diff options
| -rw-r--r-- | CONTRIBUTORS | 7 | ||||
| -rwxr-xr-x | SL2LS.pl | 15 | ||||
| -rw-r--r-- | TODO | 58 | ||||
| -rwxr-xr-x | admin.pl | 4 | ||||
| -rwxr-xr-x | bin/lynx/admin.pl | 74 | ||||
| -rwxr-xr-x | bin/lynx/login.pl | 12 | ||||
| -rwxr-xr-x | bin/lynx/menu.pl | 8 | ||||
| -rwxr-xr-x | bin/mozilla/admin.pl | 8 | ||||
| -rwxr-xr-x | bin/mozilla/login.pl | 8 | ||||
| -rwxr-xr-x | login.pl | 4 | ||||
| -rwxr-xr-x | menu.pl | 3 |
11 files changed, 142 insertions, 59 deletions
diff --git a/CONTRIBUTORS b/CONTRIBUTORS new file mode 100644 index 00000000..c1796a9b --- /dev/null +++ b/CONTRIBUTORS @@ -0,0 +1,7 @@ +Copyright of individual lines of code may be owned in part by the contributors. + +Dieter Simader <dsimader@sql-ledger.com> +Chris Travers <chris@metatrontech.com> +Christopher Murtagh <chris.murtagh@gmail.com> +Christopher Browne <cbrowne@acm.org> +Tony Fraser <tony@sybaspace.com> diff --git a/SL2LS.pl b/SL2LS.pl new file mode 100755 index 00000000..4824d2c6 --- /dev/null +++ b/SL2LS.pl @@ -0,0 +1,15 @@ +#!/usr/bin/perl + +# Simple script. Right now, all that needs to be done is that the SL directory +# needs to be deleted and the sql-ledger.conf needs to be renamed. + +open (SL, "< sql-ledger.conf"); +open (LS, "> ledger-smb.conf"); + +while ($line = <SL>){ + print LS $line; +} + +unlink sql-ledger.conf; + +#TODO: Move/Delete the SL directory @@ -0,0 +1,58 @@ +Near immediate items (release-delaying?). * indicates completed. +- *project name +- *revision control +- *add not null constraint to acc_trans.chart_id +- *Change acc_trans.amount to NUMERIC +- *Update SL-Basic.tex tarball to be the new manual for LedgerSMB +- *coding standard +- *fix the session security problem in the main application +- *Tightened browser caching rules so that the back button is no problem. +- *hosting, Sourceforge import SVN (almost done) +- *solve security problem for admin.pl (central db?) (Pending testing) + Suggest starting with a simple server-side cookie. Then when we + add authentication abstraction, this problem can be permanently + solved in a modular fashion. +- * finish removing references to sql-ledger +- write upgrade/crossgrade script from SL -> LedgerSMB + Database script is done. Just untar over the top? + If so, then this is done. +- write press release +- *write SL List announcement +- SPI membership +- *CONTRIBUTORS/AUTHORS file. +- Delete setup.pl file for released versions. (not in SVN). +- Test db upgrade + +Short term items +- update setup.pl, which has a lot of SL specific code. +- make utf-8 default +- Add protection against duplicate id values. +- Prevent printing without posting. +- Add last cost field to laber/overhead creation screen. +- drop lynx support? (no, not short term anyway) + I think it is better to abandon Lynx support than drop it. +- drop Oracle support? (ibidem) + Oracle support is already largely abandoned. Not sure if we should + the code though... +- code cleanup (move to established coding standards, not structural yet) +- xhtml compliant code +- attract developers/documentation +- central default database (maybe authentication abstraction here?) +- Integrate a sales data report. +- Batch printing for cheques. +- Bundle script for generating email reports when parts are low. +- Fix reconcilliation summary report. +- Remove Dieter's sessionid timestamp since it serves no purpose. +- authentication abstraction for Kerberos, LDAP authentication, and the like. +- Authentication module for PostgreSQL databases. + +Medium-longer term +- Port SL-POS functionality into the fork. +- published API +- Command-line wrapper that is easy to use.... +- SOAP or HTTP based interfaces (OpenLedger?) +- Credit Card Processing +- Tighten up integrity controls in schema by replacing the insert/update with + a single insert and adding foreign keys. +- Fix printing for Windows. +- Portable Data Terminal integration. @@ -2,10 +2,8 @@ # ###################################################################### # LedgerSMB Accounting and ERP -# Copyright (C) 2001 +# Copyright (C) 2006 # -# Author: Dieter Simader -# Email: