![[ DNS Administrator ]](/fx/dnsadmin-logo.png){kind=logo}
Changeset 279
Legend:
- Unmodified
- Added
- Removed
-
trunk/DNSDB.pm
r278 r279 35 35 @ISA = qw(Exporter); 36 36 @EXPORT_OK = qw( 37 &initGlobals &login 37 &initGlobals &login &initActionLog 38 38 &initPermissions &getPermissions &changePermissions &comparePermissions 39 39 &changeGroup … … 57 57 @EXPORT = (); # Export nothing by default. 58 58 %EXPORT_TAGS = ( ALL => [qw( 59 &initGlobals &login 59 &initGlobals &login &initActionLog 60 60 &initPermissions &getPermissions &changePermissions &comparePermissions 61 61 &changeGroup … … 945 945 my $pass = shift; 946 946 947 %userdata = %{$dbh->selectrow_hashref("SELECT user_id,group_id,password,firstname,lastname FROM users WHERE username=?",948 undef, ($user) ) };949 return if ! %userdata;950 951 if ($user data{password} =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) {947 my $userinfo = $dbh->selectrow_hashref("SELECT user_id,group_id,password,firstname,lastname FROM users WHERE username=?", 948 undef, ($user) ); 949 return if !$userinfo; 950 951 if ($userinfo->{password} =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) { 952 952 # native passwords (crypt-md5) 953 return if $user data{password} ne unix_md5_crypt($pass,$1);954 } elsif ($user data{password} =~ /^[0-9a-f]{32}$/) {953 return if $userinfo->{password} ne unix_md5_crypt($pass,$1); 954 } elsif ($userinfo->{password} =~ /^[0-9a-f]{32}$/) { 955 955 # VegaDNS import (hex-coded MD5) 956 return if $user data{password} ne md5_hex($pass);956 return if $userinfo->{password} ne md5_hex($pass); 957 957 } else { 958 958 # plaintext (convenient now and then) 959 return if $user data{password} ne $pass;960 } 961 962 return %userdata;959 return if $userinfo->{password} ne $pass; 960 } 961 962 return $userinfo; 963 963 } # end login() 964 965 966 ## DNSDB::initActionLog() 967 # Set up action logging. Takes a database handle and user ID 968 # Sets some internal globals and Does The Right Thing to set up a logging channel. 969 # This sets up _log() to spew out log entries to the defined channel without worrying 970 # about having to open a file or a syslog channel 971 ##fixme Need to call _initActionLog_blah() for various logging channels, configured 972 # via dnsdb.conf, in $config{log_channel} or something 973 # See https://secure.deepnet.cx/trac/dnsadmin/ticket/21 974 sub initActionLog { 975 my $dbh = shift; 976 my $uid = shift; 977 978 return if !$uid; 979 980 # snag user info for logging. there's got to be a way to not have to pass this back 981 # and forth from a caller, but web usage means no persistence we can rely on from 982 # the server side. 983 my ($username,$fullname) = $dbh->selectrow_array("SELECT username, firstname || ' ' || lastname". 984 " FROM users WHERE user_id=?", undef, ($uid)); 985 ##fixme: errors are unpossible! 986 987 $userdata{username} = $username; 988 $userdata{userid} = $uid; 989 $userdata{fullname} = $fullname; 990 991 # convert to real check once we have other logging channels 992 # if ($config{log_channel} eq 'sql') { 993 # Open Log, Sez Me! 994 # } 995 996 } # end initActionLog 964 997 965 998 … … 1178 1211 ##fixme: need better way(s?) to snag userinfo for log entries. don't want to have 1179 1212 # to pass around yet *another* constant (already passing $dbh, shouldn't need to) 1180 my $fullname;1181 if (!$args{user_id}) {1182 ($args{user_id}, $fullname) = $dbh->selectrow_array("SELECT user_id, firstname || ' ' || lastname FROM users".1183 " WHERE username=?", undef, ($args{username}));1184 }1185 if (!$args{username}) {1186 ($args{username}, $fullname) = $dbh->selectrow_array("SELECT username, firstname || ' ' || lastname FROM users".1187 " WHERE user_id=?", undef, ($args{user_id}));1188 }1189 if (!$args{fullname}) {1190 ($fullname) = $dbh->selectrow_array("SELECT firstname || ' ' || lastname FROM users".1191 " WHERE user_id=?", undef, ($args{user_id}));1192 }1193 1194 $args{name} = $fullname if !$args{name};1213 # my $fullname; 1214 # if (!