[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SF.net SVN: ledger-smb: [1728] trunk
- Subject: SF.net SVN: ledger-smb: [1728] trunk
- From: ..hidden..
- Date: Tue, 09 Oct 2007 11:13:09 -0700
Revision: 1728
http://ledger-smb.svn.sourceforge.net/ledger-smb/?rev=1728&view=rev
Author: einhverfr
Date: 2007-10-09 11:13:09 -0700 (Tue, 09 Oct 2007)
Log Message:
-----------
More authentication fixes
Modified Paths:
--------------
trunk/LedgerSMB/Form.pm
trunk/LedgerSMB/Session/DB.pm
trunk/old-handler.pl
Modified: trunk/LedgerSMB/Form.pm
===================================================================
--- trunk/LedgerSMB/Form.pm 2007-10-09 15:01:25 UTC (rev 1727)
+++ trunk/LedgerSMB/Form.pm 2007-10-09 18:13:09 UTC (rev 1728)
@@ -1139,8 +1139,12 @@
$self->{company} = $LedgerSMB::Sysconfig::default_db;
}
my $dbname = $self->{company};
+ my $dbconfig = { dbconnect => "dbi:Pg:dbname=$dbname",
+ dbuser => $login,
+ dbpasswd => $password
+ };
- $self->{dbh} = $self->dbconnect_noauto($myconfig) || $self->dberror();
+ $self->{dbh} = $self->dbconnect_noauto($dbconfig) || $self->dberror();
my $dbh = $self->{dbh};
my %date_query = (
'mm/dd/yy' => 'set DateStyle to \'SQL, US\'',
Modified: trunk/LedgerSMB/Session/DB.pm
===================================================================
--- trunk/LedgerSMB/Session/DB.pm 2007-10-09 15:01:25 UTC (rev 1727)
+++ trunk/LedgerSMB/Session/DB.pm 2007-10-09 18:13:09 UTC (rev 1728)
@@ -32,13 +32,13 @@
use strict;
sub session_check {
-
use Time::HiRes qw(gettimeofday);
+ my ( $cookie, $form ) = @_;
+
my $path = ($ENV{SCRIPT_NAME});
$path =~ s|[^/]*$||;
- my ( $cookie, $form ) = @_;
if ($cookie eq 'Login'){
return session_create($form);
}
Modified: trunk/old-handler.pl
===================================================================
--- trunk/old-handler.pl 2007-10-09 15:01:25 UTC (rev 1727)
+++ trunk/old-handler.pl 2007-10-09 18:13:09 UTC (rev 1728)
@@ -99,13 +99,8 @@
# $form->error(__FILE__.':'.__LINE__.': '.$locale->text('System currently down for maintenance!'));
#}
-&check_password;
# grab user config. This is ugly and unecessary if/when
-# we get rid of myconfig and use User as a real object
-%myconfig = %{ LedgerSMB::User->fetch_config( $form->{login} ) };
-$locale = LedgerSMB::Locale->get_handle( $myconfig{countrycode} )
- or $form->error( __FILE__ . ':' . __LINE__ . ": Locale not loaded: $!\n" );
# locale messages
#$form->{charset} = $locale->encoding;
@@ -124,7 +119,12 @@
unless ( $form->{type} eq 'preferences' );
$form->db_init( \%myconfig );
+&check_password;
+# we get rid of myconfig and use User as a real object
+%myconfig = %{ LedgerSMB::User->fetch_config( $form ) };
+$locale = LedgerSMB::Locale->get_handle( $myconfig{countrycode} )
+ or $form->error( __FILE__ . ':' . __LINE__ . ": Locale not loaded: $!\n" );
# pull in the main code
require "bin/$form->{script}";
@@ -161,46 +161,22 @@
sub check_password {
require "bin/pw.pl";
+ if ( $ENV{GATEWAY_INTERFACE} ) {
+ $ENV{HTTP_COOKIE} =~ s/;\s*/;/g;
+ @cookies = split /;/, $ENV{HTTP_COOKIE};
+ foreach (@cookies) {
+ ( $name, $value ) = split /=/, $_, 2;
+ $cookie{$name} = $value;
+ }
- if ( $form->{password} ) {
- if (
- !Session::password_check(
- $form, $form->{login}, $form->{password}
- )
- )
- {
- if ( $ENV{GATEWAY_INTERFACE} ) {
- &getpassword;
- }
- else {
- $form->error( __FILE__ . ':' . __LINE__ . ': '
- . $locale->text('Access Denied!') );
- }
+ #check for valid session
+ if ( !Session::session_check( $cookie{"LedgerSMB"}, $form ) ) {
+ &getpassword(1);
exit;
}
- else {
- Session::session_create($form);
- }
-
}
else {
- if ( $ENV{GATEWAY_INTERFACE} ) {
- $ENV{HTTP_COOKIE} =~ s/;\s*/;/g;
- @cookies = split /;/, $ENV{HTTP_COOKIE};
- foreach (@cookies) {
- ( $name, $value ) = split /=/, $_, 2;
- $cookie{$name} = $value;
- }
-
- #check for valid session
- if ( !Session::session_check( $cookie{"LedgerSMB"}, $form ) ) {
- &getpassword(1);
- exit;
- }
- }
- else {
- exit;
- }
+ exit;
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.