From 8459903fa0ab8e61a9a373ef74c2e6c3963b7c78 Mon Sep 17 00:00:00 2001 From: cos Date: Sun, 19 Jun 2016 20:24:32 +0200 Subject: Implement login via web. --- cgi-bin/lada-20150110 | 110 ++++++++++++++++++++++++++++++++++++++++++ cgi-bin/lada.cgi | 109 +++++++++++++++++++++++++++++++++++++++++ cgi-bin/mat.cgi | 37 +++++++++++--- cgi-bin/mat.cgi-package | 125 ++++++++++++++++++++++++++++++++++++++++++++++++ cgi-bin/relocatehook.sh | 3 ++ 5 files changed, 377 insertions(+), 7 deletions(-) create mode 100755 cgi-bin/lada-20150110 create mode 100755 cgi-bin/lada.cgi create mode 100755 cgi-bin/mat.cgi-package create mode 100755 cgi-bin/relocatehook.sh diff --git a/cgi-bin/lada-20150110 b/cgi-bin/lada-20150110 new file mode 100755 index 0000000..793671a --- /dev/null +++ b/cgi-bin/lada-20150110 @@ -0,0 +1,110 @@ +#!/usr/bin/perl + +use strict; +use warnings; + +use Config::Simple; +use CGI::Simple; +use CGI::Session; +use DBI; + +tie my %Config, "Config::Simple", '/etc/mat.conf'; + +my $q = new CGI::Simple; +my $id = $q->param('id'); +my $action = $q->param('action'); +my $storage = $q->param('storage'); +my $session = CGI::Session->new(undef, undef, {Directory => + $Config{'session_directory'}}); + +sub misconfigured +{ + print "Content-Type: text/plain; charset=utf-8\n\r\n\r"; + print "This system is misconfigured.\n"; + exit 1; +} + +sub invalid_input() +{ + print "Content-Type: text/plain; charset=utf-8\n\r\n\r"; + print "Invalid input.\n"; + exit 1; +} + +sub unauthorized() +{ + print "Content-Type: text/plain; charset=utf-8\n\r\n\r"; + print "Not authorized!\n"; + exit 1; +} + +sub send_cookie() +{ + print $session->header(-type => 'text/html', -charset => 'utf8'); +} + +sub cmd_view($) +{ + my ( $id ) = @_; + + my $db = DBI->connect($Config{'database'}, "", "", + {HandleError => \&misconfigured, AutoCommit => 1}); + + my $recipe_row = $db->selectrow_arrayref("SELECT name, storage, uri FROM ". + "recipes AS r JOIN inventory AS i ON i.recipe_id=r.id WHERE i.id=".$id. + ";"); + + print $id, "
", $$recipe_row[0], "
", $$recipe_row[1], "
"; + if(substr($$recipe_row[2], 0, 4) eq "http") { + print ''.$$recipe_row[2].'', "
"; + } else { + print $$recipe_row[2], "
"; + } + if ($session->param('authenticated') eq "yes") { + print "\n"; + for my $store ( split(" ", $Config{'relocate_stores'}) ) { + print " ". + "$store \n"; + } + print ""; + } +} + +sub cmd_relocate($$) +{ + my ( $id, $storage ) = @_; + + my $db = DBI->connect($Config{'database'}, "", "", + {HandleError => \&misconfigured, AutoCommit => 1}); + + $db->do('UPDATE inventory SET storage="'.$storage.'" WHERE id='.$id); + + cmd_view($id); +} + +### MAIN PROGRAM ############################################################## + +misconfigured unless ($Config{'database'}); +misconfigured unless $session; +invalid_input unless ($id and $action); + +invalid_input unless (($id =~ m/^[0-9]+$/) and ($action =~ m/^view|relocate$/) and + ($storage =~ /^[a-z0-9]*$/)); +send_cookie; + +for ($action) { + if (/^view$/) { + cmd_view($id); + } + elsif (/^relocate$/) { + if ($session->param('authenticated') eq "yes") { + $session->expire("5y"); + cmd_relocate($id, $storage); + } else { + unauthorized(); + } + } + else { + invalid_input; + } +} diff --git a/cgi-bin/lada.cgi b/cgi-bin/lada.cgi new file mode 100755 index 0000000..f3b2554 --- /dev/null +++ b/cgi-bin/lada.cgi @@ -0,0 +1,109 @@ +#!