Re-enable the web-based PR submission mechanism.

This code relies on the netpbm port being installed ; this is already a dependency of the textproc/docproj port. This comes courtesy of a collaboration with Eric Anderson <anderson@centtech.com> who submitted both the idea and the vast majority of the code to implement it; thank you very much, Eric - this is a great Christmas present to us and our user community.
svn path=/www/; revision=19185
2003-12-14 17:28:13 +00:00 · 2003-12-14 17:28:13 +00:00 · 555cb01e5a · 2020-12-08 03:00:23 +00:00
commit 555cb01e5a
parent 0613439948
41 changed files with 260 additions and 29 deletions
--- a/en/cgi/Makefile
+++ b/en/cgi/Makefile
@ -1,4 +1,4 @@
-# $FreeBSD: www/en/cgi/Makefile,v 1.18 2001/10/29 10:14:31 murray Exp $
+# $FreeBSD: www/en/cgi/Makefile,v 1.19 2002/11/09 05:23:14 bmah Exp $

 .if exists(../Makefile.conf)
 .include "../Makefile.conf"
@ -11,7 +11,7 @@ DATA=	ftp.mirrors
 DATA+=	cvsweb.conf cvsweb.conf-freebsd cvsweb.conf-netbsd cvsweb.conf-openbsd
 CGI=	ftp.cgi gallery.cgi mirror.cgi cgi-lib.pl cgi-style.pl
 CGI+=	search.cgi cvsweb.cgi query-pr.cgi query-pr-summary.cgi
-# CGI+=	dosendpr.cgi
+CGI+=	dosendpr.cgi sendpr-code.cgi
 CGI+=	freebsd.def html.pl reg.cgi missing_handler.cgi
 CGI+=	ports.cgi pds.cgi man.cgi url.cgi getmsg.cgi mid.cgi
 CGI+=	mailindex.cgi
--- a/en/cgi/confirm-code.cgi
+++ b/en/cgi/confirm-code.cgi
@ -0,0 +1,82 @@
+#!/usr/bin/perl -T
+#
+# $FreeBSD$
+#
+# Copyright (c) 2003 Eric Anderson
+
+use DB_File;
+use Fcntl qw(:DEFAULT :flock);
+use strict;
+
+$ENV{"PATH"} = "/bin:/usr/bin";
+$ENV{"TMPDIR"} = "/tmp";
+
+my($fd, $db_obj, %db_hash, $currenttime, $randomcode, $pngbindata, $randompick, $pnmlist, $i);
+my($expiretime, $pnmcat, $pnmtopng, $pnmdatadir, $dbpath);
+
+############################################
+# generate 8 charactor code from A-Z0-9 (no o,O,0)
+my @availchars = qw(A B C D E F G H I J K L M N P Q R S T U V W X Y Z 
+                 1 2 3 4 5 6 7 8 9);
+
+$pnmcat = "/usr/local/bin/pnmcat";
+$pnmtopng = "/usr/local/bin/pnmtopng";
+$pnmdatadir = "../gifs/";
+$dbpath = "/tmp/sendpr-code.db";
+$expiretime = 900;		# seconds until code expires
+############################################
+
+$currenttime = time();
+
+# DB stuff here
+$db_obj = tie(%db_hash, 'DB_File', $dbpath, O_CREAT|O_RDWR, 0644)
+                    or die "dbcreate $dbpath $!";
+$fd = $db_obj->fd;
+open(DB_FH, "+<&=$fd") or die "fdopen $!";
+
+unless (flock (DB_FH, LOCK_EX | LOCK_NB)) {
+    unless (flock (DB_FH, LOCK_EX)) { die "flock: $!" }
+}
+
+&gencode;
+
+while ($db_hash{$randomcode}) {
+	# it already exists so:
+	# we check age (over x seconds old?)
+	# if it is, override with new date
+	# if not, generate a new code
+	if ( ($currenttime - $expiretime) <= $db_hash{$randomcode}) {
+		&gencode;
+	} else {
+		delete $db_hash{"$randomcode"};
+	}
+}
+
+$db_hash{$randomcode} = $currenttime;
+
+$db_obj->sync();                   # to flush
+flock(DB_FH, LOCK_UN);
+undef $db_obj;                     # removing the last reference to the DB
+                                   # closes it. Closing DB_FH is implicit.
+untie %db_hash;
+
+$/ = "";
+
+open(BUILDPNG, "$pnmcat -lr $pnmlist | $pnmtopng 2>/dev/null |");
+$pngbindata = <BUILDPNG>;
+print "Content-type: image/png\n\n";
+print "$pngbindata";
+close(BUILDPNG);
+
+############################################
+sub gencode {
+	srand( time() ^ ($$ + ($$ << 15)) );
+
+	for ($i = 0; $i < 8; $i++) {
+		$randompick = $availchars[int(rand(@availchars))];
+		$randomcode .= "$randompick";
+		$pnmlist .= "$pnmdatadir$randompick\.pnm ";
+	}
+}
+
+
--- a/en/cgi/dosendpr.cgi
+++ b/en/cgi/dosendpr.cgi
@ -8,17 +8,22 @@
 #  GNU General Public License Version 2.  
 #     (http://www.gnu.ai.mit.edu/copyleft/gpl.html)
 #
-# $FreeBSD: www/en/cgi/dosendpr.cgi,v 1.12 2003/05/15 12:08:05 ceri Exp $
+# $FreeBSD: www/en/cgi/dosendpr.cgi,v 1.13 2003/09/04 15:16:15 ceri Exp $

