Index: trunk/DNSDB.pm =================================================================== --- trunk/DNSDB.pm (revision 162) +++ trunk/DNSDB.pm (revision 163) @@ -113,5 +113,8 @@ templatedir => 'templates/', # fmeh. this is a real web path, not a logical internal one. hm.. -# cssdir => 'templates/'; +# cssdir => 'templates/', + + # Session params + timeout => '3600' # 1 hour default ); @@ -189,4 +192,6 @@ $config{mailsender} = $1 if /^mailsender\s*=\s*([a-z0-9_.@-]+)/i; $config{mailname} = $1 if /^mailname\s*=\s*([a-z0-9\s_.-]+)/i; + # session - note this is fed directly to CGI::Session + $config{timeout} = $1 if /^[tT][iI][mM][eE][oO][uU][tT]\s*=\s*(\d+[smhdwMy]?)/; } close CFG; Index: trunk/dns.cgi =================================================================== --- trunk/dns.cgi (revision 162) +++ trunk/dns.cgi (revision 163) @@ -51,4 +51,12 @@ my %webvar = $q->Vars; +# load some local system defaults (mainly DB connect info) +# note this is not *absolutely* fatal, since there's a default dbname/user/pass in DNSDB.pm +# we'll catch a bad DB connect string once we get to trying that +##fixme: pass params to loadConfig, and use them there, to allow one codebase to support multiple sites +if (!loadConfig()) { + warn "Using default configuration; unable to load custom settings: $DNSDB::errstr"; +} + # persistent stuff needed on most/all pages my $sid = ($webvar{sid} ? $webvar{sid} : undef); @@ -59,4 +67,5 @@ # init stuff. can probably axe this down to just above if'n'when user manipulation happens $sid = $session->id(); + $session->expire($config{timeout}); # need to know the "upper" group the user can deal with; may as well # stick this in the session rather than calling out to the DB every time. @@ -78,4 +87,11 @@ # Just In Case. Stale sessions should not be resurrectable. if ($sid ne $session->id()) { + $sid = ''; + changepage(page=> "login", sessexpired => 1); +} + +# normal expiry, more or less +if ($session->is_expired) { + $sid = ''; changepage(page=> "login", sessexpired => 1); } @@ -139,12 +155,4 @@ my $sortby = "domain"; my $sortorder = "ASC"; - -# now load some local system defaults (mainly DB connect info) -# note this is not *absolutely* fatal, since there's a default dbname/user/pass in DNSDB.pm -# we'll catch a bad DB connect string a little further down. -##fixme: pass params to loadConfig, and use them there, to allow one codebase to support multiple sites -if (!loadConfig()) { - warn "Using default configuration; unable to load custom settings: $DNSDB::errstr"; -} ##fixme: quit throwing the database handle around, and put all the SQL and direct DB fiddling into DNSDB.pm @@ -243,11 +251,10 @@ initPermissions($dbh,$session->param('uid')); -$page->param(sid => $sid); +$page->param(sid => $sid) unless $webvar{page} eq 'login'; # no session ID on the login page if ($webvar{page} eq 'login') { $page->param(loginfailed => 1) if $webvar{loginfailed}; -##fixme: set up session init to actually *check* for session timeout - $page->param(timeout => 1) if $webvar{sesstimeout}; + $page->param(sessexpired => 1) if $webvar{sessexpired}; } elsif ($webvar{page} eq 'domlist' or $webvar{page} eq 'index') { @@ -780,5 +787,4 @@ ##fixme: need to clean up log when deleting a major container logaction(0, $session->param("username"), $webvar{curgroup}, "Deleted group $deleteme"); - # success. go back to the domain list, do not pass "GO" changepage(page => "grpman", resultmsg => "Deleted group $deleteme"); } @@ -832,7 +838,4 @@ ##fixme push the SQL and direct database fiddling off into a sub in DNSDB.pm ##fixme - -##fixme: un-hardcode the limit? -# $perpage = 50; my $sth = $dbh->prepare("SELECT count(*) FROM domains WHERE group_id=?"); @@ -1363,5 +1366,4 @@ ##fixme put in some real log-munching stuff -##fixme need to add bits to *create* log entries... my $sql = "SELECT user_id, email, name, entry, date_trunc('second',stamp) FROM log WHERE "; my $id = $curgroup; # we do this because the group log may be called from (almost) any page, Index: trunk/templates/dns.css =================================================================== --- trunk/templates/dns.css (revision 162) +++ trunk/templates/dns.css (revision 163) @@ -33,9 +33,4 @@ } -table.login { - text-align: center; - border: thin solid #000000; - background-color: #CCCCFF; -} table.list { background-color: #F0F0F0; @@ -231,6 +226,5 @@ } #login { - margin-top: 50px; - margin-bottom: 50px; + margin: 50px auto; padding: 3px; border: thin solid #000000; Index: trunk/templates/login.tmpl =================================================================== --- trunk/templates/login.tmpl (revision 162) +++ trunk/templates/login.tmpl (revision 163) @@ -2,5 +2,4 @@
-