use Switch;
use CGI;
-use CGI::Session '-ip_match';
use CGI::Carp qw ( fatalsToBrowser );
use DBI;
use Exception::Class ('LifeLogException');
#15mg data post limit
$CGI::POST_MAX = 1024 * 15000;
my ($LOGOUT,$ERROR) = (0,"");
-my $cgi = CGI->new;
-my $sss = new CGI::Session("driver:File", $cgi, {Directory=>&Settings::logPath});
-my $sid = $sss->id();
-my $dbname = $sss->param('database');
-my $userid = $sss->param('alias');
-my $pass = $sss->param('passw');
+my $cgi = CGI->new();
my $sys = `uname -n`;
-#my $acumululator="";
-
-if(!$userid||!$dbname){
- print $cgi->redirect("login_ctr.cgi?CGISESSID=$sid");
- exit;
-}
-
-Settings::dbSrc( $sss->param('db_source'));
-Settings::dbFile($sss->param('database'));
-### Fetch settings
- my $db = Settings::connectDB($userid, $pass);
- Settings::getConfiguration($db);
- Settings::getTheme();
-###
-
+my $db = Settings::fetchDBSettings($cgi);
+my $sid = Settings::sid();
+my $dbname = Settings::dbname();
+my $alias = Settings::alias();
my $rv;
my $dbs;
-my $lang = Date::Language->new(&Settings::language);
-my $today = DateTime->now;
+my $lang = Date::Language->new(&Settings::language);
+my $today = DateTime->now;
$today->set_time_zone( &Settings::timezone );
-my $tz = $cgi->param('tz');
-my $csvp = $cgi->param('csv');
+my $tz = $cgi->param('tz');
+my $csvp = $cgi->param('csv');
&exportToCSV if ($csvp);
my $status = "Ready for change!";
my $cats;
my %hshCats = {};
-&cats;
+cats();
###############
-&processSubmit;
+processSubmit();
###############
Settings::getTheme();
-$sss->param("theme", &Settings::css);
-$sss->param("bgcolor", &Settings::bgcol);
-
-&getHeader;
+Settings::session()->param("theme", Settings::css());
+Settings::session()->param("bgcolor", Settings::bgcol());
+getHeader();
if ($ERROR){&error;}else{
print qq(<div id="menu" title="To close this menu click on its heart, and wait.">
}
}
-my $frmCats = qq(
+my $frmCats = qq(
<form id="frm_config" action="config.cgi">).$tbl.qq(
<tr class="r1">
<td><input type="text" name="caid" value="" size="3"/></td>
);
my $stm = 'SELECT ID, NAME, VALUE, DESCRIPTION FROM CONFIG ORDER BY NAME;';
$dbs = Settings::selectRecords($db, $stm);
-my $REL ="";
+my $REL = "";
while(my @row = $dbs->fetchrow_array()) {
my $n = $row[1]; next if($n =~ m/^\^/); #skip private tagged settings
<tr class="r1" align="left"><td>New:</td><td><input type="pass" name="new" value="" size="12"/></td></tr>
<tr class="r1" align="left"><td>Confirmation:</td><td><input type="pass" name="confirm" value="" size="12"/></td></tr>
<tr class="r1">
- <td colspan="2" align="right"><b>Pass change for -> $userid</b> <input type="submit" value="Change"/></td>
+ <td colspan="2" align="right"><b>Pass change for -> $alias</b> <input type="submit" value="Change"/></td>
</tr>
</table><input type="hidden" name="pass_change" value="1"/></form><br>
);
<p><ol>
<li><h3>Backup Rules</h3>
<ol>
- <li>Backup provides a compressed archive of the current logged in aliased database only.</li>
- <li>Backup should be uploaded to client to restore.</li>
+ <li>Backup provides an compressed archive of only the current logged in database.</li>
+ <li>Backup should and can be uploaded to local client to later restore.</li>
<li>Issuing backup always creates on the server an copy.</li>
<li>Backups are issued manually and are interactive.</li>
+ <li>Backups are server side encrypted.</li>
+ <li>Backups can be particularly server specific, therefore not suitable for restoration on new or different hardware.</li>
+ <li>Backup uses OpenSSL, wich under different versions can be uncompatible in the implemented type of encryption.</li>
</ol>
</li>
<li><h3>Restore Rules</h3>
<ol>
- <li>The restoring is only possible if logged into the current by alias application version.</li>
- <li>Restoration is of found missing in current log data.</li>
+ <li>The restoring is only possible if logged into current database the backup belongs.</li>
+ <li>Restoration is of only logs found missing in current log.</li>
<li>Restoration is not removing entries in existing current log data.</li>
- <li>Restoration is most likelly not possible after application upgrade.</li>
+ <li>Restoration might not be possible after an server application upgrade.</li>
<li>Restoration of old backups is not made possible or is safe, on new stable application releases.
