X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=am.pl;h=a874f6df6fac0ec6acffac489264a49b312cf3c6;hb=ea707efcb3b6f5cda6ccf12fb86c4659b9db079f;hp=d35b4a90004f1c866b11f75be680f330294ad63e;hpb=b6dc5623d93c1be1c54248d4512e80f495af2899;p=kivitendo-erp.git diff --git a/am.pl b/am.pl index d35b4a900..a874f6df6 100755 --- a/am.pl +++ b/am.pl @@ -48,11 +48,22 @@ use SL::LXDebug; $lxdebug = LXDebug->new(); use CGI qw( -no_xhtml); +use SL::Auth; use SL::Form; use SL::Locale; -eval { require "lx-erp.conf"; }; -eval { require "lx-erp-local.conf"; } if -f "lx-erp-local.conf"; +eval { require "config/lx-erp.conf"; }; +eval { require "config/lx-erp-local.conf"; } if -f "config/lx-erp-local.conf"; + +our $cgi = new CGI(''); +our $form = new Form; + +our $auth = SL::Auth->new(); +if (!$auth->session_tables_present()) { + _show_error('login/auth_db_unreachable'); +} +$auth->expire_sessions(); +my $session_result = $auth->restore_session(); require "bin/mozilla/common.pl"; @@ -61,9 +72,6 @@ if (defined($latex) && !defined($latex_templates)) { undef($latex); } -$form = new Form; -$cgi = new CGI(''); - # this prevents most of the tabindexes being created by CGI. # note: most. popup menus and selecttables will still have tabindexes # use common.pl's NTI function to get rid of those @@ -83,35 +91,41 @@ $script =~ s/\.pl//; # pull in DBI use DBI; -$form->{login} =~ s|.*/||; +# locale messages +$locale = new Locale($language, "$script"); -# check for user config file, could be missing or ??? -eval { require("$userspath/$form->{login}.conf"); }; -if ($@) { - $locale = new Locale "$language", "$script"; +# did sysadmin lock us out +if (-e "$userspath/nologin") { + $form->error($locale->text('System currently down for maintenance!')); +} - $form->{callback} = ""; - $msg1 = $locale->text('You are logged out!'); - $msg2 = $locale->text('Login'); - $form->redirect("$msg1

$msg2"); +if (SL::Auth::SESSION_EXPIRED == $session_result) { + _show_error('login/password_error', 'session'); } -$myconfig{dbpasswd} = unpack 'u', $myconfig{dbpasswd}; -map { $form->{$_} = $myconfig{$_} } qw(stylesheet charset) - unless (($form->{action} eq 'save') && ($form->{type} eq 'preferences')); +$form->{login} =~ s|.*/||; + +%myconfig = $auth->read_user($form->{login}); + +if (!$myconfig{login}) { + _show_error('login/password_error', 'password'); +} # locale messages $locale = new Locale "$myconfig{countrycode}", "$script"; -# check password -$form->error($locale->text('Incorrect Password!')) - if ($form->{password} ne $myconfig{password}); - -# did sysadmin lock us out -if (-e "$userspath/nologin") { - $form->error($locale->text('System currently down for maintenance!')); +if (SL::Auth::OK != $auth->authenticate($form->{login}, $form->{password}, 0)) { + _show_error('login/password_error', 'password'); } +$auth->set_session_value('login', $form->{login}, 'password', $form->{password}); +$auth->create_or_refresh_session(); + +delete $form->{password}; + +map { $form->{$_} = $myconfig{$_} } qw(stylesheet charset) + unless (($form->{action} eq 'save') && ($form->{type} eq 'preferences')); + # pull in the main code require "bin/mozilla/$form->{script}"; @@ -140,5 +154,19 @@ if ($form->{action}) { $form->error($locale->text('action= not defined!')); } +sub _show_error { + my $template = shift; + my $error_type = shift; + $locale = Locale->new($language, 'all'); + $form->{error} = $locale->text('The session is invalid or has expired.') if ($error_type eq 'session'); + $form->{error} = $locale->text('Incorrect password!.') if ($error_type eq 'password'); + $myconfig{countrycode} = $language; + $form->{stylesheet} = 'css/lx-office-erp.css'; + + $form->header(); + print $form->parse_html_template($template); + exit; +} + # end