addcoins.pl
Copying Source is Forbidden
114 lines of code
1
#!/usr/local/bin/perl
2
3
binmode(STDIN, ":utf8");
4
binmode(STDOUT, ":utf8");
5
6
# must have's!
7
use strict;
8
use warnings;
9
use CGI::Carp qw(fatalsToBrowser);
10
use DBI;
11
use URI::Escape;
12
13
use lib "/var/www/html/Pm";
14
15
use Html qw(pre_html_header header);
16
use Html2 qw(tag br hr embolden);
17
use Bc_chef qw(cookie_get);
18
use Bc_misc qw(get_param referrer);
19
use Bc_sql qw(sql_execute
20
get_constant
21
user_exists
22
$QUERY_PAGE
23
$QUERY_UID
24
$LOGGEDIN
25
26
$DB
27
);
28
use Redir qw(notice_redir error_redir);
29
use User qw(isUserAdmin $USER_DATA get_user_points);
30
use Security qw(banned);
31
32
my $DEBUG = 0;
33
34
my $output;
35
36
if (not user_exists($LOGGEDIN) or banned($LOGGEDIN) or not isUserAdmin($LOGGEDIN)) {
37
my $msg = "Access Denied";
38
if ($DEBUG) { $msg .= " (addcoins.pl)"; }
39
$output = error_redir("/", $msg);
40
} else {
41
############################################################
42
### YOUR CONTENT HERE
43
44
my $uid = get_param($QUERY_UID);
45
my $c = get_param("c");
46
my $clear = get_param("clear");
47
my $curr_coins = get_user_points($uid);
48
my $select_sql = "select * from coins where ID = " . $DB->quote($uid);
49
my $insert_sql = "insert into coins values(" . $DB->quote($uid) . ", " . $DB->quote($c) . ")";
50
my $update_sql = "update coins set points=" . $DB->quote($curr_coins + $c) . " where ID=" . $DB->quote($uid);
51
my $clear_sql = "delete from coins where ID=" . $DB->quote($uid);
52
53
if ($DEBUG) {
54
$output = pre_html_header();
55
$output .= "DEBUG MODE ENABLED" . hr . br;
56
$output .= "\$c = $c" . br;
57
$output .= "\$select_sql = $select_sql" . br;
58
$output .= "\$insert_sql = $insert_sql" . br;
59
$output .= "\$update_sql = $update_sql" . br;
60
$output .= "\$clear_sql = $clear_sql" . br;
61
$output .= "\$clear = $clear" . br;
62
$output .= "" . br;
63
{ my %button;
64
$button{tag} = "button";
65
$button{type} = "button";
66
$button{class} = "yellow";
67
$button{title} = "Reload this Page";
68
$button{onclick} = "document.location.reload();";
69
$button{innerHTML} = "Reload";
70
71
$output .= tag(\%button) . br;
72
} else {
73
if ($clear eq 1) {
74
my $cleared = sql_execute($clear_sql, "addcoins.pl - clear");
75
if ($cleared) {
76
$output = notice_redir(referrer(), "Coins zero'd out");
77
} else {
78
$output = error_redir(referrer(), "Coins NOT zero'd out");
79
}
80
} else {
81
my $s_results = sql_execute($select_sql, "addcoins.pl - select");
82
if (ref $s_results eq "ARRAY") {
83
# we likely got a zero length array, indicating no data was found
84
if (@$s_results) {
85
$output = error_redir(referrer(), "well that shouldn't have happened!");
86
} else {
87
# now just add the new coin entry
88
my $i_result = sql_execute($insert_sql, "addcoins.pl - insert");
89
if ($i_result) {
90
$output = notice_redir(referrer(), "Coins added!");
91
} else {
92
$output = error_redir(referrer(), "could not insert new coin data");
93
}
94
}
95
} elsif (ref $s_results eq "HASH") {
96
# k, the user already has coins
97
my $u_result = sql_execute($update_sql, "addcoins.pl - update");
98
if ($u_result) {
99
$output = notice_redir(referrer(), "Coins added!");
100
} else {
101
$output = error_redir(referrer(), "could not update coin data");
102
}
103
} else {
104
$output = error_redir(referrer(), "well that shouldn't have happened!!");
105
}
106
}
107
}
108
109
############################################################
110
}
111
112
print $output;
113
114
exit 1;