Смекни!
smekni.com
Информатика

Web-приложение Сайт системы научных конференций (стр. 5 из 6)

if ($sth->execute()){

push @ok, {text=>'Запись отредактирована'};

$sth->finish(); }

else {push @error, {text=>'Запись не отредактирована'}; }

}

sub add {

my $Firma = param('Firma');

my $Name_Model = param('Name_Model');

my $Mechanism = param('Mechanism');

my $Kreplen = param('Kreplen');

my $Pol = param('Pol');

my $Data_post = param('Data_post');

my $Price = param('Price');

my $Photo = param('Photo');

$Firma = $dbh->quote( $Firma );

$Name_Model = $dbh->quote( $Name_Model );

$Mechanism = $dbh->quote( $Mechanism );

$Kreplen = $dbh->quote( $Kreplen );

$Pol = $dbh->quote( $Pol );

$Data_post = $dbh->quote( $Data_post );

$Price = $dbh->quote( $Price );

$Photo = $dbh->quote( $Photo );

my $sth = $dbh->prepare("insert into $act (id_Firma,Name_Model,id_Mechanism,id_Kreplen,id_Pol,Data_post,Price,Photo) values ($Firma,$Name_Model,$Mechanism,$Kreplen,$Pol,$Data_post,$Price,$Photo)");

if ($sth->execute()){

push @ok, {text=>"Запись добавлена"};

$sth->finish(); }

else {push @error, {text=>"Запись не добавлена"}; }

}

sub del {

my $ids = param("ids"); $ids =~s/\D//g;

if ($ids) {

#Удаление из базы

$sth=$dbh->do("DELETE FROM $act WHERE (id='$ids')"); # удаляем старые

if ($sth) { push @ok, {text=>"Элемент удалён"};}

else { push @error, {text=>"Элемент удалён"};}

}

else {

push @error, {text=>"Ошибка. Возможно отключен JavaScript"};

}

}

1;

Sale.pl

1;

if ($action eq 'Удалить') {&del;}

&blokviev;

################################################################################

sub blokviev {

my $sth = $dbh->prepare("SELECT Sale.*,Model.Name_Model as Mname,Schet.fio as Sfio,

Schet.data as Sdata, Schet.nom as Snom, Firma.Name_Firma as Fname, Model.Price as Mprice

FROM Sale inner join Model on Sale.Model_id = Model.id

inner join Schet on Sale.Schet_id = Schet.id

inner join Firma on Model.id_Firma = Firma.id");

$sth->execute();

while (my $ref = $sth->fetchrow_hashref()) {

if (!($ref->{id})){$ref->{id} = "Не задано";}

my $hd; if ($ref->{ehide}){$hd="_h";}

$HTML_SITE{content}.=<<LINES;

<table border=1 cellpadding="0" cellspacing="0" align="center">

<td width=30 valign="center" align="center"><b><font color="blue">$ref->{Snom}</font></b>

</td>

<td width=200 valign="center" align="center"><b><font color="blue">$ref->{Sfio}</font></b>

</td>

<td width=80 valign="center" align="center"><b><font color="blue">$ref->{Fname}</font></b>

</td>

<td width=100 valign="center" align="center"><b><font color="blue">$ref->{Mname}</font></b>

</td>

<td width=170 valign="center" align="center"><b><font color="blue">$ref->{Sdata}</font></b>

</td>

<td width=50 valign="center" align="center"><b><font color="blue">$ref->{Mprice}</font>&nbspр.</b>

</td>

<td><a href="#" onclick="del_id('$ref->{id}')"><img src="/admin/images/Urna.jpg" width="40" height="40" align="absmiddle" alt="Удалить"></a>

</td>

</table>

LINES

}

$sth->finish();

$HTML_SITE{content}.=<<LINES;

<form style="display: none" method="POST" action="" id="deletes" name="deletes"><input type="hidden" name="ids" value=""><input type="hidden" name="action" value="Удалить"></form>

LINES

$HTML_SITE{title} = "Просмотр сведений о покупках";

}

################################################################################

sub del {

my $ids = param("ids"); $ids =~s/&bsol;D//g;

if ($ids) {

#Удаление из базы

$sth=$dbh->do("DELETE FROM $act WHERE (id='$ids')"); # удаляем старые

if ($sth) { push @ok, {text=>"Элемент удалён"};}

else { push @error, {text=>"Элемент не удалён"};}

}

else {

push @error, {text=>"Ошибка. Возможно отключен JavaScript"};

}

}

1;

