Changeset 286 for branches/stable/cgi-bin
- Timestamp:
- 09/23/05 15:54:31 (19 years ago)
- Location:
- branches/stable/cgi-bin
- Files:
-
- 4 edited
- 1 copied
Legend:
- Unmodified
- Added
- Removed
-
branches/stable/cgi-bin/IPDB.pm
r250 r286 184 184 # Does all of the magic of actually allocating a netblock 185 185 # Requires database handle, block to allocate, custid, type, city, 186 # description, notes, circuit ID, block to allocate from, 186 # description, notes, circuit ID, block to allocate from, private data 187 187 # Returns a success code and optional error message. 188 188 sub allocateBlock { 189 my ($dbh,undef,undef,$custid,$type,$city,$desc,$notes,$circid ) = @_;190 189 my ($dbh,undef,undef,$custid,$type,$city,$desc,$notes,$circid,$privdata) = @_; 190 191 191 my $cidr = new NetAddr::IP $_[1]; 192 192 my $alloc_from = new NetAddr::IP $_[2]; … … 220 220 $sth = $dbh->prepare("update poolips set custid='$custid',". 221 221 "city='$city',available='n',description='$desc',notes='$notes',". 222 "circuitid='$circid' ".222 "circuitid='$circid',privdata='$privdata'". 223 223 " where ip='$cidr'"); 224 224 $sth->execute; … … 263 263 } 264 264 $sth = $dbh->prepare("insert into allocations". 265 " (cidr,custid,type,city,description,notes,maskbits,circuitid )".265 " (cidr,custid,type,city,description,notes,maskbits,circuitid,privdata)". 266 266 " values ('$cidr','$custid','$type','$city','$desc','$notes',". 267 $cidr->masklen.",'$circid' )");267 $cidr->masklen.",'$circid','$privdata')"); 268 268 $sth->execute; 269 269 … … 361 361 # Insert the allocations entry 362 362 $sth = $dbh->prepare("insert into allocations (cidr,custid,type,city,". 363 "description,notes,maskbits,circuitid )".363 "description,notes,maskbits,circuitid,privdata)". 364 364 " values ('$cidr','$custid','$type','$city','$desc','$notes',". 365 $cidr->masklen.",'$circid' )");365 $cidr->masklen.",'$circid','$privdata')"); 366 366 $sth->execute; 367 367 -
branches/stable/cgi-bin/admin.cgi
r269 r286 301 301 302 302 print "<hr>Users with access:\n<table border=1>\n"; 303 print "<tr><td></td><td align=center colspan=3>General access</td></tr>\n"; 303 304 print "<tr><td>Username</td><td>Add new</td><td>Change</td>". 304 "<td>Delete</td><td> Admin user</td></tr>\n".305 "<td>Delete</td><td>Systems/Networking</td><td>Admin user</td></tr>\n". 305 306 "<form action=admin.cgi method=POST>\n"; 306 307 $sth = $ip_dbh->prepare("select username,acl from users order by username"); … … 314 315 "></td><td><input type=checkbox name=change".($data[1] =~ /c/ ? ' checked=y' : ''). 315 316 "></td><td><input type=checkbox name=del".($data[1] =~ /d/ ? ' checked=y' : ''). 317 "></td><td><input type=checkbox name=sysnet".($data[1] =~ /s/ ? ' checked=y' : ''). 316 318 "></td><td><input type=checkbox name=admin".($data[1] =~ /A/ ? ' checked=y' : ''). 317 319 qq(></td><td><input type=submit value="Update"></td></form>\n). … … 326 328 my $acl = 'b'; 327 329 if ($webvar{admin} eq 'on') { 328 $acl .= "acd A";330 $acl .= "acdsA"; 329 331 } else { 330 332 $acl .= ($webvar{add} eq 'on' ? 'a' : ''). 331 333 ($webvar{change} eq 'on' ? 'c' : ''). 332 ($webvar{del} eq 'on' ? 'd' : ''); 334 ($webvar{del} eq 'on' ? 'd' : ''). 335 ($webvar{sysnet} eq 'on' ? 's' : ''); 333 336 } 334 337 print "New ACL: $acl<br>\n"; -
branches/stable/cgi-bin/ipdb.psql
