diff options
Diffstat (limited to 'cgi-bin/login.pl')
-rwxr-xr-x | cgi-bin/login.pl | 209 |
1 files changed, 209 insertions, 0 deletions
diff --git a/cgi-bin/login.pl b/cgi-bin/login.pl new file mode 100755 index 0000000..81e8bf7 --- /dev/null +++ b/cgi-bin/login.pl | |||
@@ -0,0 +1,209 @@ | |||
1 | #!/usr/bin/perl | ||
2 | |||
3 | $|=1; | ||
4 | |||
5 | use strict; | ||
6 | |||
7 | use Apache::Request; | ||
8 | use Apache::Constants qw(REDIRECT); | ||
9 | use MIME::Base64 qw(encode_base64 decode_base64); | ||
10 | use HTML::Template; | ||
11 | |||
12 | use Compose::local_lib; | ||
13 | use Compose::site_user_lib; | ||
14 | |||
15 | $Apache::DBI::DEBUG=2; | ||
16 | |||
17 | my $r = Apache::Request->new(Apache->request); | ||
18 | #$r->send_http_header('text/html'); | ||
19 | |||
20 | my $dbh = new Compose::db_connection('localhost','aes','apache','webconnect'); | ||
21 | |||
22 | my $client_lib = new Compose::client_lib(); | ||
23 | my $local_lib = new Compose::local_lib($client_lib,0); | ||
24 | |||
25 | my $client_id = 1; | ||
26 | $client_lib->setup_client($client_id); | ||
27 | |||
28 | |||
29 | my $site_user_lib = new Compose::site_user_lib($client_lib); | ||
30 | |||
31 | $client_lib->{'dbh'}{'debug'} = 2; | ||
32 | |||
33 | my ($form,$PASS); | ||
34 | |||
35 | foreach my $key (sort $r->param) { | ||
36 | $form->{$key} = $local_lib->fix_spaces($r->param($key)); | ||
37 | #print "$key: $form->{$key} <br>"; | ||
38 | } | ||
39 | |||
40 | my %cookiejar = Apache::Cookie->new($r)->parse; | ||
41 | my $newcookie = Apache::Cookie->new($r); | ||
42 | |||
43 | ##################################################### | ||
44 | # Get the username and password from the cookie. | ||
45 | |||
46 | unless ($cookiejar{'Site'} || ($form->{'user'} && $form->{'password'})) { | ||
47 | $r->send_http_header('text/html'); | ||
48 | |||
49 | my $template = HTML::Template->new( filename => "html/login.html", path => [ "$client_lib->{'client'}->{'server_docroot'}" ], die_on_bad_params => 0); | ||
50 | |||
51 | $template->param('user' => $form->{'user'}); | ||
52 | |||
53 | print $template->output(); | ||
54 | |||
55 | exit(0); | ||
56 | } | ||
57 | |||
58 | my %cookie_hash; | ||
59 | |||
60 | if ( $cookiejar{'Site'} ) { | ||
61 | |||
62 | my @values = $cookiejar{'Site'}->value; | ||
63 | |||
64 | for (my $i=0;$i<scalar(@values);$i+=2) { | ||
65 | $cookie_hash{$values[$i]} = $values[$i+1]; | ||
66 | } | ||
67 | } else { | ||
68 | $cookiejar{'Site'} = ""; | ||
69 | } | ||
70 | |||
71 | my $errors = ""; | ||
72 | |||
73 | |||
74 | if ($form->{'user'} && $form->{'password'}) { | ||
75 | |||
76 | my $site_user = &get_user_info($form->{'user'},$dbh); | ||
77 | |||
78 | if (lc $site_user->{'user_name'} eq lc $form->{'user'}) { | ||
79 | if ($site_user->{'user_passwd'} eq $form->{'password'}) { | ||
80 | &bake_cookie($r,$client_lib,$newcookie,\%cookie_hash,$form,$site_user,$dbh); | ||
81 | exit(0); | ||
82 | } else { | ||
83 | $errors .= qq(The password you entered is incorrect. Please try again.<br>); | ||
84 | } | ||
85 | |||
86 | } else { | ||
87 | $errors .= qq(The user name $form->{'user'} does not exist.<br>); | ||
88 | } | ||
89 | |||
90 | } elsif ($cookie_hash{'Site'}) { | ||
91 | |||
92 | |||
93 | my ($user, $password) = split /:/, decode_base64($cookie_hash{'Site'}), 2; | ||
94 | |||
95 | if ($user eq "" ) { | ||
96 | $errors .= qq($cookie_hash{'Site'} Cookie could not be read. <br>); | ||
97 | |||
98 | } else { | ||
99 | |||
100 | my $site_user = &get_user_info($user,$dbh); | ||
101 | |||
102 | if (defined $site_user->{'user_name'} && lc $site_user->{'user_name'} eq lc $user ) { | ||
103 | |||