/usr/bin/perl + +use strict; +use warnings; + +use Config::Simple; +use CGI::Simple; +use CGI::Session; +use DBI; + +tie my %Config, "Config::Simple", '/etc/mat.conf'; + +my $q = new CGI::Simple; +my $id = $q->param('id'); +my $action = $q->param('action'); +my $storage = $q->param('storage'); +my $session = CGI::Session->new(undef, undef, {Directory => + $Config{'session_directory'}}); + +sub misconfigured +{ + print "Content-Type: text/plain; charset=utf-8\n\r\n\r"; + print "This system is misconfigured.\n"; + exit 1; +} + +sub invalid_input() +{ + print "Content-Type: text/plain; charset=utf-8\n\r\n\r"; + print "Invalid input.\n"; + exit 1; +} + +sub unauthorized() +{ + print "Content-Type: text/plain; charset=utf-8\n\r\n\r"; + print "Not authorized!\n"; + exit 1; +} + +sub send_cookie() +{ + print $session->header(-type => 'text/html', -charset => 'utf8'); +} + +sub cmd_view($) +{ + my ( $id ) = @_; + + my $db = DBI->connect($Config{'database'}, "", "", + {HandleError => \&misconfigured, AutoCommit => 1}); + + my $recipe_row = $db->selectrow_arrayref("SELECT name, storage, uri FROM ". + "recipes AS r JOIN inventory AS i ON i.recipe_id=r.id WHERE i.id=".$id. + ";"); + + print $id, "
", $$recipe_row[0], "
", $$recipe_row[1], "
"; + if(substr($$recipe_row[2], 0, 4) eq "http") { + print ''.$$recipe_row[2].'', "
"; + } else { + print $$recipe_row[2], "
"; + } + if ($session->param('authenticated') eq "yes") { + print ''; + print "magen "; + print "hemkyl "; + print "jobbfrys "; + print "jobbkyl"; + print ''; + } +} + +sub cmd_relocate($$) +{ + my ( $id, $storage ) = @_; + + my $db = DBI->connect($Config{'database'}, "", "", + {HandleError => \&misconfigured, AutoCommit => 1}); + + $db->do('UPDATE inventory SET storage="'.$storage.'" WHERE id='.$id); + + cmd_view($id); +} + +### MAIN PROGRAM ############################################################## + +misconfigured unless ($Config{'database'}); +misconfigured unless $session; +invalid_input unless ($id and $action); + +invalid_input unless (($id =~ m/^[0-9]+$/) and ($action =~ m/^view|relocate$/) and + ($storage =~ /^[a-z0-9]*$/)); +send_cookie; + +for ($action) { + if (/^view$/) { + cmd_view($id); + } + elsif (/^relocate$/) { + if ($session->param('authenticated') eq "yes") { + cmd_relocate($id, $storage); + } else { + unauthorized(); + } + } + else { + invalid_input; + } +} diff --git a/cgi-bin/mat.cgi b/cgi-bin/mat.cgi index 52239d5..d8845f7 100755 --- a/cgi-bin/mat.cgi +++ b/cgi-bin/mat.cgi @@ -14,6 +14,7 @@ my $q = new CGI::Simple; my $id = $q->param('id'); my $action = $q->param('action'); my $storage = $q->param('storage'); +my $password = $q->param('password'); my $session = CGI::Session->new(undef, undef, {Directory => $Config{'session_directory'}}); @@ -85,29 +86,51 @@ sub cmd_relocate($$) cmd_view($id); } +sub cmd_login($) +{ + my ( $password ) = @_; + + if ( $password and ($password eq $Config{'password'} )) { + $session->param('authenticated', "yes"); + print "welcome."; + } else { + print "
\n"; + print "\n"; + print "\n"; + print "
\n"; + } +} + ### MAIN PROGRAM ############################################################## misconfigured unless ($Config{'database'}); misconfigured unless $session; -invalid_input unless ($id and $action); +invalid_input unless $action; + +if ($action eq "view") { + invalid_input unless ($id and $id =~ m/^[0-9]+$/); +} elsif ($action eq "relocate") { + invalid_input unless (($id =~ m/^[0-9]+$/) and ($storage =~ /^[a-z0-9]*$/)); +} elsif ($action eq "login") { +} else { + invalid_input; +} -invalid_input unless (($id =~ m/^[0-9]+$/) - and ($action =~ m/^view|relocate$/) and ($storage =~ /^[a-z0-9]*$/)); send_cookie; for ($action) { if (/^view$/) { cmd_view($id); - } - elsif (/^relocate$/) { + } elsif (/^relocate$/) { if ($session->param('authenticated') eq "yes") { $session->expire("5y"); cmd_relocate($id, $storage); } else { unauthorized(); } - } - else { + } elsif (/^login$/) { + cmd_login($password); + } else { invalid_input; } } diff --git a/cgi-bin/mat.cgi-package b/cgi-bin/mat.cgi-package new file mode 100755 index 0000000..15ad893 --- /dev/null +++ b/cgi-bin/mat.cgi-package @@ -0,0 +1,125 @@ +#!