diff options
| author | terry%netscape.com <> | 1999-03-12 01:30:51 +0100 |
|---|---|---|
| committer | terry%netscape.com <> | 1999-03-12 01:30:51 +0100 |
| commit | 6f3e5c8018709ef5a43427c5259e24372eefe7c3 (patch) | |
| tree | b2cbd1c250a035299e5bde3402aa1a0aa26b6492 /CGI.pl | |
| parent | 5b2ed378cc135b0f3b94d960824c65e43365e247 (diff) | |
| download | bugzilla-6f3e5c8018709ef5a43427c5259e24372eefe7c3.tar.gz bugzilla-6f3e5c8018709ef5a43427c5259e24372eefe7c3.tar.xz | |
Added 'groups' stuff, where we have different group bits that we can
put on a person or on a bug. Some of the group bits control access to bugzilla
features. And a person can't access a bug unless he has every group bit set
that is also set on the bug.
Diffstat (limited to 'CGI.pl')
| -rw-r--r-- | CGI.pl | 49 |
1 files changed, 31 insertions, 18 deletions
@@ -231,6 +231,35 @@ sub PasswordForLogin { return $result; } + +sub quietly_check_login() { + $::usergroupset = '0'; + my $loginok = 0; + if (defined $::COOKIE{"Bugzilla_login"} && + defined $::COOKIE{"Bugzilla_logincookie"}) { + ConnectToDatabase(); + SendSQL("select profiles.groupset, profiles.login_name = " . + SqlQuote($::COOKIE{"Bugzilla_login"}) . + " and profiles.cryptpassword = logincookies.cryptpassword " . + "and logincookies.hostname = " . + SqlQuote($ENV{"REMOTE_HOST"}) . + " from profiles,logincookies where logincookies.cookie = " . + $::COOKIE{"Bugzilla_logincookie"} . + " and profiles.userid = logincookies.userid"); + my @row; + if (@row = FetchSQLData()) { + $loginok = $row[1]; + if ($loginok) { + $::usergroupset = $row[0]; + } + } + } + return $loginok; +} + + + + sub confirm_login { my ($nexturl) = (@_); @@ -324,25 +353,9 @@ To use the wonders of bugzilla, you can use the following: } - my $loginok = 0; - - if (defined $::COOKIE{"Bugzilla_login"} && - defined $::COOKIE{"Bugzilla_logincookie"}) { - SendSQL("select profiles.login_name = " . - SqlQuote($::COOKIE{"Bugzilla_login"}) . - " and profiles.cryptpassword = logincookies.cryptpassword " . - "and logincookies.hostname = " . - SqlQuote($ENV{"REMOTE_HOST"}) . - " from profiles,logincookies where logincookies.cookie = " . - $::COOKIE{"Bugzilla_logincookie"} . - " and profiles.userid = logincookies.userid"); - $loginok = FetchOneColumn(); - if (!defined $loginok) { - $loginok = 0; - } - } + my $loginok = quietly_check_login(); - if ($loginok ne "1") { + if ($loginok != 1) { print "Content-type: text/html\n\n"; print "<H1>Please log in.</H1>\n"; print "I need a legitimate e-mail address and password to continue.\n"; |