SCS_DB: edit.pl comparison

comparison edit.pl @ 1:d95e74cd12f4 RELENG_1_0

Initial commit

author	darius
date	Wed, 06 May 1998 14:33:31 +0000
parents
children

comparison

equal deleted inserted replaced

-:019f8230ae37
+:d95e74cd12f4
+#!/usr/local/bin/perl
+require "cgi-lib.pl";
+use DBI;
+$user	= "";
+$passwd	= "";
+$dbname	= "scs";
+MAIN:
+{
+# Read in all the variables set by the form
+&ReadParse(*input);
+print &PrintHeader;
+	print "<BODY BGCOLOR=\"#00000\" TEXT=\"#CCCCCC\" LINK=\"#00EE20\" VLINK=\"#55FF8B\" ALINK=\"#FFFF00\">";
+	print "<META HTTP-EQUIV=\"Pragma\" content=\"no-cache\">\n";
+	print "<TITLE>Edit the SCS Database</TITLE>";
+	print "<H2>Edit the SCS Database</H2>";
+#    print &HtmlTop ("Edit the SCS Database");
+$id = $input{'id'};
+$type = $input{'type'};
+# Is this a query?
+if ($type eq "edit") {
+# Connect to the Database
+		$dbh = DBI->connect("dbi:Pg:dbname=$dbname", $user, $passwd) || bad_exit($sth->errstr);
+# Prepare the select statement
+		$sth = $dbh->prepare("SELECT * FROM members WHERE memberid = $id") || bad_exit($sth->errstr);
+# Execute it
+		$numrows = $sth->execute || bad_exit($sth->errstr);
+# Get one row. Only one.. if there is more than one, bad things have happened :)
+		if (@array = $sth->fetchrow_array) {
+# Check their password
+			if (&dtrail(@array[4]) ne &dtrail($input{'passwd'})) {
+				print "Bad password for Member ID $id<P>\n";
+				print "<A HREF=\"/scs/games/edit.html\">Try again</A>\n";
+			} else {
+# Print out a form which allows the user to change fields
+			    $memberid	= dtrail(@array[0]);
+				$firstname	= dtrail(@array[1]);
+				$lastname	= dtrail(@array[2]);
+				$nickname	= dtrail(@array[3]);
+				$pin		= dtrail(@array[4]);
+				$age		= dtrail(@array[5]);
+				$phone1		= dtrail(@array[6]);
+				$ph1_pub	= dtrail(@array[7]);
+				$phone2		= dtrail(@array[8]);
+				$ph2_pub	= dtrail(@array[9]);
+				$email		= dtrail(@array[10]);
+				$email_pub	= dtrail(@array[11]);
+				$address1	= dtrail(@array[12]);
+				$address2	= dtrail(@array[13]);
+				$address3	= dtrail(@array[14]);
+				$addy_pub	= dtrail(@array[15]);
+				$comments	= dtrail(@array[16]);
+				$joined		= dtrail(@array[17]);
+				$lstmemfee	= dtrail(@array[18]);
+				$lstpddate	= dtrail(@array[19]);
+				print  "<FORM METHOD=GET ACTION=\"/cgi-bin/scs/edit.pl\">\n";
+				print  "<TABLE WIDTH=\"100%\">\n";
+				print  "<TR><TD ALIGN=RIGHT>First Name<TD>";
+				printf("<INPUT TYPE=TEXT NAME=fname VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+					   $firstname);
+				print  "<TR><TD ALIGN=RIGHT>Last Name<TD>";
+				printf("<INPUT TYPE=TEXT NAME=lname VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+					   $lastname);
+				print  "<TR><TD ALIGN=RIGHT>Member ID<TD>$id";
+				printf("<INPUT TYPE=HIDDEN NAME=id VALUE=\"%d\"></TR>\n", $id);
+				printf("<TR><TD ALIGN=RIGHT>Nickname<TD>");
+				printf("<INPUT TYPE=TEXT NAME=nick VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+					   $nickname);
+				print  "<TR><TD ALIGN=RIGHT>Password<TD>";
+				printf("<INPUT TYPE=PASSWORD NAME=pwd1 VALUE=\"%s\" SIZE=\"50%\">", $pin);
+				printf("<INPUT TYPE=HIDDEN NAME=passwd VALUE=\"%s\"</TR>\n", $pin);