/usr/bin/perl + +package cgi::mat; + +require Exporter; +@ISA = qw(Exporter); +@EXPORT = qw(misconfigured); + +use strict; +use warnings; + +use Config::Simple; +use CGI::Simple; +use CGI::Session; +use DBI; + +tie my %Config, "Config::Simple", '/etc/mat.conf'; + +my $q = new CGI::Simple; +my $id = $q->param('id'); +my $action = $q->param('action'); +my $storage = $q->param('storage'); +my $session = CGI::Session->new(undef, undef, {Directory => + $Config{'session_directory'}}); + +sub misconfigured +{ + print "Content-Type: text/plain; charset=utf-8\n\r\n\r"; + print "This system is misconfigured.\n"; + exit 1; +} + +sub invalid_input() +{ + print "Content-Type: text/plain; charset=utf-8\n\r\n\r"; + print "Invalid input.\n"; + exit 1; +} + +sub unauthorized() +{ + print "Content-Type: text/plain; charset=utf-8\n\r\n\r"; + print "Not authorized!\n"; + exit 1; +} + +sub send_cookie() +{ + print $session->header(-type => 'text/html', -charset => 'utf8'); +} + +sub cmd_view($) +{ + my ( $id ) = @_; + + my $db = DBI->connect($Config{'database'}, "", "", + {HandleError => \&misconfigured, AutoCommit => 1}); + + my $recipe_row = $db->selectrow_arrayref("SELECT name, storage, uri, ". + "amount, energy FROM recipes AS r JOIN inventory AS i ". + "ON i.recipe_id=r.id WHERE i.id=".$id.";"); + + print $id, "
", $$recipe_row[0], "
", $$recipe_row[1], "
"; + print $$recipe_row[3] ? $$recipe_row[3]." g
" : "", "
"; + print $$recipe_row[4] ? $$recipe_row[4]." kJ
" : "", "
"; + if(substr($$recipe_row[2], 0, 4) eq "http") { + print ''.$$recipe_row[2].'', "
"; + } else { + print $$recipe_row[2], "
"; + } + if ($session->param('authenticated') eq "yes") { + print "\n"; + for my $store ( split(" ", $Config{'relocate_stores'}) ) { + print " ". + "$store \n"; + } + print ""; + } +} + +sub cmd_relocate($$) +{ + my ( $id, $storage ) = @_; + + my $db = DBI->connect($Config{'database'}, "", "", + {HandleError => \&misconfigured, AutoCommit => 1}); + + $db->do('UPDATE inventory SET storage="'.$storage.'" WHERE id='.$id); + + cmd_view($id); +} + +### MAIN PROGRAM ############################################################## + +sub run +{ + misconfigured unless ($Config{'database'}); + misconfigured unless $session; + invalid_input unless ($id and $action); + + invalid_input unless (($id =~ m/^[0-9]+$/) and ($action =~ m/^view|relocate$/) and + ($storage =~ /^[a-z0-9]*$/)); + send_cookie; + + for ($action) { + if (/^view$/) { + cmd_view($id); + } + elsif (/^relocate$/) { + if ($session->param('authenticated') eq "yes") { + $session->expire("5y"); + cmd_relocate($id, $storage); + } else { + unauthorized(); + } + } + else { + invalid_input; + } + } +} + +__PACKAGE__->run( @ARGV ) unless caller(); + +__END__ diff --git a/cgi-bin/relocatehook.sh b/cgi-bin/relocatehook.sh new file mode 100755 index 0000000..19cc279 --- /dev/null +++ b/cgi-bin/relocatehook.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +date "+%s|%Y%m%d %H%M|$1|$2|$3|$4|$5|$6" >> /var/tmp/relocatelogg.txt -- cgit v1.2.3