in reply to Re^20: global var
in thread global var
This is error log showing the value of LoggedOn_user_id after logon ( already logged on user) . Program waiting for next "click" before proceeding.
Entered GetUserSessionCookie Sessionname: 'CGISESSID' at /home/jalamio +r/www/httpsdocs/cgi-bin/lib/perl/manageusers.pm line 765. [Thu Apr 20 17:20:07 2017] manage_users.cgi: Entered GetUserSessionCoo +kie Sessionname: 'CGISESSID' at /home/jalamior/www/httpsdocs/cgi-bin/ +lib/perl/manageusers.pm line 765. SID From Get SeesionCookie: '09f0bc99abd030d73dd4686d3633f624' at /hom +e/jalamior/www/httpsdocs/cgi-bin/lib/perl/manageusers.pm line 773. [Thu Apr 20 17:20:07 2017] manage_users.cgi: SID From Get SeesionCooki +e: '09f0bc99abd030d73dd4686d3633f624' at /home/jalamior/www/httpsdocs +/cgi-bin/lib/perl/manageusers.pm line 773. ProcessLoginRequest Query: 'CGI=HASH(0x873390)' at /home/jalamior/www/ +httpsdocs/cgi-bin/lib/perl/manageusers.pm line 238. [Thu Apr 20 17:20:07 2017] manage_users.cgi: ProcessLoginRequest Query +: 'CGI=HASH(0x873390)' at /home/jalamior/www/httpsdocs/cgi-bin/lib/pe +rl/manageusers.pm line 238. ProcessLoginRequest SID from cookie: '09f0bc99abd030d73dd4686d3633f624 +' at /home/jalamior/www/httpsdocs/cgi-bin/lib/perl/manageusers.pm lin +e 239. [Thu Apr 20 17:20:07 2017] manage_users.cgi: ProcessLoginRequest SID f +rom cookie: '09f0bc99abd030d73dd4686d3633f624' at /home/jalamior/www/ +httpsdocs/cgi-bin/lib/perl/manageusers.pm line 239. SID befor new session : '09f0bc99abd030d73dd4686d3633f624' at /home/ja +lamior/www/httpsdocs/cgi-bin/lib/perl/manageusers.pm line 266. [Thu Apr 20 17:20:07 2017] manage_users.cgi: SID befor new session : ' +09f0bc99abd030d73dd4686d3633f624' at /home/jalamior/www/httpsdocs/cgi +-bin/lib/perl/manageusers.pm line 266. username1 : '428' at /home/jalamior/www/httpsdocs/cgi-bin/lib/perl/man +ageusers.pm line 283. [Thu Apr 20 17:20:07 2017] manage_users.cgi: username1 : '428' at /hom +e/jalamior/www/httpsdocs/cgi-bin/lib/perl/manageusers.pm line 283. Already logged on LoggedOn_user_id : '428' at /home/jalamior/www/https +docs/cgi-bin/lib/perl/manageusers.pm line 296. [Thu Apr 20 17:20:07 2017] manage_users.cgi: Already logged on LoggedO +n_user_id : '428' at /home/jalamior/www/httpsdocs/cgi-bin/lib/perl/ma +nageusers.pm line 296. username1: '428' at /home/jalamior/www/httpsdocs/cgi-bin/lib/perl/mana +geusers.pm line 299. [Thu Apr 20 17:20:07 2017] manage_users.cgi: username1: '428' at /home +/jalamior/www/httpsdocs/cgi-bin/lib/perl/manageusers.pm line 299. result = '1' message0 = 'Your previous session is still valid. You a +re now logged in.' message1 = '09f0bc99abd030d73dd4686d3633f624' m +essage2 = '0' at manage_users.cgi line 87. [Thu Apr 20 17:20:07 2017] manage_users.cgi: result = '1' message0 = + 'Your previous session is still valid. You are now logged in.' mes +sage1 = '09f0bc99abd030d73dd4686d3633f624' message2 = '0' at manage_ +users.cgi line 87. Already logged in so send client already logged in form This is in the + initial action GetLoginForm at manage_users.cgi line 96. [Thu Apr 20 17:20:07 2017] manage_users.cgi: Already logged in so send + client already logged in form This is in the initial action GetLogin +Form at manage_users.cgi line 96.
