[LON-CAPA-cvs] cvs: modules /raeburn/register Session.pm
raeburn
lon-capa-cvs@mail.lon-capa.org
Sat, 04 Feb 2006 02:43:46 -0000
This is a MIME encoded message
--raeburn1139021026
Content-Type: text/plain
raeburn Fri Feb 3 21:43:46 2006 EDT
Modified files:
/modules/raeburn/register Session.pm
Log:
Changes to make this work in Apache2. Routines in processform.pm are now used to retrieve form parameters.
--raeburn1139021026
Content-Type: text/plain
Content-Disposition: attachment; filename="raeburn-20060203214346.txt"
Index: modules/raeburn/register/Session.pm
diff -u modules/raeburn/register/Session.pm:1.4 modules/raeburn/register/Session.pm:1.5
--- modules/raeburn/register/Session.pm:1.4 Wed Apr 27 13:01:41 2005
+++ modules/raeburn/register/Session.pm Fri Feb 3 21:43:45 2006
@@ -1,5 +1,7 @@
package Apache::LON::Session;
use strict;
+use Apache::RequestRec();
+use Apache::RequestIO();
use DBI;
use Storable qw(store retrieve dclone);
use MD5;
@@ -8,8 +10,9 @@
use FileHandle;
use HTTP::Request;
use LWP::UserAgent;
+use Apache::LON::processform;
-use Apache::Constants qw(OK DECLINED SERVER_ERROR FORBIDDEN);
+use Apache::Const qw(OK DECLINED SERVER_ERROR FORBIDDEN);
use Apache::Session::MySQL;
use CGI::Cookie;
use Crypt::DES;
@@ -71,11 +74,11 @@
my %auth_cookie = $cookiejar{$auth_name}->value;
my $sess_id = $auth_cookie{session};
- $r->notes('_COOKIESTUFF' => $auth_name);
- $r->notes('_ORIGURL' => $auth_cookie{uri});
- $r->notes('_CURRURL' => $inbound);
- $r->notes('_SESSTOKEN' => $auth_cookie{token});
- $r->notes('_AUTHFAIL' => 1);
+ $r->notes->set('_COOKIESTUFF' => $auth_name);
+ $r->notes->set('_ORIGURL' => $auth_cookie{uri});
+ $r->notes->set('_CURRURL' => $inbound);
+ $r->notes->set('_SESSTOKEN' => $auth_cookie{token});
+ $r->notes->set('_AUTHFAIL' => 1);
if (defined ($sess_id) ) {
my $quote_sess = $dbh->quote( $sess_id );
@@ -87,21 +90,21 @@
my $username = $sess_ref->attr("user_id");
$r->connection->user("$username");
$r->connection->auth_type($auth_type);
- $r->notes('_AUTHFAIL' => 0);
+ $r->notes->set('_AUTHFAIL' => 0);
} else {
my $sess_quoted = $dbh->quote( $sess_id );
my $username = $dbh->selectrow_array("SELECT user_id FROM loncapa_sessions WHERE id = $sess_quoted ");
unless ($username eq '') {
$r->connection->user("$username");
$r->connection->auth_type($auth_type);
- $r->notes('_AUTHFAIL' => 0);
+ $r->notes->set('_AUTHFAIL' => 0);
}
}
} else {
¬e_cookie_auth_failure($r);
}
} else {
- $r->notes('_RejectAuth' => "Your session has expired. Please re-authenticate");
+ $r->notes->set('_RejectAuth' => "Your session has expired. Please re-authenticate");
¬e_cookie_auth_failure($r);
}
} else {
@@ -111,12 +114,11 @@
if ($authok) {
my $status = &new_session($r,$dbh,\%attr,$user,\%auth_cookie);
if ($status) {
- $r->notes('_AUTHFAIL' => 0);
+ $r->notes->set('_AUTHFAIL' => 0);
}
}
}
$dbh->disconnect;
- my $notes = $r->notes();
return OK;
}
@@ -135,13 +137,13 @@
my $sth = $dbh->prepare("INSERT INTO loncapa_sessions (id,time,user_id) VALUES ('$sess_id','$endtime','$user') ");
$sth->execute;
$sth->finish;
- $r->notes('_SESSCOOK' => $sess_id);
- $r->notes('_AUTHFAIL' => 0);
+ $r->notes->set('_SESSCOOK' => $sess_id);
+ $r->notes->set('_AUTHFAIL' => 0);
$r->connection->user($user);
$r->connection->auth_type($r->auth_type);
$newsess = 1;
} else {
- $r->notes('_RejectAuth' => "Server Error - session creation failed");
+ $r->notes->set('_RejectAuth' => "Server Error - session creation failed");
}
return $newsess;
}
@@ -149,14 +151,16 @@
sub check_credentials {
my ($r,$dbh) = @_;
my $authok = 0;
- my %params = ($r->args,$r->content);
- my $user = $params{'user'};
- my $password = $params{'password'};
- my $authtype = $params{'authtype'};
- my $domain = $params{'domain'};
- my $origurl = $r->notes('_ORIGURL');
+ my %params = ();
+ &Apache::LON::processform::postitems($r,\%params);
+ &Apache::LON::processform::getitems($r->args,\%params);
+ my $user = $params{'user'}[0];
+ my $password = $params{'password'}[0];
+ my $authtype = $params{'authtype'}[0];
