summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CONTRIBUTORS7
-rwxr-xr-xSL2LS.pl15
-rw-r--r--TODO58
-rwxr-xr-xadmin.pl4
-rwxr-xr-xbin/lynx/admin.pl74
-rwxr-xr-xbin/lynx/login.pl12
-rwxr-xr-xbin/lynx/menu.pl8
-rwxr-xr-xbin/mozilla/admin.pl8
-rwxr-xr-xbin/mozilla/login.pl8
-rwxr-xr-xlogin.pl4
-rwxr-xr-xmenu.pl3
11 files changed, 142 insertions, 59 deletions
diff --git a/CONTRIBUTORS b/CONTRIBUTORS
new file mode 100644
index 00000000..c1796a9b
--- /dev/null
+++ b/CONTRIBUTORS
@@ -0,0 +1,7 @@
+Copyright of individual lines of code may be owned in part by the contributors.
+
+Dieter Simader <dsimader@sql-ledger.com>
+Chris Travers <chris@metatrontech.com>
+Christopher Murtagh <chris.murtagh@gmail.com>
+Christopher Browne <cbrowne@acm.org>
+Tony Fraser <tony@sybaspace.com>
diff --git a/SL2LS.pl b/SL2LS.pl
new file mode 100755
index 00000000..4824d2c6
--- /dev/null
+++ b/SL2LS.pl
@@ -0,0 +1,15 @@
+#!/usr/bin/perl
+
+# Simple script. Right now, all that needs to be done is that the SL directory
+# needs to be deleted and the sql-ledger.conf needs to be renamed.
+
+open (SL, "< sql-ledger.conf");
+open (LS, "> ledger-smb.conf");
+
+while ($line = <SL>){
+ print LS $line;
+}
+
+unlink sql-ledger.conf;
+
+#TODO: Move/Delete the SL directory
diff --git a/TODO b/TODO
new file mode 100644
index 00000000..571b7e1e
--- /dev/null
+++ b/TODO
@@ -0,0 +1,58 @@
+Near immediate items (release-delaying?). * indicates completed.
+- *project name
+- *revision control
+- *add not null constraint to acc_trans.chart_id
+- *Change acc_trans.amount to NUMERIC
+- *Update SL-Basic.tex tarball to be the new manual for LedgerSMB
+- *coding standard
+- *fix the session security problem in the main application
+- *Tightened browser caching rules so that the back button is no problem.
+- *hosting, Sourceforge import SVN (almost done)
+- *solve security problem for admin.pl (central db?) (Pending testing)
+ Suggest starting with a simple server-side cookie. Then when we
+ add authentication abstraction, this problem can be permanently
+ solved in a modular fashion.
+- * finish removing references to sql-ledger
+- write upgrade/crossgrade script from SL -> LedgerSMB
+ Database script is done. Just untar over the top?
+ If so, then this is done.
+- write press release
+- *write SL List announcement
+- SPI membership
+- *CONTRIBUTORS/AUTHORS file.
+- Delete setup.pl file for released versions. (not in SVN).
+- Test db upgrade
+
+Short term items
+- update setup.pl, which has a lot of SL specific code.
+- make utf-8 default
+- Add protection against duplicate id values.
+- Prevent printing without posting.
+- Add last cost field to laber/overhead creation screen.
+- drop lynx support? (no, not short term anyway)
+ I think it is better to abandon Lynx support than drop it.
+- drop Oracle support? (ibidem)
+ Oracle support is already largely abandoned. Not sure if we should
+ the code though...
+- code cleanup (move to established coding standards, not structural yet)
+- xhtml compliant code
+- attract developers/documentation
+- central default database (maybe authentication abstraction here?)
+- Integrate a sales data report.
+- Batch printing for cheques.
+- Bundle script for generating email reports when parts are low.
+- Fix reconcilliation summary report.
+- Remove Dieter's sessionid timestamp since it serves no purpose.
+- authentication abstraction for Kerberos, LDAP authentication, and the like.
