ASNMTAP
view release on metacpan or search on metacpan
applications/htmlroot/cgi-bin/admin/users.pl view on Meta::CPAN
my $debug = (defined $cgi->param('debug')) ? $cgi->param('debug') : 'F';
my $pageNo = (defined $cgi->param('pageNo')) ? $cgi->param('pageNo') : 1;
my $pageOffset = (defined $cgi->param('pageOffset')) ? $cgi->param('pageOffset') : 0;
my $orderBy = (defined $cgi->param('orderBy')) ? $cgi->param('orderBy') : 'remoteUser';
my $action = (defined $cgi->param('action')) ? $cgi->param('action') : 'listView';
my $CcatalogID = (defined $cgi->param('catalogID')) ? $cgi->param('catalogID') : $CATALOGID;
my $CcatalogIDreload = (defined $cgi->param('catalogIDreload')) ? $cgi->param('catalogIDreload') : 0;
my $CremoteUser = (defined $cgi->param('remoteUser')) ? $cgi->param('remoteUser') : '';
my $CremoteAddr = (defined $cgi->param('remoteAddr')) ? $cgi->param('remoteAddr') : '';
my $CremoteNetmask = (defined $cgi->param('remoteNetmask')) ? $cgi->param('remoteNetmask') : '';
my $CgivenName = (defined $cgi->param('givenName')) ? $cgi->param('givenName') : '';
my $CfamilyName = (defined $cgi->param('familyName')) ? $cgi->param('familyName') : '';
my $Cemail = (defined $cgi->param('email')) ? $cgi->param('email') : '';
my $CdowntimeScheduling = (defined $cgi->param('downtimeScheduling')) ? $cgi->param('downtimeScheduling') : 'off';
my $CgeneratedReports = (defined $cgi->param('generatedReports')) ? $cgi->param('generatedReports') : 'off';
my $Cpassword = (defined $cgi->param('password')) ? $cgi->param('password') : '';
my $CuserType = (defined $cgi->param('userType')) ? $cgi->param('userType') : 0;
my @Cpagedir = $cgi->param('pagedirs');
my $CkeyLanguage = (defined $cgi->param('keyLanguage')) ? $cgi->param('keyLanguage') : 'none';
my $Cactivated = (defined $cgi->param('activated')) ? $cgi->param('activated') : 'off';
my $Cpagedir = (@Cpagedir) ? '/'. join ('/', @Cpagedir) .'/' : '';
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
my $htmlTitle = $APPLICATION;
# Init parameters
my ($rv, $dbh, $sth, $sql, $header, $numberRecordsIntoQuery, $nextAction, $formDisabledAll, $formDisabledRemoteUser, $submitButton, $givenName, $familyName, $password);
# User Session and Access Control
my ($sessionID, $iconAdd, $iconDelete, $iconDetails, $iconEdit, $iconQuery, $iconTable, $errorUserAccessControl, undef, undef, undef, undef, undef, undef, undef, $userType, undef, undef, undef, undef, $subTitle) = user_session_and_access_control (1, ...
# Serialize the URL Access Parameters into a string
my $urlAccessParameters = "pagedir=$pagedir&pageset=$pageset&debug=$debug&CGISESSID=$sessionID&pageNo=$pageNo&pageOffset=$pageOffset&orderBy=$orderBy&action=$action&catalogID=$CcatalogID&catalogIDreload=$CcatalogIDreload&remoteUser=$CremoteUser&remot...
# Debug information
print "<pre>pagedir : $pagedir<br>pageset : $pageset<br>debug : $debug<br>CGISESSID : $sessionID<br>page no : $pageNo<br>page offset : $pageOffset<br>order by : $orderBy<br>actio...
if ( defined $sessionID and ! defined $errorUserAccessControl ) {
my ($catalogIDSelect, $keyLanguageSelect, $pagedirsSelect, $matchingUsers, $navigationBar);
my $urlWithAccessParameters = $ENV{SCRIPT_NAME} . "?pagedir=$pagedir&pageset=$pageset&debug=$debug&CGISESSID=$sessionID&pageNo=$pageNo&pageOffset=$pageOffset&catalogID=$CcatalogID";
# open connection to database and query data
$rv = 1;
$dbh = DBI->connect("dbi:mysql:$DATABASE:$SERVERNAMEREADWRITE:$SERVERPORTREADWRITE", "$SERVERUSERREADWRITE", "$SERVERPASSREADWRITE" ) or $rv = error_trap_DBI(*STDOUT, "Cannot connect to the database", $debug, $pagedir, $pageset, $htmlTitle, $subTit...
