Changeset 502 for branches/htmlform
- Timestamp:
- 09/23/11 17:36:06 (13 years ago)
- Location:
- branches/htmlform/cgi-bin
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/htmlform/cgi-bin/CommonWeb.pm
r480 r502 16 16 $VERSION = 1.00; 17 17 @ISA = qw(Exporter); 18 @EXPORT_OK = qw( &printError &printAndExit &desanitize &cleanInput &desanitize);18 @EXPORT_OK = qw( &printError ); 19 19 20 20 @EXPORT = (); #export nothing by default 21 %EXPORT_TAGS = ( ALL => [qw( &printError &printAndExit &desanitize &cleanInput)],22 lean => [qw( &printError &printAndExit &cleanInput)]21 %EXPORT_TAGS = ( ALL => [qw( &printError )], 22 lean => [qw( &printError )] 23 23 ); 24 24 … … 34 34 } 35 35 36 sub printAndExit($)37 {38 my $errStr = $_[0];39 print qq(40 <center><p class="regular"> $errStr </p>41 <input type="button" value="Back" onclick="history.go(-1)">42 </center>43 );44 print "<br>would print footer but already dun gone and shot(self->foot)\n";45 exit(0);46 }47 48 # needs a reference to the webvar hash.49 # takes out backticks and single quotes50 sub cleanInput($)51 {52 my $hashRef = $_[0];53 54 foreach my $key (keys %$hashRef)55 {56 $hashRef->{$key} =~ s/`/\\`/g;57 $hashRef->{$key} =~ s/'/\'/g;58 }59 }60 61 # undoes clean input. takes a string as an arg.62 sub desanitize($)63 {64 my $string = $_[0];65 $string =~ s/\\`/`/g;66 $string =~ s/\\'/'/g;67 return $string;68 }69 70 36 # indicate that the module loaded okay. 71 37 1; -
branches/htmlform/cgi-bin/search.cgi
r481 r502 40 40 } 41 41 42 # Global variables 43 my $RESULTS_PER_PAGE = 25; 44 45 # anyone got a better name? :P 46 my $thingroot = $ENV{SCRIPT_FILENAME}; 47 $thingroot =~ s|cgi-bin/search.cgi||; 48 49 # Set up the CGI object... 50 my $q = new CGI::Simple; 51 # ... and get query-string params as well as POST params if necessary 52 $q->parse_query_string; 53 54 # Convenience; saves changing all references to %webvar 55 ##fixme: tweak for handling <select multiple='y' size=3> (list with multiple selection) 56 my %webvar = $q->Vars; 57 58 if (defined($webvar{rpp})) { 59 ($RESULTS_PER_PAGE) = ($webvar{rpp} =~ /(\d+)/); 60 } 61 42 62 # Why not a global DB handle? (And a global statement handle, as well...) 43 63 # Use the connectDB function, otherwise we end up confusing ourselves … … 46 66 my $errstr; 47 67 ($ip_dbh,$errstr) = connectDB_My; 48 if (!$ip_dbh) { 49 printAndExit("Failed to connect to database: $errstr\n"); 50 } 51 checkDBSanity($ip_dbh); 52 initIPDBGlobals($ip_dbh); 53 54 # Global variables 55 my $RESULTS_PER_PAGE = 25; 56 57 # anyone got a better name? :P 58 my $thingroot = $ENV{SCRIPT_FILENAME}; 59 $thingroot =~ s|cgi-bin/search.cgi||; 60 61 # Set up the CGI object... 62 my $q = new CGI::Simple; 63 # ... and get query-string params as well as POST params if necessary 64 $q->parse_query_string; 65 66 # Convenience; saves changing all references to %webvar 67 ##fixme: tweak for handling <select multiple='y' size=3> (list with multiple selection) 68 my %webvar = $q->Vars; 69 70 if (defined($webvar{rpp})) { 71 ($RESULTS_PER_PAGE) = ($webvar{rpp} =~ /(\d+)/); 68 if ($ip_dbh) { 69 checkDBSanity($ip_dbh); 70 initIPDBGlobals($ip_dbh); 72 71 } 73 72 … … 88 87 print "Content-type: text/html\n\n", $header->output; 89 88 90 if ($webvar{stype} eq 'q') { 89 # Handle the DB error first 90 if (!$ip_dbh) { 91 $page = HTML::Template->new(filename => "dberr.tmpl"); 92 $page->param(errmsg => $errstr); 93 } elsif ($webvar{stype} eq 'q') { 91 94 # Quick search. 92 95 … … 131 134 $sqlconcat = "UNION"; 132 135 } else { 133 # We can't get here. PTHBTT! 134 printAndExit "PTHBTT!! Your search has been rejected due to Microsoft excuse #4432: ". 135 "Not enough mana"; 136 # sum-buddy tryn'a game the system. Match "all" 137 $sqlconcat = "INTERSECT"; 136 138 } 137 139 … … 210 212 "text(cidr) like '$webvar{cidr}%')"; 211 213 } else { 212 # This shouldn't happen, but if it does, whoever gets it deserves what they get...213 printAndExit("Invalid netblock query.");214 # do nothing. 215 ##fixme we'll ignore this to clear out the references to legacy code. 214 216 } # done with CIDR query options. 215 217
Note:
See TracChangeset
for help on using the changeset viewer.