 require "html.pl";

 use Socket;
+use DB_File;
+use Fcntl qw(:DEFAULT :flock);

 my $blackhole = "dnsbl.njabl.org";
 my $openproxyip = "127.0.0.9";
 my $blackhole_err = 0;
 my $openproxy;

+my $expiretime = 900;
+$dbpath = "/tmp/sendpr-code.db";
+
 # Environment variables to stuff in the PR header.
 my @ENV_captures = qw/	REMOTE_HOST
 			REMOTE_ADDR
@ -102,21 +107,52 @@ if (!$submitprog) { &prerror("submit program problem"); }
 &html_body ($gnsprepbody);

 # Verify the data ...
-if (!$cgi_data{'email'} || !$cgi_data{'originator'} ||
-    !$cgi_data{'synopsis'}) {
-    if ($gnsprepbad && -e $gnsprepbad )
-      { print `cat $gnsprepbad`; }
-    else {
-	print "<h1>Bad Data</h1>\nYou need to specify at least your ",
-          "electronic mail address, your name and a synopsis of the ",
-          "of the problem.\n  Please return to the form and add the ",
-          "missing information.  Thank you.\n";
-    }
-    &html_end();

-    exit(1);
+$db_obj = tie(%db_hash, 'DB_File', $dbpath, O_CREAT|O_RDWR, 0644)
+                    or die "dbcreate $dbpath $!";
+$fd = $db_obj->fd;
+open(DB_FH, "+<&=$fd") or die "fdopen $!";
+
+unless (flock (DB_FH, LOCK_EX | LOCK_NB)) {
+    unless (flock (DB_FH, LOCK_EX)) { die "flock: $!" }
 }

