-#!/usr/bin/perl
-
-# ====================================================
-# Autor: n.d.p. / 2001-01-23
-# lm : n.d.p. / 2001-01-25
-# ====================================================
-# Funktion:
-# Entgegennahme von Postings und
-# Darstellung der "Neue Nachricht"-Seite
-# ====================================================
+#!/usr/bin/perl -wT
+
+################################################################################
+# #
+# File: user/fo_posting.pl #
+# #
+# Authors: André Malo <nd@o3media.de>, 2001-03-31 #
+# #
+# Description: Accept new postings, display "Neue Nachricht" page #
+# #
+# not ready, be patient please #
+# #
+################################################################################
use strict;
-use vars qw($Bin $Shared $Script %subhash $httpurl $flocked);
+use vars qw($Bin $Shared $Script);
+# locate the script
BEGIN {
- ($Bin) = ($0 =~ /^(.*)\/.*$/)? $1 : '.';
+ my $null = $0; $null =~ s/\\/\//g; # for win :-(
+ ($Bin) = ($null =~ /^(.*)\/.*$/)? $1 : '.';
$Shared = "$Bin/../shared";
- ($Script) = ($0 =~ /^.*\/(.*)$/)? $1 : $0;}
-
-use CGI::Carp qw(fatalsToBrowser);
+ ($Script) = ($null =~ /^.*\/(.*)$/)? $1 : $null;
+}
use lib "$Shared";
-use Conf;
-use Encode::Plain; $Encode::Plain::utf8 = 1;
-use Encode::Posting;
-use Id;
-use Lock qw(:ALL);
-use Mail;
-use Posting::_lib qw(get_all_threads get_message_node get_message_header hr_time);
-use Posting::Write;
-use Template;
-use Template::Posting;
+use CGI::Carp qw(fatalsToBrowser);
-use CGI qw(param header);
+#use Conf;
+#use Encode::Plain; $Encode::Plain::utf8 = 1; # generally convert from UTF-8
+#use Id;
+#use Posting::Write;
+#use Template;
+#use Template::Posting;
-use XML::DOM;
+#use autouse 'Encode::Posting' => qw();
-print header (-type => 'text/html');
+# load script configuration and admin default conf.
+my $conf = read_script_conf ($Bin, $Shared, $Script);
+my $adminDefault = read_admin_conf ($conf -> {files} -> {adminDefault});
-our $conf = read_script_conf ($Bin, $Shared, $Script);
+# Initializing the request
+my $response = new Posting::Response ($conf, $adminDefault);
-our $show_posting = $conf -> {show} -> {Posting};
-our $assign = $show_posting -> {assign};
-our $formmust = $show_posting -> {form} -> {must};
-our $formdata = $show_posting -> {form} -> {data};
-our $formact = $show_posting -> {form} -> {action};
-our $template = new Template "$Bin/".$show_posting -> {templateFile};
-our $pars = {};
-our ($failed, %dparam, $threads, $last_thread, $last_message, $ftid, $fmid, $flocked);
+# fetch and parse the cgi-params
+#
+$response -> parse_cgi;
-sub forum_filename () {$conf -> {wwwRoot} . $conf -> {files} -> {forum};}
-sub message_path () {$conf -> {wwwRoot} . $conf -> {files} -> {messagePath};}
+# no further checks after fatal errors
+#
+if ($response -> success or $response -> error_type ne 'fatal') {
+ $response -> success (
+ $response -> check_reply
+ && $response -> check_dupe
+ && $response -> success
+ );
+}
-################################
-# Formfelder ausfuellen (Namen)
-for (qw(posterBody uniqueID followUp quoteChar userID posterName posterEmail posterCategory posterSubject posterURL posterImage)) {
- $pars -> {$formdata -> {$_} -> {assign} -> {name}} = plain($formdata -> {$_} -> {name});}
+# handle errors or save the posting
+#
+$response -> handle_error or $response -> save;
-my $checked = &check_param;
+# show response
+#
+$response -> response;
-unless (exists ($subhash {$checked})) {
- &print_fatal ($assign -> {unknownError});}
+#
+#
+### main end ###################################################################
-else {
- unless ($checked eq 'newThread') {
- $checked = &check_reply_dupe() || $checked;}
+################################################################################
+### Posting::Response ##########################################################
+package Posting::Response;
- unless (exists ($subhash {$checked})) {
- &print_fatal ($assign -> {unknownError});}
- else {
- &{$subhash {$checked}};}
+use Lock qw(:ALL);
+use Posting::_lib qw(
+ hr_time
+ parse_xml_file
+ get_all_threads get_message_node get_message_header
+ KEEP_DELETED
+ );
- if ($flocked) {
- violent_unlock_file (forum_filename) unless (write_unlock_file (forum_filename));}}
+use autouse 'CheckRFC' => qw(is_email is_URL);
+use CGI;
-# ====================================================
-# end of main / Funktionen
-# ====================================================
+sub success {$_[0] -> {check_success} = defined $_[1]?$_[1]:$_[0] -> {check_success}}
+sub error_type {$_[0] -> {error} -> {type}}
-################################
-# sub check_reply_dupe
+### sub new ####################################################################
#
-# Reply moeglich?
