Listing 8. insert-article.pl

#!/usr/bin/perl -wT
# This is insert-article.pl, a CGI program
# written in Perl that expects to be invoked from
# the form in Listing 7.  It inserts a new
# file/date pair into the database.
use strict;
use diagnostics;
use vars qw($query $dbh $docname $year $month $day $sql $sth);
use CGI;
use DBI;
# Create an instance of CGI
$query = new CGI;
# Grab the filename and date
$docname = $query->param("docname");
$year = $query->param("year");
$month = $query->param("month");
$day = $query->param("day");
# Give a warning if the filename was not entered
# (We don't have to worry about the date, since the
# defaults are a legitimate date of January 1, 1998)
if (!$docname)
{
    print $query->header("text/html");
    print $query->start_html(-title => "No filename!");
    print "<P>You forgot to enter a filename.  Please try again.</P>\n";
    print $query->end_html;
    exit;
}
# Get a handle to the insecure "test" database
# (Good for explanations, but bad for production
# code)
$dbh = DBI->connect("DBI:mysql:test");
# Set the SQL
$sql = "INSERT INTO Articles (filename,date) ";
$sql .= "VALUES (\"$docname\",
   \"$year-$month-$day\")";
# Send the SQL
$sth = $dbh->do($sql);
# Check for errors
&log_and_die("Error: " . $sth->errstr) unless $sth;
# Indicate success to the user
print $query->start_html(-title =>
   :w
"Added filename");
print "<P>Successfully added (SQL = \"$sql\")</P>\n";
print $query->end_html;