diff --git a/website/agenda/add_comment.cgi b/website/agenda/add_comment.cgi
index 15dba18..4af930b 100755
--- a/website/agenda/add_comment.cgi
+++ b/website/agenda/add_comment.cgi
@@ -1,7 +1,9 @@
#!/usr/bin/perl
-use warnings;
use strict;
+use warnings;
+no warnings 'redefine';
+
use Data::Dumper;
use params();
@@ -15,75 +17,78 @@ use time();
binmode STDOUT, ":utf8";
-my $r=shift;
-(my $cgi, my $params, my $error)=params::get($r);
+my $r = shift;
+( my $cgi, my $params, my $error ) = params::get($r);
my $config = config::getFromScriptLocation();
my $debug = $config->{system}->{debug};
-my $request={
- url => $ENV{QUERY_STRING},
- params => {
- original => $params,
- checked => check_params($config, $params),
- },
- config => $config,
+my $request = {
+ url => $ENV{QUERY_STRING},
+ params => {
+ original => $params,
+ checked => check_params( $config, $params ),
+ },
+ config => $config,
};
-$params=$request->{params}->{checked};
+$params = $request->{params}->{checked};
print "Content-Type:text/plain\n\n";
-print STDERR "add comment: ".Dumper($params);
-my $comment =$params->{comment};
+print STDERR "add comment: " . Dumper($params);
+my $comment = $params->{comment};
-$config->{access}->{write}=1;
-my $dbh=db::connect($config,undef);
+$config->{access}->{write} = 1;
+my $dbh = db::connect( $config, undef );
print "ok\n";
-$comment->{content}=~s/(^|\s)((https?\:\/\/)(.*?))(\s|$|\<)/$1\$2\<\/a\>$5/g;
-$comment->{content}=~s/(^|\s)((https?\:\/\/)(.*?))(\s|$|\<)/$1\$2\<\/a\>$5/g;
-$comment->{content}=~s/(^|\s)((www\.)(.*?))(\s|$|\<)/$1\$2\<\/a\>$5/g; #"
-$comment->{content}=~s/(^|\s)((www\.)(.*?))(\s|$|\<)/$1\$2\<\/a\>$5/g; #"
+$comment->{content} =~ s/(^|\s)((https?\:\/\/)(.*?))(\s|$|\<)/$1\$2\<\/a\>$5/g;
+$comment->{content} =~ s/(^|\s)((https?\:\/\/)(.*?))(\s|$|\<)/$1\$2\<\/a\>$5/g;
+$comment->{content} =~ s/(^|\s)((www\.)(.*?))(\s|$|\<)/$1\$2\<\/a\>$5/g; #"
+$comment->{content} =~ s/(^|\s)((www\.)(.*?))(\s|$|\<)/$1\$2\<\/a\>$5/g; #"
-if (comments::check($dbh, $config, $comment)){
- my $nslookup=nslookup();
+if ( comments::check( $dbh, $config, $comment ) ) {
+ my $nslookup = nslookup();
#if (is_blocked($nslookup)==1){
# send_mail($comment, $nslookup, 'blocked');
# return;
#};
- $comment->{comment_id}=comments::insert($dbh, $config, $comment);
- if($comment->{comment_id}>0){
- comments::update_comment_count($dbh, $config, $comment);
- delete_cache($config);
- send_mail($comment, $nslookup, 'new');
+ $comment->{comment_id} = comments::insert( $dbh, $config, $comment );
+ if ( $comment->{comment_id} > 0 ) {
+ comments::update_comment_count( $dbh, $config, $comment );
+ send_mail( $comment, $nslookup, 'new' );
}
}
-sub is_blocked{
- my $nslookup=shift;
+sub is_blocked {
+ my $nslookup = shift;
- my $user_agent=$ENV{HTTP_USER_AGENT};
+ my $user_agent = $ENV{HTTP_USER_AGENT};
- my $block=0;
- $block = 1
- if ( ( $user_agent eq 'Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:35.0) Gecko/20100101 Firefox/35.0' )
- && ( $nslookup =~ /alicedsl/ ) );
+ my $block = 0;
+ $block = 1
+ if ( $user_agent eq 'Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:35.0) Gecko/20100101 Firefox/35.0' )
+ && ( $nslookup =~ /alicedsl/ );
+
+ $block = 1
+ if $user_agent eq
+'Mozilla/5.0 (Linux; Android 8.0.0; ANE-LX1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.99 Mobile Safari/537.36';
return $block;
}
-sub send_mail{
+sub send_mail {
my $comment = shift;
my $nslookup = shift;
my $status = shift || 'new';
- my $ip = $ENV{REMOTE_ADDR}||'';
- my $user_agent = $ENV{HTTP_USER_AGENT}||'';
- my $cookie = $ENV{HTTP_COOKIE}||'';
+ my $ip = $ENV{REMOTE_ADDR} || '';
+ my $user_agent = $ENV{HTTP_USER_AGENT} || '';
