1 files changed, 209 insertions, 0 deletions
diff --git a/cgi-bin/login.pl b/cgi-bin/login.pl
new file mode 100755
index 0000000..81e8bf7
--- /dev/null
+++ b/cgi-bin/login.pl
@@ -0,0 +1,209 @@
+#!/usr/bin/perl
+$|=1;
+use strict;
+use Apache::Request;
+use Apache::Constants qw(REDIRECT);
+use MIME::Base64 qw(encode_base64 decode_base64);
+use HTML::Template;
+use Compose::local_lib;
+use Compose::site_user_lib;
+$Apache::DBI::DEBUG=2;
+my $r = Apache::Request->new(Apache->request);
+#$r->send_http_header('text/html');
+my $dbh = new Compose::db_connection('localhost','aes','apache','webconnect');
+my $client_lib = new Compose::client_lib();
+my $local_lib = new Compose::local_lib($client_lib,0);
+my $client_id = 1;
+$client_lib->setup_client($client_id);
+my $site_user_lib = new Compose::site_user_lib($client_lib);
+$client_lib->{'dbh'}{'debug'} = 2;
+my ($form,$PASS);
+foreach my $key (sort $r->param) {
+        $form->{$key} = $local_lib->fix_spaces($r->param($key));
+        #print "$key: $form->{$key} <br>";
+}
+my %cookiejar = Apache::Cookie->new($r)->parse;
+my $newcookie = Apache::Cookie->new($r);
+#####################################################
+# Get the username and password from the cookie.
+unless ($cookiejar{'Site'} || ($form->{'user'} && $form->{'password'})) {
+        $r->send_http_header('text/html');
+        my $template = HTML::Template->new( filename => "html/login.html",  path => [ "$client_lib->{'client'}->{'server_docroot'}" ], die_on_bad_params => 0);
+        $template->param('user' => $form->{'user'});
+        print $template->output();
+        exit(0);
+}
+my %cookie_hash;
+if ( $cookiejar{'Site'} ) {
+        my @values = $cookiejar{'Site'}->value;
+        for (my $i=0;$i<scalar(@values);$i+=2) {
+                $cookie_hash{$values[$i]} = $values[$i+1];
+        }
+} else {
+        $cookiejar{'Site'} = "";
+}
+my $errors = "";
+if ($form->{'user'} && $form->{'password'}) {
+        my $site_user = &get_user_info($form->{'user'},$dbh);
+        if (lc $site_user->{'user_name'} eq lc $form->{'user'}) {
+                if ($site_user->{'user_passwd'} eq $form->{'password'}) {
+                        &bake_cookie($r,$client_lib,$newcookie,\%cookie_hash,$form,$site_user,$dbh);
+                        exit(0);
+                } else {
+                        $errors .= qq(The password you entered is incorrect. Please try again.<br>);
+                }
+        } else {
+                $errors .= qq(The user name $form->{'user'} does not exist.<br>);
+        }
+} elsif ($cookie_hash{'Site'}) {
+        my ($user, $password) = split /:/, decode_base64($cookie_hash{'Site'}), 2;
+        if ($user eq "" ) {
+                $errors .= qq($cookie_hash{'Site'} Cookie could not be read. <br>);
+        } else {
+                my $site_user = &get_user_info($user,$dbh);
+                if (defined $site_user->{'user_name'} && lc $site_user->{'user_name'} eq lc $user ) {
+                        if ($site_user->{'user_passwd'} eq $password) {
+                                &bake_cookie($r,$client_lib,$newcookie,\%cookie_hash,$form,$site_user,$dbh);
+                                exit(0);
+                        } else {
+                                $errors .= qq(The password you entered is incorrect. Please try again.<br>);
+                        }
+                } else {
+                        $errors .= qq(The user name $form->{'user'} does not exist.<br>) if ($form->{'user'});
+                }
+        }
+}
+$r->send_http_header('text/html');
+my $template = HTML::Template->new( filename => "html/login.html",  path => [ "$client_lib->{'client'}->{'server_docroot'}" ], die_on_bad_params => 0);
+$template->param('user' => $form->{'user'});
+$template->param('error' => "$errors");
+print $template->output();
+        
+###################################
+sub bake_cookie {
+        my $r = shift;
+        my $client_lib = shift;
+        my $cookiejar = shift;
+        my $cookie_hash = shift;
+        my $form = shift;
+        my $site_user = shift;
+        my $dbh = shift;
+        if ( ($cookie_hash->{uri} =~ /login.pl/) || $cookie_hash->{uri} eq "") {
+                $cookie_hash->{uri} = "/";
+        }
+        $cookie_hash->{uri} = $form->{'redir'};
+        # We have some valid credientials, so set an authorization cookie.
