File Coverage

blib/lib/CGI/Portal/Sessions.pm

Criterion	Covered	Total	%
statement	9	61	14.7
branch	0	12	0.0
condition	0	9	0.0
subroutine	3	11	27.2
pod	0	8	0.0
total	12	101	11.8

line	stmt	bran	cond	sub	pod	time	code
1							package CGI::Portal::Sessions;
2							# Copyright (c) 2008 Alexander David P. All rights reserved.
3							#
4							# Authentication and Session class
5
6	1			1		5	use strict;
	1					2
	1					33
7
8	1			1		5	use Digest::MD5 qw(md5_hex);
	1					1
	1					61
9
10	1			1		5	use vars qw($VERSION);
	1					2
	1					1257
11
12							$VERSION = "0.12";
13
14							1;
15
16							sub new {
17	0			0	0		my ($class, $i) = @_;
18	0						bless $i, $class;
19	0						return $i;
20							}
21
22							# Verify password or session
23							sub authenticate_user {
24	0			0	0		my $self = shift;
25
26							# User is logging in
27	0	0	0				if ($self->{'in'}{'user'} && $self->{'in'}{'password'}){
		0
28
29							# Get users stored password hash
30	0						my $users = $self->{'rdb'}->exec("select $self->{'conf'}{'user_user_field'},$self->{'conf'}{'user_passw_field'} from $self->{'conf'}{'user_table'} where $self->{'conf'}{'user_user_field'} like " . $self->{'rdb'}->escape($self->{'in'}{'user'}))->fetch;
31
32							# Compare password hashes
33	0	0					if (md5_hex($self->{'in'}{'password'}) eq $users->[1]){
34
35							# Assign user to object
36	0						$self->{'user'} = $users->[0];
37
38							# Start session
39	0						$self->start_session($users->[0]);
40
41							# Clean sessions
42	0						$self->clean_sessions();
43	0						return;
44							}
45							}elsif (my $sid = getcookie('sid')){
46
47							# Session expiration
48	0						my $exps = time() - $self->{'conf'}{'session_length'};
49
50							# Get session start
51	0						my $sessions = $self->{'rdb'}->exec("select $self->{'conf'}{'session_user_field'},$self->{'conf'}{'session_start_field'} from $self->{'conf'}{'session_table'} where $self->{'conf'}{'session_sid_field'}=" . $self->{'rdb'}->escape($sid))->fetch;
52
53							# Session not expired
54	0	0	0				if ($sessions->[0] && $sessions->[1] >= $exps){
55
56							# Assign user to object
57	0						$self->{'user'} = $sessions->[0];
58
59							# Renew session
60	0						$self->renew_session($self->{'user'});
61	0						return;
62							}
63							}
64
65							# Assign tmpl
66	0						$self->assign_tmpl("Sessions.html");
67							}
68
69							# Create a session
70							sub start_session {
71	0			0	0		my ($self, $user) = @_;
72	0						my $current_time = time();
73
74							# Generate a session id
75	0						my $sid;
76							my $cids;
77	0		0				while ($cids->[0] \|\| ! $sid) {
78	0						$sid = md5_hex($$ , time() , rand(8888) );
79	0						$cids = $self->{'rdb'}->exec("select $self->{'conf'}{'session_index_field'} from $self->{'conf'}{'session_table'} where $self->{'conf'}{'session_sid_field'} = $sid limit 1")->fetch;
80							}
81
82							# Get current session index
83	0						my $cc = $self->{'rdb'}->exec("select $self->{'conf'}{'session_index_field'} from $self->{'conf'}{'session_table'} order by $self->{'conf'}{'session_index_field'} desc limit 1")->fetch;
84	0						my $c = $cc->[0]+1;
85
86							# Insert session and prepare cookie
87	0						$self->{'rdb'}->exec("insert into $self->{'conf'}{'session_table'} ($self->{'conf'}{'session_index_field'},$self->{'conf'}{'session_sid_field'},$self->{'conf'}{'session_user_field'},$self->{'conf'}{'session_start_field'}) values (" . $self->{'rdb'}->escape($c, $sid, $user, $current_time) . ")");
88	0						$self->{'cookies'} .= "Set-Cookie: sid=$sid; path=/\n";
89							}
90
91							# Update session start
92							sub renew_session {
93	0			0	0		my $self = shift;
94	0						my $sid = getcookie('sid');
95	0						my $current_time = time();
96	0						$self->{'rdb'}->exec("update $self->{'conf'}{'session_table'} set $self->{'conf'}{'session_start_field'}=$current_time where $self->{'conf'}{'session_sid_field'}=" . $self->{'rdb'}->escape($sid));
97							}
98
99							# Remove session
100							sub logoff {
101	0			0	0		my $self = shift;
102	0						my $sid = getcookie('sid');
103	0						$self->{'rdb'}->exec("delete from $self->{'conf'}{'session_table'} where $self->{'conf'}{'session_sid_field'}=" . $self->{'rdb'}->escape($sid));
104	0						$self->{'user'} = "";
105							}
106
107							# Remove expired sessions
108							sub clean_sessions {
109	0			0	0		my $self = shift;
110	0						my $exps = time() - $self->{'conf'}{'session_length'};
111	0						$self->{'rdb'}->exec("delete from $self->{'conf'}{'session_table'} where $self->{'conf'}{'session_start_field'} < $exps");
112							}
113
114							# Assign template output to object out
115							sub assign_tmpl {
116	0			0	0		my ($self, $i) = @_;
117
118							# Read template
119	0						my $template = HTML::Template->new(die_on_bad_params => 0, filename => "$self->{'conf'}{'template_dir'}$i");
120	0						$self->{'tmpl_vars'}{'SCRIPT_NAME'} = $ENV{'SCRIPT_NAME'};
121
122							# Assign vars to template
123	0						$template->param(%{$self->{'tmpl_vars'}});
	0
124
125							# Assign template output to object out
126	0						$self->{'out'} = $template->output;
127							}
128
129							sub getcookie {
130	0			0	0		my $cookiename = shift;
131	0						my $cookie;
132							my $value;
133	0	0					if ($ENV{'HTTP_COOKIE'}) {
134	0						foreach (split(/; /,$ENV{'HTTP_COOKIE'})) {
135	0						($cookie,$value) = split(/=/);
136	0	0					if ($cookiename eq $cookie) {
137	0						return $value;
138							}
139							}
140							}
141							}