PERL

•June 24, 2009 • Leave a Comment

#!/usr/bin/perl -w

# print a standard 200-level HTTP header
print “Content-Type:text/html\n\n”;

# if the method is GET it runs the displayform subsystem
# if not it will run the parseform and displayinfo subsystems

if ($ENV{REQUEST_METHOD} eq “GET”)
{
&displayform();
exit;
}
else
{
&parseform();
&displayinfo();
}

sub parseform
{
read(STDIN, $buffer, $ENV{‘CONTENT_LENGTH’});

#break data up on ampersands, and store in array
@pairs = split(/&/, $buffer);

# start a loop to process form data
foreach (@pairs) {
#split field name and value on ‘+’, store in two scalar variables
($key, $value) = split(/=/);
#translate ‘+’ signs back to spaces
$value =~ tr/+/ /;
#translate special characters
$value =~ s/%([a-fA-F0-9][a-fA-f0-9])/pack(“C”, hex($1))/eg;
#store data in hash
$form{$key} = $value;
}
}

# This subroutine will display information recieved from a form
sub displayinfo
{
print qq~

<html><body>
Full Name:           $form{“person”} <br>
Favourite Sport:       $form{“sport”} <br>
Favorite Seneca Course:   $form{“course”} <br>
GPA:               $form{“gpa”} <br>
</body></html>
~;
}

# this subsystem creates the input box’s and stores the STDIN
sub displayform
{
print qq~
<form action=”/cgi-bin-new/perlex11.cgi” method=”POST”>
Full Name:                <input type=”text” name=”person”><br>
Favorite Sport:           <input type=”text” name=”sport”><br>
Favourite Seneca Course:  <input type=”text” name=”course”><br>
Current GPA:              <input type=”text” name=”gpa”><br>
<input type=”submit” value=”Send”>
<input type=”reset” value=”Clear Form”>
</form>
~;
}

Posted in Labs

Connect To Mysql

•June 24, 2009 • Leave a Comment

mysql -h db-mysql.zenit -u int420_092a03 -p inr420_092103

User Name : same as zenit account

Database : same as zenit account

Password : same as  zenit account

Hostname : db-mysql.zenit

*************************

creating tables

*************************

create table friends ( in int auto_increment not null, lname varchar(25) not null, fname varchar(25) not null, phone varchar(10), email varchar(60), primary key (id) );

Posted in Labs

Log In

•June 24, 2009 • Leave a Comment

#!/usr/bin/perl -w

# Use the DBI (database interface) module
use DBI;
use Digest::MD5 qw(md5_hex md5_base64);

# Declare variables for MySQL Connection
$db=”int420_092a18″;
$user=”int420_092a18″;
$passwd=”41501443″;
$host=”db-mysql.zenit”;
$connectionInfo=”dbi:mysql:$db;$host”;

# Print HTTP header
print “Content-type:text/html\n\n”;

# If first-time display form
if($ENV{REQUEST_METHOD} eq “GET”)
á {
á &displaylogin;
á exit;
á }

# Else process form and verify/display message
else
á {
á &parseform();
á &verify();
á &sendmessage();
á exit;
á }

# Standard form parseing using POST method
sub parseform
á {
á á áread(STDIN, $qstring, $ENV{‘CONTENT_LENGTH’});

á á á á# break data up on ampersands, and store in array
á á á á@pairs = split(/&/, $qstring);

á á á á# start a loop to process form data
á á á áforeach (@pairs) {
á á á á á á á á# split field name and value on ‘=’, and store in two scalar variables
á á á á á á á á($key, $value) = split(/=/);
á á á á á á á á# translate ‘+’ signs back to spaces
á á á á á á á á$value =~ tr/+/ /;
á á á á á á á á# translate special characters
á á á á á á á á$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
á á á á á á á á# store data in hash
á á á á á á á á$form{$key} = $value;
á á á á á á á á# now the data is stored in a hash %form
á á á á}
á }

sub displaylogin
á {
á print qq~
á á á á<html>
á á á á<head>
á á á á<title>Login Page</title>
á á á á</head>
á á á á<body>
á á á á<form action=”login.cgi” method=post>
á á á á<center>
á á á á<h2>Enter Your Username and Password</h2>
á á á áUser Name: <input type=text name=name value=”$form{name}”>
á á á á$errors{name}
á á á á<br>
á á á áPassword: <input type=password name=password>
á á á á$errors{password}
á á á á<br>
á á á á<input type=submit value=”Insert” name=Insert>
á á á á<input type=reset value=Reset name=reset>
á á á á</form>
á á á á</body>
á á á á</html>
á á á á~;
á }

sub verify
á {
á # Form SQL Select statements to select users record from table
á # Note the where clause
á $select = qq~select id,name,password from users
á á á á á á where name = ‘$form{name}’~;

á # Connect to MySQL and create Database Handler $dbh
á $dbh=DBI->connect($connectionInfo,$user,$passwd);
á # Prepare MySQL statement and create Statement Handler $sth
á $sth=$dbh->prepare($select);
á # Execute Statement Handler and test for success
á $sth->execute();

á# Test if row found in select
áif(@row = $sth->fetchrow_array())
á á á á{
á á á á# If row found compare encrypted passwords
á á á á$cryptpasswd = md5_base64($form{password});
á á á á á if($cryptpasswd ne $row[2])
á á á á á {
á á á á á $errors{password} = “Incorrect password”;
á á á á á &displaylogin;
á á á á á exit;
á á á á á }
á á á á}
áelse
á á á á{
á á á á# If row not found display username not found
á á á á$errors{name} = “User name not found”;
á á á á&displaylogin;
á á á áexit;
á á á á}
}

sub sendmessage
á á á á{
á á á áprint qq~
á á á á<html><head><title>Login Successful!</title></head>
á á á á<body><h2>Login Successful!!!</h2></body>
á á á á</html>
á á á á~;
á á á á}