And here is the program code
#!/usr/bin/perl -w #--------------------------------------------------------------------- +---------- # Perl Script manage_users.cgi # 02/12/2011 by R. Tulloch <tultalk@attglobal.net> #Revised 2/25/2017 R Tulloch # Based on lots of other folks work that went before me # licensed under the GNU General Public License ver. 2.0 # see the accompaning LICENSE file #--------------------------------------------------------------------- +---------- use strict; use diagnostics -verbose; use warnings; use CGI; use CGI::Carp qw(fatalsToBrowser warningsToBrowser); use CGI qw(:standard escapeHTML); use CGI qw/:standard/; use lib qw(/usr/local/apache/lib/perl); use CGI::Session; #use CGI::Switch; #use feature ':5.12'; #use feature 'switch'; use Time::HiRes qw(usleep); #local ($CGI::DISABLE_UPLOADS, $CGI::POST_MAX); $CGI::DISABLE_UPLOADS = 1; # Disable uploads $CGI::POST_MAX = 32 * 1024; # limit posts to 32K max use lib qw(/home/jalamior/www/httpsdocs/cgi-bin/lib/perl); #use Switch; #use lib qw(/home/httpd/vhosts/jala-mi.org/cgi-bin/lib/perl); #use lib qw(/srv/www/cgi-bin/lib/perl); use manageusers qw(GetUserSessionCookie CheckForAuthorizedUser Process +LostDataRequest ProcessLoginRequest LoginUser LogoutUser UpdateUserDa +ta GetUserLostData print_md5_javascript CheckValidLoginChar CheckVal +idEmailChar); #use Trace; #--------------------------------------------------------------------- +---------- # Admin Configuration Section #--------------------------------------------------------------------- +---------- #Association name and acronym my $fbformtitle = "Jackson Area Landlords "; my $fbacronym = "JALA"; #Only change page titles. my $htmlFeedbackheader='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 T +ransitional//EN"><html><head><title>User Feedback Form</title>'; my $htmlInvalidLoginheader='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4. +01 Transitional//EN"><html><head><title>Invalid Login Data Feedback F +orm</title>'; my $htmlInvalidUpdateheader='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4 +.01 Transitional//EN"><html><head><title>Invalid Update Input Data Fe +edback Form</title>'; my $htmlLoginheader='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Tran +sitional//EN"><html><head><title>Login Form</title>'; my $htmlUpdateUserheader='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 + Transitional//EN"><html><head><title>Update User Information</title> +'; my $htmlRequestMissingheader='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML +4.01 Transitional//EN"><html><head><title>Lost Information Request</t +itle>'; my $htmlheader2 = '<base href="http://www.jala-mi.org/"><meta http-equ +iv="Content-Type" content="text/html;charset=iso-8859-1">'; my $htmlheader3 = '<link rel="StyleSheet" href="/css/jala.css" type="t +ext/css">'; #our $loggedon_id =0; my $accessAdmin = 0; $accessAdmin = $manageusers::adminaccess; #warn("accessAdmin = '$accessAdmin'"); #--------------------------------------------------------------------- +---------- # Non-Configuarable #--------------------------------------------------------------------- +---------- my $query = new CGI; my $cgiURL = CGI::url(); my %params = CGI::Vars(); #Error Handling BEGIN { my $blank = " "; require 5.004; use CGI::Carp qw(fatalsToBrowser carpout); my $logfile = '/home/jalamior/public_html/httpsdocs/cgi-bin/logs/error +Log/errorFile.log'; open LOG, ">>$logfile" or die "Couldn't append to $logfile: $!\n"; carpout(\*LOG); }; #--------------------------------------------------------------------- +---------- # CGI Switch Tree #--------------------------------------------------------------------- +---------- Main(); sub Main { my $action = $query->param('action'); { #warn("Request for LoginForm manage_users.cgi: '$action'"); ($action eq "GetLoginForm") && do { manageusers::OpenConnection(); #warn("Just before ProcessLoginRequest - create session = '$qu +ery'"); my ($result,$message0,$message1,$message2) = ProcessLoginReque +st($query); warn("result = '$result' message0 = '$message0' message1 = + '$message1' message2 = '$message2'"); if(!$result){ #warn("Tell client that login failed"); manageusers::CloseConnection(); LoginUserFailedForm("The Login Request failed due to some i +nternal errot. Please try again or contact the office."); exit(0); #return; #exit; } elsif ($result == 1) { warn("Already logged in so send client already logged in for +m This is in the initial action GetLoginForm"); manageusers::CloseConnection(); CreateAlreadyLoggedinForm($message0); exit (0); #return; } elsif ($result == 2){ #warn("Not logged in so send client login form"); manageusers::CloseConnection(); CreateLoginForm($message0, $message1, $message2); exit(0); #return; #exit; } };
No it is not all there. ust the aprt that produced the error log.
