further improvements to login

git-svn-id: http://yolanda.mister-muffin.de/svn@15 7eef14d0-6ed0-489d-bf55-20463b2d70db
2007-10-10 16:05:54 +00:00 · 2007-10-10 16:05:54 +00:00 · 6a62362820
commit 6a62362820
parent 482644fced
4 changed files with 27 additions and 13 deletions
--- a/trunk/functions.pl
+++ b/trunk/functions.pl
@ -11,3 +11,14 @@ sub fill_tagcloud {
 	$sth->finish();
 	$dbh->disconnect();
 }
+
+sub get_username_from_sid {
+	my ($sid) = @_;
+	$dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass);
+	my $sth = $dbh->prepare(qq{select username from users where sid = '$sid'});
+	$sth->execute();
+	my ($username) = $sth->fetchrow_array();
+	$sth->finish();
+	$dbh->disconnect();
+	return $username;
+}
--- a/trunk/index.pl
+++ b/trunk/index.pl
@ -9,8 +9,7 @@ my $session = new CGI::Session;
 $page = XMLin('/var/www/perl/index.xml', ForceArray => 1, KeyAttr => {} );

 #fill tags
-$page->{sid} = [$session->id];
-$page->{loggedin} = [$session->param('auth')];
+$page->{username} = get_username_from_sid($session->id);

 fill_tagcloud;

--- a/trunk/login.pl
+++ b/trunk/login.pl
@ -5,8 +5,9 @@ $session = new CGI::Session;
 $query = new CGI;

 if($query->param('action')) {
+	$dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass);
+
 	if($query->param('action') eq "login") {
-		$dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass);
 		my $user = $query->param('user');
 		my $pass = $query->param('pass');
 		my $sth = $dbh->prepare(qq{select username from users
@ -16,25 +17,30 @@ if($query->param('action')) {
 		$sth->execute();
 		
 		if($sth->fetchrow_array()) {
-			$session->param('auth', 'true');
+			my $sid = $session->id;
+			$sth = $dbh->prepare(qq{update users set sid = '$sid' where username = '$user'}); 
+			$sth->execute();
+			$sth->finish();
 			print $session->header();
 			print "logged in";
 		} else {
 			print $session->header();
-			print $query->param('action');
+			print "could not log you in";
 		}
 		
-		$sth->finish();
-		$dbh->disconnect();
-		
 	} elsif($query->param('action') eq "logout") {
-		$session->param('auth', 'false');
+		$sth = $dbh->prepare(qq{update users set sid = '' where username = '$user'}); 
+		$sth->execute();
+		$sth->finish();
+		$session->delete();
 		print $session->header();
 		print "logged out";
 	} else {
 		print $session->header();
 		print "wtf?";
 	}
+
+	$dbh->disconnect();
 } else {
 	print $session->header();
 	print '<form action="" method="POST"><p>
--- a/trunk/xsl/xhtml.xsl
+++ b/trunk/xsl/xhtml.xsl
@ -65,9 +65,7 @@
 					<div class="header2">
 						<a href="about:blank"><xsl:value-of select="$locale_strings/str[@id='register']" /></a>
 						<xsl:value-of select="$locale_strings/str[@id='separator']" />
-						<a href="login.pl?action=login"><xsl:value-of select="$locale_strings/str[@id='login']" /></a>
-						<xsl:value-of select="$locale_strings/str[@id='separator']" />
-						<a href="login.pl?action=logout"><xsl:value-of select="$locale_strings/str[@id='logout']" /></a>
+						<a href="login.pl"><xsl:value-of select="$locale_strings/str[@id='login']" /></a>
 						<xsl:value-of select="$locale_strings/str[@id='separator']" />
 						<img class="openid-icon" src="./images/openid-icon.png" alt="open id logo" />
 						<a href="about:blank"><xsl:value-of select="$locale_strings/str[@id='login_openid']" /></a>
@ -90,7 +88,7 @@
 							<xsl:value-of select="//@username" />
 						</a>
 						<xsl:value-of select="$locale_strings/str[@id='separator']" />
-						<a href="about:blank"><xsl:value-of select="$locale_strings/str[@id='logout']" /></a>
+						<a href="login.pl?action=logout"><xsl:value-of select="$locale_strings/str[@id='logout']" /></a>
 					</div>
 				</xsl:otherwise>
 			</xsl:choose>