#!/usr/local/bin/perl # mymod.pm package mymod; use CGI qw(:all); use DBI; require Exporter; @ISA = qw(Exporter); @EXPORT = qw(); @EXPORT_OK = qw(dbconnect dienice isadmin getprivilege $cwd $remoteuser $servername); # Database include script print header; # Get current working directory $servername = $ENV{'SERVER_NAME'}; $scriptname = $ENV{'SCRIPT_FILENAME'}; @a = split/\//,$scriptname; pop(@a); # removes the name of the file at the end. $cwd = join '/',@a; $cwd = $cwd . '/'; ####################### if ($servername eq "localhost"){ # Define remote user if working locally $remoteuser = 'me'; $file = 'E:/WAIWeb/mysql_login.txt'; } elsif ($servername eq "www.wilcoxassoc.com"){ # Define remote user when on production server $remoteuser = $ENV{'REMOTE_USER'}; $file = '/var/www/mysql_login.txt'; } else { foreach $key (sort(keys %ENV)){ print ("

$key = $ENV{$key}"); } &dienice("Could not connect to unknown servername of: $servername"); } #### sub isadmin { # This can takes zero or one parameter. # if param is "blocked" or no param, then # it will exit the script via dienice # If param is "check" it will continue running and return # the admin field for that record. my($param)=@_; $dbh=dbconnect(); # print "

Remoteuser: $remoteuser"; ## Grab user info from the table $sth = $dbh->prepare("SELECT * FROM registered WHERE username = ?") or dienice ("Couldn't prepare select statement: $!" . $dbh->errstr); $sth->execute ($remoteuser) or dienice ("Couldn't execute prepared statement $!" . $dbh->errstr); while ($h = $sth->fetchrow_hashref){ %item = %{$h}; $user = $item{username}; # Get their username $name = $item{name}; # Get their name $email = $item{email}; # Get their email $isadmin = $item{admin}; # Get the admin column } if (length($name)<=0) { dienice("There is no username that matches $remoteuser in the database. Use a different username."); } if ($isadmin ne "Y" and $isadmin ne "S") { if ($param ne "check"){ dienice("$name, you do not have priveleges to perform this operation. Your current privilege code is: $isadmin (param is: $param)"); } } return $isadmin; } #### #!/usr/local/bin/perl use CGI qw(:all); use DBI; print header; use lib '/var/www/wilcoxassoc.com/perl/'; use lib 'E:/WAIWeb/Perl/'; use mymod qw(dbconnect dienice isadmin $cwd $remoteuser getprivilege $servername); $query = new CGI; #== Some Variables ==# $title = "Internal Training Area"; $page = "View Sessions"; $viewby = param('viewby'); #Check that remote user is admin or can read the sales repository (code 2). $isadmin = isadmin("check"); $privilege = getprivilege(); if (!$isadmin){ dienice("Admin code for remote user to access this page was found."); } if ($isadmin ne "Y" and $isadmin ne "S" and $privilege ne "2" and $privilege ne "1" ){ dienice("You do not have privileges to access this page."); } else { $dbh=dbconnect(); if ($isadmin ne "Y" and $isadmin ne "S"){ #display normal user template template_header_user(); } else { #display admin template template_header_admin(); } print p,"Testing...Remote User is $remoteuser"; # Returned from mymod.pm print p,"Testing...Privilege is $privilege"; # Returned from mymod.pm print p,"Testing...isadmin is $isadmin"; # Returned from mymod.pm print p,"Testing...servername is $servername"; # Returned from mymod.pm print ""; print "

Welcome to the View Training Sessions page. This page details internal training sessions scheduled for Hexagon Metrology personnel. Click on the links below to get more information about a particular training event.


	View by Descending Date | View by Ascending Date
    ";
    display_contents();
print "";
exit;
}