From b44359f2779794d18c010be5a2cdb8085000e373 Mon Sep 17 00:00:00 2001 From: Miquel Lionel Date: Mon, 21 Mar 2022 22:10:49 +0100 Subject: variable names are camelcased now --- gpigeon-template.cgi | 696 +++++++++++++++++++++++++-------------------------- 1 file changed, 348 insertions(+), 348 deletions(-) diff --git a/gpigeon-template.cgi b/gpigeon-template.cgi index 63a9c1e..ea3147e 100755 --- a/gpigeon-template.cgi +++ b/gpigeon-template.cgi @@ -31,9 +31,9 @@ use File::stat; delete @ENV{qw(IFS PATH CDPATH BASH_ENV)}; $ENV{'PATH'} = q{/usr/bin}; my $hostname = $ENV{'SERVER_NAME'}; -my $rIP = $ENV{REMOTE_ADDR}; -my $uagent = $ENV{HTTP_USER_AGENT}; -my %text_strings = ( +my $remoteIP = $ENV{REMOTE_ADDR}; +my $userAgent = $ENV{HTTP_USER_AGENT}; +my %textStrings = ( addr => 'Address', addr_ok => 'is valid!', addr_nok => 'is not valid !', @@ -54,7 +54,7 @@ my %text_strings = ( here => 'here', landingpage_title => 'GPIGEON - Log in', loginbtn => 'Log in', - link_asker_field_label => "Asker's mail :", + linkAsker_field_label => "Asker's mail :", link_del_ok => 'Successful removal !', link_legend_textarea => 'Type your message below :', link_ok_for => 'Generated a link for', @@ -75,51 +75,51 @@ my %text_strings = ( ); sub GetFileTable { - my ($dir ,$hidden_loginfield, $adminpan_field) = @_; + my ($dir ,$hiddenLoginField, $adminPanelField) = @_; my @table = (); - opendir my $link_dir_handle, "$dir" or die "Can't open $dir: $!"; - while (readdir $link_dir_handle) { + opendir my $linkDirHandle, "$dir" or die "Can't open $dir: $!"; + while (readdir $linkDirHandle) { if ($_ ne '.' and $_ ne '..'){ - my $linkfile_fn = $_; - my $linkstats= stat("$dir/$linkfile_fn"); - my $tiem = scalar localtime $linkstats->mtime; - my $link_asker = undef; - if (open my $linkfile_handle , '<', "$dir/$linkfile_fn"){ + my $pendingDeletion = $_; + my $linkFileStats= stat("$dir/$pendingDeletion"); + my $time = scalar localtime $linkFileStats->mtime; + my $linkAsker = undef; + if (open my $linkFileHandle , '<', "$dir/$pendingDeletion"){ for (1..2){ - $link_asker = readline $linkfile_handle; - $link_asker =~ s/q\{(.*?)\}//i; - $link_asker = $1; + $linkAsker = readline $linkFileHandle; + $linkAsker =~ s/q\{(.*?)\}//i; + $linkAsker = $1; } - close $linkfile_handle; - my $for_field_body = qq{$link_asker}; + close $linkFileHandle; + my $forFieldBody = qq{$linkAsker}; - if (not defined $link_asker){ - $for_field_body = $text_strings{addr_unknown}; + if (not defined $linkAsker){ + $forFieldBody = $textStrings{addr_unknown}; } #create links table html push @table, qq{ - ici - $for_field_body + ici + $forFieldBody
- $hidden_loginfield - $adminpan_field - - + $hiddenLoginField + $adminPanelField + +
}; } else { - close $linkfile_handle; - die 'Content-type: text/plain', "\n\n", "Error: Can't open $linkfile_fn: $!"; + close $linkFileHandle; + die 'Content-type: text/plain', "\n\n", "Error: Can't open $pendingDeletion: $!"; } } } - closedir $link_dir_handle; + closedir $linkDirHandle; return @table; } @@ -139,17 +139,17 @@ sub DbGetLine { } sub LoginOk { - my ($dbh, $username, $pass, $userid, $magic_cookie, $uid_cookie, $cookiesdir) = @_; + my ($dbh, $username, $pass, $userID, $magicCookie, $UIDCookie, $cookiesDir) = @_; my $loginsuccess = PasswdLogin($dbh, $username, $pass); if (not defined $loginsuccess){ - $loginsuccess = CookieLogin($userid, $magic_cookie, $uid_cookie, $cookiesdir); + $loginsuccess = CookieLogin($userID, $magicCookie, $UIDCookie, $cookiesDir); } return $loginsuccess; } sub ListUsers { my ($dbh) = shift; - my @userstable = (); + my @usersTable = (); my $prep = $dbh->prepare(q{SELECT name,mail from pigeons;} ); my $exec = $prep->execute() or die $DBI::errstr; @@ -159,27 +159,27 @@ sub ListUsers { while (my @rows = $prep->fetchrow_array()) { #print "$rows[0]\t$rows[1]\n"; - push @userstable, + push @usersTable, qq{ $rows[0] $rows[1] }; } - return @userstable; + return @usersTable; } sub CookieLogin { - my ($userid, $magic_cookie, $uid_cookie, $cookiesdir) = @_; - if (not $userid =~ /^([0-9]+)$/){ + my ($userID, $magicCookie, $UIDCookie, $cookiesDir) = @_; + if (not $userID =~ /^([0-9]+)$/){ return; } - if (not defined $magic_cookie or not defined $uid_cookie){ + if (not defined $magicCookie or not defined $UIDCookie){ return; } - my ($rip_line, $ua_line, $id_line, $uid_line) = undef; - my $filename = $magic_cookie->value; + my ($remoteIPLine, $UserAgentLine, $IDLine, $UIDLine) = undef; + my $filename = $magicCookie->value; if ($filename =~ /^([\w]+)$/){ $filename = $1; } @@ -187,32 +187,32 @@ sub CookieLogin { return; } - my $login_cookiefile = "$cookiesdir/$userid/$filename.txt"; - if (-e $login_cookiefile){ - open my $in, '<', $login_cookiefile or die "can't read file: $!"; - $rip_line = readline $in; - $ua_line = readline $in; - $id_line = readline $in; - $uid_line = readline $in; + my $loginCookieFile = "$cookiesDir/$userID/$filename.txt"; + if (-e $loginCookieFile){ + open my $in, '<', $loginCookieFile or die "can't read file: $!"; + $remoteIPLine = readline $in; + $UserAgentLine = readline $in; + $IDLine = readline $in; + $UIDLine = readline $in; close $in; - chomp ($rip_line, $ua_line, $id_line); # chomp the \n + chomp ($remoteIPLine, $UserAgentLine, $IDLine); # chomp the \n } else{ return; } - my %id_line_cookie = CGI::Cookie->parse($id_line); - my %uid_line_cookie = CGI::Cookie->parse($uid_line); - my $id_value = $id_line_cookie{'id'}->value; - my $uid_value = $uid_line_cookie{'uid'}->value; + my %IDLineCookie = CGI::Cookie->parse($IDLine); + my %UIDLineCookie = CGI::Cookie->parse($UIDLine); + my $IDValue = $IDLineCookie{'id'}->value; + my $UIDValue = $UIDLineCookie{'uid'}->value; - my $ip_match = $rip_line cmp $rIP; - my $ua_match = $ua_line cmp $uagent; - my $uid_match = $uid_cookie->value cmp $uid_value; - my $id_match = $magic_cookie->value cmp $id_value; + my $IPMatch = $remoteIPLine cmp $remoteIP; + my $UserAgentMatch = $UserAgentLine cmp $userAgent; + my $UIDMatch = $UIDCookie->value cmp $UIDValue; + my $IDMatch = $magicCookie->value cmp $IDValue; - if ($ip_match == 0 and $ua_match == 0 and $uid_match == 0 and $id_match == 0){ - return $userid; + if ($IPMatch == 0 and $UserAgentMatch == 0 and $UIDMatch == 0 and $IDMatch == 0){ + return $userID; } return; } @@ -230,20 +230,20 @@ sub PasswdLogin { return; } } - my ($hash, $userid) = undef; - my $selecthash = qq{SELECT pass from pigeons where mail='$username' or name='$username';}; - $hash = DbGetLine($dbh, $selecthash); + my ($hash, $userID) = undef; + my $selectHash = qq{SELECT pass from pigeons where mail='$username' or name='$username';}; + $hash = DbGetLine($dbh, $selectHash); if (defined $hash and length($hash) > 1){ if(argon2id_verify($hash,$pass)){ - my $selectuserid = qq{SELECT userid from pigeons where pass='$hash';}; - $userid = DbGetLine($dbh, $selectuserid); - if ($userid =~ /^([0-9]+)$/){ - $userid = $1; + my $selectuserID = qq{SELECT userID from pigeons where pass='$hash';}; + $userID = DbGetLine($dbh, $selectuserID); + if ($userID =~ /^([0-9]+)$/){ + $userID = $1; } else { return; } - return $userid; # as an userid is always > 0, we can use it as return value + return $userID; # as an userID is always > 0, we can use it as return value } else { return; } @@ -256,41 +256,41 @@ sub PasswdLogin { } sub LoginCookieGen { - my ($userid, $magic_cookie, $cookiesdir) = @_; - if (not defined $magic_cookie){ - my $str_rand_obj = String::Random->new; - my $val = $str_rand_obj->randregex('\w{64}'); - if (not -d "$cookiesdir/$userid"){ - mkpath("$cookiesdir/$userid"); + my ($userID, $magicCookie, $cookiesDir) = @_; + if (not defined $magicCookie){ + my $StrRandObj = String::Random->new; + my $val = $StrRandObj->randregex('\w{64}'); + if (not -d "$cookiesDir/$userID"){ + mkpath("$cookiesDir/$userID"); } - my $cookiefile = "$cookiesdir/$userid/$val.txt"; - my $new_magic_cookie = CGI::Cookie->new( - -name => 'id', - -value => $val, - -expires => '+1y', - '-max-age' => '+1y', - -domain => ".$ENV{'SERVER_NAME'}", - -path => '/', - -secure => 1, - -httponly => 1, - -samesite => 'Strict', + my $cookieFile = "$cookiesDir/$userID/$val.txt"; + my $magicMagicCookie = CGI::Cookie->new( + -name => 'id', + -value => $val, + -expires => '+1y', + '-max-age' => '+1y', + -domain => ".$ENV{'SERVER_NAME'}", + -path => '/', + -secure => 1, + -httponly => 1, + -samesite => 'Strict', ) or die "Can't create cookie $!"; - my $new_userid_cookie = CGI::Cookie->new( - -name => 'uid', - -value => $userid, - -expires => '+1y', - '-max-age' => '+1y', - -domain => ".$ENV{'SERVER_NAME'}", - -path => '/', - -secure => 1, - -httponly => 1, - -samesite => 'Strict', + my $newUserIDCookie = CGI::Cookie->new( + -name => 'uid', + -value => $userID, + -expires => '+1y', + '-max-age' => '+1y', + -domain => ".$ENV{'SERVER_NAME'}", + -path => '/', + -secure => 1, + -httponly => 1, + -samesite => 'Strict', ) or die "Can't create cookie $!"; - open my $out, '>', $cookiefile or die "Can't write to $cookiefile: $!"; - print $out "$rIP\n$uagent\n$new_magic_cookie\n$new_userid_cookie"; + open my $out, '>', $cookieFile or die "Can't write to $cookieFile: $!"; + print $out "$remoteIP\n$userAgent\n$magicMagicCookie\n$newUserIDCookie"; close $out; - print "Set-Cookie: $new_magic_cookie\n"; - print "Set-Cookie: $new_userid_cookie\n"; + print "Set-Cookie: $magicMagicCookie\n"; + print "Set-Cookie: $newUserIDCookie\n"; } } @@ -309,9 +309,9 @@ sub UntaintCGIFilename { sub GetRFC822Date { # https://stackoverflow.com/a/40149475, Daniel VÃrità use POSIX qw(strftime locale_h); - my $old_locale = setlocale(LC_TIME, "C"); + my $oldLocale = setlocale(LC_TIME, "C"); my $date = strftime("%a, %d %b %Y %H:%M:%S %z", localtime(time())); - setlocale(LC_TIME, $old_locale); + setlocale(LC_TIME, $oldLocale); return $date; } @@ -321,20 +321,20 @@ sub SendGpigeonMail { use Net::SMTPS; use MIME::Entity; my $rfc822date = GetRFC822Date() or die; - my $HAS_MAILSERVER = 0; + my $HasMailserver = 0; my $mailsender = q{sender_addr_goes_here}; - my $mailsender_smtp = q{smtp_domain_goes_here}; - my $mailsender_port = q{smtp_port_goes_here}; - my $mailsender_pw = q{sender_pw_goes_here}; + my $mailSenderSMTP = q{smtp_domain_goes_here}; + my $mailSenderPort = q{smtp_port_goes_here}; + my $mailSenderPassword = q{sender_pw_goes_here}; my $smtp = undef; - if ($HAS_MAILSERVER){ + if ($HasMailserver){ $smtp = Net::SMTP->new(Host => 'localhost') or die; } else { - $smtp = Net::SMTPS->new($mailsender_smtp, Port => $mailsender_port, doSSL => 'ssl', Debug_SSL => 0); - $smtp->auth($mailsender, $mailsender_pw) or