#!/usr/bin/perl
use strict;
use warnings FATAL=>'all';
use CGI;
use CGI::Carp qw(fatalsToBrowser warningsToBrowser);
use CGI::Session;
use Digest::MD5 qw(md5_hex);
use Data::Dumper;
use DBI;
use XML::Simple;
my %db;
my $xml = new XML::Simple;
my @html;
$0 =~ m|(.*?)/|;
my $path = $1;
my $xmlparse = $xml->XMLin("config.xml");
$db{db} = $xmlparse->{database}{name};
$db{host} = $xmlparse->{database}{host};
$db{user} = $xmlparse->{database}{read}{user};
$db{pass} = $xmlparse->{database}{read}{password};
my $cgi = CGI->new;
my $session = CGI::Session->new or die CGI::Session->errstr;
my %vars = $cgi->Vars;
my %text;
my ($null, @request) = split("/",$ENV{REQUEST_URI});
my @debug;
my $dbh = DBI->connect("DBI:mysql:database=$db{db};host=$db{host}","$db{user}", "$db{pass}", {'RaiseError' => 1}) or die "No connection was made with the mysql: $db{db} database";
debug("Requests: ",@request);
my %preferences;
my $sth_preferences = $dbh->prepare("select * from preferences");
$sth_preferences->execute();
while(my $preference = $sth_preferences->fetchrow_hashref() ){
$preferences{$preference->{attribute}} = $preference->{value};
}
my %articles;
$articles{menu} = ();
my $sth_articles = $dbh->prepare("select * from articles order by menu");
$sth_articles->execute();
while(my $article = $sth_articles->fetchrow_hashref() ){
$articles{$article->{url}} = $article;
if($article->{menu} > 0){
push @{$articles{menu}}, $article->{url};
}
}
my @tmp = $articles{menu};
#$articles{menu} = sort(@tmp);
if ($cgi->param('logout')){
$session->delete();
$session->flush();
print "Location: $preferences{baseURL}/ \n\n";
}else{
print $session->header();
}
#if(defined($request[0]) && $request[0] eq "edit" && !auth() && defined($vars{username}) && defined($vars{password})){
if(!auth() && defined($vars{username}) && defined($vars{password})){
my $sth_login = $dbh->prepare("select * from users where login=?");
$sth_login->execute(lc($vars{'username'}));
while(my $result = $sth_login->fetchrow_hashref()){
if($result->{password} eq md5_hex($vars{password})){
$session->param('loggedin', 1);
$session->param('user',$vars{username});
$session->param('userid',$result->{userid});
$session->param('editmode',0);
$session->param('level',$result->{level});
debug("$vars{username} logged in");
}
}
unless($session->param('loggedin')){
$text{error} = "Geen geldige username/wachtwoord combinatie.
";
}
}
if(defined($request[0]) && $request[0] eq "edit" && auth()){
$session->param('editmode',1);
}
if(defined($request[0]) && $request[0] eq "stopedit" && auth()){
$session->param('editmode',0);
}
my $editmode = 0;
if($session->param('editmode')){
$editmode = 1;
}
print_header();
if(0){
debug(Dumper $session);
print_debug() if(defined($session->param('level')) && $session->param('level') > 3);
}
to_site('