Changeset 223 for branches/acl/cgi-bin
- Timestamp:
- 04/13/05 17:23:47 (20 years ago)
- Location:
- branches/acl/cgi-bin
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/acl/cgi-bin/CommonWeb.pm
r105 r223 53 53 } 54 54 55 sub printHeader($) #(cgiurl) 56 { 57 my $cgiURL = $_[0]; 58 print "Content-type: text/html\n\n"; 59 open(FILE, "../header.inc") || die $!; 60 while (<FILE>) 61 { 62 $_ =~ s/\$\$CGIURL\$\$/$cgiURL/g; 63 print $_; 64 } 65 close(FILE); 55 56 sub printHeader { 57 my $title = shift; 58 print "Content-type: text/html\n\n"; 59 # This doesn't work well. Must investigate. 60 # my $realm = shift; 61 # print qq(WWW-Authenticate: Basic realm="$realm"\n) if $realm; 62 open FILE, "../header.inc" 63 or carp $!; 64 my $html = join('',<FILE>); 65 close FILE; 66 67 $html =~ s/\$\$TITLE\$\$/$title/; 68 # Necessary for mangling arbitrary bits of the header 69 my $i=0; 70 while (defined(my $param = shift)) { 71 $html =~ s/\$\$EXTRA$i\$\$/$param/g; 72 $i++; 73 } 74 print $html; 66 75 } 67 76 -
branches/acl/cgi-bin/main.cgi
r221 r223 22 22 openlog "IPDB","pid","local2"; 23 23 24 # Present HTTP AUTH headers, as well as opening content-type. 25 #print 'WWW-Authenticate: Basic realm="ViaNet IP Database"\n'; 26 # Collect the username from HTTP auth. If undefined, we're in a test environment. 24 # Collect the username from HTTP auth. If undefined, we're in 25 # a test environment, or called without a username. 27 26 my $authuser; 28 27 if (!defined($ENV{'REMOTE_USER'})) { … … 41 40 ($ip_dbh,$errstr) = connectDB_My; 42 41 if (!$ip_dbh) { 43 printAndExit("Database error: $errstr\n");42 exitError("Database error: $errstr\n"); 44 43 } 45 44 initIPDBGlobals($ip_dbh); 45 46 # Headerize! Make sure we replace the $$EXTRA0$$ bit as needed. 47 printHeader('', ($IPDBacl{$authuser} =~ /a/ ? 48 '<a href="/ip/cgi-bin/main.cgi?action=assign">Add new assignment</a>' : '' 49 )); 50 46 51 47 52 #prototypes … … 66 71 if($webvar{action} eq 'index') { 67 72 showSummary(); 73 } elsif ($webvar{action} eq 'addmaster') { 74 if ($IPDBacl{$authuser} !~ /a/) { 75 printError("You shouldn't have been able to get here. Access denied."); 76 } else { 77 open HTML, "<../addmaster.html"; 78 print while <HTML>; 79 } 68 80 } elsif ($webvar{action} eq 'newmaster') { 69 printHeader(''); 70 71 my $cidr = new NetAddr::IP $webvar{cidr}; 72 73 print "<div type=heading align=center>Adding $cidr as master block....</div>\n"; 74 75 # Allow transactions, and raise an exception on errors so we can catch it later. 76 # Use local to make sure these get "reset" properly on exiting this block 77 local $ip_dbh->{AutoCommit} = 0; 78 local $ip_dbh->{RaiseError} = 1; 79 80 # Wrap the SQL in a transaction 81 eval { 82 $sth = $ip_dbh->prepare("insert into masterblocks values ('$webvar{cidr}')"); 83 $sth->execute; 81 82 if ($IPDBacl{$authuser} !~ /a/) { 83 printError("You shouldn't have been able to get here. Access denied."); 84 } else { 85 86 my $cidr = new NetAddr::IP $webvar{cidr}; 87 88 print "<div type=heading align=center>Adding $cidr as master block....</div>\n"; 89 90 # Allow transactions, and raise an exception on errors so we can catch it later. 91 # Use local to make sure these get "reset" properly on exiting this block 92 local $ip_dbh->{AutoCommit} = 0; 93 local $ip_dbh->{RaiseError} = 1; 94 95 # Wrap the SQL in a transaction 96 eval { 97 $sth = $ip_dbh->prepare("insert into masterblocks values ('$webvar{cidr}')"); 98 $sth->execute; 84 99 85 100 # Unrouted blocks aren't associated with a city (yet). We don't rely on this … … 87 102 # Thus the "routed" flag. 88 103 89 $sth = $ip_dbh->prepare("insert into freeblocks (cidr,maskbits,city,routed)".104 $sth = $ip_dbh->prepare("insert into freeblocks (cidr,maskbits,city,routed)". 90 105 " values ('$webvar{cidr}',".$cidr->masklen.",'<NULL>','n')"); 91 $sth->execute; 92 93 # If we get here, everything is happy. Commit changes. 94 $ip_dbh->commit; 95 }; # end eval 96 97 if ($@) { 98 carp "Transaction aborted because $@"; 99 eval { $ip_dbh->rollback; }; 100 syslog "err", "Could not add master block '$webvar{cidr}' to database: '$@'"; 101 printError("Could not add master block $webvar{cidr} to database: $@"); 102 } else { 103 print "<div type=heading align=center>Success!</div>\n"; 104 syslog "info", "$authuser added master block $webvar{cidr}"; 105 } 106 $sth->execute; 107 108 # If we get here, everything is happy. Commit changes. 