Changeset 534


Ignore:
Timestamp:
10/31/12 16:51:18 (11 years ago)
Author:
Kris Deugau
Message:

/trunk

Clean up and merge SQL for block-edit page into getBlockData.
Fortunately, the enhancement does not affect previous uses of
that sub. See #34.
Also tweak the template with a whitespace nitpick and to escape
HTML-funky characters in the circuit ID, description, notes, or
restricted data. Still need to confirm these can be reversed
on submission. See The Ticket That Won't Die, #3.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/cgi-bin/IPDB.pm

    r533 r534  
    11841184
    11851185## IPDB::getBlockData()
    1186 # Return custid, type, city, and description for a block
     1186# Get CIDR or IP, custid, type, city, circuit ID, description, notes, modification time, private/restricted
     1187# data, for a CIDR block or pool IP
     1188# Also returns SWIP status flag for CIDR blocks
     1189# Takes the block/IP to look up
     1190# Returns an arrayref to a list of hashrefs
    11871191sub getBlockData {
    11881192  my $dbh = shift;
    11891193  my $block = shift;
    11901194
    1191   my $binfo = $dbh->selectrow_hashref("SELECT cidr,custid,type,city,description FROM searchme".
    1192         " WHERE cidr = ?", undef, ($block) );
     1195  my $cidr = new NetAddr::IP $block;
     1196
     1197  my $keycol = 'cidr';
     1198  my $blocktable = 'allocations';
     1199  my $poolip = 0;
     1200
     1201  # Pool IP and IPv6 check all in one!  Still needs to be tightened
     1202  # up a little for the as-yet-unhandled case of IPv6 IP pools
     1203  if ($cidr->bits == 32 && $cidr->masklen == 32) {
     1204    $poolip = 1;
     1205    $keycol = 'ip';
     1206    $blocktable = 'poolips';
     1207  }
     1208  my $binfo = $dbh->selectrow_hashref("SELECT $keycol AS block, custid, type, city, circuitid, description,".
     1209        " notes, modifystamp AS lastmod, privdata".($poolip ? '' : ', swip')." FROM $blocktable".
     1210        " WHERE $keycol = ?", undef, ($block) );
    11931211  return $binfo;
    11941212} # end getBlockData()
  • trunk/cgi-bin/main.cgi

    r533 r534  
    638638sub edit {
    639639
    640   my $sql;
    641 
    642   # Two cases:  block is a netblock, or block is a static IP from a pool
    643   # because I'm lazy, we'll try to make the SELECT's bring out identical)ish) data
    644 ##fixme:  allow "SWIP" (publication to rWHOIS) of static IP data
    645   if ($webvar{block} =~ /\/32$/) {
    646     $sql = "select ip,custid,type,city,circuitid,description,notes,modifystamp,privdata from poolips where ip='$webvar{block}'";
    647   } else {
    648     $sql = "select cidr,custid,type,city,circuitid,description,notes,modifystamp,privdata,swip from allocations where cidr='$webvar{block}'"
    649   }
    650 
    651   # gotta snag block info from db
    652   $sth = $ip_dbh->prepare($sql);
    653   $sth->execute;
    654   my @data = $sth->fetchrow_array;
    655 
    656   # Clean up extra whitespace on alloc type
    657   $data[2] =~ s/\s//;
    658 
    659   # We can't let the city be changed here;  this block is a part of
    660   # a larger routed allocation and therefore by definition can't be moved.
    661   # block and city are static.
    662 ##fixme
    663 # Needs thinking.  Have to allow changes to city to correct errors, no?
    664 # Also have areas where a routed block at a POP serves "many" cities/towns/named crossroads
    665 
    666 # @data: cidr,custid,type,city,circuitid,description,notes,modifystamp,privdata,swip
     640  # snag block info from db
     641  my $blockinfo = getBlockData($ip_dbh, $webvar{block});
     642
     643  # Clean up extra whitespace on alloc type.  Mainly a legacy-data cleanup.
     644  $blockinfo->{type} =~ s/\s//;
    667645
    668646  $page->param(block => $webvar{block});
    669647
    670   $page->param(custid => $data[1]);
    671   $page->param(city => $data[3]);
    672   $page->param(circid => $data[4]);
    673   $page->param(desc => $data[5]);
    674   $page->param(notes => $data[6]);
     648  $page->param(custid   => $blockinfo->{custid});
     649  $page->param(city     => $blockinfo->{city});
     650  $page->param(circid   => $blockinfo->{circuitid});
     651  $page->param(desc     => $blockinfo->{description});
     652  $page->param(notes    => $blockinfo->{notes});
    675653
    676654##fixme The check here should be built from the database
    677655# Need to expand to support pool types too
    678   if ($data[2] =~ /^.[ne]$/ && $IPDBacl{$authuser} =~ /c/) {
     656  if ($blockinfo->{type} =~ /^.[ne]$/ && $IPDBacl{$authuser} =~ /c/) {
    679657    $page->param(changetype => 1);
    680658    $page->param(alloctype => [
    681                 { selme => ($data[2] eq 'me'), type => "me", disptype => "Dialup netblock" },
    682                 { selme => ($data[2] eq 'de'), type => "de", disptype => "Dynamic DSL netblock" },
    683                 { selme => ($data[2] eq 'ce'), type => "ce", disptype => "Dynamic cable netblock" },
    684                 { selme => ($data[2] eq 'we'), type => "we", disptype => "Dynamic wireless netblock" },
    685                 { selme => ($data[2] eq 'cn'), type => "cn", disptype => "Customer netblock" },
    686                 { selme => ($data[2] eq 'en'), type => "en", disptype => "End-use netblock" },
    687                 { selme => ($data[2] eq 'in'), type => "in", disptype => "Internal netblock" },
     659                { selme => ($blockinfo->{type} eq 'me'), type => "me", disptype => "Dialup netblock" },
     660                { selme => ($blockinfo->{type} eq 'de'), type => "de", disptype => "Dynamic DSL netblock" },
     661                { selme => ($blockinfo->{type} eq 'ce'), type => "ce", disptype => "Dynamic cable netblock" },
     662                { selme => ($blockinfo->{type} eq 'we'), type => "we", disptype => "Dynamic wireless netblock" },
     663                { selme => ($blockinfo->{type} eq 'cn'), type => "cn", disptype => "Customer netblock" },
     664                { selme => ($blockinfo->{type} eq 'en'), type => "en", disptype => "End-use netblock" },
     665                { selme => ($blockinfo->{type} eq 'in'), type => "in", disptype => "Internal netblock" },
    688666                ]
    689667        );
    690668  } else {
    691     $page->param(disptype => $disp_alloctypes{$data[2]});
    692     $page->param(type => $data[2]);
     669    $page->param(disptype => $disp_alloctypes{$blockinfo->{type}});
     670    $page->param(type => $blockinfo->{type});
    693671  }
    694672
     
