3 # (Text::Template can't do -T, but no user input is used dangerously)
5 # $Id: shift.cgi,v 1.6 2003-07-30 22:16:36 ivan Exp $
7 # Copyright (C) 2000 Adam Gould
8 # Copyright (C) 2000 Michal Migurski
9 # Copyright (C) 2000 Ivan Kohler
10 # All rights reserved.
12 # This program is free software; you can redistribute it and/or modify it under
13 # the same terms as Perl itself.
16 # user-servicable parts
19 $template_file = '/var/www/www.420.am/staff/table.html';
20 $data_directory = '/var/www/www.420.am/staff/data';
21 #$mail_smtpserver = 'localhost'; # set blank to disable
22 $mail_smtpserver = ''; # set blank to disable
23 $mail_from = 'ivan-misconfigured-shift-from@420.am';
24 $mail_subject = 'Your shift has been replaced';
26 'ivan-misconfigured-shift-cc@420.am',
27 'ivan-misconfigured-shift-cc2@420.am'
31 Sorry, I don't have any more information. The person who installed the
32 staff sheet didn't customize this message.
37 # end of user-servicable parts
41 use vars qw( $template_file $data_directory $mail_smtpserver $mail_from
42 $mail_subject @mail_cc $mail_footer
43 $cgi $template %shifthash %warning @messages $magic );
44 use subs qw( form inputbox );
47 use CGI::Carp qw(fatalsToBrowser);
56 $template = new Text::Template (
58 SOURCE => $template_file,
59 ) or die "Can't create template for $template_file: $Text::Template::ERROR";
61 # fill in new data if provided
64 if ( $cgi->param() ) {
66 # kludge - grep for inputbox("field") in template to find valid form fields
67 # (DON'T get them from form submission - that's insecure!)
68 open (TEMPLATE_FILE,"<$template_file")
69 or die "Can't open template for $template_file: $!";
71 map { /inputbox\s*\(\s*([\'\"])(.*)\1\s*\)/; $2 }
72 #grep { /inputbox\s*\(\s*([\'\"])(.*)\1\s*\)/ }
73 grep { /inputbox\s*\(\s*([\'\"])(.*)\1\s*\);?\s*\}/ }
78 #foreach $_ ( @form_fields ) {
79 # warn "${_}_old undefined!" unless defined $cgi->param($_. '_old');
80 # warn "${_}_new undefined!" unless defined $cgi->param($_. '_new');
83 grep { $cgi->param($_. '_old') ne $cgi->param($_. '_new') } @form_fields;
87 local $SIG{HUP} = 'IGNORE';
88 local $SIG{INT} = 'IGNORE';
89 local $SIG{QUIT} = 'IGNORE';
90 local $SIG{TERM} = 'IGNORE';
91 local $SIG{TSTP} = 'IGNORE';
92 local $SIG{PIPE} = 'IGNORE';
94 #open(LOCKFILE,">>$data_directory/.lock")
95 open(LOCKFILE,"+<$data_directory/.lock")
96 or open(LOCKFILE,">>$data_directory/.lock")
97 or die "Can't open $data_directory/.lock: $!";
98 flock(LOCKFILE,LOCK_EX); #blocks until we have the lock
100 print LOCKFILE "$$ \n"; #superfluous
104 foreach my $field ( @diff_fields ) {
105 $shifthash{$field}='' unless defined $shifthash{$field};
106 if ( $shifthash{$field} eq $cgi->param($field. '_old') ) {
107 if ( $cgi->param($field. "_new") =~
108 /^\s*(\w[\w\s\.\'\-]{0,99}<?\s{0,9}(\w[\w\-\.\+]{0,99}\@(([\w\.\-]{1,99}\.){1,99}\w{1,99}))\s{0,9}>?)\s*$/
109 || $cgi->param($field. "_new") =~ /^\s*()$/
112 open(FILE,">$data_directory/.new.$field")
113 or die "Can't open file $data_directory/$field: $!";
116 rename "$data_directory/.new.$field", "$data_directory/$field";
117 $warning{$field} = '';
120 && $shifthash{$field} =~ /\b(\w[\w\-\.\+]*\@(([\w\.\-]+\.)+\w+))\b/
123 my $header = Mail::Header->new( [
126 "Cc: ". join(", ", @mail_cc),
127 "Sender: $mail_from",
128 "Reply-To: $mail_from",
129 "Date: ". time2str("%a, %d %b %Y %X %z", time),
130 "Subject: $mail_subject",
132 my $msg = Mail::Internet->new(
134 'Body' => [ map "$_\n",
137 "The \"$field\" shift you signed up for has been changed to",
140 split("\n", $mail_footer),
143 #send later - don't want to block on smtp while we have the lock
144 push @messages, $msg;
148 "WARNING: you tried to sign up for <B>$field</B>, but your entry ".
149 "<B>\"". $cgi->param($field. '_new').
150 "</B>\" does not contain a valid email address."
153 } elsif ( $shifthash{$field} eq $cgi->param($field. '_new') ) {
154 #somebody else made the same change (or you hit reload); no need to warn
155 $warning{$field} = '';
158 "WARNING: you tried to change <B>$field</B> from \"<B>".
159 $cgi->param($field. '_old').
161 $cgi->param($field. "_new").
162 "</B>\", but in the meantime someone changed it to: "
167 flock(LOCKFILE,LOCK_UN);
176 my $text = $template->fill_in()
177 or die "Can't fill in template for $template_file: $Text::Template::ERROR";
179 print $cgi->header, $text;
181 $ENV{SMTPHOSTS} = $mail_smtpserver;
182 $ENV{MAILADDRESS} = $mail_from;
183 foreach my $msg ( @messages ) {
190 opendir DATA_DIR, $data_directory
191 or die "Can't open directory $data_directory: $!";
193 open(FILE, "<$data_directory/$_")
194 or die "Can't open file $data_directory/$_: $!";
195 my $value = scalar(<FILE>) || '';
199 } grep { ! /^\.{1,2}(lock)?$/ } readdir(DATA_DIR);
203 # subroutines for the template
206 $magic = defined $cgi->param('__MAGIC') ? $cgi->param('__MAGIC') : '';
213 return encode_entities($shifthash{$field}) || " "
214 if $magic eq 'print';
215 $shifthash{$field}='' unless defined $shifthash{$field};
216 $warning{$field}='' unless defined $warning{$field};
219 -name => $field. '_old',
220 -default => $shifthash{$field},
225 -name => $field. '_new',
226 -default => $shifthash{$field},
234 "$warning{$_}<b>$shifthash{$_}</b>"