2021-03-06 23:03:04 +00:00
|
|
|
#!/usr/bin/env perl
|
|
|
|
|
|
|
|
# Guestbook CGI Program
|
|
|
|
# Daniel Bowling <swaggboi@slackware.uk>
|
|
|
|
# Sep 2020
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use warnings;
|
|
|
|
use utf8;
|
|
|
|
use open qw{:std :utf8}; # Fix "Wide character in print" warning
|
|
|
|
use CGI qw{-utf8}; # Needed to parse unicode params
|
|
|
|
use CGI::Carp qw{fatalsToBrowser};
|
|
|
|
use XML::LibXML;
|
|
|
|
use WebService::Mattermost;
|
|
|
|
#use Data::Dumper; # Uncomment for debugging
|
|
|
|
|
|
|
|
## Variables ##
|
|
|
|
|
|
|
|
# Create CGI object (query)
|
|
|
|
my $q = CGI->new();
|
|
|
|
|
2021-05-02 23:32:36 +00:00
|
|
|
# Open banned phrases and users files
|
2021-03-06 23:03:04 +00:00
|
|
|
open(my $thoughtCrimes, '.msg.bans') or die "$@";
|
2021-04-03 00:37:49 +00:00
|
|
|
open(my $nameBans, '.name.bans') or die "$@";
|
2021-03-06 23:03:04 +00:00
|
|
|
|
|
|
|
# Get creds file
|
2021-04-03 00:37:49 +00:00
|
|
|
my $dotfile = ".mmCreds.xml";
|
2021-03-06 23:03:04 +00:00
|
|
|
# Create XML::LibXML object
|
2021-04-03 00:37:49 +00:00
|
|
|
my $dom = XML::LibXML->load_xml(location => $dotfile);
|
2021-03-06 23:03:04 +00:00
|
|
|
# Grab the values from creds file
|
2021-04-03 00:37:49 +00:00
|
|
|
my $user = $dom->findvalue('/credentials/username');
|
|
|
|
my $pass = $dom->findvalue('/credentials/password');
|
|
|
|
my $url = $dom->findvalue('/credentials/base_url');
|
|
|
|
my $chan = $dom->findvalue('/credentials/channel_id');
|
|
|
|
my $spam = $dom->findvalue('/credentials/spam_chan_id');
|
2021-03-06 23:03:04 +00:00
|
|
|
# Put the values into place
|
2021-04-03 00:37:49 +00:00
|
|
|
my %conf = (
|
2021-03-06 23:03:04 +00:00
|
|
|
authenticate => 1,
|
|
|
|
username => "$user",
|
|
|
|
password => "$pass",
|
|
|
|
base_url => "$url"
|
|
|
|
);
|
|
|
|
# Create new WebService::Mattermost objects (mm && resource)
|
|
|
|
my $mm = WebService::Mattermost->new(%conf);
|
|
|
|
my $resource = $mm->api->posts;
|
|
|
|
|
|
|
|
## Functions ##
|
|
|
|
|
|
|
|
# Print the form
|
|
|
|
sub form_out {
|
|
|
|
# Begin printing the form
|
|
|
|
print $q->div(
|
|
|
|
{-class => "inner"},
|
|
|
|
|
|
|
|
# Little bit of text
|
|
|
|
$q->p("Use the form below to sign the guestbook and send
|
|
|
|
SwaggNet a message. Please be patient after submitting
|
|
|
|
as messages are checked for spam via cutting-edge
|
|
|
|
Swagg::AI blockchain techmology."),
|
|
|
|
"\n", # Newlines to make it pretty
|
|
|
|
|
|
|
|
# Opening form tag
|
|
|
|
$q->start_form(
|
|
|
|
-name => 'main',
|
|
|
|
-method => 'POST'
|
|
|
|
), "\n",
|
|
|
|
|
|
|
|
# Opening table tag
|
|
|
|
$q->start_table(), "\n",
|
|
|
|
|
|
|
|
# Name field
|
|
|
|
$q->Tr(
|
|
|
|
$q->th("Name:"),
|
|
|
|
$q->td(
|
|
|
|
$q->textfield(
|
|
|
|
-name => "name",
|
|
|
|
-size => 40
|
|
|
|
)
|
|
|
|
)
|
|
|
|
), "\n",
|
|
|
|
|
|
|
|
# Location field
|
|
|
|
$q->Tr(
|
|
|
|
$q->th("Location:"),
|
|
|
|
$q->td(
|
|
|
|
$q->textfield(
|
|
|
|
-name => "location",
|
|
|
|
-size => 40
|
|
|
|
)
|
|
|
|
)
|
|
|
|
), "\n",
|
|
|
|
|
|
|
|
# Message box
|
|
|
|
$q->Tr(
|
|
|
|
$q->th("Message:"),
|
|
|
|
$q->td(
|
|
|
|
$q->textarea(
|
|
|
|
-name => "message",
|
|
|
|
-columns => 50,
|
|
|
|
-rows => 10
|
|
|
|
)
|
|
|
|
)
|
|
|
|
), "\n",
|
|
|
|
|
|
|
|
# Submit button
|
|
|
|
$q->Tr(
|
|
|
|
$q->th(' '), # Non-breaking space
|
|
|
|
$q->td($q->submit(-value => "Submit"))
|
|
|
|
), "\n",
|
|
|
|
|
|
|
|
# Closing table tag
|
|
|
|
$q->end_table(), "\n",
|
|
|
|
|
|
|
|
# Closing form tag
|
|
|
|