+- Authentication module for PostgreSQL databases.
+
+Medium-longer term
+- Port SL-POS functionality into the fork.
+- published API
+- Command-line wrapper that is easy to use....
+- SOAP or HTTP based interfaces (OpenLedger?)
+- Credit Card Processing
+- Tighten up integrity controls in schema by replacing the insert/update with
+ a single insert and adding foreign keys.
+- Fix printing for Windows.
+- Portable Data Terminal integration.
diff --git a/admin.pl b/admin.pl
index b747d65b..03b0d370 100755
--- a/admin.pl
+++ b/admin.pl
@@ -2,10 +2,8 @@
#
######################################################################
# LedgerSMB Accounting and ERP
-# Copyright (C) 2001
+# Copyright (C) 2006
#
-# Author: Dieter Simader
-# Email: dsimader@sql-ledger.org
# Web: http://sourceforge.net/projects/ledger-smb/
#
# Contributors:
diff --git a/bin/lynx/admin.pl b/bin/lynx/admin.pl
index ac422b8f..114c0f69 100755
--- a/bin/lynx/admin.pl
+++ b/bin/lynx/admin.pl
@@ -1,23 +1,12 @@
#=====================================================================
-# LedgerSMB Small Medium Business Accounting
-# Copyright (c) 2002
-#
-# Author: DWS Systems Inc.
-# Web: http://sourceforge.net/projects/ledger-smb/
-#
+# LedgerSMB
+# Small Medium Business Accounting software
+#
+# See COPYRIGHT file for copyright information
+#======================================================================
#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
+# This file has NOT undergone whitespace cleanup.
#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#======================================================================
#
# setup module
@@ -27,8 +16,8 @@
$menufile = "menu.ini";
-use SL::Form;
-use SL::User;
+use LedgerSMB::Form;
+use LedgerSMB::User;
$form = new Form;
@@ -39,7 +28,7 @@ $form->{charset} = $locale->{charset};
eval { require DBI; };
$form->error($locale->text('DBI not installed!')) if ($@);
-$form->{stylesheet} = "sql-ledger.css";
+$form->{stylesheet} = "ledger-smb.css";
$form->{favicon} = "favicon.ico";
$form->{timeout} = 600;
@@ -66,7 +55,7 @@ if ($form->{action}) {
# create memberfile
if (! -f $memberfile) {
open(FH, ">$memberfile") or $form->error("$memberfile : $!");
- print FH qq|# LedgerSMB Small Medium Business Accounting members
+ print FH qq|# LedgerSMB Accounting members
[root login]
password=
@@ -102,7 +91,7 @@ function sf(){
<div align=center>
-<a href="http://sourceforge.net/projects/ledger-smb/"><img src=ledger-smb.png border=0></a>
+<a href="http://sourceforge.net/projects/ledger-smb/"><img src="ledger-smb.png" width="200" height="100" border="0"></a>
<h1 class=login>|.$locale->text('Version').qq| $form->{version}<p>|.$locale->text('Administration').qq|</h1>
<form method=post action="$form->{script}" name=admin>
@@ -119,7 +108,7 @@ function sf(){
</form>
-<a href=http://sourceforge.net/projects/ledger-smb/>LedgerSMB |.$locale->text('website').qq|</a>
+<a href="http://sourceforge.net/projects/ledger-smb/">LedgerSMB |.$locale->text('website').qq|</a>
</div>
@@ -140,6 +129,8 @@ sub login {