- <ul><li><i>Upgrade your application after restoring it first, as an upgrade will migrate structure and data.</i></li></ul></li>
+ <ul><li><i>Upgrade your application after restoring it first, as an upgrade will/might migrate structure and data.</i></li></ul></li>
<li>
- Restoration will import on an previous date backuped data in case when recreating a new aliased for it database, but of the same application version.
- <ul><li>For example: If the database file has been deleted or is blank on login, you than can run a restore, if you have an backup.</li></ul>
+ Restoration will import on an previous date backuped data, in case when recreating a newly created same alias database.
+ <ul><li>For example: If the database file has been deleted or is blank on login, you than can run a restore, if you have an backup, for given server.</li></ul>
</li>
</li>
<li><h3>Purpose</h3>
<ol>
- <li>Provides direct safeguard, besides any external backup procedures.</li>
- <li>Provides before snapshot, if venturing into major log modifications.</li>
+ <li>Provides a direct safeguard, besides any external backup procedures.</li>
+ <li>Provides a before snapshot, if venturing into major log modifications.</li>
<li>Encourages experimentation, with data deletion and modification.</li>
- <li>Required if downgrading from an failed application upgrade, or found missuesed and corrupted current data state.</li>
+ <li>Required if downgrading from an failed application upgrade, or found a missuesed or corrupted state of current data.</li>
</ol>
</li>
</ol></p>
$status = "Pass Has Been Changed";
}
else{
- $status = "Wrong existing pass was entered, are you user by alias: $userid ?";
+ $status = "Wrong existing pass was entered, are you user by alias: $alias ?";
print "<center><div><p><font color=red>Client Error</font>: $status</p></div></center>";
}
}
openlog(Settings::dsn(), 'cons,pid', "user");
syslog('info', 'Status:%s', $status);
- syslog('info', 'Password change request for %s', $$userid);
+ syslog('info', 'Password change request for %s', $alias);
closelog();
sub confirmExistingPass {
my $pass = $_[0];
my $crypt = encryptPassw($pass);
- my $sql = "SELECT ALIAS, PASSW from AUTH WHERE ALIAS='$userid' AND PASSW='$crypt';";
+ my $sql = "SELECT ALIAS, PASSW from AUTH WHERE ALIAS='$alias' AND PASSW='$crypt';";
# print "<center><div><p><font color=red><b>DEBUG</b></font>:[$pass]<br>$sql</p></div></center>";
$dbs = Settings::selectRecords($db, $stmtCat );
if($dbs->fetchrow_array()){
}
sub changePass {
my $pass = encryptPassw($_[0]);
- $dbs = Settings::selectRecords($db, "UPDATE AUTH SET PASSW='$pass' WHERE ALIAS='$userid';");
+ $dbs = Settings::selectRecords($db, "UPDATE AUTH SET PASSW='$pass' WHERE ALIAS='$alias';");
if($dbs->fetchrow_array()){
return 1;
}
$db->do('COMMIT;');
$db->disconnect();
- $db =Settings::connectDB($userid, $pass);
+ $db = Settings::connectDB();
$dbs = $db->do("VACUUM;");
}
sub logout {
- $sss->delete();
- $sss->flush();
+ Settings::session()->delete();
+ Settings::session()->flush();
print $cgi->redirect("login_ctr.cgi");
exit;
}
my $f = &Settings::logPath.$n;
try{
if (-e $f) {
- LifeLogException->throw("File -> <i>[$n]</i> is not a backup file or it doesn't belong to $userid (you)!") if(index ($file , /bck_\d+$userid\_log/) == -1 );
+ LifeLogException->throw("File -> <i>[$n]</i> is not a backup file or it doesn't belong to $alias (you)!") if(index ($file , /bck_\d+$alias\_log/) == -1 );
unlink($f) or LifeLogException->throw("Failed to delete $n! -> $!");
print $cgi->redirect("config.cgi?CGISESSID=$sid");
exit;
};
}
sub backup {
-
- my $ball = 'bck__'.$today->strftime('%Y%m%d%H%M%S_')."$dbname.osz";
- my $pipe = "tar czf - ".Settings::logPath().'main.cnf' ." ". Settings::dbFile()." | openssl enc -k $pass:$userid -e -des-ede3-cfb -out ".Settings::logPath().$ball." 2>/dev/null";
