Original Question:

I have a site that uses PostNuke/Zikula for general access and content management. I was tasked with developing a reporting tool to complement our ticketing system. This tool is Perl CGI based and allows users use web forms to populate data into a database. This data is then used to e-mail reports to select distrobution lists.

My dilemma:
===============================================
While users may generaly input the information correctly, occassionally there are times when a manager asks, "Who placed this crap update into the chain?" I am tired of searching server logs for IP's and usernames for a given timeframe.

My Question:
===============================================
Is there a way to capture the username of the indivdual from the PHP environment so that it can be stored in a "updated_by" field in the DB?

I have tried the $username = $ENV{REMOTE_USER}; but that does me no good as I need to get the PHP username not Apache.

I have spent an hour or so searching here and have not been able to locate a simular request or question.

Any assitance will be greatly appreciated.


Update:
================================================

Thanks to all that offered their advise. Special kudos to "zwon" for the "PHP::Session" reference.

I have worked out what I needed and the code can be found below. Host, DB and table names have been changed to protect the inoccent.

I'm posting the condensed version so that others may learn.....
Basically it does several items:
1 - Calls the users cookie and parses for the users session ID
2 - Postnuke (no called Zikula) stores its session information in the server MySQL DB.
3 - It then takes the session ID calls on the DB for the userID (numeric) from the relevant table.
4 - Then it references another user table for the userID to finally give the username.

Note: PostNuke does not place the UID in the cookie.

5 - If the user is not logged into the PostNuke interface, the userID returned for the session will be a "0".
6 - A sanity check is made and if the user is not logged on they are instructed to do so.
7 - If the user is logged in the name is passed on to the webform as a hidden field so the information can be captured for tracking purposes.

Again thanks for the advice.....

Here is the snippet:
#!/usr/local/bin/perl -w

use DBI;
use PHP::Session;
use CGI::Lite;

($msg, $dbh, $dbu, $sth, $stu, $sql, $uid) = undef;
$session_name = 'POSTNUKESID';

print "Content-type: text/html \n\n";
cookie_parse();
if ( $uid != 0 ) {
    begin_html();
    body_html();
    finish_html();
}
else {
    failure_check();
}

sub begin_html {
    # My header area, saving space not relevant, removed
}

sub finish_html {
    # My footer and /html area, again saving space
}

sub db_connect {
    my $user = "blah";
    my $pass = 'bl@h';
    my ($st) = 0;
    $dbh = DBI->connect("dbi:mysql:host=my.work.host.net", $user, $pas
+s) or die "Database Connection not made: $DBI::errstr\n";
    if ( ! $dbh ) { 
        print "Error opening database:<BR>$DBI::err<BR><BR>$DBI::errst
+r<BR><BR>"; $st++;
    }
    $dbh->do("use MYDB");
    return ($st);
}

sub db_disconnect { 
    $dbh->disconnect();
}

sub cookie_parse {
    $cgi = new CGI::Lite;
    $cookies = $cgi->parse_cookies;
    $session_id = $cookies->{$session_name};
    if ($cookies->{$session_name}) {
        if ( &db_connect() ) { exit (1); }
        ($sth) = $dbh->prepare("select * from my_session_table where s
+ession_id = '$session_id'");
        $sth->execute();
        (@cols) = $sth->fetchrow;
        $uid = $cols[4];
        ($stu) = $dbh->prepare("select * from my_users where user_ids 
+= '$uid'");
        $stu->execute();
        (@colt) = $stu->fetchrow;
    }    
    else {
        print "<br> can't find session cookie $session_name";
    }
    return ();
}

sub body_html {
    #general form information and html code, removed for space
    # Within the form just before the SUBMIT button, I placed the foll
+owing line
    
    print "<INPUT TYPE=\"hidden\" NAME=\"update_uid\" VALUE=$colt[2]><
+/td>","\n";

    #this pulls the "username" at $colt[2] and passes into the posting
+ script along with all the other data from the form.
    #user does not know that their name is being captured (insert evil
+ laugh here).
}

sub failure_check {
    # generic "You are in idiot, please log into the website first" pa
+ge is display'd
}

[download]

In reply to PHP username information by Dranzaz

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.