109 $ip_dbh->commit; 110 }; # end eval 111 112 if ($@) { 113 carp "Transaction aborted because $@"; 114 eval { $ip_dbh->rollback; }; 115 syslog "err", "Could not add master block '$webvar{cidr}' to database: '$@'"; 116 printError("Could not add master block $webvar{cidr} to database: $@"); 117 } else { 118 print "<div type=heading align=center>Success!</div>\n"; 119 syslog "info", "$authuser added master block $webvar{cidr}"; 120 } 121 122 } # ACL check 106 123 107 124 } # end add new master … … 117 134 } 118 135 elsif($webvar{action} eq 'search') { 119 printHeader('');120 136 if (!$webvar{input}) { 121 137 # No search term. Display everything. … … 155 171 # which is not in any way guaranteed to provide anything useful. 156 172 else { 157 printHeader('');158 173 my $rnd = rand 500; 159 174 my $boing = sprintf("%.2f", rand 500); … … 394 409 # Initial display: Show master blocks with total allocated subnets, total free subnets 395 410 sub showSummary { 396 # this is horrible-ugly-bad and will Go Away real soon now(TM)397 print "Content-type: text/html\n\n";398 411 399 412 startTable('Master netblock', 'Routed netblocks', 'Allocated netblocks', … … 451 464 print "</table>\n"; 452 465 if ($IPDBacl{$authuser} =~ /a/) { 453 print qq(<a href="/ip/ addmaster.shtml">Add new master block</a><br><br>\n);466 print qq(<a href="/ip/cgi-bin/main.cgi?action=addmaster">Add new master block</a><br><br>\n); 454 467 } 455 468 print "Note: Free blocks noted here include both routed and unrouted blocks.\n"; … … 464 477 # else should follow. YMMV.) 465 478 sub showMaster { 466 printHeader('');467 479 468 480 print qq(<center><div class="heading">Summarizing routed blocks for ). … … 577 589 # not have anything useful to spew. 578 590 sub showRBlock { 579 printHeader('');580 591 581 592 my $master = new NetAddr::IP $webvar{block}; … … 649 660 # Include some HairyPerl(TM) to prefix subblocks with "Sub " 650 661 my @row = ((($data[1] ne 'y' && $data[1] ne 'n') ? 'Sub ' : ''). 651 qq(<a href="/ip/cgi-bin/main.cgi?action=assign&block=$cidr&fbtype=$data[1]">$cidr</a>),662 ($IPDBacl{$authuser} =~ /a/ ? qq(<a href="/ip/cgi-bin/main.cgi?action=assign&block=$cidr&fbtype=$data[1]">$cidr</a>) : $cidr), 652 663 $cidr->range); 653 664 printRow(\@row, 'color1') if ($count%2 == 0); … … 662 673 # List the IPs used in a pool 663 674 sub listPool { 664 printHeader('');665 675 666 676 my $cidr = new NetAddr::IP $webvar{pool}; … … 725 735 # be one of two templates, and the lists come from the database. 726 736 sub assignBlock { 727 printHeader(''); 737 738 if ($IPDBacl{$authuser} !~ /a/) { 739 printError("You shouldn't have been able to get here. Access denied."); 740 return; 741 } 728 742 729 743 my $html; … … 803 817 # Take info on requested IP assignment and see what we can provide. 804 818 sub confirmAssign { 805 printHeader(''); 819 if ($IPDBacl{$authuser} !~ /a/) { 820 printError("You shouldn't have been able to get here. Access denied."); 821 return; 822 } 806 823 807 824 my $cidr; … … 962 979 # Do the work of actually inserting a block in the database. 963 980 sub insertAssign { 981 if ($IPDBacl{$authuser} !~ /a/) { 982 printError("You shouldn't have been able to get here. Access denied."); 983 return; 984 } 964 985 # Some things are done more than once. 965 printHeader('');966 986 return if !validateInput(); 967 987 … … 1061 1081 # action=edit 1062 1082 sub edit { 1063 printHeader('');1064 1083 1065 1084 my $sql; … … 1137 1156 # action=update 1138 1157 sub update { 1139 printHeader('');1140 1158 1141 1159 # Make sure incoming data is in correct format - custID among other things. … … 1198 1216 # Delete an allocation. 1199 1217 sub remove { 1200 printHeader('');1201 1218 #show confirm screen. 1202 1219 open HTML, "../confirmRemove.html" … … 1288 1305 # Remove IPs from pool listing if necessary 1289 1306 sub finalDelete { 1290 printHeader('');1291 1307 1292 1308 my ($code,$msg) = deleteBlock($ip_dbh, $webvar{block}, $webvar{alloctype}); … … 1311 1327 1312 1328 1329 sub exitError { 1330 my $errStr = $_[0]; 1331 printHeader('',''); 1332 print qq(<center><p class="regular"> $errStr </p> 1333 <input type="button" value="Back" onclick="history.go(-1)"> 1334 </center> 1335 ); 1336 printFooter(); 1337 exit; 1338 } # errorExit 1339 1340 1313 1341 # Just in case we manage to get here. 1314 1342 exit 0;
Note:
See TracChangeset
for help on using the changeset viewer.