MARC import: part 2 of large file support

[koha.git] / tools / upload-file.pl

diff --git a/tools/upload-file.pl b/tools/upload-file.pl
index 21340d1..ad9efc8 100755 (executable)
--- a/tools/upload-file.pl
+++ b/tools/upload-file.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl
 
 # Copyright (C) 2007 LibLime
 #
@@ -24,16 +24,20 @@ use IO::File;
 use CGI;
 use CGI::Session;
 use C4::Context;
+use C4::Auth qw/get_session check_cookie_auth/;
 use CGI::Cookie; # need to check cookies before
                  # having CGI parse the POST request
 use Digest::MD5;
 
 my %cookies = fetch CGI::Cookie;
-my $sessionID = $cookies{'CGISESSID'}->value;
+my ($auth_status, $sessionID) = check_cookie_auth($cookies{'CGISESSID'}->value, { tools => 1 });
+if ($auth_status ne "ok") {
+    $auth_status = 'denied' if $auth_status eq 'failed';
+    send_reply($auth_status, "", "");
+    exit 0;
+}
 
-my $dbh = C4::Context->dbh;
-# FIXME get correct session -- not just mysql
-my $session = new CGI::Session("driver:MySQL", $sessionID, {Handle=>$dbh});
+my $session = get_session($sessionID);
 
 # upload-file.pl must authenticate the user
 # before processing the POST request,
@@ -43,8 +47,6 @@ my $session = new CGI::Session("driver:MySQL", $sessionID, {Handle=>$dbh});
 # requires that the session cookie already
 # have been created., $fileid, $tmp_file_name
 
-# FIXME - add authentication based on cookie
-
 my $fileid = Digest::MD5::md5_hex(Digest::MD5::md5_hex(time().{}.rand().{}.$$));
 
 # FIXME - make staging area configurable