aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile2
-rw-r--r--README.md53
-rw-r--r--config.mk1
-rwxr-xr-xgpigeon-template.cgi264
-rw-r--r--link-tmpl.cgi39
5 files changed, 230 insertions, 129 deletions
diff --git a/Makefile b/Makefile
index 5089417..0799e98 100644
--- a/Makefile
+++ b/Makefile
@@ -14,7 +14,7 @@ install:
ARGON2ID_HASH="`tail -1 genpass.txt`"; \
fi
sed -e 's|argon2id_hash_goes_here|$(ARGON2ID_HASH)|g' -i $(DESTDIR)$(WWWPREFIX)/cgi-bin/gpigeon.cgi
- sed -e "s|cookies_dir_goes_here|${PREFIX}/cookies|g" -i $(DESTDIR)$(WWWPREFIX)/cgi-bin/gpigeon.cgi
+ sed -e "s|cookies_dir_goes_here|$(COOKIES_DIR)|g" -i $(DESTDIR)$(WWWPREFIX)/cgi-bin/gpigeon.cgi
sed -e "s|link_template_path_goes_here|$(LINK_TEMPLATE_PATH)|g" -i $(DESTDIR)$(WWWPREFIX)/cgi-bin/gpigeon.cgi
sed -e "s|msg_char_limit_goes_here|$(MSG_FORM_CHAR_LIMIT)|g" -i $(DESTDIR)$(LINK_TEMPLATE_PATH)
cp -f link-tmpl.cgi $(DESTDIR)$(LINK_TEMPLATE_PATH)
diff --git a/README.md b/README.md
index 485cf42..873b3d9 100644
--- a/README.md
+++ b/README.md
@@ -1,49 +1,58 @@
GPIGEON
========
-Gpigeon generate links for a GPG user to be sent to a non technical person (or
-not a GPG user) so they can send you encrypted mail messages via a one-time
-web link.
+Gpigeon generate links for a non technical person or someone not familiar
+with GPG, so they can send you encrypted mails via a one-time
+web form.
Feels of déjàvu ? I was inspired by https://hawkpost.co but wasn't really
interested in the multi-user perspective and managing a database.
-Features
+Overview
========
- * Single user: no database required.
+ * Single user.
* One-time GPG form: after sending the encrypted message, the generated form
self-destructs.
- * A table of the links generated is visible when you connect so you can
- keep track. You can also delete link individually or all at once.
+ * Cookie based login. If you block cookies, it will switch back to
+ hidden fields so you can still login, manage and create links.
+ * A table of the links generated is visible after connecting so you can
+ keep track of what has been created. You can also delete links
+ individually, or all at once.
+ * No javascript used for the moment.
Dependencies
============
-You need perl and the following modules and my perl version is v5.32.0, YMMV:
+You will need perl and the following modules and my perl version is v5.32.0, YMMV:
- * Net:SSLeay
- * Digest::SHA
- * Email::Valid
- * String::Random
* HTML::Entities
- * CGI (I'm planning on removing it, I use it just for the
- convenient param function.)
- * CGI::Carp (primarly for debugging, comment the line in
- gpigeon-template.cgi if you won't need it)
+ * CGI
+ * CGI::Carp
+ * CGI::Cookies
+ * Crypt::Argon2
+ * GPG
+ * Net:SSLeay
* Net::SMTP
* Net::SMTPS
- * GPG
+ * Email::Valid
+ * String::Random
Having a webserver with CGI support or a separate CGI engine is needed. I'm using
nginx and fcgiwrap.
A note on Net::SMTP and Net:SMTPS dependencies: if you have a mailserver well
-configured with OpenDKIM and the likes (so your chances to get your mail
-treated as spam is greatly reduced) you could replace these two deps with
-Mail::Sendmail then comment and uncomment some lines in <gpigeon-template.cgi>.
+configured with SPF and OpenDKIM (so your chances to get your mail
+treated as spam is greatly reduced) you should set the `HAS_MAILSERVER`
+variable to 1 in the config.mk file.
Installation
============
-Look in the [gpigeon-template.cgi](https://git.les-miquelots.net/gpigeon/plain/gpigeon-template.cgi) source code you should figure things out quickly.
-Hint: look for variables values ending in 'goes_here'.
