<TMPL_IF content><TMPL_VAR NAME=content></TMPL_IF>
</div>
<div style="height:20px;"> </div>
</div>
<!-- /Content -->
</td>
<td width="1" nowrap bgcolor="#979797"></td>
<td width="1" nowrap></td>
</tr>
</table>
<table width="1002" cellspacing="0" cellpadding="0" border="0">
<tr height="51">
<td width="201" nowrap></td>
<td width="20" nowrap valign="top" style="background: url(images/bot_angle_left.gif) no-repeat;"></td>
<td width="100%" style="background: url(images/bot_cent.gif) repeat-x;" align="center">
<table cellspacing='0' cellpadding='0' border='0'>
<tr>
<td>Курсовая работа по программированию в сетях
<!-- <a href="" class="botmenu">Ссылка 1</a> -->
</td>
</tr>
</table>
</td>
<td width="11" nowrap valign="top" style="background: url(images/bot_angle_right.gif) no-repeat;"></td>
<td width="1" nowrap></td>
</tr>
</table>
</center>
</body>
</html>
Admin.pl
#!/usr/bin/perl
use lib '../mod';
use DBI();
use DBD::mysql;
use CGI qw/:standard/;
use CGI::Cookie;
use Time::Local;
use CGI::Carp 'fatalsToBrowser';
use HTML::Template;
require "../setup.inf"; #переменные
require "sub.pm"; #переменные
#подключеие БД
$dbh = DBI->connect("DBI:mysql:database=$db;host=$host","$user","$password");
$dbh->do("SET NAMES 'cp1251'");
$fid = param('id');
$fid2 = param('id2');
$action = param('action');
$login_in = param('login_in'); # для входа по паролю
$pass_in = param('pass_in'); #
$buffer2 = $ENV{'QUERY_STRING'};
#От SQL Иньекций
$fid =~ s/('|"|\||-|=|~|>|<|(|)|\$|#)//g;
$fid2 =~ s/('|"|\||-|=|~|>|<|(|)|\$|#)//g;
$action =~ s/('|"|\||-|=|~|>|<|(|)|\$|#)//g;
$login_in =~ s/('|"|\||-|=|~|>|<|(|)|\$|#)//g;
$pass_in =~ s/('|"|\||-|=|~|>|<|(|)|\$|#)//g;
#/От SQL Иньекций
@pairs2 = split(/&/, $buffer2);
foreach $pair2 (@pairs2) {
($name2, $value2) = split(/=/, $pair2);
$value2 =~ tr/+/ /;
$value2 =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name2} = $value2;
}
$form_fid = $FORM{"id"}; $form_fid =~ s/('|"|\||-|=|~|>|<|(|)|\$|#)//g;
$viev = $FORM{"viev"};
$act = $FORM{"act"};
if ($act eq ''){ #если $act пусто. Возможно при нажатии на кнопку в форме
($xxx) = $ENV{'REQUEST_URI'} =~ m#([^\/:]+)$#;
# ($act) = split (/\./,$xxx);
# ($act, $fid) = split (/-/,$act);
@pairs2 = split(/&/, $xxx);
foreach $pair2 (@pairs2) {
($name2, $value2) = split(/=/, $pair2);
$value2 =~ tr/+/ /;
$value2 =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name2} = $value2;
}
$act = $FORM{'act'};
$fid = $FORM{'id'};
$viev = $FORM{"viev"};
}
else {$fid = $form_fid;}
#Оставляем только числа
if ($fid) {$fid =~ s/(\d+)/$1/;$fid = $1;}
if ($fid2){$fid2 =~ s/(\d+)/$1/;$fid2 = $1;}
#/Оставляем только числа
#------------------------------Время------------------------
$timeoffset = 0;
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time + (3600*$timeoffset));
$mon++;
$mday = "0$mday" if ($mday < 10);
$mon = "0$mon" if ($mon < 10);
$hour = "0$hour" if ($hour < 10);
$min = "0$min" if ($min < 10);
$year = 2000 + ($year - 100);
$data_form = "$mday.$mon.$year";
$reg_date = "$year-$mon-$mday";
$time_form = "$hour:$min:$sec";
#-----------------------------------------------------------
#############################################
# Проверка паролей #
#############################################
require "modul/autentification.pl";
#############################################
####<<< SEREDINKA
if ($act eq '') {require "ind.pl";}
elsif ($act eq 'firma') {require "firma.pl";}
elsif ($act eq 'model') {require "model.pl";}
elsif ($act eq 'sale') {require "sale.pl";}
else {print "Location: http://$ENV{'SERVER_NAME'}/admin/\n\n"; exit;}
####>>>
#Информационные сообщения
if (@ok){$HTML_SITE{ok} = \@ok;}
if (@error){$HTML_SITE{error} = \@error;}
#/Информационные сообщения
print "Content-type: text/html\n\n";
