b3d3508ee7542e3402886a7b16cac72bacf6e62e chinhli Thu Mar 29 16:15:39 2012 -0700 Finished ser/reset Cookies diff --git src/hg/hgLogin/hgLogin.c src/hg/hgLogin/hgLogin.c index 5278460..9601dd3 100644 --- src/hg/hgLogin/hgLogin.c +++ src/hg/hgLogin/hgLogin.c @@ -389,31 +389,30 @@ changePasswordPage(conn); return; } char encPwd[35] = ""; encryptNewPwd(newPassword, encPwd, sizeof(encPwd)); safef(query,sizeof(query), "update gbMembers set password='%s' where email='%s'", sqlEscapeString(encPwd), sqlEscapeString(email)); sqlUpdate(conn, query); hPrintf ( "<h2>UCSC Genome Browser</h2>" "<p align=\"left\">" "</p>" "<h3>Password has been changed.</h3>" "Click <a href=hgLogin?hgLogin.do.signupPage=1>here</a> to return.<br>" - , email ); updatePasswordsFile(conn); cartRemove(cart, "hgLogin_password"); cartRemove(cart, "hgLogin_newPassword"); } void signupPage(struct sqlConnection *conn) /* draw the signup page */ /* XXXX TODO: cornfirm password, password help @@ -544,31 +543,30 @@ void displayLoginPage(struct sqlConnection *conn) /* draw the account login page */ { char *email = cartUsualString(cart, "hgLogin_email", ""); /* for password security, use cgi hash instead of cart */ char *password = cgiUsualString("hgLogin_password", ""); hPrintf( "<h2>UCSC Genome Browser</h2>" "<p align=\"left\">" "</p>" "<span style='color:red;'>%s</span>" "<h3>Account Login</h3>" "<form method=post action=\"hgLogin\" name=accountLoginForm >" -"<input TYPE=\"hidden\" NAME=\"hgLogin_click\" VALUE=\"postLogin\" >" "<table>" "<tr><td>User Name</td><td><input type=text name=hgLogin_userName value=\"%s\" size=20> <BR> " "<tr><td>Password</td><td><input type=password name=hgLogin_password value=\"%s\" size=10></td></tr><BR>" "<tr><td> </td><td><input type=submit name=hgLogin.do.displayLogin value=submit>" " <input type=submit name=hgLogin.do.signupPage value=cancel></td></tr>" "</table>" "<BR>" , errMsg ? errMsg : "" , email , password ); cartSaveSession(cart); hPrintf("</FORM>"); @@ -579,144 +577,158 @@ /******* BEGIN dispalyLogin *************************/ void displayLogin(struct sqlConnection *conn) /* display user account info */ { struct sqlResult *sr; char **row; char query[256]; char *userName = cartUsualString(cart, "hgLogin_userName", ""); if (sameString(userName,"")) { freez(&errMsg); errMsg = cloneString("User name cannot be blank."); displayLoginPage(conn); return; } -/************************************************************* -char *email = cartUsualString(cart, "hgLogin_email", ""); -if (sameString(email,"")) - { - freez(&errMsg); - errMsg = cloneString("Email cannot be blank."); - displayLoginPage(conn); - return; - } -****************************************************************/ /* for password security, use cgi hash instead of cart */ char *password = cgiUsualString("hgLogin_password", ""); if (sameString(password,"")) { freez(&errMsg); errMsg = cloneString("Password cannot be blank."); displayLoginPage(conn); return; } safef(query,sizeof(query),"select * from gbMembers where userName='%s'", userName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) { freez(&errMsg); char temp[256]; safef(temp,sizeof(temp),"User name %s not found.",userName); errMsg = cloneString(temp); displayLoginPage(conn); return; } struct gbMembers *m = gbMembersLoad(row); sqlFreeResult(&sr); /* TODO: check user name exist and activated */ /* ..... */ if (checkPwd(password,m->password)) { hPrintf("<h1>Login succesful !!!! calling displayLoginSuccess now.