From 16898e40b402dd0cea3da56f712ed01e13316612 Mon Sep 17 00:00:00 2001 From: Will Budic Date: Sat, 4 Jan 2020 23:07:34 +1100 Subject: [PATCH] Start on new dev and bug fixes. --- Current Development Check List.md | 22 ++++++++----- dbLifeLog/main.cnf | 2 +- htdocs/cgi-bin/config.cgi | 23 +++++++++++-- htdocs/cgi-bin/login_ctr.cgi | 40 +++++++++++------------ htdocs/cgi-bin/main.cgi | 16 ++++++--- htdocs/cgi-bin/system/modules/Settings.pm | 2 +- 6 files changed, 67 insertions(+), 38 deletions(-) diff --git a/Current Development Check List.md b/Current Development Check List.md index 4b4747b..23725bf 100644 --- a/Current Development Check List.md +++ b/Current Development Check List.md @@ -4,15 +4,17 @@ This version is not compatible in data structure to prior versions. Data migration is required, to transfer previous data (see ../dbLifeLog/main.cnf). + ## LifeLog Development ### v.1.7 Encountered -* Delete page updated to show better display of entries. -* Login page to indentify host. -* Invalid login only shows db error. -* Session cleanup on autologin not clearing properly. - * A dbfix, should clear older entris as well. +* Delete page updated to show better display of entries. +* Provide sub alias login that sets data visible to only a set of categories. + * View specific based login on a different password. +* ✔ Login page to indentify host. +* ✔ Session cleanup on autologin not clearing properly. + * A dbfix, should clear older entries as well. ### v.1.6 and less @@ -43,8 +45,9 @@ This version is not compatible in data structure to prior versions. Data migrati ### v. 1.7 Encountered/Fixed -* Bug 12 - Migrated old data, linking to wrong id, db fix in config page seems to fix this. - +* ✔ Bug 13 - Migrated old data, linking to wrong id, db fix in config page seems to fix this. +* ✔ Bug 12 - Invalid login only shows db error. + ### v. 1.6 Encountered/Fixed * ✔ Bug - 11 View runs, brocken since sticky feature implentation. Page record sets don't work. @@ -62,5 +65,6 @@ This version is not compatible in data structure to prior versions. Data migrati *** -** Checked (✔) Are items that have been done and submitted to the branch.** -**Project ->** https://github.com/wbudic/LifeLog/ + Checked (✔) Are items that have been done and submitted to the branch. + + Project -> diff --git a/dbLifeLog/main.cnf b/dbLifeLog/main.cnf index e19218b..8b869d7 100644 --- a/dbLifeLog/main.cnf +++ b/dbLifeLog/main.cnf @@ -5,7 +5,7 @@ This is an Open Source License project -> https://choosealicense.com/licenses/is Credential format:< , dont enable here using AUTO_LOGIN option bellow, use config in app. < < -00|$RELEASE_VER = 1.6`LifeLog Application Version. +00|$RELEASE_VER = 1.7`LifeLog Application Version. 01|$REC_LIMIT = 25`Records shown per page. 03|$TIME_ZONE = Australia/Sydney`Time zone of your country. 05|$PRC_WIDTH = 80`Default presentation width for pages. diff --git a/htdocs/cgi-bin/config.cgi b/htdocs/cgi-bin/config.cgi index 6c06258..dc978eb 100755 --- a/htdocs/cgi-bin/config.cgi +++ b/htdocs/cgi-bin/config.cgi @@ -747,14 +747,18 @@ try{ } &renumerate; + &removeOldSessions; &resetCategories if $rs_cats; &resetSystemConfiguration($db) if $rs_syst; &wipeSystemConfiguration if $wipe_ss; + + $db->do('COMMIT;'); $db->disconnect(); $db = DBI->connect($dsn, $userid, $password, { RaiseError => 1 }) or die "

Error->"& $DBI::errstri &"

"; $dbs = $db->do("VACUUM;"); + if($LOGOUT){ &logout; @@ -1061,7 +1065,7 @@ sub getConfiguration { } -sub cats{ +sub cats { $cats = qq('; } -sub dbExecute{ +sub dbExecute { my $ret = $db->prepare(shift); $ret->execute() or die "

ERROR->"& $DBI::errstri &"

"; return $ret; @@ -1092,7 +1096,7 @@ sub error { exit; } -sub getTheme{ +sub getTheme { if ( $THEME eq 'Sun' ) { @@ -1148,4 +1152,17 @@ sub renumerate { SELECT ID_CAT, DATE, LOG, AMOUNT, AFLAG, RTF FROM life_log_temp_table ORDER by DATE;'); $dbs = dbExecute('DROP TABLE life_log_temp_table;'); +} + +sub removeOldSessions { + opendir(DIR, $LOG_PATH); + my @files = grep(/cgisess_*/,readdir(DIR)); + closedir(DIR); + my $now = time - (24 * 60 * 60); + foreach my $file (@files) { + my $mod = (stat("$LOG_PATH/$file"))[9]; + if($mod<$now){ + unlink "$LOG_PATH/$file"; + } + } } \ No newline at end of file diff --git a/htdocs/cgi-bin/login_ctr.cgi b/htdocs/cgi-bin/login_ctr.cgi index 561d4e6..d0e7b01 100755 --- a/htdocs/cgi-bin/login_ctr.cgi +++ b/htdocs/cgi-bin/login_ctr.cgi @@ -3,7 +3,6 @@ # Programed by: Will Budic # Open Source License -> https://choosealicense.com/licenses/isc/ # -package main; use strict; use warnings; use Try::Tiny; @@ -25,7 +24,7 @@ our $PRC_WIDTH = '70'; our $LOG_PATH = '../../dbLifeLog/'; our $SESSN_EXPR = '+30m'; our $DATE_UNI = '0'; -our $RELEASE_VER = '1.6'; +our $RELEASE_VER = '1.7'; our $AUTHORITY = ''; our $IMG_W_H = '210x120'; our $AUTO_WRD_LMT= 200; @@ -48,7 +47,6 @@ my $alias = $cgi->param('alias'); my $passw = $cgi->param('passw'); my $frm; - #This is the OS developer release key, replace on istallation. As it is not secure. my $cipher_key = '95d7a85ba891da'; @@ -66,7 +64,8 @@ if(&processSubmit==0){ -style => { -type => 'text/css', -src => "wsrc/$TH_CSS" }, ); - +my $ip =`hostname -I`; + $ip =~ s/\s/
/g; $frm = qq(
@@ -83,7 +82,7 @@ $frm = qq( Alias will create a new database if it doesn't exist. Note down your password. - +
You are on Server -> $ip
); print qq(