my $template = HTML::Template->new(filename => 'html/admin.html');
$template->param(%HTML_SITE);
my $HTML_SITE_out = $template->output;
print <<EOF;
$HTML_SITE_out
EOF
#отключение БД
$dbh->disconnect();
Ind.pl
1;
$HTML_SITE{title} = 'Главная страница';
$HTML_SITE{title2} = 'Добро пожаловать в систему администрирования Интернет-магазина';
$HTML_SITE{content} = 'Для работы с данной частью приложения воспользуйтесь пунктами меню в левой части экрана.';
1;
Model.pl
1;
my $sth = $dbh->prepare("SELECT id,Name_Firma FROM Firma");
$sth->execute();
while (my $ref = $sth->fetchrow_hashref()) {
$sel.=qq[<option value="$ref->{'id'}">$ref->{'Name_Firma'}</option>];
}
$sth->finish();
my $sth = $dbh->prepare("SELECT id,name FROM Pol");
$sth->execute();
while (my $ref = $sth->fetchrow_hashref()) {
$sel1.=qq[<option value="$ref->{'id'}">$ref->{'name'}</option>];
}
$sth->finish();
my $sth = $dbh->prepare("SELECT id,name FROM Kreplen");
$sth->execute();
while (my $ref = $sth->fetchrow_hashref()) {
$sel2.=qq[<option value="$ref->{'id'}">$ref->{'name'}</option>];
}
$sth->finish();
my $sth = $dbh->prepare("SELECT id,name FROM Mechanism");
$sth->execute();
while (my $ref = $sth->fetchrow_hashref()) {
$sel3.=qq[<option value="$ref->{'id'}">$ref->{'name'}</option>];
}
$sth->finish();
#act
if ($action eq 'Изменить') {&edit;}
elsif ($action eq 'Добавить'){&add;}
elsif ($action eq 'Удалить') {&del;}
#viv
if ($viev eq 'edit') {&blokedit;}
elsif ($viev eq 'add') {&blokadd;}
else {&blokviev;}
################################################################################
sub blokviev {
my $sth = $dbh->prepare("SELECT Model.*,Firma.Name_Firma as Nfirma,Pol.name as Pname,Kreplen.name as Kname,Mechanism.name as Mname
FROM Model inner join Firma on Model.id_Firma = Firma.id
inner join Pol on Model.id_Pol = Pol.id
inner join Kreplen on Model.id_Kreplen = Kreplen.id
inner join Mechanism on Model.id_Mechanism = Mechanism.id");
$sth->execute();
while (my $ref = $sth->fetchrow_hashref()) {
if (!($ref->{Name_Model})){$ref->{Name_Model} = "Не задано";}
my $hd; if ($ref->{ehide}){$hd="_h";}
$HTML_SITE{content}.=<<LINES;
<table border=1 cellpadding="0" cellspacing="0" align="center">
<td width=90 height=50 valign="center" align="center">
<img src="/admin/Photos/$ref->{Photo}" width="80" valign="absmiddle" align="absmiddle">
</td>
<td width=90 valign="center" align="center"><b><font color="blue">$ref->{Nfirma}</font></b>
</td>
<td width=150 valign="center" align="center"><b><font color="blue">$ref->{Name_Model}</font></b>
</td>
<td width=70 valign="center" align="center"><b><font color="red">$ref->{Price}</font> .</b>
</td>
<td><a href="?act=$act&id=$ref->{id}&viev=edit"><img src="/admin/images/editor.jpg" width="40" height="40" align="absmiddle" alt="Редактировать"></a>
</td>
<td><a href="#" onclick="del_id('$ref->{id}')"><img src="/admin/images/Urna.jpg" width="40" height="40" align="absmiddle" alt="Удалить"></a>
</td>
</table>
LINES
}
$sth->finish();
$HTML_SITE{content}.=<<LINES;
<form style="display: none" method="POST" action="" id="deletes" name="deletes"><input type="hidden" name="ids" value=""><input type="hidden" name="action" value="Удалить"></form>
LINES
$HTML_SITE{title} = "Список моделей часов [<a href=\"?act=$act&viev=add\">Добавить</a>]";
$HTML_SITE{title2} = 'Просмотр';
}
################################################################################
sub blokedit {
my ($db_id,$db_Firma,$db_Name_Model,$db_Mechanism,$db_Kreplen,$db_Pol,$db_Data_post,$db_Price,$db_Photo) =
$dbh->selectrow_array("SELECT id,id_Firma,Name_Model,id_Mechanism,id_Kreplen,id_Pol,Data_post,Price,Photo FROM $act WHERE id='$fid'");
$HTML_SITE{content}=<<LINES;
