File Coverage

blib/lib/CGI/Session/MembersArea.pm

Criterion	Covered	Total	%
statement	15	57	26.3
branch	0	20	0.0
condition	0	33	0.0
subroutine	5	12	41.6
pod	0	4	0.0
total	20	126	15.8

line	stmt	bran	cond	sub	pod	time	code
1							package CGI::Session::MembersArea;
2
3							# Name:
4							# CGI::Session::MembersArea.
5							#
6							# Documentation:
7							# POD-style documentation is at the end. Extract it with pod2html.*.
8							#
9							# Reference:
10							# Object Oriented Perl
11							# Damian Conway
12							# Manning
13							# 1-884777-79-1
14							# P 114
15							#
16							# Note:
17							# o Tab = 4 spaces \|\| die.
18							#
19							# Author:
20							# Ron Savage
21							# Home page: http://savage.net.au/index.html
22							#
23							# Licence:
24							# Australian copyright (c) 2004 Ron Savage.
25							#
26							# All Programs of mine are 'OSI Certified Open Source Software';
27							# you can redistribute them and/or modify them under the terms of
28							# The Artistic License, a copy of which is available at:
29							# http://www.opensource.org/licenses/index.html
30
31	1			1		35785	use strict;
	1					3
	1					31
32	1			1		4	use warnings;
	1					1
	1					24
33	1			1		4	no warnings 'redefine';
	1					2
	1					32
34
35	1			1		5	use Carp;
	1					2
	1					83
36	1			1		2583	use DBI;
	1					22611
	1					1090
37
38							require 5.005_62;
39
40							require Exporter;
41
42							our @ISA = qw(Exporter);
43
44							# Items to export into callers namespace by default. Note: do not export
45							# names by default without a very good reason. Use EXPORT_OK instead.
46							# Do not simply export all your public functions/methods/constants.
47
48							# This allows declaration use CGI::Session::MembersArea ':all';
49							# If you do not need this, moving things directly into @EXPORT or @EXPORT_OK
50							# will save memory.
51							our %EXPORT_TAGS = ( 'all' => [ qw(
52
53							) ] );
54
55							our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
56
57							our @EXPORT = qw(
58
59							);
60							our $VERSION = '2.06';
61
62							# -----------------------------------------------
63
64							# Preloaded methods go here.
65
66							# -----------------------------------------------
67
68							# Encapsulated class data.
69
70							{
71							my(%_attr_data) =
72							( # Alphabetical order.
73							_dsn => 'dbi:mysql:myadmin',
74							_form_field_width => 50,
75							_form_resource => 'my_resource',
76							_form_password => 'my_password',
77							_form_username => 'my_username',
78							_password => '',
79							_query => '',
80							_resource_name_column => 'user_resource_name',
81							_resource_password_column => 'user_resource_password',
82							_resource_username_column => 'user_resource_username',
83							_session_full_name_column => 'user_full_name',
84							_session_key_name_column => 'user_full_name_key',
85							_session_password_column => 'user_password',
86							_session_table => 'user',
87							_username => '',
88							);
89
90							sub _default_for
91							{
92	0			0			my($self, $attr_name) = @_;
93
94	0						$_attr_data{$attr_name};
95							}
96
97							sub _standard_keys
98							{
99	0			0			keys %_attr_data;
100							}
101
102							} # End of encapsulated class data.
103
104							# -----------------------------------------------
105
106							sub clean_user_data
107							{
108	0			0	0		my($self, $data, $max_length, $integer) = @_;
109	0	0	0				$data = '' if (! defined($data) \|\| ($data !~ /^([^`\x00-\x1F\x7F-\x9F]+)$/) \|\| (length($1) == 0) \|\| (length($1) > $max_length) );
			0
			0
110	0	0					$data = '' if ($data =~ /.+<\s\/?\sscript\s*>/i); # http://www.perl.com/pub/a/2002/02/20/css.html.
111	0	0					$data = '' if ($data =~ /<(.+)\s>.<\s\/?\s\1\s*>/i); # Ditto, but much more strict.
