-class myDB extends DB {
-// Datenbankklasse
-
- var $rc = false;
- var $showErr = false;
- var $db = false;
- var $debug = false;
-
-/****************************************************
-* uudecode
-* in: string
-* out: string
-* dekodiert Perl-UU-kodierte Passwort-Strings
-* http://de3.php.net/base64_decode (bug #171)
-*****************************************************/
- function uudecode($encode) {
- $b64chars="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-
- $encode = preg_replace("/^./m","",$encode);
- $encode = preg_replace("/\n/m","",$encode);
- for($i=0; $i<strlen($encode); $i++) {
- if ($encode[$i] == '')
- $encode[$i] = ' ';
- $encode[$i] = $b64chars[ord($encode[$i])-32];
- }
-
- while(strlen($encode) % 4)
- $encode .= "=";
-
- return base64_decode($encode);
- }
-
- function dbFehler($sql,$err) {
- if ($this->showErr)
- echo "$sql : $err\n";
- }
-
- function showDebug($sql) {
- echo $sql."\n";
- if ($this->debug==2) {
- print_r($this->rc);
- };
- }
-
- function myDB($usr) {
- // Datenbankparameter des ERP-Users benutzen.
- $tmp = file_get_contents("../users/$usr.conf");
- preg_match("/dbname => '(.+)'/",$tmp,$hits);
- $dbname=$hits[1];
- preg_match("/dbpasswd => '(.+)'/",$tmp,$hits);
- if ($hits[1]) {
- $dbpasswd=$this->uudecode($hits[1]);
- } else {
- $dbpasswd="";
- };
- preg_match("/dbuser => '(.+)'/",$tmp,$hits);
- $dbuser=$hits[1];
- preg_match("/dbhost => '(.+)'/",$tmp,$hits);
- $dbhost=$hits[1];
- if (!$dbhost) $dbhost="localhost";
- if ($dbpasswd) {
- $dns=$dbuser.":".$dbpasswd."@".$dbhost."/".$dbname;
- } else {
- $dns=$dbuser."@".$dbhost."/".$dbname;
- };
- $dns="pgsql://".$dns;
- $this->db=DB::connect($dns);
- if (!$this->db) DB::dbFehler("oh oh oh",$this->db->getDebugInfo());
- if (DB::isError($this->db)) {
- $this->dbFehler("Connect",$this->db->getDebugInfo());
- die ($this->db->getDebugInfo());
- }
- return $this->db;
- }
-
- function query($sql) {
- $this->rc=@$this->db->query($sql);
- if ($this->debug) $this->showDebug($sql);
- if(DB::isError($this->rc)) {
- $this->dbFehler($sql,$this->rc->getMessage());
- return false;
- } else {
- return $this->rc;
- }
- }
- function getAll($sql) {
- $this->rc=@$this->db->getAll($sql,DB_FETCHMODE_ASSOC);
- if ($this->debug) $this->showDebug($sql);
- if(DB::isError($this->rc)) {
- $this->dbFehler($sql,$this->rc->getMessage());
- return false;
- } else {
- return $this->rc;
- }
- }
-
- function lock() {
- $this->query("BEGIN");
- }
- function commit() {
- $this->query("COMMIT");
- }
- function rollback() {
- $this->query("ROLLBACK");
- }
- function chkcol($tbl) {
- // gibt es die Spalte import schon?
- $rc=$this->db->query("select import from $tbl limit 1");
- if(DB::isError($rc)) {
- $rc=$this->db->query("alter table $tbl add column import int4");
- if(DB::isError($rc)) { return false; }
- else { return true; }
-
- } else { return true; };
- }
+function authuser($dbhost,$dbport,$dbuser,$dbpasswd,$dbname,$cookie) {
+ $db=new myDB($dbhost,$dbuser,$dbpasswd,$dbname,$dbport,true);
+ $sql="select sc.session_id,u.id from auth.session_content sc left join auth.user u on ";
+ $sql.="u.login=sc.sess_value left join auth.session s on s.id=sc.session_id ";
+ $sql.="where session_id = '$cookie' and sc.sess_key='login'";// order by s.mtime desc";
+ $rs=$db->getAll($sql,"authuser_1");
+ if (!$rs) return false;
+ $stmp="";
+ if (count($rs)>1) {
+ header("location:../login.pl?action=logout");
+ /*foreach($rs as $row) {
+ $stmp.=$row["session_id"].",";
+ }
+ $sql1="delete from session where id in (".substr($stmp,-1).")";
+ $sql2="delete from session_content where session_id in (".substr($stmp,-1).")";
+ $db->query($sql1,"authuser_A");
+ $db->query($sql2,"authuser_B");
+ $sql3="insert into session ";*/
+ }
+ $sql="select * from auth.user where id=".$rs[0]["id"];
+ $rs1=$db->getAll($sql,"authuser_1");
+ if (!$rs1) return false;
+ $auth=array();
+ $auth["login"]=$rs1[0]["login"];
+ $sql="select * from auth.user_config where user_id=".$rs[0]["id"];
+ $rs1=$db->getAll($sql,"authuser_2");
+ $keys=array("dbname","dbpasswd","dbhost","dbport","dbuser");
+ foreach ($rs1 as $row) {
+ if (in_array($row["cfg_key"],$keys)) {
+ $auth[$row["cfg_key"]]=$row["cfg_value"];
+ }
+ }
+ $sql="update auth.session set mtime = '".date("Y-M-d H:i:s.100001")."' where id = '".$rs[0]["session_id"]."'";
+ $db->query($sql,"authuser_3");
+ return $auth;