+ my $pass = Settings::pass();
+ my $ball = 'bck_'.$today->strftime('%Y%m%d%H%M%S_')."_$dbname.osz";
+ my $pipe = "tar czf - ".Settings::logPath().'main.cnf' ." ". Settings::dbFile()." | openssl enc -e -des-ede3-cfb -salt -S ".Settings->CIPHER_KEY." -pass pass:$pass-$alias -out ".Settings::logPath().$ball." 2>/dev/null";
my $rez = `$pipe`;
#print $cgi->header;
my $hndl = $cgi->upload("data_bck");
my ($pipe,@br);
+ my $pass = Settings::pass();
try{
-
- &getHeader;
+ getHeader();
print $cgi->start_html;
print "<pre>Reading->$hndl</pre>";
my $dbck = &Settings::logPath."bck/"; `mkdir $dbck` if (!-d $dbck);
my $tar = $dbck.$hndl; $tar =~ s/osz$/tar/;
my $pipe;
- open ($pipe, "| openssl enc -k $pass:$userid -d -des-ede3-cfb -in /dev/stdin 2>/dev/null > $tar"); #| tar zt");#1>/dev/null");
+ open ($pipe, "| openssl enc -d -des-ede3-cfb -salt -S ".Settings->CIPHER_KEY." -pass pass:$pass-$alias -in /dev/stdin 2>/dev/null > $tar");
while(<$hndl>){print $pipe $_;};
close $pipe;
print "<pre>\n";
my $m1 = "it is not permitted to restore another aliases log backup.";
- $m1= "has your log password changed?" if ($tar=~/_data_$userid/);
+ $m1= "has your log password changed?" if ($tar=~/_data_$alias/);
my $cmd = `tar tvf $tar 2>/dev/null`
- or die qq(, possible an security issue, $m1\nBACKUP FILE INVALID! $tar\nYour data alias is: <b>$userid</b>\nYour LifeLog version is:), &Settings::release ."\n";
+ or die qq(, possible an security issue, $m1\nBACKUP FILE INVALID! $tar\nYour data alias is: <b>$alias</b>\nYour LifeLog version is:), Settings::release()."\n";
print "Contents->".$cmd."\n\n";
$cmd = `tar xzvf $tar -C $dbck --strip-components 1 2>/dev/null` or die "Failed extracting $tar";
my $b_base = $dbck.$dbname;
my $dsn= "DBI:SQLite:dbname=$b_base";
- my $b_db = DBI->connect($dsn, $userid, $pass, { RaiseError => 1 }) or LifeLogException->throw(error=>"Invalid database! $dsn->$hndl [$@]", show_trace=>&Settings::debug);
+ my $b_db = DBI->connect($dsn, $alias, $pass, { RaiseError => 1 }) or LifeLogException->throw(error=>"Invalid database! $dsn->$hndl [$@]", show_trace=>&Settings::debug);
print "Connected to -> $dsn\n";
print "Merging from backup categories table...\n";
print "Done!";
}
catch{
- $ERROR = "<font color='red'><b>Restore Failed!</b></font> hndl->$hndl $@ \n";
+ $ERROR = "<font color='red'><b>Restore Failed!</b></font>hndl->$hndl $@ \n";
$ERROR = "br:[@br]" if(@br);
};
require Settings;
my $BACKUP_ENABLED = 0;
-my $cgi = CGI->new;
+my $cgi = CGI->new();
my $session = new CGI::Session("driver:File",$cgi, {Directory=>&Settings::logPath});
$session->expire(&Settings::sessionExprs);
my $sssCreatedDB = $session->param("cdb");
#Codebase release version. Release in the created db or existing one can be different, through time.
my $SCRIPT_RELEASE = Settings::release();
-if($cgi->param('logout')){&logout}
-
try{
- &checkAutologinSet;
+ logout() if($cgi->param('logout'));
+ checkAutologinSet();
if(&processSubmit==0){
print $cgi->header(-expires=>"0s", -charset=>"UTF-8", -cookie=>$cookie);
<a href="https://github.com/wbudic/LifeLog" target="_blank">Get latest version of this application here!</a><br>
</center><div>);
- Settings::printDebugHTML($debug) if (&Settings::debug);
+ Settings::printDebugHTML($debug) if (Settings::debug());
print $cgi->end_html;
}
$session->param('alias', $alias);
$session->param('passw', $passw);
$session->param('db_source', Settings::dbSrc());
- $session->param('database', Settings::dbFile());
+ $session->param('db_file', Settings::dbFile());
+ $session->param('database', Settings::dbname());
$session->flush();
### To MAIN PAGE
print $cgi->header(-expires=>"0s", -charset=>"UTF-8", -cookie=>$cookie, -location=>"main.cgi");
sub checkAutologinSet {
my (@cre, $v);
