[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Koha-cvs] CVS: koha/C4 Auth.pm,NONE,1.9.2.1 Output.pm,1.6.2.12,1.6.2.13
From: |
Steve Tonnesen |
Subject: |
[Koha-cvs] CVS: koha/C4 Auth.pm,NONE,1.9.2.1 Output.pm,1.6.2.12,1.6.2.13 Reserves2.pm,1.5.2.4,1.5.2.5 Search.pm,1.18.2.5,1.18.2.6 |
Date: |
Thu, 11 Jul 2002 11:05:31 -0700 |
Update of /cvsroot/koha/koha/C4
In directory usw-pr-cvs1:/tmp/cvs-serv25579/C4
Modified Files:
Tag: rel-1-2
Output.pm Reserves2.pm Search.pm
Added Files:
Tag: rel-1-2
Auth.pm
Log Message:
Committing changes to add authentication and opac templating to rel-1-2 branch
--- NEW FILE ---
package C4::Auth;
use strict;
use Digest::MD5 qw(md5_base64);
require Exporter;
use C4::Database;
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
# set the version for version checking
$VERSION = 0.01;
@ISA = qw(Exporter);
@EXPORT = qw(
&checkauth
);
sub checkauth {
my $query=shift;
# $authnotrequired will be set for scripts which will run without
authentication
my $authnotrequired=shift;
if (my $userid=$ENV{'REMOTE_USERNAME'}) {
# Using Basic Authentication, no cookies required
my $cookie=$query->cookie(-name => 'sessionID',
-value => '',
-expires => '+1y');
return ($userid, $cookie, '');
}
my $sessionID=$query->cookie('sessionID');
my $message='';
my $dbh=C4Connect();
my $sth=$dbh->prepare("select userid,ip,lasttime from sessions where
sessionid=?");
$sth->execute($sessionID);
if ($sth->rows) {
my ($userid, $ip, $lasttime) = $sth->fetchrow;
if ($lasttime<time()-45 && $userid ne 'tonnesen') {
# timed logout
$message="You have been logged out due to inactivity.";
my $sti=$dbh->prepare("delete from sessions where sessionID=?");
$sti->execute($sessionID);
my $scriptname=$ENV{'SCRIPT_NAME'};
my $selfurl=$query->self_url();
$sti=$dbh->prepare("insert into sessionqueries (sessionID, userid,
value) values (?, ?, ?)");
$sti->execute($sessionID, $userid, $selfurl);
open L, ">>/tmp/sessionlog";
my $time=localtime(time());
printf L "%20s from %16s logged out at %30s (inactivity).\n",
$userid, $ip, $time;
close L;
} elsif ($ip ne $ENV{'REMOTE_ADDR'}) {
# Different ip than originally logged in from
my $newip=$ENV{'REMOTE_ADDR'};
$message="ERROR ERROR ERROR ERROR<br>Attempt to re-use a cookie
from a different ip address.<br>(authenticated from $ip, this request from
$newip)";
} else {
my $cookie=$query->cookie(-name => 'sessionID',
-value => $sessionID,
-expires => '+1y');
my $sti=$dbh->prepare("update sessions set lasttime=? where
sessionID=?");
$sti->execute(time(), $sessionID);
return ($userid, $cookie, $sessionID);
}
}
if ($authnotrequired) {
my $cookie=$query->cookie(-name => 'sessionID',
-value => '',
-expires => '+1y');
return('', $cookie, '');
} else {
($sessionID) || ($sessionID=int(rand()*100000).'-'.time());
my $userid=$query->param('userid');
my $password=$query->param('password');
if (checkpw($dbh, $userid, $password)) {
my $sti=$dbh->prepare("delete from sessions where sessionID=? and
userid=?");
$sti->execute($sessionID, $userid);
$sti=$dbh->prepare("insert into sessions (sessionID, userid,
ip,lasttime) values (?, ?, ?, ?)");
$sti->execute($sessionID, $userid, $ENV{'REMOTE_ADDR'}, time());
$sti=$dbh->prepare("select value from sessionqueries where
sessionID=? and userid=?");
$sti->execute($sessionID, $userid);
if ($sti->rows) {
my $stj=$dbh->prepare("delete from sessionqueries where
sessionID=?");
$stj->execute($sessionID);
my ($selfurl) = $sti->fetchrow;
print $query->redirect($selfurl);
exit;
}
open L, ">>/tmp/sessionlog";
my $time=localtime(time());
printf L "%20s from %16s logged in at %30s.\n", $userid,
$ENV{'REMOTE_ADDR'}, $time;
close L;
my $cookie=$query->cookie(-name => 'sessionID',
-value => $sessionID,
-expires => '+1y');
return ($userid, $cookie, $sessionID);
} else {
if ($userid) {
$message="Invalid userid or password entered.";
