aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xGradeBook.tcl24
-rwxr-xr-xGradeBook_lib.tcl37
2 files changed, 50 insertions, 11 deletions
diff --git a/GradeBook.tcl b/GradeBook.tcl
index d8180f3..bff9175 100755
--- a/GradeBook.tcl
+++ b/GradeBook.tcl
@@ -34,7 +34,7 @@ set action defaultview
# defaults end
# read cookies
-set user [::ncgi::cookie user]
+set user_requested [::ncgi::cookie user]
set sortCol [::ncgi::cookie sortCol]
set password [::ncgi::cookie password]
set action [::ncgi::value action defaultview]
@@ -44,6 +44,7 @@ set action [::ncgi::value action defaultview]
if { [catch {set host_name $env(SERVER_NAME)} errStat] } { set request_uri unknown}
# script uri
if { [catch {set script_name $env(SCRIPT_NAME)} errStat] } { set script_name unknown}
+set script_root_name $script_name
# figure out course db filename
if { [catch {set request_uri $env(REQUEST_URI)} errStat] } { set request_uri unknown}
regsub -all $script_name $request_uri "" coursedbfname
@@ -66,18 +67,29 @@ if { $action == "logoff" } { LogMeOff; set action defaultview }
dbg "===== Connection at $timestamp for user $user ====="
::ncgi::header
-htmlHeader
-puts "<body>"
+
+set user [ Authenticate_User $user_requested $password ]
+
set dbfile "$GradebookServerConfig(grades_db_dir)/$coursedbfname"
dbg "DB filename: $dbfile"
-if { ($coursedbfname ne "") && [file exists $dbfile] } {
+if { [file exists $dbfile] && ("$coursedbfname" ne "") } {
+ htmlHeader
+ puts "<body>"
sqlite3 db $dbfile
set permission_list [AccessGroupRights db $user $password]
htmlTop $permission_list
ChoseAction $action $permission_list $user
+ db close
} else {
- htmlErrorMsg "No requested database {$coursedbfname}. Please, check your url"
- dbg "Attemt to access non existing database: {$dbfile}"
+ htmlHeaderDBSelector
+ set permission_list [list GroupName guest]
+ puts "<body>"
+ if { "$coursedbfname" ne "" } {
+ htmlErrorMsg "No requested database {$coursedbfname}. Please, check your url"
+ dbg "Attemt to access non existing database: {$dbfile}"
+ }
+
+ html_Show_Classes_List $permission_list $user
}
htmlFooter $permission_list
diff --git a/GradeBook_lib.tcl b/GradeBook_lib.tcl
index 8d4fffc..c49ac19 100755
--- a/GradeBook_lib.tcl
+++ b/GradeBook_lib.tcl
@@ -928,6 +928,27 @@ proc htmlTop {permission_list} {
}
+proc html_Show_Classes_List {permission_list user} {
+ # list available class DBs
+ global GradebookServerConfig script_root_name
+ puts "<div>"
+ puts "Available classes are"
+ puts "<ul>"
+ foreach cdb [get_list_of_courses_db] {
+ set dbfile "$GradebookServerConfig(grades_db_dir)/$cdb"
+ if { ![file exists $dbfile] } { continue }
+
+ sqlite3 db $dbfile
+ set CourseTitle [SelectItemFromCourseInfoTable course_title]
+ set CourseYear [SelectItemFromCourseInfoTable course_year]
+ set CourseSemester [SelectItemFromCourseInfoTable course_semester]
+ puts "<li><a href=\"$script_root_name/$cdb\">$CourseYear $CourseSemester - $CourseTitle</a>"
+ db close
+ }
+ puts "</ul>"
+ puts "</div>"
+}
+
proc htmlFooter {permission_list} {
array set permission $permission_list
global VERSION
@@ -977,12 +998,12 @@ proc Greetings {} {
proc askToLogin {} {
global script_name
- global user password
+ global user_requested password
puts "<div class=\"login\">"
puts "Either you are here first time or you password and user name does not match. <br>"
puts "Please login <br>"
puts "<form name=\"input\" action=\"$script_name\" method=\"post\" />"
- puts "Login (email): <input type=\"text\" name=\"user\" value=\"$user\"><br>"
+ puts "Login (email): <input type=\"text\" name=\"user\" value=\"$user_requested\"><br>"
puts {Password: <input type="password" name="password"><br>}
puts {<input type="hidden" name="action" value="logon"/>}
puts {<input type="submit" value="Submit" />}
@@ -1040,11 +1061,12 @@ proc SendNewPassword2User { user password } {
}
proc LogMeOn {} {
- global user password
- set user [::ncgi::value user guest]
+ #more correctly set cookies
+ global user_requested password
+ set user_requested [::ncgi::value user guest]
set password [::ncgi::value password guest]
dbg "Logging in and setting cookies" 4
- ::ncgi::setCookie -name user -value $user
+ ::ncgi::setCookie -name user -value $user_requested
::ncgi::setCookie -name password -value $password
set subaction [::ncgi::value subaction {}]
@@ -1741,6 +1763,11 @@ proc ShowControls { permission_list user } {
puts "</div>"
}
+proc Authenticate_User { user_requested password } {
+ #return __non_existing_user_
+ return $user_requested
+}
+
proc AccessGroupRights {db user password } {
dbg "access rights check for user: $user"
set PasswordHash [::md5::md5 -hex $password]