diff options
| author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-10-09 18:13:09 +0000 |
|---|---|---|
| committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-10-09 18:13:09 +0000 |
| commit | 39833937998c0553f091605486d28472126ba006 (patch) | |
| tree | f5b6328f779bc519b9e992e0335e3701aeb5a466 /old-handler.pl | |
| parent | c6b130848fe872e6da137c94e1990413a12401b0 (diff) | |
More authentication fixes
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1728 4979c152-3d1c-0410-bac9-87ea11338e46
Diffstat (limited to 'old-handler.pl')
| -rwxr-xr-x | old-handler.pl | 56 |
1 files changed, 16 insertions, 40 deletions
diff --git a/old-handler.pl b/old-handler.pl index 3b98cb0d..176789a4 100755 --- a/old-handler.pl +++ b/old-handler.pl @@ -99,13 +99,8 @@ $SIG{__DIE__} = # $form->error(__FILE__.':'.__LINE__.': '.$locale->text('System currently down for maintenance!')); #} -&check_password; # grab user config. This is ugly and unecessary if/when -# we get rid of myconfig and use User as a real object -%myconfig = %{ LedgerSMB::User->fetch_config( $form->{login} ) }; -$locale = LedgerSMB::Locale->get_handle( $myconfig{countrycode} ) - or $form->error( __FILE__ . ':' . __LINE__ . ": Locale not loaded: $!\n" ); # locale messages #$form->{charset} = $locale->encoding; @@ -124,7 +119,12 @@ map { $form->{$_} = $myconfig{$_} } qw(stylesheet timeout) unless ( $form->{type} eq 'preferences' ); $form->db_init( \%myconfig ); +&check_password; +# we get rid of myconfig and use User as a real object +%myconfig = %{ LedgerSMB::User->fetch_config( $form ) }; +$locale = LedgerSMB::Locale->get_handle( $myconfig{countrycode} ) + or $form->error( __FILE__ . ':' . __LINE__ . ": Locale not loaded: $!\n" ); # pull in the main code require "bin/$form->{script}"; @@ -161,46 +161,22 @@ else { sub check_password { require "bin/pw.pl"; + if ( $ENV{GATEWAY_INTERFACE} ) { + $ENV{HTTP_COOKIE} =~ s/;\s*/;/g; + @cookies = split /;/, $ENV{HTTP_COOKIE}; + foreach (@cookies) { + ( $name, $value ) = split /=/, $_, 2; + $cookie{$name} = $value; + } - if ( $form->{password} ) { - if ( - !Session::password_check( - $form, $form->{login}, $form->{password} - ) - ) - { - if ( $ENV{GATEWAY_INTERFACE} ) { - &getpassword; - } - else { - $form->error( __FILE__ . ':' . __LINE__ . ': ' - . $locale->text('Access Denied!') ); - } + #check for valid session + if ( !Session::session_check( $cookie{"LedgerSMB"}, $form ) ) { + &getpassword(1); exit; } - else { - Session::session_create($form); - } - } else { - if ( $ENV{GATEWAY_INTERFACE} ) { - $ENV{HTTP_COOKIE} =~ s/;\s*/;/g; - @cookies = split /;/, $ENV{HTTP_COOKIE}; - foreach (@cookies) { - ( $name, $value ) = split /=/, $_, 2; - $cookie{$name} = $value; - } - - #check for valid session - if ( !Session::session_check( $cookie{"LedgerSMB"}, $form ) ) { - &getpassword(1); - exit; - } - } - else { - exit; - } + exit; } } |