Posted in Labs

Register

•June 24, 2009 • Leave a Comment

#!/usr/bin/perl -w

# Use the DBI (database interface) module

use DBI;
use Digest::MD5 qw(md5_hex md5_base64);

# Declare variables for MySQL Connection
$db=”int420_092a18″;
$user=”int420_092a18″;
$passwd=”41501443″;
$host=”db-mysql.zenit”;
$connectionInfo=”dbi:mysql:$db;$host”;

# Print HTTP header
print “Content-type:text/html\n\n”;

# If first-time display form
if($ENV{REQUEST_METHOD} eq “GET”)
á {
á &displayform;
á exit;
á }

# Else process form and insert into DB
else
á {
á &parseform();
á &verifyform();
á &insertuser();
á exit;
á }

# Standard form parseing using POST method
sub parseform
á {
á á áread(STDIN, $qstring, $ENV{‘CONTENT_LENGTH’});

á á á á# break data up on ampersands, and store in array
á á á á@pairs = split(/&/, $qstring);

á á á á# start a loop to process form data
á á á áforeach (@pairs) {
á á á á á á á á# split field name and value on ‘=’, and store in two scalar variables
á á á á á á á á($key, $value) = split(/=/);
á á á á á á á á# translate ‘+’ signs back to spaces
á á á á á á á á$value =~ tr/+/ /;
á á á á á á á á# translate special characters
á á á á á á á á$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
á á á á á á á á# store data in hash
á á á á á á á á$form{$key} = $value;
á á á á á á á á# now the data is stored in a hash %form
á á á á}
á }

sub insertuser
á {
á $cryptpasswd = md5_base64($form{password});

á á á# SQL insert statement into register table
á $insert = qq~insert users (name, password)
á á á ávalues(‘$form{name}’,'$cryptpasswd’)~;

á á á á#Connect to MySQL and create Database Handler $dbh
á á á á$dbh=DBI->connect($connectionInfo,$user,$passwd);

á á á á#Prepare MySQL statement and create Statement Handler $sth
á á á á$sth=$dbh->prepare($insert);

á á á á#Execute Statement Handler and test for success
á á á áif($sth->execute())
á á á á á {
á á á á á &displaysuccess;
á á á á á }
á á á áelse
á á á á á {
á á á á á &displayfail;
á á á á á }

á á á á#Disconnect database
á á á á$dbh->disconnect();
á á á á}

á á á ásub displaysuccess
á á á á á {
á á á á á print qq~<html>\n
á á á á á á á<head>
á á á á á á á<title>Registration Successful</title>
á á á á á á á</head>
á á á á á á á<body>
á á á á á á á<h2>Information Added</h2>
á á á á á á á</body>
á á á á á á á</html>
á á á á á á á~;
á á á á á á}

á á á ásub displayfail
á á á á á {
á á á á á print qq~<html>\n
á á á á á á á<head>
á á á á á á á<title>Registration Failed</title>
á á á á á á á</head>
á á á á á á á<body>
á á á á á á á<h2>Failure, please try again<h2>
á á á á á á á</body>
á á á á á á á</html>
á á á á á á á~;
á á á á á á}

sub displayform
á {
á print qq~
á á á á<html>
á á á á<head>
á á á á<title>Register User</title>
á á á á</head>

á á á á<body>

á á á á<form action=”register.cgi” method=post>

á á á á<center>
á á á á<h2>Register a User and Password</h2>
á á á áUser Name: <input type=text name=name value=”$form{name}”>
á á á á$errors{name}
á á á á<br>
á á á á<i>Username should be all lowercase and 8 chars or less</i>
á á á á<br>
á á á á<br>
á á á áPassword: <input type=password name=password>
á á á á$errors{password}
á á á á<br>
á á á áRetype Password: <input type=password name=password2>
á á á á$errors{password2}
á á á á<br>
á á á á<input type=submit value=”Insert” name=Insert>
á á á á<input type=reset value=Reset name=reset>
á á á á</form>
á á á á</body>
á á á á</html>
á á á á~;
}

sub verifyform
á {
á $missing = 0;
á # Test for username between 2 and 8 alphanumerics
á if($form{‘name’} !~ /^[a-z0-9]{2,8}$/)
á á á á{
á á á á$errors{‘name’} = “Please enter up to 8 character username”;
á á á á$missing = 1;
á á á á}
á else
á á á á{
á á á á# Test for existing username in table
á á á á$select = qq~select name from users where name = ‘$form{name}’~;
á á á á$dbh=DBI->connect($connectionInfo,$user,$passwd);
á á á á$sth=$dbh->prepare($select);
á á á á$sth->execute();

á á á áif(@row = $sth->fetchrow_array())
á á á á á {
á á á á á $errors{‘name’} = “Name already registered”;
á á á á á $missing = 1;
á á á á á }
á á á áelse
á á á á á{
á á á á á$errors{‘name’} = “”;
á á á á á}
á á á á}

# Test for password between 6 and 10 alphanumerics
if ($form{‘password’} !~ /^[a-z0-9A-Z]{6,10}$/)
á {
á $errors{‘password’} = “Enter 6 to 10 character password”;
á $missing = 1;
á }
else
á {
á $errors{‘password’} = “”;
á }

