tazbug: web/bugs.cgi annotate

tazbug annotate web/bugs.cgi @ rev 73

Fix js redirection and cookies

author	Christophe Lincoln <pankso@slitaz.org>
date	Mon Jan 20 00:20:03 2014 +0100 (2014-01-20)
parents	243308dc325e
children	88655776f9ff

rev	line source
pankso@9	1 #!/bin/sh
pankso@9	2 #
pankso@9	3 # TazBug Web interface
pankso@9	4 #
pankso@48	5 # Copyright (C) 2012-2014 SliTaz GNU/Linux - BSD License
pankso@9	6 #
pankso@9	7 . /usr/lib/slitaz/httphelper
pankso@52	8
pankso@52	9 # Source config file
pankso@52	10 [ -f "/etc/slitaz/tazbug.conf" ] && . /etc/slitaz/tazbug.conf
pankso@52	11 # Web interface can have different setting than cmdline tools
xfred222@32	12 [ -f "/etc/slitaz/bugs.conf" ] && . /etc/slitaz/bugs.conf
xfred222@32	13
pankso@9	14 # Internal variable
pankso@52	15 bugdir="$PWD/bug"
pankso@29	16 plugins="plugins"
xfred222@34	17 sessions="/tmp/bugs/sessions"
pankso@48	18 script="$SCRIPT_NAME"
xfred222@32	19
pankso@9	20 # Content negotiation for Gettext
pankso@9	21 IFS=","
pankso@9	22 for lang in $HTTP_ACCEPT_LANGUAGE
pankso@9	23 do
pankso@9	24 lang=${lang%;} lang=${lang# } lang=${lang%-}
pankso@9	25 case "$lang" in
pankso@30	26 en) LANG="C" ;;
pankso@30	27 de) LANG="de_DE" ;;
pankso@30	28 es) LANG="es_ES" ;;
pankso@30	29 fr) LANG="fr_FR" ;;
pankso@30	30 it) LANG="it_IT" ;;
pankso@30	31 pt) LANG="pt_BR" ;;
pankso@30	32 ru) LANG="ru_RU" ;;
pankso@30	33 zh) LANG="zh_TW" ;;
pankso@9	34 esac
pankso@30	35 if echo "$po" \| fgrep -q "$lang"; then
pankso@30	36 break
pankso@30	37 fi
pankso@9	38 done
pankso@9	39 unset IFS
pankso@30	40 export LANG LC_ALL=$LANG
pankso@9	41
pankso@9	42 # Internationalization: $(gettext "")
pankso@9	43 . /usr/bin/gettext.sh
pankso@9	44 TEXTDOMAIN='tazbug'
pankso@9	45 export TEXTDOMAIN
pankso@9	46
pankso@9	47 #
pankso@9	48 # Functions
pankso@9	49 #
pankso@9	50
pankso@9	51 # HTML 5 header.
pankso@9	52 html_header() {
pankso@9	53 cat lib/header.html
pankso@9	54 }
pankso@9	55
pankso@9	56 # HTML 5 footer.
pankso@9	57 html_footer() {
pankso@9	58 cat << EOT
pankso@9	59 </div>
pankso@9	60
pankso@9	61 <div id="footer">
pankso@53	62 <a href="$script">SliTaz Bugs</a> -
pankso@53	63 <a href="$script?README">README</a>
pankso@9	64 </div>
pankso@9	65
pankso@9	66 </body>
pankso@9	67 </html>
pankso@9	68 EOT
pankso@9	69 }
pankso@9	70
pankso@52	71 GETfiltered() {
pankso@52	72 GET $1 \| sed -e "s/'/\'/g; s\|\n\|<br/>\|g; s/\t/\ /g;s/\%22/\"/g"
pascal@39	73 }
xfred222@32	74
pankso@52	75 js_redirection_to() {
xfred222@34	76 js_log "Redirecting to $1"
xfred222@34	77 echo "<script type=\"text/javascript\"> document.location = \"$1\"; </script>"
xfred222@34	78 }
xfred222@34	79
pankso@52	80 js_log() {
xfred222@34	81 echo "<script type=\"text/javascript\">console.log('$1')</script>";
xfred222@34	82 }
xfred222@34	83
pankso@52	84 js_set_cookie() {
xfred222@34	85 name=$1
xfred222@34	86 value=$2
xfred222@34	87 js_log 'Setting cookie.'
pankso@73	88 cat << EOT
pankso@73	89 <script type="text/javascript">
pankso@73	90 document.cookie = '$name=$value; expires=0; path=/';
pankso@73	91 </script>
pankso@73	92 EOT
xfred222@34	93 }
xfred222@34	94
pankso@52	95 js_unset_cookie() {
xfred222@34	96 name=$1
xfred222@34	97 js_log 'Unsetting cookie.'
