From: rmurray <>
Date: Thu, 13 Mar 2003 03:25:56 +0000 (+0000)
Subject: remove non-https logins
X-Git-Tag: release-0.3.33~109
X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap-cgi.git;a=commitdiff_plain;h=be1495662e4a4404faa46a81befb2dbf30a794cd
remove non-https logins
---
diff --git a/Util.pm b/Util.pm
index 08a5f07..8efabfb 100644
--- a/Util.pm
+++ b/Util.pm
@@ -119,7 +119,7 @@ sub ReadPasswordFromFile {
# check to make sure the time is positive, and that the auth token
# has not expired
my $tdiff = (time - $time);
- &HTMLError("Your authentication token has expired. Please relogin") if (($tdiff < 0) || ($tdiff > $config{authexpires}));
+ &HTMLError("Your authentication token has expired. Please relogin") if (($tdiff < 0) || ($tdiff > $config{authexpires}));
return Decrypt($cipher, $passwd);
}
diff --git a/login.cgi b/login.cgi
index 55d4d31..0058aa9 100755
--- a/login.cgi
+++ b/login.cgi
@@ -1,6 +1,6 @@
#!/usr/bin/perl
-# $Id: login.cgi,v 1.7 2000/05/10 05:01:55 tausq Exp $
+# $Id: login.cgi,v 1.8 2003/03/13 04:25:56 rmurray Exp $
# (c) 1999 Randolph Chung. Licensed under the GPL.
use lib '.';
@@ -17,8 +17,8 @@ my %config = &Util::ReadConfigFile;
my $query = new CGI;
my $proto = ($ENV{HTTPS} ? "https" : "http");
-if (!($query->param('username')) || !($query->param('password'))) {
- print "Location: $proto://$ENV{SERVER_NAME}/$config{webloginurl}\n\n";
+if ($proto eq "http" || !($query->param('username')) || !($query->param('password'))) {
+ print "Location: https://$ENV{SERVER_NAME}/$config{webloginurl}\n\n";
exit;
}
diff --git a/update.cgi b/update.cgi
index 9aabb33..4ad5b88 100755
--- a/update.cgi
+++ b/update.cgi
@@ -1,6 +1,6 @@
#!/usr/bin/perl
-# $Id: update.cgi,v 1.8 2000/05/13 18:39:05 tausq Exp $
+# $Id: update.cgi,v 1.9 2003/03/13 04:25:56 rmurray Exp $
# (c) 1999 Randolph Chung. Licensed under the GPL.
use lib '.';
@@ -43,7 +43,7 @@ $auth = ($mesg->code == LDAP_SUCCESS);
if (!$auth) {
$ldap->unbind;
- &Util::HTMLError("You have not been authenticated. Please Login");
+ &Util::HTMLError("You have not been authenticated. Please Login");
}
# Authenticated....