On 6/15/06, Chico <[EMAIL PROTECTED]> wrote:
#create the variable to make the connection to the SQL
server, so whenever you need to connect you call the
$dbh variable
my $dbh =
DBI->connect"DBI:mysql:database=gns_workflow;host=localhost",'root',
'MySQL!') or die "didnt connect to the database";
#putting the $dbh into the $self object, that way you
can call $dbh anywhere in the program by issuing the
command $self->param('dbh')
my $self->param('dbh' => $dbh) or die "couldnt
associate dbh variable to self";
You need to remove the 'my' keyword from that last line:
$self->param('dbh' => $dbh) or die "couldnt associate dbh variable to self";
'my' is used to declare a variable (as a lexical variable), however,
$self is already declared at the top of your subroutine.
Attached is the entire program... Please take a look
and advise on any improvements. I am just learning so
take it easy on me ;0)
I'll give a few suggestions below to make your life easier. You are
re-inventing a lot of wheels that many others have already built.
package Portal::Application_2;
use base 'CGI::Application';
use CGI::Session();
If you plan to use CGI::Session, have a look at the
CGI::Application::Plugin::Session module, which makes it much easier
to use.
use DBI;
The same goes for CGI::Application::Plugin::DBH.
use strict;
sub cgiapp_init
{
my $self=shift;
#cgi::application uses the cgi.pm module. $self-_query() is equal to
$q=CGI->new()
my $q=$self->query();
The above two plugins use the same philosophy as the ->query method.
They allow you to call $self->session to get a CGI::Session object, or
$self->dbh to get an active database handle.
#create the variable to make the connection to the SQL server, so
whenever you need to connect you call the $dbh variable
my $dbh = DBI->connect("DBI:mysql:database=gns_workflow;host=localhost",'root',
'MySQL!') or die "didnt connect to the database";
#putting the $dbh into the $self object, that way you can call $dbh
anywhere in the program by issuing the command $self->param('dbh')
my $self->param('dbh' => $dbh) or die "couldnt associate dbh variable to
self";
my $data_source = "DBI:mysql:database=gns_workflow;host=localhost";
my $username = 'root';
my $password = 'MySQL!';
$self->dbh_config($data_source, $username, $password);
# now you can call $self->dbh to get your database handle.
# Initialize the session and get the id.
my $session = CGI::Session->new
(
'driver:MySQL',
$q->cookie('CGISESSID') || $q->param('CGISESSID') || undef,
{
Handle=>$dbh,
LockHandle=>$dbh
}
)or die "couldn't establish session";
#sets the expire time for the session. It only expires after that
amount of time after inactivity. Every time the user does something the expire
time is reset.
$session->expire("10m");
#put the session id into the $sessionid variable
my $sessionid = $session->id();
# Put session id and into $self object
$self->param('sessionid'=>$sessionid);
# Put session into $self object
$self->param('session'=>$session);
# replace the above with this
$self->session_config(
CGI_SESSION_OPTIONS => [ "driver:MySQL", $self->query,
{Handle=>$self->dbh} ],
DEFAULT_EXPIRY => '10m',
);
# now you can call $self->session to get a CGI::Session object when
you need it. It will handle sending the cookies for you, and will
automatically load the correct session for each request.
&login_form;
This isn't the right place to be calling 'login_form'. If you want to
handle logins, you can use another plugin called
CGI::Application::Plugin::Authentication.
}
#when using CGI::Applicaiton you need to define the basics of your application.
For example, what the rum modes are, and which run mode that should be started
in first.
sub setup
{
#Here we are getting the object. Think of it as a box that is passed
around from one person to another, you can put stuff in and take stuff out of
the box.
#We have just accepted the "box" by typing "$self=shift;".
#The "shift" function removes the first value of the specified array.
If you dont specify an array the function shifts @ARGV (in the main program), or @_ (in
subroutines)
#Since we didnt specify an array, and are in a subroutine we are
grabbing the @_
#Within a subroutine the array @_ contains the parameters passed to
that subroutine, and is considered a special variable
my $self = shift;
#cgi::application is based on the idea that everything a web
application does is a mode. Basically what this breaks down to is a mode is
simply associated with a subroutine.
