use CGI instead of manual qeury retrieval

git-svn-id: http://yolanda.mister-muffin.de/svn@14 7eef14d0-6ed0-489d-bf55-20463b2d70db
This commit is contained in:
josch 2007-10-10 15:14:05 +00:00
parent 1f6f8b35d3
commit 482644fced
4 changed files with 24 additions and 40 deletions

View file

@ -1,7 +1,7 @@
require "/var/www/perl/include.pl"; require "/var/www/perl/include.pl";
sub fill_tagcloud { sub fill_tagcloud {
$dbh = DBI->connect("DBI:mysql:$database:$host", $user, $pass); $dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass);
my $sth = $dbh->prepare(qq{select text, count from tagcloud }); my $sth = $dbh->prepare(qq{select text, count from tagcloud });
$sth->execute(); $sth->execute();
while (my ($text, $count) = $sth->fetchrow_array()) while (my ($text, $count) = $sth->fetchrow_array())

View file

@ -1,10 +1,11 @@
use CGI::Session; use CGI::Session;
use CGI;
use DBI; use DBI;
use XML::Simple qw(:strict); use XML::Simple qw(:strict);
$database = 'gnutube'; $database = 'gnutube';
$host = 'localhost'; $dbhost = 'localhost';
$user = 'root'; $dbuser = 'root';
$pass = ''; $dbpass = '';
$session_name = 'sid'; $session_name = 'sid';
1; 1;

View file

@ -1,29 +1,17 @@
require "/var/www/perl/include.pl"; require "/var/www/perl/include.pl";
#fill %querystring with everything that was passed via GET
@parts = split( /\&/, $ENV{ "QUERY_STRING" } );
foreach $part (@parts) {
( $name, $value ) = split( /\=/, $part );
$queryString{ $name } = $value;
}
#fill %querystring with everything that was passed via POST
read( STDIN, $tmpStr, $ENV{ "CONTENT_LENGTH" } );
@parts = split( /\&/, $tmpStr );
foreach $part (@parts) {
( $name, $value ) = split( /\=/, $part );
$queryString{ $name } = $value;
}
CGI::Session->name($session_name); CGI::Session->name($session_name);
my $session = new CGI::Session; $session = new CGI::Session;
$query = new CGI;
if($queryString{ "action" }) { if($query->param('action')) {
if($queryString{ "action" } eq "login") { if($query->param('action') eq "login") {
$dbh = DBI->connect("DBI:mysql:$database:$host", $user, $pass); $dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass);
my $user = $query->param('user');
my $pass = $query->param('pass');
my $sth = $dbh->prepare(qq{select username from users my $sth = $dbh->prepare(qq{select username from users
where password = password('$queryString{ "pass" }') where password = password('$pass')
and username = '$queryString{ "user" }' and username = '$user'
limit 1 }); limit 1 });
$sth->execute(); $sth->execute();
@ -33,13 +21,13 @@ if($queryString{ "action" }) {
print "logged in"; print "logged in";
} else { } else {
print $session->header(); print $session->header();
print $queryString{ "action" }; print $query->param('action');
} }
$sth->finish(); $sth->finish();
$dbh->disconnect(); $dbh->disconnect();
} elsif($queryString{ "action" } eq "logout") { } elsif($query->param('action') eq "logout") {
$session->param('auth', 'false'); $session->param('auth', 'false');
print $session->header(); print $session->header();
print "logged out"; print "logged out";

View file

@ -1,24 +1,19 @@
require "/var/www/perl/include.pl"; require "/var/www/perl/include.pl";
#fill %querystring with everything that was passed via POST
read( STDIN, $tmpStr, $ENV{ "CONTENT_LENGTH" } );
@parts = split( /\&/, $tmpStr );
foreach $part (@parts) {
( $name, $value ) = split( /\=/, $part );
$queryString{ $name } = $value;
}
CGI::Session->name($session_name); CGI::Session->name($session_name);
my $session = new CGI::Session; $session = new CGI::Session;
$query = new CGI;
if($queryString{ "user" } and $queryString{ "pass" }) { if($query->param('user') and $query->param('pass')) {
$dbh = DBI->connect("DBI:mysql:$database:$host", $user, $pass); $dbh = DBI->connect("DBI:mysql:$database:$host", $dbuser, $dbpass);
$sth = $dbh->prepare(qq{insert into users (username, password) values ('user', password('pass'))}); my $user = $query->param("user");
my $pass = $query->param("pass");
$sth = $dbh->prepare(qq{insert into users (username, password) values ('$user', password('$pass'))});
$sth->execute(); $sth->execute();
$sth->finish(); $sth->finish();
$dbh->disconnect(); $dbh->disconnect();
print $session->header(); print $session->header();
print "done"; print "done" . $query->param('pass');
} else { } else {
print $session->header(); print $session->header();
print '<form action="" method="POST"><p> print '<form action="" method="POST"><p>