#!/usr/bin/perl # use CGI::Carp qw(fatalsToBrowser); use lib 'perlconf'; use schoeters_conf; &schoeters_conf::vars(); use DBI; if ($ENV{'REQUEST_METHOD'} eq 'GET') { @vv = split(/&/, $ENV{'QUERY_STRING'}); foreach $pair(@vv) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $name =~ tr/+/ /; $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value=~s/\\/\//gi; $value=~s/'/�/gi; $value=~s/;/,/gi; $value=~s/\n/\ /gi; $value=~s/"/"/gi; $value=~s/</gi; $value=~s/>/>/gi; $FORM{$name} = $value; # print "$name = $value
"; } } if ($ENV{'REQUEST_METHOD'} eq 'POST') { read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); @vv = split(/&/, $buffer); foreach $pair(@vv) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $name =~ tr/+/ /; $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value=~s/\\/\//gi; $value=~s/'/�/gi; $value=~s/;/,/gi; $value=~s/\n/\ /gi; $value=~s/"/"/gi; $value=~s/</gi; $value=~s/>/>/gi; $FORM{$name} = $value; # print "$name = $value
"; } $db = DBI->connect("DBI:mysql:$CONFIG{name}:$CONFIG{host}", $CONFIG{user}, $CONFIG{pass}); $query = $db->prepare("SELECT * FROM geregistreerdegebruikers WHERE email = '$FORM{user_login}' AND paswoord = '$FORM{user_paswoord}' "); $query->execute; while (@array = $query->fetchrow_array) { $found = 'ok'; } $query->finish; $db->disconnect; if ($found eq 'ok') { use CGI; $query = new CGI; $cookie = $query->cookie(-name=>'schoeters_user', -value=>"$FORM{user_login}:::$FORM{user_paswoord}", -expires=>'Fri, 31-Dec-2049 23:59:59 GMT;', -path=>'/'); print $query->header(-cookie=>$cookie); if ($FORM{'ref'} ne '') { $seloc = "/portefeuille/detail.php?item=$FORM{wat}&sorting=&ref=$FORM{ref}"; } $seloc = '/index.php' if ($FORM{'ref'} eq ''); print qq{
}; exit; } } $message = 'Gelieve uw e-mailadres en paswoord in te geven.
'; if ($ENV{'REQUEST_METHOD'} eq 'POST') { $message = 'Verkeerd e-mailadres of paswoord.
'; } ########################################################################################### # START VAN DE OUTPUT ########################################################################################### print "Content-Type: text/html;\n\n"; # ======================================================================================== # HEADER FILE # ======================================================================================== open(R, 'template/header.tmpl') or &die("Can't open header file: $!"); while (