3 # (Text::Template can't do -T, but no user input is used dangerously)
5 # $Id: shift.cgi,v 1.5 2002-07-10 01:08:49 ivan Exp $
7 # Copyright (C) 2000 Adam Gould
8 # Copyright (C) 2000 Michal Migurski
9 # Copyright (C) 2000 Ivan Kohler
10 # All rights reserved.
12 # This program is free software; you can redistribute it and/or modify it under
13 # the same terms as Perl itself.
16 # user-servicable parts
19 $template_file = '/var/www/www.420.am/staff/table.html';
20 $data_directory = '/var/www/www.420.am/staff/data';
21 #$mail_smtpserver = 'localhost'; # set blank to disable
22 $mail_smtpserver = ''; # set blank to disable
23 $mail_from = 'ivan-misconfigured-shift-from@420.am';
24 $mail_subject = 'Your shift has been replaced';
26 'ivan-misconfigured-shift-cc@420.am',
27 'ivan-misconfigured-shift-cc2@420.am'
31 Sorry, I don't have any more information. The person who installed the
32 staff sheet didn't customize this message.
37 # end of user-servicable parts
41 use vars qw( $template_file $data_directory $mail_smtpserver $mail_from
42 $mail_subject @mail_cc $mail_footer
43 $cgi $template %shifthash %warning @messages $magic );
44 use subs qw( form inputbox );
47 use CGI::Carp qw(fatalsToBrowser);
55 $template = new Text::Template (
57 SOURCE => $template_file,
58 ) or die "Can't create template for $template_file: $Text::Template::ERROR";
60 # fill in new data if provided
63 if ( $cgi->param() ) {
65 # kludge - grep for inputbox("field") in template to find valid form fields
66 # (DON'T get them from form submission - that's insecure!)
67 open (TEMPLATE_FILE,"<$template_file")
68 or die "Can't open template for $template_file: $!";
70 map { /inputbox\s*\(\s*([\'\"])(.*)\1\s*\)/; $2 }
71 #grep { /inputbox\s*\(\s*([\'\"])(.*)\1\s*\)/ }
72 grep { /inputbox\s*\(\s*([\'\"])(.*)\1\s*\);?\s*\}/ }
77 #foreach $_ ( @form_fields ) {
78 # warn "${_}_old undefined!" unless defined $cgi->param($_. '_old');
79 # warn "${_}_new undefined!" unless defined $cgi->param($_. '_new');
82 grep { $cgi->param($_. '_old') ne $cgi->param($_. '_new') } @form_fields;
86 local $SIG{HUP} = 'IGNORE';
87 local $SIG{INT} = 'IGNORE';
88 local $SIG{QUIT} = 'IGNORE';
89 local $SIG{TERM} = 'IGNORE';
90 local $SIG{TSTP} = 'IGNORE';
91 local $SIG{PIPE} = 'IGNORE';
93 #open(LOCKFILE,">>$data_directory/.lock")
94 open(LOCKFILE,"+<$data_directory/.lock")
95 or open(LOCKFILE,">>$data_directory/.lock")
96 or die "Can't open $data_directory/.lock: $!";
97 flock(LOCKFILE,LOCK_EX); #blocks until we have the lock
99 print LOCKFILE "$$ \n"; #superfluous
103 foreach my $field ( @diff_fields ) {
104 $shifthash{$field}='' unless defined $shifthash{$field};
105 if ( $shifthash{$field} eq $cgi->param($field. '_old') ) {
106 if ( $cgi->param($field. "_new") =~
107 /^\s*(\w[\w\s\.\'\-]{0,99}<?\s{0,9}(\w[\w\-\.\+]{0,99}\@(([\w\.\-]{1,99}\.){1,99}\w{1,99}))\s{0,9}>?)\s*$/
108 || $cgi->param($field. "_new") =~ /^\s*()$/
111 open(FILE,">$data_directory/.new.$field")
112 or die "Can't open file $data_directory/$field: $!";
115 rename "$data_directory/.new.$field", "$data_directory/$field";
116 $warning{$field} = '';
119 && $shifthash{$field} =~ /\b(\w[\w\-\.\+]*\@(([\w\.\-]+\.)+\w+))\b/
122 my $header = Mail::Header->new( [
125 "Cc: ". join(", ", @mail_cc),
126 "Sender: $mail_from",
127 "Reply-To: $mail_from",
128 "Date: ". time2str("%a, %d %b %Y %X %z", time),
129 "Subject: $mail_subject",
131 my $msg = Mail::Internet->new(
133 'Body' => [ map "$_\n",
136 "The \"$field\" shift you signed up for has been changed to",
139 split("\n", $mail_footer),
142 #send later - don't want to block on smtp while we have the lock
143 push @messages, $msg;
147 "WARNING: you tried to sign up for <B>$field</B>, but your entry ".
148 "<B>\"". $cgi->param($field. '_new').
149 "</B>\" does not contain a valid email address."
152 } elsif ( $shifthash{$field} eq $cgi->param($field. '_new') ) {
153 #somebody else made the same change (or you hit reload); no need to warn
154 $warning{$field} = '';
157 "WARNING: you tried to change <B>$field</B> from \"<B>".
158 $cgi->param($field. '_old').
160 $cgi->param($field. "_new").
161 "</B>\", but in the meantime someone changed it to: "
166 flock(LOCKFILE,LOCK_UN);
175 my $text = $template->fill_in()
176 or die "Can't fill in template for $template_file: $Text::Template::ERROR";
178 print $cgi->header, $text;
180 $ENV{SMTPHOSTS} = $mail_smtpserver;
181 $ENV{MAILADDRESS} = $mail_from;
182 foreach my $msg ( @messages ) {
189 opendir DATA_DIR, $data_directory
190 or die "Can't open directory $data_directory: $!";
192 open(FILE, "<$data_directory/$_")
193 or die "Can't open file $data_directory/$_: $!";
194 my $value = scalar(<FILE>) || '';
198 } grep { ! /^\.{1,2}(lock)?$/ } readdir(DATA_DIR);
202 # subroutines for the template
205 $magic = defined $cgi->param('__MAGIC') ? $cgi->param('__MAGIC') : '';
212 return $shifthash{$field} || " "
213 if $magic eq 'print';
214 $shifthash{$field}='' unless defined $shifthash{$field};
215 $warning{$field}='' unless defined $warning{$field};
218 -name => $field. '_old',
219 -default => $shifthash{$field},
224 -name => $field. '_new',
225 -default => $shifthash{$field},
233 "$warning{$_}<b>$shifthash{$_}</b>"