#
# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
use strict;
#use warnings; FIXME - Bug 2505
use Digest::MD5 qw(md5_base64);
+use CGI::Session;
+use File::Spec;
require Exporter;
+
use C4::Context;
use C4::Output;
use C4::Templates;
use C4::Koha;
-use CGI::Session;
-use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
+use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
-# set the version for version checking
-$VERSION = 3.00;
=head1 NAME
=head1 SYNOPSIS
- use CGI;
+ use CGI qw ( -utf8 );
use InstallAuth;
use C4::Output;
my $query = new CGI;
- my ($template, $borrowernumber, $cookie)
- = get_template_and_user({template_name => "opac-main.tt",
- query => $query,
- type => "opac",
- authnotrequired => 1,
- flagsrequired => {borrow => 1},
- });
+ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
+ { template_name => "opac-main.tt",
+ query => $query,
+ type => "opac",
+ authnotrequired => 1,
+ flagsrequired => { acquisition => '*' },
+ }
+ );
output_html_with_http_headers $query, $cookie, $template->output;
=item get_template_and_user
- my ($template, $borrowernumber, $cookie)
- = get_template_and_user({template_name => "opac-main.tt",
- query => $query,
- type => "opac",
- authnotrequired => 1,
- flagsrequired => {borrow => 1},
- });
+ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
+ { template_name => "opac-main.tt",
+ query => $query,
+ type => "opac",
+ authnotrequired => 1,
+ flagsrequired => { acquisition => '*' },
+ }
+ );
This call passes the C<query>, C<flagsrequired> and C<authnotrequired>
to C<&checkauth> (in this module) to perform authentification.
The C<template_name> is then used to find the correct template for
the page. The authenticated users details are loaded onto the
- template in the HTML::Template LOOP variable C<USER_INFO>. Also the
+ template in the logged_in_user variable (which is a Koha::Patron object). Also the
C<sessionID> is passed to the template. This can be used in templates
if cookies are disabled. It needs to be put as and input to every
authenticated page.
$template->param( CAN_user_borrowers => 1 );
$template->param( CAN_user_permission => 1 );
$template->param( CAN_user_reserveforothers => 1 );
- $template->param( CAN_user_borrow => 1 );
$template->param( CAN_user_editcatalogue => 1 );
$template->param( CAN_user_updatecharges => 1 );
$template->param( CAN_user_acquisition => 1 );
- $template->param( CAN_user_management => 1 );
$template->param( CAN_user_tools => 1 );
$template->param( CAN_user_editauthorities => 1 );
$template->param( CAN_user_serials => 1 );
$template->param( CAN_user_reports => 1 );
}
+
+ my $minPasswordLength = C4::Context->preference('minPasswordLength');
+ $minPasswordLength = 3 if not $minPasswordLength or $minPasswordLength < 3;
+ $template->param(minPasswordLength => $minPasswordLength,);
}
return ( $template, $borrowernumber, $cookie );
}
my $dbh = C4::Context->dbh();
my $template_name;
$template_name = "installer/auth.tt";
+ my $sessdir = File::Spec->catdir( C4::Context::temporary_directory, 'cgisess_' . C4::Context->config('database') ); # same construction as in C4/Auth
# state variables
my $loggedin = 0;
C4::Context->_new_userenv($sessionID);
my $session =
new CGI::Session( "driver:File;serializer:yaml", $sessionID,
- { Directory => '/tmp' } );
+ { Directory => $sessdir } );
if ( $session->param('cardnumber') ) {
- C4::Context::set_userenv(
+ C4::Context->set_userenv(
$session->param('number'),
$session->param('id'),
$session->param('cardnumber'),
}
unless ($userid) {
my $session =
- new CGI::Session( "driver:File;serializer:yaml", undef, { Directory => '/tmp' } );
+ new CGI::Session( "driver:File;serializer:yaml", undef, { Directory => $sessdir } );
$sessionID = $session->id;
$userid = $query->param('userid');
C4::Context->_new_userenv($sessionID);
#Only superlibrarian should have access to this page.
#Since if it is a user, it is supposed that there is a borrower table
#And thus that data structure is loaded.
- my $hash = C4::Context::set_userenv(
+ my $hash = C4::Context->set_userenv(
0, 0,
C4::Context->config('user'), C4::Context->config('user'),
C4::Context->config('user'), "",
$template->param( login => 1 );
$template->param( loginprompt => 1 ) unless $info{'nopermission'};
- my $self_url = $query->url( -absolute => 1 );
- $template->param( url => $self_url, );
+ if ($info{'invalid_username_or_password'} == 1) {
+ $template->param( 'invalid_username_or_password' => $info{'invalid_username_or_password'});
+ }
+
$template->param( \%info );
$cookie = $query->cookie(
-name => 'CGISESSID',
C4::Context->config('user'),
C4::Context->config('user'),
C4::Context->config('user'),
- "", 1
+ "", "NO_LIBRARY_SET", 1
);
return 2;
}
- if ( $userid
- && $userid eq 'demo'
- && "$password" eq 'demo'
- && C4::Context->config('demo') )
- {
-
-# DEMO => the demo user is allowed to do everything (if demo set to 1 in koha.conf
-# some features won't be effective : modify systempref, modify MARC structure,
- return 2;
- }
return 0;
}