r268 r286 69 69 "description" character varying(64) DEFAULT '' NOT NULL, 70 70 "circuitid" character varying(128) DEFAULT '' NOT NULL, 71 "privdata" text DEFAULT '' NOT NULL, 71 72 "newcustid" integer, 72 73 CHECK (((available = 'y'::bpchar) OR (available = 'n'::bpchar))) … … 86 87 "maskbits" integer DEFAULT 128, 87 88 "circuitid" character varying(128) DEFAULT '', 89 "privdata" text DEFAULT '' NOT NULL, 88 90 "newcustid" integer 89 91 ); … … 93 95 GRANT ALL on "allocations" to "ipdb"; 94 96 95 CREATE VIEW "searchme" as SELECT allocations.cidr, allocations.custid, allocations."type", allocations.city, allocations.description FROM allocations UNION SELECT poolips.ip, poolips.custid, poolips.type, poolips.city, poolips.descriptionFROM poolips;97 CREATE VIEW "searchme" as SELECT allocations.cidr, allocations.custid, allocations."type", allocations.city, allocations.description, allocations.notes FROM allocations UNION SELECT poolips.ip, poolips.custid, poolips.type, poolips.city, poolips.description, poolips.notes FROM poolips; 96 98 97 99 REVOKE ALL on "searchme" from PUBLIC; -
branches/stable/cgi-bin/main.cgi
r267 r286 47 47 # Headerize! Make sure we replace the $$EXTRA0$$ bit as needed. 48 48 printHeader('', ($IPDBacl{$authuser} =~ /a/ ? 49 '< a href="/ip/cgi-bin/main.cgi?action=assign">Add new assignment</a>' : ''49 '<td align=right><a href="/ip/cgi-bin/main.cgi?action=assign">Add new assignment</a>' : '' 50 50 )); 51 51 52 52 53 #prototypes54 sub viewBy($$); # feed it the category and query55 sub queryResults($$$); # args is the sql, the page# and the rowCount56 # Needs rewrite/rename57 sub countRows($); # returns first element of first row of passed SQL58 # Only usage passes "select count(*) ..."59 60 53 # Global variables 61 my $RESULTS_PER_PAGE = 50;62 54 my %webvar = parse_post(); 63 55 cleanInput(\%webvar); … … 134 126 elsif($webvar{action} eq 'listpool') { 135 127 listPool(); 136 }137 elsif($webvar{action} eq 'search') {138 if (!$webvar{input}) {139 # No search term. Display everything.140 viewBy('all', '');141 } else {142 # Search term entered. Display matches.143 # We should really sanitize $webvar{input}, no?144 viewBy($webvar{searchfor}, $webvar{input});145 }146 128 } 147 129 … … 200 182 201 183 202 sub viewBy($$) {203 my ($category,$query) = @_;204 205 # Local variables206 my $sql;207 208 #print "<pre>\n";209 210 #print "start querysub: query '$query'\n";211 # this may happen with more than one subcategory. Unlikely, but possible.212 213 # Calculate start point for LIMIT clause214 my $offset = ($webvar{page}-1)*$RESULTS_PER_PAGE;215 216 # Possible cases:217 # 1) Partial IP/subnet. Treated as "first-three-octets-match" in old IPDB,218 # I should be able to handle it similarly here.219 # 2a) CIDR subnet. Treated more or less as such in old IPDB.220 # 2b) CIDR netmask. Not sure how it's treated.221 # 3) Customer ID. Not handled in old IPDB222 # 4) Description.223 # 5) Invalid data which might be interpretable as an IP or something, but224 # which probably shouldn't be for reasons of sanity.225 226 if ($category eq 'all') {227 228 print qq(<div class="heading">Showing all netblock and static-IP allocations</div><br>\n);229 230 # Need to assemble SQL query in this order to avoid breaking things.231 $sql = "select cidr,custid,type,city,description from searchme";232 my $count = countRows("select count(*) from ($sql) foo");233 $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";234 queryResults($sql, $webvar{page}, $count);235 236 } elsif ($category eq 'cust') {237 238 print qq(<div class="heading">Searching for Customer IDs containing '$query'</div><br>\n);239 240 # Query for a customer ID. Note that we can't restrict to "numeric-only"241 # as we have non-numeric custIDs in the legacy data. :/242 $sql = "select cidr,custid,type,city,description from searchme where custid ilike '%$query%'";243 my $count = countRows("select count(*) from ($sql) foo");244 $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";245 