| 1 | #!/usr/bin/perl |
|---|
| 2 | # |
|---|
| 3 | # Copyright (c) 2006 Dominic Hargreaves |
|---|
| 4 | # See accompanying file "LICENCE" for licence details |
|---|
| 5 | |
|---|
| 6 | use strict; |
|---|
| 7 | use warnings; |
|---|
| 8 | |
|---|
| 9 | use CGI::Fast qw/:standard -debug/; |
|---|
| 10 | |
|---|
| 11 | # Find our private perl libraries |
|---|
| 12 | use FindBin; |
|---|
| 13 | use lib "$FindBin::Bin/../perllib"; |
|---|
| 14 | use NPEMap; |
|---|
| 15 | |
|---|
| 16 | # Set up database handler to try and make sure it's ready for the first |
|---|
| 17 | # request |
|---|
| 18 | # No point in handling errors here since they'll get handled by the request |
|---|
| 19 | # handler |
|---|
| 20 | my $dbh = setup_dbh(); |
|---|
| 21 | |
|---|
| 22 | my $returnBaseURL = ''; |
|---|
| 23 | |
|---|
| 24 | my $cgi; |
|---|
| 25 | # Process incoming requests |
|---|
| 26 | REQUEST: while ($cgi = new CGI::Fast) { |
|---|
| 27 | |
|---|
| 28 | # If we're given return URL parameters, basic sanity check to stop |
|---|
| 29 | # funny business |
|---|
| 30 | my $returnURL= '/tiles/map.html'; |
|---|
| 31 | if (defined $ENV{HTTP_REFERER}) { |
|---|
| 32 | $returnURL = $ENV{HTTP_REFERER}; |
|---|
| 33 | } |
|---|
| 34 | |
|---|
| 35 | my $returnlink = "<a href='$returnURL'>Go back to the map</a>"; |
|---|
| 36 | |
|---|
| 37 | # In case the database went away, make sure we have a connection |
|---|
| 38 | unless ($dbh = setup_dbh()) { |
|---|
| 39 | print_html_err('Error setting up database connection', $returnlink); |
|---|
| 40 | next REQUEST; |
|---|
| 41 | } |
|---|
| 42 | |
|---|
| 43 | # Input validation |
|---|
| 44 | unless (defined $cgi->param('postcode')) { |
|---|
| 45 | print_html_err ("Postcode identifier not supplied", $returnlink); |
|---|
| 46 | next REQUEST; |
|---|
| 47 | } |
|---|
| 48 | |
|---|
| 49 | # Check that the requested ID exists |
|---|
| 50 | my $sth = $dbh->prepare('SELECT id FROM postcodes WHERE id = ? AND NOT deleted'); |
|---|
| 51 | unless ($sth->execute($cgi->param('postcode'))) { |
|---|
| 52 | print_html_err('Database error when checking for the postcode', $returnlink); |
|---|
| 53 | next REQUEST; |
|---|
| 54 | } |
|---|
| 55 | |
|---|
| 56 | unless ($sth->rows) { |
|---|
| 57 | print_html_err('A postcode with that identifier does not exist, or has already been deleted.', $returnlink); |
|---|
| 58 | next REQUEST; |
|---|
| 59 | } |
|---|
| 60 | |
|---|
| 61 | $sth = $dbh->prepare('INSERT INTO bad_postcodes (postcode, ip, reason, reporter_email) VALUES (?, ?, ?, ?)'); |
|---|
| 62 | if ($sth->execute($cgi->param('postcode'), $ENV{'REMOTE_ADDR'}, $cgi->param('reason') || undef, $cgi->param('email') || undef)) { |
|---|
| 63 | print "Content-type: text/html\n\n"; |
|---|
| 64 | print "<body><p>Thank you for reporting that post code bad</p>\n"; |
|---|
| 65 | next REQUEST; |
|---|
| 66 | } else { |
|---|
| 67 | print STDERR "DB error: " . $dbh->errstr . "\n"; |
|---|
| 68 | print_html_err("Database error when adding your data :(", $returnlink); |
|---|
| 69 | next REQUEST; |
|---|
| 70 | } |
|---|
| 71 | } |
|---|
| 72 | |
|---|
| 73 | # No more requests to serve, so tidy up |
|---|
| 74 | $dbh->disconnect; |
|---|