# Test for password entered twice
if ($form{‘password’} ne $form{password2})
á {
á $errors{‘password2′} = “Passwords dont match”;
á $missing = 1;
á }
else
á {
á $errors{‘password2′} = “”;
á }
if($missing == 1)
á {
á &displayform;
á exit;
á }
}

Posted in Labs

Stage 1

•June 24, 2009 • Leave a Comment

#!/usr/bin/perl -w

#Use the DBI (data interface) module
use DBI;

# Declare MySQL variables and connection information
$db=”int420_092a18″;
$user=”int420_092a18″;

$passwd=”41501443″;
$host=”db-mysql.zenit”;
$connectionInfo=”dbi:mysql:$db;$host”;

# Print HTTP header
print “Content-type:text/html\n\n”;

# If the request method is GET display the form
if ($ENV{REQUEST_METHOD} eq “GET”)
{
&displayform();
exit;
}

# If the request method is POST parse form, verify it, and then insert into MySQL table
if ($ENV{REQUEST_METHOD} eq “POST”)
{
&parseform();
&verifyform();
&insertregister();
exit;
}

# POST Form Sub-Routine

sub displayform
{
print qq~ <html><head><title>User Registration</title></head>
<body>
<form action=”stage1.cgi” method=post>
<center>
<h2>User Registration</h2>
Login Name: <input type=text name=login value=”$form{login}”> $errors{login}
<br>
Password: <input type=password name=passwd value=”$form{passwd}”> $errors{passwd}
<br>
Retype Password: <input type=password name=passwd2 value=”$form{passwd2}”> $errors{passwd2}
<br>
First Name: <input type=text name=fname value=”$form{fname}”> $errors{fname}
<br>
Last Name: <input type=text name=lname value=”$form{lname}”> $errors{lname}
<br>
Department: <input type=text name=dept value=”$form{dept}”> $errors{dept}
<br>
Phone: <input type=text name=phone value=”$form{phone}”> $errors{phone} (No Dashes Please)
<br>
Email: <input type=text name=email value=”$form{email}”> $errors{email}
<br>
<input type=submit value=Submit name=submit>
<input type=reset value=Reset name=reset>
</form>
</body>
</html> ~;
}

# Sub-routine for parsing the POST form

sub parseform
{
read(STDIN, $qstring, $ENV{‘CONTENT_LENGTH’});

# break data up on ampersands, and store in array
@pairs = split(/&/, $qstring);

# start a loop to process form data
foreach (@pairs) {
# split field name and value on ‘=’, and store in two scalar variables
($key, $value) = split(/=/);
# translate ‘+’ signs back to spaces
$value =~ tr/+/ /;
# translate special characters
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
# store data in hash
$form{$key} = $value;
# now the data is stored in a hash %form
}
}

sub verifyform
{
# Create variable missing stored with 0 value
$missing = 0;

# If any field in the form is blank, $missing =1 and error message is stored
foreach (keys %form)
{
if ($form{$_} eq “”)
{
$errormsg = “Please enter in all fields to register”;
$missing = 1;  ###If there is missing data set the missing flag to 1
}
# If no fields are blank the error message is also blank.
elsif ($form{passwd} ne $form{passwd2})
{
$errors{passwd} = “Password’s don’t match”;
$missing = 1;
}
else
{
$errormsg = “”;
}
$errors{$_}=$errormsg;  # Loads the error message into the errors hash
}

if ($missing == 1) # Resends form if any fields are blank
{
&displayform;
exit;
}
}

sub insertregister
{

# SQL insert statement into register table
$insert = qq~insert register (login, passwd, fname, lname, dept, phone, email)
values(‘$form{login}’,'$form{passwd}’,'$form{fname}’,'$form{lname}’,'$form{dept}’,'$form{phone}’,'$form{email}’)~;

#Connect to MySQL and create Database Handler $dbh
$dbh=DBI->connect($connectionInfo,$user,$passwd);

#Prepare MySQL statement and create Statement Handler $sth
$sth=$dbh->prepare($insert);

#Execute Statement Handler and test for success
if($sth->execute())
{
&displaysuccess;
&showfriends;
}
else
{
&displayfail;
}

#Disconnect database
$dbh->disconnect();
}

sub displaysuccess
{
print qq~<html>\n
<head>
<title>Registration Successful</title>
</head>
<body>
<h2>Information Added</h2>
</body>
</html>
~;
}

sub displayfail
{
print qq~<html>\n
<head>
<title>Registration Failed</title>
</head>
<body>
<h2>Failure, please try again<h2>
</body>
</html>
~;
}

Posted in Labs

Taint 2 Sec.

•June 24, 2009 • Leave a Comment

#!/usr/bin/perl -wT

$ENV{“PATH”} = “”;
print “Content-Type:text/html\n\n”;

if ($ENV{REQUEST_METHOD} eq “GET”)
{
&printform;
exit;
}
#ELSE PROCESS THE FORM AND INSERT INTO THE DATABASE
else
{
&parseform;
&emptyform;
&submitform;
exit;
}

