# HG changeset patch
# User Heiko Schlittermann (JUMPER) <hs@schlittermann.de>
# Date 1309530321 -7200
# Node ID 5d275133868b30d9f73a67b5364bf7c02c96325c
# Parent  00dbdef7621f0724957c92af3f90f53f30110da0
secret is now in some extra file

diff -r 00dbdef7621f -r 5d275133868b index.cgi
--- a/index.cgi	Fri Jul 01 16:20:17 2011 +0200
+++ b/index.cgi	Fri Jul 01 16:25:21 2011 +0200
@@ -16,11 +16,16 @@
 use File::Basename;
 use Mail::RFC822::Address qw(valid);
 
+sub insert(\%);
+sub confirm($);
+sub slurp($);
+
+
 delete @ENV{grep /PATH$/ => keys %ENV};
 $ENV{PATH} = "/usr/bin:/usr/sbin:/bin:/sbin";
 
 my $DSN = "DBI:SQLite:db.sqlite3";
-my $SECRET = "iexaephuwe";	    # used for generating the hash
+my $SECRET = slurp "./secret"; chomp($SECRET);
 my $EXPIRATION = 3600;		    # the link is valid for 1 hour only
 my $SUBJECT = "Retter packen";	    # ASCII only! *used for mail subject*
 my %FIELDS = (
@@ -39,9 +44,6 @@
 my $DBH = DBI->connect($DSN, undef, undef, {RaiseError=>1});
 END { $DBH and $DBH->disconnect }
 
-sub insert(\%);
-sub confirm($);
-
 MAIN: {
 
     # Redirect if called without the script name, this avoids
@@ -235,3 +237,9 @@
 
     return %data;
 }
+
+sub slurp($) {
+    open(my $_, $_[0]) or die "Can't open $_[0]: $!\n";
+    local $/ = undef;
+    return <$_>;
+}