queryResults($sql, $webvar{page}, $count);246 247 } elsif ($category eq 'desc') {248 249 print qq(<div class="heading">Searching for descriptions containing '$query'</div><br>\n);250 # Query based on description (includes "name" from old DB).251 $sql = "select cidr,custid,type,city,description from searchme where description ilike '%$query%'";252 my $count = countRows("select count(*) from ($sql) foo");253 $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";254 queryResults($sql, $webvar{page}, $count);255 256 } elsif ($category =~ /ipblock/) {257 258 # Query is for a partial IP, a CIDR block in some form, or a flat IP.259 print qq(<div class="heading">Searching for IP-based matches on '$query'</div><br>\n);260 261 $query =~ s/\s+//g;262 if ($query =~ /\//) {263 # 209.91.179/26 should show all /26 subnets in 209.91.179264 my ($net,$maskbits) = split /\//, $query;265 if ($query =~ /^(\d{1,3}\.){3}\d{1,3}\/\d{2}$/) {266 # /0->/9 are silly to worry about right now. I don't think267 # we'll be getting a class A anytime soon. <g>268 $sql = "select cidr,custid,type,city,description from searchme where cidr='$query'";269 queryResults($sql, $webvar{page}, 1);270 } else {271 print "Finding all blocks with netmask /$maskbits, leading octet(s) $net<br>\n";272 # Partial match; beginning of subnet and maskbits are provided273 $sql = "select cidr,custid,type,city,description from searchme where ".274 "text(cidr) like '$net%' and text(cidr) like '%$maskbits'";275 my $count = countRows("select count(*) from ($sql) foo");276 $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";277 queryResults($sql, $webvar{page}, $count);278 }279 } elsif ($query =~ /^(\d{1,3}\.){3}\d{1,3}$/) {280 # Specific IP address match281 my $sfor = new NetAddr::IP $query;282 # We do this convoluted roundabout way of finding things in order283 # to bring up matches for single IPs that are within a static block;284 # we want to show both the "container" block and the static IP itself.285 $sth = $ip_dbh->prepare("select cidr from searchme where cidr >>= '$sfor'");286 $sth->execute;287 while (my @data = $sth->fetchrow_array()) {288 my $cidr = new NetAddr::IP $data[0];289 queryResults("select cidr,custid,type,city,description from searchme where ".290 "cidr='$cidr'", $webvar{page}, 1);291 }292 } elsif ($query =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.?$/) {293 print "Finding matches where the first three octets are $query<br>\n";294 $sql = "select cidr,custid,type,city,description from searchme where ".295 "text(cidr) like '$query%'";296 my $count = countRows("select count(*) from ($sql) foo");297 $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";298 queryResults($sql, $webvar{page}, $count);299 } else {300 # This shouldn't happen, but if it does, whoever gets it deserves what they get...301 printError("Invalid query.");302 }303 } else {304 # This shouldn't happen, but if it does, whoever gets it deserves what they get...305 printError("Invalid searchfor.");306 }307 } # viewBy308 309 310 184 # args are: a reference to an array with the row to be printed and the 311 185 # class(stylesheet) to use for formatting. … … 332 206 333 207 334 # Display certain types of search query. Note that this can't be335 # cleanly reused much of anywhere else as the data isn't neatly tabulated.336 # This is tied to the search sub tightly enough I may just gut it and provide337 # more appropriate tables directly as needed.338 sub queryResults($$$) {339 my ($sql, $pageNo, $rowCount) = @_;340 my $offset = 0;341 $offset = $1 if($sql =~ m/.*limit\s+(.*),.