# Listing 3: zap-thread.pl #!/usr/bin/perl -wT # Time-stamp: <1998-12-08 09:58:14 reuven> # zap-thread.pl, which allows for the deletion of an entire thread use strict; use diagnostics; use CGI; use CGI::Carp qw(fatalsToBrowser); use DBI; use lib qw(/home/reuven/www/cgi-bin); use ATFConstants; # Remove buffering $| = 1; # ------------------------------------------------------------ # Create an instance of CGI my $query = new CGI; # Send a MIME header print $query->header("text/html"); print $query->start_html(-title => "Zap a thread", -bgcolor => "#FFFFFF"); # Connect to the database my $dbh = DBI->connect("DBI:mysql:$database:$server:$port",$username,$password); die "DBI error from connect: ", $DBI::errstr unless $dbh; # ------------------------------------------------------------ # If we were invoked with GET, print a list of threads with # checkboxes if ($query->request_method eq "GET") { print "

Zap threads

\n"; print "

Check the box next to any thread you wish to delete. \n"; print "Then enter the password. There is no undelete."; print "You have been warned.

\n"; print "
\n"; my $sql = "SELECT id,subject FROM ATFThreads ORDER BY subject"; # Send the query my $sth = $dbh->prepare($sql); die "DBI error with prepare:", $sth->errstr unless $sth; # Execute the query my $result = $sth->execute; die "DBI error with execute:", $sth->errstr unless $result; # If we received threads from the SELECT, print them out if ($sth->rows) { # Iterate through thread IDs and names while (my @row = $sth->fetchrow) { print " $row[1]\n
"; } # Finish that database call $sth->finish; } else { print "

No threads to display<\#150><\#150>so there's nothing to zap!

\n"; } print '

Password: ', "\n

"; print '

', "\n

"; print "
\n"; } # If we are invoked with POST, check the password and delete # the appropriate threads and messages elsif ($query->request_method eq "POST") { # Check the password if ($query->param("password") eq $zap_password) { my @elements = $query->param; # Iterate through each thread ID marked for deletion foreach my $element (@elements) { # Ignore any elements we don't want next unless ($element =~ m/^thread-(\d+)$/); # Grab the thread ID my $thread_id = $1; # Delete the thread from ATFThreads my $sql = "DELETE FROM ATFThreads WHERE id = $thread_id "; warn "SQL: \"$sql\"\n"; my $sth = $dbh->prepare ($sql); my $result = $sth->execute; die("Error deleting from ATFThreads: " . $sth->errstr) unless $result; print "

Deleted the thread.

\n"; # Delete messages for this thread from ATFMessages $sql = "DELETE FROM ATFMessages WHERE thread = $thread_id "; warn "SQL: \"$sql\"\n"; $sth = $dbh->prepare ($sql); $result = $sth->execute; die("Error deleting from ATFMessages: " . $sth->errstr) unless $result; print "

Deleted messages in the thread.

\n"; } } else { print "

Sorry, but you entered the wrong password.

\n"; } } # If the request method is neither GET nor POST, issue an error else { print "

Sorry, but we only recognize GET and POST.

\n"; } # ------------------------------------------------------------ # Menu bar print "

\n"; # Send the user to the posting form print "[Post a message]"; print "\n"; # Send the user to the thread list print "[View all threads]\n"; # Send the user to the search print "[Search]\n"; # Allow the user to create a new thread print "[Add a new thread]\n"; # Give a plug for the ATF home page print "[ATF home]\n"; print "

\n"; # Disconnect from the database $dbh->disconnect;