$self->{action} = lc $self->{action};
$self->{action} =~ s/( |-|,|\#)/_/g;
- $self->{version} = "2.6.1";
+ #$self->{version} = "2.6.1"; # Old hardcoded but secure style
+ open VERSION_FILE, "VERSION"; # New but flexible code reads version from VERSION-file
+ $self->{version} = <VERSION_FILE>;
+ close VERSION_FILE;
+ $self->{version} =~ s/[^0-9A-Za-z\.\_\-]//g; # only allow numbers, letters, points, underscores and dashes. Prevents injecting of malicious code.
$main::lxdebug->leave_sub();
if (!$self->{header}) {
$self->header;
- print qq|
- <body>|;
+ print qq|<body>|;
}
print qq|
-
- <p><b>$msg</b>
+ <p class="message_ok"><b>$msg</b></p>
+
+ <script type="text/javascript">
+ <!--
+ // If JavaScript is enabled, the whole thing will be reloaded.
+ // The reason is: When one changes his menu setup (HTML / XUL / CSS ...)
+ // it now loads the correct code into the browser instead of do nothing.
+ setTimeout("top.frames.location.href='login.pl'",500);
+ //-->
+ </script>
+
+</body>
|;
} else {
</script>
| if $self->{"fokus"};
+ my $title_hack = qq|
+ <script type="text/javascript">
+ <!--
+ // Write a meaningful title-tag for our frameset.
+ top.document.title="| . $self->{"title"} . qq| - | . $self->{"login"} . qq| - | . $::myconfig{dbname} . qq| - Ver. | . $self->{"version"} . qq|";
+ //-->
+ </script>
+ |;
+
#Set Calendar
my $jsscript = "";
if ($self->{jsscript} == 1) {
$favicon
$jsscript
$ajax
-
$fokus
-
+ $title_hack
+
<link rel="stylesheet" href="css/jquery.autocomplete.css" type="text/css" />
<meta name="robots" content="noindex,nofollow" />
# Database routines used throughout
+sub _dbconnect_options {
+ my $self = shift;
+ my $options = { pg_enable_utf8 => $::locale->is_utf8,
+ @_ };
+
+ return $options;
+}
+
sub dbconnect {
$main::lxdebug->enter_sub(2);
my ($self, $myconfig) = @_;
# connect to database
- my $dbh =
- DBI->connect($myconfig->{dbconnect},
- $myconfig->{dbuser}, $myconfig->{dbpasswd})
+ my $dbh = DBI->connect($myconfig->{dbconnect}, $myconfig->{dbuser}, $myconfig->{dbpasswd}, $self->_dbconnect_options)
or $self->dberror;
# set db options
my ($self, $myconfig) = @_;
# connect to database
- my $dbh =
- DBI->connect($myconfig->{dbconnect}, $myconfig->{dbuser},
- $myconfig->{dbpasswd}, { AutoCommit => 0 })
+ my $dbh = DBI->connect($myconfig->{dbconnect}, $myconfig->{dbuser}, $myconfig->{dbpasswd}, $self->_dbconnect_options(AutoCommit => 0))
or $self->dberror;
# set db options