+				print  "<TR><TD ALIGN=RIGHT>And Again<TD>";
+				printf("<INPUT TYPE=PASSWORD NAME=pwd2 VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+					   $pin);
+				print  "<TR><TD ALIGN=RIGHT>Age<TD>";
+				printf("<INPUT TYPE=TEXT NAME=age VALUE=\"%d\" SIZE=\"50%\"></TR>\n",
+					   $age);
+				print  "<TR><TD ALIGN=RIGHT>Phone 1<TD>";
+				printf("<INPUT TYPE=TEXT NAME=phone1 VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+					   $phone1);
+				print  "<TR><TD ALIGN=RIGHT>Public number<TD>";
+				printf("<INPUT TYPE=CHECKBOX NAME=ph1_pub %s SIZE=\"50%\"></TR>\n",
+					   (($ph1_pub eq "0") ? '' : 'CHECKED'));
+				print  "<TR><TD ALIGN=RIGHT>Phone 2<TD>";
+				printf("<INPUT TYPE=TEXT NAME=phone2 VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+				    $phone2);
+				print  "<TR><TD ALIGN=RIGHT>Public number<TD>";
+				printf("<INPUT TYPE=CHECKBOX NAME=ph2_pub %s SIZE=\"50%\"></TR>\n",
+					   (($ph2_pub eq "0") ? '' : 'CHECKED'));
+				print  "<TR><TD ALIGN=RIGHT>Email<TD>";
+				printf("<INPUT TYPE=TEXT NAME=email VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+				    $email);
+				print  "<TR><TD ALIGN=RIGHT>Public Email<TD>";
+				printf("<INPUT TYPE=CHECKBOX NAME=email_pub %s SIZE=\"50%\"></TR>\n",
+					   (($email_pub eq "0") ? '' : 'CHECKED'));
+				print  "<TR><TD ALIGN=RIGHT>Address 1<TD>";
+				printf("<INPUT TYPE=TEXT NAME=addy1 VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+				    $address1);
+				print  "<TR><TD ALIGN=RIGHT>Address 2<TD>";
+				printf("<INPUT TYPE=TEXT NAME=addy2 VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+				    $address2);
+				print  "<TR><TD ALIGN=RIGHT>Address 3<TD>";
+				printf("<INPUT TYPE=TEXT NAME=addy3 VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+				    $address3);
+				print  "<TR><TD ALIGN=RIGHT>Public Address<TD>";
+				printf("<INPUT TYPE=CHECKBOX NAME=addy_pub %s SIZE=\"50%\"></TR>\n",
+					   (($addy_pub eq "0") ? '' : 'CHECKED'));
+				print  "<TR><TD ALIGN=RIGHT>Comments<TD>";
+				printf("<INPUT TYPE=TEXT NAME=comments VALUE=\"%s\" SIZE=\"50%\"></TR>\n",
+				    $comments);
+				printf("<TR><TD ALIGN=RIGHT>Joined on<TD>@array[13]</TR>\n", $joined);
+				printf("<TR><TD ALIGN=RIGHT>Last Membership paid<TD>%s</TR>\n", $lstmemfee);
+				printf("<TR><TD ALIGN=RIGHT>Last Membership date<TD>%s</TR>\n", $lstpddate);
+				print  "</TABLE>\n";
+				print  "<INPUT TYPE=HIDDEN NAME=\"type\" VALUE=\"adjust\">\n";
+				print  "<INPUT TYPE=SUBMIT VALUE=\"Update information\"><P>\n";
+				print  "Or <A HREF=\"/scs/games/edit.html\">Go back to the Edit page</A>\n";
+				print  "<P>";
+			}
+		} else {
+# Couldn't find the member ID given
+			print "No such member ID $id<P>\n";
+			print "<A HREF=\"/scs/games/edit.html\">Try again</A>\n";
+		}
+# Close down DB stuff
+		$sth->finish || bad_exit($sth->errstr);
+		$dbh->disconnect || bad_exit($sth->errstr);
+# We are doing an adjust
+} elsif ($type eq "adjust") {
+# Connect to the Database
+		$dbh = DBI->connect("dbi:Pg:dbname=$dbname", $user, $passwd) || bad_exit($sth->errstr);
+# Prepare the select statement
+		$sth = $dbh->prepare("SELECT * FROM members WHERE memberid = $id") || bad_exit($sth->errstr);