+Edit the config.mk file to customize the installation to your needs, and then
+execute:
+`sudo make`
+
+You should also look in the
+[gpigeon-template.cgi](https://git.les-miquelots.net/gpigeon/plain/gpigeon-template.cgi)
+and [link-tmpl.cgi](https://git.les-miquelots.net/gpigeon/plain/link-tmpl.cgi) source code, you should figure things out quickly.
+**Hint**: look for variables values ending in _goes_here_.
diff --git a/config.mk b/config.mk
index c722903..abb2299 100644
--- a/config.mk
+++ b/config.mk
@@ -2,6 +2,7 @@
# paths
PREFIX = /usr/share/webapps/gpigeon
+COOKIES_DIR = $(PREFIX)/cookies
_GPG_HOMEDIR = $(PREFIX)/gnupg
LINK_TEMPLATE_PATH = $(PREFIX)/link-tmpl.cgi
WWWPREFIX = /var/www/gpigeon
diff --git a/gpigeon-template.cgi b/gpigeon-template.cgi
index 277ae0a..5470dfd 100755
--- a/gpigeon-template.cgi
+++ b/gpigeon-template.cgi
@@ -6,23 +6,79 @@ use Crypt::Argon2 qw(argon2id_verify);
use Email::Valid;
use String::Random;
use CGI qw(param);
-#use CGI::Session;
+use CGI::Cookie;
use CGI::Carp qw(fatalsToBrowser);
-sub notif_if_defined{
- my $notif = shift;
- if (defined $notif){
- return $notif;
+sub ValidCookie {
+ my $client_login_cookie = shift;
+ my $dir = shift;
+ if (not defined $client_login_cookie){
+ return;
+ }
+ my $cookie_line = undef;
+ my $filename = $client_login_cookie->value;
+ if ($filename =~ /^([\w]+)$/){
+ $filename = $1;
+ }
+ else{
+ return;
+ }
+ my $login_cookiefile = "$dir/$filename.txt";
+ if (-e $login_cookiefile){
+ open my $in, '<', $login_cookiefile or die "can't read file: $!";
+ for(1){
+ my $cookie_line = readline $in;
+ }
+ close $in;
+ if (not defined $cookie_line){
+ return;
+ }
}
else{
- return '<!-- undef -->';
+ return;
+ }
+
+ if ($client_login_cookie == $cookie_line){
+ return 1;
+ }
+ return;
+
+}
+
+sub LoginCookieGen {
+ my $id_cookie = shift;
+ my $dir = shift;
+ my $str_rand_obj = String::Random->new;
+ my $val = $str_rand_obj->randregex('\w{64}');
+ my $cookiefile = "$dir/$val.txt";
+ my $new_login_cookie = CGI::Cookie->new(
+ -name => 'id',
+ -value => $val,
+ -expires => '+1y',
+ '-max-age' => '+1y',
+ -domain => ".$ENV{'SERVER_NAME'}",
+ -path => '/',
+ -secure => 1,
+ -httponly => 1,
+ -samesite => 'Strict',
+ ) or die "Can't create cookie: $!";
+ if (not defined $id_cookie){
+ open my $out, '>', $cookiefile or die "Can't write to $cookiefile: $!";
+ print $out "$new_login_cookie";
+ close $out;
+ print "Set-Cookie: $new_login_cookie\n";
}
}
-sub untaint_cgi_filename {
+sub EscapeArobase {
+ my $escapedmailaddress = shift;
+ $escapedmailaddress =~ s/@/\\@/;
+ return $escapedmailaddress;
+}
+
+sub UntaintCGIFilename {
my $filename = shift;
if ($filename =~ /^([-\@\w.\/]+)$/) {
- #data untainted
$filename = $1;
}
else {
@@ -32,16 +88,27 @@ sub untaint_cgi_filename {
return $filename;
}
+sub NotifIfDefined{
+ my $notif = shift;
+ if (defined $notif){
+ return $notif;
+ }
+ else{
+ return '<!--undef notif-->';
+ }
+}
+
+my ($linkgen_notif, $link_asker, $mailisok_notif, $deletion_notif,
+ $checkedornot, $hidden_pwfield, $id_cookie,
+ $delete_id_cookie, $idval, $refresh_form) = undef;
+my @created_links = ();
delete @ENV{qw(IFS PATH CDPATH BASH_ENV)};
$ENV{'PATH'} = '/usr/bin';
-my $cgi_query_get = CGI->new;
-my @created_links = ();
-my ($linkgen_notif, $mailisok_notif, $deletion_notif) = undef;
-my $LINK_TEMPLATE_PATH='/usr/share/webapps/gpigeon/link-template.pl'; # this is the file where the SMTP and mail address values goes