die; + $smtp = Net::SMTPS->new($mailSenderSMTP, Port => $mailSenderPort, doSSL => 'ssl', Debug_SSL => 0); + $smtp->auth($mailsender, $mailSenderPassword) or die; } - my $notifylinkbymail_data = MIME::Entity->build( + my $notifyLinkByMailData = MIME::Entity->build( Date => $rfc822date, From => $mailsender, To => $recipient, @@ -343,7 +343,7 @@ sub SendGpigeonMail { Data => [$message]) or die; $smtp->mail($mailsender) or die "Net::SMTP module has broke: $!."; if ($smtp->to($recipient)){ - $smtp->data($notifylinkbymail_data->stringify); + $smtp->data($notifyLinkByMailData->stringify); $smtp->dataend(); $smtp->quit(); } @@ -353,63 +353,63 @@ sub SendGpigeonMail { } -my $db_path = q{db_path_goes_here}; -my $cookiesdir = q{cookies_dir_goes_here}; -my $link_template_path = q{link_template_path_goes_here}; -my $invites_template_path = q{invite_template_goes_here}; - -my $cgi_query_get = CGI->new; -my $username = $cgi_query_get->param('username'); -my $pass = $cgi_query_get->param('password'); -my $disconnect = $cgi_query_get->param('disconnect'); -my $adminpanselect = $cgi_query_get->param('adminpan'); -my ( $checkedornot, $hidden_loginfield, $magic_cookie, - $uid_cookie, $idval, $refresh_form, - $userid) = undef; -my $linkgen_notif = my $sentmail_notif = my $mailisok_notif = my $deletion_notif = my $login_notif = my $adminpan_field = my $adminbtn = ''; -my @created_links = (); -my %cur_cookies = CGI::Cookie->fetch; -$uid_cookie = $cur_cookies{'uid'}; -$magic_cookie = $cur_cookies{'id'}; -my $dbh = DBI->connect("DBI:SQLite:dbname=$db_path", undef, undef, { RaiseError => 1}) +my $dbPath = q{dbPath_goes_here}; +my $cookiesDir = q{cookiesDir_goes_here}; +my $linkTemplatePath = q{linkTemplatePath_goes_here}; +my $invitesTemplatePath = q{invite_template_goes_here}; + +my $cgiQueryGet = CGI->new; +my $username = $cgiQueryGet->param('username'); +my $pass = $cgiQueryGet->param('password'); +my $disconnect = $cgiQueryGet->param('disconnect'); +my $adminpanselect = $cgiQueryGet->param('adminpan'); +my ( $checkedOrNot, $hiddenLoginField, $magicCookie, + $UIDCookie, $ID, $refreshForm, + $userID) = undef; +my $linkGenNotif = my $sentMailNotif = my $mailIsOkNotif = my $deletionNotif = my $loginNotif = my $adminPanelField = my $adminbtn = ''; +my @createdLinks = (); +my %currentCookies = CGI::Cookie->fetch; +$UIDCookie = $currentCookies{'uid'}; +$magicCookie = $currentCookies{'id'}; +my $dbh = DBI->connect("DBI:SQLite:dbname=$dbPath", undef, undef, { RaiseError => 1}) or die $DBI::errstr; if ($adminpanselect){ - $adminpan_field = q{}; + $adminPanelField = q{}; } -if (not defined $magic_cookie){ # cookie is not set - $hidden_loginfield = qq{}; +if (not defined $magicCookie){ # cookie is not set + $hiddenLoginField = qq{}; - $refresh_form = qq{
- $hidden_loginfield - $adminpan_field - + $refreshForm = qq{ + $hiddenLoginField + $adminPanelField +
}; } else{ - $hidden_loginfield = qq{}; - $refresh_form = qq{
- $adminpan_field - + $hiddenLoginField = qq{}; + $refreshForm = qq{ + $adminPanelField +
