diff --git a/trunk/functions.pl b/trunk/functions.pl
index d37447c..61c7be3 100644
--- a/trunk/functions.pl
+++ b/trunk/functions.pl
@@ -1,24 +1,53 @@
require "/var/www/perl/include.pl";
+#get tags from database and fill $page with xml
sub fill_tagcloud {
+ #connect to db
$dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass);
+
+ #prepare query
my $sth = $dbh->prepare(qq{select text, count from tagcloud });
+
+ #execute it
$sth->execute();
+
+ #get every returned value
while (my ($text, $count) = $sth->fetchrow_array())
{
- push @{ $page->{tagcloud}->{tag} }, { text => [$text], count => [$count] };
+ #push the new value to the $page->tagcloud array
+ push @{ $page->{tagcloud}->{tag} }, { text => [$text], count => [$count] };
}
+
+ #finish query
$sth->finish();
+
+ #close db
$dbh->disconnect();
}
+#return a username from passed session id
sub get_username_from_sid {
+ #get parameters
my ($sid) = @_;
+
+ #connect to db
$dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass);
+
+ #prepare query
my $sth = $dbh->prepare(qq{select username from users where sid = '$sid'});
+
+ #execute it
$sth->execute();
+
+ #save the resulting username
my ($username) = $sth->fetchrow_array();
+
+ #finish query
$sth->finish();
+
+ #close db
$dbh->disconnect();
+
+ #return username
return $username;
}
diff --git a/trunk/include.pl b/trunk/include.pl
index b19d114..72a54d0 100644
--- a/trunk/include.pl
+++ b/trunk/include.pl
@@ -3,6 +3,7 @@ use CGI::Session;
use DBI;
use XML::Simple qw(:strict);
+#set global variables
$database = 'gnutube';
$dbhost = 'localhost';
$dbuser = 'root';
diff --git a/trunk/index.pl b/trunk/index.pl
index b6c6059..032aae4 100644
--- a/trunk/index.pl
+++ b/trunk/index.pl
@@ -8,7 +8,7 @@ my $session = new CGI::Session;
#read xml
$page = XMLin('/var/www/perl/index.xml', ForceArray => 1, KeyAttr => {} );
-#fill tags
+#if a username is associated with session id, username is nonempty
$page->{username} = get_username_from_sid($session->id);
fill_tagcloud;
diff --git a/trunk/login.pl b/trunk/login.pl
index 32a1330..bec36c8 100644
--- a/trunk/login.pl
+++ b/trunk/login.pl
@@ -1,34 +1,50 @@
require "/var/www/perl/include.pl";
+#initialize session data
CGI::Session->name($session_name);
$query = new CGI;
$session = new CGI::Session;
+#check if action is set
if($query->param('action')) {
+ #connect to db
$dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass);
-
+
+ #if login is requested
if($query->param('action') eq "login") {
+ #save POST data in local variables
my $user = $query->param('user');
my $pass = $query->param('pass');
+
+ #prepare query
my $sth = $dbh->prepare(qq{select username from users
where password = password('$pass')
and username = '$user'
limit 1 });
+
+ #execute query
$sth->execute();
+ #if something was returned username and password match
if($sth->fetchrow_array()) {
+ #store session id in local variable
my $sid = $session->id;
+
+ #store session id in database
$sth = $dbh->prepare(qq{update users set sid = '$sid' where username = '$user'});
$sth->execute();
$sth->finish();
print $session->header();
print "logged in";
} else {
+ #if not, print error
print $session->header();
print "could not log you in";
}
} elsif($query->param('action') eq "logout") {
+ #if logout is requested
+ #remove sid from database
$sth = $dbh->prepare(qq{update users set sid = '' where username = '$user'});
$sth->execute();
$sth->finish();
@@ -36,12 +52,15 @@ if($query->param('action')) {
print $session->header();
print "logged out";
} else {
+ #something ugly was passed
print $session->header();
print "wtf?";
}
+ #disconnect db
$dbh->disconnect();
} else {
+ #print login form
print $session->header();
print '