An error occurred while trying to post your comment to the database. If the problem persists contact the site adminitrator.}; exit 1; } else { print $query->redirect("obituary.cgi?function=comments&messageid=$params->{'messageid'}"); exit 0; } } }

#!/usr/bin/perl
#use strict;
use DBI;
use CGI;

my $dsn = 'DBI:mysql:liberty:localhost';
my $db_user_name = 'liberty';
my $db_password = 'ytrebil';
my $dbh = DBI->connect($dsn, $db_user_name, $db_password);
my $sth;

my $query = new CGI;
my $params = $query->Vars;

my @out;
open(F, "site template.html") or die $!;
my $content = join("",<F>);
close(F);

#Default to current obits if no messageid
unless(exists($params->{'messageid'}) || exists($params->{'date'})) { 
print $query->header;
$sth = $dbh->prepare(qq{select title, message, messageid, icons, postdate from messages ORDER BY datetime DESC});
my $rv = $sth->execute or die $sth->errstr;

push(@out, qq{<table border=0 cellpadding=0 cellspacing=0 width="100%">\n<tr>\n<td>});
open(F, "obituary plain template.html") or die $!;
my $template = join("",<F>);
close(F);
open(C, "obituary main template.html") or die $!;
$content = join("", <C>);
close(C);

#my ($title, $message, $messageid, $icons, $postdate);
while(my($title, $message, $messageid, $icons, $postdate) = $sth->fetchrow_array()) {
    my ($rows,$sql);
    $sql = $dbh->prepare(qq{select * from comments where messageid='$messageid'});
    $rows = $sql->execute;
    my $tmp = $template;
    my $tmpdate = $postdate;

    my @icon = split(',',$icons);
    my $iconscode="";
    foreach my $ico (@icon) {
	$iconscode = qq{$iconscode<img src="$ico.gif">};
    }

    $tmpdate =~ s/(....)-(..)-(..)/$2\/$3\/$1/og;
    $tmp =~ s/\$TITLE\$/$title/og;
   my $image = qq{<img src="pics/$messageid.jpg">};
   if(-r "./pics/$messageid.jpg") {
	$tmp =~ s/\$IMAGE\$/$image/og;
    } else {
	$tmp =~ s/\$IMAGE\$//og;
    }
    $tmp =~ s/\$MESSAGE\$/$message/og;
    $tmp =~ s/\$ICONS\$/$iconscode/og;
    $tmp =~ s/\$MESSAGEID\$/$messageid/og;
    $tmp =~ s/\$POSTDATE\$/$tmpdate/og;

    if($rows != 0) {    $tmp =~ s/\$CNUM\$/$rows/og; } else { $tmp =~ s/\$CNUM\$/0/og; }
    push(@out, qq{<tr><td>});
    push(@out, $tmp);
}
    push(@out, qq{</tr></table>});
$content =~ s/<!--CONTENT-->/@out/og;
    print $content;
    exit 0;
#End Default Action
}
#Begin Date
if (exists($params->{'date'}) && $params->{'date'} ne "") {
    print $query->header;
$sth = $dbh->prepare(qq{select title, message, messageid, icons, postdate from messages where postdate='$params->{'date'}' ORDER BY datetime DESC});
my $rv = $sth->execute or die $sth->errstr;
if($rv == 0) { push(@out,qq{No messages in the database});}

open(F, "obituary template.html") or die $!;
my $template = join("",<F>);
close(F);

#my ($title, $message, $messageid, $postdate);
while(my($title, $message, $messageid, $icons, $postdate) = $sth->fetchrow_array()) {
    my ($rows,$sql);
    $sql = $dbh->prepare(qq{select * from comments where messageid='$messageid'});
    $rows = $sql->execute;

    my $tmp = $template;
    my $tmpdate = $postdate;
    $tmpdate =~ s/(....)-(..)-(..)/$2\/$3\/$1/og;

    my @icon = split(',',$icons);
    my $iconscode="";
    foreach my $ico (@icon) {
	$iconscode = qq{$iconscode<img src="$ico.gif">};
    }
   my $image = qq{<img src="pics/$messageid.jpg">};
   if(-r "./pics/$messageid.jpg") {
	$tmp =~ s/\$IMAGE\$/$image/og;
    } else {
	$tmp =~ s/\$IMAGE\$//og;
    }
    
    $tmp =~ s/\$ICONS\$/$iconscode/og;
    $tmp =~ s/\$TITLE\$/$title/og;
    $tmp =~ s/\$MESSAGE\$/$message/og;
    $tmp =~ s/\$MESSAGEID\$/$messageid/og;
    $tmp =~ s/\$POSTDATE\$/$tmpdate/og;
    if($rows != 0) {    $tmp =~ s/\$CNUM\$/$rows/og; } else { $tmp =~ s/\$CNUM\$/0/og; }
    push(@out, $tmp);
}
$content =~ s/<!--CONTENT-->/@out/og;
    print $content;
    exit 0;
#End Date handling
}
if (exists($params->{'function'})) { 
# Handle comments section
    if($params->{'function'} eq "comments") {
	print $query->header;
	open(F, "obituary template.html") or die $!;
	my $obittemp = join("",<F>);
	close(F);
	open(F, "comment template.html") or die $!;
	my $template = join("",<F>);
	close(F);