@@ -115,12 +114,13 @@ try{ $session->param('database', 'data_'.$alias.'_log.db'); $session->flush(); print $cgi->header(-expires=>"0s", -charset=>"UTF-8", -cookie=>$cookie, -location=>"main.cgi"); - return 1; + return 1; #activate redirect to main, main will check credentials. } - } + } else{ - &removeOldSessions; - } + $alias = $passw = ""; + } + &removeOldSessions; #and prompt for login returning 0 return 0; } catch{ @@ -157,6 +157,7 @@ try{ if(@set && $set[0]=="1"){ $alias = $cre[0]; $passw = $cre[1]; + &removeOldSessions; } $db->disconnect(); } @@ -169,7 +170,7 @@ try{ } } -sub checkCreateTables{ +sub checkCreateTables { try{ my $today = DateTime->now; $today->set_time_zone( $TIME_ZONE ); @@ -261,7 +262,13 @@ try{ $rv = $db->do($stmt); if($rv < 0){print "

Error->"& $DBI::errstri &"

"}; - + $st = $db->prepare("SELECT ALIAS, PASSW, EMAIL, ACTION FROM AUTH WHERE alias='$alias' AND passw='$passw';"); + $st->execute(); + my @res = $st->fetchrow_array(); + if(scalar @res == 0) { + $st = $db->prepare('INSERT INTO AUTH VALUES (?,?,?,?);'); + $st->execute($alias, $passw,"",0); + } } # # Scratch FTS4 implementation if present. @@ -285,13 +292,6 @@ try{ if($rv < 0){print "

Error->"& $DBI::errstri &"

"}; } - $st = $db->prepare("SELECT ALIAS, PASSW, EMAIL, ACTION FROM AUTH WHERE alias='$alias' AND passw='$passw';"); - $st->execute(); - my @res = $st->fetchrow_array(); - if(scalar @res == 0) { - $st = $db->prepare('INSERT INTO AUTH VALUES (?,?,?,?);'); - $st->execute($alias, $passw,"",0); - } $st = $db->prepare(selSQLTbl('CONFIG')); $st->execute(); @@ -413,7 +413,7 @@ $err .= "Invalid, spec'ed {uid}|{variable}`{description}-> $line\n"; }elsif($table_type==1){ my @pair = $tick[0] =~ m[(\S+)\s*\|\s*(\S+)]g; if ( scalar(@pair)==2 ) { - my $st = $db->prepare("SELECT rowid FROM CONFIG WHERE NAME LIKE '$pair[1]';"); + my $st = $db->prepare("SELECT ID FROM CAT WHERE NAME LIKE '$pair[1]';"); $st->execute(); $inData = 1; if(!$st->fetchrow_array()) { @@ -495,7 +495,7 @@ sub logout{ exit; } -sub getTheme{ +sub getTheme { if ( $THEME eq 'Sun' ) { diff --git a/htdocs/cgi-bin/main.cgi b/htdocs/cgi-bin/main.cgi index d516d05..3d25d17 100755 --- a/htdocs/cgi-bin/main.cgi +++ b/htdocs/cgi-bin/main.cgi @@ -1099,14 +1099,22 @@ sub authenticate { print $cgi->header( -expires => "+0s", -charset => "UTF-8" ); print $cgi->start_html( -title => "Personal Log Login", + -BGCOLOR => $BGCOL, -script => { -type => 'text/javascript', -src => 'wsrc/main.js' }, -style => { -type => 'text/css', -src => 'wsrc/main.css' }, ); - - print $cgi->center( - $cgi->div("Access Denied! alias:$userid pass:$password SQL->SELECT * FROM AUTH WHERE alias='$userid' and passw='$password'; ") - ); + if($DEBUG){ + print $cgi->center( + $cgi->div("Access Denied! alias:$userid pass:$password SQL->SELECT * FROM AUTH WHERE alias='$userid' and passw='$password'; ") + ); + } + else{ + print $cgi->center( + $cgi->div('

Sorry Access Denied!

You supplied wrong credentials.'), + $cgi->div('

[Login]

') + ); + } print $cgi->end_html; $db->disconnect(); diff --git a/htdocs/cgi-bin/system/modules/Settings.pm b/htdocs/cgi-bin/system/modules/Settings.pm index 76f4b18..250f20c 100644 --- a/htdocs/cgi-bin/system/modules/Settings.pm +++ b/htdocs/cgi-bin/system/modules/Settings.pm @@ -15,7 +15,7 @@ our $PRC_WIDTH = '60'; our $LOG_PATH = '../../dbLifeLog/'; our $SESSN_EXPR = '+30m'; our $DATE_UNI = '0'; -our $RELEASE_VER = '1.6'; +our $RELEASE_VER = '1.7'; our $AUTHORITY = ''; our $IMG_W_H = '210x120'; our $AUTO_WRD_LMT = 1000; -- 2.34.1