    697675  $page->param(havenodeid => $nodeid);
    698676
    699   if ($data[2] eq 'fr' || $data[2] eq 'bi') {
     677  if ($blockinfo->{type} eq 'fr' || $blockinfo->{type} eq 'bi') {
    700678    $page->param(typesupportsnodes => 1);
    701679    $page->param(nodename => $nodename);
     
    715693## end node hack
    716694
    717   my ($lastmod,undef) = split /\s+/, $data[7];
     695  my ($lastmod,undef) = split /\s+/, $blockinfo->{lastmod};
    718696  $page->param(lastmod => $lastmod);
    719697
    720698  # not happy with the upside-down logic, but...
    721   $page->param(swipable => $data[2] !~ /.i/);
    722   $page->param(swip => $data[10] ne 'n');
     699  $page->param(swipable => $blockinfo->{type} !~ /.i/);
     700  $page->param(swip => $blockinfo->{swip} ne 'n') if $blockinfo->{swip};
    723701
    724702  # Check to see if we can display sensitive data
    725703  $page->param(nocling => $IPDBacl{$authuser} =~ /s/);
    726   $page->param(privdata => $data[8]);
     704  $page->param(privdata => $blockinfo->{privdata});
    727705
    728706  # ACL trickery - these two template booleans control the presence of all form/input tags
  • trunk/templates/edit.tmpl

    r530 r534  
    8282<TMPL_IF swipable>
    8383<TMPL_IF maychange>
    84 <input type="checkbox" name="swip" <TMPL_IF swip>checked="checked"</TMPL_IF>>
     84<input type="checkbox" name="swip"<TMPL_IF swip> checked="checked"</TMPL_IF>>
    8585<TMPL_ELSE>
    8686<TMPL_IF swip>Yes<TMPL_ELSE>No</TMPL_IF>
     
    101101<td class="regular">
    102102<TMPL_IF maychange>
    103 <input type="text" name="circid" value="<TMPL_VAR NAME=circid>" maxlength=64 size=64 class="regular">
     103<input type="text" name="circid" value="<TMPL_VAR ESCAPE=HTML NAME=circid>" maxlength=64 size=64 class="regular">
    104104<TMPL_ELSE>
    105 <TMPL_VAR NAME=circid>
     105<TMPL_VAR ESCAPE=HTML NAME=circid>
    106106</TMPL_IF>
    107107</td>
     
    112112<td class="regular">
    113113<TMPL_IF maychange>
    114 <input type="text" name="desc" value="<TMPL_VAR NAME=desc>" maxlength=64 size=64 class="regular">
     114<input type="text" name="desc" value="<TMPL_VAR ESCAPE=HTML NAME=desc>" maxlength=64 size=64 class="regular">
    115115<TMPL_ELSE>
    116 <TMPL_VAR NAME=desc>
     116<TMPL_VAR ESCAPE=HTML NAME=desc>
    117117</TMPL_IF>
    118118</td>
     
    122122<td class="heading" valign="top">Notes:</td>
    123123<td class="regular">
    124 <TMPL_IF maychange><textarea rows="8" cols="64" name="notes" class="regular"><TMPL_VAR NAME=notes></textarea>
     124<TMPL_IF maychange><textarea rows="8" cols="64" name="notes" class="regular"><TMPL_VAR ESCAPE=HTML NAME=notes></textarea>
    125125<TMPL_ELSE>
    126 <TMPL_VAR NAME=notes>
     126<TMPL_VAR ESCAPE=HTML NAME=notes>
    127127</TMPL_IF>
    128128</td>
     
    134134<td class="regular">
    135135<TMPL_IF maychange>
    136 <textarea rows="3" cols="64" name="privdata" class="regular"><TMPL_VAR NAME=privdata></textarea>
     136<textarea rows="3" cols="64" name="privdata" class="regular"><TMPL_VAR ESCAPE=HTML NAME=privdata></textarea>
    137137<TMPL_ELSE>
    138 <TMPL_VAR NAME=privdata>
     138<TMPL_VAR ESCAPE=HTML NAME=privdata>
    139139</TMPL_IF>
    140140</td>
Note: See TracChangeset for help on using the changeset viewer.