+    my @values = (
+        uri => $cookie_hash->{uri},
+        Cookie => encode_base64(join ":", ($form->{'user'},$form->{'password'})),
+    );
+        my $c = $r->connection;
+        my $ip = $c->remote_ip;
+        my $ins = qq(insert into logins (id,username,last_name,first_name,login_date,ip_address) values (NULL,"$site_user->{'user_name'}","$site_user->{'last_name'}","$site_user->{'first_name'}",NOW(),"$ip"));
+        $dbh->updateDB($ins);
+        $cookiejar->name('Site');
+        $cookiejar->value(\@values);
+    $cookiejar->path('/');
+        $cookiejar->domain('.santoprene.com');
+        $cookiejar->bake;
+        $r->status(REDIRECT);
+        $r->headers_out->set(Location => $cookie_hash->{uri});
+        $r->send_http_header;
+        
+}
+#######################
+sub get_user_info {
+        my $uid = shift;
+        my $dbh = shift;
+        my ($qry,$gqry,%user_info,%group_info);
+        %user_info=%group_info=();
+        ###########################
+        # Internet User
+        $qry = qq(select admin_user_info.*, DATE_FORMAT(created_on,'%c/%y') as format_created_on  from admin_user_info where user_name="$uid" and ((registrant=1 and verified=1) or registrant=0) ); 
+        %user_info = $dbh->queryRawDB($qry);
+        my %USER_INFO;
+        foreach my $k (keys %{$user_info{'0'}}) {
+                $USER_INFO{$k} = $user_info{'0'}{$k};
+        }
+        $USER_INFO{'FULL_NAME'} = "$USER_INFO{'first_name'} " if ($USER_INFO{'first_name'} ne "");
+        $USER_INFO{'FULL_NAME'} .= "$USER_INFO{'last_name'} " if ($USER_INFO{'last_name'} ne "");
+        foreach my $group (keys %group_info) {
+                $USER_INFO{'group_info'}{$group_info{$group}{'group_id'}} = $group_info{$group};
+                $USER_INFO{'groups'}{$group} = 1;
+        }
+        return \%USER_INFO;
+}

diff --git a/cgi-bin/login.pl b/cgi-bin/login.pl new file mode 100755 index 0000000..81e8bf7 --- /dev/null +++ b/cgi-bin/login.pl
@@ -0,0 +1,209 @@
	1	#!/usr/bin/perl
	2
	3	$\|=1;
	4
	5	use strict;
	6
	7	use Apache::Request;
	8	use Apache::Constants qw(REDIRECT);
	9	use MIME::Base64 qw(encode_base64 decode_base64);
	10	use HTML::Template;
	11
	12	use Compose::local_lib;
	13	use Compose::site_user_lib;
	14
	15	$Apache::DBI::DEBUG=2;
	16
	17	my $r = Apache::Request->new(Apache->request);
	18	#$r->send_http_header('text/html');
	19
	20	my $dbh = new Compose::db_connection('localhost','aes','apache','webconnect');
	21
	22	my $client_lib = new Compose::client_lib();
	23	my $local_lib = new Compose::local_lib($client_lib,0);
	24
	25	my $client_id = 1;
	26	$client_lib->setup_client($client_id);
	27
	28
	29	my $site_user_lib = new Compose::site_user_lib($client_lib);
	30
	31	$client_lib->{'dbh'}{'debug'} = 2;
	32
	33	my ($form,$PASS);
	34
	35	foreach my $key (sort $r->param) {
	36	$form->{$key} = $local_lib->fix_spaces($r->param($key));
	37	#print "$key: $form->{$key} <br>";
	38	}
	39
	40	my %cookiejar = Apache::Cookie->new($r)->parse;
	41	my $newcookie = Apache::Cookie->new($r);
	42
	43	#####################################################
	44	# Get the username and password from the cookie.
