#!/usr/local/bin/perl
# ERIN database gateway script
# Tony Boston - June 1994
# Define constants and environment variables
$ENV{'ORACLE_HOME'} = '';
$ENV{'ORACLE_SID'} = '';
$ENV{'TWO_TASK'} = '';
$cgidir = '';
$sqrdir = '';
$tmpdir = '';
$logdir = '';
# Print out a content-type for HTTP/1.0 compatibility
print "Content-type: text/html\n\n";
# Open the paramater file for reading
open(PARAM,"$tmpdir/param.$ENV{'REMOTE_ADDR'}") || die "Open parameter file did not work: $!\n";
while () {
chop;
if (/^report/) { ($stuff, $report) = split (/=/, $_)};
if (/^genus/) { ($stuff, $genus) = split (/=/, $_)};
if (/^species/) { ($stuff, $species) = split (/=/, $_)};
if (/^subspecies/) { ($stuff, $subspecies) = split (/=/, $_)};
}
close PARAM;
# Build parameter statement
$param = join('', "'",$genus,"' '",$species,"' '",$subspecies,"'");
# Check if GET or POST
if ($ENV{'REQUEST_METHOD'} eq "GET") {
$query = $ENV{'QUERY_STRING'};
# Uncomment for debugging purposes
# print "$query";
@pairs = split(/&/, $query);
foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);
# Un-Webify plus signs and %-encoding
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
# Stop people from using subshells to execute commands
$value =~ s/~!/ ~!/g;
# Uncomment for debugging purposes
# print "Setting $name to $value";
$param = join('', $param," '",$value,"'");
}
}
elsif ($ENV{'REQUEST_METHOD'} eq "POST") {
# Get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
# Split the name-value pairs
@pairs = split(/&/, $buffer);
foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);
# Un-Webify plus signs and %-encoding
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
# Stop people from using subshells to execute commands
$value =~ s/~!/ ~!/g;
# Uncomment for debugging purposes
# print "Setting $name to $value
";
$param = join('', $param," '",$value,"'");
}
}
# Die if no report name passed
if ($report !~ /R/ ) {
print "TITLE Error! /TITLE \n";
print "Error - No report name passed!\n";
die "$ENV{'REMOTE_HOST'}@$ENV{'REQUEST_METHOD'}@ERIS.pl@Error - No report name passed!\n";
}
# Set up SQR report command and log db access
$command = "$ENV{'ORACLE_HOME'}/bin/sqrt $sqrdir/$report.sqt -d $param | " .
"sed -f $sqrdir/sed_sqr_out; $cgidir/LOG2.sh $ENV{'REMOTE_HOST'} $report " .
"$ENV{'REQUEST_METHOD'} $param";
# Uncomment for debugging purposes
# print $command;
open (COMM, "$command|") || die "Open DB access command did not work: $!\n";
while () {
print;
}
close (COMM);