#--------------------------------------------------------------------- +---------- # Perl Modu le manageusers # 12/28/2003 by R. Tulloch <tultalk@attglobal.net> # Revised 3/4/2017 9:37 am R Tulloch # Based on lots of other folks work that went before me # licensed under the GNU General Public License ver. 2.0 # see the accompaning LICENSE file #--------------------------------------------------------------------- +---------- # This software is provided 'as-is' and without warranty. Use it at # your own risk. # # JavaScript MD5 code by Paul Johnston <paj@pajhome.org.uk> # # * Version 1.1 Copyright (C) Paul Johnston 1999 - 2002. # * Code also contributed by Greg Holt # * See http://pajhome.org.uk/site/legal.html for details. # # The original Digest::MD5 Perl Module interface was written by # Neil Winton <N.Winton@axion.bt.co.uk> and is maintained by # Gisle Aas <gisle@ActiveState.com> # #--------------------------------------------------------------------- +---------- # The MD5 algorithm is defined in RFC 1321. The basic C code implement +ing # the algorithm is derived from that in the RFC and is covered by the # following copyright: # # Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All righ +ts # reserved. License to copy and use this software is granted provided +that # it is identified as the "RSA Data Security, Inc. MD5 Message-Digest # Algorithm" in all material mentioning or referencing this software o +r # this function. # # License is also granted to make and use derivative works provided th +at # such works are identified as "derived from the RSA Data Security, In +c. # MD5 Message-Digest Algorithm" in all material mentioning or referenc +ing # the derived work. #--------------------------------------------------------------------- +---------- package manageusers; use strict; use diagnostics -verbose; use warnings; use CGI; #use Carp::Always; use CGI::Carp qw(fatalsToBrowser warningsToBrowser); use CGI qw(:standard escapeHTML); use CGI qw/:standard/; use Data::Dumper; use Digest::MD5 qw(md5_hex); #use DB_File; # persistent hash database use CGI::Session; use CGI::Cookie; #use vars qw($session_cookie1 $session_cookie2 $login_timeout); #use vars qw($session); use Mail::Sendmail; use Time::HiRes qw(usleep); use Time::Local; BEGIN { require Exporter; use vars qw($VERSION @ISA @EXPORT_OK); use DBI; # use vars qw(@ISA @EXPORT_OK); # $ENV{DBI_TRACE}=1; # $ENV{PERL_DBI_DEBUG}=1; @ISA = qw(Exporter); # exported functions our @EXPORT_OK = qw( &OpenConnection &OpenSession &ProcessLoginRequest &ProcessLostDataRequest &LoginUser &decodeEncryptedPassName &UpdateUserData &GetUserLostData &LogoutUser &GetUserSessionCookie &CheckForAuthorizedUser &Expires $LoggedOn_user_id &GetLoggedOnUserId $attempts $adminaccess &Now &CheckValidLoginChar &CheckValidEmailChar &print_md5_javascript); $VERSION = '0.0.1'; } # $LoggedOn_user_id # package globals #use vars qw($dbh $session $sessionname); #use vars qw($dbh $session); my $dbh = ""; my $session = ''; my $sessionname = "CGISESSID"; #my $database = "assoc_mgr"; #my $sql_user_table = "users"; #my $sql_session_table = "sessions"; #my $host = "localhost"; #my $sql_username = "administrator"; #my $sql_password = "lmi2048"; my $database = "jalamior_assoc_mgr"; my $sql_user_table = "users"; my $sql_session_table = "sessions"; my $host = "localhost"; my $sql_username = "jalamior_user"; my $sql_password = "jac2175"; my $domain = $ENV{'HTTP_HOST'}; my $ipaddress = $ENV{'REMOTE_ADDR'}; my $query = new CGI; my $dsn = "dbi:mysql:database=$database;host=$host"; my $admin_log_file = "/home/jalamior/public_html/httpsdocs/cgi-bin/log +s/memberaccess.log"; #my $admin_log_file = "/srv/www/cgi-bin/logs/memberaccess.log"; #my $sessionname = "a"; #my ($dbh,$session); delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; $ENV{PATH} =~ /(.