tinycm view index.cgi @ rev 17
index.cgi: small improvments
| author | Christophe Lincoln <pankso@slitaz.org> |
|---|---|
| date | Sat Jan 04 20:21:17 2014 +0100 (2014-01-04) |
| parents | 5a312bd55038 |
| children | 93e27f9ededd |
line source
1 #!/bin/sh
2 #
3 # TinyCM - Small, fast and elegent CGI/SHell Content Manager
4 #
5 # Copyright (C) 2012-2014 SliTaz GNU/Linux - BSD License
6 #
7 . /usr/lib/slitaz/httphelper
9 # Let's have a peer site config file with a .cgi extension so content
10 # is secure even if left in a web server directory.
11 . config.cgi
13 tiny="$PWD"
14 po="en fr"
15 content="content"
16 wiki="$content/wiki"
17 index="index"
18 cache="cache"
19 plugins="plugins"
20 tmp="/tmp/tinycm"
21 sessions="$tmp/sessions"
22 script="$SCRIPT_NAME"
24 # Content negotiation for Gettext
25 IFS=","
26 for lang in $HTTP_ACCEPT_LANGUAGE
27 do
28 lang=${lang%;*} lang=${lang# } lang=${lang%-*}
29 if echo "$po" | fgrep -q "$lang"; then
30 break
31 fi
32 case "$lang" in
33 en) lang="C" ;;
34 fr) lang="fr_FR" ;;
35 pt) lang="pt_BR" ;;
36 ru) lang="ru_RU" ;;
37 esac
38 done
39 unset IFS
40 export LANG=$lang LC_ALL=$lang
42 #
43 # Functions
44 #
46 # Used by edit to display language name and the language box. This is
47 # for CM content not gettext support.
48 get_lang() {
49 lang=$(echo $d | cut -d "/" -f 1)
50 doc=${d#$lang/}
51 echo '<div id="lang">'
52 for l in $LANGUAGES
53 do
54 case $lang in
55 en) i18n="English" ;;
56 fr) i18n="Français" ;;
57 pt) i18n="Português" ;;
58 ru) i18n="Русский" ;;
59 *) i18n="*" ;;
60 esac
61 echo "<a href='?d=$l/$doc'>$l</a>"
62 done
63 echo '</div>'
64 }
66 # HTML 5 header.
67 html_header() {
68 if [ -f "$tiny/lib/header.html" ]; then
69 cat $tiny/lib/header.html | sed -e s!'%TITLE%'!"$TITLE - $d"!g
70 else
71 cat << EOT
72 <!DOCTYPE html>
73 <html xmlns="http://www.w3.org/1999/xhtml">
74 <head>
75 <title>$TITLE</title>
76 <meta charset="utf-8" />
77 <style type="text/css">body { margin: 40px 120px; }</style>
78 </head>
79 <body>
80 <!-- Content -->
81 <div id="content">
82 EOT
83 fi
84 }
86 # HTML 5 footer.
87 html_footer() {
88 if [ -f "$tiny/lib/footer.html" ]; then
89 cat $tiny/lib/footer.html
90 else
91 cat << EOT
93 <!-- End content -->
94 </div>
96 <div id="footer">♥</div>
98 </body>
99 </html>
100 EOT
101 fi
102 }
104 # Default index if missing
105 default_index() {
106 mkdir -p "$wiki"
107 cat > $wiki/$index.txt << EOT
108 ==== Welcome ====
110 This is the default index page of your CM, you can start to edit and adding
111 some content to your TinyCM.
113 EOT
114 }
116 # Log documents activity.
