if ($ENV{'SCRIPT_NAME'} =~ /(\w+)(\.(pl|php|pm))?$/){
$ND::PAGE = $1 unless $1 eq 'index' and $3 eq 'pl';
}
+ $ND::PAGE = '' unless defined $ND::PAGE;
page();
return Apache2::Const::OK;
}
sub page {
our $DBH = ND::DB::DB();
- our $USER = $ENV{'REMOTE_USER'};
my $error = '';
chdir '/var/www/ndawn/code';
our $TEMPLATE = HTML::Template->new(filename => 'templates/skel.tmpl', global_vars => 1, cache => 1);
- our ($UID,$PLANET) = $DBH->selectrow_array('SELECT uid,planet FROM users WHERE username = ?'
+ our ($UID,$PLANET,$USER) = $DBH->selectrow_array('SELECT uid,planet,username FROM users WHERE username ILIKE ?'
,undef,$ENV{'REMOTE_USER'});
our ($TICK) = $DBH->selectrow_array('SELECT tick()',undef);
--- /dev/null
+#!/usr/bin/perl -w -T
+#**************************************************************************
+# Copyright (C) 2006 by Michael Andreen <harvATruinDOTnu> *
+# *
+# This program is free software; you can redistribute it and/or modify *
+# it under the terms of the GNU General Public License as published by *
+# the Free Software Foundation; either version 2 of the License, or *
+# (at your option) any later version. *
+# *
+# This program is distributed in the hope that it will be useful, *
+# but WITHOUT ANY WARRANTY; without even the implied warranty of *
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+# GNU General Public License for more details. *
+# *
+# You should have received a copy of the GNU General Public License *
+# along with this program; if not, write to the *
+# Free Software Foundation, Inc., *
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. *
+#**************************************************************************/
+
+package ND::AuthHandler;
+use strict;
+use warnings FATAL => 'all';
+
+use ND::DB;
+use Apache2::Access ();
+
+sub handler {
+ my $r = shift;
+ my($res, $sent_pw) = $r->get_basic_auth_pw;
+ return $res if $res != Apache2::Const::OK;
+
+ my $dbh = ND::DB::DB();
+ my ($count) = $dbh->selectrow_array(q{SELECT count(*) FROM users WHERE
+ username ILIKE ? AND password = MD5(?)},undef,$r->user,$sent_pw);
+ if ($count == 1){
+ return Apache2::Const::OK;
+ }
+ $r->note_basic_auth_failure();
+ return Apache2::Const::AUTH_REQUIRED;
+}
+
+1;
#
AllowOverride None
</Directory>
- <Location />
+ <Location />
AuthName "NewDawn authentication"
AuthType basic
- Auth_PG_host localhost
- Auth_PG_user ndawn
- Auth_PG_pwd Ni7ueYae
- Auth_PG_database ndawn
- Auth_PG_hash_type MD5
+ PerlAuthenHandler ND::AuthHandler
- Auth_PG_pwd_table users
- Auth_PG_uid_field username
- Auth_PG_pwd_field password
-
- Auth_PG_grp_table usersingroup
- Auth_PG_grp_group_field groupname
- Auth_PG_grp_user_field username
-
- #Auth_PG_log_table access_log
- #Auth_PG_log_uname_field login
- #Auth_PG_log_date_field date
- #Auth_PG_log_uri_field request
- #Auth_PG_log_addrs_field ip_address
-
- #
- # Controls who can get stuff from this server.
- #
- Order Deny,Allow
+ Order Deny,Allow
Require valid-user
- </Location>
+ </Location>
# Disallow browsing of Subversion working copy administrative dirs.