}; - $idval = $magic_cookie->value; - if ($idval =~ /^([\w]+)$/){ - $idval = $1; + $ID = $magicCookie->value; + if ($ID =~ /^([\w]+)$/){ + $ID = $1; } - $userid = $uid_cookie->value; - if ($userid =~ /^([0-9]+)$/){ - $userid = $1; + $userID = $UIDCookie->value; + if ($userID =~ /^([0-9]+)$/){ + $userID = $1; } } -if ($disconnect and defined $magic_cookie){ # if we disconnect and cookie is active - my $delete_id_cookie = CGI::Cookie->new( +if ($disconnect and defined $magicCookie){ # if we disconnect and cookie is active + my $deleteIDCookie = CGI::Cookie->new( -name => 'id', - -value => $idval, + -value => $ID, -expires => '-1d', '-max-age' => '-1d', -domain => ".$hostname", @@ -418,9 +418,9 @@ if ($disconnect and defined $magic_cookie){ # if we disconnect and cookie is act -httponly => 1, -samesite => 'Strict', ); - my $delete_uid_cookie = CGI::Cookie->new( + my $deleteUIDCookie = CGI::Cookie->new( -name => 'uid', - -value => $userid, + -value => $userID, -expires => '-1d', '-max-age' => '-1d', -domain => ".$hostname", @@ -429,281 +429,281 @@ if ($disconnect and defined $magic_cookie){ # if we disconnect and cookie is act -httponly => 1, -samesite => 'Strict', ); - my $f = "$cookiesdir/$userid/$idval.txt"; + my $f = "$cookiesDir/$userID/$ID.txt"; if (-e "$f"){ unlink "$f" or die "cant delete cookie at $f :$!\n"; # delet it } - print "Set-Cookie: $delete_uid_cookie\n"; - print "Set-Cookie: $delete_id_cookie\n"; + print "Set-Cookie: $deleteUIDCookie\n"; + print "Set-Cookie: $deleteIDCookie\n"; } -my $loginok = LoginOk($dbh, $username, $pass, $userid, $magic_cookie, $uid_cookie, $cookiesdir); +my $loginOK = LoginOk($dbh, $username, $pass, $userID, $magicCookie, $UIDCookie, $cookiesDir); print "Cache-Control: no-store, must-revalidate\n"; -if($loginok){ +if($loginOK){ - $userid = $loginok; - my $user_mailaddr = DbGetLine($dbh, qq{SELECT mail from pigeons where userid='$userid';}); - my $nick = DbGetLine($dbh, qq{SELECT name from pigeons where userid='$userid';}); - my $isadmin = DbGetLine($dbh, qq{SELECT isadmin from pigeons where userid='$userid';}); - LoginCookieGen($userid, $magic_cookie, $cookiesdir); + $userID = $loginOK; + my $userMailAddr = DbGetLine($dbh, qq{SELECT mail from pigeons where userID='$userID';}); + my $nick = DbGetLine($dbh, qq{SELECT name from pigeons where userID='$userID';}); + my $isAdmin = DbGetLine($dbh, qq{SELECT isadmin from pigeons where userID='$userID';}); + LoginCookieGen($userID, $magicCookie, $cookiesDir); - if ($isadmin){ + if ($isAdmin){ $adminbtn = qq{
- $hidden_loginfield + $hiddenLoginField
}; - if (not -d "i/$userid"){ - mkpath("./i/$userid"); + if (not -d "i/$userID"){ + mkpath("./i/$userID"); } } - if (not -d "./l/$userid"){ - mkpath("./l/$userid"); + if (not -d "./l/$userID"){ + mkpath("./l/$userID"); } - if (defined $cgi_query_get->param('supprlien')){ - my $pending_deletion = $cgi_query_get->param('supprlien'); + if (defined $cgiQueryGet->param('supprlien')){ + my $pendingDeletion = $cgiQueryGet->param('supprlien'); #make sure smart and malicious users don't go deleting other things - if ($pending_deletion =~ /^l\/$userid\/([\w]+)\.cgi$/ or $pending_deletion =~ /^i\/$userid\/([\w]+)\.cgi$/) { - if (unlink UntaintCGIFilename($pending_deletion)){ - $deletion_notif=qq{$text_strings{link_del_ok}}; + if ($pendingDeletion =~ /^l\/$userID\/([\w]+)\.cgi$/ or $pendingDeletion =~ /^i\/$userID\/([\w]+)\.cgi$/) { + if (unlink UntaintCGIFilename($pendingDeletion)){ + $deletionNotif=qq{$textStrings{link_del_ok}}; } else { - $deletion_notif=qq{$text_strings{link_del_failed} $pending_deletion: $!}; + $deletionNotif=qq{$textStrings{link_del_failed} $pendingDeletion: $!