37:32 UTC (rev 1691)
+++ trunk/sql/modules/admin.sql 2007-10-03 01:32:37 UTC (rev 1692)
@@ -423,3 +423,10 @@
$$ LANGUAGE PLPGSQL;
-- TODO: Add admin user
+
+
+CREATE OR REPLACE FUNCTION admin_audit_log () returns int as $$
+
+
+
+$$ language plpgsql;
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.