source: trunk/npemap.org.uk/cgi/bad-postcode.fcgi @ 215

Last change on this file since 215 was 215, checked in by David Sheldon, 15 years ago

better return link handling.

  • Property svn:executable set to *
File size: 3.0 KB
Line 
1#!/usr/bin/perl
2#
3# Copyright (c) 2006 Dominic Hargreaves
4# See accompanying file "LICENCE" for licence details
5
6use strict;
7use warnings;
8
9use DBI;
10use CGI::Fast qw/:standard -debug/;
11
12use vars qw($dbname $dbhost $dbuser $dbpass);
13
14sub print_err;
15sub setup_dbh;
16
17# Read in database config
18my $config = 'npemap.conf';
19do $config or die "Can't read $config!\n";
20
21# Set up database handler to try and make sure it's ready for the first
22# request
23# No point in handling errors here since they'll get handled by the request
24# handler
25my $dbh;
26setup_dbh();
27
28my $returnBaseURL = '';
29
30my $cgi;
31# Process incoming requests
32REQUEST: while ($cgi = new CGI::Fast) {
33
34    # If we're given return URL parameters, basic sanity check to stop
35    # funny business
36    my $returnURL= '/tiles/map.html';
37    if (defined $ENV{HTTP_REFERER}) {
38        $returnURL = $ENV{HTTP_REFERER};
39    }
40
41    my $returnlink = "<a href='$returnURL'>Go back to the map</a>";
42
43    # In case the database went away, make sure we have a connection
44    unless (setup_dbh()) {
45        print_err('Error setting up database connection', $returnlink);
46        next REQUEST;
47    }
48
49    # Input validation
50    unless (defined $cgi->param('postcode')) {
51        print_err ("Postcode identifier not supplied");
52        next REQUEST;
53    }
54
55    # Check that the requested ID exists
56    my $sth = $dbh->prepare('SELECT id FROM postcodes WHERE id = ? AND NOT deleted');
57    unless ($sth->execute($cgi->param('postcode'))) {
58        print_err('Database error when checking for the postcode', $returnlink);
59        next REQUEST;
60    }
61
62    unless ($sth->rows) {
63        print_err('A postcode with that identifier does not exist, or has already been deleted.', $returnlink);
64        next REQUEST;
65    }
66
67    $sth = $dbh->prepare('INSERT INTO bad_postcodes (postcode, ip, reason, reporter_email) VALUES (?, ?, ?, ?)');
68    if ($sth->execute($cgi->param('postcode'), $ENV{'REMOTE_ADDR'}, $cgi->param('reason') || undef, $cgi->param('email') || undef)) {
69        print "Content-type: text/html\n\n";
70        print "<html><head><title>Thank you</title></head>\n";
71        print "<body><p>Thank you for reporting the bad post code!</p>\n";
72        print "<p>$returnlink</p>\n";
73        print "</body></html>";
74        next REQUEST;
75    } else {
76        print STDERR "DB error: " . $dbh->errstr . "\n";
77        print_err("Database error when adding your data :(", $returnlink);
78        next REQUEST;
79    }
80}
81
82# No more requests to serve, so tidy up
83$dbh->disconnect;
84
85# Helper routines
86sub print_err($$) {
87    my $err = shift;
88    my $returnlink = shift;
89    print "Content-type: text/html\n\n";
90    print "<html><head><title>Error submitting</title></head>\n";
91    print "<body><p>The following error occurred whilst submitting data:\n";
92    print CGI::escapeHTML($err);
93    print "<p>$returnlink</p>\n";
94    print "</body></html>\n";
95}
96
97sub setup_dbh {
98    # $dbh is global
99    my $data_source = "dbi:Pg:dbname=$dbname";
100    $data_source .= ";host=$dbhost" if $dbhost;
101    return $dbh = DBI->connect_cached($data_source, $dbuser, $dbpass);
102}
103
Note: See TracBrowser for help on using the repository browser.