X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;ds=sidebyside;f=am.pl;h=a70e4523304a44c464ac10077cf5546bcfd59ec2;hb=95a9314a3ccbfcbcbebef1929577361c21c54cf0;hp=a9b05323293811aeefcd1b416f9d7a9f6b875622;hpb=ee072e4f077213bf6f8792ca8f0a1afebbb6282f;p=kivitendo-erp.git diff --git a/am.pl b/am.pl index a9b053232..a70e45233 100755 --- a/am.pl +++ b/am.pl @@ -30,28 +30,59 @@ # ####################################################################### +use strict; + +BEGIN { + unshift @INC, "modules/override"; # Use our own versions of various modules (e.g. YAML). + push @INC, "modules/fallback"; # Only use our own versions of modules if there's no system version. +} + # setup defaults, DO NOT CHANGE -$userspath = "users"; -$templates = "templates"; -$memberfile = "users/members"; -$sendmail = "| /usr/sbin/sendmail -t"; +$main::userspath = "users"; +$main::templates = "templates"; +$main::memberfile = "users/members"; +$main::sendmail = "| /usr/sbin/sendmail -t"; ########## end ########################################### $| = 1; use SL::LXDebug; -$lxdebug = LXDebug->new(); +$main::lxdebug = LXDebug->new(); +use CGI qw( -no_xhtml); +use SL::Auth; use SL::Form; +use SL::Locale; + +eval { require "config/lx-erp.conf"; }; +eval { require "config/lx-erp-local.conf"; } if -f "config/lx-erp-local.conf"; -eval { require "lx-erp.conf"; }; +our $cgi = new CGI(''); +our $form = new Form; -$form = new Form; +our $auth = SL::Auth->new(); +if (!$auth->session_tables_present()) { + _show_error('login/auth_db_unreachable'); +} +$auth->expire_sessions(); +my $session_result = $auth->restore_session(); + +require "bin/mozilla/common.pl"; + +if (defined($main::latex) && !defined($main::latex_templates)) { + $main::latex_templates = $main::latex; + undef($main::latex); +} + +# this prevents most of the tabindexes being created by CGI. +# note: most. popup menus and selecttables will still have tabindexes +# use common.pl's NTI function to get rid of those +local $CGI::TABINDEX = 0; # name of this script $0 =~ tr/\\/\//; -$pos = rindex $0, '/'; -$script = substr($0, $pos + 1); +my $pos = rindex $0, '/'; +my $script = substr($0, $pos + 1); # we use $script for the language module $form->{script} = $script; @@ -62,50 +93,55 @@ $script =~ s/\.pl//; # pull in DBI use DBI; -# check for user config file, could be missing or ??? -eval { require("$userspath/$form->{login}.conf"); }; -if ($@) { - $locale = new Locale "$language", "$script"; +# locale messages +$main::locale = new Locale($main::language, "$script"); +my $locale = $main::locale; - $form->{callback} = ""; - $msg1 = $locale->text('You are logged out!'); - $msg2 = $locale->text('Login'); - $form->redirect("$msg1

$msg2"); +# did sysadmin lock us out +if (-e "$main::userspath/nologin") { + $form->error($locale->text('System currently down for maintenance!')); } -$myconfig{dbpasswd} = unpack 'u', $myconfig{dbpasswd}; -map { $form->{$_} = $myconfig{$_} } qw(stylesheet charset) - unless (($form->{action} eq 'save') && ($form->{type} eq 'preferences')); +if (SL::Auth::SESSION_EXPIRED == $session_result) { + _show_error('login/password_error', 'session'); +} -# locale messages -$locale = new Locale "$myconfig{countrycode}", "$script"; +$form->{login} =~ s|.*/||; -# check password -$form->error($locale->text('Incorrect Password!')) - if ($form->{password} ne $myconfig{password}); +%main::myconfig = $auth->read_user($form->{login}); +my %myconfig = %main::myconfig; -$form->{path} =~ s/\.\.\///g; -if ($form->{path} !~ /^bin\//) { - $form->error($locale->text('Invalid path!') . "\n"); +if (!$myconfig{login}) { + _show_error('login/password_error', 'password'); } -# did sysadmin lock us out -if (-e "$userspath/nologin") { - $form->error($locale->text('System currently down for maintenance!')); +# locale messages +$locale = new Locale "$myconfig{countrycode}", "$script"; + +if (SL::Auth::OK != $auth->authenticate($form->{login}, $form->{password}, 0)) { + _show_error('login/password_error', 'password'); } +$auth->set_session_value('login', $form->{login}, 'password', $form->{password}); +$auth->create_or_refresh_session(); + +delete $form->{password}; + +map { $form->{$_} = $myconfig{$_} } qw(stylesheet charset) + unless (($form->{action} eq 'save') && ($form->{type} eq 'preferences')); + # pull in the main code -require "$form->{path}/$form->{script}"; +require "bin/mozilla/$form->{script}"; # customized scripts -if (-f "$form->{path}/custom_$form->{script}") { - eval { require "$form->{path}/custom_$form->{script}"; }; +if (-f "bin/mozilla/custom_$form->{script}") { + eval { require "bin/mozilla/custom_$form->{script}"; }; $form->error($@) if ($@); } # customized scripts for login -if (-f "$form->{path}/$form->{login}_$form->{script}") { - eval { require "$form->{path}/$form->{login}_$form->{script}"; }; +if (-f "bin/mozilla/$form->{login}_$form->{script}") { + eval { require "bin/mozilla/$form->{login}_$form->{script}"; }; $form->error($@) if ($@); } @@ -117,10 +153,24 @@ if ($form->{action}) { . $locale->text('Version') . " $form->{version} - $myconfig{name} - $myconfig{dbname}"; - &{ $locale->findsub($form->{action}) }; + call_sub($locale->findsub($form->{action})); } else { $form->error($locale->text('action= not defined!')); } +sub _show_error { + my $template = shift; + my $error_type = shift; + my $locale = Locale->new($main::language, 'all'); + $form->{error} = $locale->text('The session is invalid or has expired.') if ($error_type eq 'session'); + $form->{error} = $locale->text('Incorrect password!.') if ($error_type eq 'password'); + $myconfig{countrycode} = $main::language; + $form->{stylesheet} = 'css/lx-office-erp.css'; + + $form->header(); + print $form->parse_html_template($template); + exit; +} + # end