117 log() {
118 grep ^[A-Z] | \
119 sed s"#^[A-Z]\([^']*\)#$(date '+%Y-%m-%d %H:%M') : \0#" \
120 >> $cache/$d/activity.log
121 }
123 # Check if user is auth
124 check_auth() {
125 auth="$(COOKIE auth)"
126 user="$(echo $auth | cut -d ":" -f 1)"
127 md5cookie="$(echo $auth | cut -d ":" -f 2)"
128 [ -f "$sessions/$user" ] && md5session="$(cat $sessions/$user)"
129 if [ "$md5cookie" == "$md5session" ] && [ "$auth" ]; then
130 . $PEOPLE/$user/account.conf
131 return 0
132 else
133 return 1
134 fi
135 }
137 # Authentified or not
138 user_box() {
139 if check_auth; then
140 cat << EOT
142 <div id="user">
143 <a href="$script?user=$user">$(get_gravatar $MAIL 20)</a>
144 <a href="$script?logout">Logout</a>
145 </div>
147 EOT
148 else
149 cat << EOT
151 <div id="user">
152 <a href="$script?login"><img src="images/avatar.png" alt="[ User ]" /></a>
153 <a href="$script?login">Login</a>
154 </div>
156 EOT
157 fi
158 cat << EOT
159 <!--
160 <div id="search">
161 <form method="get" action="$script">
162 <input type="text" name="search" placeholder="$(gettext "Search")" />
163 </form>
164 </div>
165 -->
166 EOT
167 }
169 # Link for online signup if enabled.
170 online_signup() {
171 if [ "$ONLINE_SIGNUP" == "yes" ]; then
172 echo -n "<p><a href='$script?signup'>"
173 gettext "Create a new account"
174 echo '</a></p>'
175 fi
176 }
178 # Login page
179 login_page() {
180 cat << EOT
181 <h2>$(gettext "Login")</h2>
183 <div id="account-info">
184 $(gettext "No account yet or trouble with you account? Please send
185 a request to $ADMIN_MAIL with your real name, user name, mail and password.")
186 $(online_signup)
187 </div>
189 <div id="login">
190 <form method="post" action="$script">
191 <input type="text" name="auth" placeholder="$(gettext "User name")" />
192 <input type="password" name="pass" placeholder="$(gettext "Password")" />
193 <div>
194 <input type="submit" value="Login" /> $error
195 </div>
196 </form>
197 </div>
199 <div style="clear: both;"></div>
200 EOT
201 }
203 # Signup page
204 signup_page() {
205 cat << EOT
207 <div id="signup">
208 <form method="post" name="signup" action="$script" onsubmit="return checkSignup();">
209 <input type="hidden" name="signup" value="new" />
210 <input type="text" name="name" placeholder="$(gettext "Real name")" />
211 <input type="text" name="user" placeholder="$(gettext "User name")" />
212 <input type="text" name="mail" placeholder="$(gettext "Email")" />
213 <input type="password" name="pass" placeholder="$(gettext "Password")" />
214 <div>
215 <input type="submit" value="$(gettext "Create new account")" />
216 </div>
217 </form>
218 </div>
220 EOT
221 }
223 # Create a new user in AUTH_FILE and PEOPLE
224 new_user_config() {
225 key=$(echo -n "$user:$mail:$pass" | md5sum | awk '{print $1}')
226 echo "$user:$pass" >> $AUTH_FILE
227 mkdir -p $PEOPLE/$user/
228 cat > $PEOPLE/$user/account.conf << EOT
229 # SliTaz user configuration
230 #
232 NAME="$name"
233 USER="$user"
234 MAIL="$mail"
235 KEY="$key"
237 EOT
238 chmod 0600 $PEOPLE/$user/account.conf
239 }
241 # Display user public profile.
242 public_people() {
243 cat << EOT
244 <pre>
245 Real name : $NAME
246 </pre>
247 EOT
248 }
250 # Display authentified user profile. TODO: change password
251 auth_people() {
252 cat << EOT
253 <pre>
254 Real name : $NAME
255 Email : $MAIL
256 Secure key : $KEY
257 </pre>
258 EOT
259 }
261 # The CM style parser. Just a title, simple text formating and internal
262 # links, as well as images and use HTML for other stuff. Keep it fast!