<div style="clear:both"></div>
<form method="POST" enctype="multipart/form-data">
<div class="nm">Фирма</div>
<div class="nm2"><select name="Firma" size="1" style="width:30%">
$sel
</select>
<script>\$('option[\@value=$db_Firma]').get(0).selected = 'selected';</script>
</div>
<divclass="nm">Название</div>
<div class="nm2"><input name="Name_Model" value="$db_Name_Model" type="text" width=200"></div>
<div class="nm">Механизм</div>
<div class="nm2"><select name="Mechanism" size="1" style="width:30%">
$sel3
</select>
<script>\$('option[\@value=$db_Mechanism]').get(1).selected = 'selected';</script>
</div>
<divclass="nm">Крепление</div>
<div class="nm2"><select name="Kreplen" size="1" style="width:30%">
$sel2
</select>
<script>\$('option[\@value=$db_Kreplen]').get(2).selected = 'selected';</script>
</div>
<div class="nm">Пол</div>
<div class="nm2"><select name="Pol" size="1" style="width:30%">
$sel1
</select>
<script>\$('option[\@value=$db_Pol]').get(3).selected = 'selected';</script>
</div>
<divclass="nm">Дата поставки</div>
<div class="nm2"><input name="Data_post" value="$db_Data_post" type="text" width=200"></div>
<divclass="nm">Стоимость</div>
<div class="nm2"><input name="Price" value="$db_Price" type="text" width=200"></div>
<divclass="nm">Изображение</div>
<div class="nm2"><input name="Photo" value="$db_Photo" type="text" width=200"></div>
<div class="nm"><input name="action" type="submit" value="Изменить"></div>
<input name="id" value="$db_id" type="hidden">
</form>
LINES
$HTML_SITE{title} = 'Список моделей часов';
$HTML_SITE{title2} = 'Редактор';
}
sub blokadd {
$HTML_SITE{content}=<<LINES;
<div style="clear:both"></div>
<form method="POST" enctype="multipart/form-data">
<div class="nm">Фирма</div>
<div class="nm2"><select name="Firma" size="1" style="width:30%">
$sel
</select></div>
<div class="nm">Название</div>
<div class="nm2"><input name="Name_Model" value="$db_name" type="text" width=200"></div>
<div class="nm">Механизм</div>
<div class="nm2"><select name="Mechanism" size="1" style="width:30%">
$sel3
</select></div>
<div class="nm">Крепление</div>
<div class="nm2"><select name="Kreplen" size="1" style="width:30%">
$sel2
</select></div>
<div class="nm">Пол</div>
<div class="nm2"><select name="Pol" size="1" style="width:30%">
$sel1
</select></div>
<div class="nm">Дата поставки</div>
<div class="nm2"><input name="Data_post" value="$db_name" type="text" style="width=200"></div>
<divclass="nm">Стоимость</div>
<div class="nm2"><input name="Price" value="$db_name" type="text" style="width=200"></div>
<divclass="nm">Изображение</div>
<div class="nm2"><input name="Photo" value="$db_name" type="text" style="width=200"></div>
<div class="nm"><input name="action" type="submit" value="Добавить"></div>
<input name="firm" value="1" type="hidden">
</form>
LINES
$HTML_SITE{title} = "Список моделей часов";
$HTML_SITE{title2} = 'Добавление';
}
################################################################################
sub edit {
my $Firma = param('Firma'); $Firma = $dbh->quote( $Firma );
my $Name_Model = param('Name_Model'); $Name_Model = $dbh->quote( $Name_Model );
my $Mechanism = param('Mechanism'); $Mechanism = $dbh->quote( $Mechanism );
my $Kreplen = param('Kreplen'); $Kreplen = $dbh->quote( $Kreplen );
my $Pol = param('Pol'); $Pol = $dbh->quote( $Pol );
my $Data_post = param('Data_post'); $Data_post = $dbh->quote( $Data_post );
my $Price = param('Price'); $Price = $dbh->quote( $Price );
my $Photo = param('Photo'); $Photo = $dbh->quote( $Photo );
my $sth = $dbh->prepare("UPDATE $act SET id_Firma=$Firma,Name_Model=$Name_Model,id_Mechanism=$Mechanism,id_Kreplen=$Kreplen,id_Pol=$Pol,Data_post=$Data_post,Price=$Price,Photo=$Photo WHERE (id='$fid')");