######################
sub emptyform
{
$missing = 0;     #INITIALIZE THE MISSING FLAG TO BE ZERO

foreach (keys %form)
{
if ($form{$_} eq “”)
{
$errormsg = “Please Enter Something”;
$missing = 1;         #IF THERE IS MISSING DATA SET THE FLAG TO 1
}
else
{
$errormsg = “”;
}
$errors{$_}=$errormsg;        #LOAD THE %error HASH WITH THE ERROR MESSAGE
}
if ($form{‘address’} !~ /^(([a-zA-Z0-9_\-\.]+)@([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5}){1,60})$/)
{
$addresserror = “The Format of you email address is incorrect.\n”;
$missing = 1;
}
if ($missing == 1)     #IF FLAG IS SET TO 1 THEN RESEND THE FORM AND EXIT
{
&printform;
print qq~$errors{‘address’} <br> $addresserror ~;
exit;
}
}
#########################################
sub submitform
{
if ($form{‘address’} =~ /^(([a-zA-Z0-9_\-\.]+)@([a-zA-Z0-9_\-\.]+))$/)
{
&sender;
$email = $1;
system(“/bin/mail -s ‘message’ $email  < /home/int420_091b02/newhttpd/cgi-bin/message.txt”);
print “EMAIL SENT to:  $1″
}
}

sub sender
{
print “<html><head><title>sender</title</head>\n”;
print “<body><p>\n”;
print “The sender is $form{address}\n”;
print “<br><br>”;
print “</p></body></html>\n”;
}

########################
sub printform
{
print qq~
<?xml version=”1.0″ encoding=”iso-8859-1″?>
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<title>Taint 1 SECURED</title>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″ />
</head>

<body>
<form method=”post” action=”taint1secure.pl”>
<p>What is you email address:
<input type=”text” name=”address”> gsbains3@ learn.senecac.on.ca
</p>
<p>

<input type=”submit” name=”Submit” value=”send address” />
</p>
<br>
</form>
</body>
</html>
~;

}

###########################

sub parseform
{
read(STDIN, $buffer, $ENV{‘CONTENT_LENGTH’});

#BREAK THEDATA UP BY AMPERSANDS &&&&; AND STORE IT IN AN ARRAY
@pairs = split(/&/, $buffer);

#START A LOOP TO PROCESS FORM DATA
foreach $pair (@pairs) {
($key, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
$form{$key} = $value;
}
}

Posted in Labs

Taint

•June 24, 2009 • Leave a Comment

#!/usr/bin/perl -w
#@mail_to = split(/=/, $ENV{QUERY_STRING});
#$mail_to[1] = s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
#$mail_to[1] = tr/+/ /;
#$mail_to[1] = ‘gsbains3@senecac.on.ca’;
#GET DATA FROM THE ENVIRONMENT VARIABLE
$qstring = $ENV{‘QUERY_STRING’};

#BREAK THEDATA UP BY AMPERSANDS &&&&; AND STORE IT IN AN ARRAY
@pairs = split (/&/, $qstring);

#START A LOOP TO PROCESS FORM DATA
foreach (@pairs) {

#split field name and value on ‘=’, store in two scalar variables
($key, $value) = split (/=/);
#translate ‘+’ signs back to spaces
$value =~ tr/+/ /;
#translate special character
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
#store data in hash
$form{$key} = $value;
}

`mail -s “message” $form{address} < message.txt`;

print “Content-Type:text/html\n\n”;

print “<head><title>sender</title</head>\n”;
print “<body><p>\n”;
print “The sender is $form{address}\n”;
#print “The Value of QSTRING is:  $qstring\n”;
print “</p></body>\n”;

Posted in Labs

Form Data Var.

•June 24, 2009 • Leave a Comment

#!/usr/bin/perl -wT

##################################################
# PROGRAM:      FORM PROCESSING AND VERIFICATION
# DESCRIPTION:  THIS CGI WILL VERIFY USER INPUT AGAINST PREDEFINED CRITERIA
##################################################

### OPTIONS ###
###############
use strict;

### VARIABLE DECLARATIONS ###
#############################
my %ERRORS;   #HOLD ERRORS FOR REQURIED FIELD CHECK
my %FORM;     #WILL HOLD ALL FORM DATA

#HOLDS ALL FORM FIELDS
my %FIELDS = (
“username” => “Username”,
“password” => “Password”,
“repassword” => “Re-Type-Password”,
“fname” => “First Name”,
“lname” => “Last Name”,
“street” => “Street”,
“city” => “City”,
“province” => “Province”,
“country” => “Country”,
“postal” => “Postal/ZipCode”,
“email” => “E-Mail”,
“phone” => “Phone Number”
);

#HOLDS REG EXP’S MATCHING DESIRED INPUT FOR EACH FORM FIELD
my %PATTERNS = (
“username” => ‘^[A-Za-z0-9]{6,10}$’,
“password” => ‘^[A-Za-z0-9]{6,}$’,
“repassword” => “$FORM{password}”,
“fname” => ‘^[a-zA-Z]+(([\'\,\.\-][a-zA-Z])?[a-zA-Z]*)*$’,
“lname” => ‘^[a-zA-Z]+(([\'\,\.\-][a-zA-Z])?[a-zA-Z]*)*$’,
“street” => ‘^[0-9A-Za-z \.\,\'\-]{2,60}$’,
“city” => ‘^[A-Za-z \'\-]{2,60}$’,
“province” => ‘^[A-Za-z \'\-]{2,60}$’,
“country” => ‘^(Canada|USA)$’,
“postal” => ‘^(([0-9]{5}-[0-9]{4})|([0-9]{5})|([AaBbCcEeGgHhJjKkLlMmNnPpRrSsTtVvXxYy][0-9][A-Za-z][ ]?[0-9][A-Za-z][0-9]))$’,
“email” => ‘^(([a-zA-Z0-9_\-\.]+)@([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5}){1,60})$’,
“phone” => ‘^[0-9]{3}-[0-9]{3}-[0-9]{4}$’
);