if ($dbh and $rv) {
$formDisabledAll = $formDisabledRemoteUser = '';
if ($action eq 'duplicateView' or $action eq 'insertView') {
$htmlTitle = "Insert User";
$submitButton = "Insert";
$nextAction = "insert" if ($rv);
$CcatalogID = $CATALOGID if ($action eq 'insertView');
} elsif ($action eq 'insert') {
$htmlTitle = "Check if User $CremoteUser from $CcatalogID exist before to insert";
$sql = "select remoteUser from $SERVERTABLUSERS WHERE catalogID='$CcatalogID' and remoteUser='$CremoteUser'";
($rv, $numberRecordsIntoQuery) = do_action_DBI ($rv, $dbh, $sql, $pagedir, $pageset, $htmlTitle, $subTitle, $sessionID, $debug);
if ( $numberRecordsIntoQuery ) {
$htmlTitle = "User $CremoteUser from $CcatalogID exist already";
$nextAction = "insertView";
} else {
$htmlTitle = "User $CremoteUser from $CcatalogID inserted";
my $dummyDowntimeScheduling = ($CdowntimeScheduling eq 'on') ? 1 : 0;
my $dummyGeneratedReports = ($CgeneratedReports eq 'on') ? 1 : 0;
my $dummyActivated = ($Cactivated eq 'on') ? 1 : 0;
$Cpassword = '' if ($Cpassword eq "***************");
$sql = 'INSERT INTO ' .$SERVERTABLUSERS. ' SET catalogID="' .$CcatalogID. '", remoteUser="' .$CremoteUser. '", remoteAddr="' .$CremoteAddr. '", remoteNetmask="' .$CremoteNetmask. '", givenName="' .$CgivenName. '", familyName="' .$CfamilyName....
$dbh->do ( $sql ) or $rv = error_trap_DBI(*STDOUT, "Cannot dbh->do: $sql", $debug, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', $sessionID);
$nextAction = "listView" if ($rv);
}
} elsif ($action eq 'deleteView') {
$formDisabledRemoteUser = $formDisabledAll = 'disabled';
$htmlTitle = "Delete user $CremoteUser from $CcatalogID";
$submitButton = "Delete";
$nextAction = "delete" if ($rv);
} elsif ($action eq 'delete') {
$sql = "select remoteUser, title from $SERVERTABLCOMMENTS where catalogID = '$CcatalogID' and remoteUser = '$CremoteUser' order by title, remoteUser";
($rv, $matchingUsers) = check_record_exist ($rv, $dbh, $sql, 'Comments from ' .$CcatalogID, 'Remote User', 'Title', '', $pagedir, $pageset, $htmlTitle, $subTitle, $sessionID, $debug);
if ($matchingUsers eq '') {
$htmlTitle = "User $CremoteUser from $CcatalogID deleted";
$sql = 'DELETE FROM ' .$SERVERTABLUSERS. ' WHERE catalogID="' .$CcatalogID. '" and remoteUser="' .$CremoteUser. '"';
$dbh->do ( $sql ) or $rv = error_trap_DBI(*STDOUT, "Cannot dbh->do: $sql", $debug, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', $sessionID);
$nextAction = "listView" if ($rv);
} else {
$htmlTitle = "User $CremoteUser from $CcatalogID not deleted, still used by";
}
} elsif ($action eq 'displayView') {
$formDisabledRemoteUser = $formDisabledAll = 'disabled';
$htmlTitle = "Display user $CremoteUser from $CcatalogID";
$nextAction = "listView" if ($rv);
} elsif ($action eq 'editView') {
$formDisabledRemoteUser = 'disabled';
$htmlTitle = "Edit user $CremoteUser from $CcatalogID";
$submitButton = "Edit";
$nextAction = "edit" if ($rv);
} elsif ($action eq 'edit') {
$htmlTitle = "User $CremoteUser from $CcatalogID updated";
my $dummyDowntimeScheduling = ($CdowntimeScheduling eq 'on') ? 1 : 0;
my $dummyGeneratedReports = ($CgeneratedReports eq 'on') ? 1 : 0;
my $dummyActivated = ($Cactivated eq 'on') ? 1 : 0;
my $dummyPassword = ($Cpassword eq "***************") ? '' : ', password="' .$Cpassword. '"';
$sql = 'UPDATE ' .$SERVERTABLUSERS. ' SET catalogID="' .$CcatalogID. '", remoteUser="' .$CremoteUser. '", remoteAddr="' .$CremoteAddr. '", remoteNetmask="' .$CremoteNetmask. '", givenName="' .$CgivenName. '", familyName="' .$CfamilyName. '", em...