-# Doppelposting?
-################################
-
-sub check_reply_dupe () {
- my $stat;
-
- unless ($stat = write_lock_file (forum_filename)) {
- if ($stat == 0) {
- # ueberlastet oder so
- violent_unlock_file (forum_filename);
- return 'Occupied';}
+# initialising the Posting::Response object
+# check parameters and fill in object properties
+#
+sub new {
+ my ($class, $conf, $adminDefault) = @_;
- else {
- return 'masterLock';}}
+ my $sp = $conf -> {show} -> {Posting};
- else {
- my ($i, %msg, %unids);
+ my $self = {
+ conf => {
+ original => $conf,
+ admin => $adminDefault,
- $flocked = 1;
+ message_path => $conf -> {files} -> {messagePath},
+ forum_file_name => $conf -> {files} -> {forum},
- ($threads, $last_thread, $last_message, my $unids) = get_all_threads (forum_filename, 1, 0);
- ($ftid,$fmid) = split /;/,$dparam{$formdata -> {followUp} -> {name}},2;
+ show_posting => $sp,
+ assign => $sp -> {assign},
+ form_must => $sp -> {form} -> {must},
+ form_data => $sp -> {form} -> {data},
+ form_action => $sp -> {form} -> {action},
+ },
- # Thread existiert nicht
- if (exists($dparam{$formdata -> {followUp} -> {name}})) {
- return 'noReply' unless (exists($threads -> {$ftid}));
+ template => new Template $sp -> {templateFile},
+ response => {},
+ forum => {},
+ error => {}
+ };
- # nur nicht geloeschte Messages beachten
- for ($i=0; $i < @{$threads -> {$ftid}}; $i++) {
- if ($threads -> {$ftid} -> [$i] -> {deleted}) {
- $+=$threads -> {$ftid} -> [$i] -> {answers};}
+ bless $self, $class;
+}
- else {
- $msg{$threads -> {$ftid} -> [$i] -> {mid}}=$i;}}
+### sub save ###################################################################
+#
+# save posting
+# check on legal reply or dupe is released here
+#
+# Return: -none-
+#
+sub save {
+ my $self = shift;
- # Message existiert nicht
- if (exists($dparam{$formdata -> {followUp} -> {name}})) {
- return 'noReply' unless (exists($msg{$fmid}));}
+ # if an empty 'new message' document, there's nothing to save
+ #
+ return if ($self -> {response} -> {new_thread});
- %unids = map {$_ => 1} @{$threads -> {$ftid} -> [$msg{$fmid}] -> {unids}};}
+ # lock and load the forum main file
+ #
+ if ($self -> load_main_file) {
+
+ # if a reply - is it legal?
+ # is it a dupe?
