Formulaire ', "\n", - 'd\'envoi de message GPG

From 1c481b16bd56c888d99aa82936936783996e3cc1 Mon Sep 17 00:00:00 2001 From: Miquel Lionel Date: Tue, 17 Nov 2020 22:58:24 +0100 Subject: Readability of the script a bit improved. --- gpigeon-template.cgi | 267 +++++++++++++++++++++++---------------------------- 1 file changed, 121 insertions(+), 146 deletions(-) (limited to 'gpigeon-template.cgi') diff --git a/gpigeon-template.cgi b/gpigeon-template.cgi index 10e0100..4807f74 100755 --- a/gpigeon-template.cgi +++ b/gpigeon-template.cgi @@ -8,7 +8,6 @@ use String::Random; use CGI qw(param); #use CGI::Carp qw(fatalsToBrowser); -delete @ENV{qw(IFS PATH CDPATH BASH_ENV)}; sub escape_arobase { my $mailaddress = shift; @@ -39,9 +38,12 @@ sub notif_if_defined{ } } +delete @ENV{qw(IFS PATH CDPATH BASH_ENV)}; # execute 'printf "yourpassword" | sha256sum' on a terminal # and copy the long string -$ENV{'PATH'}='/usr/bin'; +$ENV{'PATH'} = '/usr/bin'; +my $HAS_MAILSERVER = 0; +my $SRV_NAME = $ENV{'SERVER_NAME'}; my $HTML_CONTENT_TYPE_HEADER = 'Content-type: text/html'; my $HTML_CHARSET = 'UTF-8'; my $HTML_CSS = '/gpigeon.css'; @@ -50,17 +52,9 @@ my $mymailaddr_pw = q{your_mail_address_password_goes_here}; my $mymail_smtp = q{smtp_domain_goes_here}; my $mymail_smtport = q{smtp_port_goes_here}; my $mymail_gpgid = q{gpgid_goes_here}; #0xlong keyid form -my $mymailaddr_escaped = escape_arobase($mymailaddr); -my $msg_form_char_limit = 3000; my $PASSWD_HASH = q{password_hash_goes_here}; -my $cgi_query_get = CGI->new; -my $PASSWD = $cgi_query_get->param('password'); -my $HAS_MAILSERVER = 0; - -if ( sha256_hex($PASSWD) eq $PASSWD_HASH and $ENV{'REQUEST_METHOD'} eq 'POST'){ - - - my @text_strings = ('Succesful deletion!', +my $mymailaddr_escaped = escape_arobase($mymailaddr); +my @text_strings = ('Succesfull deletion!', 'Address', 'is valid!', 'is not valid !', @@ -87,43 +81,45 @@ if ( sha256_hex($PASSWD) eq $PASSWD_HASH and $ENV{'REQUEST_METHOD'} eq 'POST'){ 'Deletion failed and here is why : ', 'Cannot send message : message length must be under ' .$msg_form_char_limit . ' characters.', 'Cannot send message : message is empty. You can type up to ' . $msg_form_char_limit . ' characters.' - ); - my $psswd_formfield = '',"\n"; - my $SRV_NAME = $ENV{'SERVER_NAME'}; - my ($notif_de_creation, $notif_mail_valide, $notif_suppression) = undef; - my @created_links = (); +); +my $msg_form_char_limit = 3000; +my $cgi_query_get = CGI->new; +my $PASSWD = $cgi_query_get->param('password'); +my $psswd_formfield = '',"\n"; +my ($notif_de_creation, $notif_mail_valide, $notif_suppression) = undef; +my @created_links = (); + +if ( sha256_hex($PASSWD) eq $PASSWD_HASH and $ENV{'REQUEST_METHOD'} eq 'POST'){ if (defined $cgi_query_get->param('supprlien')){ my $pending_deletion = $cgi_query_get->param('supprlien'); - my $relpath_todelete = "./l/$pending_deletion"; - if (unlink untaint_cgi_filename($relpath_todelete)){ + my $gpg_form_fn = "./l/$pending_deletion"; + if (unlink untaint_cgi_filename($gpg_form_fn)){ $notif_suppression=''.$text_strings[0].''; } else { - $notif_suppression=''.$text_string[24]. - $relpath_todelete.':'.$!.''; + $notif_suppression=''. $text_string[24] . $gpg_form_fn.':'. $! .''; } } if (defined $cgi_query_get->param('supprtout')){ - opendir my $dir_handle, './l' or die "Can't open ./l: $!"; + opendir my $link_dir_handle, './l' or die "Can't open ./l: $!"; - while (readdir $dir_handle) { + while (readdir $link_dir_handle) { if ($_ ne '.' and $_ ne '..'){ - my $relpath_todelete = "./l/$_"; - unlink untaint_cgi_filename($relpath_todelete) or die "$!"; - $notif_suppression=''. - $text_strings[0] .''; + my $gpg_form_fn = "./l/$_"; + unlink untaint_cgi_filename($gpg_form_fn) or die "$!"; + $notif_suppression=''. $text_strings[0] .''; } } - closedir $dir_handle; + closedir $link_dir_handle; } if (defined $cgi_query_get->param('mail')){ my $non_gpguser = scalar $cgi_query_get->param('mail'); + if ( Email::Valid->address($non_gpguser) ){ - $notif_mail_valide = "$text_strings[1] - $non_gpguser $text_strings[2]"; + $notif_mail_valide = ''. $text_strings[1] . $non_gpguser . $text_strings[2] . ''; my $escaped_non_gpguser = escape_arobase($input_mail_addr); my $random_mailform_fn_str = String::Random->new; my @mailform_fn_str_buffer = (); @@ -134,14 +130,12 @@ if ( sha256_hex($PASSWD) eq $PASSWD_HASH and $ENV{'REQUEST_METHOD'} eq 'POST'){ } my $mailform_fn_str_buffer_nospace = join('',@mailform_fn_str_buffer); - my $GENERATED_FORM_FILENAME = - "$mailform_fn_str_buffer_nospace.cgi"; + my $GENERATED_FORM_FILENAME = "$mailform_fn_str_buffer_nospace.cgi"; my $MAILFORM_LINK = "http://$SRV_NAME/cgi-bin/l/$GENERATED_FORM_FILENAME"; my $MAILFORM_RELPATH = "./l/$GENERATED_FORM_FILENAME"; - if (open my $mailform_fh, ">", $MAILFORM_RELPATH){ - print $mailform_fh '#! /usr/bin/perl -wT',"\n\n", - ' my $non_gpguser = q{', $non_gpguser - , '};', "\n", + if (open my $gpg_form_fh, ">", $MAILFORM_RELPATH){ + print $gpg_form_fh '#! /usr/bin/perl -wT',"\n\n" + ' my $non_gpguser = q{'. $non_gpguser .'};', "\n", 'delete @ENV{qw(IFS PATH CDPATH BASH_ENV)};', "\n", '$ENV{\'PATH\'}="/usr/bin";', 'use warnings;', "\n", @@ -150,7 +144,7 @@ if ( sha256_hex($PASSWD) eq $PASSWD_HASH and $ENV{'REQUEST_METHOD'} eq 'POST'){ '#use CGI::Carp qw(fatalsToBrowser);', 'use CGI qw(param);', "\n", 'my $cgi_query_get = CGI->new;', "\n", - 'my ($msg_form, $enc_msg, $error_processing_msg,$msg_form_char_limit) = undef;', "\n", + 'my ($msg_form, $enc_msg, $error_processing_msg,$msg_form_char_limit) = undef;', "\n", '$msg_form_char_limit = '. $msg_form_char_limit . ' ;', "\n", '$msg_form = $cgi_query_get->param(\'msg\');', "\n", 'my $length_msg_form = length $msg_form;', "\n", @@ -161,19 +155,15 @@ if ( sha256_hex($PASSWD) eq $PASSWD_HASH and $ENV{'REQUEST_METHOD'} eq 'POST'){ '} else {', "\n", 'if (defined $cgi_query_get->param(\'msg\') and $ENV{\'REQUEST_METHOD\'} eq \'POST\'){',"\n", ' $msg_form =~ tr/\r//d;', "\n", - ' my $gpg = new GPG(gnupg_path => "/usr/bin", homedir => - "/usr/share/www-data/.gnupg/");', "\n", - ' $enc_msg = $gpg->encrypt("De la part de " . - $non_gpguser . ":\n". $msg, \'0x'. $mymail_gpgid .'\') or die - $gpg->error();', "\n"; - if ($HAS_MAILSERVER eq 0){ - print 'use Net::SMTP;',"\n", + ' my $gpg = new GPG(gnupg_path => "/usr/bin", homedir => "/usr/share/www-data/.gnupg/");', "\n", + ' $enc_msg = $gpg->encrypt("De la part de " . $non_gpguser . ":\n". $msg, \'0x'. $mymail_gpgid .'\') or die $gpg->error();', "\n"; + + if ($HAS_MAILSERVER eq 0){ + print 'use Net::SMTP;',"\n", 'use Net::SMTPS;',"\n", - 'my $smtp = Net::SMTPS->new(\''. $mymail_smtp .'\', Port => \''. $mymail_smtport .'\', - doSSL => \'ssl\', Debug_SSL => 0);', "\n", + 'my $smtp = Net::SMTPS->new(\''. $mymail_smtp .'\', Port => \''. $mymail_smtport .'\', doSSL => \'ssl\', Debug_SSL => 0);', "\n", '$smtp->auth(\''. $mymailaddr .'\', \''. $mymailaddr_pw .'\') or die;', "\n", - '$smtp->mail(\''. $mymailaddr .'\') or die "Net::SMTP module has broke: - $!.";', "\n", + '$smtp->mail(\''. $mymailaddr .'\') or die "Net::SMTP module has broke: $!.";', "\n", 'if ($smtp->to(\''. $mymailaddr .'\')){', "\n", ' $smtp->data();', "\n", ' $smtp->datasend("To: '. $mymailaddr_escaped .'\n");', "\n", @@ -184,70 +174,62 @@ if ( sha256_hex($PASSWD) eq $PASSWD_HASH and $ENV{'REQUEST_METHOD'} eq 'POST'){ 'else {', "\n", ' die $smtp->message();', "\n", '}', "\n"; - } - else { - undef $mymailaddr_escaped; - print 'use Mail::Sendmail;', + } + else { + undef $mymailaddr_escaped; + print 'use Mail::Sendmail;', '%mail = ( To => \''.$mymailaddr.'\',' , "\n", ' From => \''.$mymailaddr.'\',', "\n", ' Subject => \'Gpigeon\' ', "\n", ' Message => "$enc_msg\n" ', "\n", ');', "\n", - 'sendmail(%mail) or die $Mail::Sendmail::error;', "\n" - ; - - } - print 'unlink "../' . $MAILFORM_RELPATH . '";', "\n", + 'sendmail(%mail) or die $Mail::Sendmail::error;', "\n"; + } + print 'unlink "../' . $MAILFORM_RELPATH . '";', "\n", 'print "Location: /gpigeon/merci/index.html\n\n";', "\n", '}', "\n", '}', "\n", 'print "Content-type: text/html", "\n\n";', "\n", - 'print qq{', "\n", + 'print q{', "\n", '', "\n", ' ', "\n", - ' ', "\n", - ''; - '',"\n",'',"\n"; - 'Formulaire ', "\n", - 'd\'envoi de message GPG',"\n", + ' ', "\n", + ' '; + ' ',"\n",'',"\n", + ' Formulaire d\'envoi de message GPG',"\n", ' ', "\n", ' ', "\n", - '

