Mercurial > ~darius > hgwebdir.cgi > SCS_DB
comparison edit.pl @ 1:d95e74cd12f4 RELENG_1_0
Initial commit
author | darius |
---|---|
date | Wed, 06 May 1998 14:33:31 +0000 (1998-05-06) |
parents | |
children |
comparison
equal
deleted
inserted
replaced
0:019f8230ae37 | 1:d95e74cd12f4 |
---|---|
1 #!/usr/local/bin/perl | |
2 | |
3 require "cgi-lib.pl"; | |
4 use DBI; | |
5 | |
6 $user = ""; | |
7 $passwd = ""; | |
8 $dbname = "scs"; | |
9 | |
10 MAIN: | |
11 { | |
12 # Read in all the variables set by the form | |
13 &ReadParse(*input); | |
14 | |
15 print &PrintHeader; | |
16 print "<BODY BGCOLOR=\"#00000\" TEXT=\"#CCCCCC\" LINK=\"#00EE20\" VLINK=\"#55FF8B\" ALINK=\"#FFFF00\">"; | |
17 print "<META HTTP-EQUIV=\"Pragma\" content=\"no-cache\">\n"; | |
18 print "<TITLE>Edit the SCS Database</TITLE>"; | |
19 print "<H2>Edit the SCS Database</H2>"; | |
20 | |
21 # print &HtmlTop ("Edit the SCS Database"); | |
22 | |
23 $id = $input{'id'}; | |
24 $type = $input{'type'}; | |
25 | |
26 # Is this a query? | |
27 if ($type eq "edit") { | |
28 | |
29 # Connect to the Database | |
30 $dbh = DBI->connect("dbi:Pg:dbname=$dbname", $user, $passwd) || bad_exit($sth->errstr); | |
31 | |
32 # Prepare the select statement | |
33 $sth = $dbh->prepare("SELECT * FROM members WHERE memberid = $id") || bad_exit($sth->errstr); | |
34 | |
35 # Execute it | |
36 $numrows = $sth->execute || bad_exit($sth->errstr); | |
37 | |
38 # Get one row. Only one.. if there is more than one, bad things have happened :) | |
39 if (@array = $sth->fetchrow_array) { | |
40 | |
41 # Check their password | |
42 if (&dtrail(@array[4]) ne &dtrail($input{'passwd'})) { | |
43 print "Bad password for Member ID $id<P>\n"; | |
44 print "<A HREF=\"/scs/games/edit.html\">Try again</A>\n"; | |
45 } else { | |
46 # Print out a form which allows the user to change fields | |
47 $memberid = dtrail(@array[0]); | |
48 $firstname = dtrail(@array[1]); | |
49 $lastname = dtrail(@array[2]); | |
50 $nickname = dtrail(@array[3]); | |
51 $pin = dtrail(@array[4]); | |
52 $age = dtrail(@array[5]); | |
53 $phone1 = dtrail(@array[6]); | |
54 $ph1_pub = dtrail(@array[7]); | |
55 $phone2 = dtrail(@array[8]); | |
56 $ph2_pub = dtrail(@array[9]); | |
57 $email = dtrail(@array[10]); | |
58 $email_pub = dtrail(@array[11]); | |
59 $address1 = dtrail(@array[12]); | |
60 $address2 = dtrail(@array[13]); | |
61 $address3 = dtrail(@array[14]); | |
62 $addy_pub = dtrail(@array[15]); | |
63 $comments = dtrail(@array[16]); | |
64 $joined = dtrail(@array[17]); | |
65 $lstmemfee = dtrail(@array[18]); | |
66 $lstpddate = dtrail(@array[19]); | |
67 | |
68 print "<FORM METHOD=GET ACTION=\"/cgi-bin/scs/edit.pl\">\n"; | |
69 print "<TABLE WIDTH=\"100%\">\n"; | |
70 print "<TR><TD ALIGN=RIGHT>First Name<TD>"; | |
71 printf("<INPUT TYPE=TEXT NAME=fname VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
72 $firstname); | |
73 print "<TR><TD ALIGN=RIGHT>Last Name<TD>"; | |
74 printf("<INPUT TYPE=TEXT NAME=lname VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
75 $lastname); | |
76 print "<TR><TD ALIGN=RIGHT>Member ID<TD>$id"; | |
77 printf("<INPUT TYPE=HIDDEN NAME=id VALUE=\"%d\"></TR>\n", $id); | |
78 printf("<TR><TD ALIGN=RIGHT>Nickname<TD>"); | |
79 printf("<INPUT TYPE=TEXT NAME=nick VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
80 $nickname); | |
81 print "<TR><TD ALIGN=RIGHT>Password<TD>"; | |
82 printf("<INPUT TYPE=PASSWORD NAME=pwd1 VALUE=\"%s\" SIZE=\"50%\">", $pin); | |
