X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=C4%2FAuth.pm;h=38bbd5ef1576083215bb80f291a91cd46d778007;hb=b32c38f9f10e0e2ad6eff5c044a520a14f9f1eaf;hp=54fb74c5a4766dfd300fcba85d2c4817c24bd254;hpb=d7cbdd3d0bcc4bf06f65ed1fec16d506fa8f217f;p=koha_gimpoz

diff --git a/C4/Auth.pm b/C4/Auth.pm
index 54fb74c5a4..38bbd5ef15 100644
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -27,15 +27,13 @@ use CGI::Session;
 require Exporter;
 use C4::Context;
 use C4::Templates;    # to get the template
-use C4::Members;
-use C4::Koha;
 use C4::Branch; # GetBranches
 use C4::VirtualShelves;
 use POSIX qw/strftime/;
 use List::MoreUtils qw/ any /;
 
 # use utf8;
-use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug $ldap $cas $caslogout $servers $memcached);
+use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug $ldap $cas $caslogout);
 
 BEGIN {
     sub psgi_env { any { /^psgi\./ } keys %ENV }
@@ -61,16 +59,7 @@ BEGIN {
     if ($cas) {
         import  C4::Auth_with_cas qw(check_api_auth_cas checkpw_cas login_cas logout_cas login_cas_url);
     }
-    $servers = C4::Context->config('memcached_servers');
-    if ($servers) {
-	require Cache::Memcached;
-        $memcached = Cache::Memcached->new({
-					       servers => [ $servers ],
-					       debug   => 0,
-					       compress_threshold => 10_000,
-					       namespace => C4::Context->config('memcached_namespace') || 'koha',
-					   });
-    }
+
 }
 
 =head1 NAME
@@ -158,17 +147,6 @@ sub get_template_and_user {
     my $insecure = C4::Context->preference('insecure');
     if ($user or $insecure) {
 
-        # load the template variables for stylesheets and JavaScript
-        $template->param( css_libs => $in->{'css_libs'} );
-        $template->param( css_module => $in->{'css_module'} );
-        $template->param( css_page => $in->{'css_page'} );
-        $template->param( css_widgets => $in->{'css_widgets'} );
-
-        $template->param( js_libs => $in->{'js_libs'} );
-        $template->param( js_module => $in->{'js_module'} );
-        $template->param( js_page => $in->{'js_page'} );
-        $template->param( js_widgets => $in->{'js_widgets'} );
-
         # user info
         $template->param( loggedinusername => $user );
         $template->param( sessionID        => $sessionID );
@@ -188,8 +166,8 @@ sub get_template_and_user {
         }
 
         $borrowernumber = getborrowernumber($user) if defined($user);
-
-        my ( $borr ) = GetMemberDetails( $borrowernumber );
+        require C4::Members;
+        my ( $borr ) = C4::Members::GetMemberDetails( $borrowernumber );
         my @bordat;
         $bordat[0] = $borr;
         $template->param( "USER_INFO" => \@bordat );
@@ -292,17 +270,6 @@ sub get_template_and_user {
     }
 	else {	# if this is an anonymous session, setup to display public lists...
 
-        # load the template variables for stylesheets and JavaScript
-        $template->param( css_libs => $in->{'css_libs'} );
-        $template->param( css_module => $in->{'css_module'} );
-        $template->param( css_page => $in->{'css_page'} );
-        $template->param( css_widgets => $in->{'css_widgets'} );
-
-        $template->param( js_libs => $in->{'js_libs'} );
-        $template->param( js_module => $in->{'js_module'} );
-        $template->param( js_page => $in->{'js_page'} );
-        $template->param( js_widgets => $in->{'js_widgets'} );
-
         $template->param( sessionID        => $sessionID );
         