'. $text_strings[7] . '' - .$escaped_non_gpguser .' :

', "\n", + '

'. $text_strings[7] . '' .$escaped_non_gpguser .' :

', "\n", ' ', "\n", ' ', "\n", - '};'; - close $mailform_fh; + ' };'; + close $gpg_form_fh; chmod(0755,$MAILFORM_RELPATH); - - $notif_de_creation="$text_strings[9] $non_gpguser
$MAILFORM_LINK"; + $notif_de_creation=''. $text_strings[9] . $non_gpguser .'
'. $MAILFORM_LINK .''; } else{ - close $mailform_fh and die "cant open $MAILFORM_RELPATH: $!"; - + close $gpg_form_fh and die "cant open $MAILFORM_RELPATH: $!"; } } else{ - $notif_mail_valide = "$text_strings[1] - $non_gpguser $text_strings[3]."; + $notif_mail_valide = "$text_strings[1] $non_gpguser $text_strings[3]."; } } - opendir my $dir_handle, './l' or die "Can't open ./l: $!"; + opendir my $link_dir_handle, './l' or die "Can't open ./l: $!"; - while (readdir $dir_handle) { + while (readdir $link_dir_handle) { if ($_ ne '.' and $_ ne '..'){ my $gpg_form_fn = $_; my $non_gpguser = undef; if (open my $gpg_form_handle , '<', "./l/$gpg_form_fn"){ + for (1..4){ $non_gpguser = readline $gpg_form_handle; $non_gpguser =~ s/q\{(.*?)\}//i; @@ -260,84 +242,77 @@ if ( sha256_hex($PASSWD) eq $PASSWD_HASH and $ENV{'REQUEST_METHOD'} eq 'POST'){ } #create links table html - push @created_links, '',"\n", - "\tici", "\n", - "\t$non_gpguser", "\n", - ' - - ', "\n", - ''; + push @created_links, + ' + ici + $non_gpguser + + + + '; } else { close $gpg_form_handle; - die "Content-type: text/plain", "\n\n", - "$text_strings[13] $gpg_form_fn: $!"; + die 'Content-type: text/plain', "\n\n", "$text_strings[13] $gpg_form_fn: $!"; } - - } } - closedir $dir_handle; + closedir $link_dir_handle; print $HTML_CONTENT_TYPE_HEADER,"\n\n", - '', "\n", - '', "\n", - '', "\n", - '', "\n", - ''; - '',"\n",'',"\n"; - ''. $text_strings[14] .'', "\n", - '', "\n", - '', "\n", - '

'. $text_strings[15] .'

', "\n", - '', "\n", - ' + ', "\n", - '

', "\n", - '
', "\n", - ' +

+
+ ', "\n", - notif_if_defined($notif_mail_valide), '
', "\n", + 'Mail de la personne:
+ + + ', + notif_if_defined($notif_mail_valide), + '
', notif_if_defined($notif_de_creation), - '

', "\n", - '

'. $text_strings[19] .'

', "\n", - '', "\n", + ' + + ', notif_if_defined($notif_suppression), - '', "\n", - '', "\n", - '', "\n", - '', "\n", - '', "\n", - '', "\n", - "@created_links", "\n", - '

'. $text_strings[21] .'	'. $text_strings[22] .'	'. $text_strings[23] .'

', "\n", - '', "\n", - ''; + ' + + ', + '', + '', + '', + "@created_links", + '

'. $text_strings[21] .'	'. $text_strings[22] .'	'. $text_strings[23] .'

+ + '; } else { - print 'Location: /gpigeon/index.html', "\n\n"; + print 'Location: /index.html', "\n\n"; } -- cgit v1.2.3-70-g09d2