+# Execute it
+		$numrows = $sth->execute || bad_exit($sth->errstr);
+# Get one row. Only one.. if there is more than one, bad things have happened :)
+		if (@array = $sth->fetchrow_array) {
+# Check their password
+			if (&dtrail(@array[4]) ne &dtrail($input{'passwd'})) {
+				print "Bad password for Member ID $id<P>\n";
+				print "Please report this error to <A HREF=\"mailto:darius\@dons.net.au\">\n";
+				print "the administrator</A><P>\n";
+				print "<A HREF=\"/scs/games/edit.html\">Try again</A>\n";
+			} else {
+				$fname		= san_str($input{'fname'});
+				$lname		= san_str($input{'lname'});
+				$nick		= san_str($input{'nick'});
+				$pwd1		= san_str($input{'pwd1'});
+				$pwd2		= san_str($input{'pwd2'});
+				$age		= san_num($input{'age'});
+				$phone1		= san_str($input{'phone1'});
+				$ph1_pub	= (san_str($input{'ph1_pub'}) eq 'on') ? 't' : 'f';
+				$phone2		= san_str($input{'phone2'});
+				$ph2_pub	= (san_str($input{'ph2_pub'}) eq 'on') ? 't' : 'f';
+				$email		= san_str($input{'email'});
+				$email_pub	= (san_str($input{'email_pub'}) eq 'on') ? 't' : 'f';
+				$address1	= san_str($input{'addy1'});
+				$address2	= san_str($input{'addy2'});
+				$address3	= san_str($input{'addy3'});
+				$addy_pub	= (san_str($input{'addy_pub'}) eq 'on') ? 't' : 'f';
+				$comments	= san_str($input{'comments'});
+				if ($pwd1 ne $pwd2) {
+					print "New password mismatch\n";
+					print "<A HREF=\"/scs/games/edit.html\">Try again</A>\n";
+				} else {
+					$dbh->do("UPDATE members SET firstname=\'$fname\', lastname=\'$lname\', nickname=\'$nick\', pin=\'$pwd1\', age=\'$age\', phone1=\'$phone1\', ph1_pub=\'$ph1_pub', phone2=\'$phone2\', ph2_pub=\'$ph2_pub\', email=\'$email\', email_pub=\'$email_pub\', address1=\'$address1\',  address2=\'$address2\', address3=\'$address3\', addy_pub=\'$addy_pub\', comments=\'$comments\' WHERE memberid=$id;") || bad_exit($sth->errstr);
+					print "Update finished!<P>\n";
+					print "Go back to the <A HREF=\"/games/scs/edit.html\">Edit Page</A>";
+				}
+			}
+		} else {
+# Couldn't find the member ID given
+			print "No such member ID $id<P>\n";
+			print "<A HREF=\"/scs/games/edit.html\">Try again</A>\n";
+		}
+# Close down DB stuff
+		$sth->finish || bad_exit($sth->errstr);
+		$dbh->disconnect || bad_exit($sth->errstr);
+# Something weird happened here
+} else {
+		print "Unsupported action!<P>\n";
+		print "Please email <A HREF=\"mailto:darius\@dons.net.au\">The Administrator</A> and<BR>\n";
+		print "give a problem report. Thanks!<P>";
+}
+print &HtmlBot;
+}
+sub bad_exit
+{
+print "<H2>An internal error has occurred</H2><BR>";
+print "Please mail <A HREF=\"mailto:darius\@dons.net.au\">The Administrator</A> and\n";
+print "say the following error occured - $_[0]<P>";
+	print "<A HREF=\"/scs/games/edit.html\">Back to the Edit Page</A>\n";
+print &HtmlBot;
+exit(0);
+}
+sub dtrail
+{
+$_[0] =~ s/(\ *)$//g;
+return $_[0];
+}
+sub san_str
+{
+	$_[0] =~ s/\\/\\\\/g;
+$_[0] =~ s/'/\\'/g;
+	$_[0] =~ s/"/\\"/g;
+return $_[0];
+}
+sub san_num
+{
+#    $_[0] =~ s/'/\\'/g;
+return $_[0];
+}

Mercurial > ~darius > hgwebdir.cgi > SCS_DB

comparison edit.pl @ 1:d95e74cd12f4 RELENG_1_0