import C4::Auth_with_cas qw(checkpw_cas login_cas logout_cas login_cas_url);
}
$servers = C4::Context->config('memcached_servers');
- $memcached;
if ($servers) {
require Cache::Memcached;
$memcached = Cache::Memcached->new({
my $in = shift;
my $template =
gettemplate( $in->{'template_name'}, $in->{'type'}, $in->{'query'} );
- my ( $user, $cookie, $sessionID, $flags ) = checkauth(
- $in->{'query'},
- $in->{'authnotrequired'},
- $in->{'flagsrequired'},
- $in->{'type'}
- ) unless ($in->{'template_name'}=~/maintenance/);
+ my ( $user, $cookie, $sessionID, $flags );
+ if ( $in->{'template_name'} !~m/maintenance/ ) {
+ ( $user, $cookie, $sessionID, $flags ) = checkauth(
+ $in->{'query'},
+ $in->{'authnotrequired'},
+ $in->{'flagsrequired'},
+ $in->{'type'}
+ );
+ }
my $borrowernumber;
my $insecure = C4::Context->preference('insecure');
opacuserlogin => "" . C4::Context->preference("opacuserlogin"),
reviewson => C4::Context->preference("reviewson"),
ShowReviewer => C4::Context->preference("ShowReviewer"),
+ ShowReviewerPhoto => C4::Context->preference("ShowReviewerPhoto"),
suggestion => "" . C4::Context->preference("suggestion"),
virtualshelves => "" . C4::Context->preference("virtualshelves"),
OPACSerialIssueDisplayCount => C4::Context->preference("OPACSerialIssueDisplayCount"),
$userid = $retuserid;
$info{'invalidCasLogin'} = 1 unless ($return);
} else {
- ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password, $query );
+ my $retuserid;
+ ( $return, $retuserid ) = checkpw( $dbh, $userid, $password, $query );
+ $userid = $retuserid if ($retuserid ne '');
}
if ($return) {
_session_log(sprintf "%20s from %16s logged in at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},(strftime '%c', localtime));
";
my $sth = $dbh->prepare("$select where userid=?");
$sth->execute($userid);
- unless ($sth->rows) {
- $debug and print STDERR "AUTH_1: no rows for userid='$userid'\n";
- $sth = $dbh->prepare("$select where cardnumber=?");
- $sth->execute($cardnumber);
- unless ($sth->rows) {
- $debug and print STDERR "AUTH_2a: no rows for cardnumber='$cardnumber'\n";
- $sth->execute($userid);
- unless ($sth->rows) {
- $debug and print STDERR "AUTH_2b: no rows for userid='$userid' AS cardnumber\n";
- }
- }
- }
+ unless ($sth->rows) {
+ $debug and print STDERR "AUTH_1: no rows for userid='$userid'\n";
+ $sth = $dbh->prepare("$select where cardnumber=?");
+ $sth->execute($cardnumber);
+
+ unless ($sth->rows) {
+ $debug and print STDERR "AUTH_2a: no rows for cardnumber='$cardnumber'\n";
+ $sth->execute($userid);
+ unless ($sth->rows) {
+ $debug and print STDERR "AUTH_2b: no rows for userid='$userid' AS cardnumber\n";
+ }
+ }
+ }
if ($sth->rows) {
- ($borrowernumber, $firstname, $surname, $userflags,
+ ($borrowernumber, $firstname, $surname, $userflags,
$branchcode, $branchname, $branchprinter, $emailaddress) = $sth->fetchrow;
$debug and print STDERR "AUTH_3 results: " .
"$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress\n";
C4::Context->set_userenv( "$borrowernumber", $userid, $cardnumber,
$firstname, $surname, $branchcode, $flags );
- return 1, $cardnumber;
+ return 1, $userid;
}
}
$sth =
my ($userid, $flagsrequired) = @_;
my $sth = C4::Context->dbh->prepare("SELECT flags FROM borrowers WHERE userid=?");
$sth->execute($userid);
- my $flags = getuserflags( $sth->fetchrow(), $userid );
+ my $flags = getuserflags($sth->fetchrow(), $userid);
if ( $userid eq C4::Context->config('user') ) {
# Super User Account from /etc/koha.conf
$flags->{'superlibrarian'} = 1;
# Demo user that can do "anything" (demo=1 in /etc/koha.conf)
$flags->{'superlibrarian'} = 1;
}
+
return $flags if $flags->{superlibrarian};
+
foreach my $module ( keys %$flagsrequired ) {
my $subperm = $flagsrequired->{$module};
if ($subperm eq '*') {