</h1>\n"); - displayLoginSuccess(); + unsigned int userID=m->idx; + hPrintf("Before call userID is %d\n",userID); + displayLoginSuccess(userName,userID); // htmlSetCookie("hgLogin_User", "chinhli", NULL, NULL, ".cse.ucsc.edu", FALSE); // hPrintf("<meta http-equiv=\"set-cookie\" content=\"hgLogin_User=chinhli;expires=Fri, 30 Dec 2015 12:00:00 GMT; path=cse.ucsc.edu\">"); return; -//htmlSetCookie("hgLogin_User", "Chin Li", NULL, NULL, -//".cse.ucsc.edu", FALSE); -// hPrintf("<h1>Login Information for %s:</h1>\n",m->email); -// hPrintf("<table>\n"); -// hPrintf("<tr><td align=right>name:</td><td>%s</td><tr>\n",m->userName); -// hPrintf("<tr><td align=right>activated:</td><td>%s</td><tr>\n",m->activated); -// hPrintf("</table>\n"); -// hPrintf("<br>\n"); -// hPrintf("Return to <a href=\"hgSession\">Session</A>.<br>\n"); -// hPrintf("Return to <a href=\"hgLogin\">signup</A>.<br>\n"); -// -// hPrintf("Go to <a href=\"/\">UCSC Genome Browser</A>.<br>\n"); } else { - hPrintf("<h1>Invalid User/Password</h1>\n",m->email); + hPrintf("<h1>Invalid User/Password</h1>\n"); hPrintf("Return to <a href=\"hgLogin\">signup</A>.<br>\n"); } gbMembersFree(&m); } /******* end old dispalyLogin *************************/ -void displayLoginSuccess() + +void displayLoginSuccess(char *userName, int userID) /* display login success msg, and set cookie */ { hPrintf( "<h2>UCSC Genome Browser</h2>" "<p align=\"left\">" "</p>" -"<span style='color:red;'>%s</span>" +"<span style='color:red;'></span>" "\n" -//"<script type=\"text/javascript\">\n" -//"function setCookie(c_name,value,exdays) " -//"{" -//"var exdate=new Date();" -//"exdate.setDate(exdate.getDate() + exdays);" -//"var c_value=escape(value) + \" 30 Dec 2015 12:00:00 GMT\";" -//"document.cookie=c_name + \"=\" + c_value;" -//"} <\/script> \n"); -//hPrintf("setCookie(\"hgLogin_User\",\"chinhl\", 180);"); ); -//hPrintf("document.cookie = \"hgLogin_User=chinhli\";"); -//hPrintf("<body onload=\"setCookie()\"> </body>"); - hPrintf( "<script language=\"JavaScript\">" -" document.write(\"Hello World!\");" -"<\/script><script language=\"JavaScript\">" +" document.write(\"Login successful, setting cookies now...\");" +" document.write(\" in Call userID is %d\n\");" +"</script>\n" + +"<script language=\"JavaScript\">" +"document.cookie = \"hgLogin_UserName=%s; domain=ucsc.edu; expires=Thu, 31 Dec 2099, 20:47:11 UTC; path=/\"; " "\n" -"document.write(\"Hello, Cookie Monster!\");" -"document.cookie = \"hgLogin_UserName=hgLogin001; domain=cse.ucsc.edu; expires=Mon, 30 Apr 2012 20:47:11 UTC; path=/\"; " +"document.cookie = \"hgLogin_UserID=%d; domain=ucsc.edu; expires=Thu, 31 Dec 2099, 20:47:11 UTC; path=/\";" +" </script>" +"\n", +userID, userName,userID); +hPrintf( +"<script language=\"JavaScript\">\n" +"<!