Changeset 27318 for main/trunk/greenstone2/macros/style.dm

Timestamp:

2013-05-08T20:27:02+12:00 (11 years ago)

Author:

ak19

Message:

Authentication at perl level for when setting user-added comments. 1. metadata-server.plnow encrypts the key, so that it can be checked against what's in the key db. 2. gdslCGI.pm now has an encrypt_key subroutine. 3. baseaction.pm's authentication_enabled is turned on and the authenticate_user() subroutine now follows recpt's userdb.cpp::check_key by first checking for a given key when no password is given, and if the key validates and isn't stale, then its timestamp in the key db is updated. The code for checking the group that the user belongs to (which had been commented out since user comments can be set by anyone with a GS account, they don't need to belong to a collection editing group) has been moved to a new function called check_group, with the line calling it commented out. 4. style.dm passes in un and ky cgi args to the gsapi object's constructor. 5. gsajaxapi.js's constructor takes the un and ky parameters and then uses these in the Get and Post methods when making calls to metadata-server.pl.

File:

• main/trunk/greenstone2/macros/style.dm (modified) (1 diff)

main/trunk/greenstone2/macros/style.dm

@@ -240 +240 @@
     \}
 
-    var gsapi = new GSAjaxAPI("_gwcgi_","_cgiargc_");
+    var un = "_cgiargun_";
+    var ky = "_cgiargky_";
+    var gsapi = new GSAjaxAPI("_gwcgi_","_cgiargc_","_cgiargun_","_cgiargky_");
     
     // http://stackoverflow.com/questions/6312993/javascript-seconds-to-time-with-format-hhmmss