*/);342 343 my $sth = $ip_dbh->prepare($sql);344 $sth->execute();345 346 startTable('Allocation','CustID','Type','City','Description/Name');347 my $count = 0;348 349 while (my @data = $sth->fetchrow_array) {350 # cidr,custid,type,city,description351 # Prefix subblocks with "Sub "352 my @row = ( (($data[2] =~ /^.r$/) ? 'Sub ' : '').353 qq(<a href="/ip/cgi-bin/main.cgi?action=edit&block=$data[0]">$data[0]</a>),354 $data[1], $disp_alloctypes{$data[2]}, $data[3], $data[4]);355 # Allow listing of pool if desired/required.356 if ($data[2] =~ /^.[pd]$/) {357 $row[0] .= ' <a href="/ip/cgi-bin/main.cgi?action=listpool'.358 "&pool=$data[0]\">List IPs</a>";359 }360 printRow(\@row, 'color1', 1) if ($count%2==0);361 printRow(\@row, 'color2', 1) if ($count%2!=0);362 $count++;363 }364 365 # Have to think on this call, it's primarily to clean up unfetched rows from a select.366 # In this context it's probably a good idea.367 $sth->finish();368 369 my $upper = $offset+$count;370 print "<tr><td colspan=10 bgcolor=white class=regular>Records found: $rowCount<br><i>Displaying: $offset - $upper</i></td></tr>\n";371 print "</table></center>\n";372 373 # print the page thing..374 if ($rowCount > $RESULTS_PER_PAGE) {375 my $pages = ceil($rowCount/$RESULTS_PER_PAGE);376 print qq(<div class="center"> Page: );377 for (my $i = 1; $i <= $pages; $i++) {378 if ($i == $pageNo) {379 print "<b>$i </b>\n";380 } else {381 print qq(<a href="/ip/cgi-bin/main.cgi?page=$i&input=$webvar{input}&action=search&searchfor=$webvar{searchfor}">$i</a> \n);382 }383 }384 print "</div>";385 }386 } # queryResults387 388 389 208 # Prints table headings. Accepts any number of arguments; 390 209 # each argument is a table heading. … … 397 216 print "</tr>\n"; 398 217 } # startTable 399 400 401 # Return first element of passed SQL query402 sub countRows($) {403 my $sth = $ip_dbh->prepare($_[0]);404 $sth->execute();405 my @a = $sth->fetchrow_array();406 $sth->finish();407 return $a[0];408 }409 218 410 219 … … 820 629 } 821 630 $html =~ s|\$\$ALLCITIES\$\$|$cities|g; 631 632 my $i = 0; 633 $i++ if $webvar{fbtype} eq 'y'; 634 # Check to see if user is allowed to do anything with sensitive data 635 my $privdata = ''; 636 if ($IPDBacl{$authuser} =~ /s/) { 637 $privdata = qq(<tr class="color).($i%2).qq("><td>Restricted data:</td>). 638 qq(<td class=regular><textarea rows="3" cols="64" name="privdata" class="regular">). 639 qq(</textarea></td></tr>\n); 640 $i++; 641 } 642 $html =~ s/\$\$PRIVDATA\$\$/$privdata/g; 643 644 $i = $i % 2; 645 $html =~ s/\$\$BUTTONROWCOLOUR\$\$/color$i/; 822 646 823 647 print $html; … … 994 818 $html =~ s|\$\$ACTION\$\$|insert|g; 995 819 820 my $i=1; 821 # Check to see if user is allowed to do anything with sensitive data 822 my $privdata = ''; 823 if ($IPDBacl{$authuser} =~ /s/) { 824 $privdata = qq(<tr class="color).($i%2).qq("><td>Restricted data:</td>). 825 qq(<td class=regular>$webvar{privdata}). 826 qq(<input type=hidden name=privdata value="$webvar{privdata}"></td></tr>\n); 827 $i++; 828 } 829 $html =~ s/\$\$PRIVDATA\$\$/$privdata/g; 830 831 $i = $i % 2; 832 $html =~ s/\$\$BUTTONROWCOLOUR\$\$/color$i/; 833 996 834 print $html; 997 835 … … 1008 846 return if !validateInput(); 1009 847 848 if (!defined($webvar{privdata})) { 849 $webvar{privdata} = ''; 850 } 1010 851 # $code is "success" vs "failure", $msg contains OK for a 1011 852 # successful netblock allocation, the IP allocated for static … … 1013 854 my ($code,$msg) = allocateBlock($ip_dbh, $webvar{fullcidr}, $webvar{alloc_from}, 1014 855 $webvar{custid}, $webvar{alloctype}, $webvar{city}, $webvar{desc}, $webvar{notes}, 1015 $webvar{circid} );856 $webvar{circid}, $webvar{privdata}); 1016 857 1017 858 if ($code eq 'OK') { … … 1127 968 # because I'm lazy, we'll try to make the SELECT's bring out