Changeset 183 for trunk/dns.cgi


Ignore:
Timestamp:
12/05/11 17:16:27 (13 years ago)
Author:
Kris Deugau
Message:

/trunk

Fix minor error-log mess due to nonexistent username on login (see #25)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/dns.cgi

    r182 r183  
    202202    my $sth = $dbh->prepare("SELECT user_id,group_id,password,firstname,lastname FROM users WHERE username=?");
    203203    $sth->execute($webvar{username});
    204     my ($uid,$gid,$pass,$fname,$lname) = $sth->fetchrow_array;
    205     $webvar{loginfailed} = 1 if !defined($uid);
    206 
    207     if ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) {
    208       # native passwords (crypt-md5)
    209       $webvar{loginfailed} = 1 if $pass ne unix_md5_crypt($webvar{password},$1);
    210     } elsif ($pass =~ /^[0-9a-f]{32}$/) {
    211       # VegaDNS import (hex-coded MD5)
    212       $webvar{loginfailed} = 1 if $pass ne md5_hex($webvar{password});
     204
     205    if (my ($uid,$gid,$pass,$fname,$lname) = $sth->fetchrow_array) {
     206      $webvar{password} = '' if !$webvar{password};
     207
     208      if ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) {
     209        # native passwords (crypt-md5)
     210        $webvar{loginfailed} = 1 if $pass ne unix_md5_crypt($webvar{password},$1);
     211      } elsif ($pass =~ /^[0-9a-f]{32}$/) {
     212        # VegaDNS import (hex-coded MD5)
     213        $webvar{loginfailed} = 1 if $pass ne md5_hex($webvar{password});
     214      } else {
     215        # plaintext (convenient now and then)
     216        $webvar{loginfailed} = 1 if $pass ne $webvar{password};
     217      }
     218
     219      # set session bits
     220      $session->param('logingroup',$gid);
     221      $session->param('curgroup',$gid);
     222      $session->param('uid',$uid);
     223      $session->param('username',$webvar{username});
     224
     225      changepage(page => "domlist") if !defined($webvar{loginfailed});
     226
    213227    } else {
    214       # plaintext (convenient now and then)
    215       $webvar{loginfailed} = 1 if $pass ne $webvar{password};
    216     }
    217 
    218     # set session bits
    219     $session->param('logingroup',$gid);
    220     $session->param('curgroup',$gid);
    221     $session->param('uid',$uid);
    222     $session->param('username',$webvar{username});
    223 
    224     changepage(page => "domlist") if !defined($webvar{loginfailed});
     228      $webvar{loginfailed} = 1;
     229    } # user data fetch check
     230
    225231  } elsif ($webvar{action} eq 'logout') {
    226232    # delete the session
Note: See TracChangeset for help on using the changeset viewer.