pankso@73	98 cat << EOT
pankso@73	99 <script type="text/javascript">
pankso@73	100 document.cookie = '$1=""; expires=-1; path=/;'
pankso@73	101 </script>
pankso@73	102 EOT
xfred222@34	103 }
xfred222@34	104
pankso@9	105 # Check if user is auth
pankso@9	106 check_auth() {
pankso@9	107 auth="$(COOKIE auth)"
pankso@9	108 user="$(echo $auth \| cut -d ":" -f 1)"
pankso@9	109 md5cookie="$(echo $auth \| cut -d ":" -f 2)"
pankso@9	110 [ -f "$sessions/$user" ] && md5session="$(cat $sessions/$user)"
pankso@9	111 if [ "$md5cookie" == "$md5session" ] && [ "$auth" ]; then
pankso@9	112 return 0
pankso@9	113 else
pankso@9	114 return 1
pankso@9	115 fi
pankso@9	116 }
pankso@9	117
pankso@49	118 # Check if user is admin
pankso@49	119 admin_user() {
pankso@49	120 fgrep -q 'ADMIN_USER="yes"' ${PEOPLE}/${user}/account.conf
pankso@49	121 }
xfred222@34	122
pankso@9	123 # Authentified or not
pankso@9	124 user_box() {
pankso@49	125
pankso@49	126 IDLOC=""
pankso@49	127 if [[ "$(GET id)" ]] ;then
pankso@49	128 IDLOC="&id=$(GET id)"
pankso@49	129 fi
xfred222@33	130
pankso@9	131 if check_auth; then
pankso@26	132 . $PEOPLE/$user/account.conf
pankso@9	133 cat << EOT
pankso@9	134 <div id="user">
pankso@24	135 <a href="?user=$user">$(get_gravatar $MAIL 20)</a>
pankso@48	136 <a href="?logout">$(gettext 'Logout')</a>
pankso@9	137 </div>
pankso@9	138 EOT
pankso@9	139 else
pankso@9	140 cat << EOT
xfred222@33	141 <div id="user">
xfred222@33	142 <a href="?login$IDLOC"><img src="images/avatar.png" alt="[ User ]" /></a>
pankso@69	143 <a href="?login$IDLOC">$(gettext 'Login')</a>
xfred222@33	144 </div>
pankso@9	145 EOT
pankso@9	146 fi
pankso@9	147 cat << EOT
pankso@9	148
pankso@24	149 <div id="search">
pankso@53	150 <form method="get" action="$script">
al@31	151 <input type="text" name="search" placeholder="$(gettext 'Search')" />
al@31	152 <!-- <input type="submit" value="$(gettext 'Search')" /> -->
pankso@24	153 </form>
pankso@24	154 </div>
pankso@24	155
pankso@9	156 <!-- Content -->
pankso@9	157 <div id="content">
pankso@9	158
pankso@9	159 EOT
pankso@9	160 }
pankso@9	161
pankso@48	162 # Signup page
pankso@48	163 signup_page() {
pankso@48	164 cat << EOT
pankso@48	165
pankso@48	166 <div id="signup">
pankso@48	167 <form method="post" name="signup" action="$SCRIPT_NAME" onsubmit="return checkSignup();">
pankso@48	168 <input type="hidden" name="signup" value="new" />
pankso@48	169 <input type="text" name="name" placeholder="$(gettext "Real name")" />
pankso@48	170 <input type="text" name="user" placeholder="$(gettext "User name")" />
pankso@48	171 <input type="text" name="mail" placeholder="$(gettext "Email")" />
pankso@48	172 <input type="password" name="pass" placeholder="$(gettext "Password")" />
pankso@48	173 <div>
pankso@48	174 <input type="submit" value="$(gettext "Create new account")" />
pankso@48	175 </div>
pankso@48	176 </form>
pankso@48	177 </div>
pankso@48	178
pankso@48	179 EOT
pankso@48	180 }
pankso@48	181
pankso@48	182 # Link for online signup if enabled.
pankso@48	183 online_signup() {
pankso@48	184 if [ "$ONLINE_SIGNUP" == "yes" ]; then
pankso@48	185 echo -n "<p>" && gettext "Or:"; echo -n " "
pankso@48	186 echo -n "<a href='$script?signup&online'>"
pankso@48	187 gettext "Sign Up Online"
pankso@48	188 echo '</a></p>'
pankso@48	189 fi
pankso@48	190 }
xfred222@34	191
pankso@9	192 # Login page
pankso@9	193 login_page() {
pankso@49	194 IDLOC=""
pankso@49	195 if [[ "$(GET id)" ]] ;then
pankso@49	196 IDLOC="?id=$(GET id)"
pankso@49	197 fi
pankso@9	198 cat << EOT
al@31	199 <h2>$(gettext 'Login')</h2>
pankso@9	200
pankso@9	201 <div id="account-info">
pankso@48	202 <p>$(gettext "No account yet? You can signup using the SliTaz Bugs reporter \
al@31	203 on your SliTaz system.")</p>
pankso@48	204 $(online_signup)
al@31	205 <p>$(gettext "Tip: to attach big files or images, you can use SliTaz Paste \
al@31	206 services:") <a href="http://paste.slitaz.org/">paste.slitaz.org</a></p>
pankso@9	207 </div>
pankso@9	208
pankso@9	209 <div id="login">
pankso@49	210 <form method="post" action="$script">
al@31	211 <input type="text" name="auth" placeholder="$(gettext 'User name')" />
al@31	212 <input type="password" name="pass" placeholder="$(gettext 'Password')" />
pankso@21	213 <div>
pankso@73	214 <input type="hidden" name="id" value="$(GET id)" />
al@31	215 <input type="submit" value="$(gettext 'Log in')" />
pankso@21	216 $error
pankso@21	217 </div>
pankso@9	218 </form>
pankso@9	219 </div>
pankso@9	220
pankso@9	221 <div style="clear: both;"></div>
pankso@9	222 EOT
pankso@9	223 }
pankso@9	224
pankso@9	225 # Display user public profile.