+ my $cookie = $ENV{HTTP_COOKIE} || '';
- my $from = 'no-reply@';
- my $to = 'info@';
+ my $from = 'no-reply@localhost';
+ my $to = 'info@localhost';
my $subject = "$status comment from '$comment->{author}': $comment->{content}";
my $content = "$status comment
@@ -93,20 +98,20 @@ EMAIL: $comment->{email}
CONTENT: '$comment->{content}'
view event
-https://piradio.de/programm/sendung/$comment->{event_id}.html#comments
+https://localhost/programm/sendung/$comment->{event_id}.html#comments
";
-if ($status eq 'new'){
- $content.="
+ if ( $status eq 'new' ) {
+ $content .= "
manage comments:
-https://piradio.de/agenda/planung/comment.cgi?project_id=1&studio_id=1
+https://localhost/agenda/planung/comment.cgi?project_id=1&studio_id=1
lock this comment
-https://piradio.de/agenda/planung/comment.cgi?event_id=$comment->{event_id}&comment_id=$comment->{comment_id}&set_lock_status=blocked
+https://localhost/agenda/planung/comment.cgi?event_id=$comment->{event_id}&comment_id=$comment->{comment_id}&set_lock_status=blocked
";
-}
+ }
-$content.=qq{
+ $content .= qq{
-----------------------------------------------------------
SENDER IP: $ip ($comment->{ip})
@@ -122,126 +127,99 @@ $nslookup
To => $to,
Subject => $subject,
Data => $content
- #.Dumper($comment)
);
$msg->send;
}
-sub nslookup{
- my $ip =$ENV{REMOTE_ADDR};
- my $nslookup='';
- if($ip=~/^([\d\.]+)$/){
- $ip=$1;
+sub nslookup {
+ my $ip = $ENV{REMOTE_ADDR};
+ my $nslookup = '';
+ if ( $ip =~ /^([\d\.]+)$/ ) {
+ $ip = $1;
return `nslookup '$ip'`;
}
return '';
}
-sub delete_cache{
- my $config=shift;
+sub check_params {
+ my $config = shift;
+ my $params = shift;
- unless($config->{locations}->{base_dir}=~/a-zA-Z/){
- print STDERR "add_comment.cgi: base_dir is not configured\n";
- return;
- }
- unless($config->{cache}->{cache_dir}=~/a-zA-Z/){
- print STDERR "add_comment.cgi: cache_dir is not configured\n";
- return;
- }
- unless($config->{controllers}->{comments}=~/a-zA-Z/){
- print STDERR "add_comment.cgi: contoller 'comments' is not configured\n";
- return;
+ my $template = template::check( $config, $params->{'template'}, 'comments.html' );
+
+ my $comment = {};
+
+ my $event_start = $params->{'event_start'} || '';
+ if ( $event_start =~ /^(\d\d\d\d\-\d\d\-\d\d[ T]\d\d\:\d\d)(\:\d\d)?$/ ) {
+ $comment->{event_start} = $1;
+ } else {
+ log::error( $config, 'add_comment.cgi: invalid date "' . $event_start . '"' );
}
- my $cache_dir=$config->{locations}->{base_dir}.'/'.$config->{cache}->{cache_dir}.'/';
+ my $event_id = $params->{'event_id'} || '';
+ if ( $event_id =~ /^(\d+)$/ ) {
+ $comment->{event_id} = $1;
+ } else {
+ log::error( $config, 'add_comment.cgi: invalid id' );
+ }
- my $widget_cache=$cache_dir.'/'.$config->{controllers}->{comments};
- `rm -f $widget_cache/*` if (-d $widget_cache);
+ my $parent_id = $params->{'parent_id'} || '';
+ if ( $parent_id =~ /^(\d+)$/ ) {
+ $comment->{parent_id} = $1;
+ } else {
+ $comment->{parent_id} = 0;
+ }
- my $aggregator_dir=$cache_dir.'/programm/'.$config->{controllers}->{comments};
- `rm -f $aggregator_dir/*` if (-d $aggregator_dir);
+ $comment->{content} = $params->{'content'} || '';
+ $comment->{content} = escape_text( $comment->{content} );
+ $comment->{content} = substr( $comment->{content}, 0, 1000 );
+ log::error( $config, 'add_comment.cgi: missing body' ) if ( $comment->{content} eq '' );
+
+ $comment->{author} = $params->{'author'} || '';
+ $comment->{author} = escape_text( $comment->{author} );
+ $comment->{author} = substr( $comment->{author}, 0, 40 );
+ log::error( $config, 'add_comment.cgi: missing name' ) if ( $comment->{author} eq '' );
+
+ $comment->{email} = $params->{'email'} || '';
+ $comment->{email} = escape_text( $comment->{email} );
