diff -Naur oldjono/blog_entry.cgi newjono/blog_entry.cgi --- oldjono/blog_entry.cgi 2006-02-13 23:29:44.000000000 +0900 +++ newjono/blog_entry.cgi 2006-02-13 23:30:49.000000000 +0900 @@ -2,6 +2,7 @@ use strict; use DBI; use CGI; +use CGI::Session; use CGI::Carp qw(fatalsToBrowser warningsToBrowser); use commonblog; use File::Copy; @@ -9,10 +10,14 @@ #global data structures my $q = new CGI; -my $dbh = DBI->connect('DBI:mysql:blog') +my $dbh = DBI->connect('DBI:mysql:jonoblog',$commonblog::sqlusername,$commonblog::sqlpassword) or die "Can't connect to database: " . DBI->errstr; +CGI::Session->name("JONOSID"); +#Get session +my $session = new CGI::Session($q) + or die "Can't establish session!"; -my $username = $q->cookie(-name =>'blogin'); +my $username = $session->param("username"); my $type = $q->param('type'); #comment or entry my $original = $q->param('original'); @@ -21,16 +26,18 @@ if (defined $q->param('submission')) { &add_submission($q); $dbh->disconnect; - print $q->redirect (-url => "/cgi-bin/blog/showblog.cgi?showcomments=true"); + print $q->redirect (-url => "$commonblog::basedir/showblog.cgi?showcomments=true"); exit; } if ($type eq 'entry' and $username ne 'Jono') { #Something went wrong -- only jono can make entries! $dbh->disconnect; - print $q->redirect (-url => "/cgi-bin/blog/showblog.cgi?showcomments=true"); + print $q->redirect (-url => "$commonblog::basedir/showblog.cgi?showcomments=true"); } +print $session->header(); +print "testing"; &print_oroborus_top($q, "Jono's Natural Log -- Leave Comments"); print "

"; @@ -127,24 +134,37 @@ my $xml = "\n\n" .$title . "\n" . $description . "\n$bloglink\n" . $arpadate .""; - open(infile, "< $rssfile") || die ("Can't open $rssfile: $!"); + open(INFILE, "< $rssfile") || die ("Can't open $rssfile: $!"); chmod(0666, "$rssfile"); - open(outfile, "> $rssdir/temp") || die ("Can't open temp: $!"); + open(OUTFILE, "> $rssdir/temp") || die ("Can't open temp: $!"); - - while () { + my $bytes=0; + my $buffer=""; + while () { if (//) { - print outfile "$arpadate\n"; + $buffer.="$arpadate\n"; + $bytes+=length("$arpadate\n"); } else { - print outfile $_; + $buffer.=$_; + $bytes+=length($_); } if (/<\/webMaster>/) { - print outfile $xml; + $buffer.=$xml; + $bytes+=length($xml); + } + if(/<\/item>/) { + # 150K; assuming here we arent using Unicode or something wacky + if($bytes < 153600) { + print OUTFILE $buffer; + $buffer=""; + } else { + last; + } } } - close(infile); - close(outfile); + close(INFILE); + close(OUTFILE); #Copy temp over old rss file: move("$rssdir/temp", $rssfile) || die ("Couldn't move file!"); chmod (0666, $rssfile); @@ -154,7 +174,6 @@ #arpadate uses this kind of format: Sun, 12 Dec 2004 14:21:10 CDT my @monthnames = ('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'); my $day = localtime->mday(); - my $month = localtime->mon(); my $year = 1900 + localtime->year(); my $month = $monthnames[localtime->mon()]; my $hour = localtime->hour(); diff -Naur oldjono/commonblog.pm newjono/commonblog.pm --- oldjono/commonblog.pm 2006-02-13 23:29:38.000000000 +0900 +++ newjono/commonblog.pm 2006-02-13 23:30:49.000000000 +0900 @@ -5,11 +5,14 @@ @EXPORT_OK = qw($oroborusURL $rssURL $rssfile $baseURL); #base url for background images and css: -$oroborusURL = "/~Jono/oroborus"; -$rssURL = "/~Jono/rss/jono.rss"; -$rssdir = "/Users/Jono/Sites/rss"; $rssfile = "$rssdir/jono.rss"; -$baseURL = "http://www.evilbrainjono.net/cgi-bin/showblog.cgi"; +$basedir = "/cgi-bin/blog"; # no trailing slash please +$sqlusername = undef; +$sqlpassword = undef; sub print_oroborus_top { my $q = $_[0]; @@ -21,8 +24,9 @@ body {background-color: #19429E; margin: 0px;} div.mainbg {background-image: url(\"$oroborusURL/extrabodybg.gif\"); background-repeat: repeat-y; width: 860px; z-index: 0;}"; my $stylehash = {-code => $stylestring, -src => "$oroborusURL/oroborus.css"}; - - print $q->header("text/html"), + +# obsolete with session->header +# print $q->header("text/html"), $q->start_html( -title => $title, -style => $stylehash); #Print top stuff in body of html, with image: diff -Naur oldjono/login.cgi newjono/login.cgi --- oldjono/login.cgi 2006-02-13 23:29:49.000000000 +0900 +++ newjono/login.cgi 2006-02-13 23:30:49.000000000 +0900 @@ -3,14 +3,26 @@ use DBI; use CGI; use CGI::Carp qw(fatalsToBrowser warningsToBrowser); +use CGI::Session; use commonblog; #global data structures my $q = new CGI; -my $dbh = DBI->connect('DBI:mysql:blog') +CGI::Session->name("JONOSID"); +# See manual for how to use mysql for this, or just use files +my $session = new CGI::Session($q) + or die "Can't establish session!"; +my $dbh = DBI->connect('DBI:mysql:jonoblog', $commonblog::sqlusername, $commondblog::sqlpassword) or die "Can't connect to database: " . DBI->errstr; my $error_message = ''; +#log user out +if(defined $q->param('logout')) { + if($q->param('logout')) { + $session->delete(); + } +} + if (defined $q->param('submission')) { if ($q->param('submission') eq 'Create') { $error_message = &check_create_ok($q); @@ -18,12 +30,17 @@ if ($q->param('submission') eq 'Login') { $error_message = &check_login_ok($q); } + exit; } +print $session->header(); + + #We'll get here if there are no params, or if there was #an error in login. If login was successful, set_cookie will make us #exit. &print_oroborus_top($q, "Jono's Natural Login"); + if ($error_message ne '') { print $q->p($error_message); } @@ -37,7 +54,7 @@ my $q = shift; #Get all the parameters from someone trying to create an account. #If there's a problem, return error message string. - #If not, create the account in the DB, and call set_cookie to + #If not, create the account in the DB, and set session #login. my $username = $q->param('username'); my $password = $q->param('password'); @@ -67,7 +84,8 @@ $insert->execute($username, $password, $email); $insert->finish; - set_cookie($q); + $session->save_param(); + print $q->redirect (-url => "$commonblog::basedir/showblog.cgi?showcomments=true"); } sub check_login_ok { @@ -83,7 +101,7 @@ $query->finish; if ($username ne '' and @data[1] eq $password) { - set_cookie($q); + $session->save_param(); } elsif ($username ne '' and @data[0] eq $username) { return "

