85 |
my $sql_dir = $ENV{SCRIPT_FILENAME} || '.'; |
my $sql_dir = $ENV{SCRIPT_FILENAME} || '.'; |
86 |
$sql_dir =~ s,/[^/]+$,,; |
$sql_dir =~ s,/[^/]+$,,; |
87 |
|
|
88 |
my $config_path = $1 if "$sql_dir/config.pl" =~ m/^(.+)$/; # untaint |
sub require_config { |
89 |
warn "# using $config_path\n"; |
my $config_path = $1 if "$sql_dir/config.pl" =~ m/^(.+)$/; # untaint |
90 |
require $config_path if -e $config_path; |
warn "# using $config_path\n"; |
91 |
|
require $config_path if -e $config_path; |
92 |
|
} |
93 |
|
|
94 |
|
require_config; |
95 |
|
|
96 |
my $reports_path = $ENV{PATH_INFO}; |
my $reports_path = $ENV{PATH_INFO}; |
97 |
$reports_path =~ s/\.\.//g; # some protection against path exploits |
$reports_path =~ s/\.\.//g; # some protection against path exploits |
98 |
$reports_path ||= shift @ARGV; # for CLI invocation |
$reports_path ||= shift @ARGV; # for CLI invocation |
99 |
$sql_dir .= "/$reports_path" if -e "$sql_dir/$reports_path"; |
$sql_dir .= "/$reports_path" if -e "$sql_dir/$reports_path"; |
100 |
|
|
101 |
|
require_config; |
102 |
|
|
103 |
warn "# reading SQL queries from $sql_dir\n" if $debug; |
warn "# reading SQL queries from $sql_dir\n" if $debug; |
104 |
|
|
105 |
opendir(DIR, $sql_dir) || die "can't opendir $sql_dir: $!"; |
opendir(DIR, $sql_dir) || die "can't opendir $sql_dir: $!"; |