#DETERMINS THE PROCESS IN WHICH FORM FIELDS ARE PRINTED/PROCESSED
my @formSequence = (“username”, “password”, “repassword”, “fname”, “lname”, “street”, “city”, “province”, “postal”, “email”, “phone”);

### HTTP HEADER ###
###################
print “Content-Type: text/html;charset=ISO-8859-1\n\n”;

### XHTML PAGE HEADINGS ###
###########################
&startXHTML;

if ($ENV{REQUEST_METHOD} eq “POST”)
{
&readFormData;
if (&checkRequiredFields)
{
print “Form Data Validated Succesfully!”;
}
else
{
&printForm;
foreach (@formSequence)
{
print qq~$ERRORS{$_}<br>~;
}
}
}
else {
&printForm;
}

### XHTML FOOTER ###
####################
&endXHTML;

##############################################
###################### END OF MAIN PROGRAM ###
##############################################

### SUBROUTINES ###
###################

#THIS SUBROUTINE CHECKS THE USER INPUTE
#AND RETURNS 1 IF ALL INPUTS ARE CORRECT, OTHERWISE 0 IS RETURNED

sub checkRequiredFields
{
my $success = 1;

foreach (keys (%FIELDS))
{
if ($FORM{$_} !~ $PATTERNS{$_})
{
$ERRORS{$_} = “ERROR: $FIELDS{$_} IS MISSING OR INCORRECT FORMAT\n”;
$success = 0;
}
}
if ($FORM{repassword} ne $FORM{password})
{
$ERRORS{repassword}=”ERROR: The Passwords Do NOT Match\n”;
$success = 0;
}

return $success;
}

#PRODUCE FORM WITH OPTIONAL ERROR MESSAGES

sub printForm
{
print qq~
<form name=”form1″ method=”post” action=”fdataverif.cgi”>
<p align=”center”>Welcome the FORM DATA VERIFICATION LAB</p>
<table width=”53%” border=”0″ align=”center” cellpadding=”4″>
<tr>
<td><div align=”right”>Username: </div></td>
<td><div align=”left”>
<input name=”username” type=”text” id=”username” value=”$FORM{username}”>
(6-10 Alphanumeric Characters)</div></td>
</tr>
<tr>
<td><div align=”right”>Password: </div></td>
<td><div align=”left”>
<input name=”password” type=”password” id=”password”>
(&gt;=6 Alphanumeric Characters)</div></td>
</tr>
<tr>
<td><div align=”right”>Re-type Password: </div></td>
<td><div align=”left”>
<input name=”repassword” type=”password” id=”repassword”>
</div></td>
</tr>
<tr>
<td><div align=”right”>Firstname: </div></td>
<td><div align=”left”>
<input name=”fname” type=”text” id=”fname” value=”$FORM{fname}”>
</div></td>
</tr>
<tr>
<td><div align=”right”>Lastname: </div></td>
<td><div align=”left”>
<input name=”lname” type=”text” id=”lname” value=”$FORM{lname}”>
</div></td>
</tr>
<tr>
<td><div align=”right”>Street Address: </div></td>
<td><div align=”left”>
<input name=”street” type=”text” id=”street” value=”$FORM{street}”>
</div></td>
</tr>
<tr>
<td><div align=”right”>City: </div></td>
<td><div align=”left”>
<input name=”city” type=”text” id=”city” value=”$FORM{city}”>
</div></td>
</tr>
<tr>
<td><div align=”right”>State/Province: </div></td>
<td><div align=”left”>
<input name=”province” type=”text” id=”province” value=”$FORM{province}”>
</div></td>
</tr>
<tr>
<td><div align=”right”>Country: </div></td>
<td><div align=”left”>
<select name=”country” id=”country”>
<option value=”USA”>USA</option>
<option value=”CANADA”>CANADA</option>
</select>
</div></td>
</tr>
<tr>
<td><div align=”right”>Postal Code: </div></td>
<td><div align=”left”>
<input name=”postal” type=”text” id=”postal” value=”$FORM{postal}”>
(USA: 12345-1234; CANADA: A1A1A1)</div></td>
</tr>
<tr>
<td><div align=”right”>E-mail Address: </div></td>
<td><div align=”left”>
<input name=”email” type=”text” id=”email” value=”$FORM{email}”>
</div></td>
</tr>
<tr>
<td><div align=”right”>Phone Number: </div></td>
<td><div align=”left”>
<input name=”phone” type=”text” id=”phone” value=”$FORM{phone}” > ###-###-####
</div></td>
</tr>

<tr>
<td><div align=”right”>
<input type=”submit” name=”save” value=”Register”>
</div></td>
<td><div align=”left”>
<input type=”reset” name=”Submit2″ value=”Reset” >
</div></td>
</tr>
<tr>
<td><div align=”left”> </div></td>
</tr>
</table>
<p align=”center”>* – All fields are required</p>
</form>
~;
}

#THIS SUBROUTINE WILL GENERASTE XHTML-COMPLIANT PAGE HEADERS
sub startXHTML
{
print qq~
<?xml version=”1.0″ encoding=”iso-8859-1″?>
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<title>FORM DATA VERIFICATION</title>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″ />
</head>

<body>
~;
}

#THIS SUBROUTINE WILL GENERATE XHTML COMPLAITE FOOTERS
sub endXHTML
{
print qq~</body></html>\n~;
}