-- " +"\n" +/* delay for 5 seconds then go back to page X */ +/* TODO: afterDelayBackTo("http....") */ +"window.setTimeout(afterDelay, 5000);\n" +"function afterDelay() {\n" +"window.location =\"http://hgwdev-chinhli.cse.ucsc.edu/cgi-bin/hgSession?hgS_doMainPage=1\";" +"\n}" +"\n" +"//-->" "\n" -"document.cookie = \"hgLogin_UserID=3043; domain=cse.ucsc.edu; expires=Mon, 30 Apr 2012 20:47:11 UTC; path=/\";" " </script>" +); +} + + +void displayLogoutSuccess() +/* display logout success msg, and reset cookie */ +{ +hPrintf( +"<h2>UCSC Genome Browser Sign Out</h2>" +"<p align=\"left\">" +"</p>" +"<span style='color:red;'></span>" +"\n" +); +hPrintf( +"<script language=\"JavaScript\">" +"document.cookie = \"hgLogin_UserName=; domain=ucsc.edu; expires=Thu, 01-Jan-70 00:00:01 GMT; path=/\"; " "\n" +"document.cookie = \"hgLogin_UserID=; domain=ucsc.edu; expires=Thu, 01-Jan-70 00:00:01 GMT; path=/\";" +"</script>\n" ); +/* return to session */ +/*******************************/ hPrintf( -"<script type=\"text/javascript\">\n" +"<script language=\"JavaScript\">\n" "<!-- " "\n" +/* delay for 5 seconds then go back to page X */ +/* TODO: afterDelayBackTo("http....") */ +"window.setTimeout(afterDelay, 5000);\n" +"function afterDelay() {\n" "window.location =\"http://hgwdev-chinhli.cse.ucsc.edu/cgi-bin/hgSession?hgS_doMainPage=1\";" +"\n}" "\n" "//-->" "\n" "</script>" ); +/****************************/ + } void displayUserInfo(struct sqlConnection *conn) /* display user account info */ { struct sqlResult *sr; char **row; char query[256]; char *user = cartUsualString(cart, "hgLogin_user", ""); /*************************************/ if (sameString(user,"")) { freez(&errMsg); @@ -753,31 +765,31 @@ hPrintf("<h1>UCSC Genome Browser User Information:</h1>\n"); hPrintf("<table>\n"); hPrintf("<tr><td align=right>User name:</td><td>%s</td><tr>\n",m->userName); hPrintf("<tr><td align=right>Real name:</td><td>%s</td><tr>\n",m->realName); hPrintf("<tr><td align=right>E-mail:</td><td>%s</td><tr>\n",m->email); hPrintf("</table>\n"); hPrintf("<br>\n"); hPrintf("Return to <a href=\"hgLogin\">signup</A>.<br>\n"); hPrintf("Go to <a href=\"/\">UCSC Genome Browser</A>.<br>\n"); } else { - hPrintf("<h1>Invalid User/Password</h1>\n",m->userName); + hPrintf("<h1>Invalid User/Password</h1>\n"); hPrintf("Return to <a href=\"hgLogin\">signup</A>.<br>\n"); } /**************************************************/ gbMembersFree(&m); } /* void upgradeMembersTable(struct sqlConnection* conn) / * one-time upgrade of gbMembers table to store encrypted passwords * / { char query[256]; safef(query,sizeof(query),"select email from members"); struct slName *email=NULL,*list = sqlQuickList(conn,query); @@ -852,30 +864,32 @@ } else if (cartVarExists(cart, "hgLogin.do.lostPasswordPage")) lostPasswordPage(conn); else if (cartVarExists(cart, "hgLogin.do.lostPassword")) lostPassword(conn); else if (cartVarExists(cart, "hgLogin.do.changePasswordPage")) changePasswordPage(conn); else if (cartVarExists(cart, "hgLogin.do.changePassword")) changePassword(conn); else if (cartVarExists(cart, "hgLogin.do.displayUserInfo")) displayUserInfo(conn); else if (cartVarExists(cart, "hgLogin.do.displayLoginPage")) displayLoginPage(conn); else if (cartVarExists(cart, "hgLogin.do.displayLogin")) displayLogin(conn); +else if (cartVarExists(cart, "hgLogin.do.displayLogout")) + displayLogoutSuccess(); else if (cartVarExists(cart, "hgLogin.do.signup")) signup(conn); else signupPage(conn); hDisconnectCentral(&conn); cartRemovePrefix(cart, "hgLogin.do."); } void usage() /* Explain usage and exit. */ { errAbort(