+ #
+ if ($self -> check_reply and $self -> check_dupe) {
+
+ # we've got an opening
+ #
+ if ($self -> {response} -> {new}) {
+ $self -> save_new;
+ }
+
+ # we've got a reply
+ #
+ elsif ($self -> {response} -> {reply}) {
+ $self -> save_reply;
+ }
+
+ # don't know, if we any time come to this branch
+ # the script is probably broken
+ #
+ else {
+ $self -> {error} = {
+ spec => 'unknown_error',
+ type => 'fatal'
+ };
+ }
+ }
+ }
- else {
- %unids = map {$_ => 1} @$unids;}
+ # unlock forum main file
+ #
+ if ($self -> {forum} -> {flocked}) {
+ violent_unlock_file($self -> {forum_file_name}) unless unlock_file ($self -> {forum_file_name});
+ $self -> {forum} -> {flocked} = 0;
+ }
- # jetzt endlich
- return 'Dupe' if (exists ($unids{$dparam{$formdata -> {uniqueID} -> {name}}}));}
+ $self -> handle_error unless $self -> {check_success};
return;
}
-################################
-# sub got_new
-#
-# Eroeffnungsposting speichern
-################################
-
-sub got_new () {
-
- my $time = time;
- my $pars = {author => $dparam {$formdata -> {posterName} -> {name}},
- email => $dparam {$formdata -> {posterEmail} -> {name}},
- category => $dparam {$formdata -> {posterCategory} -> {name}},
- subject => $dparam {$formdata -> {posterSubject} -> {name}},
- body => $dparam {$formdata -> {posterBody} -> {name}},
- homepage => $dparam {$formdata -> {posterURL} -> {name}},
- image => $dparam {$formdata -> {posterImage} -> {name}},
- time => $time,
- uniqueID => $dparam {$formdata -> {uniqueID} -> {name}},
- ip => $ENV{REMOTE_ADDR},
- forumFile => forum_filename,
- messagePath => message_path,
- lastThread => $last_thread,
- lastMessage => $last_message,
- parsedThreads => $threads,
- dtd => 'forum.dtd',
- quoteChars => toUTF8('»» '),
- messages => $conf -> {template} -> {messages}};
-
- my ($stat, $xml, $mid) = write_posting ($pars);
- violent_unlock_file (forum_filename) unless (write_unlock_file (forum_filename));
- $flocked = undef;
-
- if ($stat) {
- print "Och noe...: $stat";}
+### sub parse_cgi ##############################################################
+#
+# fetch and decode cgi-parameters,
+# find out the kind of response requested by the user (new message, reply)
+#
+# Return: -none-
+#
+sub parse_cgi {
+ my $self = shift;
- else {
- my $thx = $show_posting -> {thanx};
-
- print ${$template -> scrap ($assign -> {docThx},
- {$thx -> {author} => plain ($dparam {$formdata -> {posterName} -> {name}}),
- $thx -> {email} => plain ($dparam {$formdata -> {posterEmail} -> {name}}),
- $thx -> {time} => plain (hr_time($time)),
- $thx -> {body} => message_as_HTML ($xml, $template,
- {posting => $mid,
- assign => $assign}),
- $thx -> {category} => plain ($dparam {$formdata -> {posterCategory} -> {name}}),
- $thx -> {home} => plain ($dparam {$formdata -> {posterURL} -> {name}}),
- $thx -> {image} => plain ($dparam {$formdata -> {posterImage} -> {name}}),
- $thx -> {subject} => plain ($dparam {$formdata -> {posterSubject} -> {name}})})};}
- return;
-}
+ # create the CGI object
+ #
+ my $q = new CGI;
+ $self -> {cgi_object} = $q;
-################################
-# sub got_reply
-#
-# Antwortposting speichern
-################################
-
-sub got_reply () {
- my $stat;
-
- my $time = time;
- my $pars = {author => $dparam {$formdata -> {posterName} -> {name}},
- email => $dparam {$formdata -> {posterEmail} -> {name}},
- category => $dparam {$formdata -> {posterCategory} -> {name}},
- subject => $dparam {$formdata -> {posterSubject} -> {name}},
- body => $dparam {$formdata -> {posterBody} -> {name}},
- homepage => $dparam {$formdata -> {posterURL} -> {name}},
- image => $dparam {$formdata -> {posterImage} -> {name}},
- time => $time,
- uniqueID => $dparam {$formdata -> {uniqueID} -> {name}},
- ip => $ENV{REMOTE_ADDR},
- parentMessage => $fmid,
- thread => $ftid,
- forumFile => forum_filename,
- messagePath => message_path,
- lastThread => $last_thread,
- lastMessage => $last_message,
- parsedThreads => $threads,
- dtd => 'forum.dtd',
- quoteChars => toUTF8('»» '),
- messages => $conf -> {template} -> {messages}};
-
- ($stat, my $xml, my $mid) = write_posting ($pars);
- violent_unlock_file (forum_filename) unless (write_unlock_file (forum_filename));
- $flocked = undef;
-
- if ($stat) {
- print "Och noe...: $stat";}
+ # check the params
+ #
+ $self -> {check_success} = $self -> check_cgi;
- else {
- my $thx = $show_posting -> {thanx};
-
- print ${$template -> scrap ($assign -> {docThx},
- {$thx -> {author} => plain ($dparam {$formdata -> {posterName} -> {name}}),
- $thx -> {email} => plain ($dparam {$formdata -> {posterEmail} -> {name}}),
- $thx -> {time} => plain (hr_time($time)),
- $thx -> {body} => message_as_HTML ($xml, $template,
- {posting => $mid,
- assign => $assign}),
- $thx -> {category} => plain ($dparam {$formdata -> {posterCategory} -> {name}}),
- $thx -> {home} => plain ($dparam {$formdata -> {posterURL} -> {name}}),
- $thx -> {image} => plain ($dparam {$formdata -> {posterImage} -> {name}}),
- $thx -> {subject} => plain ($dparam {$formdata -> {posterSubject} -> {name}})})};}
+ return;
}
-################################
-# sub new_thread
+### sub load_main_file #########################################################
#
-# HTML fuer Eroeffnungsposting
-################################
-
-sub new_thread () {
- my $list = [map {{$assign -> {optval} => plain($_)}} @{$formdata -> {posterCategory} -> {values}}];
-
- # spaeter kommen noch userspezifische Daten dazu...