pankso@9	226 public_people() {
pankso@9	227 cat << EOT
pankso@9	228 </pre>
pankso@9	229 EOT
pankso@9	230 }
pankso@9	231
pankso@9	232 # Display authentified user profile. TODO: change password
pankso@9	233 auth_people() {
pankso@9	234 cat << EOT
pankso@63	235 Email : $MAIL
pankso@63	236 Secure key : $KEY
pankso@9	237 </pre>
pankso@9	238 EOT
pankso@9	239 }
pankso@9	240
pankso@55	241 # Usage: list_bug ID
pankso@55	242 list_bug() {
pankso@55	243 id="$1"
pankso@55	244 . ${bugdir}/${id}/bug.conf
pankso@55	245 [ -f "${PEOPLE}/${CREATOR}/account.conf" ] && \
pankso@55	246 . ${PEOPLE}/${CREATOR}/account.conf
pankso@55	247 cat << EOT
pankso@55	248 <a href="?user=$USER">$(get_gravatar "$MAIL" 24)</a> \
pankso@68	249 ID: $id <a href="?id=$id">$BUG</a> <span class="date">$DATE</span>
pankso@55	250 EOT
pankso@55	251 unset CREATOR USER MAIL
pankso@55	252
pankso@55	253 }
pankso@55	254
pankso@9	255 # Usage: list_bugs STATUS
pankso@9	256 list_bugs() {
pankso@55	257 status="$1"
pankso@55	258 echo "<h3>$(eval_gettext '$status Bugs')</h3>"
pankso@51	259 echo "<pre>"
pankso@9	260 for pr in critical standard
pankso@9	261 do
pankso@9	262 for bug in $(fgrep -H "$1" $bugdir/*/bug.conf \| cut -d ":" -f 1)
pankso@9	263 do
pankso@9	264 . $bug
xfred222@34	265 id=$(basename $(dirname $bug))
pankso@9	266 if [ "$PRIORITY" == "$pr" ]; then
pankso@51	267 [ -f "${PEOPLE}/${CREATOR}/account.conf" ] && \
pankso@51	268 . ${PEOPLE}/${CREATOR}/account.conf
pankso@9	269 cat << EOT
pankso@51	270 <a href="?user=$USER">$(get_gravatar "$MAIL" 24)</a> \
pankso@68	271 ID: $id <a href="?id=$id">$BUG</a> <span class="date">$DATE</span>
pankso@9	272 EOT
pankso@9	273 fi
pankso@51	274 unset CREATOR USER MAIL
pankso@9	275 done
pankso@9	276 done
pankso@9	277 }
pankso@9	278
paul@17	279 # Stripped down Wiki parser for bug desc and messages which are simply
paul@17	280 # displayed in <pre>
pankso@9	281 wiki_parser() {
pankso@9	282 sed \
pankso@9	283 -e s"#http://$[^']*$.png#<img src='\0' alt='[ Image ]' />#"g \
pascal@44	284 -e s"#http://$[^']$.# <a href='\0'>\1</a>#"g \
pascal@45	285 -e 's#\\\\n#\n#g;s#%22#"#g;s#%21#!#g'
pankso@9	286 }
pankso@9	287
pankso@9	288 # Bug page
pankso@9	289 bug_page() {
pankso@26	290 if [ -f "$PEOPLE/$CREATOR/account.conf" ]; then
pankso@26	291 . $PEOPLE/$CREATOR/account.conf
pankso@9	292 else
pankso@15	293 MAIL="default"
pankso@9	294 fi
pankso@9	295 cat << EOT
pankso@51	296 <h2>$(eval_gettext 'Bug $id: $STATUS')</h2>
pankso@53	297 <form method="get" action="$script">
pankso@9	298
pankso@9	299 <p>
pankso@51	300 $(get_gravatar $MAIL 32) <strong>$BUG</strong>
pankso@51	301 </p>
pankso@51	302 <p>
pankso@51	303 $(gettext "Date:") $DATE -
al@31	304 $(eval_gettext 'Priority $PRIORITY') -
al@31	305 $(eval_ngettext '$msgs message' '$msgs messages' $msgs)
pankso@9	306 </p>
pankso@9	307
pankso@9	308 <pre>
pankso@9	309 $(echo "$DESC" \| wiki_parser)
pankso@9	310 </pre>
pankso@9	311
pankso@9	312 <div id="tools">
pankso@9	313 EOT
pankso@9	314 if check_auth; then
pankso@9	315 if [ "$STATUS" == "OPEN" ]; then
pankso@30	316 cat << EOT
pankso@9	317 <a href="?id=$id&close">$(gettext "Close bug")</a>
pankso@9	318 <a href="?edit=$id">$(gettext "Edit bug")</a>
pankso@9	319 EOT
pankso@9	320 else
pankso@9	321 cat << EOT
pankso@9	322 <a href="?id=$id&open">$(gettext "Re open bug")</a>
pankso@9	323 EOT
pankso@9	324 fi
pankso@9	325 fi
pankso@9	326 cat << EOT
pankso@9	327 </div>
pankso@9	328
pankso@9	329 <h3>$(gettext "Messages")</h3>
pankso@9	330 EOT
pankso@9	331 [ "$msgs" == "0" ] && gettext "No messages"
pankso@9	332 for msg in $(ls -1tr $bugdir/$id/msg.*)
pankso@9	333 do
pankso@9	334 . $msg
pankso@9	335 if [ "$MSG" ]; then
pankso@9	336 msgid=$(echo $msg \| cut -d "." -f 2)
pankso@9	337 del=""
pankso@9	338 # User can delete his post.