# I find it simpler to just use the subroutine name for both the mode name
and the subroutine, however the directions show ('mode1' => 'subroutine_name')
It is much simpler to do it your way. And there is even a shortcut
provided by CGI::Application to do just that.
$self->run_modes
(
'mode_1' => 'login_form',
'mode_2' => 'access_denied',
'mode_3' => 'validate_user',
'mode_4' => 'main_page'
);
# list all of your valid runmodes
$self->run_modes([qw(login_form access_denied validate_user main_page)]);
# now use the exact same name for your runmode as for the function name.
#Here we are picking the mode we want to run first
$self->start_mode('mode_1');
}
sub access_denied
{
return "Sorry, your access has been denied. Please make sure you have
permissions to perform that function.";
}
sub login_form
{
my $self = shift;
my $login_form = <<ENDHTML;
<FORM ACTION=index.pl METHOD="POST">
<TABLE>
<TR>
<TD>Username:</TD>
<TD><INPUT TYPE="text" NAME="username" SIZE=20></TD>
</TR>
<TR>
<TD>Password:</TD>
<TD><INPUT TYPE="password" NAME="password" SIZE=20></TD>
</TR>
<TR>
<TD><INPUT TYPE="hidden" NAME="rm" VALUE="mode_4"></TD>
</TR>
</TABLE>
<INPUT TYPE="submit" VALUE="Submit">
</FORM>
ENDHTML
}
sub validate_user
{
my $self = shift;
#Putting the "username submitted in the HTML Form into the $username
variable.
my $username = $self->query("username");
#Putting the "password" submitted in the HTML Form into the $password
variable
my $password = $self->query("password");
###SQL Query
my $password_query = "SELECT * FROM user WHERE username = ? AND password =
?";
my $sth = $self->param('dbh')->prepare($password_query);
my $res = $sth->execute($username, $password)->fetchrow_hashref();
if ($res->{username} eq $username)
{
return "hello world";
} else {my $return = "Please click the back button and enter a username and
password. Both fields must be filled out.";}
}
All of the above authentication can be handled by the Authentication
plugin. It even provides a default login page for you that you can
choose to use, or you can provide your own custom one like you have
above. Here is all you need to get started:
sub main_page
{
my $self = shift;
my $hereyouare = "Welcome to the new GNS portal!";
$hereyouare;
}
1;
So just to piece it all together, I'll cut and paste everything into
on app (This was just typed out manually, so it is not tested, but it
should be a working app):
package Portal::Application_2;
use base 'CGI::Application';
use CGI::Application::Plugin::Authentication;
use CGI::Application::Plugin::DBH;
use CGI::Application::Plugin::Session;
my $data_source = "DBI:mysql:database=gns_workflow;host=localhost";
my $username = 'root';
my $password = 'MySQL!';
__PACKAGE__->authen->config(
DRIVER => [ 'DBI',
TABLE => 'user',
CONSTRAINTS => {
'username' => '__CREDENTIAL_1__',
'password' => '__CREDENTIAL_2__'
},
],
);
# this marks all runmodes are protected, so a user will have to
# be logged in to access them. See the docs for other options.
__PACKAGE__->authen->protected_runmodes(':all');
sub cgiapp_init
{
my $self=shift;
$self->dbh_config($data_source, $username, $password);
$self->session_config(
CGI_SESSION_OPTIONS => [ "driver:MySQL", $self->query,
{Handle=>$self->dbh} ],
DEFAULT_EXPIRY => '10m',
);
}
sub setup {
my $self = shift;
$self->run_modes([qw(main_page other_runmode another_runmode)]);
$self->start_mode('main_page');
}
sub main_page
{
my $self = shift;
my $hereyouare = "Welcome to the new GNS portal!";
return $hereyouare;
}
1;
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/[email protected]/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