identical)ish) data 1128 969 if ($webvar{block} =~ /\/32$/) { 1129 $sql = "select ip,custid,type,city,circuitid,description,notes,modifystamp from poolips where ip='$webvar{block}'";970 $sql = "select ip,custid,type,city,circuitid,description,notes,modifystamp,privdata from poolips where ip='$webvar{block}'"; 1130 971 } else { 1131 $sql = "select cidr,custid,type,city,circuitid,description,notes,modifystamp, swip from allocations where cidr='$webvar{block}'"972 $sql = "select cidr,custid,type,city,circuitid,description,notes,modifystamp,privdata,swip from allocations where cidr='$webvar{block}'" 1132 973 } 1133 974 … … 1203 1044 my $i=1; 1204 1045 1046 # Check to see if we can display sensitive data 1047 my $privdata = ''; 1048 if ($IPDBacl{$authuser} =~ /s/) { 1049 $privdata = qq(<tr class="color).($i%2).qq("><td class=heading>Restricted data:</td>). 1050 qq(<td class=regular><textarea rows="3" cols="64" name="privdata" class="regular">). 1051 qq($data[8]</textarea></td></tr>\n); 1052 $i++; 1053 } 1054 $html =~ s/\$\$PRIVDATA\$\$/$privdata/g; 1055 1205 1056 # More ACL trickery - we can live with forms that don't submit, 1206 1057 # but we can't leave the extra table rows there, and we *really* … … 1208 1059 my $updok = ''; 1209 1060 if ($IPDBacl{$authuser} =~ /c/) { 1210 $updok = qq(<tr class="color $i"><td colspan=2 class=regular><div class="center">).1061 $updok = qq(<tr class="color).($i%2).qq("><td colspan=2><div class="center">). 1211 1062 qq(<input type="submit" value=" Update this block " class="regular">). 1212 1063 "</div></td></tr></form>\n"; … … 1218 1069 if ($IPDBacl{$authuser} =~ /d/) { 1219 1070 $delok = qq(<form method="POST" action="main.cgi"> 1220 <tr class="color $i"><td colspan=2 class="regular"><div class=center>1071 <tr class="color).($i%2).qq("><td colspan=2 class="regular"><div class=center> 1221 1072 <input type="hidden" name="action" value="delete"> 1222 1073 <input type="hidden" name="block" value="$webvar{block}"> … … 1235 1086 # action=update 1236 1087 sub update { 1088 if ($IPDBacl{$authuser} !~ /c/) { 1089 printError("You shouldn't have been able to get here. Access denied."); 1090 return; 1091 } 1092 1093 # Check to see if we can update restricted data 1094 my $privdata = ''; 1095 if ($IPDBacl{$authuser} =~ /s/) { 1096 $privdata = ",privdata='$webvar{privdata}'"; 1097 } 1237 1098 1238 1099 # Make sure incoming data is in correct format - custID among other things. … … 1245 1106 if (my $pooltype = ($webvar{alloctype} =~ /^(.)i$/) ) { 1246 1107 $sql = "update poolips set custid='$webvar{custid}',notes='$webvar{notes}',". 1247 "circuitid='$webvar{circid}',description='$webvar{desc}',city='$webvar{city}' 1248 " where ip='$webvar{block}'";1108 "circuitid='$webvar{circid}',description='$webvar{desc}',city='$webvar{city}'". 1109 "$privdata where ip='$webvar{block}'"; 1249 1110 } else { 1250 1111 $sql = "update allocations set custid='$webvar{custid}',". 1251 1112 "description='$webvar{desc}',notes='$webvar{notes}',city='$webvar{city}',". 1252 "type='$webvar{alloctype}',circuitid='$webvar{circid}' ,".1113 "type='$webvar{alloctype}',circuitid='$webvar{circid}'$privdata ". 1253 1114 "swip='".($webvar{swip} eq 'on' ? 'y' : 'n')."' ". 1254 " 1115 "where cidr='$webvar{block}'"; 1255 1116 } 1256 1117 # Log the details of the change. … … 1290 1151 $html =~ s/\$\$NOTES\$\$/$webvar{notes}/g; 1291 1152 1153 if ($IPDBacl{$authuser} =~ /s/) { 1154 $privdata = qq(<tr class="color2"><td valign="top">Restricted data:</td>). 