- print ${$template -> scrap ($assign -> {docNew},
- {$formdata->{uniqueID} ->{assign}->{value} => plain(unique_id),
- $formdata->{quoteChar} ->{assign}->{value} => 'ÿ'.plain(toUTF8('»» ')),
- $formact->{post}->{assign} => $formact->{post}->{url},
- $formdata->{posterCategory}->{assign}->{value} => $template->list ($assign -> {option}, $list)
- },$pars)};
-}
-
-################################
-# diverse subs
+# load and parse the forum main file
#
-# Fehlermeldungen
-################################
-
-sub no_reply () {&print_fatal ($assign -> {noReply});}
-sub dupe_posting () {&print_fatal ($assign -> {dupe});}
-sub missing_key () {&print_fatal ($assign -> {wrongPar});}
-sub unexpected_key () {&print_fatal ($assign -> {wrongPar});}
-sub unknown_encoding () {&print_fatal ($assign -> {wrongCode});}
-sub too_short () {
- if ($formdata -> {$failed} -> {errorType} eq 'repeat') {
- &print_error ($formdata -> {$failed} -> {assign} -> {tooShort},
- $formdata -> {$failed} -> {minlength});}
-
+# Return: Success (true/false)
+#
+sub load_main_file {
+ my $self = shift;
+ my $lock_stat;
+
+ unless ($lock_stat = write_lock_file ($self ->{forum_file_name})) {
+ if ($lock_stat == 0) {
+ # occupied or no w-bit set for the directory..., hmmm
+ #
+ violent_unlock_file ($self -> {forum_file_name});
+ $self -> {error} = {
+ spec => 'occupied',
+ type => 'fatal'
+ };
+ return;
+ }
+ else {
+ # master lock is set
+ #
+ $self -> {error} = {
+ spec => 'master_lock',
+ type => 'fatal'
+ };
+ return;
+ }
+ }
else {
- &print_fatal ($formdata -> {$failed} -> {assign} -> {tooShort});}
-}
-
-sub too_long () {
- if ($formdata -> {$failed} -> {errorType} eq 'repeat') {
- &print_error ($formdata -> {$failed} -> {assign} -> {tooLong},
- $formdata -> {$failed} -> {maxlength});}
+ $self -> {forum} -> {flocked} = 1;
+ ( $self -> {forum} -> {threads},
+ $self -> {forum} -> {last_thread},
+ $self -> {forum} -> {last_message},
+ undef,
+ $self -> {forum} -> {unids}
+ ) = get_all_threads ($self -> {forum_file_name}, KEEP_DELETED);
+ }
- else {
- &print_fatal ($formdata -> {$failed} -> {assign} -> {tooLong});}
+ # ok, looks good
+ 1;
}
-sub wrong_mail () {print_error ($formdata -> {$failed} -> {assign} -> {wrong});}
-sub occupied () {print_error ($assign -> {occupied});}
-
-################################
-# sub print_fatal
+### sub check_reply ############################################################
#
-# fatale Fehlerausgabe
-################################
-
-sub print_fatal ($) {
- print ${$template -> scrap ($assign -> {docFatal},
- {$assign -> {errorMessage} => $template -> insert ($_[0])
- },$pars)};
-}
-
-################################
-# sub print_error
+# check whether a reply is legal
+# (followup posting must exists)
#
-# Fehlerausgabe, Moeglichkeit
-# zur Korrektur
-################################
-
-sub print_error ($;$) {
- &fillin;
- print ${$template -> scrap ($assign -> {docError},
- {$assign -> {errorMessage} => $template -> insert ($_[0]),
- $assign -> {charNum} => $_[1]
- },$pars)};
-}
-
-################################
-# sub fetch_subject
+# Return: Status Code (Bool)
#
-# Subject und Category besorgen
-# (wenn noch nicht vorhanden)
-################################
+sub check_reply {
+ my $self = shift;
-sub fetch_subject () {
- unless (exists ($dparam{$formdata -> {posterCategory} -> {name}}) and
