Compare commits
No commits in common. "569aa1c95b8aae9576f71599081546ddedb7d982" and "77365cc0c3ed953b8f948d2360bdcc1d6ff30b1b" have entirely different histories.
569aa1c95b
...
77365cc0c3
|
|
@ -17,7 +17,7 @@ sub startup {
|
|||
|
||||
# load plugins that require no additional conf
|
||||
$app->plugin('TagHelpers');
|
||||
$app->plugin('Model', { namespaces => ['CharmBoard::Model'] });
|
||||
$app->plugin('Model', {namespaces => ['CharmBoard::Model']});
|
||||
|
||||
# load configuration from config file
|
||||
my $config =
|
||||
|
|
@ -69,86 +69,81 @@ sub startup {
|
|||
|
||||
# session helpers
|
||||
## create session
|
||||
$app->helper(
|
||||
session_create => sub {
|
||||
my $app = shift;
|
||||
$app->helper(session_create => sub {
|
||||
my $app = shift;
|
||||
|
||||
my $_session_key = seasoning(16);
|
||||
my $_session_key = seasoning(16);
|
||||
|
||||
# create session entry in db
|
||||
$app->schema->resultset('Session')->create({
|
||||
session_key => $_session_key,
|
||||
user_id => $_[0],
|
||||
session_expiry => time + 604800,
|
||||
is_ip_bound => 0,
|
||||
bound_ip => undef
|
||||
});
|
||||
# create session entry in db
|
||||
$app->schema->resultset('Session')->create({
|
||||
session_key => $_session_key,
|
||||
user_id => $_[0],
|
||||
session_expiry => time + 604800,
|
||||
is_ip_bound => 0,
|
||||
bound_ip => undef
|
||||
});
|
||||
|
||||
# now create session cookie
|
||||
$app->session(is_auth => 1);
|
||||
$app->session(user_id => $_[0]);
|
||||
$app->session(session_key => $_session_key);
|
||||
$app->session(expiration => 604800);
|
||||
}
|
||||
);
|
||||
# now create session cookie
|
||||
$app->session(is_auth => 1 );
|
||||
$app->session(user_id => $_[0] );
|
||||
$app->session(session_key => $_session_key);
|
||||
$app->session(expiration => 604800 );
|
||||
});
|
||||
## destroy session
|
||||
$app->helper(
|
||||
session_destroy => sub {
|
||||
my $app = shift;
|
||||
$app->helper(session_destroy => sub {
|
||||
my $app = shift;
|
||||
|
||||
my $_session_key = $app->session('session_key');
|
||||
my $_session_key = $app->session('session_key');
|
||||
|
||||
# destroy entry for this session in the database
|
||||
$app->schema->resultset('Session')
|
||||
->search({ session_key => $_session_key })->delete;
|
||||
# destroy entry for this session in the database
|
||||
$app->schema->resultset('Session')
|
||||
->search({ session_key => $_session_key })
|
||||
->delete;
|
||||
|
||||
# now nuke the actual session cookie
|
||||
$app->session(expires => 1);
|
||||
}
|
||||
);
|
||||
# now nuke the actual session cookie
|
||||
$app->session(expires => 1);
|
||||
});
|
||||
## verify session
|
||||
$app->helper(
|
||||
session_verify => sub {
|
||||
my $app = shift;
|
||||
$app->helper(session_verify => sub {
|
||||
my $app = shift;
|
||||
|
||||
my $_validity = 1;
|
||||
my $_catch_error;
|
||||
my $_validity = 1;
|
||||
my $_catch_error;
|
||||
|
||||
# get info from user's session cookie and store it in vars
|
||||
my $_user_id = $app->session('user_id');
|
||||
my $_session_key = $app->session('session_key');
|
||||
my $_is_auth = $app->session('is_auth');
|
||||
# get info from user's session cookie and store it in vars
|
||||
my $_user_id = $app->session('user_id');
|
||||
my $_session_key = $app->session('session_key');
|
||||
my $_is_auth = $app->session('is_auth');
|
||||
|
||||
if ($_is_auth) {
|
||||
try {
|
||||
# check to see if session with this id is present in db
|
||||
($app->schema->resultset('Session')
|
||||
->search({ 'session_key' => $_session_key })
|
||||
->get_column('session_key')->first)
|
||||
if ($_is_auth) {
|
||||
try {
|
||||
# check to see if session with this id is present in db
|
||||
($app->schema->resultset('Session')->search
|
||||
({ 'session_key' => $_session_key })
|
||||
->get_column('session_key')->first)
|
||||
or die;
|
||||
|
||||
# check to see if the current session key's user id matches
|
||||
# that of the user id in the database
|
||||
$_user_id == ($app->schema->resultset('Session')
|
||||
->session_uid($_session_key))
|
||||
or die;
|
||||
# check to see if the current session key's user id matches
|
||||
# that of the user id in the database
|
||||
$_user_id == ($app->schema->resultset('Session')->
|
||||
session_uid($_session_key))
|
||||
or die;
|
||||
|
||||
# check if session is still within valid time as recorded in
|
||||
# the db
|
||||
time < ($app->schema->resultset('Session')
|
||||
->session_expiry($_session_key))
|
||||
# check if session is still within valid time as recorded in
|
||||
# the db
|
||||
time < ($app->schema->resultset('Session')->
|
||||
session_expiry($_session_key))
|
||||
or die;
|
||||
} catch ($_catch_error) {
|
||||
$_validity = undef;
|
||||
$app->session_destroy;
|
||||
}
|
||||
} else {
|
||||
$_validity = 0;
|
||||
} catch ($_catch_error) {
|
||||
$_validity = undef;
|
||||
$app->session_destroy;
|
||||
}
|
||||
|
||||
return $_validity;
|
||||
} else {
|
||||
$_validity = 0;
|
||||
}
|
||||
);
|
||||
|
||||
return $_validity;
|
||||
});
|
||||
|
||||
# router
|
||||
my $r = $app->routes;
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ sub login {
|
|||
}
|
||||
|
||||
sub login_do {
|
||||
my $c = shift;
|
||||
my $c = shift;
|
||||
my $username = $c->param('username');
|
||||
my $password = $c->pepper . ':' . $c->param('password');
|
||||
|
||||
|
|
@ -62,8 +62,7 @@ sub login_do {
|
|||
} catch ($catch_error) { # redirect to login page on fail
|
||||
print $catch_error;
|
||||
$c->flash(
|
||||
error =>
|
||||
'Your username and password were correct, but a server
|
||||
error => 'Your username and password were correct, but a server
|
||||
error prevented you from logging in. This has been logged
|
||||
so the administrator can fix it.'