         my ($total, $pubshelves) = C4::Context->get_shelves_userenv();  # an anonymous user has no 'barshelves'...
@@ -389,7 +356,10 @@ sub get_template_and_user {
             virtualshelves              => C4::Context->preference("virtualshelves"),
             StaffSerialIssueDisplayCount => C4::Context->preference("StaffSerialIssueDisplayCount"),
             NoZebra                     => C4::Context->preference('NoZebra'),
-		EasyAnalyticalRecords => C4::Context->preference('EasyAnalyticalRecords'),
+            EasyAnalyticalRecords       => C4::Context->preference('EasyAnalyticalRecords'),
+            LocalCoverImages            => C4::Context->preference('LocalCoverImages'),
+            OPACLocalCoverImages        => C4::Context->preference('OPACLocalCoverImages'),
+            AllowMultipleCovers         => C4::Context->preference('AllowMultipleCovers'),
         );
     }
     else {
@@ -398,6 +368,11 @@ sub get_template_and_user {
         my $LibraryNameTitle = C4::Context->preference("LibraryName");
         $LibraryNameTitle =~ s/<(?:\/?)(?:br|p)\s*(?:\/?)>/ /sgi;
         $LibraryNameTitle =~ s/<(?:[^<>'"]|'(?:[^']*)'|"(?:[^"]*)")*>//sg;
+        # clean up the busc param in the session if the page is not opac-detail
+        if ($in->{'template_name'} =~ /opac-(.+)\.(?:tt|tmpl)$/ && $1 !~ /^(?:MARC|ISBD)?detail$/) {
+            my $sessionSearch = get_session($sessionID || $in->{'query'}->cookie("CGISESSID"));
+            $sessionSearch->clear(["busc"]) if ($sessionSearch->param("busc"));
+        }
         # variables passed from CGI: opac_css_override and opac_search_limits.
         my $opac_search_limit = $ENV{'OPAC_SEARCH_LIMIT'};
         my $opac_limit_override = $ENV{'OPAC_LIMIT_OVERRIDE'};
@@ -432,6 +407,7 @@ sub get_template_and_user {
             OpacHighlightedWords       => C4::Context->preference("OpacHighlightedWords"),
             OPACItemHolds             => C4::Context->preference("OPACItemHolds"),
             OPACShelfBrowser          => "". C4::Context->preference("OPACShelfBrowser"),
+            OpacShowRecentComments    => C4::Context->preference("OpacShowRecentComments"),
             OPACURLOpenInNewWindow    => "" . C4::Context->preference("OPACURLOpenInNewWindow"),
             OPACUserCSS               => "". C4::Context->preference("OPACUserCSS"),
             OPACViewOthersSuggestions => "" . C4::Context->preference("OPACViewOthersSuggestions"),
@@ -488,11 +464,11 @@ sub get_template_and_user {
             SyndeticsAwards              => C4::Context->preference("SyndeticsAwards"),
             SyndeticsSeries              => C4::Context->preference("SyndeticsSeries"),
             SyndeticsCoverImageSize      => C4::Context->preference("SyndeticsCoverImageSize"),
+            OPACLocalCoverImages         => C4::Context->preference("OPACLocalCoverImages"),
         );
 
         $template->param(OpacPublic => '1') if ($user || C4::Context->preference("OpacPublic"));
     }
-	$template->param(listloop=>[{shelfname=>"Freelist", shelfnumber=>110}]);
     return ( $template, $borrowernumber, $cookie, $flags);
 }
 
@@ -682,7 +658,8 @@ sub checkauth {
             $userid   = $session->param('id');
 			$sessiontype = $session->param('sessiontype');
         }
-        if ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) ) {
+        if ( ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) )
+          || ( $cas && $query->param('ticket') ) ) {
             #if a user enters an id ne to the id in the current session, we need to log them in...
             #first we need to clear the anonymous session...
             $debug and warn "query id = " . $query->param('userid') . " but session id = " . $session->param('id');
@@ -697,7 +674,7 @@ sub checkauth {
             $session->flush;
             $session->delete();
             C4::Context->_unset_userenv($sessionID);
-            _session_log(sprintf "%20s from %16s logged out at %30s (manually).\n", $userid,$ip,(strftime "%c",localtime));
+            #_session_log(sprintf "%20s from %16s logged out at %30s (manually).\n", $userid,$ip,(strftime "%c",localtime));
             $sessionID = undef;
             $userid    = undef;
 