#PARSE THE FORM DATA
sub readFormData
{
# read(STDIN, my $input, $ENV{‘CONTENT_LENGTH’});
my $input = <>;
#BREAK THEDATA UP BY AMPERSANDS &&&&; AND STORE IT IN AN ARRAY
my @pairs = split(/&/, $input);
my ($name, $value);
#START A LOOP TO PROCESS FORM DATA
foreach (@pairs)
{
($name, $value) = split(/=/, $_);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
$FORM{$name} = $value;
}
}
#####################################
~; } } } else { &printForm; } ### XHTML FOOTER ### #################### &endXHTML; ############################################## ###################### END OF MAIN PROGRAM ### ############################################## ### SUBROUTINES ### ################### #THIS SUBROUTINE CHECKS THE USER INPUTE #AND RETURNS 1 IF ALL INPUTS ARE CORRECT, OTHERWISE 0 IS RETURNED sub checkRequiredFields { my $success = 1; foreach (keys (%FIELDS)) { if ($FORM{$_} !~ $PATTERNS{$_}) { $ERRORS{$_} = “ERROR: $FIELDS{$_} IS MISSING OR INCORRECT FORMAT\n”; $success = 0; } } if ($FORM{repassword} ne $FORM{password}) { $ERRORS{repassword}=”ERROR: The Passwords Do NOT Match\n”; $success = 0; } return $success; } #PRODUCE FORM WITH OPTIONAL ERROR MESSAGES sub printForm { print qq~

Welcome the FORM DATA VERIFICATION LAB

Username:
(6-10 Alphanumeric Characters)
Password:
(>=6 Alphanumeric Characters)
Re-type Password:
Firstname:
Lastname:
Street Address:
City:
State/Province:
Country:
USA CANADA
Postal Code:
(USA: 12345-1234; CANADA: A1A1A1)
E-mail Address:
Phone Number:
###-###-####

* – All fields are required

~; } #THIS SUBROUTINE WILL GENERASTE XHTML-COMPLIANT PAGE HEADERS sub startXHTML { print qq~ FORM DATA VERIFICATION ~; } #THIS SUBROUTINE WILL GENERATE XHTML COMPLAITE FOOTERS sub endXHTML { print qq~\n~; } #PARSE THE FORM DATA sub readFormData { # read(STDIN, my $input, $ENV{‘CONTENT_LENGTH’}); my $input = <>; #BREAK THEDATA UP BY AMPERSANDS &&&&; AND STORE IT IN AN ARRAY my @pairs = split(/&/, $input); my ($name, $value); #START A LOOP TO PROCESS FORM DATA foreach (@pairs) { ($name, $value) = split(/=/, $_); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg; $FORM{$name} = $value; } } #####################################

Posted in Labs

Friends Mysql 3

•June 24, 2009 • Leave a Comment

#!/usr/bin/perl -w

#USE THE DBI (DATABSE INTERFACE) MODULE
use DBI;

#DECLARE VARIABLES WITH MYSQL CONNECTION DATA
$db=”int420_091b02″;
$user=”int420_091b02″;

$passwd=”21450705″;
$host=”db-mysql.zenit”;
$connectionInfo=”dbi:mysql:$db;$host”;

#PRINT HTTP HEADER
print “Content-Type:text/html\n\n”;

#DISPLAY THE FORM THE FIRST TIME THE SCRIPT IS RUN
if ($ENV{REQUEST_METHOD} eq “GET”)
{
&showfriends;
&displayform();
exit;
}
#ELSE PROCESS THE FORM AND INSERT INTO THE DATABASE
else
{
&parseform();
&verifyform;
&insertfriend();
exit;
}

######################################
######      SUB ROUTINES        ######
######################################

#STANDARD FORM PARSING USING “POST” METHOD
sub parseform
{
read(STDIN, $buffer, $ENV{‘CONTENT_LENGTH’});

#BREAK THEDATA UP BY AMPERSANDS &&&&; AND STORE IT IN AN ARRAY
@pairs = split(/&/, $buffer);

#START A LOOP TO PROCESS FORM DATA
foreach $pair (@pairs) {
($key, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
$form{$key} = $value;
}
}

#################################

#INSERTING DATA INTO THE friends TABLE
sub insertfriend
{
#FORM SQL INSERT STATEMENT
$insert = qq~insert friends (lname, fname, phone, email) values (‘$form{lname}’, ‘$form{fname}’, ‘$form{phone}’, ‘$form{email}’)~;

#CONNECT TO THE MYSQL DATABASE AND CREATE A DATABASE HANDLER $dbh
$dbh=DBI->connect($connectionInfo,$user,$passwd);

#PREPARE THE MYSQL INSERT STATEMENT AND CREATE A STATEMENT HANDLER $sth
$sth=$dbh->prepare($insert);

#EXECUTE THE STATEMENT HANDLER AND TEST FOR SUCCESS
if ($sth->execute())
{
&showfriends;
&displaysuccess;
}
else
{
&displayfail;
}

#DISCONNECT DATABASE
$dbh->disconnect();

}

##############################

sub displaysuccess
{
print qq~
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
<html>
<head>
<title>MY FRIENDS</title>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″>
</head>

<body>
RECORD ADDED!!!!!!!!
</body>
</html>
~;

}

##############################

sub displayfail
{
print qq~
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
<html>
<head>
<title>MY FRIENDS</title>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″>
</head>

<body>
Record <b>NOT</b> Added!!!!!!!!
</body>
</html>
~;

}

##############################

sub displayform
{
print qq~
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
<html>
<head>
<title>My Friends</title>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″>
</head>

