diff options
Diffstat (limited to 'cgi-bin/mat.cgi')
-rwxr-xr-x | cgi-bin/mat.cgi | 56 |
1 files changed, 41 insertions, 15 deletions
diff --git a/cgi-bin/mat.cgi b/cgi-bin/mat.cgi index 793671a..d8845f7 100755 --- a/cgi-bin/mat.cgi +++ b/cgi-bin/mat.cgi @@ -14,6 +14,7 @@ my $q = new CGI::Simple; my $id = $q->param('id'); my $action = $q->param('action'); my $storage = $q->param('storage'); +my $password = $q->param('password'); my $session = CGI::Session->new(undef, undef, {Directory => $Config{'session_directory'}}); @@ -50,15 +51,18 @@ sub cmd_view($) my $db = DBI->connect($Config{'database'}, "", "", {HandleError => \&misconfigured, AutoCommit => 1}); - my $recipe_row = $db->selectrow_arrayref("SELECT name, storage, uri FROM ". - "recipes AS r JOIN inventory AS i ON i.recipe_id=r.id WHERE i.id=".$id. - ";"); + my $portion = $db->selectrow_hashref("SELECT name, storage, uri, amount, ". + "energy FROM recipes AS r JOIN inventory AS i ON i.recipe_id=r.id ". + "WHERE i.id=".$id.";"); - print $id, "<br />", $$recipe_row[0], "<br />", $$recipe_row[1], "<br />"; - if(substr($$recipe_row[2], 0, 4) eq "http") { - print '<a href="'.$$recipe_row[2].'">'.$$recipe_row[2].'</a>', "<br />"; + print $id, "<br />", $portion->{name}, "<br />\n"; + print $portion->{storage}, "<br />\n"; + print $portion->{amount} ? $portion->{amount}." g<br />" : "", "<br />\n"; + print $portion->{energy} ? $portion->{energy}." kJ<br />" : "", "<br />\n"; + if(substr($portion->{uri}, 0, 4) eq "http") { + print '<a href="'.$portion->{uri}.'">'.$portion->{uri}.'</a>', "<br />\n"; } else { - print $$recipe_row[2], "<br />"; + print $portion->{uri}, "<br />\n"; } if ($session->param('authenticated') eq "yes") { print "<font size=20>\n"; @@ -66,7 +70,7 @@ sub cmd_view($) print " <a href=".$Config{'label_id_prefix'}."$id/relocate/$store>". "$store</a> \n"; } - print "</font>"; + print "</font>\n"; } } @@ -82,29 +86,51 @@ sub cmd_relocate($$) cmd_view($id); } +sub cmd_login($) +{ + my ( $password ) = @_; + + if ( $password and ($password eq $Config{'password'} )) { + $session->param('authenticated', "yes"); + print "welcome."; + } else { + print "<form>\n"; + print "<input name=password>\n"; + print "<input type=submit>\n"; + print "</form>\n"; + } +} + ### MAIN PROGRAM ############################################################## misconfigured unless ($Config{'database'}); misconfigured unless $session; -invalid_input unless ($id and $action); +invalid_input unless $action; + +if ($action eq "view") { + invalid_input unless ($id and $id =~ m/^[0-9]+$/); +} elsif ($action eq "relocate") { + invalid_input unless (($id =~ m/^[0-9]+$/) and ($storage =~ /^[a-z0-9]*$/)); +} elsif ($action eq "login") { +} else { + invalid_input; +} -invalid_input unless (($id =~ m/^[0-9]+$/) and ($action =~ m/^view|relocate$/) and - ($storage =~ /^[a-z0-9]*$/)); send_cookie; for ($action) { if (/^view$/) { cmd_view($id); - } - elsif (/^relocate$/) { + } elsif (/^relocate$/) { if ($session->param('authenticated') eq "yes") { $session->expire("5y"); cmd_relocate($id, $storage); } else { unauthorized(); } - } - else { + } elsif (/^login$/) { + cmd_login($password); + } else { invalid_input; } } |