pankso@9	339 [ "$user" == "$USER" ] && \
pankso@9	340 del="<a href=\"?id=$id&delmsg=$msgid\">delete</a>"
pankso@9	341 cat << EOT
pankso@9	342 <p><strong>$USER</strong> $DATE $del</p>
pankso@9	343 <pre>
pankso@9	344 $(echo "$MSG" \| wiki_parser)
pankso@9	345 </pre>
pankso@9	346 EOT
pankso@9	347 fi
pankso@9	348 unset NAME DATE MSG
pankso@9	349 done
pankso@9	350 if check_auth; then
pankso@9	351 cat << EOT
pankso@9	352 <div>
pankso@9	353 <h3>$(gettext "New message")</h3>
pankso@30	354
pankso@9	355 <input type="hidden" name="id" value="$id" />
pankso@9	356 <textarea name="msg" rows="8"></textarea>
al@31	357 <p><input type="submit" value="$(gettext 'Send message')" /></p>
pankso@9	358 </form>
pankso@9	359 </div>
pankso@9	360 EOT
pankso@9	361 fi
pankso@9	362 }
pankso@9	363
pankso@9	364 # Write a new message
pankso@9	365 new_msg() {
pankso@9	366 date=$(date "+%Y-%m-%d %H:%M")
pankso@9	367 msgs=$(ls -1 $bugdir/$id/msg.* \| wc -l)
pankso@9	368 count=$(($msgs + 1))
pankso@9	369 if check_auth; then
pankso@9	370 USER="$user"
pankso@9	371 fi
xfred222@34	372 js_log "Will write message in $bugdir/$id/msg.$count "
pankso@9	373 sed "s/$(echo -en '\r') /\n/g" > $bugdir/$id/msg.$count << EOT
pascal@39	374 USER="$USER"
pankso@9	375 DATE="$date"
pascal@39	376 MSG="$(GETfiltered msg)"
pankso@9	377 EOT
pankso@9	378 }
pankso@9	379
pankso@9	380 # Create a new Bug
pankso@9	381 new_bug() {
pankso@9	382 count=$(ls -1 $bugdir \| wc -l)
pankso@9	383 date=$(date "+%Y-%m-%d %H:%M")
pankso@9	384 # Sanity check, JS may be disabled.
pankso@9	385 [ ! "$(GET bug)" ] && echo "Missing bug title" && exit 1
pankso@9	386 [ ! "$(GET desc)" ] && echo "Missing bug description" && exit 1
pankso@9	387 if check_auth; then
pankso@9	388 USER="$user"
pankso@9	389 fi
pankso@9	390 mkdir -p $bugdir/$count
pankso@9	391 sed "s/$(echo -en '\r') /\n/g" > $bugdir/$count/bug.conf << EOT
pankso@9	392 # SliTaz Bug configuration
pankso@9	393
pascal@39	394 BUG="$(GETfiltered bug)"
pankso@9	395 STATUS="OPEN"
pankso@9	396 PRIORITY="$(GET priority)"
pankso@9	397 CREATOR="$USER"
pankso@9	398 DATE="$date"
pascal@39	399 PKGS="$(GETfiltered pkgs)"
pankso@9	400
pascal@39	401 DESC="$(GETfiltered desc)"
pankso@9	402 EOT
pankso@9	403 }
pankso@9	404
pankso@9	405 # New bug page for the web interface
pankso@9	406 new_bug_page() {
pankso@9	407 cat << EOT
pankso@9	408 <h2>$(gettext "New Bug")</h2>
pankso@9	409 <div id="newbug">
pankso@9	410
pankso@53	411 <form method="get" action="$script" onsubmit="return checkNewBug();">
pankso@9	412 <input type="hidden" name="addbug" />
pankso@9	413 <table>
pankso@9	414 <tbody>
pankso@9	415 <tr>
pankso@9	416 <td>$(gettext "Bug title")*</td>
pankso@9	417 <td><input type="text" name="bug" /></td>
pankso@9	418 </tr>
pankso@9	419 <tr>
pankso@9	420 <td>$(gettext "Description")*</td>
pankso@9	421 <td><textarea name="desc"></textarea></td>
pankso@9	422 </tr>
pankso@9	423 <tr>
pankso@9	424 <td>$(gettext "Packages")</td>
pankso@9	425 <td><input type="text" name="pkgs" /></td>
pankso@9	426 </tr>
pankso@9	427 <tr>
pankso@9	428 <td>$(gettext "Priority")</td>
pankso@9	429 <td>
pankso@9	430 <select name="priority">
pankso@9	431 <option value="standard">$(gettext "Standard")</option>
pankso@9	432 <option value="critical">$(gettext "Critical")</option>
pankso@9	433 </select>
pankso@9	434 <input type="submit" value="$(gettext "Create Bug")" />
pankso@9	435 </td>
pankso@9	436 </tr>
pankso@9	437 </tbody>
pankso@9	438 </table>
pankso@9	439 </form>
pankso@9	440
pankso@9	441 <p>
al@19	442 $(gettext "* field is obligatory. You can also specify affected packages.")