<body>
<div align=”center”>
<form name=”form1″ method=”post” action=”friends3-mysql.cgi”>
<table width=”80%” border=”0″>
<tr>
<td width=”45%”><div align=”right”>Last Name: </div></td>
<td width=”100%”><div align=”left”>
<input type=”text” name=”lname” value=”$form{lname}”>  $errors{lname}
</div></td>
</tr>
<tr>
<td><div align=”right”>First Name: </div></td>
<td><div align=”left”>
<input type=”text” name=”fname” value=”$form{fname}”>  $errors{fname}
</div></td>
</tr>
<tr>
<td><div align=”right”>Phone Number: </div></td>
<td><div align=”left”>
<input type=”text” name=”phone” value=”$form{phone}”>
(10 digits only please) $errors{phone}</div></td>
</tr>
<tr>
<td><div align=”right”>E-mail: </div></td>
<td><div align=”left”>
<input type=”text” name=”email” value=”$form{email}”>  $errors{email}
</div></td>
</tr>
<tr>
<td><div align=”right”>
<input type=”submit” name=”Submit” value=”send”>
</div></td>
<td><div align=”left”>
<input type=”reset” name=”Reset” value=”reset”>
</div></td>
</tr>
</table>
</form>
</div>
</body>
</html>

~;

}

#################################

#THIS SUB ROUTINE USES A SELECT STATEMENT TO DISPLAY THE CONTENTS OF THE friends TABLE
sub showfriends
{
#START HTML TABLE
print qq~
<?xml version=”1.0″ encoding=”iso-8859-1″?>
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<title>Untitled Document</title>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″ />
</head>

<body>
<table width=”50%” border=”1″>
<tr>
<th>ID</th>
<th>Last Name</th>
<th>First Name</th>
<th>Phone Number</th>
<th>E-mail</th>
</tr>

~;

#FORM SQL SELECT STATEMENT
$select = qq~select id, lname, fname, phone, email from friends~;

#CONNECT TO THE MYSQL DATABASE AND CREATE A MYSQL HANDLER $dbh
$dbh=DBI->connect($connectionInfo,$user,$passwd);

#PREPARE MYSQL STETEMENT AND CREATE STATEMENT HANDLER $sth
$sth=$dbh->prepare($select);

#EXECUTE SELECT STATEMENT
$sth->execute();

#LOOP THROUGH EACH RECORD AND PRINT IN AN HTML TABLE
while (@row=$sth->fetchrow_array())
{
print qq~
<tr>
<td>$row[0]</td>
<td>$row[1]</td>
<td>$row[2]</td>
<td>$row[3]</td>
<td>$row[4]</td>
</tr>
~;
}
#CLOSE HTML TABLE
print qq~
</table>
</body>
</html>
~;

#CLOSE CONNECTION TO THE MYSQL DATABASE
$dbh->disconnect();

}

###############################

#THIS SUB ROUTINE CREATES A HASH CALLED %errors THAT HAS THE SAME LIST OF KEYS AS THE %form HASH. THE VALUES OF HTE %errors HASH ARE THE ERROR MESSAGES TO BE DISPLAYED

sub verifyform
{
$missing = 0;     #INITIALIZE THE MISSING FLAG TO BE ZERO

foreach (keys %form)
{
if ($form{$_} eq “”)
{
$errormsg = “Please enter the data for the required field”;
$missing = 1;         #IF THERE IS MISSING DATA SET THE FLAG TO 1
}
else
{
$errormsg = “”;
}
$errors{$_}=$errormsg;          #LOAD THE %error HASH WITH THE ERROR MESSAGE
}
if ($missing == 1)     #IF FLAG IS SET TO 1 THEN RESEND THE FORM AND EXIT
{
&displayform;
exit;
}
}

Last Name:
$errors{lname}
First Name:
$errors{fname}
Phone Number:
(10 digits only please) $errors{phone}
E-mail:
$errors{email}

~; } ################################# #THIS SUB ROUTINE USES A SELECT STATEMENT TO DISPLAY THE CONTENTS OF THE friends TABLE sub showfriends { #START HTML TABLE print qq~ Untitled Document

~; #FORM SQL SELECT STATEMENT $select = qq~select id, lname, fname, phone, email from friends~; #CONNECT TO THE MYSQL DATABASE AND CREATE A MYSQL HANDLER $dbh $dbh=DBI->connect($connectionInfo,$user,$passwd); #PREPARE MYSQL STETEMENT AND CREATE STATEMENT HANDLER $sth $sth=$dbh->prepare($select); #EXECUTE SELECT STATEMENT $sth->execute(); #LOOP THROUGH EACH RECORD AND PRINT IN AN HTML TABLE while (@row=$sth->fetchrow_array()) { print qq~

~; } #CLOSE HTML TABLE print qq~

ID Last Name First Name Phone Number E-mail
$row[0] $row[1] $row[2] $row[3] $row[4]

~; #CLOSE CONNECTION TO THE MYSQL DATABASE $dbh->disconnect(); } ############################### #THIS SUB ROUTINE CREATES A HASH CALLED %errors THAT HAS THE SAME LIST OF KEYS AS THE %form HASH. THE VALUES OF HTE %errors HASH ARE THE ERROR MESSAGES TO BE DISPLAYED sub verifyform { $missing = 0; #INITIALIZE THE MISSING FLAG TO BE ZERO foreach (keys %form) { if ($form{$_} eq “”) { $errormsg = “Please enter the data for the required field”; $missing = 1; #IF THERE IS MISSING DATA SET THE FLAG TO 1 } else { $errormsg = “”; } $errors{$_}=$errormsg; #LOAD THE %error HASH WITH THE ERROR MESSAGE } if ($missing == 1) #IF FLAG IS SET TO 1 THEN RESEND THE FORM AND EXIT { &displayform; exit; } }

