use DateTime::Format::SQLite;
use DateTime::Duration;
use Text::CSV;
-use Crypt::CBC;
-use Crypt::IDEA;
+
#DEFAULT SETTINGS HERE!
our $REC_LIMIT = 25;
our $TIME_ZONE = 'Australia/Sydney';
our $PRC_WIDTH = '60';
our $LOG_PATH = '../../dbLifeLog/';
-our $SESSN_EXPR = '+2m';
+our $SESSN_EXPR = '+12m';
our $RELEASE_VER = '1.3';
#END OF SETTINGS
my $frm;
-#This is the OS developer release key and cipher, replace on istallation. As it is not secure.
-my $cipher_key = '95d7a85ba891da896d0d87aca6d742d5';
-my $cipher = new Crypt::CBC({key => $cipher_key, cipher => 'IDEA'});
-
+#This is the OS developer release key, replace on istallation. As it is not secure.
+my $cipher_key = '95d7a85ba891da';
+
if(&processSubmit==0){
print $cgi->header(-expires=>"0s", -charset=>"UTF-8", -cookie=>$cookie);
try{
if($alias&&$passw){
- $passw = $cipher->encrypt_hex($passw);
+ $passw = uc crypt $passw, hex $cipher_key;
&checkCreateTables;
#ssion = CGI::Session->load();
$session->param('alias', $alias);
$session->param('passw', $passw);
$session->param('database', 'data_'.$alias.'_log.db');
- $session->flush();
- #print $cgi->redirect('main.cgi'."?CGISESSID=$sid");
+ $session->flush();
print $cgi->header(-expires=>"0s", -charset=>"UTF-8", -cookie=>$cookie, -location=>"main.cgi");
return 1;
}
sub authenticate{
try {
- my $ct = ctime(stat($database));
- if($ct < str2time("20 Apr 2019")){
- return;
- }
-
-
my $st =$db->prepare("SELECT * FROM AUTH WHERE alias='$userid' and passw='$password';");
$st->execute();
if($st->fetchrow_array()){return;}
+
+ #Check if passw has been wiped for reset?
+ $st =$db->prepare("SELECT * FROM AUTH WHERE alias='$userid';");
+ $st->execute();
+ my @w = $st->fetchrow_array();
+ if(@w && $w[1]==""){
+ #Wiped with -> UPDATE AUTH SET passw='' WHERE alias='$userid';
+ $st =$db->prepare("UPDATE AUTH SET passw='$password' WHERE alias='$userid';");
+ $st->execute();
+ return;
+ }
+
+
print $cgi->header(-expires=>"+0s", -charset=>"UTF-8");
print $cgi->start_html(-title => "Personal Log Login",
- -script=>{-type => 'text/javascript', -src => 'wsrc/main.js'},
- -style =>{-type => 'text/css', -src => 'wsrc/main.css'},
+ -script=>{-type => 'text/javascript', -src => 'wsrc/main.js'},
+ -style =>{-type => 'text/css', -src => 'wsrc/main.css'},
);
- print $cgi->center($cgi->div("<b>Access Denied!</b> Invalid password! alias:$userid pass:$password"));
+ print $cgi->center($cgi->div("<b>Access Denied!</b> alias:$userid pass:$password"));
print $cgi->end_html;
$db->disconnect();
$session->flush();
exit;
+
} catch{
print $cgi->header(-expires=>"+0s", -charset=>"UTF-8");
lifelog.hopto.org / LifeLog.git / commitdiff