Index: branches/htmlform/cgi-bin/CommonWeb.pm =================================================================== --- branches/htmlform/cgi-bin/CommonWeb.pm (revision 501) +++ branches/htmlform/cgi-bin/CommonWeb.pm (revision 502) @@ -16,9 +16,9 @@ $VERSION = 1.00; @ISA = qw(Exporter); -@EXPORT_OK = qw( &printError &printAndExit &desanitize &cleanInput &desanitize); +@EXPORT_OK = qw( &printError ); @EXPORT = (); #export nothing by default -%EXPORT_TAGS = ( ALL => [qw( &printError &printAndExit &desanitize &cleanInput )], - lean => [qw( &printError &printAndExit &cleanInput )] +%EXPORT_TAGS = ( ALL => [qw( &printError )], + lean => [qw( &printError )] ); @@ -34,38 +34,4 @@ } -sub printAndExit($) -{ - my $errStr = $_[0]; - print qq( -

$errStr

- -
- ); - print "
would print footer but already dun gone and shot(self->foot)\n"; - exit(0); -} - -# needs a reference to the webvar hash. -# takes out backticks and single quotes -sub cleanInput($) -{ - my $hashRef = $_[0]; - - foreach my $key (keys %$hashRef) - { - $hashRef->{$key} =~ s/`/\\`/g; - $hashRef->{$key} =~ s/'/\'/g; - } -} - -# undoes clean input. takes a string as an arg. -sub desanitize($) -{ - my $string = $_[0]; - $string =~ s/\\`/`/g; - $string =~ s/\\'/'/g; - return $string; -} - # indicate that the module loaded okay. 1; Index: branches/htmlform/cgi-bin/search.cgi =================================================================== --- branches/htmlform/cgi-bin/search.cgi (revision 501) +++ branches/htmlform/cgi-bin/search.cgi (revision 502) @@ -40,4 +40,24 @@ } +# Global variables +my $RESULTS_PER_PAGE = 25; + +# anyone got a better name? :P +my $thingroot = $ENV{SCRIPT_FILENAME}; +$thingroot =~ s|cgi-bin/search.cgi||; + +# Set up the CGI object... +my $q = new CGI::Simple; +# ... and get query-string params as well as POST params if necessary +$q->parse_query_string; + +# Convenience; saves changing all references to %webvar +##fixme: tweak for handling (list with multiple selection) -my %webvar = $q->Vars; - -if (defined($webvar{rpp})) { - ($RESULTS_PER_PAGE) = ($webvar{rpp} =~ /(\d+)/); +if ($ip_dbh) { + checkDBSanity($ip_dbh); + initIPDBGlobals($ip_dbh); } @@ -88,5 +87,9 @@ print "Content-type: text/html\n\n", $header->output; -if ($webvar{stype} eq 'q') { +# Handle the DB error first +if (!$ip_dbh) { + $page = HTML::Template->new(filename => "dberr.tmpl"); + $page->param(errmsg => $errstr); +} elsif ($webvar{stype} eq 'q') { # Quick search. @@ -131,7 +134,6 @@ $sqlconcat = "UNION"; } else { - # We can't get here. PTHBTT! - printAndExit "PTHBTT!! Your search has been rejected due to Microsoft excuse #4432: ". - "Not enough mana"; + # sum-buddy tryn'a game the system. Match "all" + $sqlconcat = "INTERSECT"; } @@ -210,6 +212,6 @@ "text(cidr) like '$webvar{cidr}%')"; } else { - # This shouldn't happen, but if it does, whoever gets it deserves what they get... - printAndExit("Invalid netblock query."); + # do nothing. + ##fixme we'll ignore this to clear out the references to legacy code. } # done with CIDR query options.