Added check to see if key has been used

2016-09-01 13:30:08 +01:00 · 2016-09-01 13:30:08 +01:00 · 45bfa2878c
commit 45bfa2878c
parent f9e850dff9
2 changed files with 21 additions and 15 deletions
--- a/getusername.pl
+++ b/getusername.pl
@ -4,6 +4,7 @@
 use Mojolicious::Lite;
 use Data::UUID;
 use Devel::Dwarn;
+use Mojo::JSON;

 # connect to database
 use DBI;
@ -32,9 +33,16 @@ post '/' => sub {
  my $self = shift;
 # get the key from user
  my $key = $self->req->json;
+# Check if that token key has been used before
+  my $keyused = $dbh->selectall_arrayref("SELECT keyused FROM accounts WHERE idkey = ?", undef, $key->{token});
+# if the key has been used before, tell the user to sod off
+  unless ($keyused != t) {
+  print "The key $key has already been used!";
+  return $self->render(json => {'success' => Mojo::JSON->false});
+}
 # get from db the username matching the key and then send it back at them
  my $username = $dbh->selectall_arrayref("SELECT username FROM accounts WHERE idkey = ?", undef, $key->{token});
-  $self->render(json => {'username' => $username->[0]}  );
+  $self->render(json => {'username' => $username->[0], success => Mojo::JSON->true}  );
 # When user has submitted json of data, define data
  my $name = $self->req->json;
  my $email = $self->req->json;
--- a/senddatatodb.pl.example
+++ b/senddatatodb.pl.example
@ -24,37 +24,35 @@ while (1) {
  $insert = eval { $dbh->prepare('INSERT INTO foodloop (username, company, currency, filename) VALUES (?,?,?,?)') };
  # break out of loop if statement prepared
  last if $insert;
-  print "Creating new Table";
-  # if statement didn't prepare, assume its because the table doesn't exist
-#  warn "Creating table 'foodloop'\n";
-#  $dbh->do('CREATE TABLE foodloop (
-#  username varchar(255),
-#  company varchar(255),
-#  currency integer,
-#filename varchar(255)
-#);'
-);
+  print "Make the table!";
 }

 # setup route which receives data and returns to /
 post '/' => sub {
  my $self = shift;
-  # Fetch parameters to write to DB
+# Fetch parameters to write to DB
+  my $key = $self->param('key');
+# This will include an if function to see if key matches
+# unless ($key eq $config->{key}) {
+# print "key does not match!";
+# } 
  my $username = $self->param('username');
  my $company = $self->param('company');
  my $currency = $self->param('currency');
  my $file = $self->req->upload('file');
-  # Get image type and check extension
+# Get image type and check extension
  my $headers = $file->headers->content_type;
-  # Is content type wrong?
+# Is content type wrong?
  if ($headers ne 'image/jpeg') {
      print "Upload fail. Content type is wrong.\n";
  };
-  # Rewrite header data
+# Rewrite header data
  my $ext = '.jpg';
  my $uuid = Data::UUID->new->create_str;
  my $filename = $uuid . $ext;
+# send photo to image folder on server
  $file->move_to('images/' . $filename);
+# send data to foodloop db
  $insert->execute($username, $company, $currency, $filename);
  $self->render(text => 'It did not kaboom!');
 };