- exists ($dparam{$formdata -> {posterSubject} -> {name}})) {
-
- my $filename = message_path.'t'.$ftid.'.xml';
-
- if (lock_file ($filename)) {
- my $xml = new XML::DOM::Parser -> parsefile ($filename);
- violent_unlock_file($filename) unless unlock_file ($filename);
+ # return true unless it's not a reply
+ #
+ return 1 unless $self -> {response} -> {reply};
- my $mnode = get_message_node ($xml, "t$ftid", "m$fmid");
- my $header = get_message_header ($mnode);
- $dparam{$formdata -> {posterCategory} -> {name}} = $header -> {category};
- $dparam{$formdata -> {posterSubject} -> {name}} = $header -> {subject};}}
}
-################################
-# sub fillin
+### sub check_dupe #############################################################
#
-# Fuellen von $pars
-# (bereits vorhandene Formdaten)
-################################
-
-sub fillin () {
- fetch_subject;
-
- my $list = [map {{$assign -> {optval} => plain($_),
- (($_ eq $dparam{$formdata -> {posterCategory} -> {name}})?($assign -> {optsel} => 1):())}}
- @{$formdata -> {posterCategory} -> {values}}];
-
- $pars -> {$formdata->{posterCategory}->{assign}->{value}} = $template->list ($assign -> {option}, $list);
- $pars -> {$formact ->{post}->{assign}} = $formact->{post}->{url};
- $pars -> {$formdata->{quoteChar}->{assign}->{value}} = 'ÿ'.plain($dparam {$formdata -> {quoteChar} -> {name}} or '');
+# check whether this form request is a dupe
+# (unique id already exists)
+#
+# Return: Status Code (Bool)
+#
+sub check_dupe {
+ my $self = shift;
- # Formfelder ausfuellen (Werte)
- for (qw(uniqueID userID followUp posterName posterEmail posterSubject posterBody posterURL posterImage)) {
- $pars -> {$formdata->{$_}->{assign}->{value}} = plain($dparam {$formdata -> {$_} -> {name}});}
+ return 1 if ($self -> {response} -> {new_thread});
}
-################################
-# sub decode_param
+### sub check_cgi ##############################################################
+#
+# cgi params are like raw eggs...
#
-# CGI-Parameter decodieren
-# (rudimentaerer UTF8-support)
-################################
+# Return: Status Code (Bool)
+# creates content for the handle_error method if anything fails
+#
+sub check_cgi {
+ my $self = shift;
-sub decode_param () {
- my $code = param ($formdata -> {quoteChar} -> {name});
- my @array;
+ # count the submitted keys and get the keys themselves
+ #
+ my %got_keys = map {($_ => 1)} $self -> {cgi_object} -> param;
+ my $cnt_got_keys = keys %got_keys;
+ my $formdata = $self -> {conf} -> {form_data};
+ my $formmust = $self -> {conf} -> {form_must};
- # UTF-8 ([hoechst-]wahrscheinlich)
- if ($code =~ /^\303\277/) {
+ # user requested the 'new thread' page
+ # (no params or only the user-ID has been submitted)
+ #
+ if ($cnt_got_keys == 0 or (
+ exists ($formdata -> {userID})
+ and $cnt_got_keys == 1
+ and $got_keys{$formdata -> {userID} -> {name}}
+ )
+ ) {
+ $self -> {response} -> {new_thread} = 1;
+ return 1;
+ }
- foreach (param) {
- @array=param ($_);
+ # now we know, we've got a filled out form
+ # we do the following steps to check it:
+ #
+ # 1st: create a reverse Hash (CGI-key - identifier)
+ # 2nd: did we get _all_ must-keys?
+ # check whether reply or new message request
+ # 3rd: did we get too many keys?
+ # 4th: do _all_ submitted values accord to
+ # our expectations?