+ my $domain = $params{'domain'}[0];
+ my $origurl = $r->notes->get('_ORIGURL');
my $upass = '';
- my $tokenin = $params{'tokenin'};
+ my $tokenin = $params{'tokenin'}[0];
if (($tokenin ne '') && (-e "/home/helpdesk/tokens/$tokenin")) {
my $formhash = &Storable::retrieve("/home/helpdesk/tokens/$tokenin");
my %formInfo = %{$formhash};
@@ -182,14 +186,16 @@
sub note_cookie_auth_failure {
my $r = shift;
- my %query_string = $r->args;
- my %post_data = $r->content;
+ my %query_str = ();
+ my %post_data = ();
+ &Apache::LON::processform::postitems($r,\%post_data);
+ &Apache::LON::processform::getitems($r->args,\%query_str);
my @list = keys %post_data;
my $token = MD5->hexhash(MD5->hexhash(time.{}.rand().$$));
if (@list) {
my ($tempHash,$hashid);
foreach (@list) {
- $tempHash->{$_} = $post_data{$_};
+ $tempHash->{$_} = $post_data{$_}[0];
}
if (!-e "/tmp/session_tokens") {
mkdir("/tmp/session_tokens",0755);
@@ -198,7 +204,7 @@
store($tempHash,$hashid) or print STDERR "Can't store hash of postdata for LONCAPASession on disk in /tmp/session_tokens/$token\n";
}
my $caller = $r->uri;
- my @params = sort (keys %query_string);
+ my @params = sort (keys %query_str);
if (@params) {
for (my $i=0; $i<@params; $i++) {
if ($i==0) {
@@ -206,7 +212,7 @@
} else {
$caller .= '&';
}
- $caller .= $params[$i]."=".$query_string{$params[$i]};
+ $caller .= $params[$i]."=".$query_str{$params[$i]}[0];
}
}
my $auth_cookie = new CGI::Cookie (
@@ -275,7 +281,7 @@
if (defined ($self->expires()) ) {
my $timeleft = ($self->expires() ) - ( $self->now() );
if ($timeleft < 0) {
- $r->notes('_RejectAuth' => "Your session has expired. Please re-authenticate");
+ $r->notes->set('_RejectAuth' => "Your session has expired. Please re-authenticate");
$self->delete();
$self = undef;
$dbh->do("DELETE FROM loncapa_sessions WHERE id = '$sess_id'");
@@ -289,7 +295,7 @@
$sth->finish;
}
if (defined ($self) ) {
- $r->notes('_SESSCOOK' => $sess_id);
+ $r->notes->set('_SESSCOOK' => $sess_id);
$sess_chk = 1;
}
} else {
@@ -306,7 +312,7 @@
if ($idcheck eq $sess_id) {
$timeleft = $endtime - $timenow;
if ($timeleft < 0) {
- $r->notes('_RejectAuth' => "Your session has expired. Please re-authenticate");
+ $r->notes->set('_RejectAuth' => "Your session has expired. Please re-authenticate");
$dbh->do("DELETE FROM sessions WHERE id = '$sess_id'");
$dbh->do("DELETE FROM loncapa_sessions WHERE id = '$sess_id'");
$sess_chk = "-1";
@@ -319,7 +325,7 @@
$sth->finish;
}
if ($timeleft >= 0) {
- $r->notes('_SESSCOOK' => $sess_id);
+ $r->notes->set('_SESSCOOK' => $sess_id);
$sess_chk = 1;
}
} else {
@@ -384,12 +390,12 @@
my $statement = "SELECT passwd FROM support_auth_passwd WHERE user_id=$user_sent_quoted";
my $sth;
unless ($sth = $dbh->prepare($statement)) {
- $r->notes('_RejectAuth' => "Server Error");
+ $r->notes->set('_RejectAuth' => "Server Error");
return $authflag;
}
my $rv;
unless ($rv = $sth->execute) {
- $r->notes('_RejectAuth' => "Server Error");
+ $r->notes->set('_RejectAuth' => "Server Error");
return $authflag;
}
my $passwd = $sth->fetchrow_array;
@@ -399,7 +405,7 @@
if ($passwd_sent eq $passwd) {
$authflag = 1;
} else {
- $r->notes('_RejectAuth' => "Invalid support system username and/or password");
+ $r->notes->set('_RejectAuth' => "Invalid support system username and/or password");
}
} elsif ($authtype eq 'loncapa') {
my $authkeydir = "/home/helpdesk/admindata";
@@ -410,7 +416,7 @@
my $udom = $authinfo;
my $response = &loncapa_auth($user_sent,$passwd_sent,$udom,$keyphrase);
if ($response eq 'no_host') {
- $r->notes('_RejectAuth' => "Invalid LON-CAPA username and password for domain: $udom");
+ $r->notes->set('_RejectAuth' => "Invalid LON-CAPA username and password for domain: $udom");
$authflag = 0;
} else {
$authflag = 1;
@@ -428,7 +434,7 @@
if ($response eq 'ok') {
$authflag = 1;
} else {
- $r->notes('_RejectAuth' => "Invalid MSUNet ID or password");
+ $r->notes->set('_RejectAuth' => "Invalid MSUNet ID or password");
$authflag = 0;
}
}
--raeburn1139021026--