*)/ and $ENV{PATH} = $1; #package variables #my $mailprog = '/home/jalamior/public_html/httpsdocs/cgi-bin/lib/perl +/mail/sendmail -oi'; #my $mailprog = '/usr/lib/sendmail -oi -t'; my $mailprog = '/usr/sbin/sendmail -oi -q -t'; my $session_cookie_timeout = '+7d'; my $login_timeout = 1000; #my $seed_number = 0; #my $seed_string = ""; our $adminaccess = 0; our $LoggedOn_user_id = 555; #Error Handling BEGIN { require 5.004; use CGI::Carp qw(fatalsToBrowser carpout); my $logfile = '/home/jalamior/public_html/httpsdocs/cgi-bin/logs/err +orLog/errorFile.log'; open LOG, ">>$logfile" or die "Couldn't append to $logfile: $!\n"; carpout(\*LOG); }; #--------------------------------------------------------------------- +---------- # Database Conection Functions #--------------------------------------------------------------------- +---------- # FUNCTION: OpenConnection() # DESCRIPTION: Connect to the MySQL database #--------------------------------------------------------------------- +---------- sub OpenConnection { my $localtimenow = localtime(Now()); $dbh = DBI->connect($dsn,$sql_username,$sql_password) or ErrorMessage("Could not connect to the database."); #warn("Open Connection-JustBefore returning database handle: '$dbh +' Current Time: '$localtimenow'"); return $dbh; } #--------------------------------------------------------------------- +---------- # FUNCTION: CloseConnection # DESCRIPTION: Disconnect from the MySQL database #--------------------------------------------------------------------- +---------- sub CloseConnection { my $localdbh = @_; my $localtimenow = localtime(Now()); if ($localdbh){ $localdbh->disconnect(); } elsif ($dbh) { $dbh->disconnect(); } #warn("Close Connection -just before exit Current Time: '$loc +altimenow'"); # exit(0); } #--------------------------------------------------------------------- +---------- # FUNCTION: ExecuteQuery($dbh,$SQL) # DESCRIPTION: Executes a query against the database ($dbh) using the + passed # SQL statement $SQL and returns the result set. #--------------------------------------------------------------------- +---------- sub ExecuteQuery { my ($SQL) = @_; my $sth = $dbh->prepare($SQL) || ErrorMessage($SQL); $sth->execute() || ErrorMessage($SQL); return $sth; } #--------------------------------------------------------------------- +---------- # FUNCTION: ErrorMessage # DESCRIPTION: Print the error message that is passed and we also outp +ut to a log. #--------------------------------------------------------------------- +---------- sub ErrorMessage { my $message = shift; print qq|$message\n $DBI::errstr|; # CloseConnection(); } #--------------------------------------------------------------------- +---------- # FUNCTION: OpenSession($dbh, $sid) # Opens existing session or creates new depending on $sid #--------------------------------------------------------------------- +---------- sub OpenSession{ my ($dbh, $sid)= @_; $session = new CGI::Session("driver:MySQL", $sid, {Handle=>$dbh, Lo +ckHandle=>$dbh}); return $session; } #--------------------------------------------------------------------- +---------- # User