use strict;
#use warnings; FIXME - Bug 2505
use Digest::MD5 qw(md5_base64);
+use CGI::Session;
+use File::Spec;
require Exporter;
+
use C4::Context;
use C4::Output;
use C4::Templates;
use C4::Koha;
-use CGI::Session;
-use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
+use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
-# set the version for version checking
-$VERSION = 3.00;
=head1 NAME
my $query = new CGI;
- my ($template, $borrowernumber, $cookie)
- = get_template_and_user({template_name => "opac-main.tt",
- query => $query,
- type => "opac",
- authnotrequired => 1,
- flagsrequired => {borrow => 1},
- });
+ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
+ { template_name => "opac-main.tt",
+ query => $query,
+ type => "opac",
+ authnotrequired => 1,
+ flagsrequired => { acquisition => '*' },
+ }
+ );
output_html_with_http_headers $query, $cookie, $template->output;
=item get_template_and_user
- my ($template, $borrowernumber, $cookie)
- = get_template_and_user({template_name => "opac-main.tt",
- query => $query,
- type => "opac",
- authnotrequired => 1,
- flagsrequired => {borrow => 1},
- });
+ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
+ { template_name => "opac-main.tt",
+ query => $query,
+ type => "opac",
+ authnotrequired => 1,
+ flagsrequired => { acquisition => '*' },
+ }
+ );
This call passes the C<query>, C<flagsrequired> and C<authnotrequired>
to C<&checkauth> (in this module) to perform authentification.
The C<template_name> is then used to find the correct template for
the page. The authenticated users details are loaded onto the
- template in the HTML::Template LOOP variable C<USER_INFO>. Also the
+ template in the logged_in_user variable (which is a Koha::Patron object). Also the
C<sessionID> is passed to the template. This can be used in templates
if cookies are disabled. It needs to be put as and input to every
authenticated page.
$template->param( CAN_user_borrowers => 1 );
$template->param( CAN_user_permission => 1 );
$template->param( CAN_user_reserveforothers => 1 );
- $template->param( CAN_user_borrow => 1 );
$template->param( CAN_user_editcatalogue => 1 );
$template->param( CAN_user_updatecharges => 1 );
$template->param( CAN_user_acquisition => 1 );
- $template->param( CAN_user_management => 1 );
$template->param( CAN_user_tools => 1 );
$template->param( CAN_user_editauthorities => 1 );
$template->param( CAN_user_serials => 1 );
$template->param( CAN_user_reports => 1 );
}
+
+ my $minPasswordLength = C4::Context->preference('minPasswordLength');
+ $minPasswordLength = 3 if not $minPasswordLength or $minPasswordLength < 3;
+ $template->param(minPasswordLength => $minPasswordLength,);
}
return ( $template, $borrowernumber, $cookie );
}
my $dbh = C4::Context->dbh();
my $template_name;
$template_name = "installer/auth.tt";
+ my $sessdir = File::Spec->catdir( C4::Context::temporary_directory, 'cgisess_' . C4::Context->config('database') ); # same construction as in C4/Auth
# state variables
my $loggedin = 0;
C4::Context->_new_userenv($sessionID);
my $session =
new CGI::Session( "driver:File;serializer:yaml", $sessionID,
- { Directory => '/tmp' } );
+ { Directory => $sessdir } );
if ( $session->param('cardnumber') ) {
C4::Context->set_userenv(
$session->param('number'),
}
unless ($userid) {
my $session =
- new CGI::Session( "driver:File;serializer:yaml", undef, { Directory => '/tmp' } );
+ new CGI::Session( "driver:File;serializer:yaml", undef, { Directory => $sessdir } );
$sessionID = $session->id;
$userid = $query->param('userid');
C4::Context->_new_userenv($sessionID);
$template->param( login => 1 );
$template->param( loginprompt => 1 ) unless $info{'nopermission'};
- my $self_url = $query->url( -absolute => 1 );
- $template->param( url => $self_url, );
+ if ($info{'invalid_username_or_password'} == 1) {
+ $template->param( 'invalid_username_or_password' => $info{'invalid_username_or_password'});
+ }
+
$template->param( \%info );
$cookie = $query->cookie(
-name => 'CGISESSID',
);
return 2;
}
- if ( $userid
- && $userid eq 'demo'
- && "$password" eq 'demo'
- && C4::Context->config('demo') )
- {
-
-# DEMO => the demo user is allowed to do everything (if demo set to 1 in koha.conf
-# some features won't be effective : modify systempref, modify MARC structure,
- return 2;
- }
return 0;
}