263 # To make TinyCM as easy as possible we have a small HTML editor/helper
264 # written in Javascript
265 wiki_parser() {
266 doc="[0-9a-zA-Z\.\#/~\_%=\?\&,\+\:@;!\(\)\*\$'\-]*"
267 sed \
268 -e s"#====\([^']*\)====#<h2>\1</h2>#"g \
269 -e s"#===\([^']*\)===#<h3>\1</h3>#"g \
270 -e s"#==\([^']*\)==#<h4>\1</h4>#"g \
271 -e s"#\*\*\([^']*\)\*\*#<b>\1</b>#"g \
272 -e s"#''\([^']*\)''#<em>\1</em>#"g \
273 -e s"#__\([^']*\)__#<u>\1</u>#"g \
274 -e s"#\[\([^]]*\)|\($doc\)\]#<a href='$script?d=\2'>\1</a>#"g \
275 -e s"#\[\([^]]*\)!\($doc\)\]#<a href='\2'>\1</a>#"g \
276 -e s"#\[\(http://*[^]]*.png\)\]#<img src='\1' />#"g \
277 -e s"#\[\([^]]*.png\)\]#<img src='content/cloud/\1' />#"g
278 }
280 link_user() {
281 echo "<a href='$(basename $script)?user=$user'>$user</a>"
282 }
284 # Save a document. Do we need more than 1 backup and diff ?
285 save_document() {
286 mkdir -p $cache/$d $(dirname $wiki/$d)
287 # May be a new page.
288 if [ ! -f "$wiki/$d.txt" ]; then
289 new=0
290 touch $wiki/$d.txt
291 fi
292 cp $wiki/$d.txt $cache/$d/last.bak
293 sed "s/$(echo -en '\r') /\n/g" > $wiki/$d.txt << EOT
294 $(GET content)
295 EOT
296 diff $cache/$d/last.bak $wiki/$d.txt > $cache/$d/last.diff
297 # Log
298 if [ "$new" ]; then
299 echo "Page created by: $(link_user)" | log
300 if [ "$HG" == "yes" ]; then
301 cd $content && hg -q add
302 hg commit -q -u "$NAME <$MAIL>" -m "Created new document: $d"
303 cd $tiny
304 fi
305 else
306 # Here we will clean log: cat && tail -n 40
307 echo "Page edited by: $(link_user)" | log
308 if [ "$HG" == "yes" ]; then
309 cd $content && hg commit -q -u "$NAME <$MAIL>" \
310 -m "Edited document: $d"
311 cd $tiny
312 fi
313 fi
314 }
316 # CM tools (edit, diff, etc).
317 wiki_tools() {
318 cat << EOT
319 <div id="tools">
320 <a href="$script?edit=$d">$(gettext "Edit document")</a>
321 <a href="$script?diff=$d">$(gettext "Last diff")</a>
322 <a href="$script?log=$d">$(gettext "Activity")</a>
323 <a href="$script?dashboard">Dashboard</a>
324 $([ "$HG" == "yes" ] && echo "<a href='$script?hg'>Hg Log</a>")
325 </div>
326 EOT
327 }
329 # Get and display Gravatar image: get_gravatar email size
330 # Link to profile: <a href="http://www.gravatar.com/$md5">...</a>
331 get_gravatar() {
332 email=$1
333 size=$2
334 [ "$size" ] || size=48
335 url="http://www.gravatar.com/avatar"
336 md5=$(md5crypt $email)
337 echo "<img src='$url/$md5?d=identicon&s=$size' alt='∗' />"
338 }
340 # List hg logs
341 hg_log() {
342 cd $content
343 cat << EOT
344 <table>
345 <thead>
346 <td>$(gettext "User")</td>
347 <td>$(gettext "Description")</td>
348 <td>$(gettext "Revision")</td>
349 </thead>
350 EOT
351 hg log --template "<tr><td>{author}</td><td>{desc}</td><td>{rev}</td></tr>\n"
352 echo '</table>'
353 }
355 #
356 # POST actions
357 #
359 case " $(POST) " in
360 *\ auth\ *)
361 # Authenticate user. Create a session file in $sessions to be used
362 # by check_auth. We have the user login name and a peer session
363 # md5 string in the COOKIE.
