use SL::User;
use SL::DBConnect;
use SL::DBUpgrade2;
-use SL::DBUtils;
+use SL::DBUtils qw(do_query do_statement prepare_execute_query prepare_query selectall_array_query selectrow_query);
use strict;
} else {
print STDERR "Error: @msg\n";
}
- ::end_of_request();
+ $::dispatcher->end_request;
}
sub _read_auth_config {
return ERR_PASSWORD;
}
- $password = SL::Auth::Password->hash(login => 'root', password => $password);
my $admin_password = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $self->{admin_password}->());
+ $password = SL::Auth::Password->hash(login => 'root', password => $password, stored_password => $admin_password);
my $result = $password eq $admin_password ? OK : ERR_PASSWORD;
$self->set_session_value(SESSION_KEY_ROOT_AUTH() => $result);
$form = $main::form;
- # Don't fail if the auth DB doesn't yet.
+ # Don't fail if the auth DB doesn't exist yet.
if (!( $dbh = $self->dbconnect(1) )) {
return $self->session_restore_result(SESSION_NONE());
}
sub _load_with_auto_restore_column {
my ($self, $dbh, $session_id) = @_;
- my $auto_restore_keys = join ', ', map { "'${_}'" } qw(login password rpw);
+ my %auto_restore_keys = map { $_ => 1 } qw(login password rpw client_id), SESSION_KEY_ROOT_AUTH, SESSION_KEY_USER_AUTH;
my $query = <<SQL;
SELECT sess_key, sess_value, auto_restore
FROM auth.session_content
WHERE (session_id = ?)
- AND ( auto_restore
- OR sess_key IN (${auto_restore_keys}))
SQL
my $sth = prepare_execute_query($::form, $dbh, $query, $session_id);
while (my $ref = $sth->fetchrow_hashref) {
- my $value = SL::Auth::SessionValue->new(auth => $self,
- key => $ref->{sess_key},
- value => $ref->{sess_value},
- auto_restore => $ref->{auto_restore},
- raw => 1);
- $self->{SESSION}->{ $ref->{sess_key} } = $value;
-
- next if defined $::form->{$ref->{sess_key}};
-
- my $data = $value->get;
- $::form->{$ref->{sess_key}} = $data if $value->{auto_restore} || !ref $data;
+ if ($ref->{auto_restore} || $auto_restore_keys{$ref->{sess_key}}) {
+ my $value = SL::Auth::SessionValue->new(auth => $self,
+ key => $ref->{sess_key},
+ value => $ref->{sess_value},
+ auto_restore => $ref->{auto_restore},
+ raw => 1);
+ $self->{SESSION}->{ $ref->{sess_key} } = $value;
+
+ next if defined $::form->{$ref->{sess_key}};
+
+ my $data = $value->get;
+ $::form->{$ref->{sess_key}} = $data if $value->{auto_restore} || !ref $data;
+ } else {
+ my $value = SL::Auth::SessionValue->new(auth => $self,
+ key => $ref->{sess_key});
+ $self->{SESSION}->{ $ref->{sess_key} } = $value;
+ }
}
$sth->finish;
-
- $query = <<SQL;
- SELECT sess_key
- FROM auth.session_content
- WHERE (session_id = ?)
- AND NOT COALESCE(auto_restore, FALSE)
- AND (sess_key NOT IN (${auto_restore_keys}))
-SQL
- $sth = prepare_execute_query($::form, $dbh, $query, $session_id);
-
- while (my $ref = $sth->fetchrow_hashref) {
- my $value = SL::Auth::SessionValue->new(auth => $self,
- key => $ref->{sess_key});
- $self->{SESSION}->{ $ref->{sess_key} } = $value;
- }
}
sub destroy_session {
my ($count) = selectrow_query($main::form, $dbh, $query, @tables);
- return scalar @tables == $count;
+ scalar @tables == $count;
}
}
projects / mfinanz.git / blobdiff