+$codeentered = $cgi_data{'code-confirm'};
+$currenttime = time();
+if (defined($codeentered) && $codeentered && $db_hash{$codeentered} && 
+  (($currenttime - $expiretime) <= $db_hash{$codeentered})) {
+    if (!$cgi_data{'email'} || !$cgi_data{'originator'} ||
+        !$cgi_data{'synopsis'}) {
+        if ($gnsprepbad && -e $gnsprepbad )
+          { print `cat $gnsprepbad`; }
+        else {
+	    print "<h1>Bad Data</h1>\nYou need to specify at least your ",
+              "electronic mail address, your name and a synopsis of the ",
+              "of the problem.\n  Please return to the form and add the ",
+              "missing information.  Thank you.\n";
+        }
+        &html_end();
+
+        exit(1);
+    }
+} else {
+	print "<h1>Incorrect safety code</h1>\nYou need to enter the correct ",
+          "code from the image displayed.  Please return to the form and enter the ",
+          "code exactly as shown. Thank you.\n";
+
+        &html_end();
+
+        exit(1);
+}
+
+delete $db_hash{"$codeentered"};
+$db_obj->sync();                   # to flush
+flock(DB_FH, LOCK_UN);
+undef $db_obj;                     # removing the last reference to the DB
+                                   # closes it. Closing DB_FH is implicit.
+untie %db_hash;
+
+
 $openproxy = isopenproxy($ENV{'REMOTE_ADDR'}, $blackhole, $openproxyip);
 if (defined $openproxy) {
 	if ($openproxy) {
@ -134,7 +170,7 @@ $pr = "To: $gnemail\n" .
 if ($blackhole_err) {
      $pr .= "X-REMOTE_ADDR-Is-Open-Proxy: Maybe\n";
 }
-$pr .= "X-Send-Pr-Version: www-1.0\n\n" .
+$pr .= "X-Send-Pr-Version: www-2.0\n\n" .
      ">Submitter-Id:\t$cgi_data{'submitterid'}\n" .
      ">Originator:\t$cgi_data{'originator'}\n" .
      ">Organization:\t$cgi_data{'organization'}\n" .
--- a/en/cgi/sendpr-code.cgi
+++ b/en/cgi/sendpr-code.cgi
@ -0,0 +1,82 @@
+#!/usr/bin/perl -T
+#
+# $FreeBSD$
+#
+# Copyright (c) 2003 Eric Anderson
+
+use DB_File;
+use Fcntl qw(:DEFAULT :flock);
+use strict;
+
+$ENV{"PATH"} = "/bin:/usr/bin";
+$ENV{"TMPDIR"} = "/tmp";
+
+my($fd, $db_obj, %db_hash, $currenttime, $randomcode, $pngbindata, $randompick, $pnmlist, $i);
+my($expiretime, $pnmcat, $pnmtopng, $pnmdatadir, $dbpath);
+
+############################################
+# generate 8 charactor code from A-Z0-9 (no o,O,0)
+my @availchars = qw(A B C D E F G H I J K L M N P Q R S T U V W X Y Z 
+                 1 2 3 4 5 6 7 8 9);
+
+$pnmcat = "/usr/local/bin/pnmcat";
+$pnmtopng = "/usr/local/bin/pnmtopng";
+$pnmdatadir = "../gifs/";
+$dbpath = "/tmp/sendpr-code.db";
+$expiretime = 900;		# seconds until code expires
+############################################
+
+$currenttime = time();
+
+# DB stuff here
+$db_obj = tie(%db_hash, 'DB_File', $dbpath, O_CREAT|O_RDWR, 0644)
+                    or die "dbcreate $dbpath $!";
+$fd = $db_obj->fd;
+open(DB_FH, "+<&=$fd") or die "fdopen $!";
+
+unless (flock (DB_FH, LOCK_EX | LOCK_NB)) {
+    unless (flock (DB_FH, LOCK_EX)) { die "flock: $!" }
+}
+
+&gencode;
+
+while ($db_hash{$randomcode}) {
+	# it already exists so:
+	# we check age (over x seconds old?)
+	# if it is, override with new date
+	# if not, generate a new code
+	if ( ($currenttime - $expiretime) <= $db_hash{$randomcode}) {
+		&gencode;
+	} else {
+		delete $db_hash{"$randomcode"};
+	}
+}
+
+$db_hash{$randomcode} = $currenttime;
+
+$db_obj->sync();                   # to flush
+flock(DB_FH, LOCK_UN);
+undef $db_obj;                     # removing the last reference to the DB
+                                   # closes it. Closing DB_FH is implicit.
+untie %db_hash;
+
+$/ = "";
+
+open(BUILDPNG, "$pnmcat -lr $pnmlist | $pnmtopng 2>/dev/null |");
+$pngbindata = <BUILDPNG>;
+print "Content-type: image/png\n\n";
+print "$pngbindata";
+close(BUILDPNG);
+
+############################################
+sub gencode {
+	srand( time() ^ ($$ + ($$ << 15)) );
+
+	for ($i = 0; $i < 8; $i++) {
+		$randompick = $availchars[int(rand(@availchars))];
+		$randomcode .= "$randompick";
+		$pnmlist .= "$pnmdatadir$randompick\.pnm ";
+	}
+}
+
+