364 user="$(POST auth)"
365 pass="$(md5crypt "$(POST pass)")"
366 valid=$(fgrep "${user}:" $AUTH_FILE | cut -d ":" -f 2)
367 if [ "$pass" == "$valid" ] && [ "$pass" != "" ]; then
368 md5session=$(echo -n "$$:$user:$pass:$$" | md5sum | awk '{print $1}')
369 [ -d $sessions ] || mkdir -p $sessions
370 echo "$md5session" > $sessions/$user
371 header "Location: $script" \
372 "Set-Cookie: auth=$user:$md5session; HttpOnly"
373 else
374 header "Location: $script?login&error"
375 fi ;;
376 *\ signup\ *)
377 # POST action for signup
378 name="$(POST name)"
379 user="$(POST user)"
380 mail="$(POST mail)"
381 pass="$(md5crypt "$(POST pass)")"
382 if ! grep "^${user}:" $AUTH_FILE; then
383 new_user_config
384 header "Location: $script?login"
385 else
386 header
387 html_header
388 user_box
389 echo "<h2>gettext "User already exists: $user"</h2>"
390 html_footer
391 fi ;;
392 esac
394 #
395 # Plugins
396 #
397 for p in $(ls -1 $plugins)
398 do
399 [ -f "$plugins/$p/$p.conf" ] && . $plugins/$p/$p.conf
400 [ -x "$plugins/$p/$p.cgi" ] && . $plugins/$p/$p.cgi
401 done
403 #
404 # GET actions
405 #
407 case " $(GET) " in
408 *\ edit\ *)
409 d="$(GET edit)"
410 header
411 html_header
412 user_box
413 get_lang
414 if check_auth; then
415 get_lang
416 cat << EOT
417 <h2>$(gettext "Edit $doc [ $i18n ]")</h2>
419 <div id="edit">
421 <form method="get" action="$script" name="editor">
422 <input type="hidden" name="save" value="$d" />
423 <textarea name="content">$(cat "$wiki/$d.txt")</textarea>
424 <input type="submit" value="$(gettext "Save document")" />
425 $(gettext "Code Helper:")
426 $(cat lib/jseditor.html)
427 </form>
429 </div>
430 EOT
431 else
432 gettext "You must be logged in to edit pages"
433 fi
434 html_footer ;;
436 *\ save\ *)
437 d="$(GET save)"
438 if check_auth; then
439 save_document
440 fi
441 header "Location: $script?d=$d" ;;
443 *\ log\ *)
444 d="$(GET log)"
445 header
446 html_header
447 user_box
448 get_lang
449 echo "<h2>$(gettext "Activity for:") <a href='$script?d=$d'>$d</a></h2>"
450 echo '<pre>'
451 if [ -f "$cache/$d/activity.log" ]; then
452 tac $cache/$d/activity.log
453 else
454 gettext "No log for: $d"; echo
455 fi
456 echo '</pre>'
457 if check_auth; then
458 wiki_tools
459 fi
460 html_footer ;;
462 *\ diff\ *)
463 d="$(GET diff)"
464 date="last"
465 header
466 html_header
467 user_box
468 get_lang
469 echo "<h2>$(gettext "Diff for:") <a href='$script?d=$d'>$d</a></h2>"
470 echo '<pre>'
471 if [ -f "$cache/$d/$date.diff" ]; then
472 cat $cache/$d/$date.diff | sed \
473 -e 's|&|\&|g' -e 's|<|\<|g' -e 's|>|\>|g' \
474 -e s"#^-\([^']*\).#<span style='color: red;'>\0</span>#"g \
475 -e s"#^+\([^']*\).#<span style='color: green;'>\0</span>#"g \
476 -e s"#@@\([^']*\)@@#<span style='color: blue;'>@@\1@@</span>#"g
477 else
478 gettext "No diff for: $d"; echo
479 fi
480 echo '</pre>'
481 if check_auth; then
482 wiki_tools
483 fi
484 html_footer ;;
486 *\ login\ *)
487 # The login page
488 d="Login"
489 [ "$(GET error)" ] && \
490 error="<p class="error">$(gettext "Bad login or pass")</p>"
491 header
492 html_header
493 user_box
494 login_page
495 html_footer ;;
497 *\ signup\ *)
498 # The login page
499 d="$(gettext "Sign Up")"
500 header
501 html_header
502 user_box
503 echo "<h2>$d</h2>"
504 if [ "$ONLINE_SIGNUP" == "yes" ]; then
505 signup_page
506 else
507 gettext "Online registration is disabled"
508 fi
509 html_footer ;;
511 *\ logout\ *)
512 # Set a Cookie in the past to logout.
