Compare commits

..

No commits in common. "569aa1c95b8aae9576f71599081546ddedb7d982" and "77365cc0c3ed953b8f948d2360bdcc1d6ff30b1b" have entirely different histories.

7 changed files with 88 additions and 95 deletions

View File

@ -17,7 +17,7 @@ sub startup {
# load plugins that require no additional conf # load plugins that require no additional conf
$app->plugin('TagHelpers'); $app->plugin('TagHelpers');
$app->plugin('Model', { namespaces => ['CharmBoard::Model'] }); $app->plugin('Model', {namespaces => ['CharmBoard::Model']});
# load configuration from config file # load configuration from config file
my $config = my $config =
@ -69,86 +69,81 @@ sub startup {
# session helpers # session helpers
## create session ## create session
$app->helper( $app->helper(session_create => sub {
session_create => sub { my $app = shift;
my $app = shift;
my $_session_key = seasoning(16); my $_session_key = seasoning(16);
# create session entry in db # create session entry in db
$app->schema->resultset('Session')->create({ $app->schema->resultset('Session')->create({
session_key => $_session_key, session_key => $_session_key,
user_id => $_[0], user_id => $_[0],
session_expiry => time + 604800, session_expiry => time + 604800,
is_ip_bound => 0, is_ip_bound => 0,
bound_ip => undef bound_ip => undef
}); });
# now create session cookie # now create session cookie
$app->session(is_auth => 1); $app->session(is_auth => 1 );
$app->session(user_id => $_[0]); $app->session(user_id => $_[0] );
$app->session(session_key => $_session_key); $app->session(session_key => $_session_key);
$app->session(expiration => 604800); $app->session(expiration => 604800 );
} });
);
## destroy session ## destroy session
$app->helper( $app->helper(session_destroy => sub {
session_destroy => sub { my $app = shift;
my $app = shift;
my $_session_key = $app->session('session_key'); my $_session_key = $app->session('session_key');
# destroy entry for this session in the database # destroy entry for this session in the database
$app->schema->resultset('Session') $app->schema->resultset('Session')
->search({ session_key => $_session_key })->delete; ->search({ session_key => $_session_key })
->delete;
# now nuke the actual session cookie # now nuke the actual session cookie
$app->session(expires => 1); $app->session(expires => 1);
} });
);
## verify session ## verify session
$app->helper( $app->helper(session_verify => sub {
session_verify => sub { my $app = shift;
my $app = shift;
my $_validity = 1; my $_validity = 1;
my $_catch_error; my $_catch_error;
# get info from user's session cookie and store it in vars # get info from user's session cookie and store it in vars
my $_user_id = $app->session('user_id'); my $_user_id = $app->session('user_id');
my $_session_key = $app->session('session_key'); my $_session_key = $app->session('session_key');
my $_is_auth = $app->session('is_auth'); my $_is_auth = $app->session('is_auth');
if ($_is_auth) { if ($_is_auth) {
try { try {
# check to see if session with this id is present in db # check to see if session with this id is present in db
($app->schema->resultset('Session') ($app->schema->resultset('Session')->search
->search({ 'session_key' => $_session_key }) ({ 'session_key' => $_session_key })
->get_column('session_key')->first) ->get_column('session_key')->first)
or die; or die;
# check to see if the current session key's user id matches # check to see if the current session key's user id matches
# that of the user id in the database # that of the user id in the database
$_user_id == ($app->schema->resultset('Session') $_user_id == ($app->schema->resultset('Session')->
->session_uid($_session_key)) session_uid($_session_key))
or die; or die;
# check if session is still within valid time as recorded in # check if session is still within valid time as recorded in
# the db # the db
time < ($app->schema->resultset('Session') time < ($app->schema->resultset('Session')->
->session_expiry($_session_key)) session_expiry($_session_key))
or die; or die;
} catch ($_catch_error) { } catch ($_catch_error) {
$_validity = undef; $_validity = undef;
$app->session_destroy; $app->session_destroy;
}
} else {
$_validity = 0;
} }
} else {
return $_validity; $_validity = 0;
} }
);
return $_validity;
});
# router # router
my $r = $app->routes; my $r = $app->routes;

