1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
#!/usr/bin/perl
use strict;
use warnings;
use Config::Simple;
use CGI::Simple;
use CGI::Session;
use DBI;
tie my %Config, "Config::Simple", '/etc/mat.conf';
my $q = new CGI::Simple;
my $id = $q->param('id');
my $action = $q->param('action');
my $storage = $q->param('storage');
my $session = CGI::Session->new(undef, undef, {Directory =>
$Config{'session_directory'}});
sub misconfigured
{
print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
print "This system is misconfigured.\n";
exit 1;
}
sub invalid_input()
{
print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
print "Invalid input.\n";
exit 1;
}
sub unauthorized()
{
print "Content-Type: text/plain; charset=utf-8\n\r\n\r";
print "Not authorized!\n";
exit 1;
}
sub send_cookie()
{
print $session->header(-type => 'text/html', -charset => 'utf8');
}
sub cmd_view($)
{
my ( $id ) = @_;
my $db = DBI->connect($Config{'database'}, "", "",
{HandleError => \&misconfigured, AutoCommit => 1});
my $recipe_row = $db->selectrow_arrayref("SELECT name, storage, uri, ".
"amount, energy FROM recipes AS r JOIN inventory AS i ".
"ON i.recipe_id=r.id WHERE i.id=".$id.";");
print $id, "<br />", $$recipe_row[0], "<br />", $$recipe_row[1], "<br />";
print ($$recipe_row[3] ? $$recipe_row[3]." g<br />" : ""), "<br />";
print ($$recipe_row[4] ? $$recipe_row[4]." kJ<br />" : ""), "<br />";
if(substr($$recipe_row[2], 0, 4) eq "http") {
print '<a href="'.$$recipe_row[2].'">'.$$recipe_row[2].'</a>', "<br />";
} else {
print $$recipe_row[2], "<br />";
}
if ($session->param('authenticated') eq "yes") {
print "<font size=20>\n";
for my $store ( split(" ", $Config{'relocate_stores'}) ) {
print " <a href=".$Config{'label_id_prefix'}."$id/relocate/$store>".
"$store</a> \n";
}
print "</font>";
}
}
sub cmd_relocate($$)
{
my ( $id, $storage ) = @_;
my $db = DBI->connect($Config{'database'}, "", "",
{HandleError => \&misconfigured, AutoCommit => 1});
$db->do('UPDATE inventory SET storage="'.$storage.'" WHERE id='.$id);
cmd_view($id);
}
### MAIN PROGRAM ##############################################################
misconfigured unless ($Config{'database'});
misconfigured unless $session;
invalid_input unless ($id and $action);
invalid_input unless (($id =~ m/^[0-9]+$/) and ($action =~ m/^view|relocate$/) and
($storage =~ /^[a-z0-9]*$/));
send_cookie;
for ($action) {
if (/^view$/) {
cmd_view($id);
}
elsif (/^relocate$/) {
if ($session->param('authenticated') eq "yes") {
$session->expire("5y");
cmd_relocate($id, $storage);
} else {
unauthorized();
}
}
else {
invalid_input;
}
}
|
