#!/bin/perl # add-book.pl # this script adds the book information to the database. # the user interface to this is BAD. Ideally (IMO) # this would print a copy of what the citation would like # when it's printed. use strict; # # Print the HTML header information html_head ('Adding a book citation'); # # Print a descriptive header on the page print "

Book Citation Added

\n"; # # Get all the data from the form and put it into the # associative array %FORM # my %FORM = parse_form_data(); # # Show the request method, the unencoded input, and then loop through # the array %FORM and print each key-value pair # print "Request Method:", $ENV{'REQUEST_METHOD'}, "

"; print "Unencoded Input:
", $ENV{'QUERY_STRING'}, "

"; print "

\n"; my ($key, $value); while (($key, $value) = each %FORM) { $value =~ tr/\0/\|/; print "
$key = $value"; } # Print the results # # # assume anonymous authors if ($FORM{'author_1_last'} eq "") { $FORM{'author_1_last'} = "aaaanonymous"; } # prepare for database connection use DBI; my ($database) = "dschuler"; my $arg = $FORM{'query'}; my ($hostname) = "localhost"; my ($dsn, $dbh); my ($user_name) = "dschuler"; # user name my ($password) = ""; # password my (%attr) = ( RaiseError => 0, PrintError => 0 ); $dsn = "dbi:mysql:$database:$hostname"; $dbh = DBI->connect ($dsn, undef, undef, \%attr) or return_error ("Cannot connect to $database"); # print "

connected to DB?"; my ($sth); # prepare the insert command my $prepare_string = (qq{ INSERT INTO citation (citation_id, title, citation_type, style, principal_1_first_name, principal_1_last_name, principal_2_first_name, principal_2_last_name, principal_3_first_name, principal_3_last_name, publisher, city, year, url, contributor, contributor_e_mail, keywords, comments) VALUES ("NULL", "$FORM{'title'}", "$FORM{'citation_type'}", "$FORM{'style'}", "$FORM{'author_1_first'}", "$FORM{'author_1_last'}", "$FORM{'author_2_first'}", "$FORM{'author_2_last'}", "$FORM{'author_3_first'}", "$FORM{'author_3_last'}", "$FORM{'publisher'}", "$FORM{'location'}", "$FORM{'year'}", "$FORM{'url'}", "$FORM{'contributor'}", "$FORM{'e_mail'}", "$FORM{'keywords'}", "$FORM{'comments'}") }); print "

\n";
print $prepare_string;
print "

\n"; $sth = $dbh->prepare ($prepare_string); $sth->execute (); $sth->finish (); # MAIN-BODY $dbh->disconnect (); # exit (0); # # Print the closing HTML - the HTML footer information # html_footer(); exit (0); sub html_head { my $title = $_[0]; if ($title eq "") { $title = "Untitled"; } # # This following line must be the FIRST thing that prints out, or the # server probably will either return an error, or your browser will complain # that 'Document contains no data' # # (Try commenting it out and re-loading your form and re-submitting it and # see what happens) # print "Content-type: text/html", "\n\n"; print "\n"; print "\n"; print "$title\n"; print "\n"; print "\n"; } sub html_footer { print "\n"; print "\n"; } ##++ ## This "mini" library contains the parse_form_data and ## and return_error subroutines. ##-- sub parse_form_data { my (%FORM_DATA); my ( $request_method, $query_string, @key_value_pairs, $key_value, $key, $value); $request_method = $ENV{'REQUEST_METHOD'}; if ($request_method eq "GET") { $query_string = $ENV{'QUERY_STRING'}; } elsif ($request_method eq "POST") { read (STDIN, $query_string, $ENV{'CONTENT_LENGTH'}); } else { # return_error (500, "Server Error", "Server uses unsupported method"); print "

unsupported method...\n"; } @key_value_pairs = split (/&/, $query_string); foreach $key_value (@key_value_pairs) { ($key, $value) = split (/=/, $key_value); $value =~ tr/+/ /; $value =~ s/%([\dA-Fa-f][\dA-Fa-f])/pack ("C", hex ($1))/eg; if (defined($FORM_DATA{$key})) { $FORM_DATA{$key} = join ("\0", $FORM_DATA{$key}, $value); } else { $FORM_DATA{$key} = $value; } } return %FORM_DATA; } sub return_error { my ($status, $keyword, $message) = @_; print "Content-type: text/html", "\n"; print "Status: ", $status, " ", $keyword, "\n\n"; print <CGI Program - Unexpected Error

$keyword

$message Please contact webmaster for more information. End_of_Error exit(1); } 1;