$sth = $dbh->prepare(qq{select title, message, postdate, icons from messages where messageid=? });
$sth->execute($params->{'messageid'}) or die $sth->errstr;
    my($rows,$sql);
    $sql = $dbh->prepare(qq{select * from comments where messageid=?});
    $rows = $sql->execute($params->{'messageid'});

push(@out, qq{<table width="400" cellpadding=0 cellspacing=0><tr><td>});
while(my($title, $message, $postdate,$icons) = $sth->fetchrow_array){
    my $tmpdate = $postdate;
    $tmpdate =~ s/(....)-(..)-(..)/$2\/$3\/$1/og;
    $obittemp =~ s/\$TITLE\$/$title/og;

    my @icon = split(',',$icons);
    my $iconscode="";
    foreach my $ico (@icon) {
	$iconscode = qq{$iconscode<img src="$ico.gif">};
    }

    my $tmpid = $params->{'messageid'};
       my $image = qq{<img src="pics/$tmpid.jpg">};
   if(-r "./pics/$tmpid.jpg") {
	$obittemp =~ s/\$IMAGE\$/$image/og;
    } else {
	$obittemp =~ s/\$IMAGE\$//og;
    }
    
    $obittemp =~ s/\$ICONS\$/$iconscode/og;
    $obittemp =~ s/\$MESSAGE\$/$message/og;
    $obittemp =~ s/\$MESSAGEID\$/$params->{'messageid'}/og;
    $obittemp =~ s/\$POSTDATE\$/$tmpdate/og;
    if($rows != 0) {    $obittemp =~ s/\$CNUM\$/$rows/og; } else { $obittemp =~ s/\$CNUM\$/0/og; }    
    push(@out, qq{<br><br></td></tr><tr><td>});    
    push(@out, $obittemp);
}

#removed 4/4/07 to combat spam
#open(F, "post template.html") or die $!;
#my $post = join("",<F>);
#close(F);
#$post =~ s/\$MESSAGEID\$/$params->{'messageid'}/og;
#push(@out, $post);


#$sth = $dbh->prepare(qq{select name, comments, commentid, postdate from comments where messageid=?});
#$sth->execute($params->{'messageid'}) or die $!;

#my ($rows,$sql);
#$sql = $dbh->prepare(qq{select * from comments where messageid='$params->{'messageid'}'});
#$rows = $sql->execute;

#while(my($name, $comment, $commentid, $postdate) = $sth->fetchrow_array()) {
#    my $tmp = $template;
#    my $tmpdate = $postdate;
#    $tmpdate =~ s/(....)-(..)-(..)/$2\/$3\/$1/og;
#    $tmp =~ s/\$NAME\$/$name/og;
#    $tmp =~ s/\$COMMENT\$/$comment/og;
#    $tmp =~ s/\$COMMENTID\$/$commentid/og;
#    $tmp =~ s/\$POSTDATE\$/$tmpdate/og;
#    if($rows != 0) {    $tmp =~ s/\$CNUM\$/$rows/og; } else { $tmp =~ s/\$CNUM\$/0/og; }
#    push(@out, $tmp);
#}
#	push(@out, qq{</td></tr><tr><td>});
	push(@out, qq{</td></tr></table>});

	$content =~ s/<!--CONTENT-->/@out/og;
	print $content;
	exit 0;

#End Comments
    } elsif ($params->{'function'} eq "post") {
#added 4/4/07 to prevent spam
	print $query->redirect("/Obit.htm");
	exit 0;

	unless(exists($params->{'name'}) || $params->{'name'} eq "") { print $query->header; print "Title field was left blank"; exit 1; }
	unless(exists($params->{'comment'}) || $params->{'comment'} eq "") { print $query->header; print "Comment was left blank"; exit 1; }
	unless(exists($params->{'messageid'}) || $params->{'messageid'}) { print $query->header; print "Unable to determine obituary to post comment to. If problem persists contact the site administrator."; exit 1; }
	$params->{'name'} =~ s/\'/\\'/sog;
$params->{'comment'} =~ s/\'/\\'/sog;

	my $rv = $dbh->do(qq{insert into comments VALUES('$params->{'name'}','$params->{'comment'}', MD5('$params->{'name'}'+NOW()), '$params->{'messageid'}',NOW(), NOW())});

	$dbh->disconnect;
	if($rv == 0) { 
	    print $query->header,qq{<h1><font face=Arial>An error occurred while trying to post your comment to the database.  If the problem persists contact the site adminitrator.}; 
	    exit 1; 
	} else {
	    print $query->redirect("obituary.cgi?function=comments&messageid=$params->{'messageid'}");
	exit 0;
	}
    }
}