www2.0/cgi-bin/guest_mm.cgi

225 lines
5.6 KiB
Plaintext
Raw Normal View History

2021-03-06 23:03:04 +00:00
#!/usr/bin/env perl
# Guestbook CGI Program
# Daniel Bowling <swaggboi@slackware.uk>
# Sep 2020
use strict;
use warnings;
use utf8;
use open qw{:std :utf8}; # Fix "Wide character in print" warning
use CGI qw{-utf8}; # Needed to parse unicode params
use CGI::Carp qw{fatalsToBrowser};
use XML::LibXML;
use WebService::Mattermost;
#use Data::Dumper; # Uncomment for debugging
## Variables ##
# Create CGI object (query)
my $q = CGI->new();
2021-05-02 23:32:36 +00:00
# Open banned phrases and users files
2021-03-06 23:03:04 +00:00
open(my $thoughtCrimes, '.msg.bans') or die "$@";
2021-04-03 00:37:49 +00:00
open(my $nameBans, '.name.bans') or die "$@";
2021-03-06 23:03:04 +00:00
# Get creds file
2021-04-03 00:37:49 +00:00
my $dotfile = ".mmCreds.xml";
2021-03-06 23:03:04 +00:00
# Create XML::LibXML object
2021-04-03 00:37:49 +00:00
my $dom = XML::LibXML->load_xml(location => $dotfile);
2021-03-06 23:03:04 +00:00
# Grab the values from creds file
2021-04-03 00:37:49 +00:00
my $user = $dom->findvalue('/credentials/username');
my $pass = $dom->findvalue('/credentials/password');
my $url = $dom->findvalue('/credentials/base_url');
my $chan = $dom->findvalue('/credentials/channel_id');
my $spam = $dom->findvalue('/credentials/spam_chan_id');
2021-03-06 23:03:04 +00:00
# Put the values into place
2021-04-03 00:37:49 +00:00
my %conf = (
2021-03-06 23:03:04 +00:00
authenticate => 1,
username => "$user",
password => "$pass",
base_url => "$url"
);
# Create new WebService::Mattermost objects (mm && resource)
my $mm = WebService::Mattermost->new(%conf);
my $resource = $mm->api->posts;
## Functions ##
# Print the form
sub form_out {
# Begin printing the form
print $q->div(
{-class => "inner"},
# Little bit of text
$q->p("Use the form below to sign the guestbook and send
SwaggNet a message. Please be patient after submitting
as messages are checked for spam via cutting-edge
Swagg::AI blockchain techmology."),
"\n", # Newlines to make it pretty
# Opening form tag
$q->start_form(
-name => 'main',
-method => 'POST'
), "\n",
# Opening table tag
$q->start_table(), "\n",
# Name field
$q->Tr(
$q->th("Name:"),
$q->td(
$q->textfield(
-name => "name",
-size => 40
)
)
), "\n",
# Location field
$q->Tr(
$q->th("Location:"),
$q->td(
$q->textfield(
-name => "location",
-size => 40
)
)
), "\n",
# Message box
$q->Tr(
$q->th("Message:"),
$q->td(
$q->textarea(
-name => "message",
-columns => 50,
-rows => 10
)
)
), "\n",
# Submit button
$q->Tr(
$q->th('&nbsp;'), # Non-breaking space
$q->td($q->submit(-value => "Submit"))
), "\n",
# Closing table tag
$q->end_table(), "\n",
# Closing form tag
$q->end_form(), "\n"
) . "\n";
}
# Process params & say thanks
sub params_in {
# Params to variables
my $name = $q->param("name");
my $location = $q->param("location");
my $message = $q->param("message");
# Enforce max length for params
if (length($name) < 1 || (length($name) >= 40)) {
die "Name field must be between 1 and 40 characters\n"
2021-05-02 23:32:36 +00:00
}
elsif (length($location) < 1 || length($location) >= 40) {
2021-03-06 23:03:04 +00:00
die "Location field must be between 1 and 40 characters\n"
2021-05-02 23:32:36 +00:00
}
elsif (length($message) < 1 || length($message) >= 1900) {
2021-03-06 23:03:04 +00:00
die "Message field must be between 1 and 1900 characters\n"
}
# Variable set for banned user
2021-05-02 23:07:50 +00:00
my ($ban, $trigger);
2021-03-06 23:03:04 +00:00
# Parse the banned names list
chomp(my @nameBan = <$nameBans>);
for (@nameBan) {
2021-05-02 23:07:50 +00:00
last if $ban;
if ($name =~ /$_/i) {
$ban = 1;
$trigger = $_;
}
2021-03-06 23:03:04 +00:00
}
# Parse the banned phrases list
chomp(my @thoughtCrime = <$thoughtCrimes>);
for (@thoughtCrime) {
2021-05-02 23:07:50 +00:00
last if $ban;
if ($message =~ /$_/i) {
$ban = 1;
$trigger = $_;
}
2021-03-06 23:03:04 +00:00
}
# Send it unless ban is true; else send it to spam if spam chan is
# defined
unless ($ban) {
$resource->create(
{
channel_id => "$chan",
message => "$name from $location says: $message"
}
);
2021-05-02 23:07:50 +00:00
}
elsif ($spam) {
2021-03-06 23:03:04 +00:00
$resource->create(
{
channel_id => "$spam",
2021-05-02 23:07:50 +00:00
message => "$name from $location says: $message\n\n" .
"Spam trigger: `$trigger`"
2021-03-06 23:03:04 +00:00
}
);
}
# Say thanks (even if banned, e.g. shadow ban)
print $q->div(
{-class => "inner"},
$q->h2("Thanks!"),
$q->p("Your note has been sent, thanks for using the
guestbook.")
) . "\n";
}
## Begin script ##
# Print header
print $q->header(-charset => 'UTF-8');
# Print the head & title, begin the body
print $q->start_html(
2021-05-02 23:32:36 +00:00
-dtd => 'html',
2021-03-06 23:03:04 +00:00
-title => 'SwaggNet Guestbook',
-style => '/css/swagg.css'
);
# Heading
print $q->div(
{-class => "outer"},
$q->h1("Swagg::Net Guestbook"),
$q->br(),
"\n"
) . "\n";
# Process returned params if present; else print form
2021-05-02 23:32:36 +00:00
$q->param() ? params_in() : form_out();
2021-03-06 23:03:04 +00:00
# Print link to go back to homepage in footer
print $q->div(
{-class => "inner"},
$q->br(),
"<footer>Go back to", # CGI.pm doesn't have footer tag?
$q->a({-href => "/"}, "homepage"),
"</footer>\n" # Closing footer tag
);
# Close body
print $q->end_html() . "\n";