pankso@9	443 </p>
pankso@9	444
pankso@9	445 </div>
pankso@9	446 EOT
pankso@9	447 }
pankso@9	448
xfred222@34	449
pankso@9	450 # Edit/Save a bug configuration file
pankso@9	451 edit_bug() {
pankso@9	452 cat << EOT
al@31	453 <h2>$(eval_gettext 'Edit Bug $bug')</h2>
pankso@9	454 <div id="edit">
pankso@9	455
pankso@53	456 <form method="get" action="$script">
pankso@9	457 <textarea name="bugconf">$(cat $bugdir/$bug/bug.conf)</textarea>
pankso@9	458 <input type="hidden" name="bug" value="$bug" />
al@31	459 <input type="submit" value="$(gettext 'Save configuration')" />
pankso@9	460 </form>
pankso@9	461
pankso@9	462 </div>
pankso@9	463 EOT
pankso@9	464 }
pankso@9	465
pankso@9	466 save_bug() {
pankso@9	467 bug="$(GET bug)"
pankso@9	468 content="$(GET bugconf)"
al@31	469 sed "s\|\"\|'\|" \| sed "s/$(echo -en '\r') /\n/g" > $bugdir/$bug/bug.conf << EOT
pankso@9	470 $content
pankso@9	471 EOT
pankso@9	472 }
pankso@9	473
pankso@9	474 # Close a fixed bug
pankso@9	475 close_bug() {
pankso@9	476 sed -i s'/OPEN/CLOSED/' $bugdir/$id/bug.conf
pankso@9	477 }
pankso@9	478
pankso@9	479 # Re open an old bug
pankso@9	480 open_bug() {
pankso@9	481 sed -i s'/CLOSED/OPEN/' $bugdir/$id/bug.conf
pankso@9	482 }
pankso@9	483
pankso@9	484 # Get and display Gravatar image: get_gravatar email size
pankso@9	485 # Link to profile: <a href="http://www.gravatar.com/$md5">...</a>
pankso@9	486 get_gravatar() {
pankso@9	487 email=$1
pankso@9	488 size=$2
pankso@9	489 [ "$size" ] \|\| size=48
pankso@9	490 url="http://www.gravatar.com/avatar"
pankso@29	491 md5=$(md5crypt $email)
al@31	492 echo "<img src=\"$url/$md5?d=identicon&s=$size\" alt=\"\" />"
pankso@9	493 }
pankso@9	494
pankso@21	495 # Create a new user in AUTH_FILE and PEOPLE
pankso@9	496 new_user_config() {
pankso@48	497 if [ ! "$online" ]; then
pankso@48	498 name="$(GET name)"
pankso@48	499 mail="$(GET mail)"
pankso@48	500 pass="$(GET pass)"
pankso@48	501 echo "Creating Server Key..."
pankso@48	502 fi
pankso@9	503 key=$(echo -n "$user:$mail:$pass" \| md5sum \| awk '{print $1}')
pankso@9	504 echo "$user:$pass" >> $AUTH_FILE
xfred222@34	505 mkdir -pm0700 $PEOPLE/$user/
pankso@26	506 cat > $PEOPLE/$user/account.conf << EOT
pankso@9	507 # SliTaz user configuration
pankso@9	508 #
pankso@9	509
pankso@48	510 NAME="$name"
pankso@9	511 USER="$user"
pankso@9	512 MAIL="$mail"
pankso@9	513 KEY="$key"
pankso@9	514
pankso@9	515 LOCATION="$(GET location)"
pankso@9	516 RELEASES="$(GET releases)"
pankso@9	517 PACKAGES="$(GET packages)"
pankso@9	518 EOT
pankso@26	519 chmod 0600 $PEOPLE/$user/account.conf
xfred222@34	520 if [ ! -f $PEOPLE/$user/account.conf ]; then
xfred222@34	521 echo "ERROR: User creation failed!"
pankso@48	522 fi
pankso@48	523 }
pankso@9	524
pankso@48	525 ########################################################################
pankso@48	526 # POST actions #
pankso@48	527 ########################################################################
pankso@9	528
pankso@9	529 case " $(POST) " in
pankso@9	530 \ auth\ )
xfred222@34	531 header
xfred222@34	532 html_header
pankso@9	533 # Authenticate user. Create a session file in $sessions to be used
pankso@9	534 # by check_auth. We have the user login name and a peer session
pankso@9	535 # md5 string in the COOKIE.
