From 2ebce93bdbcde34ce45fd06aece8d18572d882c5 Mon Sep 17 00:00:00 2001
From: einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>
Date: Mon, 8 Oct 2007 05:19:19 +0000
Subject: A few untested authentication fixes to legacy code

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1719 4979c152-3d1c-0410-bac9-87ea11338e46
---
 LedgerSMB.pm      |  1 -
 LedgerSMB/Form.pm | 29 +++++++++++++++++++++++++++++
 2 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/LedgerSMB.pm b/LedgerSMB.pm
index 4fb4ec1e..d20b4875 100755
--- a/LedgerSMB.pm
+++ b/LedgerSMB.pm
@@ -649,7 +649,6 @@ sub _db_init {
     my $self     = shift @_;
     my %args     = @_;
 
-    $self->debug({file => '/tmp/dbconnect'});
 
     # Handling of HTTP Basic Auth headers
     my $auth = $ENV{'HTTP_AUTHORIZATION'};
diff --git a/LedgerSMB/Form.pm b/LedgerSMB/Form.pm
index 4d055497..46ffd2d2 100644
--- a/LedgerSMB/Form.pm
+++ b/LedgerSMB/Form.pm
@@ -115,6 +115,19 @@ sub new {
     }
     $self->{login} =~ s/[^a-zA-Z0-9._+\@'-]//g;
 
+    if (!$self->{company} && $ENV{HTTP_COOKIE}){
+        $ENV{HTTP_COOKIE} =~ s/;\s*/;/g;
+        my %cookie;
+        my @cookies = split /;/, $ENV{HTTP_COOKIE};
+        foreach (@cookies) {
+            my ( $name, $value ) = split /=/, $_, 2;
+            $cookie{$name} = $value;
+        }
+         my $ccookie = $cookie{LedgerSMB};
+         $ccookie =~ s/.*:([^:]*)$/$1/;
+         $self->{company} = $ccookie;
+    }
+
     $self->{menubar} = 1 if $self->{path} =~ /lynx/i;
 
     #menubar will be deprecated, replaced with below
@@ -1119,8 +1132,14 @@ sub db_init {
     $auth =~ s/Basic //i; # strip out basic authentication preface
     $auth = MIME::Base64::decode($auth);
     my ($login, $password) = split(/:/, $auth);
+    $self->{login} = $login;
+    if (!$self->{company}){ 
+        $self->{company} = $LedgerSMB::Sysconfig::default_db;
+    }
+    my $dbname = $self->{company};
 
     $self->{dbh} = $self->dbconnect_noauto($myconfig) || $self->dberror();
+    my $dbh = $self->{dbh};
     my %date_query = (
         'mm/dd/yy' => 'set DateStyle to \'SQL, US\'',
 
@@ -1133,6 +1152,16 @@ sub db_init {
     $self->{dbh}->do( $date_query{ $myconfig->{dateformat} } );
     $self->{db_dateformat} = $myconfig->{dateformat};    #shim
 
+    # This is the general version check
+    my $sth = $dbh->prepare("
+            SELECT value FROM defaults 
+             WHERE setting_key = 'version'");
+    $sth->execute;
+    my ($dbversion) = $sth->fetchrow_array;
+    if ($dbversion ne $self->{dbversion}){
+        $self->error("Database is not the expected version.");
+    }
+
     my $query = "SELECT t.extends, 
 			coalesce (t.table_name, 'custom_' || extends) 
 			|| ':' || f.field_name as field_def
-- 
cgit v1.2.3