}
my $parameters;
foreach (param $query) {
$parameters->{$_}=$query->{$_};
}
my $cookie=$query->cookie(-name => 'sessionID',
-value => $sessionID,
-expires => '+1y');
print $query->header(-cookie=>$cookie);
print qq|
<html>
<body background=/images/kohaback.jpg>
<center>
<h2>$message</h2>
<form method=post>
<table border=0 cellpadding=10 cellspacing=0 width=60%>
<tr><td align=center valign=top>
<table border=0 bgcolor=#dddddd cellpadding=10 cellspacing=0>
<tr><th colspan=2 background=/images/background-mem.gif><font size=+2>Koha
Login</font></th></tr>
<tr><td>Name:</td><td><input name=userid></td></tr>
<tr><td>Password:</td><td><input type=password name=password></td></tr>
<tr><td colspan=2 align=center><input type=submit value=login></td></tr>
</table>
</td><td align=center valign=top>
<table border=0 bgcolor=#dddddd cellpadding=10 cellspacing=0>
<tr><th background=/images/background-mem.gif><font size=+2>Demo
Information</font></th></tr>
<td>
Log in as librarian/koha or patron/koha. The timeout is set to 40 seconds
of
inactivity for the purposes of this demo. You can navigate to the
Circulation
or Acquisitions modules and you should see an indicator in the upper left of
the screen saying who you are logged in as. If you want to try it out with
a longer timout period, log in as tonnesen/koha and there will be no
timeout period.
<p>
You can also log in using a patron cardnumber. Try V10000008 and
V1000002X with password koha.
</td>
</tr>
</table>
</td></tr>
</table>
</form>
</body>
</html>
|;
exit;
}
}
}
sub checkpw {
# This should be modified to allow a select of authentication schemes (ie LDAP)
# as well as local authentication through the borrowers tables passwd field
#
my ($dbh, $userid, $password) = @_;
my $sth=$dbh->prepare("select password from borrowers where userid=?");
$sth->execute($userid);
if ($sth->rows) {
my ($md5password) = $sth->fetchrow;
if (md5_base64($password) eq $md5password) {
return 1;
}
}
my $sth=$dbh->prepare("select password from borrowers where cardnumber=?");
$sth->execute($userid);
if ($sth->rows) {
my ($md5password) = $sth->fetchrow;
if (md5_base64($password) eq $md5password) {
return 1;
}
}
return 0;
}
END { } # module clean-up code here (global destructor)
Index: Output.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Output.pm,v
retrieving revision 1.6.2.12
retrieving revision 1.6.2.13
diff -C2 -r1.6.2.12 -r1.6.2.13
*** Output.pm 3 Jul 2002 12:41:34 -0000 1.6.2.12
--- Output.pm 11 Jul 2002 18:05:29 -0000 1.6.2.13
***************
*** 25,28 ****
--- 25,29 ----
&gotopage &mkformnotable &mkform3
&getkeytableselectoptions
+ &picktemplate
);
%EXPORT_TAGS = ( ); # eg: TAG => [ qw!name1 name2! ],
***************
*** 75,78 ****
--- 76,105 ----
# make all your functions, whether exported or not;
+
+ sub picktemplate {
+ my ($includes, $base) = @_;
+ my $dbh=C4Connect;
+ my $templates;
+ opendir (D, "$includes/templates");
+ my @dirlist=readdir D;
+ foreach (@dirlist) {
+ (next) if (/^\./);
+ #(next) unless (/\.tmpl$/);
+ (next) unless (-e "$includes/templates/$_/$base");
+ $templates->{$_}=1;
+ }
+ my $sth=$dbh->prepare("select value from systempreferences where
+ variable='template'");
+ $sth->execute;
+ my ($preftemplate) = $sth->fetchrow;
+ $sth->finish;
+ $dbh->disconnect;
+ if ($templates->{$preftemplate}) {
+ return $preftemplate;
+ } else {
+ return 'default';
+ }
+
+ }
sub startpage() {
Index: Reserves2.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Reserves2.pm,v
retrieving revision 1.5.2.4
retrieving revision 1.5.2.5
diff -C2 -r1.5.2.4 -r1.5.2.5
*** Reserves2.pm 2 Jul 2002 22:25:07 -0000 1.5.2.4
--- Reserves2.pm 11 Jul 2002 18:05:29 -0000 1.5.2.5
***************
*** 13,18 ****
@ISA = qw(Exporter);
! @EXPORT = qw(&FindReserves &CreateReserve &updatereserves &getreservetitle
&Findgroupreserve);
!