Пользовательская часть

Index.pl

#!/usr/bin/perl

use lib 'mod';

use DBI();

use DBD::mysql;

use CGI qw/:standard/;

use CGI::Cookie;

use Time::Local;

use CGI::Carp 'fatalsToBrowser';

use HTML::Template;

require "setup.inf"; #переменные

#require "sub.pm"; #переменные

#подключеие БД

$dbh = DBI->connect("DBI:mysql:database=$db;host=$host","$user","$password");

$dbh->do("SET NAMES 'cp1251'");

$fid = param('id1');

$fid2 = param('id2');

$action = param('action');

$buffer2 = $ENV{'QUERY_STRING'};

#От SQL Иньекций

$fid =~ s/('|"|&bsol;||-|=|~|>|<|(|)|&bsol;$|#)//g;

$fid2 =~ s/('|"|&bsol;||-|=|~|>|<|(|)|&bsol;$|#)//g;

$action =~ s/('|"|&bsol;||-|=|~|>|<|(|)|&bsol;$|#)//g;

#/От SQL Иньекций

@pairs2 = split(/&/, $buffer2);

foreach $pair2 (@pairs2) {

($name2, $value2) = split(/=/, $pair2);

$value2 =~ tr/+/ /;

$value2 =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

$FORM{$name2} = $value2;

}

$form_fid = $FORM{"id1"}; $form_fid =~ s/('|"|&bsol;||-|=|~|>|<|(|)|&bsol;$|#)//g;

$viev = $FORM{"viev"};

$act = $FORM{"act"};

if ($act eq ''){ #если $act пусто. Возможно при нажатии на кнопку в форме

($xxx) = $ENV{'REQUEST_URI'} =~ m#([^&bsol;/:]+)$#;

($act) = split (/&bsol;./,$xxx);

($act, $fid) = split (/-/,$act);

my $tmp = substr("$act", 0,1);

if ($tmp eq '?'){$act = '';}

#@pairs2 = split(/&/, $xxx);

#foreach $pair2 (@pairs2) {

# ($name2, $value2) = split(/=/, $pair2);

# $value2 =~ tr/+/ /;

# $value2 =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

# $FORM{$name2} = $value2;

#}

$act = $FORM{'act'};

$fid = $FORM{'id1'};

$viev = $FORM{"viev"};

}

else {$fid = $form_fid;}

#Оставляем только числа

if ($fid) {$fid =~ s/(&bsol;d+)/$1/;$fid = $1;}

if ($fid2){$fid2 =~ s/(&bsol;d+)/$1/;$fid2 = $1;}

#/Оставляем только числа

#------------------------------Время------------------------

$timeoffset = 0;

($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time + (3600*$timeoffset));

$mon++;

$mday = "0$mday" if ($mday < 10);

$mon = "0$mon" if ($mon < 10);

$hour = "0$hour" if ($hour < 10);

$min = "0$min" if ($min < 10);

$year = 2000 + ($year - 100);

$data_form = "$mday.$mon.$year";

$reg_date = "$year-$mon-$mday";

$time_form = "$hour:$min:$sec";

#-----------------------------------------------------------

#############################################

####<<< SEREDINKA

if ($act eq '') {require "ind.pl";}

elsif ($act eq 'basket') {require "basket.pl";}

elsif ($act eq 'all_model') {require "all_model.pl";}

elsif ($act eq 'model_find') {require "model_find.pl";}

elsif ($act eq 'firms') {require "firms.pl";}

else {print "Location: http://$ENV{'SERVER_NAME'}/&bsol;n&bsol;n"; exit;}

####>>>

#Информационные сообщения

if (@ok){$HTML_SITE{ok} = &bsol;@ok;}

if (@error){$HTML_SITE{error} = &bsol;@error;}

#/Информационные сообщения

print "Content-type: text/html&bsol;n&bsol;n";

my $template = HTML::Template->new(filename => 'html/index.html');

$template->param(%HTML_SITE);

my $HTML_SITE_out = $template->output;

print <<EOF;

$HTML_SITE_out

EOF

#отключение БД

$dbh->disconnect();

All_model.pl

1;

&blokviev;

################################################################################

sub blokviev {

my $sth = $dbh->prepare("SELECT Model.*,Firma.Name_Firma as Nfirma,Pol.name as Pname,Kreplen.name as Kname,Mechanism.name as Mname

FROM Model inner join Firma on Model.id_Firma = Firma.id

inner join Pol on Model.id_Pol = Pol.id

inner join Kreplen on Model.id_Kreplen = Kreplen.id

inner join Mechanism on Model.id_Mechanism = Mechanism.id");

$sth->execute();

while (my $ref = $sth->fetchrow_hashref()) {

if (!($ref->{Name_Model})){$ref->{Name_Model} = "Не задано";}

my $hd; if ($ref->{ehide}){$hd="_h";}

$HTML_SITE{content}.=<<LINES;