}; } } } - if (defined $cgi_query_get->param('supprtout')){ - rmtree("./l/$userid", {keep_root=>1, safe=>1}); - $deletion_notif=qq{$text_strings{link_del_ok}}; + if (defined $cgiQueryGet->param('supprtout')){ + rmtree("./l/$userID", {keep_root=>1, safe=>1}); + $deletionNotif=qq{$textStrings{link_del_ok}}; } - if (defined $cgi_query_get->param('delallinvites')){ - rmtree("./i/$userid", {keep_root=>1, safe=>1}); - $deletion_notif=qq{$text_strings{link_del_ok}}; + if (defined $cgiQueryGet->param('delallinvites')){ + rmtree("./i/$userID", {keep_root=>1, safe=>1}); + $deletionNotif=qq{$textStrings{link_del_ok}}; } - if (defined $cgi_query_get->param('geninv')){ - my $invite_asker = scalar $cgi_query_get->param('opt-mail'); - $mailisok_notif = qq{$text_strings{addr} $invite_asker $text_strings{addr_nok}}; - my $str_rand_obj = String::Random->new; - my $random_fn = $str_rand_obj->randregex('\w{64}'); - my $GENERATED_FORM_FILENAME = "$random_fn.cgi"; - my $HREF_LINK = "https://$hostname/cgi-bin/i/$userid/$GENERATED_FORM_FILENAME"; - my $INVITES_PATH = "./i/$userid/$GENERATED_FORM_FILENAME"; - - open my $in, '<', $invites_template_path or die "Can't read link template file: $!"; - open my $out, '>', $INVITES_PATH or die "Can't write to link file: $!"; + if (defined $cgiQueryGet->param('geninv')){ + my $inviteAsker = scalar $cgiQueryGet->param('opt-mail'); + $mailIsOkNotif = qq{$textStrings{addr} $inviteAsker $textStrings{addr_nok}}; + my $StrRandObj = String::Random->new; + my $randomFilename = $StrRandObj->randregex('\w{64}'); + my $generatedFormFilename = "$randomFilename.cgi"; + my $hrefLink = "https://$hostname/cgi-bin/i/$userID/$generatedFormFilename"; + my $invitesPath = "./i/$userID/$generatedFormFilename"; + + open my $in, '<', $invitesTemplatePath or die "Can't read link template file: $!"; + open my $out, '>', $invitesPath or die "Can't write to link file: $!"; while( <$in> ) { - if ( Email::Valid->address($invite_asker) ){ - $mailisok_notif = qq{$text_strings{addr} $invite_asker $text_strings{addr_ok}}; - s/mail = undef;/mail = q{$invite_asker};/g; - s/{mailfield_goes_here}/{}/g; + if ( Email::Valid->address($inviteAsker) ){ + $mailIsOkNotif = qq{$textStrings{addr} $inviteAsker $textStrings{addr_ok}}; + s/mail = undef;/mail = q{$inviteAsker};/g; + s/{mailfield_goes_here}/{}/g; } s/{mailfield_goes_here}/{}/g; - if (defined $cgi_query_get->param('mailnotif') ){ + if (defined $cgiQueryGet->param('mailnotif') ){ s/EMAIL_NOTIF = .*/EMAIL_NOTIF = q{1};/g } - if (defined $cgi_query_get->param('adminprom') ){ + if (defined $cgiQueryGet->param('adminprom') ){ s/is_admin_goes_here/1/g } else{ s/is_admin_goes_here/0/g } - s/{user_mailaddr_goes_here}/{$user_mailaddr}/g; + s/{userMailAddr_goes_here}/{$userMailAddr}/g; print $out $_; } close $in or die; - chmod(0755,$INVITES_PATH) or die; + chmod(0755,$invitesPath) or die; close $out or die; - $linkgen_notif = qq{$text_strings{link_generated_ok}:
$HREF_LINK}; - if (defined $cgi_query_get->param('invitemail') and Email::Valid->address($invite_asker)){ - SendGpigeonMail($invite_asker,"[GPIGEON](Do not reply) You have been invited to $hostname","Greetings,\n\n\tYou have been invited to create an GPIGEON account on $hostname.\n\tClick on the link below to fill in the form:\n\t$HREF_LINK\n\tIf you believe this mail is not meant for you, ignore it and mail the webmaster or admin\@les-miquelots.net about it.\n\nKind regards,\nGpigeon mailing system at $hostname.") or $sentmail_notif = "$!"; + $linkGenNotif = qq{$textStrings{link_generated_ok}:
