Changeset 279 for trunk/dns.cgi


Ignore:
Timestamp:
03/21/12 18:04:51 (12 years ago)
Author:
Kris Deugau
Message:

/trunk

Moving login SQL into DNSDB.pm complete. See #1
Checkpoint, moving logging into DNSDB.pm. See #1, #35.

Still requires a bit of commented-old-code cleanup

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/dns.cgi

    r277 r279  
    227227  if ($webvar{action} eq 'login') {
    228228    # Snag ACL/permissions here too
    229     my $sth = $dbh->prepare("SELECT user_id,group_id,password,firstname,lastname FROM users WHERE username=?");
    230     $sth->execute($webvar{username});
    231 
    232     if (my ($uid,$gid,$pass,$fname,$lname) = $sth->fetchrow_array) {
    233       $webvar{password} = '' if !$webvar{password};
    234 
    235       if ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) {
    236         # native passwords (crypt-md5)
    237         $webvar{loginfailed} = 1 if $pass ne unix_md5_crypt($webvar{password},$1);
    238       } elsif ($pass =~ /^[0-9a-f]{32}$/) {
    239         # VegaDNS import (hex-coded MD5)
    240         $webvar{loginfailed} = 1 if $pass ne md5_hex($webvar{password});
    241       } else {
    242         # plaintext (convenient now and then)
    243         $webvar{loginfailed} = 1 if $pass ne $webvar{password};
    244       }
     229
     230#    my $sth = $dbh->prepare("SELECT user_id,group_id,password,firstname,lastname FROM users WHERE username=?");
     231#    $sth->execute($webvar{username});
     232#
     233#    if (my ($uid,$gid,$pass,$fname,$lname) = $sth->fetchrow_array) {
     234#      $webvar{password} = '' if !$webvar{password};
     235#
     236#      if ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) {
     237#        # native passwords (crypt-md5)
     238#        $webvar{loginfailed} = 1 if $pass ne unix_md5_crypt($webvar{password},$1);
     239#      } elsif ($pass =~ /^[0-9a-f]{32}$/) {
     240#        # VegaDNS import (hex-coded MD5)
     241#        $webvar{loginfailed} = 1 if $pass ne md5_hex($webvar{password});
     242#      } else {
     243#        # plaintext (convenient now and then)
     244#        $webvar{loginfailed} = 1 if $pass ne $webvar{password};
     245#      }
     246
     247    my $userdata = login($dbh, $webvar{username}, $webvar{password});
     248
     249    if ($userdata) {
    245250
    246251      # set session bits
    247       $session->param('logingroup',$gid);
    248       $session->param('curgroup',$gid);
    249       $session->param('uid',$uid);
    250       $session->param('username',$webvar{username});
    251 
    252       changepage(page => "domlist") if !defined($webvar{loginfailed});
     252      $session->param('logingroup',$userdata->{group_id});
     253      $session->param('curgroup',$userdata->{group_id});
     254      $session->param('uid',$userdata->{user_id});
     255      $session->param('username',$userdata->{username});
     256
     257      changepage(page => "domlist");
    253258
    254259    } else {
     
    298303} # handle global webvar{action}s
    299304
    300 initPermissions($dbh,$session->param('uid'));
     305# Misc Things To Do on most pages
     306initPermissions($dbh, $session->param('uid'));
     307initActionLog($dbh, $session->param('uid'));
    301308
    302309$page->param(sid => $sid) unless $webvar{page} eq 'login';      # no session ID on the login page
Note: See TracChangeset for help on using the changeset viewer.