@@ -710,7 +687,7 @@ sub checkauth {
             $info{'timed_out'} = 1;
             $session->delete();
             C4::Context->_unset_userenv($sessionID);
-            _session_log(sprintf "%20s from %16s logged out at %30s (inactivity).\n", $userid,$ip,(strftime "%c",localtime));
+            #_session_log(sprintf "%20s from %16s logged out at %30s (inactivity).\n", $userid,$ip,(strftime "%c",localtime));
             $userid    = undef;
             $sessionID = undef;
         }
@@ -721,7 +698,7 @@ sub checkauth {
             $info{'different_ip'} = 1;
             $session->delete();
             C4::Context->_unset_userenv($sessionID);
-            _session_log(sprintf "%20s from %16s logged out at %30s (ip changed to %16s).\n", $userid,$ip,(strftime "%c",localtime), $info{'newip'});
+            #_session_log(sprintf "%20s from %16s logged out at %30s (ip changed to %16s).\n", $userid,$ip,(strftime "%c",localtime), $info{'newip'});
             $sessionID = undef;
             $userid    = undef;
         }
@@ -745,7 +722,7 @@ sub checkauth {
        	C4::Context->_new_userenv($sessionID);
         $cookie = $query->cookie(CGISESSID => $sessionID);
 	    $userid    = $query->param('userid');
-    	    if ($cas || $userid) {
+            if (($cas && $query->param('ticket')) || $userid) {
         	my $password = $query->param('password');
 		my ($return, $cardnumber);
 		if ($cas && $query->param('ticket')) {
@@ -755,11 +732,11 @@ sub checkauth {
 		    $info{'invalidCasLogin'} = 1 unless ($return);
         	} else {
 		    my $retuserid;
-		    ( $return, $retuserid ) = checkpw( $dbh, $userid, $password, $query );
+		    ( $return, $cardnumber, $retuserid ) = checkpw( $dbh, $userid, $password, $query );
 		    $userid = $retuserid if ($retuserid ne '');
 		}
 		if ($return) {
-               _session_log(sprintf "%20s from %16s logged in  at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},(strftime '%c', localtime));
+               #_session_log(sprintf "%20s from %16s logged in  at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},(strftime '%c', localtime));
             	if ( $flags = haspermission(  $userid, $flagsrequired ) ) {
 					$loggedin = 1;
             	}
@@ -1111,7 +1088,7 @@ sub check_api_auth {
     unless ($query->param('userid')) {
         $sessionID = $query->cookie("CGISESSID");
     }
-    if ($sessionID && not $cas) {
+    if ($sessionID && not ($cas && $query->param('PT')) ) {
         my $session = get_session($sessionID);
         C4::Context->_new_userenv($sessionID);
         if ($session) {
@@ -1416,8 +1393,8 @@ sub get_session {
     elsif ($storage_method eq 'Pg') {
         $session = new CGI::Session("driver:PostgreSQL;serializer:yaml;id:md5", $sessionID, {Handle=>$dbh});
     }
-    elsif ($storage_method eq 'memcached' && $servers){
-	$session = new CGI::Session("driver:memcached;serializer:yaml;id:md5", $sessionID, { Memcached => $memcached } );
+    elsif ($storage_method eq 'memcached' && C4::Context->ismemcached){
+	$session = new CGI::Session("driver:memcached;serializer:yaml;id:md5", $sessionID, { Memcached => C4::Context->memcached } );
     }
     else {
         # catch all defaults to tmp should work on all systems
@@ -1431,8 +1408,8 @@ sub checkpw {
     my ( $dbh, $userid, $password, $query ) = @_;
     if ($ldap) {
         $debug and print "## checkpw - checking LDAP\n";
-        my ($retval,$retcard) = checkpw_ldap(@_);    # EXTERNAL AUTH
-        ($retval) and return ($retval,$retcard);
+        my ($retval,$retcard,$retuserid) = checkpw_ldap(@_);    # EXTERNAL AUTH
+        ($retval) and return ($retval,$retcard,$retuserid);
     }
 
     if ($cas && $query && $query->param('ticket')) {
@@ -1458,7 +1435,7 @@ sub checkpw {
 
             C4::Context->set_userenv( "$borrowernumber", $userid, $cardnumber,
                 $firstname, $surname, $branchcode, $flags );
-            return 1, $userid;
+            return 1, $cardnumber, $userid;
         }
     }
     $sth =
@@ -1474,7 +1451,7 @@ sub checkpw {
 
             C4::Context->set_userenv( $borrowernumber, $userid, $cardnumber,
                 $firstname, $surname, $branchcode, $flags );
-            return 1, $userid;
+            return 1, $cardnumber, $userid;
         }
     }
     if (   $userid && $userid eq C4::Context->config('user')