-my $HOSTNAME = $ENV{'SERVER_NAME'};
-my $msg_form_char_limit = 3000;
-my $PASSWD_HASH = q{password_hash_goes_here}; #argon2id hash format
-my $PASSWD = $cgi_query_get->param('password');
+my $hostname = $ENV{'SERVER_NAME'};
+
+my $argon2id_hash = q{argon2id_hash_goes_here}
+my $cookies_dir = q{cookies_dir_goes_here};
+my $link_template_path = q{link_template_path_goes_here};
my %text_strings = (
addr => 'Address',
@@ -51,20 +118,20 @@ my %text_strings = (
create_link_btn => 'Generate link',
delete_link_btn_text => 'Delete',
delete_links_btn_text => 'Delete all links',
- disconnect_btn_text => 'Disconnect',
+ logout_btn_text => 'Logout',
here => 'here',
- link_web_title => 'One time GPG messaging form',
login => 'Login',
+ link_asker_field_label => q{Asker's mail :},
+ link_web_title => 'One time GPG messaging form',
link_del_ok => 'Successful removal !',
link_legend_textarea =>'Type your message below :',
link_send_btn => 'Send',
- link_generated_ok => 'Generated a link for',
+ link_ok_for => 'Generated a link for',
link_del_failed => 'Deletion failed and here is why : ',
- notif_login_failure => 'Cannot login. Check if your username and password match.'
mailto_body => 'Your link is ',
mailto_subject => 'Link to your one time GPG messaging form',
- msg_too_long => 'Cannot send message : message length must be under ' .$msg_form_char_limit . ' characters.',
- msg_empty => 'Cannot send message : message is empty. You can type up to ' . $msg_form_char_limit . ' characters.',
+ notif_login_failure => 'Cannot login. Check if your username and password match.'
+ passwd_label => 'Password :',
refresh_btn_text => 'Refresh',
type_msg_below => 'Type your message below',
theader_link => 'Link',
@@ -73,17 +140,62 @@ my %text_strings = (
web_title => 'GPIGEON.CGI: generate one time GPG messaging links !',
web_greet_msg => 'Hi and welcome.',
);
+my $cgi_query_get = CGI->new;
+my $pw = $cgi_query_get->param('password');
+my $logout = $cgi_query_get->param('logout');
+my %cur_cookies = CGI::Cookie->fetch;
+$id_cookie = $cur_cookies{'id'};
+
+if (not defined $id_cookie){
+ $hidden_pwfield = qq{<input type="hidden" name="password" value="$pw">};
+ $refresh_form = qq{<form method="POST">
+ $hidden_pwfield
+ <input type="submit" value="$text_strings{refresh_btn_text}">
+ </form>};
+}
+else{
+ $refresh_form = qq{<form method="GET">
+ <input type="submit" value="$text_strings{refresh_btn_text}">
+ </form>};
+ $idval = $id_cookie->value;
-if (argon2id_verify($PASSWD_HASH,$PASSWD)){
- my $hidden_pwfield = qq{<input type="hidden" name="password" value="$PASSWD">};
+ if ($idval =~ /^([\w]+)$/){
+ $idval = $1;
+ }
+
+ if ($logout){
+ $delete_id_cookie = CGI::Cookie->new(
+ -name => 'id',
+ -value => $idval,
+ -expires => '-1d',
+ '-max-age' => '-1d',
+ -domain => ".$hostname",
+ -path => '/',
+ -secure => 1,
+ -httponly => 1,
+ -samesite => 'Strict',
+ );
+ my $f = "$cookies_dir/$idval.txt";
+ if (-e "$f"){
+ unlink "$f" or die "Can't delete file :$!";
+ }
+ print "Set-Cookie: $delete_id_cookie\n";
+ }
+}
+
+print "Cache-Control: no-store, must-revalidate\n";
+if (ValidCookie($id_cookie, $cookies_dir) or argon2id_verify($argon2id_hash,$pw)){
+
+ LoginCookieGen($id_cookie, $cookies_dir);
+
if (defined $cgi_query_get->param('supprlien')){
my $pending_deletion = $cgi_query_get->param('supprlien');
my $linkfile_fn = "./l/$pending_deletion";
- if (unlink untaint_cgi_filename($linkfile_fn)){