	45
	46	unless ($cookiejar{'Site'} \|\| ($form->{'user'} && $form->{'password'})) {
	47	$r->send_http_header('text/html');
	48
	49	my $template = HTML::Template->new( filename => "html/login.html", path => [ "$client_lib->{'client'}->{'server_docroot'}" ], die_on_bad_params => 0);
	50
	51	$template->param('user' => $form->{'user'});
	52
	53	print $template->output();
	54
	55	exit(0);
	56	}
	57
	58	my %cookie_hash;
	59
	60	if ( $cookiejar{'Site'} ) {
	61
	62	my @values = $cookiejar{'Site'}->value;
	63
	64	for (my $i=0;$i<scalar(@values);$i+=2) {
	65	$cookie_hash{$values[$i]} = $values[$i+1];
	66	}
	67	} else {
	68	$cookiejar{'Site'} = "";
	69	}
	70
	71	my $errors = "";
	72
	73
	74	if ($form->{'user'} && $form->{'password'}) {
	75
	76	my $site_user = &get_user_info($form->{'user'},$dbh);
	77
	78	if (lc $site_user->{'user_name'} eq lc $form->{'user'}) {
	79	if ($site_user->{'user_passwd'} eq $form->{'password'}) {
	80	&bake_cookie($r,$client_lib,$newcookie,\%cookie_hash,$form,$site_user,$dbh);
	81	exit(0);
	82	} else {
	83	$errors .= qq(The password you entered is incorrect. Please try again.<br>);
	84	}
	85
	86	} else {
	87	$errors .= qq(The user name $form->{'user'} does not exist.<br>);
	88	}
	89
	90	} elsif ($cookie_hash{'Site'}) {
	91
	92
	93	my ($user, $password) = split /:/, decode_base64($cookie_hash{'Site'}), 2;
	94
	95	if ($user eq "" ) {
	96	$errors .= qq($cookie_hash{'Site'} Cookie could not be read. <br>);
	97
	98	} else {
	99
	100	my $site_user = &get_user_info($user,$dbh);
	101
	102	if (defined $site_user->{'user_name'} && lc $site_user->{'user_name'} eq lc $user ) {
	103
	104	if ($site_user->{'user_passwd'} eq $password) {
	105	&bake_cookie($r,$client_lib,$newcookie,\%cookie_hash,$form,$site_user,$dbh);
	106	exit(0);
	107	} else {
	108	$errors .= qq(The password you entered is incorrect. Please try again.<br>);
	109	}
	110
	111	} else {
	112	$errors .= qq(The user name $form->{'user'} does not exist.<br>) if ($form->{'user'});
	113	}
	114	}
	115	}
	116
	117
	118	$r->send_http_header('text/html');
	119
	120	my $template = HTML::Template->new( filename => "html/login.html", path => [ "$client_lib->{'client'}->{'server_docroot'}" ], die_on_bad_params => 0);
	121
	122	$template->param('user' => $form->{'user'});
	123	$template->param('error' => "$errors");
	124
	125	print $template->output();
	126
	127
	128
	129	###################################
	130
	131	sub bake_cookie {
	132
	133	my $r = shift;
	134	my $client_lib = shift;
	135	my $cookiejar = shift;
	136	my $cookie_hash = shift;
	137	my $form = shift;
	138	my $site_user = shift;
	139	my $dbh = shift;
	140
	141	if ( ($cookie_hash->{uri} =~ /login.pl/) \|\| $cookie_hash->{uri} eq "") {
	142	$cookie_hash->{uri} = "/";
	143	}
	144	$cookie_hash->{uri} = $form->{'redir'};
	145
	146
	147	# We have some valid credientials, so set an authorization cookie.
	148	my @values = (
	149	uri => $cookie_hash->{uri},
	150	Cookie => encode_base64(join ":", ($form->{'user'},$form->{'password'})),
	151	);
	152
	153	my $c = $r->connection;
	154	my $ip = $c->remote_ip;
	155	my $ins = qq(insert into logins (id,username,last_name,first_name,login_date,ip_address) values (NULL,"$site_user->{'user_name'}","$site_user->{'last_name'}","$site_user->{'first_name'}",NOW(),"$ip"));
	156	$dbh->updateDB($ins);
	157
	158
	159	$cookiejar->name('Site');
	160	$cookiejar->value(\@values);
	161	$cookiejar->path('/');
	162	$cookiejar->domain('.santoprene.com');
	163	$cookiejar->bake;
	164
	165
	166	$r->status(REDIRECT);
	167	$r->headers_out->set(Location => $cookie_hash->{uri});
	168	$r->send_http_header;
	169
	170
	171
	172	}
	173	#######################
	174
	175	sub get_user_info {
	176
	177	my $uid = shift;
	178	my $dbh = shift;
	179
	180	my ($qry,$gqry,%user_info,%group_info);
	181
	182	%user_info=%group_info=();
	183
	184	###########################
	185	# Internet User
	186
	187
	188	$qry = qq(select admin_user_info.*, DATE_FORMAT(created_on,'%c/%y') as format_created_on from admin_user_info where user_name="$uid" and ((registrant=1 and verified=1) or registrant=0) );
	189
	190	%user_info = $dbh->queryRawDB($qry);
	191
	192	my %USER_INFO;
	193
	194	foreach my $k (keys %{$user_info{'0'}}) {
	195	$USER_INFO{$k} = $user_info{'0'}{$k};
	196	}
	197
	198	$USER_INFO{'FULL_NAME'} = "$USER_INFO{'first_name'} " if ($USER_INFO{'first_name'} ne "");
	199	$USER_INFO{'FULL_NAME'} .= "$USER_INFO{'last_name'} " if ($USER_INFO{'last_name'} ne "");
	200
	201	foreach my $group (keys %group_info) {
	202	$USER_INFO{'group_info'}{$group_info{$group}{'group_id'}} = $group_info{$group};
	203	$USER_INFO{'groups'}{$group} = 1;
	204	}
	205
	206	return \%USER_INFO;
	207	}
	208
	209