$args{user_id}) { 1215 # ($args{user_id}, $fullname) = $dbh->selectrow_array("SELECT user_id, firstname || ' ' || lastname FROM users". 1216 # " WHERE username=?", undef, ($args{username})); 1217 # } 1218 # if (!$args{username}) { 1219 # ($args{username}, $fullname) = $dbh->selectrow_array("SELECT username, firstname || ' ' || lastname FROM users". 1220 # " WHERE user_id=?", undef, ($args{user_id})); 1221 # } 1222 # if (!$args{fullname}) { 1223 # ($fullname) = $dbh->selectrow_array("SELECT firstname || ' ' || lastname FROM users". 1224 # " WHERE user_id=?", undef, ($args{user_id})); 1225 # } 1226 # 1227 # $args{name} = $fullname if !$args{name}; 1195 1228 1196 1229 ##fixme: farm out the actual logging to different subs for file, syslog, internal, etc based on config 1197 $dbh->do("INSERT INTO log (domain_id,rdns_id,user_id,group_id,email,name,entry) VALUES (?,?,?,?,?,?,?)", 1230 # if ($config{log_channel} eq 'sql') { 1231 $dbh->do("INSERT INTO log (domain_id,rdns_id,group_id,entry,user_id,email,name) VALUES (?,?,?,?,?,?,?)", 1198 1232 undef, 1199 ($args{domain_id},$args{rdns_id},$args{user_id},$args{group_id},$args{username},$args{name},$args{entry})); 1233 ($args{domain_id}, $args{rdns_id}, $args{group_id}, $args{entry}, 1234 $userdata{userid}, $userdata{username}, $userdata{fullname}) ); 1235 # } elsif ($config{log_channel} eq 'file') { 1236 # } elsif ($config{log_channel} eq 'syslog') { 1237 # } 1200 1238 1201 1239 } # end _log -
trunk/dns.cgi
r277 r279 227 227 if ($webvar{action} eq 'login') { 228 228 # Snag ACL/permissions here too 229 my $sth = $dbh->prepare("SELECT user_id,group_id,password,firstname,lastname FROM users WHERE username=?"); 230 $sth->execute($webvar{username}); 231 232 if (my ($uid,$gid,$pass,$fname,$lname) = $sth->fetchrow_array) { 233 $webvar{password} = '' if !$webvar{password}; 234 235 if ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) { 236 # native passwords (crypt-md5) 237 $webvar{loginfailed} = 1 if $pass ne unix_md5_crypt($webvar{password},$1); 238 } elsif ($pass =~ /^[0-9a-f]{32}$/) { 239 # VegaDNS import (hex-coded MD5) 240 $webvar{loginfailed} = 1 if $pass ne md5_hex($webvar{password}); 241 } else { 242 # plaintext (convenient now and then) 243 $webvar{loginfailed} = 1 if $pass ne $webvar{password}; 244 } 229 230 # my $sth = $dbh->prepare("SELECT user_id,group_id,password,firstname,lastname FROM users WHERE username=?"); 231 # $sth->execute($webvar{username}); 232 # 233 # if (my ($uid,$gid,$pass,$fname,$lname) = $sth->fetchrow_array) { 234 # $webvar{password} = '' if !$webvar{password}; 235 # 236 # if ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) { 237 # # native passwords (crypt-md5) 238 # $webvar{loginfailed} = 1 if $pass ne unix_md5_crypt($webvar{password},$1); 239 # } elsif ($pass =~ /^[0-9a-f]{32}$/) { 240 # # VegaDNS import (hex-coded MD5) 241 # $webvar{loginfailed} = 1 if $pass ne md5_hex($webvar{password}); 242 # } else { 243 # # plaintext (convenient now and then) 244 # $webvar{loginfailed} = 1 if $pass ne $webvar{password}; 245 # } 246 247 my $userdata = login($dbh, $webvar{username}, $webvar{password}); 248 249 if ($userdata) { 245 250 246 251 # set session bits 247 $session->param('logingroup',$ gid);248 $session->param('curgroup',$ gid);249 $session->param('uid',$u id);250 $session->param('username',$ webvar{username});251 252 changepage(page => "domlist") if !defined($webvar{loginfailed});252 $session->param('logingroup',$userdata->{group_id}); 253 $session->param('curgroup',$userdata->{group_id}); 254 $session->param('uid',$userdata->{user_id}); 255 $session->param('username',$userdata->{username}); 256 257 changepage(page => "domlist"); 253 258 254 259 } else { … … 298 303 } # handle global webvar{action}s 299 304 300 initPermissions($dbh,$session->param('uid')); 305 # Misc Things To Do on most pages 306 initPermissions($dbh, $session->param('uid')); 307 initActionLog($dbh, $session->param('uid')); 301 308 302 309 $page->param(sid => $sid) unless $webvar{page} eq 'login'; # no session ID on the login page
Note:
See TracChangeset
for help on using the changeset viewer.