sub logout {
$form->{callback} = "$form->{script}?path=$form->{path}&endsession=1";
+ unlink "$userspath/adminhash";
+ print qq|Set-Cookie: LedgerSMB=; path=/;\n|;
$form->redirect($locale->text('You are logged out'));
}
@@ -153,8 +144,8 @@ sub add_user {
$form->{Oracle_dbport} = '1521';
$form->{Oracle_dbhost} = `hostname`;
- if (-f "css/sql-ledger.css") {
- $myconfig->{stylesheet} = "sql-ledger.css";
+ if (-f "css/ledger-smb.css") {
+ $myconfig->{stylesheet} = "ledger-smb.css";
}
$myconfig->{vclimit} = 1000;
$myconfig->{menuwidth} = 155;
@@ -1036,9 +1027,16 @@ sub change_password {
}
+sub get_hash {
+ use Digest::MD5;
+ $form->{hash} = Digest::MD5::md5_hex rand();
+
+}
sub check_password {
+
+
$root = new User "$memberfile", "root login";
if ($root->{password}) {
@@ -1050,12 +1048,29 @@ sub check_password {
&getpassword;
exit;
}
+
+ &get_hash;
+
+ open(HASHFILE, "> $userspath/adminhash")
+ || $form->error("Can't Open Hashfile: $!");
+ print HASHFILE $form->{hash};
+
+ print qq|Set-Cookie: LedgerSMB=$form->{hash}; path=/;\n|;
+
} else {
if ($ENV{HTTP_USER_AGENT}) {
$ENV{HTTP_COOKIE} =~ s/;\s*/;/g;
- %cookie = split /[=;]/, $ENV{HTTP_COOKIE};
- $cookie = ($form->{path} eq 'bin/lynx') ? $cookie{login} : $cookie{"SQL-Ledger-root login"};
- if (! $cookie || $cookie ne $form->{sessionid}) {
+ %cookie = split /[=;]/, $ENV{HTTP_COOKIE}; # Changeme to %cookies
+ $cookie = ($form->{path} eq 'bin/lynx') ? $cookie{login} : $cookie{"LedgerSMB-root login"};
+
+ open (HASHFILE, "< $userspath/adminhash") || $form->error("Can't Open Hashfile: $!");
+
+ chomp($form->{hash} = <HASHFILE>);
+
+ %cookies = split /[=;]/, $ENV{HTTP_COOKIE};
+
+ if (! $cookie || $cookie ne $form->{sessionid} ||
+ $form->{hash} ne $cookies{LedgerSMB}) {
&getpassword;
exit;
}
@@ -1094,7 +1109,7 @@ sub dbdriver_defaults {
# load some defaults for the selected driver
%driverdefaults = ( 'Pg' => { dbport => '',
- dbuser => 'sql-ledger',
+ dbuser => 'ledger-smb',
dbdefault => 'template1',
dbhost => '',
connectstring => $locale->text('Connect to')
@@ -1610,3 +1625,4 @@ sub lock_system {
}
+
diff --git a/bin/lynx/login.pl b/bin/lynx/login.pl
index b674b03f..fb2fe312 100755
--- a/bin/lynx/login.pl
+++ b/bin/lynx/login.pl
@@ -64,8 +64,8 @@ if ($form->{action}) {
sub login_screen {
- $form->{stylesheet} = "sql-ledger.css";
- $form->{favicon} = "sql-ledger.ico";
+ $form->{stylesheet} = "ledger-smb.css";
+ $form->{favicon} = "favicon.ico";
$form->{endsession} = 1;
$form->header(1);
@@ -154,8 +154,8 @@ $sf
sub selectdataset {
my ($login) = @_;
- if (-f "css/sql-ledger.css") {
- $form->{stylesheet} = "sql-ledger.css";
+ if (-f "css/ledger-smb.css") {
+ $form->{stylesheet} = "ledger-smb.css";
}
$form->header(1);
@@ -232,8 +232,8 @@ sub selectdataset {
sub login {
- $form->{stylesheet} = "sql-ledger.css";
- $form->{favicon} = "sql-ledger.ico";
+ $form->{stylesheet} = "ledger-smb.css";
+ $form->{favicon} = "favicon.ico";
$form->error($locale->text('You did not enter a name!')) unless ($form->{login});
diff --git a/bin/lynx/menu.pl b/bin/lynx/menu.pl