pankso@9	536 user="$(POST auth)"
xfred222@34	537 pass="$(echo -n "$(POST pass)" \| md5sum \| awk '{print $1}')"
xfred222@34	538
xfred222@34	539 IDLOC=""
pankso@73	540 if [[ "$(POST id)" ]] ;then
pankso@73	541 IDLOC="&id=$(POST id)"
pankso@48	542 fi
xfred222@34	543
xfred222@34	544 if [ ! -f $AUTH_FILE ] ; then
paul@50	545 js_log "$AUTH_FILE (defined in \$AUTH_FILE) has not been found."
pankso@53	546 js_redirection_to "$script?login$IDLOC"
xfred222@34	547 fi;
xfred222@34	548
pankso@9	549 valid=$(fgrep "${user}:" $AUTH_FILE \| cut -d ":" -f 2)
pankso@9	550 if [ "$pass" == "$valid" ] && [ "$pass" != "" ]; then
pankso@73	551 if [[ "$(POST id)" ]] ;then
pankso@73	552 IDLOC="?id=$(POST id)"
xfred222@34	553 fi
pankso@9	554 md5session=$(echo -n "$$:$user:$pass:$$" \| md5sum \| awk '{print $1}')
pankso@9	555 mkdir -p $sessions
pankso@63	556 # Log last login
pankso@63	557 date '+%Y-%m-%d' > ${PEOPLE}/${user}/last
pankso@9	558 echo "$md5session" > $sessions/$user
xfred222@34	559 js_set_cookie 'auth' "$user:$md5session"
paul@70	560 js_log "Login authentication has been executed & accepted :)"
pankso@53	561 js_redirection_to "$script$IDLOC"
pankso@9	562 else
paul@70	563 js_log "Login authentication has been executed & refused"
pankso@53	564 js_redirection_to "$script?login&error$IDLOC"
xfred222@34	565 fi
pankso@48	566 html_footer ;;
pankso@48	567 \ signup\ )
pankso@48	568 # POST action for online signup
pankso@48	569 name="$(POST name)"
pankso@48	570 user="$(POST user)"
pankso@48	571 mail="$(POST mail)"
pankso@48	572 pass="$(md5crypt "$(POST pass)")"
pankso@48	573 if ! grep "^${user}:" $AUTH_FILE; then
pankso@48	574 online="yes"
pankso@48	575 new_user_config
pankso@48	576 header "Location: $SCRIPT_NAME?login"
pankso@48	577 else
pankso@48	578 header
pankso@48	579 html_header
pankso@48	580 user_box
pankso@49	581 echo "<h2>$(gettext "User already exists:") $user</h2>"
pankso@48	582 html_footer && exit 0
pankso@48	583 fi ;;
pankso@9	584 esac
pankso@9	585
pankso@49	586 #
pankso@49	587 # Plugins Now!
pankso@49	588 #
pankso@73	589
pankso@49	590 for p in $(ls -1 $plugins)
pankso@49	591 do
pankso@49	592 [ -f "$plugins/$p/$p.conf" ] && . $plugins/$p/$p.conf
pankso@49	593 [ -x "$plugins/$p/$p.cgi" ] && . $plugins/$p/$p.cgi
pankso@49	594 done
xfred222@34	595
pankso@48	596 ########################################################################
pankso@48	597 # GET actions #
pankso@48	598 ########################################################################
pankso@9	599
pankso@9	600 case " $(GET) " in
pankso@9	601 \ README\ )
pankso@9	602 header
pankso@9	603 html_header
pankso@9	604 user_box
pankso@9	605 echo '<h2>README</h2>'
pankso@9	606 echo '<pre>'
pankso@55	607 if [ -f "README" ]; then
pankso@55	608 cat README
pankso@55	609 else
pankso@55	610 cat /usr/share/doc/tazbug/README
pankso@55	611 fi
pankso@30	612 echo '</pre>'
pankso@9	613 html_footer ;;
pankso@9	614 \ closed\ )
pankso@9	615 # Show all closed bugs.
pankso@9	616 header
pankso@9	617 html_header
pankso@9	618 user_box
pankso@9	619 list_bugs CLOSED
pankso@51	620 echo "</pre>"
pankso@9	621 html_footer ;;
pankso@9	622 \ login\ )
pankso@9	623 # The login page
pankso@9	624 [ "$(GET error)" ] && \
al@31	625 error="<span class='error'>$(gettext 'Bad login or pass')</span>"
pankso@30	626 header
pankso@9	627 html_header
pankso@21	628 user_box
xfred222@33	629 login_page
pankso@9	630 html_footer ;;
pankso@9	631 \ logout\ )
xfred222@34	632 header
xfred222@34	633 html_header
pankso@9	634 if check_auth; then
pankso@9	635 rm -f "$sessions/$user"
xfred222@34	636 js_unset_cookie 'auth'
pankso@53	637 js_redirection_to "$script"
pankso@9	638 fi ;;
pankso@9	639 \ user\ )
pankso@9	640 # User profile
pankso@63	641 last="$(cat $PEOPLE/"$(GET user)"/last)"
pankso@9	642 header
pankso@9	643 html_header
pankso@9	644 user_box
pankso@26	645 . $PEOPLE/"$(GET user)"/account.conf
pankso@63	646 cat << EOT
pankso@63	647 <h2>$(get_gravatar $MAIL) $NAME</h2>
pankso@63	648
pankso@63	649 <pre>
pankso@63	650 $(gettext "User name :") $USER
pankso@63	651 $(gettext "Last login :") $last
pankso@63	652 EOT
pankso@9	653 if check_auth && [ "$(GET user)" == "$user" ]; then
pankso@9	654 auth_people
pankso@9	655 else
pankso@63	656 # check_auth will set VARS to current logged user: re-source
pankso@63	657 . $PEOPLE/"$(GET user)"/account.conf
pankso@9	658 public_people
pankso@9	659 fi
pankso@9	660 html_footer ;;
pankso@9	661 \ newbug\ )
pankso@9	662 # Add a bug from web interface.