- $deletion_notif=qq{<span style="color:green">$text_strings{link_del_ok}</span>};
+ if (unlink UntaintCGIFilename($linkfile_fn)){
+ $deletion_notif = qq{<span style="color:green">$text_strings{link_del_ok}</span>};
}
else {
- $deletion_notif=qq{<span style="color:red">$text_strings{link_del_failed} $linkfile_fn : $!</span>};
+ $deletion_notif = qq{<span style="color:red">$text_strings{link_del_failed} $linkfile_fn : $!</span>};
}
}
@@ -91,56 +203,47 @@ if (argon2id_verify($PASSWD_HASH,$PASSWD)){
opendir my $link_dir_handle, './l' or die "Can't open ./l: $!";
while (readdir $link_dir_handle) {
if ($_ ne '.' and $_ ne '..'){
- my $linkfile_fn = "./l/$_";
- unlink untaint_cgi_filename($linkfile_fn) or die "$!";
- $deletion_notif=qq{<span style="color:green">$text_strings{link_del_ok}</span>};
+ unlink UntaintCGIFilename("./l/$_") or die "$!";
+ $deletion_notif = qq{<span style="color:green">$text_strings{link_del_ok}</span>};
}
}
closedir $link_dir_handle;
}
if (defined $cgi_query_get->param('mail')){
- my $link_asker = scalar $cgi_query_get->param('mail');
+ $link_asker = scalar $cgi_query_get->param('mail');
if ( Email::Valid->address($link_asker) ){
$mailisok_notif = qq{<span style="color:green">$text_strings{addr} $link_asker $text_strings{addr_ok}</span>};
- my $escaped_link_asker = escape_arobase($link_asker);
+ my $escaped_link_asker = EscapeArobase($link_asker);
my $str_rand_obj = String::Random->new;
- my $random_fn = $str_rand_obj->randregex('\w{64}');
- my $GENERATED_FORM_FILENAME = "$random_fn.cgi";
- my $HREF_LINK = "https://$HOSTNAME/cgi-bin/l/$GENERATED_FORM_FILENAME";
- my $LINK_PATH = "./l/$GENERATED_FORM_FILENAME";
+ my $generated_form_filename = $str_rand_obj->randregex('\w{64}') . '.cgi';
+ my $href = "https://$hostname/cgi-bin/l/$generated_form_filename";
+ my $link_path = "./l/$generated_form_filename";
- open my $in, '<', $LINK_TEMPLATE_PATH or die "Can't read link template file: $!";
- open my $out, '>', $LINK_PATH or die "Can't write to link file: $!";
+ open my $in, '<', $link_template_path or die "Can't read link template file: $!";
+ open my $out, '>', $link_path or die "Can't write to link file: $!";
while( <$in> ) {
s/{link_user}/{$link_asker}/g;
- s/{link_filename}/{$GENERATED_FORM_FILENAME}/g;
- s/{msg_too_long}/$text_strings{msg_too_long}/g;
- s/{msg_empty}/$text_strings{msg_empty}/g;
- s/{msg_form_char_limit}/$msg_form_char_limit/g;
s/{link_web_title}/$text_strings{link_web_title}/g;
s/{link_send_btn}/$text_strings{link_send_btn}/g;
s/{type_msg_below}/$text_strings{type_msg_below}/g;
print $out $_;
}
close $in or die;
- chmod(0755,$LINK_PATH) or die;
+ chmod(0755,$link_path) or die;
close $out or die;
-
- $linkgen_notif = qq{<span style="color:green">$text_strings{link_generated_ok} $link_asker: </span><br><a href="$HREF_LINK">$HREF_LINK</a>};
+ $linkgen_notif = qq{<span style="color:green">$text_strings{link_ok_for} $link_asker: </span><br><a href="$href">$href</a>};
}
else{
$mailisok_notif = qq{<span style="color:red">$text_strings{addr} $link_asker $text_strings{addr_nok}.</span>};
}
}
-
opendir my $link_dir_handle, './l' or die "Can't open ./l: $!";
while (readdir $link_dir_handle) {
if ($_ ne '.' and $_ ne '..'){
my $linkfile_fn = $_;
- my $link_asker = undef;
if (open my $linkfile_handle , '<', "./l/$linkfile_fn"){
for (1..2){
$link_asker = readline $linkfile_handle;
@@ -149,23 +252,20 @@ if (argon2id_verify($PASSWD_HASH,$PASSWD)){
