- Timestamp:
- 2013-05-15T16:12:53+12:00 (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone2/perllib/cgiactions/baseaction.pm
r27323 r27349 248 248 my $users_db_file_path = &util::filename_cat($etc_directory, "users.gdb"); 249 249 250 # Use db2txt to get the user accounts information 251 my $users_db_content = ""; 252 open(USERS_DB, "db2txt \"$users_db_file_path\" |"); 253 while (<USERS_DB>) { 254 $users_db_content .= $_; 255 } 256 257 # Get the user account information from the users.gdb database 258 my %users_db_data = (); 259 foreach my $users_db_entry (split(/-{70}/, $users_db_content)) { 260 if ($users_db_entry =~ /\n?\[(.+)\]\n/) { 261 $users_db_data{$1} = $users_db_entry; 262 } 263 } 264 250 # Use dbutil to get the user accounts information 251 # infodbtype can be different for different collections, but the userDB and keyDB are gdbm 252 253 my $user_rec = &dbutil::read_infodb_entry("gdbm", $users_db_file_path, $username); 265 254 # Check username 266 my $user_data = $users_db_data{$username}; 267 if (!defined $user_data) { 255 if (!defined $user_rec) { 268 256 $gsdl_cgi->generate_error("Authentication failed: no account for user '$username'."); 269 257 } … … 271 259 # Check password 272 260 if(defined $user_password) { 273 my ($valid_user_password) = ($user_data =~ /\<password\>(.*)/);261 my $valid_user_password = $user_rec->{"password"}->[0]; 274 262 if ($user_password ne $valid_user_password) { 275 263 $gsdl_cgi->generate_error("Authentication failed: incorrect password."); … … 281 269 # if the key validates, refresh the key again by setting its timestamp to the present time. 282 270 283 # Use db 2txtto get the key accounts information271 # Use dbutil to get the key accounts information 284 272 my $key_db_file_path = &util::filename_cat($etc_directory, "key.gdb"); 285 286 my $key_db_content = ""; 287 open(USERS_DB, "db2txt \"$key_db_file_path\" |"); 288 while (<USERS_DB>) { 289 $key_db_content .= $_; 290 } 291 292 my %key_db_data = (); 293 foreach my $key_db_entry (split(/-{70}/, $key_db_content)) { 294 if ($key_db_entry =~ /\n?\[(.+)\]\n/) { 295 $key_db_data{$1} = $key_db_entry; 296 } 297 } 298 299 # check key entry 300 my $key_data = $key_db_data{$user_key}; 301 if (!defined $key_data) { 273 my $key_rec = &dbutil::read_infodb_entry("gdbm", $key_db_file_path, $user_key); 274 275 if (!defined $key_rec) { 302 276 303 277 #$gsdl_cgi->generate_error("Authentication failed: invalid key $user_key. Does not exist."); … … 305 279 } 306 280 else { 307 my ($valid_username) = ($key_data =~ /\<user\>(.*)/);281 my $valid_username = $key_rec->{"user"}->[0]; 308 282 if ($username ne $valid_username) { 309 283 $gsdl_cgi->generate_error("Authentication failed: key does not belong to user."); … … 316 290 my $current_timestamp = time; #localtime(time); 317 291 318 my ($keycreation_time) = ($key_data =~ /\<time\>(.*)/); # of the form: 2013/05/06 14:39:23292 my $keycreation_time = $key_rec->{"time"}->[0]; # of the form: 2013/05/06 14:39:23 319 293 if ($keycreation_time !~ m/^\s*$/) { # not empty 320 294 … … 328 302 329 303 # beware http://community.activestate.com/forum/posixstrftime-problem-e-numeric-day-month 330 my $current_time = strftime("%Y/%m/%d %H:%M:%S \n", localtime($current_timestamp)); # POSIX304 my $current_time = strftime("%Y/%m/%d %H:%M:%S", localtime($current_timestamp)); # POSIX 331 305 332 306 # infodbtype can be different for different collections, but the key DB is gdbm
Note:
See TracChangeset
for help on using the changeset viewer.