104 | if ($site_user->{'user_passwd'} eq $password) { | ||
105 | &bake_cookie($r,$client_lib,$newcookie,\%cookie_hash,$form,$site_user,$dbh); | ||
106 | exit(0); | ||
107 | } else { | ||
108 | $errors .= qq(The password you entered is incorrect. Please try again.<br>); | ||
109 | } | ||
110 | |||
111 | } else { | ||
112 | $errors .= qq(The user name $form->{'user'} does not exist.<br>) if ($form->{'user'}); | ||
113 | } | ||
114 | } | ||
115 | } | ||
116 | |||
117 | |||
118 | $r->send_http_header('text/html'); | ||
119 | |||
120 | my $template = HTML::Template->new( filename => "html/login.html", path => [ "$client_lib->{'client'}->{'server_docroot'}" ], die_on_bad_params => 0); | ||
121 | |||
122 | $template->param('user' => $form->{'user'}); | ||
123 | $template->param('error' => "$errors"); | ||
124 | |||
125 | print $template->output(); | ||
126 | |||
127 | |||
128 | |||
129 | ################################### | ||
130 | |||
131 | sub bake_cookie { | ||
132 | |||
133 | my $r = shift; | ||
134 | my $client_lib = shift; | ||
135 | my $cookiejar = shift; | ||
136 | my $cookie_hash = shift; | ||
137 | my $form = shift; | ||
138 | my $site_user = shift; | ||
139 | my $dbh = shift; | ||
140 | |||
141 | if ( ($cookie_hash->{uri} =~ /login.pl/) || $cookie_hash->{uri} eq "") { | ||
142 | $cookie_hash->{uri} = "/"; | ||
143 | } | ||
144 | $cookie_hash->{uri} = $form->{'redir'}; | ||
145 | |||
146 | |||
147 | # We have some valid credientials, so set an authorization cookie. | ||
148 | my @values = ( | ||
149 | uri => $cookie_hash->{uri}, | ||
150 | Cookie => encode_base64(join ":", ($form->{'user'},$form->{'password'})), | ||
151 | ); | ||
152 | |||
153 | my $c = $r->connection; | ||
154 | my $ip = $c->remote_ip; | ||
155 | my $ins = qq(insert into logins (id,username,last_name,first_name,login_date,ip_address) values (NULL,"$site_user->{'user_name'}","$site_user->{'last_name'}","$site_user->{'first_name'}",NOW(),"$ip")); | ||
156 | $dbh->updateDB($ins); | ||
157 | |||
158 | |||
159 | $cookiejar->name('Site'); | ||
160 | $cookiejar->value(\@values); | ||
161 | $cookiejar->path('/'); | ||
162 | $cookiejar->domain('.santoprene.com'); | ||
163 | $cookiejar->bake; | ||
164 | |||
165 | |||
166 | $r->status(REDIRECT); | ||
167 | $r->headers_out->set(Location => $cookie_hash->{uri}); | ||
168 | $r->send_http_header; | ||
169 | |||
170 | |||
171 | |||
172 | } | ||
173 | ####################### | ||
174 | |||
175 | sub get_user_info { | ||
176 | |||
177 | my $uid = shift; | ||
178 | my $dbh = shift; | ||
179 | |||
180 | my ($qry,$gqry,%user_info,%group_info); | ||
181 | |||
182 | %user_info=%group_info=(); | ||
183 | |||
184 | ########################### | ||
185 | # Internet User | ||
186 | |||
187 | |||
188 | $qry = qq(select admin_user_info.*, DATE_FORMAT(created_on,'%c/%y') as format_created_on from admin_user_info where user_name="$uid" and ((registrant=1 and verified=1) or registrant=0) ); | ||
189 | |||
190 | %user_info = $dbh->queryRawDB($qry); | ||
191 | |||
192 | my %USER_INFO; | ||
193 | |||
194 | foreach my $k (keys %{$user_info{'0'}}) { | ||
195 | $USER_INFO{$k} = $user_info{'0'}{$k}; | ||
196 | } | ||
197 | |||
198 | $USER_INFO{'FULL_NAME'} = "$USER_INFO{'first_name'} " if ($USER_INFO{'first_name'} ne ""); | ||
199 | $USER_INFO{'FULL_NAME'} .= "$USER_INFO{'last_name'} " if ($USER_INFO{'last_name'} ne ""); | ||
200 | |||
201 | foreach my $group (keys %group_info) { | ||
202 | $USER_INFO{'group_info'}{$group_info{$group}{'group_id'}} = $group_info{$group}; | ||
203 | $USER_INFO{'groups'}{$group} = 1; | ||
204 | } | ||
205 | |||
206 | return \%USER_INFO; | ||
207 | } | ||
208 | |||
209 | |||