From 482644fcedd1a8c5c19003f9174ce0156492283c Mon Sep 17 00:00:00 2001 From: josch Date: Wed, 10 Oct 2007 15:14:05 +0000 Subject: [PATCH] use CGI instead of manual qeury retrieval git-svn-id: http://yolanda.mister-muffin.de/svn@14 7eef14d0-6ed0-489d-bf55-20463b2d70db --- trunk/functions.pl | 2 +- trunk/include.pl | 7 ++++--- trunk/login.pl | 34 +++++++++++----------------------- trunk/register.pl | 21 ++++++++------------- 4 files changed, 24 insertions(+), 40 deletions(-) diff --git a/trunk/functions.pl b/trunk/functions.pl index 69cabbb..37a5859 100644 --- a/trunk/functions.pl +++ b/trunk/functions.pl @@ -1,7 +1,7 @@ require "/var/www/perl/include.pl"; sub fill_tagcloud { - $dbh = DBI->connect("DBI:mysql:$database:$host", $user, $pass); + $dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass); my $sth = $dbh->prepare(qq{select text, count from tagcloud }); $sth->execute(); while (my ($text, $count) = $sth->fetchrow_array()) diff --git a/trunk/include.pl b/trunk/include.pl index 5418ed9..f0e9739 100644 --- a/trunk/include.pl +++ b/trunk/include.pl @@ -1,10 +1,11 @@ use CGI::Session; +use CGI; use DBI; use XML::Simple qw(:strict); $database = 'gnutube'; -$host = 'localhost'; -$user = 'root'; -$pass = ''; +$dbhost = 'localhost'; +$dbuser = 'root'; +$dbpass = ''; $session_name = 'sid'; 1; diff --git a/trunk/login.pl b/trunk/login.pl index c68703b..07197aa 100644 --- a/trunk/login.pl +++ b/trunk/login.pl @@ -1,29 +1,17 @@ require "/var/www/perl/include.pl"; -#fill %querystring with everything that was passed via GET -@parts = split( /\&/, $ENV{ "QUERY_STRING" } ); -foreach $part (@parts) { - ( $name, $value ) = split( /\=/, $part ); - $queryString{ $name } = $value; -} - -#fill %querystring with everything that was passed via POST -read( STDIN, $tmpStr, $ENV{ "CONTENT_LENGTH" } ); -@parts = split( /\&/, $tmpStr ); -foreach $part (@parts) { - ( $name, $value ) = split( /\=/, $part ); - $queryString{ $name } = $value; -} - CGI::Session->name($session_name); -my $session = new CGI::Session; +$session = new CGI::Session; +$query = new CGI; -if($queryString{ "action" }) { - if($queryString{ "action" } eq "login") { - $dbh = DBI->connect("DBI:mysql:$database:$host", $user, $pass); +if($query->param('action')) { + if($query->param('action') eq "login") { + $dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass); + my $user = $query->param('user'); + my $pass = $query->param('pass'); my $sth = $dbh->prepare(qq{select username from users - where password = password('$queryString{ "pass" }') - and username = '$queryString{ "user" }' + where password = password('$pass') + and username = '$user' limit 1 }); $sth->execute(); @@ -33,13 +21,13 @@ if($queryString{ "action" }) { print "logged in"; } else { print $session->header(); - print $queryString{ "action" }; + print $query->param('action'); } $sth->finish(); $dbh->disconnect(); - } elsif($queryString{ "action" } eq "logout") { + } elsif($query->param('action') eq "logout") { $session->param('auth', 'false'); print $session->header(); print "logged out"; diff --git a/trunk/register.pl b/trunk/register.pl index 2c71427..4194b81 100644 --- a/trunk/register.pl +++ b/trunk/register.pl @@ -1,24 +1,19 @@ require "/var/www/perl/include.pl"; -#fill %querystring with everything that was passed via POST -read( STDIN, $tmpStr, $ENV{ "CONTENT_LENGTH" } ); -@parts = split( /\&/, $tmpStr ); -foreach $part (@parts) { - ( $name, $value ) = split( /\=/, $part ); - $queryString{ $name } = $value; -} - CGI::Session->name($session_name); -my $session = new CGI::Session; +$session = new CGI::Session; +$query = new CGI; -if($queryString{ "user" } and $queryString{ "pass" }) { - $dbh = DBI->connect("DBI:mysql:$database:$host", $user, $pass); - $sth = $dbh->prepare(qq{insert into users (username, password) values ('user', password('pass'))}); +if($query->param('user') and $query->param('pass')) { + $dbh = DBI->connect("DBI:mysql:$database:$host", $dbuser, $dbpass); + my $user = $query->param("user"); + my $pass = $query->param("pass"); + $sth = $dbh->prepare(qq{insert into users (username, password) values ('$user', password('$pass'))}); $sth->execute(); $sth->finish(); $dbh->disconnect(); print $session->header(); - print "done"; + print "done" . $query->param('pass'); } else { print $session->header(); print '