}
close $linkfile_handle;
- if (not defined $link_asker){
- $link_asker = $text_strings{unknown};
+ if (Email::Valid->address($link_asker){
+ push @created_links,
+ qq{<tr>
+ <td><a href="/cgi-bin/l/$linkfile_fn">$text_strings{here}</a></td>
+ <td><a href="mailto:$link_asker?subject=$text_strings{mailto_subject}&body=$text_strings{mailto_body} http://$hostname/cgi-bin/l/$linkfile_fn">$link_asker</a></td>
+ <td>
+ <form method="POST">
+ $hidden_pwfield
+ <input type="hidden" name="supprlien" value="$linkfile_fn">
+ <input type="submit" value="$text_strings{delete_link_btn_text}">
+ </form>
+ </td>
+ </tr>};
}
- #create links table html
- push @created_links,
- qq{<tr>
- <td><a href="/cgi-bin/l/$linkfile_fn">ici</a></td>
- <td><a href="mailto:$link_asker?subject=$text_strings{mailto_subject}&body=$text_strings{mailto_body} http://$HOSTNAME/cgi-bin/l/$linkfile_fn">$link_asker</a></td>
- <td>
- <form method="POST">
- <input type="hidden" name="supprlien" value="$linkfile_fn">
- <input type="hidden" name="password" value="$PASSWD">
- <input type="submit" value="$text_strings{delete_link_btn_text}">
- </form>
- </td>
- </tr>};
-
}
else {
close $linkfile_handle;
@@ -187,32 +287,29 @@ if (argon2id_verify($PASSWD_HASH,$PASSWD)){
</head>
<body>
<p>$text_strings{web_greet_msg}</p>
- <form method="POST">
- <input type="hidden" name="password" value="0">
- <input type="submit" value="$text_strings{disconnect_btn_text}">
- </form>
- <form method="POST">
- $hidden_pwfield
- <input type="submit" value="$text_strings{refresh_btn_text}">
+ <form method="GET">
+ <input type="hidden" name="logout" value="1">
+ <input type="submit" value="$text_strings{logout_btn_text}">
</form>
+ $refresh_form
<hr>
<br>
<form method="POST">
$hidden_pwfield
- Mail de la personne:<br>
+ $text_strings{link_asker_field_label}<br>
<input tabindex="1" type="text" name="mail">
<input tabindex="2" type="submit" value="$text_strings{create_link_btn}">
</form>},
- notif_if_defined($mailisok_notif),
+ NotifIfDefined($mailisok_notif),
'<br>',
- notif_if_defined($linkgen_notif),
+ NotifIfDefined($linkgen_notif),
qq{<hr>
<form method="POST">
$hidden_pwfield
<input type="hidden" name="supprtout">
<input type="submit" value="$text_strings{delete_links_btn_text}">
</form>},
- notif_if_defined($deletion_notif),
+ NotifIfDefined($deletion_notif),
qq{<table>
<tr>
<th>$text_strings{theader_link}</th>
@@ -224,8 +321,8 @@ if (argon2id_verify($PASSWD_HASH,$PASSWD)){
</body>
</html>};
}
-else {
- print 'Content-type: text/html',"\n\n",
+else{
+ print "Content-Type: text/html\n\n",
qq{<!DOCTYPE html>
<html>
<head>
@@ -236,21 +333,14 @@ else {
</head>
<body>
<form action="/cgi-bin/gpigeon.cgi" method="POST">
- <h1 style="text-align:center">GPIGEON</h1>
- Mot de passe : <input type="password" name="password"><br>
+ <h1>GPIGEON</h1>
+ <label for="pwfield">&nbsp;$text_strings{passwd_label}:</label>
+ <input id="pwfield" type="password" name="password"><br>
<input type="submit" value="$text_strings{login}">
</form>
-
- <p><a
+ <p>&nbsp;<a
href="http://git.les-miquelots.net/gpigeon"
title="gpigeon download link" alt="gpigeon download link">Source code here.</a> It is similar to <a href="https://hawkpost.co/">hawkpost.co</a>.</p>
-
- <a href="https://xkcd.com/538"><img id="crypto_secu"
- src="security.png" title="XKCD fait redescendre les nerds du
- chiffrement sur terre (xkcd.com/538)" alt="BD de XKCD faisant redescendre les
