view release on metacpan or  search on metacpan

lib/LIMS/Controller.pm  view on Meta::CPAN

		$self->print_footer;
		$self->disconnect_dbh;
		$self->close_log;
	}
	### login/session methods ###
	
	sub check_login {
		my $self = shift;
		my $q = $self->get_cgi;
		if (my $db_user_name = $q->param('user_name')){
			if (my $db_user_pass = $q->param('password')){
				$self->check_user_pass;
			} elsif (my $personnel_id = $q->param('personnel_id')){
				$self->check_session;
			} else {
				$self->db_error('No password was entered');
			}
		} else {
			$self->db_error('No user name was entered');
		}
		if ($self->db_error){
			$self->print_errors;
			$self->print_footer;
			return undef;	# bad login
		} else {
			return 1;	# login OK
		}
	}
	sub check_session {
		my $self = shift;
		my $epoch_time = Date::EzDate->new()->{'epoch second'};
		my $sess_start_secs;
		my $session_length = $self->session_length;
		# get session information from db
		if (my $user_session = $self->get_user_session) {
			# check time since last session activity
	  		$sess_start_secs = Date::EzDate->new( $self->session_time )->{'epoch second'};
			my $session_duration = $epoch_time - $sess_start_secs;  			
			if ( $session_duration > $session_length ) {
				$self->db_error('session timed out');
			}
			#Êcheck the user's ip address matches that in the db
			if ( $self->session_ip ne $self->current_ip ) {
				$self->db_error('ip error');
			}	
		} else {
			$self->db_error('session closed');
		}
		# so long as there aren't any errors, update the session to NOW()
		unless( $self->db_error ){
			# compare session time in db with that from cgi
			if (( $sess_start_secs > Date::EzDate->new( $self->current_sess_time )->{'epoch second'}) &&
				( $self->back_sensitive)) {	# is an 'old' session
					$self->standard_error("Data from this page has already been entered into the database.","Please don't use the browser's 'back' button after submitting a form");
					$self->kill_pipeline;
			} else {
				$self->update_session;
			}
		}
	}
	sub update_session {
		my $self = shift;
		$self->alter_session_id(1);
	}
	sub close_session {
    	my $self = shift;		
    	$self->alter_session_id(0);
	}
	sub log_out {
		my $self = shift;
		$self->close_session;
		my $q = $self->get_cgi;
		$q->delete_all();
		$q->param(-name=>'logout',-value=>1);
	}
	sub alter_session_id {
   		my $self = shift;
   		if (@_) {
		   	my $state = shift;
	     	my $date = Date::EzDate->new();
	     	my $mysql_time = $date->{'{year}/{%m}/{%d} %T'};	# unix style %Y actually returns 2-digit year
		   	my $ip_address = $self->current_ip;
		   	my $usr_info_obj = $self->get_user_info;
	     	my $session_id = ($state) ? $ip_address.",".$mysql_time : '';
	     	$usr_info_obj->session_id($session_id);
			$usr_info_obj->update();
			$usr_info_obj->dbi_commit;
			$self->session_id($usr_info_obj->session_id); 
	 	}
  	}
	sub current_ip {
	    my $self = shift;
	    if(defined $ENV{'HTTP_PC_REMOTE_ADDR'}){	# is mac os x server
	    	return $ENV{'HTTP_PC_REMOTE_ADDR'};
	    } else {	# use standard cgi remote host call
	    	my $q = $self->get_cgi;
	    	return $q->remote_host();
	    }
	}
	sub system_ip {
		use Net::Address::IPv4::Local;
		my $ip = Net::Address::IPv4::Local->public;
		return $ip;
	}
	sub current_sess_time {	# from cgi
		my $self = shift;
      	$self->session_arry($self->session_id,1);
	} 
	sub session_ip {	# from db
      	my $self = shift;
      	$self->session_arry($self->get_user_session,0);
  	}
	sub session_id {
		my $self = shift;
		my $q = $self->get_cgi;
		if (@_) {
			$q->param('session_id',shift);
		} else {
			$q->param('session_id');
		}
	}