dsimader@sql-ledger.org # Web: http://sourceforge.net/projects/ledger-smb/ # # Contributors: diff --git a/bin/lynx/admin.pl b/bin/lynx/admin.pl index ac422b8f..114c0f69 100755 --- a/bin/lynx/admin.pl +++ b/bin/lynx/admin.pl @@ -1,23 +1,12 @@ #===================================================================== -# LedgerSMB Small Medium Business Accounting -# Copyright (c) 2002 -# -# Author: DWS Systems Inc. -# Web: http://sourceforge.net/projects/ledger-smb/ -# +# LedgerSMB +# Small Medium Business Accounting software +# +# See COPYRIGHT file for copyright information +#====================================================================== # -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. +# This file has NOT undergone whitespace cleanup. # -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. #====================================================================== # # setup module @@ -27,8 +16,8 @@ $menufile = "menu.ini"; -use SL::Form; -use SL::User; +use LedgerSMB::Form; +use LedgerSMB::User; $form = new Form; @@ -39,7 +28,7 @@ $form->{charset} = $locale->{charset}; eval { require DBI; }; $form->error($locale->text('DBI not installed!')) if ($@); -$form->{stylesheet} = "sql-ledger.css"; +$form->{stylesheet} = "ledger-smb.css"; $form->{favicon} = "favicon.ico"; $form->{timeout} = 600; @@ -66,7 +55,7 @@ if ($form->{action}) { # create memberfile if (! -f $memberfile) { open(FH, ">$memberfile") or $form->error("$memberfile : $!"); - print FH qq|# LedgerSMB Small Medium Business Accounting members + print FH qq|# LedgerSMB Accounting members [root login] password= @@ -102,7 +91,7 @@ function sf(){ <div align=center> -<a href="http://sourceforge.net/projects/ledger-smb/"><img src=ledger-smb.png border=0></a> +<a href="http://sourceforge.net/projects/ledger-smb/"><img src="ledger-smb.png" width="200" height="100" border="0"></a> <h1 class=login>|.$locale->text('Version').qq| $form->{version}<p>|.$locale->text('Administration').qq|</h1> <form method=post action="$form->{script}" name=admin> @@ -119,7 +108,7 @@ function sf(){ </form> -<a href=http://sourceforge.net/projects/ledger-smb/>LedgerSMB |.$locale->text('website').qq|</a> +<a href="http://sourceforge.net/projects/ledger-smb/">LedgerSMB |.$locale->text('website').qq|</a> </div> @@ -140,6 +129,8 @@ sub login { sub logout { $form->{callback} = "$form->{script}?path=$form->{path}&endsession=1"; + unlink "$userspath/adminhash"; + print qq|Set-Cookie: LedgerSMB=; path=/;\n|; $form->redirect($locale->text('You are logged out')); } @@ -153,8 +144,8 @@ sub add_user { $form->{Oracle_dbport} = '1521'; $form->{Oracle_dbhost} = `hostname`; - if (-f "css/sql-ledger.css") { - $myconfig->{stylesheet} = "sql-ledger.css"; + if (-f "css/ledger-smb.css") { + $myconfig->{stylesheet} = "ledger-smb.css"; } $myconfig->{vclimit} = 1000; $myconfig->{menuwidth} = 155; @@ -1036,9 +1027,16 @@ sub change_password { } +sub get_hash { + use Digest::MD5; + $form->{hash} = Digest::MD5::md5_hex rand(); + +} sub check_password { + + $root = new User "$memberfile", "root login"; if ($root->{password}) { @@ -1050,12 +1048,29 @@ sub check_password { &getpassword; exit; } + + &get_hash; + + open(HASHFILE, "> $userspath/adminhash") + || $form->error("Can't Open Hashfile: $!"); + print HASHFILE $form->{hash}; + + print qq|Set-Cookie: LedgerSMB=$form->{hash}; path=/;\n|; + } else { if ($ENV{HTTP_USER_AGENT}) { $ENV{HTTP_COOKIE} =~ s/;\s*/;/g; - %cookie = split /[=;]/, $ENV{HTTP_COOKIE}; - $cookie = ($form->{path} eq 'bin/lynx') ? $cookie{login} : $cookie{"SQL-Ledger-root login"}; - if (! $cookie || $cookie ne $form->{sessionid}) { + %cookie = split /[=;]/, $ENV{HTTP_COOKIE}; # Changeme to %cookies + $cookie = ($form->{path} eq 'bin/lynx') ? $cookie{login} : $cookie{"LedgerSMB-root login"}; + + open (HASHFILE, "< $userspath/adminhash") || $form->error("Can't Open Hashfile: $!"); + + chomp($form->{hash} = <HASHFILE>); + + %cookies = split /[=;]/, $ENV{HTTP_COOKIE}; + + if (! $cookie || $cookie ne $form->{sessionid} || + $form->{hash} ne $cookies{LedgerSMB}) { &getpassword; exit; } @@ -1094,7 +1109,7 @@ sub dbdriver_defaults { # load some defaults for the selected driver %driverdefaults = ( 'Pg' => { dbport => '', - dbuser => 'sql-ledger', + dbuser => 'ledger-smb', dbdefault => 'template1', dbhost => '', connectstring => $locale->text('Connect to') @@ -1610,3 +1625,4 @@ sub lock_system { } + diff --git a/bin/lynx/login.pl b/bin/lynx/login.pl index b674b03f..fb2fe312 100755 --- a/bin/lynx/login.pl +++ b/bin/lynx/login.pl @@ -64,8 +64,8 @@ if ($form->{action}) { sub login_screen { - $form->{stylesheet} = "sql-ledger.css"; - $form->{favicon} = "sql-ledger.ico"; + $form->{stylesheet} = "ledger-smb.css"; + $form->{favicon} = "favicon.ico"; $form->{endsession} = 1; $form->header(1); @@ -154,8 +154,8 @@ $sf sub selectdataset { my ($login) = @_; - if (-f "css/sql-ledger.css") { - $form->{stylesheet} = "sql-ledger.css"; + if (-f "css/ledger-smb.css") { + $form->{stylesheet} = "ledger-smb.css"; } $form->header(1); @@ -232,8 +232,8 @@ sub selectdataset { sub login { - $form->{stylesheet} = "sql-ledger.css"; - $form->{favicon} = "sql-ledger.ico"; + $form->{stylesheet} = "ledger-smb.css"; + $form->{favicon} = "favicon.ico"; $form->error($locale->text('You did not enter a name!')) unless ($form->{login}); diff --git a/bin/lynx/menu.pl b/bin/lynx/menu.pl index 58d75511..d087bc1f 100755 --- a/bin/lynx/menu.pl +++ b/bin/lynx/menu.pl @@ -1,13 +1,7 @@ ###################################################################### # LedgerSMB Small Medium Business Accounting -# Copyright (c) 2000 +# Copyright (c) 2006 # -# Author: Dieter Simader -# Email: dsimader@sql-ledger.org -# Web: http://sourceforge.net/projects/ledger-smb/ -# -# Contributors: Christopher Browne <cbrowne@acm.org> -# Tony Fraser <tony@sybaspace.com> # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/bin/mozilla/admin.pl b/bin/mozilla/admin.pl index e7021d5a..114c0f69 100755 --- a/bin/mozilla/admin.pl +++ b/bin/mozilla/admin.pl @@ -28,7 +28,7 @@ $form->{charset} = $locale->{charset}; eval { require DBI; }; $form->error($locale->text('DBI not installed!')) if ($@); -$form->{stylesheet} = "sql-ledger.css"; +$form->{stylesheet} = "ledger-smb.css"; $form->{favicon} = "favicon.ico"; $form->{timeout} = 600; @@ -144,8 +144,8 @@ sub add_user { $form->{Oracle_dbport} = '1521'; $form->{Oracle_dbhost} = `hostname`; - if (-f "css/sql-ledger.css") { - $myconfig->{stylesheet} = "sql-ledger.css"; + if (-f "css/ledger-smb.css") { + $myconfig->{stylesheet} = "ledger-smb.css"; } $myconfig->{vclimit} = 1000; $myconfig->{menuwidth} = 155; @@ -1109,7 +1109,7 @@ sub dbdriver_defaults { # load some defaults for the selected driver %driverdefaults = ( 'Pg' => { dbport => '', - dbuser => 'sql-ledger', + dbuser => 'ledger-smb', dbdefault => 'template1', dbhost => '', connectstring => $locale->text('Connect to') diff --git a/bin/mozilla/login.pl b/bin/mozilla/login.pl index 3173b2b1..5f317d10 100755 --- a/bin/mozilla/login.pl +++ b/bin/mozilla/login.pl @@ -55,7 +55,7 @@ if ($form->{action}) { sub login_screen { - $form->{stylesheet} = "sql-ledger.css"; + $form->{stylesheet} = "ledger-smb.css"; $form->{favicon} = "favicon.ico"; $form->{endsession} = 1; @@ -136,8 +136,8 @@ sub login_screen { sub selectdataset { my ($login) = @_; - if (-f "css/sql-ledger.css") { - $form->{stylesheet} = "sql-ledger.css"; + if (-f "css/ledger-smb.css") { + $form->{stylesheet} = "ledger-smb.css"; } $form->header(1); @@ -200,7 +200,7 @@ sub selectdataset { sub login { - $form->{stylesheet} = "sql-ledger.css"; + $form->{stylesheet} = "ledger-smb.css"; $form->{favicon} = "favicon.ico"; $form->error($locale->text('You did not enter a name!')) unless ($form->{login}); @@ -2,10 +2,8 @@ # ###################################################################### # LedgerSMB Accounting and ERP -# Copyright (C) 2001 +# Copyright (C) 2006 # -# Author: Dieter Simader -# Email: dsimader@sql-ledger.org # Web: http://sourceforge.net/projects/ledger-smb/ # # Contributors: @@ -4,9 +4,6 @@ # LedgerSMB Accounting and ERP # Copyright (C) 2006 # -# For Copyright information, see CONTRIBUTORS file -# -# Contributors: # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by |