- nerds du chiffrement sur terre"></a>
-
</body>
-
</html>};
}
diff --git a/link-tmpl.cgi b/link-tmpl.cgi
index 2c51268..b2fe3b3 100644
--- a/link-tmpl.cgi
+++ b/link-tmpl.cgi
@@ -1,7 +1,5 @@
#! /usr/bin/perl -wT
my $linkuser = q{link_user};
-my $linkfilename = q{link_filename};
-
use warnings;
use strict;
use GPG;
@@ -10,30 +8,31 @@ use CGI qw(param);
$ENV{'PATH'}="/usr/bin";
delete @ENV{qw(IFS PATH CDPATH BASH_ENV)};
-sub escape_arobase {
+sub EscapeArobase {
my $escapedmailaddress = shift;
$escapedmailaddress =~ s/@/\\@/;
return $escapedmailaddress;
}
-my $HAS_MAILSERVER = 0;
-my $mymailaddr = q{your mail address goes here};
-my $mymail_gpgid = q{your gpg id in the 0xlong form goes here}; #0xlong keyid form
-my $mailsender = q{mail address sending encrypted text goes here. recommended to be different from $mymailaddr};
-my $mailsender_smtp = q{your SMTP mail domain name goes here};
-my $mailsender_port = q{your SMTP port goes here};
-my $mailsender_pw = q{password for $mailsender address goes here};
-my $GPG_HOMEDIR = '/usr/share/webapps/gpigeon/gnupg/';
+my $HAS_MAILSERVER = q{has_mailserver_goes_here};
+my $msg_form_char_limit = q{msg_char_limit_goes_here};
+my $mymailaddr = q{your_addr_goes_here};
+my $mymail_gpgid = q{gpgid_goes_here}; #0xlong keyid form
+my $mailsender = q{sender_addr_goes_here};
+my $mailsender_smtp = q{smtp_domain_goes_here};
+my $mailsender_port = q{smtp_port_goes_here};
+my $mailsender_pw = q{sender_pw_goes_here};
+my $GPG_HOMEDIR = q{gpg_homedir_goes_here};
my $cgi_query_get = CGI->new;
my $msg_form = $cgi_query_get->param('msg');
my $length_msg_form = length $msg_form;
my ($enc_msg, $error_processing_msg) = undef;
-if (defined $length_msg_form and $length_msg_form > {msg_form_char_limit}){
- $error_processing_msg = q{<span style="color:red"><b>{msg_too_long}</b></span>};
+if (defined $length_msg_form and $length_msg_form > $msg_form_char_limit){
+ $error_processing_msg = qq{<span style="color:red"><b>Cannot send message : message length must be under $msg_form_char_limit characters.</b></span>};
}
elsif (defined $length_msg_form and $length_msg_form eq 0 ){
- $error_processing_msg = q{<span style="color:red"><b>{msg_empty}</b></span>};
+ $error_processing_msg = qq{<span style="color:red"><b>Cannot send message : message is empty. You can type up to $msg_form_char_limit characters.</b></span>};
}
else {
if (defined $length_msg_form and $ENV{REQUEST_METHOD} eq 'POST'){
@@ -55,8 +54,8 @@ else {
use Net::SMTP;
use Net::SMTPS;
my $smtp = Net::SMTPS->new($mailsender_smtp, Port => $mailsender_port, doSSL => 'ssl', Debug_SSL => 0);
- my $mymailaddr_escaped = escape_arobase{$mymailaddr};
- my $mailsender_escaped = escape_arobase($mailsender);
+ my $mymailaddr_escaped = EscapeArobase{$mymailaddr};
+ my $mailsender_escaped = EscapeArobase($mailsender);
$smtp->auth($mailsender, $mailsender_pw) or die;
$smtp->mail($mailsender) or die "Net::SMTP module has broke: $!.";
@@ -72,8 +71,10 @@ else {
else {
die $smtp->message();
}
-
- unlink "../l/$linkfilename";
+ my $f = $0;
+ if ($f =~ /^([\w]+)$/){
+ unlink "$1";
+ }
print "Location: /merci/index.html\n\n";
}
}
@@ -91,7 +92,7 @@ print qq{<!DOCTYPE html>
<body>
<p>{type_msg_below}:</p>
<form method="POST">
- <textarea wrap="off" cols="50" rows="30" name="msg"></textarea><br>
+ <textarea id="msg" wrap="off" cols="50" rows="30" name="msg"></textarea><br>
};
if (defined $error_processing_msg){
printf $error_processing_msg;