112	0						$data =~ s/^\s+//;
113	0						$data =~ s/\s+$//;
114	0	0	0				$data = 0 if ($integer && (! $data \|\| ($data !~ /^[0-9]+$/) ) );
			0
115
116	0						$data;
117
118							} # End of clean_user_data.
119
120							# -----------------------------------------------
121
122							sub DESTROY
123							{
124	0			0			my($self) = @_;
125
126	0	0					$$self{'_dbh'} -> disconnect() if ($$self{'_dbh'});
127
128							} # End of DESTROY.
129
130							# -----------------------------------------------
131							# Return values:
132							# o $profile
133							# o undef
134
135							sub init
136							{
137	0			0	0		my($self) = @_;
138
139	0		0				my($my_resource) = $self -> clean_user_data( ($$self{'_query'} -> param($$self{'_form_resource'}) \|\| ''), $$self{'_form_field_width'});
140	0		0				my($my_username) = $self -> clean_user_data( ($$self{'_query'} -> param($$self{'_form_username'}) \|\| ''), $$self{'_form_field_width'});
141	0		0				my($my_password) = $self -> clean_user_data( ($$self{'_query'} -> param($$self{'_form_password'}) \|\| ''), $$self{'_form_field_width'});
142
143	0						my($profile);
144
145	0	0	0				if ($my_username && $my_password)
146							{
147	0						$profile = $self -> load_profile($my_resource, $my_username, $my_password);
148							}
149
150	0						$profile;
151
152							} # End of init.
153
154							# -----------------------------------------------
155
156							sub load_profile
157							{
158	0			0	0		my($self, $resource, $username, $password) = @_;
159	0						my($sql) = "select * from $$self{'_session_table'} where $$self{'_resource_name_column'} = ? and $$self{'_session_key_name_column'} = ? and $$self{'_session_password_column'} = ?";
160	0						my($sth) = $$self{'_dbh'} -> prepare($sql);
161
162	0						$sth -> execute($resource, lc $username, $password);
163
164	0						my($profile) = $sth -> fetchrow_hashref();
165
166	0						$sth -> finish();
167
168	0	0	0				if ($profile && $$profile{$$self{'_session_key_name_column'} })
169							{
170	0						$profile =
171							{
172							full_name => $$profile{$$self{'_session_full_name_column'} },
173							resource => $$profile{$$self{'_resource_name_column'} },
174							username => $$profile{$$self{'_resource_username_column'} },
175							password => $$profile{$$self{'_resource_password_column'} },
176							};
177							}
178							else
179							{
180	0						$profile = undef;
181							}
182
183	0						$profile;
184
185							} # End of load_profile.
186
187							# -----------------------------------------------
188
189							sub new
190							{
191	0			0	0		my($class, %arg) = @_;
192	0						my($self) = bless({}, $class);
193
194	0						for my $attr_name ($self -> _standard_keys() )
195							{
196	0						my($arg_name) = $attr_name =~ /^_(.*)/;
197
198	0	0					if (exists($arg{$arg_name}) )
199							{
200	0						$$self{$attr_name} = $arg{$arg_name};
201							}
202							else
203							{
204	0						$$self{$attr_name} = $self -> _default_for($attr_name);
205							}
206							}
207
208	0	0	0				Carp::croak(__PACKAGE__ . ". You must specify values for the parameters 'dsn', 'username' and 'query'") if (! ($$self{'_dsn'} && $$self{'_username'} && $$self{'_query'}) );
			0
209
210	0						$$self{'_dbh'} = DBI -> connect
211							(
212							$$self{'_dsn'}, $$self{'_username'}, $$self{'_password'},
213							{
214							AutoCommit => 1,
215							PrintError => 0,
216							RaiseError => 1,
217							ShowErrorStatement => 1,
218							}
219							);
220
221	0	0					Carp::croak(__PACKAGE__ . " Cannot log on to database using DSN '$$self{'_dsn'}'") if (! $$self{'_dbh'});
222
223	0						return $self;
224
225							} # End of new.
226
227							# -----------------------------------------------
228
229							1;
230
231							__END__