--- sql2xls.cgi 2008/11/03 20:15:09 12 +++ sql2xls.cgi 2008/11/03 21:39:44 15 @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/perl -T use warnings; use strict; @@ -8,19 +8,25 @@ =head1 USAGE -Each file in current directory which ends in C<< *.sql >> will +Each file in current directory which ends in C<*.sql> will be converted to Excel sheet. If you want to have specific order, you can prefix filenames with numbers which will be striped when creating sheet names. -Comments in sql files (lines beginning with --) will be placed +Comments in sql files (lines beginning with C<-->) will be placed in first line in bold. To specify database on which SQL query is executed -C<< \c database >> syntax is supported. +C<\c database> syntax is supported. You can also run script from command line, and it will produce -C<< sql_reports.xls >> file. +C file. + +If run within directory, it will use files in it to produce file. + +When called as CGI, directory name can be appended to name of script +to produce report for any sub-directory within directory where +C is installed. =head1 INSTALLATION @@ -33,16 +39,34 @@ in Apache's virtual host configuration to get nice URLs +To configure default database, user, password and other settings create +C file in same directory in which C is with something +like this: + + $dsn = 'DBI:mysql:dbname='; + $database = 'database'; + $user = 'user'; + $passwd = 'password'; + $path = 'sql_reports.xls'; + + $db_encoding = 'utf-8'; + $xls_date_format = 'dd.mm.yyyy'; + + $debug = 1; + +=head1 SECURITY + +There is none. Use apache auth modules if you need it. + =head1 AUTHOR -Dobrica Pavlinusic, dpavlin@rot13.org +Dobrica Pavlinusic, dpavlin@rot13.org, L =cut use Spreadsheet::WriteExcel; use DBI; use CGI::Carp qw(fatalsToBrowser); -use CGI qw(path_translated); use Encode qw/decode/; use Data::Dump qw/dump/; @@ -58,17 +82,24 @@ our $debug = 1; -my $sql_dir = path_translated || '.'; +my $sql_dir = $ENV{SCRIPT_FILENAME} || '.'; $sql_dir =~ s,/[^/]+$,,; +my $config_path = $1 if "$sql_dir/config.pl" =~ m/^(.+)$/; # untaint +warn "# using $config_path\n"; +require $config_path if -e $config_path; + +my $reports_path = $ENV{PATH_INFO}; +$reports_path =~ s/\.\.//g; # some protection against path exploits +$reports_path ||= shift @ARGV; # for CLI invocation +$sql_dir .= "/$reports_path" if -e "$sql_dir/$reports_path"; + +warn "# reading SQL queries from $sql_dir\n" if $debug; + opendir(DIR, $sql_dir) || die "can't opendir $sql_dir: $!"; my @sql_files = sort grep { /\.sql$/i && -f "$sql_dir/$_" } readdir(DIR); closedir DIR; -my $config_path = "$sql_dir/config.pl"; -warn "# using $config_path\n"; -require $config_path if -e $config_path; - my $workbook; if ($ENV{GATEWAY_INTERFACE} && $ENV{GATEWAY_INTERFACE} =~ m/CGI/i) { # use as cgi script @@ -101,7 +132,7 @@ print STDERR "working on $sql_file\n" if ($debug); - open(SQL,$sql_file) || die "can't open sql file '$sql_file': $!"; + open(SQL,"$sql_dir/$sql_file") || die "can't open sql file '$sql_dir/$sql_file': $!"; my $comment = ''; my $sql = ""; while() {