83 printf("<INPUT TYPE=HIDDEN NAME=passwd VALUE=\"%s\"</TR>\n", $pin); | |
84 print "<TR><TD ALIGN=RIGHT>And Again<TD>"; | |
85 printf("<INPUT TYPE=PASSWORD NAME=pwd2 VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
86 $pin); | |
87 print "<TR><TD ALIGN=RIGHT>Age<TD>"; | |
88 printf("<INPUT TYPE=TEXT NAME=age VALUE=\"%d\" SIZE=\"50%\"></TR>\n", | |
89 $age); | |
90 print "<TR><TD ALIGN=RIGHT>Phone 1<TD>"; | |
91 printf("<INPUT TYPE=TEXT NAME=phone1 VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
92 $phone1); | |
93 print "<TR><TD ALIGN=RIGHT>Public number<TD>"; | |
94 printf("<INPUT TYPE=CHECKBOX NAME=ph1_pub %s SIZE=\"50%\"></TR>\n", | |
95 (($ph1_pub eq "0") ? '' : 'CHECKED')); | |
96 print "<TR><TD ALIGN=RIGHT>Phone 2<TD>"; | |
97 printf("<INPUT TYPE=TEXT NAME=phone2 VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
98 $phone2); | |
99 print "<TR><TD ALIGN=RIGHT>Public number<TD>"; | |
100 printf("<INPUT TYPE=CHECKBOX NAME=ph2_pub %s SIZE=\"50%\"></TR>\n", | |
101 (($ph2_pub eq "0") ? '' : 'CHECKED')); | |
102 print "<TR><TD ALIGN=RIGHT>Email<TD>"; | |
103 printf("<INPUT TYPE=TEXT NAME=email VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
104 $email); | |
105 print "<TR><TD ALIGN=RIGHT>Public Email<TD>"; | |
106 printf("<INPUT TYPE=CHECKBOX NAME=email_pub %s SIZE=\"50%\"></TR>\n", | |
107 (($email_pub eq "0") ? '' : 'CHECKED')); | |
108 print "<TR><TD ALIGN=RIGHT>Address 1<TD>"; | |
109 printf("<INPUT TYPE=TEXT NAME=addy1 VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
110 $address1); | |
111 print "<TR><TD ALIGN=RIGHT>Address 2<TD>"; | |
112 printf("<INPUT TYPE=TEXT NAME=addy2 VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
113 $address2); | |
114 print "<TR><TD ALIGN=RIGHT>Address 3<TD>"; | |
115 printf("<INPUT TYPE=TEXT NAME=addy3 VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
116 $address3); | |
117 print "<TR><TD ALIGN=RIGHT>Public Address<TD>"; | |
118 printf("<INPUT TYPE=CHECKBOX NAME=addy_pub %s SIZE=\"50%\"></TR>\n", | |
119 (($addy_pub eq "0") ? '' : 'CHECKED')); | |
120 print "<TR><TD ALIGN=RIGHT>Comments<TD>"; | |
121 printf("<INPUT TYPE=TEXT NAME=comments VALUE=\"%s\" SIZE=\"50%\"></TR>\n", | |
122 $comments); | |
123 printf("<TR><TD ALIGN=RIGHT>Joined on<TD>@array[13]</TR>\n", $joined); | |
124 printf("<TR><TD ALIGN=RIGHT>Last Membership paid<TD>%s</TR>\n", $lstmemfee); | |
125 printf("<TR><TD ALIGN=RIGHT>Last Membership date<TD>%s</TR>\n", $lstpddate); | |
126 print "</TABLE>\n"; | |
127 print "<INPUT TYPE=HIDDEN NAME=\"type\" VALUE=\"adjust\">\n"; | |
128 print "<INPUT TYPE=SUBMIT VALUE=\"Update information\"><P>\n"; | |
129 print "Or <A HREF=\"/scs/games/edit.html\">Go back to the Edit page</A>\n"; | |
130 print "<P>"; | |
131 } | |
132 } else { | |
133 # Couldn't find the member ID given | |
134 print "No such member ID $id<P>\n"; | |
135 print "<A HREF=\"/scs/games/edit.html\">Try again</A>\n"; | |
136 } | |
137 | |
138 # Close down DB stuff | |
139 $sth->finish || bad_exit($sth->errstr); | |
140 | |
141 $dbh->disconnect || bad_exit($sth->errstr); | |
142 | |
143 # We are doing an adjust | |
144 } elsif ($type eq "adjust") { | |
145 # Connect to the Database | |
146 $dbh = DBI->connect("dbi:Pg:dbname=$dbname", $user, $passwd) || bad_exit($sth->errstr); | |
147 | |
148 # Prepare the select statement | |
149 $sth = $dbh->prepare("SELECT * FROM members WHERE memberid = $id") || bad_exit($sth->errstr); | |
150 | |
151 # Execute it | |
152 $numrows = $sth->execute || bad_exit($sth->errstr); | |