Requests for Login,Update Data and Missing Data #--------------------------------------------------------------------- +---------- # FUNCTION: ProcessLogonRequest($query) # DESCRIPTION: Client requests log in: create session and send encrypt +ion data #--------------------------------------------------------------------- +---------- sub ProcessLoginRequest { my ($query) = @_; my $status = 0; # $sessionname = 'CGISESSID'; # my %cookies = CGI::Cookie->fetch; # my $sid = $cookies{$sessionname}->value; my $sid = GetUserSessionCookie(); warn("ProcessLoginRequest Query: '$query'"); warn("ProcessLoginRequest SID from cookie: '$sid'"); #Check if it got valid return from fetch cookie if ($sid ne 0){ $status = 1; } #Or, check if valid return from cgi query elsif($query){ # if (exists $query{$sessionname}){ $sid = $query->param($sessionname); if ($sid){ #warn("ProcessLogin Request SID from Query: '$sid'"); $status = 1; } else{ $sid = undef; $status = 2; } } else { #Set up for creating a new session $sid = undef; $status = 2; } # $sid = '7032f2c7f5a2c721a483dc75fc29595e'; warn("SID befor new session : '$sid'"); $session = new CGI::Session("driver:MySQL", $sid, {Handle=>$dbh}); #warn("session = '$session'"); OpenSession($dbh,$sid); $session->param("#<expires>#",0); $session->param("isloggedin",0); $session->flush(); $sid = $session->id(); #warn("ProcessLogin Request SID from from session create: '$sid'"); my $sessiondata1 = $sid; #id created by CGI::Session; if ($status == 1) { #warn("Process Login returning after confirmed already logged in: +status: '$status' sessionname: '$sessionname' SID: '$sid'"); my $username1 = $session->param("user_id"); warn("username1 : '$username1'"); #my ($digits) = $text =~ /(\d+)/; #my ($user_id) = $username1 =~ /(\d+)/; #my $text = $username1; #$text =~ m/(\d+)/; #my $num = $1; #warn("num: '$num'"); #$username1 =~ m/(\d+)/; $LoggedOn_user_id = $username1; warn("Already logged on LoggedOn_user_id : '$LoggedOn_user_id'"); + #$LoggedOn_user_id = 428; $adminaccess = ($username1 eq "admin"); warn("username1: '$username1'"); #warn("adminaccess: '$adminaccess'"); $session->param("isloggedin",1); $session->param('timein', time()); $session->flush(); return (1, "Your previous session is still valid. You are now logg +ed in.", $sid, 0); } =for comment # $sid = '7032f2c7f5a2c721a483dc75fc29595e'; $session = new CGI::Session("driver:MySQL", $sid, {Handle=>$dbh}); #warn("session = '$session'"); OpenSession($dbh,$sid); $session->param("#<expires>#",0); $session->param("isloggedin",0); $session->flush(); $sid = $session->id(); #warn("ProcessLogin Request SID from from session create: '$sid'"); #my $sessiondata1 = $sid; #id created by CGI::Session; =cut #warn("Process Login after verify not logged in and new session: sta +tus: '$status' sessionname: '$sessionname' SID: '$sid'"); #Random hash for encoding password my $seed_number = CreateRandomSequence(10, 1); my $seed_string = CreateRandomSequence(10, 0); my $sessiondata2 = md5_hex($ipaddress . $seed_number . $seed_string) +; $session->param('sessiondata2',$sessiondata2); $session->expires('+7d'); # Expires($session, Now() + 600); $session->flush(); my $localtimenow = localtime(Now()); #warn("Process Login Request localtime(rightnow) = '$localtimenow'") +; return (2, $sessionname, $sessiondata1, $sessiondata2); }
Too much code? Hey too much code. Not enough code? Hey not enough code.
|
|---|