$dbh->do ( $sql ) or $rv = error_trap_DBI(*STDOUT, "Cannot dbh->do: $sql", $debug, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', $sessionID);
$nextAction = "listView" if ($rv);
} elsif ($action eq 'listView') {
$htmlTitle = "All users listed";
if ( $CcatalogIDreload ) {
$pageNo = 1;
$pageOffset = 0;
}
$sql = "select catalogID, catalogName from $SERVERTABLCATALOG where not catalogID = '$CATALOGID' and activated = '1' order by catalogName asc";
($rv, $catalogIDSelect, undef) = create_combobox_from_DBI ($rv, $dbh, $sql, 1, '', $CcatalogID, 'catalogID', $CATALOGID, '-Parent-', '', 'onChange="javascript:submitForm();"', $pagedir, $pageset, $htmlTitle, $subTitle, $sessionID, $debug);
$sql = "select SQL_NO_CACHE count(remoteUser) from $SERVERTABLUSERS where catalogID = '$CcatalogID'";
($rv, $numberRecordsIntoQuery) = do_action_DBI ($rv, $dbh, $sql, $pagedir, $pageset, $htmlTitle, $subTitle, $sessionID, $debug);
$navigationBar = record_navigation_bar ($pageNo, $numberRecordsIntoQuery, $RECORDSONPAGE, $ENV{SCRIPT_NAME} . "?pagedir=$pagedir&pageset=$pageset&debug=$debug&CGISESSID=$sessionID&action=listView&catalogID=$CcatalogID&or...
$navigationBar .= record_navigation_bar_alpha ($rv, $dbh, $SERVERTABLUSERS, 'remoteUser', "catalogID = '$CcatalogID'", $numberRecordsIntoQuery, $RECORDSONPAGE, $ENV{SCRIPT_NAME} . "?pagedir=$pagedir&pageset=$pageset&debug=$debug&CGI...
$sql = "select catalogID, remoteUser, givenName, familyName, userType, activated from $SERVERTABLUSERS where catalogID = '$CcatalogID' and userType <= $userType order by $orderBy limit $pageOffset, $RECORDSONPAGE";
$header = "<th><a href=\"$urlWithAccessParameters&action=listView&orderBy=catalogID desc, remoteuser asc\"><IMG SRC=\"$IMAGESURL/$ICONSRECORD{up}\" ALT=\"Up\" BORDER=0></a> Catalog ID <a href=\"$urlWithAccessParameters&action=listVi...
$header .= "<th><a href=\"$urlWithAccessParameters&action=listView&orderBy=givenName desc, familyName asc\"><IMG SRC=\"$IMAGESURL/$ICONSRECORD{up}\" ALT=\"Up\" BORDER=0></a> Given Name <a href=\"$urlWithAccessParameters&action=listV...
($rv, $matchingUsers, $nextAction) = record_navigation_table ($rv, $dbh, $sql, 'User', 'catalogID|remoteUser', '0|1', '', '4#0=>Guest|1=>Member|2=>Moderator|4=>Administrator|8=>Server Administrator', '', $orderBy, $header, $navigationBar, $icon...
}
if ($action eq 'deleteView' or $action eq 'displayView' or $action eq 'duplicateView' or $action eq 'editView') {
$sql = "select catalogID, remoteUser, remoteAddr, remoteNetmask, givenName, familyName, email, downtimeScheduling, generatedReports, password, userType, pagedir, activated, keyLanguage from $SERVERTABLUSERS where catalogID = '$CcatalogID' and r...
$sth = $dbh->prepare( $sql ) or $rv = error_trap_DBI(*STDOUT, "Cannot dbh->prepare: $sql", $debug, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', $sessionID);
$sth->execute() or $rv = error_trap_DBI(*STDOUT, "Cannot sth->execute: $sql", $debug, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', $sessionID) if $rv;
if ( $rv ) {
($CcatalogID, $CremoteUser, $CremoteAddr, $CremoteNetmask, $CgivenName, $CfamilyName, $Cemail, $CdowntimeScheduling, $CgeneratedReports, $Cpassword, $CuserType, $Cpagedir, $Cactivated, $CkeyLanguage) = $sth->fetchrow_array() or $rv = error_tr...