+ # fetch the "missing" keys
+ #
- if (@array == 1) {
- $dparam{$_} = $array[0];}
+ # 1
+ #
+ my %name = map {($formdata -> {$_} -> {name} => $_)} keys %$formdata;
- else {
- $dparam{$_} = \@array;}}}
+ # 2
+ #
+ $self -> {response} -> {reply} = $got_keys {$formdata -> {followUp} -> {name}}? 1 : 0;
+ $self -> {response} -> {new} = not $self -> {response} -> {reply};
- # Latin 1 (hoffentlich - eigentlich ist es gar keine Codierung...)
- elsif ($code =~ /^\377/) {
- foreach (param) {
- @array=param ($_);
+ # define the fetch array (values to fetch from parent message)
+ #
+ $self -> {fetch} = [];
- if (@array == 1) {
- $dparam{$_} = toUTF8($array[0]);}
+ for ( @{$formmust -> {$self -> {response} -> {reply}?'reply':'new'}} ) {
- else {
- $dparam{$_} = [map {toUTF8($_)} @array];}}}
+ unless ($got_keys {$formdata -> {$_} -> {name}}) {
- # unbekannte Codierung
- else {
- return;}
+ # only miss the key unless we're able to fetch it from parent posting
+ #
+ unless (
+ $self -> {response} -> {new}
+ or $formdata -> {$name {$_}} -> {errorType} eq 'fetch') {
- # ersten beiden Zeichen der Quotechars loeschen (Indikator [ÿ (als UTF8)])
- $dparam {$formdata -> {quoteChar} -> {name}} = ($dparam {$formdata -> {quoteChar} -> {name}} =~ /..(.*)/)[0];
+ $self -> {error} = {
+ spec => 'missing_key',
+ type => 'fatal'
+ };
+ return;
+ }
+ else {
+ # keep in mind to fetch the value later
+ #
+ push @{$self -> {fetch}} => $name {$_};
+ }
+ }
+ }
- delete $dparam {$formdata -> {posterURL} -> {name}}
- unless ($dparam {$formdata -> {posterURL} -> {name}} =~ /$httpurl/);
+ # 3
+ #
+ for ($self -> {cgi_object} -> param) {
+ unless (exists ($name {$_})) {
+ $self -> {error} = {
+ spec => 'unexpected_key',
+ desc => $name{$_},
+ type => 'fatal'
+ };
+ return;
+ }
+ }
+
+ # 4
+ #
+ unless ($self -> decode_param) {
+ $self -> {error} = {
+ spec => 'unknown_encoding',
+ type => 'fatal'
+ };
+ return;
+ };
+
+ # I'm lazy - I know...
+ my $q = $self -> {cgi_object};
+
+ if ($self -> {response} -> {reply}) {
+
+ # get the parent-identifiers if we got a reply request
+ #
+ my ($ftid, $fmid) = split /;/ => $q -> param ($formdata -> {followUp} -> {name}) => 2;
+
+ unless ($ftid =~ /\d+/ and $fmid =~ /\d+/) {
+ $self -> {error} = {
+ spec => 'unknown_followup',
+ type => 'fatal'
+ };
+ return;
+ }
+ $self -> {fup_tid} = $ftid;
+ $self -> {fup_mid} = $fmid;
+
+ # fetch the missing keys
+ # if it fails, they're too short, too... ;)
+ #
+ $self -> fetch;
+ $got_keys{$_}=1 for (@{$self -> {fetch}});
+ }
- delete $dparam {$formdata -> {posterImage} -> {name}}
- unless ($dparam {$formdata -> {posterImage} -> {name}} =~ /$httpurl/);
+ # now we can check on length, type etc.
+ #
+ for (keys %got_keys) {
+
+ # we are sure, we've got only one value for one key
+ #
+ my $val = $q -> param ($_);
+
+ $val =~ s/\302\240/ /g; # convert nbsp (UTF-8 encoded) into normal spaces
+ $val =~ s/\015\012|\015|\012/ /g # convert \n into spaces unless it's a multiline field
+ unless (
+ exists ($formdata -> {$name {$_}} -> {type})
+ and $formdata -> {$name {$_}} -> {type} eq 'multiline-text'
+ );
+
+ $q -> param ($_ => $val); # write it back
+
+ # too long?