# make all your functions, whether exported or not;
--- 13,18 ----
@ISA = qw(Exporter);
! @EXPORT = qw(&FindReserves &CheckReserves &CheckWaiting &CancelReserve
&FillReserve &ReserveWaiting &CreateReserve &updatereserves &getreservetitle
&Findgroupreserve);
!
# make all your functions, whether exported or not;
***************
*** 23,27 ****
FROM reserves,borrowers,biblio ";
if ($bib ne ''){
! if ($bor ne ''){
$query .= " where reserves.biblionumber = $bib
and borrowers.borrowernumber = $bor
--- 23,29 ----
FROM reserves,borrowers,biblio ";
if ($bib ne ''){
! $bib = $dbh->quote($bib);
! if ($bor ne ''){
! $bor = $dbh->quote($bor);
$query .= " where reserves.biblionumber = $bib
and borrowers.borrowernumber = $bor
***************
*** 59,62 ****
--- 61,246 ----
}
+ sub CheckReserves {
+ my ($item) = @_;
+ my $dbh=C4Connect;
+ my $qitem=$dbh->quote($item);
+ # get the biblionumber...
+ my $sth=$dbh->prepare("select biblionumber, biblioitemnumber from items
where itemnumber=$qitem");
+ $sth->execute;
+ my ($biblio, $bibitem) = $sth->fetchrow_array;
+ $sth->finish;
+ $dbh->disconnect;
+ # get the reserves...
+ my ($count, @reserves) = Findgroupreserve($bibitem, $biblio);
+ my $priority = 10000000;
+ my $highest;
+ if ($count) {
+ foreach my $res (@reserves) {
+ if ($res->{'itemnumber'} == $item) {
+ return ("Waiting", $res);
+ } else {
+ if ($res->{'priority'} < $priority) {
+ $priority = $res->{'priority'};
+ $highest = $res;
+ }
+ }
+ }
+ $highest->{'itemnumber'} = $item;
+ return ("Reserved", $highest);
+ } else {
+ return (0, 0);
+ }
+ }
+
+ sub CancelReserve {
+ my ($biblio, $item, $borr) = @_;
+ my $dbh=C4Connect;
+ warn "In CancelReserve";
+ if (($item and $borr) and (not $biblio)) {
+ # removing a waiting reserve record....
+ $item = $dbh->quote($item);
+ $borr = $dbh->quote($borr);
+ # update the database...
+ my $query = "update reserves set cancellationdate = now(),
+ found = Null,
+ priority = 0
+ where itemnumber = $item
+ and borrowernumber = $borr";
+ my $sth = $dbh->prepare($query);
+ $sth->execute;
+ $sth->finish;
+ }
+ if (($biblio and $borr) and (not $item)) {
+ # removing a reserve record....
+ my $q_biblio = $dbh->quote($biblio);
+ $borr = $dbh->quote($borr);
+ # fix up the priorities on the other records....
+ my $query = "SELECT priority FROM reserves
+ WHERE biblionumber = $q_biblio
+ AND borrowernumber = $borr
+ AND cancellationdate is NULL
+ AND (found <> 'F' or found is NULL)";
+ my $sth=$dbh->prepare($query);
+ $sth->execute;
+ my ($priority) = $sth->fetchrow_array;
+ $sth->finish;
+ # update the database, removing the record...