513 expires="Expires=Wed, 01-Jan-1980 00:00:00 GMT"
514 if check_auth; then
515 rm -f "$sessions/$user"
516 header "Location: $script" "Set-Cookie: auth=none; $expires; HttpOnly"
517 fi ;;
519 *\ user\ *)
520 # User profile
521 d="$(GET user)"
522 header
523 html_header
524 user_box
525 . $PEOPLE/"$(GET user)"/account.conf
526 echo "<h2>$(get_gravatar $MAIL) $(GET user)</h2>"
527 loglines=$(fgrep $user $(find $cache -name *.log) | wc -l)
528 gettext "Activities:"; echo " $loglines"
529 if check_auth && [ "$(GET user)" == "$user" ]; then
530 auth_people
531 else
532 public_people
533 fi
534 html_footer ;;
536 *\ dashboard\ *)
537 # For now simply list plugins and users info. We could have a
538 # dashbord only for ADMINS found in the config file. The dashboard
539 # should also be a plugin.
540 d="Dashboard"
541 header
542 html_header
543 user_box
544 users=$(ls -1 $PEOPLE | wc -l)
545 docs=$(find $wiki -type f | wc -l)
546 wikisize="$(du -sh $wiki | awk '{print $1}')"
547 cachesize="$(du -sh $cache | awk '{print $1}')"
548 [ "$HG" != "yes" ] && hg=$(gettext "disabled")
549 [ "$HG" == "yes" ] && hg=$(gettext "enabled")
550 echo "<h2>$d</h2>"
551 if check_auth; then
552 cat << EOT
553 <pre>
554 Users : $users
555 Wiki : $docs ($wikisize)
556 Cache : $cachesize
557 Mercurial : $hg
558 </pre>
560 <h3>$(gettext "Plugins")</h3>
561 <pre>
562 EOT
563 for p in $(ls -1 $plugins)
564 do
565 . $plugins/$p/$p.conf
566 echo "<a href='?$p'>$PLUGIN</a> - $SHORT_DESC"
567 done
568 echo '</pre>'
569 else
570 gettext "You must be logged in to view the dashboard."
571 fi
572 html_footer ;;
574 *\ hg\ *)
575 header
576 [ "$HG" != "yes" ] && gettext "Hg is disabled" && exit 0
577 [ ! -x /usr/bin/hg ] && gettext "Hg is not installed" && exit 0
578 d="Hg Log"
579 html_header
580 user_box
581 echo "<h2>$d</h2>"
582 case " $(GET hg) " in
583 *\ init\ *)
584 if check_auth; then
585 [ -d "$content/.hg" ] && exit 0
586 echo '<pre>'
587 gettext "Executing: hg init"; echo
588 cd $content/ && hg init
589 echo '[hooks]' > .hg/hgrc
590 echo 'incoming = hg update' >> .hg/hgrc
591 gettext "Adding current content and committing"; echo
592 [ ! -f "$wiki/index.txt" ] && touch $wiki/$index.txt
593 hg add && hg commit -u "$NAME <$MAIL>" \
594 -m "Initial commit with curent content"
595 echo '</pre>' && cd ..
596 fi ;;
597 esac
598 hg_log
599 html_footer ;;
601 *)
602 # Display requested page
603 d="$(GET d)"
604 [ "$d" ] || d=$index
605 header
606 html_header
607 user_box
608 get_lang
609 # Generate a default index on first run.
610 if [ ! -f "$wiki/$index.txt" ]; then
611 default_index
612 fi
613 if [ ! -f "$wiki/$d.txt" ]; then
614 echo "<h2>$d</h2>"
615 gettext "The document does not exist. You can create it or read the"
616 echo " <a href='?d=en/help'>help</a>"
617 else
618 if fgrep -q NOWIKI $wiki/$d.txt; then
619 cat $wiki/$d.txt | sed '/NOWIKI/'d
620 else
621 cat $wiki/$d.txt | wiki_parser
622 fi
623 fi
624 if check_auth; then
625 wiki_tools
626 if [ "$HG" == "yes" ] && [ ! -d "$content/.hg" ]; then
627 echo '<p class="error box">'
628 gettext "Mercurial is enabled but no repository found"
629 echo ": <a href='?hg=init'>Hg init</a>"
630 echo '</p>'
631 fi
632 fi
633 html_footer ;;
634 esac
636 exit 0