+ #
+ if (length $val > $formdata -> {$name {$_}} -> {maxlength}) {
+ $self -> {error} = {
+ spec => 'too_long',
+ desc => $name{$_},
+ type => $formdata -> {$name {$_}} -> {errorType}
+ };
+ return;
+ }
+
+ # too short?
+ # (only check if there's defined a minimum length)
+ #
+ if (exists ($formdata -> {$name {$_}} -> {minlength})) {
+
+ # kill the whitespaces to get only the visible characters...
+ #
+ (my $val_ww = $val) =~ s/\s+//g;
+
+ if (length $val_ww < $formdata -> {$name {$_}} -> {minlength}) {
+ $self -> {error} = {
+ spec => 'too_short',
+ desc => $name{$_},
+ type => $formdata -> {$name {$_}} -> {errorType}
+ };
+ return;
+ }
+ }
+
+ # check the values on expected kinds of content
+ # (email, http-url, url)
+ #
+ if (exists ($formdata -> {$name {$_}} -> {type}) and length $val) {
+ if ($formdata -> {$name {$_}} -> {type} eq 'email' and not is_email $val) {
+ $self -> {error} = {
+ spec => 'wrong_mail',
+ desc => $name{$_},
+ type => $formdata -> {$name {$_}} -> {errorType}
+ };
+ return;
+ }
+
+ elsif ($formdata -> {$name {$_}} -> {type} eq 'http-url' and not is_URL $val => 'http') {
+ $self -> {error} = {
+ spec => 'wrong_http_url',
+ desc => $name{$_},
+ type => $formdata -> {$name {$_}} -> {errorType}
+ };
+ return;
+ }
+
+ elsif ($formdata -> {$name {$_}} -> {type} eq 'url' and not is_URL $val => ':ALL') {
+ $self -> {error} = {
+ spec => 'wrong_url',
+ desc => $name{$_},
+ type => $formdata -> {$name {$_}} -> {errorType}
+ };
+ return;
+ }
+ }
+ }
- # Codierung erkannt, alles klar
+ # ok, looks good.
1;
}
-################################
-# sub check_param
+### sub fetch ##################################################################
#
-# CGI-Parameter pruefen
-################################
+# fetch "missing" keys from parent posting
+#
+sub fetch {
+ my $self = shift;
+ my $q = $self -> {cgi_object};
+ my $formdata = $self -> {conf} -> {form_data};
-sub check_param () {
- my %gotKeys = map {($_ => 1)} param;
- my $numGotKeys = keys %gotKeys;
+ if (@{$self -> {fetch}}) {
+ my $filename = $self -> {conf} -> {message_path}.'t'.$self -> {fup_tid}.'.xml';
- # Threaderoeffnung, Ersteingabe (leere Seite)
- return 'newThread' if ($numGotKeys == 0 or
- (($numGotKeys == 1) and ($gotKeys {$formdata -> {userID} -> {name}})));
+ if (lock_file ($filename)) {
+ my $xml = parse_xml_file ($filename);
+ violent_unlock_file($filename) unless unlock_file ($filename);
- # =======================================================
- # ab hier steht fest, wir haben ein ausgefuelltes
- # Formular bekommen
- #
- # 1. Umrechnungshash bauen (CGI-Key => Identifier)
- # 2. alle must-keys vorhanden?
- # 3. zuviele Parameter uebermittelt?
- # 4. entsprechen die Daten den Anforderungen?