+ my $query = "update reserves set cancellationdate = now(),
+ found = Null,
+ priority = 0
+ where biblionumber = $q_biblio
+ and borrowernumber = $borr
+ and cancellationdate is NULL
+ and (found <> 'F' or found is NULL)";
+ my $sth = $dbh->prepare($query);
+ $sth->execute;
+ $sth->finish;
+ # now fix the priority on the others....
+ fixpriority($priority, $biblio);
+ }
+ $dbh->disconnect;
+ }
+
+
+ sub FillReserve {
+ my ($res) = @_;
+ my $dbh=C4Connect;
+ # removing a waiting reserve record....
+ my $biblio = $res->{'biblionumber'}; my $qbiblio = $dbh->quote($biblio);
+ my $borr = $res->{'borrowernumber'}; $borr = $dbh->quote($borr);
+ my $resdate = $res->{'reservedate'}; $resdate = $dbh->quote($resdate);
+ # update the database...
+ my $query = "UPDATE reserves SET found = 'F',
+ priority = 0
+ WHERE biblionumber = $qbiblio
+ AND reservedate = $resdate
+ AND borrowernumber = $borr";
+ my $sth = $dbh->prepare($query);
+ $sth->execute;
+ $sth->finish;
+ $dbh->disconnect;
+ # now fix the priority on the others....
+ fixpriority($res->{'priority'}, $biblio);
+ }
+
+ sub fixpriority {
+ my ($priority, $biblio) = @_;
+ my $dbh = C4Connect;
+ my ($count, $reserves) = FindReserves($biblio);
+ foreach my $rec (@$reserves) {
+ if ($rec->{'priority'} > $priority) {
+ my $newpr = $rec->{'priority'}; $newpr = $dbh->quote($newpr -
1);
+ my $nbib = $rec->{'biblionumber'}; $nbib = $dbh->quote($nbib);
+ my $nbor = $rec->{'borrowernumber'}; $nbor = $dbh->quote($nbor);
+ my $nresd = $rec->{'reservedate'}; $nresd = $dbh->quote($nresd);
+ my $query = "UPDATE reserves SET priority = $newpr
+ WHERE biblionumber = $nbib
+ AND borrowernumber = $nbor
+ AND reservedate = $nresd";
+ warn $query;
+ my $sth = $dbh->prepare($query);
+ $sth->execute;
+ $sth->finish;
+ }
+ }
+ $dbh->disconnect;
+ }
+
+
+
+ sub ReserveWaiting {
+ my ($item, $borr) = @_;
+ my $dbh = C4Connect;
+ $item = $dbh->quote($item);
+ $borr = $dbh->quote($borr);
+ # get priority and biblionumber....
+ my $query = "SELECT reserves.priority as priority,
+ reserves.biblionumber as biblionumber,
+ reserves.branchcode as branchcode
+ FROM reserves,items
+ WHERE reserves.biblionumber = items.biblionumber
+ AND items.itemnumber = $item
+ AND reserves.borrowernumber = $borr
+ AND reserves.cancellationdate is NULL
+ AND (reserves.found <> 'F' or reserves.found is NULL)";
+ my $sth = $dbh->prepare($query);
+ $sth->execute;
+ my $data = $sth->fetchrow_hashref;
+ $sth->finish;
+ my $biblio = $data->{'biblionumber'};
+ my $q_biblio = $dbh->quote($biblio);
+ # update reserves record....
+ $query = "UPDATE reserves SET priority = 0, found = 'W', itemnumber =
$item
+ WHERE borrowernumber = $borr AND biblionumber =
$q_biblio";
+ $sth = $dbh->prepare($query);
+ $sth->execute;
+ $sth->finish;
+ $dbh->disconnect;
+ # now fix up the remaining priorities....
