added on WebSTLs (webstls.com) at 2026-07-01 22:26:46
| 1 | #!/usr/bin/perl | |
| 2 | #====================================================================== | |
| 3 | # WebSTLs - Save the per-user sidebar-collapsed preference. | |
| 4 | # | |
| 5 | # Called by the toggle button in the wrapper template (fetch POST with | |
| 6 | # keepalive:true). Writes user_settings.sidebar_collapsed for the | |
| 7 | # logged-in user. Idempotent -- safe to call repeatedly. | |
| 8 | #====================================================================== | |
| 9 | use strict; | |
| 10 | use warnings; | |
| 11 | ||
| 12 | use lib '/var/www/vhosts/webstls.com/httpdocs'; | |
| 13 | use CGI; | |
| 14 | use MODS::DBConnect; | |
| 15 | use MODS::Login; | |
| 16 | use MODS::WebSTLs::Config; | |
| 17 | ||
| 18 | my $q = CGI->new; | |
| 19 | my $form = $q->Vars; | |
| 20 | my $auth = MODS::Login->new; | |
| 21 | my $db = MODS::DBConnect->new; | |
| 22 | my $cfg = MODS::WebSTLs::Config->new; | |
| 23 | my $DB = $cfg->settings('database_name'); | |
| 24 | ||
| 25 | $| = 1; | |
| 26 | ||
| 27 | # POST only -- prevents drive-by GETs from changing user prefs. | |
| 28 | if (($ENV{REQUEST_METHOD} || '') ne 'POST') { | |
| 29 | print "Status: 405 Method Not Allowed\nContent-Type: text/plain\n\nPOST required\n"; | |
| 30 | exit; | |
| 31 | } | |
| 32 | ||
| 33 | my $userinfo = $auth->login_verify(); | |
| 34 | if (!$userinfo || !$userinfo->{user_id}) { | |
| 35 | print "Status: 401 Unauthorized\nContent-Type: text/plain\n\nlogin required\n"; | |
| 36 | exit; | |
| 37 | } | |
| 38 | ||
| 39 | my $uid = $userinfo->{user_id}; | |
| 40 | $uid =~ s/[^0-9]//g; | |
| 41 | ||
| 42 | my $val = $form->{sidebar_collapsed} || '0'; | |
| 43 | $val = ($val eq '1') ? 1 : 0; | |
| 44 | ||
| 45 | my $dbh = $db->db_connect(); | |
| 46 | ||
| 47 | # Make sure the column exists before writing. The wrapper renderer | |
| 48 | # also guards this, but a fresh DB without the migration would | |
| 49 | # otherwise 500 here too. | |
| 50 | my $col = $db->db_readwrite($dbh, qq~ | |
| 51 | SELECT COUNT(*) AS n FROM information_schema.columns | |
| 52 | WHERE table_schema='$DB' | |
| 53 | AND table_name='user_settings' | |
| 54 | AND column_name='sidebar_collapsed' | |
| 55 | ~, $ENV{SCRIPT_NAME}, __LINE__); | |
| 56 | ||
| 57 | if (!$col || !$col->{n}) { | |
| 58 | $db->db_disconnect($dbh); | |
| 59 | print "Status: 503 Service Unavailable\nContent-Type: text/plain\n\nmigration pending\n"; | |
| 60 | exit; | |
| 61 | } | |
| 62 | ||
| 63 | # Upsert via INSERT ... ON DUPLICATE KEY UPDATE -- user_settings is | |
| 64 | # keyed on user_id, so this seeds a row the first time and updates | |
| 65 | # subsequent toggles. | |
| 66 | $db->db_readwrite($dbh, qq~ | |
| 67 | INSERT INTO `${DB}`.user_settings | |
| 68 | SET user_id='$uid', | |
| 69 | sidebar_collapsed='$val' | |
| 70 | ON DUPLICATE KEY UPDATE | |
| 71 | sidebar_collapsed='$val', | |
| 72 | updated_at=NOW() | |
| 73 | ~, $ENV{SCRIPT_NAME}, __LINE__); | |
| 74 | ||
| 75 | $db->db_disconnect($dbh); | |
| 76 | ||
| 77 | print "Content-Type: text/plain\nCache-Control: no-store\n\nok\n"; |