Changeset 538


Ignore:
Timestamp:
11/01/12 16:28:15 (11 years ago)
Author:
Kris Deugau
Message:

/trunk

Remove SQL in favour of calls to existing subs on delete confirmation
page. See #34.
Tweak template to remove a stale form variable and tighten
HTML-entities escaping on delete confirmation page. See #3.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/cgi-bin/main.cgi

    r536 r538  
    806806  }
    807807
    808   my ($cidr, $custid, $type, $city, $circid, $desc, $notes, $alloctype, $privdata);
     808  my $blockdata;
    809809
    810810  if ($webvar{alloctype} eq 'rm') {
    811     $sth = $ip_dbh->prepare("select cidr,city from routed where cidr='$webvar{block}'");
    812     $sth->execute();
    813 
    814 # This feels...  extreme.
    815     croak $sth->errstr() if($sth->errstr());
    816 
    817     $sth->bind_columns(\$cidr,\$city);
    818     $sth->execute();
    819     $sth->fetch || croak $sth->errstr();
    820     $custid = "N/A";
    821     $alloctype = $webvar{alloctype};
    822     $circid = "N/A";
    823     $desc = "N/A";
    824     $notes = "N/A";
    825     $privdata = "N/A";
     811
     812    $blockdata->{block} = $webvar{block};
     813    $blockdata->{city} = getRoutedCity($ip_dbh, $webvar{block});
     814    $blockdata->{custid} = "N/A";
     815    $blockdata->{type} = $webvar{alloctype};
     816    $blockdata->{circuitid} = "N/A";
     817    $blockdata->{description} = "N/A";
     818    $blockdata->{notes} = "N/A";
     819    $blockdata->{privdata} = "N/A";
    826820
    827821  } elsif ($webvar{alloctype} eq 'mm') {
    828822
    829     $cidr = $webvar{block};
    830     $city = "N/A";
    831     $custid = "N/A";
    832     $alloctype = $webvar{alloctype};
    833     $circid = "N/A";
    834     $desc = "N/A";
    835     $notes = "N/A";
    836     $privdata = "N/A";
    837 
    838   } elsif ($webvar{alloctype} =~ /^.i$/) { # done with alloctype=[rm]m
    839 
    840     # Unassigning a static IP
    841     my $sth = $ip_dbh->prepare("select ip,custid,city,type,notes,circuitid,privdata".
    842         " from poolips where ip='$webvar{block}'");
    843     $sth->execute();
    844 #  croak $sth->errstr() if($sth->errstr());
    845 
    846     $sth->bind_columns(\$cidr, \$custid, \$city, \$alloctype, \$notes, \$circid,
    847         \$privdata);
    848     $sth->fetch() || croak $sth->errstr;
    849 
    850   } else { # done with alloctype=~ /^.i$/
    851 
    852     my $sth = $ip_dbh->prepare("select cidr,custid,type,city,circuitid,description,notes,privdata".
    853         " from allocations where cidr='$webvar{block}'");
    854     $sth->execute();
    855 #       croak $sth->errstr() if($sth->errstr());
    856 
    857     $sth->bind_columns(\$cidr, \$custid, \$alloctype, \$city, \$circid, \$desc,
    858         \$notes, \$privdata);
    859     $sth->fetch() || carp $sth->errstr;
     823    $blockdata->{block} = $webvar{block};
     824    $blockdata->{city} = "N/A";
     825    $blockdata->{custid} = "N/A";
     826    $blockdata->{type} = $webvar{alloctype};
     827    $blockdata->{circuitid} = "N/A";
     828    $blockdata->{description} = "N/A";
     829    $blockdata->{notes} = "N/A";
     830    $blockdata->{privdata} = "N/A";
     831
     832  } else {
     833
     834    $blockdata = getBlockData($ip_dbh, $webvar{block})
     835
    860836  } # end cases for different alloctypes
    861837
    862   $page->param(block => $cidr);
    863   $page->param(disptype => $disp_alloctypes{$alloctype});
    864   $page->param(type => $alloctype);
    865   $page->param(city => $city);
    866   $page->param(custid => $custid);
    867   $page->param(circid => $circid);
    868   $page->param(desc => $desc);
    869   $page->param(notes => $notes);
    870   $privdata = ' ' if $privdata eq '';
    871   $page->param(privdata => $privdata) if $IPDBacl{$authuser} =~ /s/;
    872   $page->param(delpool => $alloctype =~ /^.[pd]$/);
     838  $page->param(block => $blockdata->{block});
     839  $page->param(disptype => $disp_alloctypes{$blockdata->{type}});
     840  $page->param(type => $blockdata->{type});
     841  $page->param(city => $blockdata->{city});
     842  $page->param(custid => $blockdata->{custid});
     843  $page->param(circid => $blockdata->{circuitid});
     844  $page->param(desc => $blockdata->{description});
     845  $blockdata->{notes} = $q->escapeHTML($blockdata->{notes});
     846  $blockdata->{notes} =~ s/\n/<br>\n/;
     847  $page->param(notes => $blockdata->{notes});
     848  $blockdata->{privdata} = $q->escapeHTML($blockdata->{privdata});
     849  $blockdata->{privdata} = '&nbsp;' if $blockdata->{privdata} eq '';
     850  $blockdata->{privdata} =~ s/\n/<br>\n/;
     851  $page->param(privdata => $blockdata->{privdata}) if $IPDBacl{$authuser} =~ /s/;
     852  $page->param(delpool => $blockdata->{type} =~ /^.[pd]$/);
    873853
    874854} # end remove()

  • trunk/templates/delete.tmpl

    r517 r538  
    2727<tr class="row0">
    2828<td>Circuit ID:</td>
    29 <td><TMPL_VAR NAME=circid></td>
     29<td><TMPL_VAR ESCAPE=HTML NAME=circid></td>
    3030</tr>
    3131
    3232<tr class="row1">
    3333<td valign="top">Description/Name:</td>
    34 <td><TMPL_VAR NAME=desc></td>
     34<td><TMPL_VAR ESCAPE=HTML NAME=desc></td>
    3535</tr>
    3636
     
    4242<TMPL_IF privdata>
    4343<tr class="row1">
    44 <td>Restricted data:</td>
     44<td valign="top">Restricted data:</td>
    4545<td><TMPL_VAR NAME=privdata></td>
    4646</tr>
     
    6060<input type="button" value="Back" onclick="history.go(-1)"><input type="submit" value="Confirm">
    6161<input type="hidden" name="block" value="<TMPL_VAR NAME=block>">
    62 <input type="hidden" name="city" value="<TMPL_VAR NAME=city>">
    6362<input type="hidden" name="alloctype" value="<TMPL_VAR NAME=type>">
    6463<input type="hidden" name="action" value="finaldelete">
Note: See TracChangeset for help on using the changeset viewer.