+ fixpriority($data->{'priority'}, $biblio);
+ my $branchcode = $data->{'branchcode'};
+ return $branchcode;
+ }
+
+ sub CheckWaiting {
+ my ($borr)address@hidden;
+ my $dbh = C4Connect;
+ $borr = $dbh->quote($borr);
+ my @itemswaiting;
+ my $query = "SELECT * FROM reserves
+ WHERE borrowernumber = $borr
+ AND reserves.found = 'W'
+ AND cancellationdate is NULL";
+ my $sth = $dbh->prepare($query);
+ $sth->execute();
+ my $cnt=0;
+ if (my $data=$sth->fetchrow_hashref) {
+ @itemswaiting[$cnt] =$data;
+ $cnt ++;
+ }
+ $sth->finish;
+ return ($cnt,address@hidden);
+ }
+
sub Findgroupreserve {
my ($bibitem,$biblio)address@hidden;
***************
*** 83,87 ****
AND reserves.cancellationdate is NULL
AND (reserves.found <> 'F' or reserves.found is NULL)";
- # print $query;
my $sth=$dbh->prepare($query);
$sth->execute;
--- 267,270 ----
Index: Search.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Search.pm,v
retrieving revision 1.18.2.5
retrieving revision 1.18.2.6
diff -C2 -r1.18.2.5 -r1.18.2.6
*** Search.pm 28 Jun 2002 08:38:48 -0000 1.18.2.5
--- Search.pm 11 Jul 2002 18:05:29 -0000 1.18.2.6
***************
*** 19,24 ****
&getboracctrecord &ItemType &itemissues &subject &subtitle
&addauthor &bibitems &barcodes &findguarantees &allissues &systemprefs
! &findguarantor &branchname);
!
sub findguarantees{
my ($bornum)address@hidden;
--- 19,24 ----
&getboracctrecord &ItemType &itemissues &subject &subtitle
&addauthor &bibitems &barcodes &findguarantees &allissues &systemprefs
! &findguarantor &getwebsites &getwebbiblioitems &catalogsearch &itemcount2
&branchname);
[...968 lines suppressed...]
+ This module provides the searching facilities for the Catalog.
+ Here I should go through and document each function thats exported and what
it does. But I havent yet.
+
+ my ($count,@results)=catalogsearch($env,$type,$search,$num,$offset);
+ This is a front end to all the other searches, depending on what is passed
+ to it, it calls the appropriate search
+
+ =head2 EXPORT
+
+ catalogsearch
+ =head1 AUTHOR
+ Koha Developement team <address@hidden>
+ =head1 SEE ALSO
+ L<perl>.
+ =cut
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Koha-cvs] CVS: koha/C4 Auth.pm,NONE,1.9.2.1 Output.pm,1.6.2.12,1.6.2.13 Reserves2.pm,1.5.2.4,1.5.2.5 Search.pm,1.18.2.5,1.18.2.6,
Steve Tonnesen <=
- Prev by Date:
[Koha-cvs] CVS: koha/admin templates.pl,NONE,1.1.2.1 z3950servers.pl,NONE,1.1.2.1
- Next by Date:
[Koha-cvs] CVS: koha admin-home.pl,NONE,1.1.2.1 catalogue-home.pl,NONE,1.1.2.1 logout.pl,NONE,1.2.2.1 mainpage.pl,NONE,1.1.2.1 member-password.pl,NONE,1.1.2.1 members-home.pl,NONE,1.1.2.1 reports-home.pl,NONE,1.1.2.1 detail.pl,1.3.2.2,1.3.2.3 memberentry.pl,1.6.2.2,1.6.2.3 moredetail.pl,1.4.2.1,1.4.2.2 moremember.pl,1.11.2.2,1.11.2.3 search.pl,1.6.2.8,1.6.2.9 shelves.pl,1.2.2.1,1.2.2.2
- Previous by thread:
[Koha-cvs] CVS: koha/admin templates.pl,NONE,1.1.2.1 z3950servers.pl,NONE,1.1.2.1
- Next by thread:
[Koha-cvs] CVS: koha admin-home.pl,NONE,1.1.2.1 catalogue-home.pl,NONE,1.1.2.1 logout.pl,NONE,1.2.2.1 mainpage.pl,NONE,1.1.2.1 member-password.pl,NONE,1.1.2.1 members-home.pl,NONE,1.1.2.1 reports-home.pl,NONE,1.1.2.1 detail.pl,1.3.2.2,1.3.2.3 memberentry.pl,1.6.2.2,1.6.2.3 moredetail.pl,1.4.2.1,1.4.2.2 moremember.pl,1.11.2.2,1.11.2.3 search.pl,1.6.2.8,1.6.2.9 shelves.pl,1.2.2.1,1.2.2.2
- Index(es):