<table border=1 cellpadding="3" cellspacing="3" align="center">

<td rowspan=8 align="center">

<img src="/admin/Photos/$ref->{Photo}" width="80" valign="absmiddle" align="absmiddle">

</td>

<td width=100 valign="center" align="center"><b><font color="#666666">Фирма</font></b>

</td>

<td width=150 valign="center" align="center"><b><font color="blue">$ref->{Nfirma}</font></b>

</td>

<tr>

<td width=100 valign="center" align="center"><b><font color="#666666">Модель</font></b>

</td>

<td width=150 valign="center" align="center"><b><font color="blue">$ref->{Name_Model}</font></b>

</td>

<tr>

<td width=100 valign="center" align="center"><b><font color="#666666">Пол</font></b>

</td>

<td width=150 valign="center" align="center"><b><font color="blue">$ref->{Pname}</font></b>

</td>

<tr>

<td width=100 valign="center" align="center"><b><font color="#666666">Ремешок</font></b>

</td>

<td width=150 valign="center" align="center"><b><font color="blue">$ref->{Kname}</font></b>

</td>

<tr>

<td width=100 valign="center" align="center"><b><font color="#666666">Механизм</font></b>

</td>

<td width=150 valign="center" align="center"><b><font color="blue">$ref->{Mname}</font></b>

</td>

<tr>

<td width=100 valign="center" align="center"><b><font color="#666666">Дата поставки</font></b>

</td>

<td width=150 valign="center" align="center"><b><font color="blue">$ref->{Data_post}</font></b>

</td>

<tr>

<td width=100 valign="center" align="center"><b><font color="#666666">Стоимость</font></b>

</td>

<td width=150 valign="center" align="center"><b><font color="red">$ref->{Price}</font>&nbspр.</b>

</td>

<tr>

<td width=100 valign="center" align="center"><b><font color="#666666">Добавить в корзину</font></b>

</td>

<td width=150 valign="center" align="center"><a href="javascript:addbasket($ref->{id});"><img src="/admin/images/basket.jpg" width="40" height="40" align="absmiddle" alt="Добавить в корзину"></a>

</td>

</table>

<table align="center">

<td height="10">

</td>

</table>

LINES

}

$sth->finish();

$HTML_SITE{title} = "Просмотр всех моделей часов";

}

################################################################################

1;

Model_find.pl

1;

my $sth = $dbh->prepare("SELECT id,Name_Firma FROM Firma");

$sth->execute();

while (my $ref = $sth->fetchrow_hashref()) {

$sel.=qq[<option value="$ref->{'id'}">$ref->{'Name_Firma'}</option>];

}

$sth->finish();

if ($action eq 'Подобрать'){&clocksfind;}

else{&viev;}

sub viev {

$HTML_SITE{title} = "Выбор часов по параметрам";

$HTML_SITE{content}.=<<LINES;

<form style="display: none" method="POST" action="" id="deletes" name="deletes"><input type="hidden" name="ids" value=""><input type="hidden" name="action" value="Удалить"></form>

<br>

<h2>Заполните поля для поиска</h2>

<form method="POST" action="">

<br>

<div align="center"><b>Фирма</b></div>

<br>

<div align="center"><select name="firm" size="1" style="width:30%">

$sel

<option value="0" selected></option>

</select></div>

<br>

<div align="center"><b>Цена</b></div>

<br>

<div align="center"> от <input name="otcen" value="" type="text" style="width:25%"> ---- до <input name="docen" value="" type="text" style="width:25%"></div>

<br>

<divalign="center"><b>Дата поступления</b>(Вводить в формате гггг-мм-дд)</div>

<br>

<div align="center"> от <input name="otdata" value="" type="text" style="width:25%"> ---- до <input name="dodata" value="" type="text" style="width:25%"></div>

<br>

<div align="center"><input name="action" type="submit" value="Подобрать"></div>

</form>

LINES

}

#######################################

sub clocksfind {

my $firm = param('firm');

my $otcen = param('otcen');

my $docen = param('docen');

my $otdata = param('otdata');

my $dodata = param('dodata');

$firm = $dbh->quote( $firm );

$otcen = $dbh->quote( $otcen );

$docen = $dbh->quote( $docen );

$otdata = $dbh->quote( $otdata );

$dodata = $dbh->quote( $dodata );

my $sth = $dbh->prepare("SELECT Model.*,Firma.Name_Firma as Nfirma,Pol.name as Pname,Kreplen.name as Kname,Mechanism.name as Mname

 
назад
читать дальше
1
2
3
4
5
6
НАПИШИТЕ НАМ
Copyright © Smekni.com. All rigths reserved.