Posted in Labs

Friends Mysql 2

•June 24, 2009 • Leave a Comment

#!/usr/bin/perl -w

#USE THE DBI (DATABSE INTERFACE) MODULE
use DBI;

#DECLARE VARIABLES WITH MYSQL CONNECTION DATA
$db=”int420_091b02″;
$user=”int420_091b02″;

$passwd=”21450705″;
$host=”db-mysql.zenit”;
$connectionInfo=”dbi:mysql:$db;$host”;

#PRINT HTTP HEADER
print “Content-Type:text/html\n\n”;

#DISPLAY THE FORM THE FIRST TIME THE SCRIPT IS RUN
if ($ENV{REQUEST_METHOD} eq “GET”)
{
&showfriends;
&displayform();
exit;
}
#ELSE PROCESS THE FORM AND INSERT INTO THE DATABASE
else
{
&parseform();
&insertfriend();
exit;
}

######################################
######      SUB ROUTINES        ######
######################################

#STANDARD FORM PARSING USING “POST” METHOD
sub parseform
{
read(STDIN, $buffer, $ENV{‘CONTENT_LENGTH’});

#BREAK THEDATA UP BY AMPERSANDS &&&&; AND STORE IT IN AN ARRAY
@pairs = split(/&/, $buffer);

#START A LOOP TO PROCESS FORM DATA
foreach $pair (@pairs) {
($key, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack(“C”, hex($1))/eg;
$form{$key} = $value;
}
}

#################################

#INSERTING DATA INTO THE friends TABLE
sub insertfriend
{
#FORM SQL INSERT STATEMENT
$insert = qq~insert friends (lname, fname, phone, email) values (‘$form{lname}’, ‘$form{fname}’, ‘$form{phone}’, ‘$form{email}’)~;

#CONNECT TO THE MYSQL DATABASE AND CREATE A DATABASE HANDLER $dbh
$dbh=DBI->connect($connectionInfo,$user,$passwd);

#PREPARE THE MYSQL INSERT STATEMENT AND CREATE A STATEMENT HANDLER $sth
$sth=$dbh->prepare($insert);

#EXECUTE THE STATEMENT HANDLER AND TEST FOR SUCCESS
if ($sth->execute())
{
&showfriends;
&displaysuccess;
}
else
{
&displayfail;
}

#DISCONNECT DATABASE
$dbh->disconnect();

}

##############################

sub displaysuccess
{
print qq~
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
<html>
<head>
<title>MY FRIENDS</title>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″>
</head>

<body>
RECORD ADDED!!!!!!!!
</body>
</html>
~;

}

##############################

sub displayfail
{
print qq~
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
<html>
<head>
<title>MY FRIENDS</title>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″>
</head>

<body>
Record <b>NOT</b> Added!!!!!!!!
</body>
</html>
~;

}

##############################

sub displayform
{
print qq~
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
<html>
<head>
<title>My Friends</title>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″>
</head>

<body>
<div align=”center”>
<form name=”form1″ method=”post” action=”friends2-mysql.cgi”>
<table width=”50%” border=”0″>
<tr>
<td width=”45%”><div align=”right”>Last Name: </div></td>
<td width=”55%”><div align=”left”>
<input type=”text” name=”lname”>
</div></td>
</tr>
<tr>
<td><div align=”right”>First Name: </div></td>
<td><div align=”left”>
<input type=”text” name=”fname”>
</div></td>
</tr>
<tr>
<td><div align=”right”>Phone Number: </div></td>
<td><div align=”left”>
<input type=”text” name=”phone”>
(10 digits only please) </div></td>
</tr>
<tr>
<td><div align=”right”>E-mail: </div></td>
<td><div align=”left”>
<input type=”text” name=”email”>
</div></td>
</tr>
<tr>
<td><div align=”right”>
<input type=”submit” name=”Submit” value=”send”>
</div></td>
<td><div align=”left”>
<input type=”reset” name=”Reset” value=”reset”>
</div></td>
</tr>
</table>
</form>
</div>
</body>
</html>

~;

}

#################################

sub showfriends
{
#START HTML TABLE
print qq~
<?xml version=”1.0″ encoding=”iso-8859-1″?>
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<title>Untitled Document</title>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″ />
</head>

<body>
<table width=”50%” border=”1″>
<tr>
<th>ID</th>
<th>Last Name</th>
<th>First Name</th>
<th>Phone Number</th>
<th>E-mail</th>
</tr>

~;

#FORM SQL SELECT STATEMENT
$select = qq~select id, lname, fname, phone, email from friends~;

#CONNECT TO THE MYSQL DATABASE AND CREATE A MYSQL HANDLER $dbh
$dbh=DBI->connect($connectionInfo,$user,$passwd);

#PREPARE MYSQL STETEMENT AND CREATE STATEMENT HANDLER $sth
$sth=$dbh->prepare($select);

#EXECUTE SELECT STATEMENT
$sth->execute();

#LOOP THROUGH EACH RECORD AND PRINT IN AN HTML TABLE
while (@row=$sth->fetchrow_array())
{
print qq~
<tr>
<td>$row[0]</td>
<td>$row[1]</td>
<td>$row[2]</td>
<td>$row[3]</td>
<td>$row[4]</td>
</tr>
~;
}
#CLOSE HTML TABLE
print qq~
</table>
</body>
</html>
~;

#CLOSE CONNECTION TO THE MYSQL DATABASE
$dbh->disconnect();

}

Posted in Labs

« Previous Entries