pankso@9	663 header
pankso@9	664 html_header
pankso@9	665 user_box
pankso@9	666 if check_auth; then
pankso@9	667 new_bug_page
pankso@9	668 else
al@31	669 echo "<p>$(gettext 'You must be logged in to post a new bug')</p>"
pankso@9	670 fi
pankso@9	671 html_footer ;;
pankso@9	672 \ addbug\ )
pankso@9	673 # Add a bug from web interface.
xfred222@34	674 header
xfred222@34	675 html_header
pankso@9	676 if check_auth; then
pankso@9	677 new_bug
pankso@53	678 js_redirection_to "$script?id=$count"
pankso@9	679 fi ;;
pankso@9	680 \ edit\ )
pankso@9	681 bug="$(GET edit)"
pankso@9	682 header
pankso@9	683 html_header
pankso@9	684 user_box
pankso@9	685 edit_bug
pankso@9	686 html_footer ;;
pankso@9	687 \ bugconf\ )
xfred222@34	688 header
xfred222@34	689 html_header
pankso@9	690 if check_auth; then
pankso@9	691 save_bug
pankso@53	692 js_redirection_to "$script?id=$bug"
pankso@9	693 fi ;;
pankso@9	694 \ id\ )
pankso@9	695 # Empty deleted messages to keep msg count working.
xfred222@34	696 header
xfred222@34	697 html_header
pankso@9	698 id="$(GET id)"
pankso@9	699 [ "$(GET close)" ] && close_bug
pankso@9	700 [ "$(GET open)" ] && open_bug
pankso@9	701 [ "$(GET msg)" ] && new_msg
pankso@9	702 [ "$(GET delmsg)" ] && rm -f $bugdir/$id/msg.$(GET delmsg) && \
pankso@9	703 touch $bugdir/$id/msg.$(GET delmsg)
pankso@9	704 msgs=$(fgrep MSG= $bugdir/$id/msg.* \| wc -l)
pankso@30	705 user_box
pankso@9	706 . $bugdir/$id/bug.conf
pankso@9	707 bug_page
pankso@9	708 html_footer ;;
pankso@9	709 \ signup\ )
pankso@9	710 # Signup
pankso@48	711 if [ "$(GET online)" ];then
pankso@48	712 header
pankso@48	713 html_header
pankso@48	714 user_box
pankso@48	715 echo "<h2>$(gettext "Sign Up")</h2>"
pankso@48	716 if [ "$ONLINE_SIGNUP" == "yes" ]; then
pankso@48	717 signup_page
pankso@48	718 else
pankso@48	719 gettext "Online registration is disabled"
pankso@48	720 fi
pankso@48	721 html_footer && exit 0
pankso@9	722 else
pankso@48	723 header "Content-type: text/plain;"
pankso@48	724 user="$(GET signup)"
pankso@48	725 echo "Requested user login : $user"
pankso@48	726 if fgrep -q "$user:" $AUTH_FILE; then
pankso@48	727 echo "ERROR: User already exists" && exit 1
pankso@48	728 else
pankso@48	729 echo "Creating account for : $(GET name)"
pankso@48	730 new_user_config
pankso@48	731 fi
pankso@9	732 fi ;;
pankso@9	733 \ key\ )
pankso@9	734 # Let user post new bug or message with crypted key (no gettext)
pankso@9	735 #
pankso@9	736 # Testing only and is security acceptable ?
pankso@9	737 #
pankso@9	738 key="$(GET key)"
pankso@9	739 id="$(GET bug)"
pankso@9	740 header "Content-type: text/plain;"
pankso@30	741 echo "Checking secure key..."