1155 qq(<td class="regular">).desanitize($webvar{privdata}).qq(</td></tr>\n); 1156 } 1157 $html =~ s/\$\$PRIVDATA\$\$/$privdata/g; 1158 1292 1159 print $html; 1293 1160 … … 1314 1181 } 1315 1182 1316 my ($cidr, $custid, $type, $city, $circid, $desc, $notes, $alloctype );1183 my ($cidr, $custid, $type, $city, $circid, $desc, $notes, $alloctype, $privdata); 1317 1184 1318 1185 if ($webvar{alloctype} eq 'rm') { … … 1343 1210 1344 1211 # Unassigning a static IP 1345 my $sth = $ip_dbh->prepare("select ip,custid,city,type,notes,circuitid from poolips".1346 " where ip='$webvar{block}'");1212 my $sth = $ip_dbh->prepare("select ip,custid,city,type,notes,circuitid,privdata". 1213 " from poolips where ip='$webvar{block}'"); 1347 1214 $sth->execute(); 1348 1215 # croak $sth->errstr() if($sth->errstr()); 1349 1216 1350 $sth->bind_columns(\$cidr, \$custid, \$city, \$alloctype, \$notes, \$circid); 1217 $sth->bind_columns(\$cidr, \$custid, \$city, \$alloctype, \$notes, \$circid, 1218 \$privdata); 1351 1219 $sth->fetch() || croak $sth->errstr; 1352 1220 1353 1221 } else { # done with alloctype=~ /^.i$/ 1354 1222 1355 my $sth = $ip_dbh->prepare("select cidr,custid,type,city,circuitid,description,notes from".1356 " allocations where cidr='$webvar{block}'");1223 my $sth = $ip_dbh->prepare("select cidr,custid,type,city,circuitid,description,notes,privdata". 1224 " from allocations where cidr='$webvar{block}'"); 1357 1225 $sth->execute(); 1358 1226 # croak $sth->errstr() if($sth->errstr()); 1359 1227 1360 $sth->bind_columns(\$cidr, \$custid, \$alloctype, \$city, \$circid, \$desc, \$notes); 1228 $sth->bind_columns(\$cidr, \$custid, \$alloctype, \$city, \$circid, \$desc, 1229 \$notes, \$privdata); 1361 1230 $sth->fetch() || carp $sth->errstr; 1362 1231 } # end cases for different alloctypes … … 1381 1250 $html =~ s|<!--warn-->|<tr bgcolor="black"><td colspan="2"><div class="red">Warning: clicking confirm will remove this record entirely.</div></td></tr>|; 1382 1251 } 1252 1253 my $i = 1; 1254 # Check to see if user is allowed to do anything with sensitive data 1255 if ($IPDBacl{$authuser} =~ /s/) { 1256 $privdata = qq(<tr class="color).($i%2).qq("><td>Restricted data:</td>). 1257 qq(<td class=regular>$privdata</td></tr>\n); 1258 $i++; 1259 } 1260 $html =~ s/\$\$PRIVDATA\$\$/$privdata/g; 1261 1262 $i = ++$i % 2; 1263 $html =~ s/\$\$BUTTONROWCOLOUR\$\$/color$i/; 1383 1264 1384 1265 print $html; -
branches/stable/cgi-bin/search.cgi
r234 r286 60 60 $webvar{input} =~ s/^\s+//; 61 61 $webvar{input} =~ s/\s+$//; 62 if ($webvar{input} =~ /^[\d\.]+(\/\d{1,3})?$/) { 62 if ($webvar{input} =~ /^\d+$/) { 63 # All-digits, new custID 64 $searchfor = "cust"; 65 } elsif ($webvar{input} =~ /^[\d\.]+(\/\d{1,3})?$/) { 63 66 # IP addresses should only have numbers, digits, and maybe a slash+netmask 64 67 $searchfor = "ipblock"; 65 } elsif ($webvar{input} =~ /^\d+$/) {66 # All-digits, new custID67 $searchfor = "cust";68 68 } else { 69 69 # Anything else. … … 140 140 ## CIDR query options. 141 141 $webvar{cidr} =~ s/\s+//; # Hates the nasty spaceseseses we does. 142 if ($webvar{cidr} =~ /\//) { 142 if ($webvar{cidr} == '') { # We has a blank CIDR. Ignore it. 143 } elsif ($webvar{cidr} =~ /\//) { 143 144 # 209.91.179/26 should show all /26 subnets in 209.91.179 144 145 my ($net,$maskbits) = split /\//, $webvar{cidr}; … … 291 292 print qq(<div class="heading">Searching for descriptions containing '$query'</div><br>\n); 292 293 # Query based on description (includes "name" from old DB). 293 $sql = "select * from searchme where description ilike '%$query%'"; 294 $sql = "select * from searchme where description ilike '%$query%'". 295 " or custid ilike '%$query%'"; 294 296 my $count = countRows($sql); 295 297 $sql .= " order by cidr limit $RESULTS_PER_PAGE offset $offset";
Note:
See TracChangeset
for help on using the changeset viewer.