$CcatalogID = $CATALOGID if ($action eq 'duplicateView');
$CdowntimeScheduling = ($CdowntimeScheduling == 1) ? 'on' : 'off';
$CgeneratedReports = ($CgeneratedReports == 1) ? 'on' : 'off';
$Cactivated = ($Cactivated == 1) ? 'on' : 'off';
$Cpassword = '***************' if ($Cpassword ne '');
$sth->finish() or $rv = error_trap_DBI(*STDOUT, "Cannot sth->finish: $sql", $debug, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', $sessionID);
}
}
if ($action eq 'deleteView' or $action eq 'displayView' or $action eq 'duplicateView' or $action eq 'editView' or $action eq 'insertView') {
$sql = "select keyLanguage, languageName from $SERVERTABLLANGUAGE where languageActive = '1' order by languageName";
($rv, $keyLanguageSelect, undef) = create_combobox_from_DBI ($rv, $dbh, $sql, 1, '', $CkeyLanguage, 'keyLanguage', 'none', '-Select-', $formDisabledAll, '', $pagedir, $pageset, $htmlTitle, $subTitle, $sessionID, $debug);
$sql = "select pagedir, groupName from $SERVERTABLPAGEDIRS where catalogID = '$CcatalogID' order by groupName";
($rv, $pagedirsSelect) = create_combobox_multiple_from_DBI ($rv, $dbh, $sql, $action, $Cpagedir, 'pagedirs', 'Pagedirs missing.', 10, 100, $formDisabledAll, '', $pagedir, $pageset, $htmlTitle, $subTitle, $sessionID, $debug);
}
$dbh->disconnect or $rv = error_trap_DBI(*STDOUT, "Sorry, the database was unable to add your entry.", $debug, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', $sessionID);
}
if ( $rv ) {
# HTML - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if ($action eq 'duplicateView' or $action eq 'editView' or $action eq 'insertView') {
print_header (*STDOUT, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', 'F', "<script type=\"text/javascript\" language=\"JavaScript\" src=\"$HTTPSURL/md5.js\"></script>", $sessionID);
print <<HTML;
<script language="JavaScript1.2" type="text/javascript">
function validateForm() {
// xxx.[xxx.[xxx.[xxx]]]
var objectRegularExpressionIpAddrFormat = /\^(\\d{1,3}\\.){1}\$|\^(\\d{1,3}\\.){2}\$|\^(\\d{1,3}\\.){3}\$|\^(\\d{1,3}\\.){3}\\d{1,3}\$/;
var objectRegularExpressionIpAddrValue = /\^(\?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\$/;
var objectRegularExpressionIpAddrValue = /\^(\?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){1}\$|\^(\?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){2}\$|\^(\?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}\$|\^(\?:(?:25[0-5]|2[0-4][0-9]|[01]?...
// xxx.xxx.xxx.xxx
var objectRegularExpressionNetmaskFormat = /\^\\d{2}\$/;
var objectRegularExpressionNetmaskValue = /\^(\?:(?:0[1-9]|3[0-2]|[12]?[0-9]?)){1}\$/;
// x\@y.z minimal
var objectRegularExpressionEmailFormat = /\^[\\w-_\\.]\+\\@[\\w-_]\+(\\.[\\w-_]\+)\+\$/;
var objectRegularExpressionRemoteUserValue = /\^[a-zA-Z0-9-]\+\$/;
// The password must contain at least 1 number, at least 1 lower case letter, and at least 1 upper case letter.