pankso@26	742 if fgrep -qH $key $PEOPLE/*/account.conf; then
pankso@26	743 conf=$(fgrep -H $key $PEOPLE/*/account.conf \| cut -d ":" -f 1)
pankso@9	744 . $conf
pankso@9	745 echo "Authentified: $NAME ($USER)"
pankso@9	746 case " $(GET) " in
pankso@9	747 \ msg\ )
pankso@9	748 [ ! "$id" ] && echo "Missing bug ID" && exit 0
pankso@9	749 echo "Posting new message to bug: $id"
pankso@9	750 echo "Message: $(GET msg)"
pankso@9	751 new_msg ;;
pankso@9	752 \ bug\ )
pankso@30	753 echo "Adding new bug: $(GET bug)"
pankso@30	754 echo "Description: $(GET desc)"
pankso@9	755 new_bug ;;
pankso@30	756 esac
pankso@9	757 else
pankso@9	758 echo "Not a valid SliTaz user key"
pankso@9	759 exit 0
pankso@9	760 fi ;;
pankso@9	761 \ search\ )
pankso@59	762 found=0
pankso@9	763 header
pankso@9	764 html_header
pankso@9	765 user_box
pankso@9	766 cat << EOT
pankso@9	767 <h2>$(gettext "Search")</h2>
pankso@53	768 <form method="get" action="$script">
pankso@9	769 <input type="text" name="search" />
al@31	770 <input type="submit" value="$(gettext 'Search')" />
pankso@9	771 </form>
pankso@21	772 <div>
pankso@9	773 EOT
pankso@59	774 cd $bugdir
pankso@59	775 for bug in *
pankso@9	776 do
pankso@61	777 result=$(fgrep -i -h "$(GET search)" $bug/*)
pankso@21	778 if [ "$result" ]; then
pankso@59	779 found=$(($found + 1))
pankso@59	780 id=${bug}
al@31	781 echo "<p><strong>Bug $id</strong> <a href=\"?id=$id\">"$(gettext 'Show')"</a></p>"
pankso@21	782 echo '<pre>'
pankso@62	783 fgrep -i -h "$(GET search)" $bugdir/$id/* \| \
pankso@21	784 sed s"/$(GET search)/<span class='ok'>$(GET search)<\/span>/"g
pankso@21	785 echo '</pre>'
pankso@21	786 fi
pankso@9	787 done
pankso@59	788 if [ "$found" == "0" ]; then
pankso@59	789 echo "<p>$(gettext 'No result found for') : $(GET search)</p>"
pankso@59	790 else
pankso@59	791 echo "<p> $found $(gettext 'results found')</p>"
pankso@59	792 fi
pankso@21	793 echo '</div>'
pankso@9	794 html_footer ;;
pankso@9	795 *)
pankso@9	796 # Default page.
pankso@9	797 bugs=$(ls -1 $bugdir \| wc -l)
pankso@9	798 close=$(fgrep "CLOSED" $bugdir/*/bug.conf \| wc -l)
pankso@9	799 fixme=$(fgrep "OPEN" $bugdir/*/bug.conf \| wc -l)
pankso@9	800 msgs=$(find $bugdir -name msg.* ! -size 0 \| wc -l)
pankso@9	801 pct=0
pankso@9	802 [ $bugs -gt 0 ] && pct=$(( ($close * 100) / $bugs ))
pankso@9	803 header
pankso@9	804 html_header
pankso@9	805 user_box
pankso@73	806
pankso@9	807 cat << EOT
pankso@9	808
pankso@9	809 <h2>$(gettext "Summary")</h2>
pankso@9	810
pankso@9	811 <p>
al@31	812 $(eval_ngettext 'Bug: $bugs in total -' 'Bugs: $bugs in total -' $bugs)
al@31	813 $(eval_ngettext '$close fixed -' '$close fixed -' $close)
al@31	814 $(eval_ngettext '$fixme to fix -' '$fixme to fix -' $fixme)
al@31	815 $(eval_ngettext '$msgs message' '$msgs messages' $msgs)
pankso@9	816 </p>
pankso@9	817
pankso@9	818 <div class="pctbar">
pankso@9	819 <div class="pct" style="width: ${pct}%;">${pct}%</div>
pankso@9	820 </div>
pankso@9	821
pankso@49	822 <p>$(gettext "Please read the <a href=\"?README\">README</a> for help and \
pankso@49	823 more information. You may also be interested by the SliTaz \
al@31	824 <a href=\"http://roadmap.slitaz.org/\">Roadmap</a> and the packages \
al@31	825 <a href=\"http://cook.slitaz.org/\">Cooker</a>. To perform a search \
al@31	826 enter your term and press ENTER.")
pankso@9	827 </p>
pankso@9	828
pankso@9	829 <div id="tools">
al@31	830 <a href="?closed">$(gettext 'View closed bugs')</a>
pankso@9	831 EOT
pankso@9	832 if check_auth; then
al@31	833 echo "<a href='?newbug'>$(gettext 'Create a new bug')</a>"
pankso@49	834 echo "$PLUGINS_TOOLS"
pankso@9	835 fi
pankso@9	836 cat << EOT
pankso@9	837 </div>
pankso@55	838
pankso@55	839 <h3>$(gettext "Latest Bugs")</h3>
pankso@9	840 EOT
pankso@55	841 # List last 3 bugs
pankso@55	842 echo "<pre>"
pankso@57	843 for lb in $(ls ${bugdir} \| sort -r -n \| head -n 3)
pankso@55	844 do
pankso@55	845 list_bug ${lb}
pankso@55	846 done
pankso@55	847 echo "</pre>"
pankso@9	848 list_bugs OPEN
pankso@51	849 echo "</pre>"
pankso@9	850 html_footer ;;
pankso@9	851 esac
pankso@9	852
pankso@9	853 exit 0

SliTaz Repositories

tazbug annotate web/bugs.cgi @ rev 73