+ $comment->{email} = substr( $comment->{email}, 0, 40 );
+
+ $comment->{title} = $params->{'title'} || '';
+ $comment->{title} = escape_text( $comment->{title} );
+ $comment->{title} = substr( $comment->{title}, 0, 80 );
+
+ $comment->{ip} = $ENV{REMOTE_ADDR} || '';
+ log::error( $config, 'missing ip' ) if ( $comment->{ip} eq '' );
+ $comment->{ip} = Digest::MD5::md5_base64( $comment->{ip} );
+
+ my $today = time::datetime_to_array( time::time_to_datetime() );
+ my $date = time::datetime_to_array( $comment->{event_start} );
+ my $delta_days = time::days_between( $today, $date );
+ log::error( $config, 'add_comment.cgi: no comments allowed, yet' )
+ if ( $delta_days > $config->{permissions}->{no_new_comments_before} );
+ log::error( $config, 'add_comment.cgi: no comments allowed anymore' )
+ if ( $delta_days < -1 * $config->{permissions}->{no_new_comments_after} );
+
+ return {
+ template => $template,
+ comment => $comment
+ };
}
-sub check_params{
- my $config=shift;
- my $params=shift;
+sub escape_text {
+ my $s = shift;
+ $s =~ s/^\s+//g;
+ $s =~ s/\s+$//g;
- my $template = template::check($config, $params->{'template'}, 'comments.html' );
-
- my $comment={};
-
- my $event_start=$params->{'event_start'}||'';
- if ($event_start=~/^(\d\d\d\d\-\d\d\-\d\d[ T]\d\d\:\d\d)(\:\d\d)?$/){
- $comment->{event_start}=$1;
- }else{
- log::error($config, 'add_comment.cgi: invalid date "'.$event_start.'"');
- }
-
- my $event_id=$params->{'event_id'}||'';
- if ($event_id=~/^(\d+)$/){
- $comment->{event_id}=$1;
- }else{
- log::error($config, 'add_comment.cgi: invalid id');
- }
-
- my $parent_id=$params->{'parent_id'}||'';
- if ($parent_id=~/^(\d+)$/){
- $comment->{parent_id}=$1;
- }else{
- $comment->{parent_id}=0;
- }
-
- $comment->{content}=$params->{'content'}||'';
- $comment->{content}=escape_text($comment->{content});
- $comment->{content}=substr($comment->{content},0,1000);
- log::error($config, 'add_comment.cgi: missing body') if ($comment->{content}eq'');
-
- $comment->{author}=$params->{'author'}||'';
- $comment->{author}=escape_text($comment->{author});
- $comment->{author}=substr($comment->{author},0,40);
- log::error($config, 'add_comment.cgi: missing name') if ($comment->{author}eq'');
-
- $comment->{email}=$params->{'email'}||'';
- $comment->{email}=escape_text($comment->{email});
- $comment->{email}=substr($comment->{email},0,40);
-
- $comment->{title}=$params->{'title'}||'';
- $comment->{title}=escape_text($comment->{title});
- $comment->{title}=substr($comment->{title},0,80);
-
- $comment->{ip}=$ENV{REMOTE_ADDR}||'';
- log::error($config, 'missing ip') if ($comment->{ip}eq'');
- $comment->{ip}=Digest::MD5::md5_base64($comment->{ip});
-
- my $today=time::datetime_to_array(time::time_to_datetime());
- my $date =time::datetime_to_array($comment->{event_start});
- my $delta_days=time::days_between($today,$date);
- log::error( $config, 'add_comment.cgi: no comments allowed, yet' )
- if ( $delta_days > $config->{permissions}->{no_new_comments_before} );
- log::error( $config, 'add_comment.cgi: no comments allowed anymore' )
- if ( $delta_days < -1 * $config->{permissions}->{no_new_comments_after} );
-
- return {
- template =>$template,
- comment =>$comment
- };
-}
-
-sub escape_text{
- my $s=shift;
- $s=~s/^\s+//g;
- $s=~s/\s+$//g;
-
- #remove broken HTML
- $s=~s/<[a-z\!\?\[\/][^\>]+?\>//gi;
- $s=~s/<[a-z\!\?\[\/]\>//gi;
+ #remove broken HTML
+ $s =~ s/<[a-z\!\?\[\/][^\>]+?\>//gi;
+ $s =~ s/<[a-z\!\?\[\/]\>//gi;
$s = markup::escapeHtml($s);
- $s=~s/[\n\r]+/\
/g;
- $s=~s/\
/\
\n/g;
- $s=~s/\
\s*$//g;
- return $s;
+ $s =~ s/[\n\r]+/\
/g;
+ $s =~ s/\
/\
\n/g;
+ $s =~ s/\
\s*$//g;
+ return $s;
}
-