#!/usr/bin/perl
use strict;
#use lib 'C:\Inetpub\wwwroot\Sites\asp\techdex\projects\forums\cgi-bin\forums\.';
use lib '.';
use MyBoard;
use CGI::Session;
my($i, $rv, $sth, $asth, $f, @months, @days, $sec, $min, $hr, $yr, $mday, $mon, $yday, $isdst, $wday, $timestr);
my($expdate) = mygmtime();
# Define variables.
my($user) = $cgi->param('username');
my($pass) = $cgi->param('password');
my($username) = $cgi->param('username');
# Set initial nosession to form.
my($nosession) = ($cgi->param('nosession'));
# Default nosession to 1 (this is for the save).
my($nosession) = 1;
# Define and initiate sessions.
$CGI::Session::MySQL::TABLE_NAME = 'sessions';
my $session = new CGI::Session("driver:MySQL", undef, {Handle=>$dbh});
my $sid = $session->id();
# Get IP Address
my($ip) = "$ENV{'REMOTE_ADDR'}";
foreach $i ($cgi->param()) {
if ($cgi->param($i) =~ /^\s*$/) {
&dienice("$i was blank - please fill out all of the fields.");
exit;
}
}
$sth = $dbh->prepare("select * from users where id!=?") or &dbdie;
$rv = $sth->execute("NULL");
$f = $sth->fetchrow_hashref;
my($g);
$sth = $dbh->prepare("select *,date_format(date, '%c/%e/%Y') as nicedate from users where username=?") or &dbdie;
$rv = $sth->execute("$user");
$g = $sth->fetchrow_hashref;
my($validuser) = "$g->{username}";
my($validpass) = "$g->{password}";
# Check for username.
if ($validuser ne "$user") {
$sth = $dbh->prepare("delete from sessions where username IS NULL");
$rv = $sth->execute;
&dienice("That username you entered $user does not exist in your database. Click here to register the name $user.");
}
&do_pass;
# If username does not exist check for pass.
sub do_pass {
if ($validpass ne "$pass") {
$sth = $dbh->prepare("delete from sessions where username IS NULL");
$rv = $sth->execute;
&dienice("This password does not match the password on file for this user.");
}
}
&do_status;
# If user and pass don't fail checks, check account status.
sub do_status {
if ($f->{status} eq "Active") {
&do_body;
} elsif ($f->{status} eq "Suspended") {
&do_header("$btitle");
print qq(This account has been suspended for minor violations of the rules and regulations of this forum.
If you have any questions concerning your account, please message our support staff.);
&do_footer;
#&dbi->disconnect;
exit;
} else {
&do_header("$btitle");
print qq(Login Failed
\n);
print qq(This account has been closed for failure to comply with some very simple rules.
You can't say we didn't warn you. Now get off my grass!);
&do_footer;
#&dbi->disconnect;
exit;
}
}
## This is the body.
sub do_body {
## SESSION DATA ##
# Query sessions table and get the data if the username exists.
$sth = $dbh->prepare("select * from sessions where username=?");
$rv = $sth->execute($username);
$f = $sth->fetchrow_hashref;
# Set session_username and session_id
my ($session_username) = "$f->{username}";
my ($session_id) = "$f->{id}";
my($user) = "$session_username";
my($pid) = "$f->{id}";
my($fname) = "$f->{username}";
my($femail) = "$f->{email}";
my($fip) = "$f->{ip}";
if ($username eq "$session_username") {
&cleansession;
$sth = $dbh->prepare("select * from sessions where username=?") or &dbdie;
$rv = $sth->execute($session_username);
} else {
# Insert new session
$sth = $dbh->prepare("insert into sessions(id, a_session, username, date, last, ip) values(?,?,?,current_timestamp(),current_timestamp(),?)") or &dbdie;
$rv = $sth->execute($sid, 0, $username, $ip);
}
# GUEST FUNCTIONS #
my($function) = ($cgi->param('function'));
if ($function eq "guest") {
$sth = $dbh->prepare("select * from sessions where ip=? AND username=?") or &dbdie;
$rv = $sth->execute($ip,"guest");
my($h) = $sth->fetchrow_hashref;
# Insert new session only if the ip doesn't already exist
if ($h->{ip} eq "$ip") {
$sth = $dbh->prepare("select * from sessions where username=?") or &dbdie;
$rv = $sth->execute($function);
} else {
$sth = $dbh->prepare("insert into sessions(id, a_session, username, date, last, ip) values(?,?,?,current_timestamp(),current_timestamp(),?)") or &dbdie;
$rv = $sth->execute($sid, 0, $function, $ip);
}
}
## END SESSION DATA ##
&do_header("$btitle");
# GET FRESH SESSION DATA
$sth = $dbh->prepare("select *,date_format(date, '%c/%e/%Y %r') as nicedate from sessions where username=?");
$rv = $sth->execute($username);
$f = $sth->fetchrow_hashref;
my($last) = "$f->{nicedate}";
my ($session_id) = "$f->{id}";
#~ if ($session_id ne "") {
#~ print qq(Welcome back, $session_username. Your last login was $last
);
#~ } else {
#~ print qq(Welcome to our forums. You are viewing as a guest. You can only browse our forums and will need to log in or register to perform any other action.
);
#~ }
print qq(Forum Rules:
- No foul words may be used in any context.
- No Spamming - This includes but is not limited to post that are, one-liners, anything unrelated to any other post, post that means nothing and or is irrelevant, etc.
- All users must comply with a Moderators request, even if it's not included in the site rules.
- No insulting, mocking, flaming any members of this site.
- For Security reasons, the use of HTML is restricted and will be stripped from all posts.
Warning: Failure to comply with ANY of these basic rules carry heavy penalities, including Account suspension, account deletion, IP banning, etc. The Administrator reserves the right to ban any member for any reason.
Enter Forums
);
&cleansession;
#&dbi->disconnect;
}
sub mygmtime {
@months = ("Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec");
@days = ("Sun","Mon","Tue","Wed","Thu","Fri","Sat");
# Set expiration date to 7 days
($sec,$min,$hr,$mday,$mon,$yr,$wday,$yday,$isdst) = gmtime(time + (86400*7));
# Format time as Day, DD-Mon-YYYY HH:MM:SS GMT
$timestr = sprintf("%3s, %02d-%3s-%4d %02d:%02d:%02d GMT",
$days[$wday],$mday,$months[$mon],$yr+1900,$hr,$min,$sec);
return $timestr;
}
sub cleansession {
# Cleanup Sessions while you're at it.
$sth = $dbh->prepare("delete from sessions where username IS NULL");
$rv = $sth->execute;
}
&do_footer;