index 58d75511..d087bc1f 100755
--- a/bin/lynx/menu.pl
+++ b/bin/lynx/menu.pl
@@ -1,13 +1,7 @@
######################################################################
# LedgerSMB Small Medium Business Accounting
-# Copyright (c) 2000
+# Copyright (c) 2006
#
-# Author: Dieter Simader
-# Email: dsimader@sql-ledger.org
-# Web: http://sourceforge.net/projects/ledger-smb/
-#
-# Contributors: Christopher Browne <cbrowne@acm.org>
-# Tony Fraser <tony@sybaspace.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
diff --git a/bin/mozilla/admin.pl b/bin/mozilla/admin.pl
index e7021d5a..114c0f69 100755
--- a/bin/mozilla/admin.pl
+++ b/bin/mozilla/admin.pl
@@ -28,7 +28,7 @@ $form->{charset} = $locale->{charset};
eval { require DBI; };
$form->error($locale->text('DBI not installed!')) if ($@);
-$form->{stylesheet} = "sql-ledger.css";
+$form->{stylesheet} = "ledger-smb.css";
$form->{favicon} = "favicon.ico";
$form->{timeout} = 600;
@@ -144,8 +144,8 @@ sub add_user {
$form->{Oracle_dbport} = '1521';
$form->{Oracle_dbhost} = `hostname`;
- if (-f "css/sql-ledger.css") {
- $myconfig->{stylesheet} = "sql-ledger.css";
+ if (-f "css/ledger-smb.css") {
+ $myconfig->{stylesheet} = "ledger-smb.css";
}
$myconfig->{vclimit} = 1000;
$myconfig->{menuwidth} = 155;
@@ -1109,7 +1109,7 @@ sub dbdriver_defaults {
# load some defaults for the selected driver
%driverdefaults = ( 'Pg' => { dbport => '',
- dbuser => 'sql-ledger',
+ dbuser => 'ledger-smb',
dbdefault => 'template1',
dbhost => '',
connectstring => $locale->text('Connect to')
diff --git a/bin/mozilla/login.pl b/bin/mozilla/login.pl
index 3173b2b1..5f317d10 100755
--- a/bin/mozilla/login.pl
+++ b/bin/mozilla/login.pl
@@ -55,7 +55,7 @@ if ($form->{action}) {
sub login_screen {
- $form->{stylesheet} = "sql-ledger.css";
+ $form->{stylesheet} = "ledger-smb.css";
$form->{favicon} = "favicon.ico";
$form->{endsession} = 1;
@@ -136,8 +136,8 @@ sub login_screen {
sub selectdataset {
my ($login) = @_;
- if (-f "css/sql-ledger.css") {
- $form->{stylesheet} = "sql-ledger.css";
+ if (-f "css/ledger-smb.css") {
+ $form->{stylesheet} = "ledger-smb.css";
}
$form->header(1);
@@ -200,7 +200,7 @@ sub selectdataset {
sub login {
- $form->{stylesheet} = "sql-ledger.css";
+ $form->{stylesheet} = "ledger-smb.css";
$form->{favicon} = "favicon.ico";
$form->error($locale->text('You did not enter a name!')) unless ($form->{login});
diff --git a/login.pl b/login.pl
index 923775a5..a633a8a3 100755
--- a/login.pl
+++ b/login.pl
@@ -2,10 +2,8 @@
#
######################################################################
# LedgerSMB Accounting and ERP
-# Copyright (C) 2001
+# Copyright (C) 2006
#
-# Author: Dieter Simader
-# Email: dsimader@sql-ledger.org
# Web: http://sourceforge.net/projects/ledger-smb/
#
# Contributors:
diff --git a/menu.pl b/menu.pl
index a67d2737..6612d4be 100755
--- a/menu.pl
+++ b/menu.pl
@@ -4,9 +4,6 @@
# LedgerSMB Accounting and ERP
# Copyright (C) 2006
#
-# For Copyright information, see CONTRIBUTORS file
-#
-# Contributors:
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by