Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl -wT
- use DBI;
- #Declare MySQL connection variables
- $db = "int420_113c10";
- $user = "int420_113c10";
- $passwd = "cqTN5238";
- $host = "db-mysql.zenit";
- $connectionInfo = "dbi:mysql:$db;$host";
- print "Content-type: text/html\n";
- #If first time user is loading page display login
- #ELSE
- if ($ENV{'REQUEST_METHOD'} eq "GET") {
- &displayLogin();
- } else {
- &parseForm();
- $dbh = DBI->connect($connectionInfo,$user,$passwd);
- if ($FORM{'submit'} eq "Login") {
- &verifyLogin();
- &createNewSession();
- print qq~Set-Cookie: DATA=$session:1; path=/; ~;
- print qq~expires Mon, 30-Jan-2012 12:00:00 GMT
- ~;
- $query = "SELECT QID, question FROM survey WHERE QID = 1";
- &queryDB();
- @Qsurvey = $sth->fetchrow_array();
- &displaySurvey();
- } else {
- &parseCookie();
- &verifyAwnser();
- $qnum = $qnum + 1;
- print qq~Set-Cookie: DATA=$session:$qnum; path=/; ~;
- print qq~expires Mon, 30-2012 12:00:00 GMT
- ~;
- $query = "SELECT QID, question FROM survey WHERE QID = $qnum";
- &queryDB();
- @Qsurvey = $sth->fetchrow_array();
- if ($Qsurvey[0] ne "") {
- &displaySurvey();
- } else {
- $query = "INSERT INTO final SELECT * FROM awnsers WHERE sessionID = $session ";
- &queryDB();
- &displayFinal();
- }
- }
- }
- #Standard form parseing for POST data
- sub parseForm {
- read(STDIN, $qstring, $ENV{'CONTENT_LENGTH'});
- @pairs = split(/&/, $qstring);
- foreach (@pairs) {
- ($key,$value) = split(/=/);
- $value =~ tr/+/ /;
- $value =~ s/%([A-Fa-f0-9][A-Fa-f0-9])/pack("C", hex($1))/eg;
- $FORM{$key} = $value;
- }
- }
- #Creates new session
- sub createNewSession {
- $query = "SELECT MAX(sessionID) FROM awnsers";
- &queryDB();
- $session = $sth->fetchrow();
- if ($session eq "") {
- $session = 1;
- } else {
- $session++;
- }
- }
- #Prases information from cookies
- sub parseCookie {
- $cookieData = $ENV{'HTTP_COOKIE'};
- ($name,$data) = split(/=/,$cookieData);
- $name = 0;
- ($session,$qnum) = split(/:/,$data);
- }
- #Verifies login information matches a record in the DB
- #If any data is incorrect, display an appropriate error
- sub verifyLogin {
- $query = "SELECT name, password, id FROM login WHERE name = '$FORM{username}'";
- &queryDB();
- if (@Qlogin = $sth->fetchrow_array()) {
- $salt = "asdf";
- $pass = $FORM{'password'};
- $cryptPasswd = crypt($pass,$salt);
- if ($cryptPasswd ne $Qlogin[1]) {
- $error = "\n<font color=red>Incorrect password</font>";
- &displayLogin();
- exit;
- }
- } else {
- $error = "\n<font color=red>Username does not exist</font>";
- &displayLogin();
- exit;
- }
- }
- #Verifies an awnser was given in the survey
- sub verifyAwnser {
- $query = "SELECT QID, question FROM survey WHERE QID = $qnum";
- &queryDB();
- @Qsurvey = $sth->fetchrow_array();
- if ($FORM{'awnser'} eq "") {
- $error = "<br>\n<font color=red>Please awnser the question!</font>";
- &displaySurvey();
- exit;
- } else {
- $query = "INSERT INTO awnsers (sessionID, awnser, question) VALUES ($session, '$FORM {'awnser'}', '$Qsurvey[1]')";
- &queryDB();
- }
- }
- #Quries database with '$query' variable
- sub queryDB {
- $sth = $dbh->prepare($query);
- $sth->execute() or print qq~
- <html>
- <head>
- <title>DATABASE ERROR</title>
- </head>
- <body>
- <center>
- <h1><font color="red">DATABASE ERROR!</font></h1>
- </center>
- </body>
- </html>~;
- }
- #Displays login webpage
- sub displayLogin {
- print qq~
- <html>
- <head>
- <title>Login</title>
- </head>
- <body>
- <center>
- <h3>Login:</h3>
- <hr><br>
- <form action="survey.cgi" method="post">
- Username: <input type="text" name="username" value="$FORM{'username'}">
- <br>
- Password: <input type="password" name="password" value="$FORM{'password'}">
- <br><br>
- <input type="submit" name="submit" value="Login">
- </form>$error
- </center>
- </body>
- </html>~;
- }
- #Displays survey webpage
- sub displaySurvey {
- print qq~
- <html>
- <head>
- <title>Survey</title>
- </head>
- <body>
- <center>
- <h3>Survey</h3>
- <hr><br>
- <table width="80%" align="center" border="1">
- <tr>
- <td width="20%" align="center"><strong>Number</strong></td>
- <td width="80%" align="center"><strong>Question</strong></td>
- </tr><tr>
- <td width="20%" align="center"><br>$Qsurvey[0]<br> </td>
- <td width="80%" align="center"><br>$Qsurvey[1]<br> </td>
- </tr><tr>
- <td colspan="2" align="center">
- <br>
- <form action="survey.cgi" method="post">
- <input type="text" size="80%" name="awnser">
- </td>
- </tr>
- </table>
- <br>
- <center>
- <input type="submit" name="submit" value="Next">
- </center>
- </form>$error
- </body>
- </html>~;
- }
- #Displays webpage for results
- sub displayFinal {
- print qq~
- <html>
- <head>
- <title>Results</title>
- </head>
- <body>
- <center>
- <h3>Results</h3>
- <hr><br>
- <table width="90%" align="center" border="1">
- <tr>
- <td width="50%" align="center"><strong>Question</strong></td>
- <td width="50%" align="center"><strong>Awnser</strong></td></tr>~;
- $query = "SELECT question, awnser FROM final WHERE sessionID = $session";
- &queryDB();
- @Qresults = $sth->fetchrow_array();
- while ($Qresults[0] ne "") {
- print "<tr><td>$Qresults[0]</td>\n<td>$Qresults[1]</td></tr>\n";
- @Qresults = $sth->fetchrow_array();
- }
- print qq~
- </table>
- </center>
- </form>
- </html>~;
- }
Add Comment
Please, Sign In to add comment