153 | |
154 # Get one row. Only one.. if there is more than one, bad things have happened :) | |
155 if (@array = $sth->fetchrow_array) { | |
156 | |
157 # Check their password | |
158 if (&dtrail(@array[4]) ne &dtrail($input{'passwd'})) { | |
159 print "Bad password for Member ID $id<P>\n"; | |
160 print "Please report this error to <A HREF=\"mailto:darius\@dons.net.au\">\n"; | |
161 print "the administrator</A><P>\n"; | |
162 print "<A HREF=\"/scs/games/edit.html\">Try again</A>\n"; | |
163 } else { | |
164 $fname = san_str($input{'fname'}); | |
165 $lname = san_str($input{'lname'}); | |
166 $nick = san_str($input{'nick'}); | |
167 $pwd1 = san_str($input{'pwd1'}); | |
168 $pwd2 = san_str($input{'pwd2'}); | |
169 $age = san_num($input{'age'}); | |
170 $phone1 = san_str($input{'phone1'}); | |
171 $ph1_pub = (san_str($input{'ph1_pub'}) eq 'on') ? 't' : 'f'; | |
172 $phone2 = san_str($input{'phone2'}); | |
173 $ph2_pub = (san_str($input{'ph2_pub'}) eq 'on') ? 't' : 'f'; | |
174 $email = san_str($input{'email'}); | |
175 $email_pub = (san_str($input{'email_pub'}) eq 'on') ? 't' : 'f'; | |
176 $address1 = san_str($input{'addy1'}); | |
177 $address2 = san_str($input{'addy2'}); | |
178 $address3 = san_str($input{'addy3'}); | |
179 $addy_pub = (san_str($input{'addy_pub'}) eq 'on') ? 't' : 'f'; | |
180 $comments = san_str($input{'comments'}); | |
181 | |
182 if ($pwd1 ne $pwd2) { | |
183 print "New password mismatch\n"; | |
184 print "<A HREF=\"/scs/games/edit.html\">Try again</A>\n"; | |
185 } else { | |
186 $dbh->do("UPDATE members SET firstname=\'$fname\', lastname=\'$lname\', nickname=\'$nick\', pin=\'$pwd1\', age=\'$age\', phone1=\'$phone1\', ph1_pub=\'$ph1_pub', phone2=\'$phone2\', ph2_pub=\'$ph2_pub\', email=\'$email\', email_pub=\'$email_pub\', address1=\'$address1\', address2=\'$address2\', address3=\'$address3\', addy_pub=\'$addy_pub\', comments=\'$comments\' WHERE memberid=$id;") || bad_exit($sth->errstr); | |
187 print "Update finished!<P>\n"; | |
188 print "Go back to the <A HREF=\"/games/scs/edit.html\">Edit Page</A>"; | |
189 } | |
190 } | |
191 } else { | |
192 # Couldn't find the member ID given | |
193 print "No such member ID $id<P>\n"; | |
194 print "<A HREF=\"/scs/games/edit.html\">Try again</A>\n"; | |
195 } | |
196 | |
197 # Close down DB stuff | |
198 $sth->finish || bad_exit($sth->errstr); | |
199 | |
200 $dbh->disconnect || bad_exit($sth->errstr); | |
201 | |
202 # Something weird happened here | |
203 } else { | |
204 print "Unsupported action!<P>\n"; | |
205 print "Please email <A HREF=\"mailto:darius\@dons.net.au\">The Administrator</A> and<BR>\n"; | |
206 print "give a problem report. Thanks!<P>"; | |
207 } | |
208 | |
209 print &HtmlBot; | |
210 } | |
211 | |
212 sub bad_exit | |
213 { | |
214 print "<H2>An internal error has occurred</H2><BR>"; | |
215 print "Please mail <A HREF=\"mailto:darius\@dons.net.au\">The Administrator</A> and\n"; | |
216 print "say the following error occured - $_[0]<P>"; | |
217 print "<A HREF=\"/scs/games/edit.html\">Back to the Edit Page</A>\n"; | |
218 | |
219 print &HtmlBot; | |
220 | |
221 exit(0); | |
222 } | |
223 | |
224 sub dtrail | |
225 { | |
226 $_[0] =~ s/(\ *)$//g; | |
227 return $_[0]; | |
228 } | |
229 | |
230 sub san_str | |
231 { | |
232 $_[0] =~ s/\\/\\\\/g; | |
233 $_[0] =~ s/'/\\'/g; | |
234 $_[0] =~ s/"/\\"/g; | |
235 return $_[0]; | |
236 } | |
237 | |
238 sub san_num | |
239 { | |
240 # $_[0] =~ s/'/\\'/g; | |
241 return $_[0]; | |
242 } |