$hrefLink}; + if (defined $cgiQueryGet->param('invitemail') and Email::Valid->address($inviteAsker)){ + SendGpigeonMail($inviteAsker,"[GPIGEON](Do not reply) You have been invited to $hostname","Greetings,\n\n\tYou have been invited to create an GPIGEON account on $hostname.\n\tClick on the link below to fill in the form:\n\t$hrefLink\n\tIf you believe this mail is not meant for you, ignore it and mail the webmaster or admin\@les-miquelots.net about it.\n\nKind regards,\nGpigeon mailing system at $hostname.") or $sentMailNotif = "$!"; } } - if (defined $cgi_query_get->param('mail')){ - my $link_asker = scalar $cgi_query_get->param('mail'); - - if ( Email::Valid->address($link_asker) ){ - $mailisok_notif = qq{$text_strings{addr} $link_asker $text_strings{addr_ok}}; - my $str_rand_obj = String::Random->new; - my $random_fn = $str_rand_obj->randregex('\w{64}'); - my $GENERATED_FORM_FILENAME = "$random_fn.cgi"; - my $HREF_LINK = "https://$hostname/cgi-bin/l/$userid/$GENERATED_FORM_FILENAME"; - my $LINK_PATH = "./l/$userid/$GENERATED_FORM_FILENAME"; - - open my $in, '<', $link_template_path or die "Can't read link template file: $!"; - open my $out, '>', $LINK_PATH or die "Can't write to link file: $!"; + if (defined $cgiQueryGet->param('mail')){ + my $linkAsker = scalar $cgiQueryGet->param('mail'); + + if ( Email::Valid->address($linkAsker) ){ + $mailIsOkNotif = qq{$textStrings{addr} $linkAsker $textStrings{addr_ok}}; + my $StrRandObj = String::Random->new; + my $randomFilename = $StrRandObj->randregex('\w{64}'); + my $generatedFormFilename = "$randomFilename.cgi"; + my $hrefLink = "https://$hostname/cgi-bin/l/$userID/$generatedFormFilename"; + my $linkPath = "./l/$userID/$generatedFormFilename"; + + open my $in, '<', $linkTemplatePath or die "Can't read link template file: $!"; + open my $out, '>', $linkPath or die "Can't write to link file: $!"; while( <$in> ) { - s/{link_user}/{$link_asker}/g; - s/{user_mailaddr_goes_here}/{$user_mailaddr}/g; + s/{link_user}/{$linkAsker}/g; + s/{userMailAddr_goes_here}/{$userMailAddr}/g; print $out $_; } close $in or die; - chmod(0755,$LINK_PATH) or die; + chmod(0755,$linkPath) or die; close $out or die; - $linkgen_notif = qq{$text_strings{link_generated_ok}:
$HREF_LINK}; - if (defined $cgi_query_get->param('notiflinkbymail')){ - SendGpigeonMail($link_asker,"[GPIGEON](Do not reply) Your encrypted form is ready","Greetings,\n\n\tAn encrypted form has been generated for you on $hostname.\n\tClick on the link below to fill in the form:\n\t$HREF_LINK\n\tIf you believe this mail is not meant for you, ignore it and mail the webmaster or admin\@les-miquelots.net about it.\n\nKind regards,\nGpigeon mailing system at $hostname.") or $sentmail_notif="$!" ; + $linkGenNotif = qq{$textStrings{link_generated_ok}:
$hrefLink}; + if (defined $cgiQueryGet->param('notiflinkbymail')){ + SendGpigeonMail($linkAsker,"[GPIGEON](Do not reply) Your encrypted form is ready","Greetings,\n\n\tAn encrypted form has been generated for you on $hostname.\n\tClick on the link below to fill in the form:\n\t$hrefLink\n\tIf you believe this mail is not meant for you, ignore it and mail the webmaster or admin\@les-miquelots.net about it.\n\nKind regards,\nGpigeon mailing system at $hostname.") or $sentMailNotif="$!" ; } } else{ - $mailisok_notif = qq{$text_strings{addr} $link_asker $text_strings{addr_nok}}; + $mailIsOkNotif = qq{$textStrings{addr} $linkAsker $textStrings{addr_nok}}; } } - my @links_table = GetFileTable("l/$userid", $hidden_loginfield, $adminpan_field); + my @linksTable = GetFileTable("l/$userID", $hiddenLoginField, $adminPanelField); print 'Content-type: text/html',"\n\n"; - if ($adminpanselect and $isadmin){ - my @invites_table = GetFileTable("i/$userid", $hidden_loginfield, $adminpan_field); - - - print qq{ - - - - - - - $text_strings{web_title} - - -

