Add User

#!/usr/bin/perl -wT use DBI(); use CGI qw(:standard); use CGI::Session; use CGI::Session::Driver::mysql; #use CGIBook::Error; use FileHandle; my $server = "www.ictprovision.com"; my $query = new CGI; $query->import_names('R'); my $cmd = ($R::act); my $qs = $ENV{QUERY_STRING}; my $host = "localhost"; my $db = "supportdb"; my $dbu = "www-data"; my $dpw = "999or666"; #my $unam; my $Pprofile; my $Sprofile; my $dbh = DBI->connect("DBI:mysql:database=$db;host=$host", "$dbu", "$dpw", {'RaiseError' => 1}); my $session = new CGI::Session("driver:mysql", undef, { Handle => $dbh, TableName => "sessions" } ); if ( $session->param("~logged-in") ) { $Pprofile = $session->param("~Pprofile"); $Sprofile = $session->param("~Sprofile"); if ( ( $Pprofile->{role} eq '1' ) or ( $Pprofile->{role} eq '2' ) ) { setdets(); print "Content-type: text/html\n\n"; # if ( $cmd eq 'form' ) { print_html(); # } else { # adduser(); # } } else { print $query->redirect( -url => "http://$server/dbases/dashboard.cgi?act=dash" ); } } else { print $query->redirect( -url => "http://$server/login.cgi?$qs" ); } sub setdets { if ( $cmd eq 'form' ) { my $j = jstring(); my $fh = FileHandle->new(">../SpryAssets/Usr.js"); if ( defined $fh ) { print $fh "$j\n"; $fh->close; } else { error( $query, "Ooops... Can't create dynamic Javascript" ); } } elsif ( $cmd eq 'insertU' ) { my $sth = $dbh->prepare( "insert into users (username,forename,surname,clear,password,email,tel,fax,mob,school,role) values(?,?,?,?,encrypt(?),?,?,?,?,?,?)" ); unless ( $sth->execute($R::unam,$R::fnam,$R::snam,$R::pass,$R::pass,$R::emale,$R::tel,$R::fax,$R::mob,$Sprofile->{uid},$R::typ) ) { error( $query, "Ooops..." ); } print $query->redirect( -url => "http://$server/dbases/dashboard.cgi?act=dash" ); } } sub jstring { my $j2 = '['; #Create first part of the javascript (static). my $j1 = 'var arr; var a; var b; var c; var d; function setusr( form ) { arr = '; #Create third part of the javascript (static). my $j3 = qq^ a = form.fnam.value; b = form.snam.value; c = ""; d = 0; form.unam.value = rec(arr, a.substring(0,1) + b); } function rec(arr,val) { if(indexInArray(arr,val)>-1){ c = ""; d = d + 1; c = c + d; rec(arr, a.substring(0,1) + b + d); } return a.substring(0,1) + b + c; } function indexInArray(arr,val){ for(var i=0;iprepare( "select username from users" ); unless ( $sth->execute() ) { error( $query, "Ooops..." ); } my $array_ref = $sth->fetchall_arrayref(); foreach (@$array_ref) { $j2 = $j2 . qq^"$_->[0]",^; } $j2 = $j2 . qq^"dummy"] ^; return ($j1 . $j2 . $j3); } sub dummysub { $R::act = $R::act; $R::tel = $R::tel; $R::fax = $R::fax; $R::mob = $R::mob; $R::typ = $R::typ; $R::unam = $R::unam; $R::fnam = $R::fnam; $R::snam = $R::snam; $R::pass = $R::pass; $R::emale = $R::emale; } sub print_html{ print < Add User

ICT Provision Ltd

28 Dewberry Fields

Up Holland

Skelmersdale

Lancashire

WN8 0BQ

Add New User

Tel: 01695 622503

Mob: 07788 832584

Fax: 01695 624752

www.ictprovision.com

info\@ictprovision.com

Remember to make a note of the auto-generated username.

END }