search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
write a proper schema.sql
[ppolls.git] / lib / Ppolls.pm
blob97df28c3566ba003119fe4b3cac752b326f6a88a
1 package Ppolls;
2 use Dancer ':syntax';
3 #use DBI;
4 use File::Spec;
5 use File::Slurp;
6 use Template;
7 use Dancer::Plugin::Database;
8 use Crypt::SaltedHash;
9 use Data::Dumper;
10 use Dancer::Plugin::FlashMessage;
11
12 our $VERSION = '0.2';
13
14 set 'session' => 'Simple';
15 set 'template' => 'template_toolkit';
16 set 'logger' => 'console';
17 set 'log' => 'debug';
18 set 'show_errors' => 1;
19 set 'access_log' => 1;
20 set 'warnings' => 1;
21
22 # layout 'main';
23 set layout => "main";
24
25 before_template sub {
26 my $tokens = shift;
27
28 $tokens->{'css_url'} = request->base . 'css/style.css';
29 $tokens->{'login_url'} = uri_for('/login');
30 $tokens->{'logout_url'} = uri_for('/logout');
31 $tokens->{'showall_url'} = uri_for('/showall');
32 $tokens->{'vote_url'} = uri_for('/vote');
33 $tokens->{'register_url'} = uri_for('/register');
34 $tokens->{'add_url'} = uri_for('/add');
35 $tokens->{'changepass_url'} = uri_for('/changepass');
36 $tokens->{'showpopulardesc_url'} = uri_for('/showpopular-desc');
37 $tokens->{'showpopularasc_url'} = uri_for('/showpopular-asc');
38 };
39
40 before sub {
41
42 if (! session('user') &&
43 request->path_info !~ m{^/(login|register|showall|showpopular.*)}
44 ) {
45 var requested_path => request->path_info;
46 request->path_info('/login');
47 }
48 };
49
50 get '/login' => sub {
51 template 'login', { path => vars->{requested_path} };
52 };
53
54 post '/login' => sub {
55 my $user = database('users')->prepare(
56 'select * from users where username = ?',
57 );
58 $user->execute(params->{username});
59 my $userdata = $user->fetchrow_hashref();
60 if (!$userdata) {
61 flash error => "Failed login for unrecognised user "
62 . params->{username}.'.';
63 redirect uri_for('/login');
64 } else {
65 if ($userdata->{password} eq params->{password})
66 {
67 session user => $user;
68 session uid => $userdata->{'id'};
69 session username => $userdata->{'username'};
70 redirect params->{path} || uri_for('/showall');
71 } else {
72 flash error => 'Login failed - password incorrect for <span class="username">' . params->{username}.'</span>.';
73 redirect uri_for('/login');
74 }
75 }
76 };
77
78 get '/logout' => sub {
79 session->destroy;
80 flash error => 'You are logged out.';
81 redirect uri_for('/showall');
82 };
83
84 get '/register' => sub {
85 template 'register', { path => params->{'path'} };
86 };
87
88 post '/register' => sub {
89 if (params->{'username'} =~ m/\W/){
90 flash error => 'Please use only [A-Za-z0-9] in the username. Thank you.';
91 redirect uri_for('/register');
92 return;
93 }
94 if (params->{'username'} eq ''){
95 flash error => 'Please set a username when registering. Thank you.';
96 redirect uri_for('/register');
97 return;
98 }
99 if (params->{'email'} eq ''){
100 flash error => 'Please set an email when registering. This will be used for password recoveries only. Thank you.';
101 redirect uri_for('/register');
102 return;
103 }
104
105 # Check if username is taken.
106 my $username = database('users')->selectall_arrayref(
107 'select * from users where username = ?',{},params->{'username'});
108 if (@$username){
109 flash error => 'Error: username in already in use.';
110 redirect uri_for('/register');
111 return;
112 } else {
113 my $user = database('users')->do(
114 "insert into users values(NULL, ?, ?, ?, ?, ?, ?)",{},
115 (params->{'username'},
116 params->{'password'},
117 "user",
118 0,
119 params->{'email'},
120 params->{'fullname'})
121 );
122 flash error => 'Registration of user <span class="username">'.
123 params->{username}.'</span> successful.';
124 template 'login', { username => (params->{'username'}),
125 password => (params->{'password'}),
126 path => (params->{'path'})
127 };
128 }
129 };
130
131 get '/show/:id' => sub {
132 my $hash_ref = database('questions')->selectrow_hashref
133 ('select id, title, text, type, hits from entries where id = ?', {}, params->{id});
134 my $hash_ref2 = database('questions')->selectall_hashref
135 ('select id,content,qid,hits from answers where qid = ?','id',{},params->{id});
136 my $user_hit = database('users')->selectrow_hashref
137 ('select hit from users where id = ?', {}, session('uid'));
138 my $hit = $user_hit->{'hit'};
139 my $id = scalar(params->{'id'});
140 my $matches = $hit =~ /$id/; # voted yet ?