- # (alle, nicht nur die must-Daten)
+ if ($xml) {
+ my $mnode = get_message_node ($xml, 't'.$self -> {fup_tid}, 'm'.$self -> {fup_mid});
+ if ($mnode) {
+ my $header = get_message_header ($mnode);
- # 1
- # ===
- my %name = map {($formdata -> {$_} -> {name} => $_)} keys %$formdata;
+ $q -> param ($formdata -> {$_} -> {name} => $header -> {$formdata -> {$_} -> {header}})
+ for (@{$self -> {fetch}});
- # 2
- # ===
- $failed=1;
- foreach (@{$formmust -> {$gotKeys {$formdata -> {followUp} -> {name}}?'reply':'new'}}) {
- return 'missingKey' unless ($gotKeys {$formdata -> {$_} -> {name}});}
+ return;
+ }
+ }
+ }
+ }
- # 3
- # ===
- foreach (param) {
- $failed = $name {$_};
- return 'unexpectedKey' unless (exists ($name {$_}));}
+ # fetching failed:
+ # fillout the values with an empty string
+ #
+ $q -> param ($formdata -> {$_} -> {name} => '')
+ for (@{$self -> {fetch}});
- # 4
- # ===
- return 'unknownEncoding' unless (decode_param);
+ return;
+}
- foreach (keys %dparam) {
- $failed = $name {$_};
+### sub decode_param ###########################################################
+#
+# convert submitted form data into UTF-8
+# unless it's not encoded yet
+#
+# Return: Status Code (Bool)
+# false if unknown encoding (like UTF-7 for instance)
+#
+sub decode_param {
+ my $self = shift;
- return 'tooLong' if (length($dparam{$_}) > $formdata -> {$name {$_}} -> {maxlength});
- return 'tooShort' if (@{[$dparam{$_} =~ /(\S)/g]} < $formdata -> {$name {$_}} -> {minlength});
- return 'wrongMail' if ($formdata -> {$name{$_}} -> {type} eq 'email' and length ($dparam{$_}) and not is_mail_address ($dparam{$_}));
- }
+ my $q = $self -> {cgi_object};
+ my $formdata = $self -> {conf} -> {form_data};
- $failed=0;
- return $gotKeys {$formdata -> {followUp} -> {name}}?'gotReply':'gotNew';
-}
+ my $code = $q -> param ($formdata -> {quoteChar} -> {name});
+ my @array;
-# ====================================================
-# Initialisierung
-# ====================================================
+ # Latin 1 (we hope so - there's no real way to find out :-( )
+ if ($code =~ /^\377/) {
+ $q -> param ($_ => map {toUTF8($_)} $q -> param ($_)) for ($q -> param);
+ }
+ else {
+ # UTF-8 is (probably) correct,
+ # other encodings we don't know and fail
+ return unless $code =~ /^\303\277/;
+ }
-BEGIN {
- %subhash = (newThread => \&new_thread,
- missingKey => \&missing_key,
- unexpectedKey => \&unexpected_key,
- unknownEncoding => \&unknown_encoding,
- tooShort => \&too_short,
- tooLong => \&too_long,
- wrongMail => \&wrong_mail,
- Occupied => \&occupied,
- Dupe => \&dupe_posting,
- noReply => \&no_reply,
- gotReply => \&got_reply,
- gotNew => \&got_new
- );
-
- # Die RFC-gerechte URL-Erkennung ist aus dem Forum
- # (thx2Cheatah - wo auch immer er sie (in der Form) her hat :-)
- my $lowalpha = '(?:[a-z])';
- my $hialpha = '(?:[A-Z])';
- my $alpha = "(?:$lowalpha|$hialpha)";
- my $digit = '(?:\d)';
- my $safe = '(?:[$_.+-])';
- my $hex = '(?:[\dA-Fa-f])';
- my $escape = "(?:%$hex$hex)";
- my $digits = '(?:\d+)';
- my $alphadigit = "(?:$alpha|\\d)";
-
- # URL schemeparts for ip based protocols:
- my $port = "(?:$digits)";
- my $hostnumber = "(?:$digits\\.$digits\\.$digits\\.$digits)";
- my $toplabel = "(?:(?:$alpha(?:$alphadigit|-)*$alphadigit)|$alpha)";
- my $domainlabel = "(?:(?:$alphadigit(?:$alphadigit|-)*$alphadigit)|$alphadigit)";
- my $hostname = "(?:(?:$domainlabel\\.)*$toplabel)";
- my $host = "(?:(?:$hostname)|(?:$hostnumber))";
- my $hostport = "(?:(?:$host)(?::$port)?)";
-
- my $httpuchar = "(?:(?:$alpha|$digit|$safe|(?:[!*\',]))|$escape)";
- my $hsegment = "(?:(?:$httpuchar|[;:\@&=~])*)";
- my $search = "(?:(?:$httpuchar|[;:\@&=~])*)";
- my $hpath = "(?:$hsegment(?:/$hsegment)*)";
-
- # das alles ergibt eine gueltige URL :-)
- $httpurl = "^(?:https?://$hostport(?:/$hpath(?:\\?$search)?)?)\$";
+ # remove the ÿ (encoded as UTF-8) from quotechars
+ $q -> param ($formdata -> {quoteChar} -> {name} => substr ($code, 2));
+
+ # ok, params now should be UTF-8 encoded
+ 1;
}
-# ====================================================
-# end of fo_posting.pl
-# ====================================================
\ No newline at end of file
+#
+#
+### end of fo_posting.pl #######################################################
\ No newline at end of file