X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;ds=sidebyside;f=installer%2FInstallAuth.pm;h=1a8a4df89f90bce8dcad9fdea47d01ad60890b11;hb=5b6f89714d58d4a7c33b621b2cefbc02523dafa3;hp=81c38fb199cc91e9f79b141b3fbb5fe472bdb66d;hpb=eb4ad6e44e2d38b118fc42a350461a2fc4b26bad;p=koha_fer

diff --git a/installer/InstallAuth.pm b/installer/InstallAuth.pm
index 81c38fb199..1a8a4df89f 100644
--- a/installer/InstallAuth.pm
+++ b/installer/InstallAuth.pm
@@ -26,7 +26,6 @@ use Digest::MD5 qw(md5_base64);
 
 require Exporter;
 use C4::Context;
-use C4::Output;
 use C4::Templates;
 use C4::Koha;
 use CGI::Session;
@@ -103,24 +102,22 @@ InstallAuth - Authenticates Koha users for Install process
     authenticated page.
 
     More information on the C<gettemplate> sub can be found in the
-    Output.pm module.
+    Templates.pm module.
 
 =cut
 
 sub get_template_and_user {
     my $in       = shift;
     my $query    = $in->{'query'};
-    my $language = $query->cookie('KohaOpacLanguage');
-    my $path =
-      C4::Context->config('intrahtdocs') . "/prog/"
-      . ( $language ? $language : "en" );
-    
-    my $filename = "$path/modules/" . $in->{template_name};
-    $filename =~ s/\.tmpl$/.tt/; 
+    my $language =_get_template_language($query->cookie('KohaOpacLanguage'));
+    my $path     = C4::Context->config('intrahtdocs'). "/prog/". $language;
+
+    my $tmplbase = $in->{template_name};
+    $tmplbase=~ s/\.tmpl$/.tt/;
+    my $filename = "$path/modules/" . $tmplbase;
     my $interface = 'intranet';
-    my $template = C4::Templates->new( $interface, $filename);
+    my $template = C4::Templates->new( $interface, $filename, $tmplbase, $query);
     
-
     my ( $user, $cookie, $sessionID, $flags ) = checkauth(
         $in->{'query'},
         $in->{'authnotrequired'},
@@ -159,6 +156,17 @@ sub get_template_and_user {
     return ( $template, $borrowernumber, $cookie );
 }
 
+sub _get_template_language {
+
+    #verify if opac language exists in staff (bug 5660)
+    #conditions are 1) dir exists and 2) enabled in prefs
+    my ($opaclang) = @_;
+    return 'en' unless $opaclang;
+    $opaclang =~ s/[^a-zA-Z_-]*//g;
+    my $path = C4::Context->config('intrahtdocs') . "/prog/$opaclang";
+    -d $path ? $opaclang : 'en';
+}
+
 =item checkauth
 
   ($userid, $cookie, $sessionID) = &checkauth($query, $noauth, $flagsrequired, $type);
@@ -253,7 +261,11 @@ sub checkauth {
                 $session->param('emailaddress'),
                 $session->param('branchprinter')
             );
-            $cookie   = $query->cookie( CGISESSID => $session->id );
+            $cookie = $query->cookie(
+                -name     => 'CGISESSID',
+                -value    => $session->id,
+                -HttpOnly => 1,
+            );
             $loggedin = 1;
             $userid   = $session->param('cardnumber');
         }
@@ -265,11 +277,12 @@ sub checkauth {
             C4::Context->_unset_userenv($sessionID);
             $sessionID = undef;
             $userid    = undef;
-            open L, ">>/tmp/sessionlog";
-            my $time = localtime( time() );
-            printf L "%20s from %16s logged out at %30s (manually).\n", $userid,
-              $ip, $time;
-            close L;
+	   # Commented out due to its lack of usefulness
+           # open L, ">>/tmp/sessionlog";
+           # my $time = localtime( time() );
+           # printf L "%20s from %16s logged out at %30s (manually).\n", $userid,
+           #   $ip, $time;
+           # close L;
         }
     }
     unless ($userid) {
@@ -283,12 +296,16 @@ sub checkauth {
         my ( $return, $cardnumber ) = checkpw( $userid, $password );
         if ($return) {
             $loggedin = 1;
-            open L, ">>/tmp/sessionlog";
-            my $time = localtime( time() );
-            printf L "%20s from %16s logged in  at %30s.\n", $userid,
-              $ENV{'REMOTE_ADDR'}, $time;
-            close L;
-            $cookie = $query->cookie( CGISESSID => $sessionID );
+            # open L, ">>/tmp/sessionlog";
+            # my $time = localtime( time() );
+            # printf L "%20s from %16s logged in  at %30s.\n", $userid,
+            #  $ENV{'REMOTE_ADDR'}, $time;
+            # close L;
+            $cookie = $query->cookie(
+                -name     => 'CGISESSID',
+                -value    => $sessionID,
+                -HttpOnly => 1,
+            );
             if ( $return == 2 ) {
 
            #Only superlibrarian should have access to this page.
@@ -332,6 +349,7 @@ sub checkauth {
             $cookie = $query->cookie(
                 -name    => 'CGISESSID',
                 -value   => '',
+                -HttpOnly => 1,
                 -expires => ''
             );
         }
@@ -358,7 +376,7 @@ sub checkauth {
     my $filename = "$path/modules/$template_name";
     $filename =~ s/\.tmpl$/.tt/;
     my $interface = 'intranet';
-    my $template = C4::Templates->new( $interface, $filename);
+    my $template = C4::Templates->new( $interface, $filename, '', $query);
     $template->param(
         INPUTS => \@inputs,
 
@@ -372,13 +390,12 @@ sub checkauth {
     $cookie = $query->cookie(
         -name    => 'CGISESSID',
         -value   => $sessionID,
+        -HttpOnly => 1,
         -expires => ''
     );
-    print $query->header(
-        -type    => 'text/html; charset=utf-8',
-        -cookie  => $cookie
-      ),
-      $template->output;
+
+    require C4::Output;
+    C4::Output::output_html_with_http_headers($query,$cookie,$template->output);
     exit;
 }