141 template 'show_entry', {
142 id => params->{id},
143 title => $hash_ref->{'title'},
144 type => $hash_ref->{'type'},
145 text => $hash_ref->{'text'},
146 hits => $hash_ref->{'hits'},
147 answers => $hash_ref2,
148 voted => $matches,
149 qid => params->{id}
150 };
151 };
152
153 get '/showall' => sub {
154 my $sql = 'select id, title, text from entries order by id desc';
155 my $sth = database('questions')->prepare($sql)
156 or die database('questions')->errstr;
157 $sth->execute or die $sth->errstr;
158 template 'show', {
159 'add_entry_url' => uri_for('/add'),
160 'entries' => $sth->fetchall_hashref('id'),
161 };
162 };
163
164 get '/showpopular-desc' => sub {
165 my $hash = database('questions')->selectall_arrayref
166 ('select id, title, text, hits from entries order by hits desc');
167 template 'show-desc', {
168 'entries' => $hash
169 };
170 };
171
172
173 get '/showpopular-asc' => sub {
174 my $hash = database('questions')->selectall_arrayref
175 ('select id, title, text, hits from entries order by hits asc');
176 template 'show-asc', {
177 'entries' => $hash
178 };
179 };
180
181 post '/vote' => sub {
182 my $answer_type = ref(\(params->{'value'}));
183 if ($answer_type eq 'REF') {
184 my @values = @{params->{'value'}};
185 my $value;
186 foreach $value (@values){
187 database('questions')->do
188 ("UPDATE answers SET hits = hits + 1 WHERE id = ?",{},$value);
189 }
190 }
191 if ($answer_type eq 'SCALAR'){
192 database('questions')->do
193 ("UPDATE answers SET hits = hits + 1 WHERE id = ?",{},params->{'value'});
194 }
195 # User hit this question.
196 database('questions')->do
197 ("UPDATE entries SET hits = hits + 1 WHERE id = ?",{},params->{'qid'});
198 # add more hit
199 database('users')->do
200 ("UPDATE users SET hit = hit || ' ' || ? WHERE id = ?",{},(
201 params->{'qid'},
202 session('uid')
203 ));
204 redirect uri_for('/show/'.params->{'qid'});
205 };
206
207 get '/add' => sub {
208 template 'add';
209 };
210
211 post '/add' => sub {
212 if (params->{'title'} eq ""){
213 flash error => 'Error: empty title.';
214 redirect uri_for('/add');
215 }
216 if (params->{'content'} eq ''){
217 flash error => 'Error: empty content.';
218 redirect uri_for('/add');
219 }
220 if (params->{'answers'} eq ''){
221 flash error => 'Error: no answers given.';
222 redirect uri_for('/add');
223 }
224 database('questions')->do
225 ("insert into entries values(NULL, ?, ?, ?, ?, 0)",{},(
226 params->{'type'},
227 params->{'title'},
228 params->{'content'},
229 session('uid'),
230 ));
231 # TODO: get the id.
232 my $qid = database('questions')->last_insert_id("",database('questions'),'entries','id');
233 #my $qid = (database('questions')->selectrow_hashref
234 # ("select id from entries where text = ?",{},params->{'content'}))->{'id'};
235 my $answer_choice;
236 foreach $answer_choice (split /\n/, params->{'answers'}){
237 $answer_choice =~ s/\n//;
238 $answer_choice =~ s/\r//;
239 database('questions')->do
240 ("insert into answers values(NULL,?, ?, 0)",{},(
241 $qid,
242 $answer_choice
243 ));
244 }
245 redirect uri_for("show/$qid");
246 };
247 get '/changepass' => sub {
248 template 'changepass';
249 };
250
251 post '/changepass' => sub {
252 if (!(params->{"newpassword"} eq params->{"newpassword2"})){
253 flash error => "New passwords mismatch.";
254 redirect uri_for('/changepass');
255 }
256 else{
257 database('users')->do
258 ("update users set password = ? where id = ?",{},
259 (params->{'newpassword'},session('uid'))
260 );
261 flash error => "Password updated successfully.";
262 redirect uri_for('/changepass');
263 }
264
265 };
266
267 true;
a polls website powered by the Dancer Perl web framework