Wrong Password for user $username!

Try again.

"; @@ -91,24 +109,26 @@ else { return "

There is no account called $username!

Try again.

"; } + print $q->redirect (-url => "$commonblog::basedir/showblog.cgi?showcomments=true"); } -sub set_cookie { - #Call this when login is successful. Sets cookie with username - #and redirects to blog. - my $q = shift; - my $username = $q->param('username'); - my $passwd = $q->param('password'); - my $server = $q->server_name; - my $cookie = $q->cookie( -name => "blogin", - -value => $username, - -path => "/cgi-bin/"); - - print $q->redirect (-url => "/cgi-bin/blog/showblog.cgi", - -cookie => $cookie); - $dbh->disconnect; - exit; -} +#### Security hazard! +# sub set_cookie { +# #Call this when login is successful. Sets cookie with username +# #and redirects to blog. +# my $q = shift; +# my $username = $q->param('username'); +# my $passwd = $q->param('password'); +# my $server = $q->server_name; +# my $cookie = $q->cookie( -name => "blogin", +# -value => $username, +# -path => "/cgi-bin/"); + +# print $q->redirect (-url => "/cgi-bin/blog/showblog.cgi", +# -cookie => $cookie); +# $dbh->disconnect; +# exit; +# } sub print_login_form { @@ -117,14 +137,14 @@ print <Have an account already? -
+
Name:
Password:

Creating an account for the first time?

-
+ @@ -133,7 +153,7 @@
Name:
Password:At least 5 characters
ENDFORM - print $q->p($q->b("WARNING:"), "The password you enter here is transmitted unecrypted. Use a disposable password! In other words, do not use the same password here you use for your impportant stuff, because some '1337 haXX0r' could yank it and 'p0wn' you."); + print $q->p($q->b("WARNING:"), "The password you enter here is transmitted unecrypted. Use a disposable password! In other words, do not use the same password here you use for your important stuff, because some '1337 haXX0r' could yank it and 'p0wn' you."); print $q->p("Eventually you will be able to upload an icon to represent yourself in your comments. For now, I will assign an icon for you. Mwa ha ha. Also, I will make a single login work for both blog commenting and RPG-tool."); } diff -Naur oldjono/showblog.cgi newjono/showblog.cgi --- oldjono/showblog.cgi 2006-02-13 23:29:55.000000000 +0900 +++ newjono/showblog.cgi 2006-02-13 23:30:49.000000000 +0900 @@ -2,20 +2,26 @@ use strict; use DBI; use CGI; +use CGI::Session; use CGI::Carp qw(fatalsToBrowser warningsToBrowser); use commonblog; #global data structures my $q = new CGI; -my $dbh = DBI->connect('DBI:mysql:blog') +my $dbh = DBI->connect('DBI:mysql:jonoblog', $commonblog::sqlusername, $commonblog::sqlpassword) or die "Can't connect to database: " . DBI->errstr; - -#Get parameters and cookies +CGI::Session->name("JONOSID"); +#Get parameters and session +my $session = new CGI::Session($q) + or die "Can't establish session!"; my $showcomments = $q->param('showcomments'); if (not defined $showcomments) { $showcomments = 'false'; } -my $username = $q->cookie( -name => "blogin"); + +my $username = $session->param("username"); + +print $session->header(); &print_oroborus_top($q, "Evil Brain Jono's Natural Log"); @@ -30,7 +36,7 @@ if (not defined $username) { print "Login"; } else { - print "Logout"; + print "Logout"; } print ' | Email me at ebjono@gmail.com'; print "

";