# We don't need to slurp whole file as next are expected settings in begining of the config file.
- open(my $fh, '<', &Settings::logPath.'main.cnf' ) or LifeLogException->throw("Can't open main.cnf: $!");
+ open(my $fh, '<', Settings::logPath().'main.cnf' ) or LifeLogException->throw("Can't open main.cnf: $!");
while (my $line = <$fh>) {
chomp $line;
$v = parseAutonom('AUTO_LOGIN',$line);
sub logout {
- if(&Settings::trackLogins){
+ if(Settings::trackLogins()){
try{
$alias = $session->param('alias');
$passw = $session->param('passw');
- Settings::dbSrc( $session->param('db_source'));
- Settings::dbFile($session->param('database'));
-
- my $db = Settings::connectDB($alias, $passw);
- Settings::toLog($db, "Log properly loged out by $alias.");
- $db->disconnect();
+ if($alias){
+ my $db = Settings::connectDB($alias, $passw);
+ Settings::toLog($db, "Log properly loged out by $alias.");
+ $db->disconnect();
+ }
}catch{
my $err = $@;
my $dbg = "" ;
use Switch;
use Exception::Class ('SettingsException');
use Syntax::Keyword::Try;
+use CGI;
+use CGI::Session '-ip_match';
+use CGI::Carp qw ( fatalsToBrowser );
+
use DBI;
our $DBFILE;
our $IS_PG_DB = 0;
+my ($cgi, $sss, $sid, $alias, $pass, $dbname);
+
#Annons here, variables that could be overiden in code or database, per need.
my %anons = ();
sub dbSrc {my $r = shift; if($r) {$DBI_SOURCE=$r; $IS_PG_DB = 1 if(index (uc $r, 'DBI:PG') ==0)}
return $DBI_SOURCE}
sub dbFile {my $r = shift; if($r) {$DBFILE=$r} return $DBFILE}
+sub dbName {return $dbname;}
sub dsn {return $DSN}
sub isProgressDB {return $IS_PG_DB}
+sub fetchDBSettings {
+try {
+ $CGI::POST_MAX = 1024 * 1024 * 5; # max 5GB file post size limit.
+ $cgi = CGI->new();
+ $sss = new CGI::Session("driver:File", $cgi, {Directory=>$LOG_PATH});
+ $sid = $sss->id();
+ $dbname = $sss->param('database');
+ $alias = $sss->param('alias');
+ $pass = $sss->param('passw');
+ if(!$alias||!$dbname){
+ print $cgi->redirect("login_ctr.cgi?CGISESSID=$sid&alias=$alias&dbname=$dbname");
+ exit;
+ }
+ my $ret = connectDB($alias, $pass);
+ dbSrc($sss->param('db_source'));
+ getConfiguration($ret);
+ getTheme();
+ $sss->expire($SESSN_EXPR);
+ return $ret;
+}catch{
+ SettingsException->throw(error=>$@, show_trace=>$DEBUG);
+ exit;
+}
+}
+sub cgi {return $cgi}
+sub session {return $sss}
+sub sid {return $sid}
+sub dbname {return $dbname}
+sub alias {return $alias}
+sub pass {return $pass}
sub createCONFIGStmt {
if($IS_PG_DB){qq(
sub connectDB {
my ($a,$p) = @_;
- $DBFILE = $LOG_PATH.'data_'.$a.'_log.db' if(!$DBFILE);
+ $a = $alias if(!$a);
+ $p = $alias if(!$p);
+ $dbname = 'data_'.$a.'_log.db';
+ $DBFILE = $LOG_PATH.$dbname if(!$DBFILE);
if ($IS_PG_DB) {
$DSN = $DBI_SOURCE .'dbname='.$a; $DBFILE = $a;
}else{
- $DSN = $DBI_SOURCE .'dbname='.$DBFILE
+ $DSN = $DBI_SOURCE .'dbname='.$DBFILE;
}
try{
return DBI->connect($DSN, $a, $p, {AutoCommit => 1, RaiseError => 1, PrintError => 0, show_trace=>1});
lifelog.hopto.org / LifeLog.git / commitdiff