$q->end_form(), "\n"
|
|
|
|
) . "\n";
|
|
|
|
}
|
|
|
|
|
|
|
|
# Process params & say thanks
|
|
|
|
sub params_in {
|
|
|
|
# Params to variables
|
|
|
|
my $name = $q->param("name");
|
|
|
|
my $location = $q->param("location");
|
|
|
|
my $message = $q->param("message");
|
|
|
|
|
|
|
|
# Enforce max length for params
|
|
|
|
if (length($name) < 1 || (length($name) >= 40)) {
|
|
|
|
die "Name field must be between 1 and 40 characters\n"
|
2021-05-02 23:32:36 +00:00
|
|
|
}
|
|
|
|
elsif (length($location) < 1 || length($location) >= 40) {
|
2021-03-06 23:03:04 +00:00
|
|
|
die "Location field must be between 1 and 40 characters\n"
|
2021-05-02 23:32:36 +00:00
|
|
|
}
|
|
|
|
elsif (length($message) < 1 || length($message) >= 1900) {
|
2021-03-06 23:03:04 +00:00
|
|
|
die "Message field must be between 1 and 1900 characters\n"
|
|
|
|
}
|
|
|
|
|
|
|
|
# Variable set for banned user
|
2021-05-02 23:07:50 +00:00
|
|
|
my ($ban, $trigger);
|
2021-03-06 23:03:04 +00:00
|
|
|
|
|
|
|
# Parse the banned names list
|
|
|
|
chomp(my @nameBan = <$nameBans>);
|
|
|
|
for (@nameBan) {
|
2021-05-02 23:07:50 +00:00
|
|
|
last if $ban;
|
|
|
|
|
|
|
|
if ($name =~ /$_/i) {
|
|
|
|
$ban = 1;
|
|
|
|
$trigger = $_;
|
|
|
|
}
|
2021-03-06 23:03:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
# Parse the banned phrases list
|
|
|
|
chomp(my @thoughtCrime = <$thoughtCrimes>);
|
|
|
|
for (@thoughtCrime) {
|
2021-05-02 23:07:50 +00:00
|
|
|
last if $ban;
|
|
|
|
|
|
|
|
if ($message =~ /$_/i) {
|
|
|
|
$ban = 1;
|
|
|
|
$trigger = $_;
|
|
|
|
}
|
2021-03-06 23:03:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
# Send it unless ban is true; else send it to spam if spam chan is
|
|
|
|
# defined
|
|
|
|
unless ($ban) {
|
|
|
|
$resource->create(
|
|
|
|
{
|
|
|
|
channel_id => "$chan",
|
|
|
|
message => "$name from $location says: $message"
|
|
|
|
}
|
|
|
|
);
|
2021-05-02 23:07:50 +00:00
|
|
|
}
|
|
|
|
elsif ($spam) {
|
2021-03-06 23:03:04 +00:00
|
|
|
$resource->create(
|
|
|
|
{
|
|
|
|
channel_id => "$spam",
|
2021-05-02 23:07:50 +00:00
|
|
|
message => "$name from $location says: $message\n\n" .
|
|
|
|
"Spam trigger: `$trigger`"
|
2021-03-06 23:03:04 +00:00
|
|
|
}
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
# Say thanks (even if banned, e.g. shadow ban)
|
|
|
|
print $q->div(
|
|
|
|
{-class => "inner"},
|
|
|
|
$q->h2("Thanks!"),
|
|
|
|
$q->p("Your note has been sent, thanks for using the
|
|
|
|
guestbook.")
|
|
|
|
) . "\n";
|
|
|
|
}
|
|
|
|
|
|
|
|
## Begin script ##
|
|
|
|
|
|
|
|
# Print header
|
|
|
|
print $q->header(-charset => 'UTF-8');
|
|
|
|
|
|
|
|
# Print the head & title, begin the body
|
|
|
|
print $q->start_html(
|
2021-05-02 23:32:36 +00:00
|
|
|
-dtd => 'html',
|
2021-03-06 23:03:04 +00:00
|
|
|
-title => 'SwaggNet Guestbook',
|
|
|
|
-style => '/css/swagg.css'
|
|
|
|
);
|
|
|
|
|
|
|
|
# Heading
|
|
|
|
print $q->div(
|
|
|
|
{-class => "outer"},
|
|
|
|
$q->h1("Swagg::Net Guestbook"),
|
|
|
|
$q->br(),
|
|
|
|
"\n"
|
|
|
|
) . "\n";
|
|
|
|
|
|
|
|
# Process returned params if present; else print form
|
2021-05-02 23:32:36 +00:00
|
|
|
$q->param() ? params_in() : form_out();
|
2021-03-06 23:03:04 +00:00
|
|
|
|
|
|
|
# Print link to go back to homepage in footer
|
|
|
|
print $q->div(
|
|
|
|
{-class => "inner"},
|
|
|
|
$q->br(),
|
|
|
|
"<footer>Go back to", # CGI.pm doesn't have footer tag?
|
|
|
|
$q->a({-href => "/"}, "homepage"),
|
|
|
|
"</footer>\n" # Closing footer tag
|
|
|
|
);
|
|
|
|
|
|
|
|
# Close body
|
|
|
|
print $q->end_html() . "\n";
|