var objectRegularExpressionPasswordFormat = /\^[\\w|\\W]*(?=[\\w|\\W]*\\d)(?=[\\w|\\W]*[a-z])(?=[\\w|\\W]\*[A-Z])[\\w|\\W]*\$/;
HTML
if ($action eq 'duplicateView' or $action eq 'insertView') {
print <<HTML;
if ( document.users.remoteUser.value == null || document.users.remoteUser.value == '' ) {
document.users.remoteUser.focus();
alert('Please enter a remote user!');
return false;
} else {
if ( ! objectRegularExpressionRemoteUserValue.test(document.users.remoteUser.value) ) {
document.users.remoteUser.focus();
alert('Please re-enter remote user: Bad remote user value!');
return false;
}
}
HTML
}
print <<HTML;
if ( document.users.remoteAddr.value != null && document.users.remoteAddr.value != '' ) {
if ( ! objectRegularExpressionIpAddrFormat.test(document.users.remoteAddr.value) ) {
document.users.remoteAddr.focus();
alert('Please re-enter remote address: Bad ip address format!');
return false;
}
if ( ! objectRegularExpressionIpAddrValue.test(document.users.remoteAddr.value) ) {
document.users.remoteAddr.focus();
applications/htmlroot/cgi-bin/admin/users.pl view on Meta::CPAN
alert('Please enter a surname!');
return false;
}
if ( document.users.familyName.value == null || document.users.familyName.value == '' ) {
document.users.familyName.focus();
alert('Please enter a surname!');
return false;
}
if ( document.users.email.value == null || document.users.email.value == '' ) {
document.users.email.focus();
alert('Please enter a email address!');
return false;
} else {
if ( ! objectRegularExpressionEmailFormat.test(document.users.email.value) ) {
document.users.email.focus();
alert('Please re-enter email address: Bad email format!');
return false;
}
}
if ( document.users.password1.value != '***************' ) {
if ( document.users.password1.value == null || document.users.password1.value == '' ) {
document.users.password1.focus();
alert('Please enter a password!');
return false;
} else {
if ( ! objectRegularExpressionPasswordFormat.test(document.users.password1.value) ) {
document.users.password1.focus();
alert('Please re-enter password: Bad password format!');
return false;
}
}
}
if ( document.users.password2.value != '***************' ) {
if ( document.users.password2.value == null || document.users.password2.value == '' ) {
document.users.password2.focus();
alert('Please enter a password!');
return false;
} else {
if ( ! objectRegularExpressionPasswordFormat.test(document.users.password2.value) ) {
document.users.password2.focus();
alert('Please re-enter password: Bad password format!');
return false;
}
}
}
if ( document.users.password1.value != '***************' || document.users.password2.value != '***************' ) {
if ( document.users.password1.value != document.users.password2.value ) {
document.users.password1.focus();
alert('Please re-enter passwords: Passwords are not equal!');
return false;
} else {
document.users.password.value = hex_md5(document.users.password1.value);
}
}
if ( document.users.pagedirs.selectedIndex == -1 ) {
document.users.pagedirs.focus();
alert('Please create/select one or more view pagedirs!');
return false;
}
if ( document.users.keyLanguage.value == null || document.users.keyLanguage.value == 'none' ) {
document.users.keyLanguage.focus();
alert('Please create/select a language!');
return false;
}
return true;
}
</script>
<form action="$ENV{SCRIPT_NAME}" method="post" name="users" onSubmit="return validateForm();">
HTML
} elsif ($action eq 'listView') {
print_header (*STDOUT, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', 'F', '', $sessionID);
print <<HTML;
<script language="JavaScript1.2" type="text/javascript">
function submitForm() {
document.users.catalogIDreload.value = 1;
document.users.submit();
return true;
}
</script>
<form action="$ENV{SCRIPT_NAME}" method="post" name="users">
HTML
} elsif ($action eq 'deleteView') {
print_header (*STDOUT, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', 'F', '', $sessionID);
print "<form action=\"" . $ENV{SCRIPT_NAME} . "\" method=\"post\" name=\"users\">\n";
$pageNo = 1; $pageOffset = 0;
} else {
print_header (*STDOUT, $pagedir, $pageset, $htmlTitle, $subTitle, 3600, '', 'F', '', $sessionID);
}
if ($action eq 'deleteView' or $action eq 'duplicateView' or $action eq 'editView' or $action eq 'insertView' or $action eq 'listView') {
print <<HTML;
<input type="hidden" name="pagedir" value="$pagedir">
<input type="hidden" name="pageset" value="$pageset">
<input type="hidden" name="debug" value="$debug">
<input type="hidden" name="CGISESSID" value="$sessionID">
<input type="hidden" name="pageNo" value="$pageNo">
<input type="hidden" name="pageOffset" value="$pageOffset">
<input type="hidden" name="action" value="$nextAction">
<input type="hidden" name="orderBy" value="$orderBy">
<input type="hidden" name="password" value="$Cpassword">
<input type="hidden" name="catalogIDreload" value="0">
HTML
} else {
print "<br>\n";
}
print " <input type=\"hidden\" name=\"catalogID\" value=\"$CcatalogID\">\n <input type=\"hidden\" name=\"remoteUser\" value=\"$CremoteUser\">\n" if ($formDisabledRemoteUser ne '' and $action ne 'displayView');
print <<HTML;
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr align="center"><td>
<table border="0" cellspacing="0" cellpadding="0"><tr>
HTML
if ( $iconAdd ) {
print <<HTML;
<td class="StatusItem"><a href="$urlWithAccessParameters&action=insertView&orderBy=$orderBy">[Insert user]</a></td>
<td class="StatusItem"> </td>
( run in 0.781 second using v1.01-cache-2.11-cpan-39bf76dae61 )