|
||||
);
|
||||
|
|
|
|||
|
|
@ -16,16 +16,17 @@ sub thread_compose {
|
|||
my $subf_cat =
|
||||
$c->schema->resultset('Subforums')->cat_from_id($subf_id);
|
||||
my $cat_title =
|
||||
$c->schema->resultset('Categories')->title_from_id($subf_cat);
|
||||
$c->schema->resultset('Categories')
|
||||
->title_from_id($subf_cat);
|
||||
|
||||
$c->render(
|
||||
template => 'thread_compose',
|
||||
subf_id => $subf_id,
|
||||
cat_title => $cat_title,
|
||||
subf_title =>
|
||||
$c->schema->resultset('Subforums')->title_from_id($subf_id),
|
||||
error => $c->flash('error'),
|
||||
message => $c->flash('message')
|
||||
template => 'thread_compose',
|
||||
subf_id => $subf_id,
|
||||
cat_title => $cat_title,
|
||||
subf_title => $c->schema->resultset('Subforums')
|
||||
->title_from_id($subf_id),
|
||||
error => $c->flash('error'),
|
||||
message => $c->flash('message')
|
||||
)
|
||||
}
|
||||
|
||||
|
|
@ -35,7 +36,7 @@ sub thread_submit {
|
|||
my $thread_title = $c->param('thread-title');
|
||||
my $post_content = $c->param('post-content');
|
||||
my $post_time = time;
|
||||
my $subf_id = $c->param('id');
|
||||
my $subf_id = $c->param('id');
|
||||
|
||||
my $catch_error;
|
||||
|
||||
|
|
|
|||
|
|
@ -53,9 +53,8 @@ sub register_do {
|
|||
## search for input username and email in database
|
||||
$user_check = $c->schema->resultset('Users')
|
||||
->search({ username => $username })->single;
|
||||
$email_check =
|
||||
$c->schema->resultset('Users')->search({ email => $email })
|
||||
->single;
|
||||
$email_check = $c->schema->resultset('Users')
|
||||
->search({ email => $email })->single;
|
||||
|
||||
# TODO: compress this into something less redundant
|
||||
($user_check && $email_check) eq undef
|
||||
|
|
@ -91,7 +90,7 @@ sub register_do {
|
|||
print $catch_error;
|
||||
$c->flash(
|
||||
error =>
|
||||
'Your registration info was correct, but a server error
|
||||
'Your registration info was correct, but a server error
|
||||
prevented you from registering. This has been logged so the
|
||||
administrator can fix it.'
|
||||
);
|
||||
|
|
|
|||
|
|
@ -16,17 +16,18 @@ sub subf_view {
|
|||
my $subf_cat =
|
||||
$c->schema->resultset('Subforums')->cat_from_id($subf_id);
|
||||
my $cat_title =
|
||||
$c->schema->resultset('Categories')->title_from_id($subf_cat);
|
||||
$c->schema->resultset('Categories')
|
||||
->title_from_id($subf_cat);
|
||||
|
||||
my @thread_list =
|
||||
$c->schema->resultset('Threads')->fetch_by_subf($subf_id);
|
||||
|
||||
$c->render(
|
||||
template => 'subf',
|
||||
subf_id => $subf_id,
|
||||
cat_title => $cat_title,
|
||||
subf_title =>
|
||||
$c->schema->resultset('Subforums')->title_from_id($subf_id),
|
||||
template => 'subf',
|
||||
subf_id => $subf_id,
|
||||
cat_title => $cat_title,
|
||||
subf_title => $c->schema->resultset('Subforums')
|
||||
->title_from_id($subf_id),
|
||||
thread_list => \@thread_list
|
||||
)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,10 +12,8 @@ use Tree::Simple;
|
|||
|
||||
sub list_full {
|
||||
my $c = shift;
|
||||
|
||||
# fetch a list of all categories
|
||||
my @_all_cat =
|
||||
$c->{app}->schema->resultset('Categories')->fetch_all;
|
||||
my @_all_cat = $c->{app}->schema->resultset('Categories')->fetch_all;
|
||||
|
||||
# create a Tree::Simple object that will contain the list
|
||||
# of categories and the subforums that belong to them
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@
|
|||
id="post-content"
|
||||
name="post-content"
|
||||
cols="50" rows="5"
|
||||
placeholder="post content"></textarea>
|
||||
<br /><br />
|
||||
placeholder="post content">
|
||||
</textarea><br /><br />
|
||||
<input type="submit" value="post!" />
|
||||
</form>
|
||||
Loading…
Reference in New Issue