diff options
Diffstat (limited to 'LedgerSMB/User.pm')
-rw-r--r-- | LedgerSMB/User.pm | 74 |
1 files changed, 39 insertions, 35 deletions
diff --git a/LedgerSMB/User.pm b/LedgerSMB/User.pm index 914bdfb9..c24eb98f 100644 --- a/LedgerSMB/User.pm +++ b/LedgerSMB/User.pm @@ -121,47 +121,51 @@ sub fetch_config { my ( $self, $login ) = @_; - if ( $login ne "" ) { + if ( !$login ) { + &error( $self, "Access Denied" ); + } - # use central db - my $dbh = ${LedgerSMB::Sysconfig::GLOBALDBH}; + # use central db + my $dbh = ${LedgerSMB::Sysconfig::GLOBALDBH}; - # for now, this is querying the table directly... ugly - my $fetchUserPrefs = $dbh->prepare( - "SELECT acs, address, businessnumber, - company, countrycode, currency, - dateformat, dbdriver, dbhost, dbname, - dboptions, dbpasswd, dbport, dbuser, - email, fax, menuwidth, name, numberformat, - password, print, printer, role, sid, - signature, stylesheet, tel, templates, - timeout, vclimit, u.username - FROM users_conf as uc, users as u - WHERE u.username = ? - AND u.id = uc.id;" - ); + # for now, this is querying the table directly... ugly + my $fetchUserPrefs = $dbh->prepare( + "SELECT acs, address, businessnumber, + company, countrycode, currency, + dateformat, dbdriver, dbhost, dbname, + dboptions, dbpasswd, dbport, dbuser, + email, fax, menuwidth, name, numberformat, + password, print, printer, role, sid, + signature, stylesheet, tel, templates, + timeout, vclimit, u.username + FROM users_conf as uc, users as u + WHERE u.username = ? + AND u.id = uc.id;" + ); - $fetchUserPrefs->execute($login); + $fetchUserPrefs->execute($login); - my $userHashRef = $fetchUserPrefs->fetchrow_hashref; + my $userHashRef = $fetchUserPrefs->fetchrow_hashref; + if ( !$userHashRef ) { + &error( $self, "Access Denied" ); + } - while ( my ( $key, $value ) = each( %{$userHashRef} ) ) { - $myconfig{$key} = $value; - } + while ( my ( $key, $value ) = each( %{$userHashRef} ) ) { + $myconfig{$key} = $value; + } - chomp( $myconfig{'dbport'} ); - chomp( $myconfig{'dbname'} ); - chomp( $myconfig{'dbhost'} ); + chomp( $myconfig{'dbport'} ); + chomp( $myconfig{'dbname'} ); + chomp( $myconfig{'dbhost'} ); - $myconfig{'login'} = $login; - $myconfig{'dbconnect'} = - 'dbi:Pg:dbname=' - . $myconfig{'dbname'} - . ';host=' - . $myconfig{'dbhost'} - . ';port=' - . $myconfig{'dbport'}; - } + $myconfig{'login'} = $login; + $myconfig{'dbconnect'} = + 'dbi:Pg:dbname=' + . $myconfig{'dbname'} + . ';host=' + . $myconfig{'dbhost'} + . ';port=' + . $myconfig{'dbport'}; return \%myconfig; } @@ -447,7 +451,7 @@ sub process_query { $ENV{PGUSER} = $form->{dbuser}; $ENV{PGDATABASE} = $form->{db}; $ENV{PGHOST} = $form->{dbhost}; - $ENV{PGPORT} = $form->{pgport}; + $ENV{PGPORT} = $form->{dbport}; $results = `psql -f $filename 2>&1`; if ($?) { |