View File

@ -22,7 +22,7 @@ sub login {
} }
sub login_do { sub login_do {
my $c = shift; my $c = shift;
my $username = $c->param('username'); my $username = $c->param('username');
my $password = $c->pepper . ':' . $c->param('password'); my $password = $c->pepper . ':' . $c->param('password');
@ -62,8 +62,7 @@ sub login_do {
} catch ($catch_error) { # redirect to login page on fail } catch ($catch_error) { # redirect to login page on fail
print $catch_error; print $catch_error;
$c->flash( $c->flash(
error => error => 'Your username and password were correct, but a server
'Your username and password were correct, but a server
error prevented you from logging in. This has been logged error prevented you from logging in. This has been logged
so the administrator can fix it.' so the administrator can fix it.'
); );

View File

@ -16,16 +16,17 @@ sub thread_compose {
my $subf_cat = my $subf_cat =
$c->schema->resultset('Subforums')->cat_from_id($subf_id); $c->schema->resultset('Subforums')->cat_from_id($subf_id);
my $cat_title = my $cat_title =
$c->schema->resultset('Categories')->title_from_id($subf_cat); $c->schema->resultset('Categories')
->title_from_id($subf_cat);
$c->render( $c->render(
template => 'thread_compose', template => 'thread_compose',
subf_id => $subf_id, subf_id => $subf_id,
cat_title => $cat_title, cat_title => $cat_title,
subf_title => subf_title => $c->schema->resultset('Subforums')
$c->schema->resultset('Subforums')->title_from_id($subf_id), ->title_from_id($subf_id),
error => $c->flash('error'), error => $c->flash('error'),
message => $c->flash('message') message => $c->flash('message')
) )
} }
@ -35,7 +36,7 @@ sub thread_submit {
my $thread_title = $c->param('thread-title'); my $thread_title = $c->param('thread-title');
my $post_content = $c->param('post-content'); my $post_content = $c->param('post-content');
my $post_time = time; my $post_time = time;
my $subf_id = $c->param('id'); my $subf_id = $c->param('id');
my $catch_error; my $catch_error;

View File

@ -53,9 +53,8 @@ sub register_do {
## search for input username and email in database ## search for input username and email in database
$user_check = $c->schema->resultset('Users') $user_check = $c->schema->resultset('Users')
->search({ username => $username })->single; ->search({ username => $username })->single;
$email_check = $email_check = $c->schema->resultset('Users')
$c->schema->resultset('Users')->search({ email => $email }) ->search({ email => $email })->single;
->single;
# TODO: compress this into something less redundant # TODO: compress this into something less redundant
($user_check && $email_check) eq undef ($user_check && $email_check) eq undef
@ -91,7 +90,7 @@ sub register_do {
print $catch_error; print $catch_error;
$c->flash( $c->flash(
error => error =>
'Your registration info was correct, but a server error 'Your registration info was correct, but a server error
prevented you from registering. This has been logged so the prevented you from registering. This has been logged so the
administrator can fix it.' administrator can fix it.'
); );

View File

@ -16,17 +16,18 @@ sub subf_view {
my $subf_cat = my $subf_cat =
$c->schema->resultset('Subforums')->cat_from_id($subf_id); $c->schema->resultset('Subforums')->cat_from_id($subf_id);
my $cat_title = my $cat_title =
$c->schema->resultset('Categories')->title_from_id($subf_cat); $c->schema->resultset('Categories')
->title_from_id($subf_cat);
my @thread_list = my @thread_list =
$c->schema->resultset('Threads')->fetch_by_subf($subf_id); $c->schema->resultset('Threads')->fetch_by_subf($subf_id);
$c->render( $c->render(
template => 'subf', template => 'subf',
subf_id => $subf_id, subf_id => $subf_id,
cat_title => $cat_title, cat_title => $cat_title,
subf_title => subf_title => $c->schema->resultset('Subforums')
$c->schema->resultset('Subforums')->title_from_id($subf_id), ->title_from_id($subf_id),
thread_list => \@thread_list thread_list => \@thread_list
) )
} }

View File

@ -12,10 +12,8 @@ use Tree::Simple;
sub list_full { sub list_full {
my $c = shift; my $c = shift;
# fetch a list of all categories # fetch a list of all categories
my @_all_cat = my @_all_cat = $c->{app}->schema->resultset('Categories')->fetch_all;
$c->{app}->schema->resultset('Categories')->fetch_all;
# create a Tree::Simple object that will contain the list # create a Tree::Simple object that will contain the list
# of categories and the subforums that belong to them # of categories and the subforums that belong to them

View File

@ -14,7 +14,7 @@
id="post-content" id="post-content"
name="post-content" name="post-content"
cols="50" rows="5" cols="50" rows="5"
placeholder="post content"></textarea> placeholder="post content">
<br /><br /> </textarea><br /><br />
<input type="submit" value="post!" /> <input type="submit" value="post!" />
</form> </form>