From 419598e1d1043eb254e3c0af43c76d798fdb2b3b Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Mon, 30 May 2005 12:21:30 +0000
Subject: r7106: the web interface now works completely with or without
 cookies. If you have cookies they will be used, otherwise you will see URLs
 with ?SwatSessionId=XXX on the end. (This used to be commit
 104d47a7458ecf03c0d5f969eaf2a98346928679)

---
 swat/esptest/menu.js              | 14 +++++++-------
 swat/login.esp                    |  6 ++++--
 swat/scripting/common.js          | 21 ++++++++++++++++++++-
 swat/scripting/header_columns.esp |  4 ++--
 4 files changed, 33 insertions(+), 12 deletions(-)

(limited to 'swat')

diff --git a/swat/esptest/menu.js b/swat/esptest/menu.js
index 3792d30943..b78ca68ee8 100644
--- a/swat/esptest/menu.js
+++ b/swat/esptest/menu.js
@@ -1,11 +1,11 @@
 /* show a menu for the esp test pages */
 simple_menu(
 	"ESP Tests",
-	"ldb database",       "/esptest/ldb.esp",
-	"html forms",         "/esptest/formtest.esp",
-	"esp includes",       "/esptest/include.esp",
-	"session variables",  "/esptest/session.esp",
-	"loadparm access",    "/esptest/loadparm.esp",
-	"exception handling", "/esptest/exception.esp",
-	"environment variables",  "/esptest/showvars.esp");
+	"ldb database",       session_uri("/esptest/ldb.esp"),
+	"html forms",         session_uri("/esptest/formtest.esp"),
+	"esp includes",       session_uri("/esptest/include.esp"),
+	"session variables",  session_uri("/esptest/session.esp"),
+	"loadparm access",    session_uri("/esptest/loadparm.esp"),
+	"exception handling", session_uri("/esptest/exception.esp"),
+	"environment variables",  session_uri("/esptest/showvars.esp"));
 
diff --git a/swat/login.esp b/swat/login.esp
index be5457fedd..9b41e2d54e 100644
--- a/swat/login.esp
+++ b/swat/login.esp
@@ -3,7 +3,9 @@
 <%
 var f = Form("login", 2, 1);
 f.element[0].label = "Username";
+f.element[0].value = form['Username'];
 f.element[1].label = "Password";
+f.element[1].value = form['Password'];
 f.element[1].type  = "password";
 f.submit[0] = "Login";
 
@@ -23,9 +25,9 @@ display_form(f);
 		   redirect them to the current page, which will now
 		   show its true content */
 		if (request.REQUEST_URI == "/login.esp") {
-		   redirect("/");
+		   redirect(session_uri("/"));
 		} else {
-		   redirect(request.REQUEST_URI);
+		   redirect(session_uri(request.REQUEST_URI));
 		}
 	}
 %>
diff --git a/swat/scripting/common.js b/swat/scripting/common.js
index 8396a3adc2..13ed34346b 100644
--- a/swat/scripting/common.js
+++ b/swat/scripting/common.js
@@ -8,6 +8,22 @@ global.page = new Object();
 /* fill in some defaults */
 global.page.title = "Samba Web Administration Tool";
 
+/* to cope with browsers that don't support cookies we append the sessionid
+   to the URI */
+global.SESSIONURI = "";
+if (request['COOKIE_SUPPORT'] != "True") {
+	global.SESSIONURI="?SwatSessionId=" + request['SESSION_ID'];
+}
+
+/*
+  possibly adjust a local URI to have the session id appended
+  used for browsers that don't support cookies
+*/
+function session_uri(uri) {
+	return uri + global.SESSIONURI;
+}
+
+
 
 /* if the browser was too dumb to set the HOST header, then
    set it now */
@@ -32,6 +48,7 @@ function page_footer() {
 	include("/scripting/footer_" + global.page.pagetype + ".esp");
 }
 
+
 /*
   check if a uri is one of the 'always allowed' pages, even when not logged in
   This allows the login page to use the same style sheets and images
@@ -40,6 +57,7 @@ function always_allowed(uri) {
 	var allowed = new Array("/images/favicon.ico", 
 				"/images/linkpad.gif",
 				"/images/logo.png",
+				"/images/logo.gif",
 				"/style/main.css",
 				"/style/common.css");
 	for (i in allowed) {
@@ -102,7 +120,7 @@ function Form(name, num_elements, num_submits)
 	f.name = name;
 	f.element = new Array(num_elements);
 	f.submit =  new Array(num_submits);
-	f.action = request.REQUEST_URI;
+	f.action = session_uri(request.REQUEST_URI);
 	f.class = "form";
 	for (i in f.element) {
 		f.element[i] = new Object();
@@ -160,3 +178,4 @@ function display_form(f) {
 	}
 	write("</form>\n");
 }
+
diff --git a/swat/scripting/header_columns.esp b/swat/scripting/header_columns.esp
index 6122124b05..3bcdc4abe9 100644
--- a/swat/scripting/header_columns.esp
+++ b/swat/scripting/header_columns.esp
@@ -42,14 +42,14 @@ filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='/images/logo.png'
   <div class="stripe"></div>
   <div class="logout">
   <b>logged in as @@session.authinfo.username</b>
-  <form method="post" action="/logout.esp">
+  <form method="post" action="/logout.esp@@global.SESSIONURI">
   <input type="submit" value="Logout" />
   </form>
   </div>
 </div>
 
 <div id="logo">
-  <div class="logo_hack"><a href="/"><img src="/images/linkpad.gif" alt="SWAT" /></a></div>
+  <div class="logo_hack"><a href="/@@global.SESSIONURI"><img src="/images/linkpad.gif" alt="SWAT" /></a></div>
 </div>
 
 <div class="slogan">
-- 
cgit