GPIGEON - Admin panel

-

Welcome to the admin panel. Here, you can view and generate account invites and also search and delete users.

-
- $hidden_loginfield - -
-
- - + if ($adminpanselect and $isAdmin){ + my @invitesTable = GetFileTable("i/$userID", $hiddenLoginField, $adminPanelField); + + + print qq{ + + + + + + + $textStrings{web_title} + + +

GPIGEON - Admin panel

+

Welcome to the admin panel. Here, you can view and generate account invites and also search and delete users.

+ + $hiddenLoginField + +
+
+ + +
+ $refreshForm +
+
+ $hiddenLoginField + $adminPanelField + + + + + + + + +
+ $mailIsOkNotif +
+ $linkGenNotif +
+ $sentMailNotif
- $refresh_form -
-
- $hidden_loginfield - $adminpan_field - - - - - - - - -
- $mailisok_notif -
- $linkgen_notif -
- $sentmail_notif -
-
+
+
+ $hiddenLoginField + $adminPanelField + +
+ $deletionNotif + + + + + + + + @invitesTable + +
🔗 $textStrings{theader_link}📧 $textStrings{theader_for} ❌ $textStrings{theader_deletion}
+ + + }; + } + else { + print qq{ + + + + + + + $textStrings{web_title} + + +

$textStrings{web_title}

+

$textStrings{web_greet_msg}

+ $adminbtn +
+ + +
+ $refreshForm +
+
- $hidden_loginfield - $adminpan_field - + $hiddenLoginField + Mail:
+ + +
- $deletion_notif + $mailIsOkNotif +
+ $linkGenNotif +
+ $sentMailNotif +
+
+ $hiddenLoginField + +
+ $deletionNotif - - - + + + - @invites_table + @linksTable
🔗 $text_strings{theader_link}📧 $text_strings{theader_for} ❌ $text_strings{theader_deletion}🔗 $textStrings{theader_link}📧 $textStrings{theader_for} ❌ $textStrings{theader_deletion}
- - - }; - } - else { - print qq{ - - - - - - - $text_strings{web_title} - - -

$text_strings{web_title}

-

$text_strings{web_greet_msg}

- $adminbtn -
- - -
- $refresh_form -
-
-
- $hidden_loginfield - Mail:
- - - -
- $mailisok_notif -
- $linkgen_notif -
- $sentmail_notif -
-
- $hidden_loginfield - -
- $deletion_notif - - - - - - - - @links_table - -
🔗 $text_strings{theader_link}📧 $text_strings{theader_for} ❌ $text_strings{theader_deletion}
- - }; + + }; } } else{ $dbh->disconnect; - if (not $disconnect and defined $magic_cookie){ - $login_notif = qq{$text_strings{cookie_problems}}; + if (not $disconnect and defined $magicCookie){ + $loginNotif = qq{$textStrings{cookie_problems}}; } if (length($pass) > 0 or length($username) > 0){ - $login_notif = qq{$text_strings{incorrect_ids}}; + $loginNotif = qq{$textStrings{incorrect_ids}}; } print "Content-type: text/html\n\n", @@ -713,28 +713,28 @@ qq{ - $text_strings{landingpage_title} + $textStrings{landingpage_title} -

$text_strings{landingpage_title}

+

$textStrings{landingpage_title}

- + - + - + - +
$text_strings{username_label}$textStrings{username_label}
$text_strings{password_label}$textStrings{password_label}
$login_notif$loginNotif
-- cgit v1.2.3-70-g09d2