input validation, db schema
This commit is contained in:
parent
f17e930ab4
commit
61de0371b1
|
@ -6,8 +6,11 @@ chown www:www /var/www/run
|
||||||
install -o www -g www -m 0400 httpd.conf /etc/
|
install -o www -g www -m 0400 httpd.conf /etc/
|
||||||
echo "permit nopass root as www" >> /etc/doas.conf
|
echo "permit nopass root as www" >> /etc/doas.conf
|
||||||
curl -L https://cpanmin.us | perl - App::cpanminus
|
curl -L https://cpanmin.us | perl - App::cpanminus
|
||||||
cpanm -l /var/www/perl5 FCGI Switch Template::Simple File::Slurp
|
cpanm -l /var/www/perl5 FCGI Switch Template::Simple File::Slurp Email::Valid
|
||||||
install -o www -g www -m 0500 tormon/* /var/www/tormon/
|
install -o www -g www -m 0500 tormon/* /var/www/tormon/
|
||||||
|
cat db.sql | sqlite3 /var/www/tormon.db
|
||||||
|
chown www:www /var/www/tormon.db
|
||||||
|
chmod 0600 /var/www/tormon.db
|
||||||
echo 'echo "Starting tormon" && doas -u www /var/www/tormon/tormon.fcgi &' >> /etc/rc.local
|
echo 'echo "Starting tormon" && doas -u www /var/www/tormon/tormon.fcgi &' >> /etc/rc.local
|
||||||
sh /etc/rc.local # assuming tormon is the only thing in rc.local
|
sh /etc/rc.local # assuming tormon is the only thing in rc.local
|
||||||
rcctl enable httpd
|
rcctl enable httpd
|
||||||
|
|
|
@ -0,0 +1,6 @@
|
||||||
|
create table users (
|
||||||
|
id int primary key not null,
|
||||||
|
email text not null,
|
||||||
|
confirmed int not null,
|
||||||
|
subscriptions text
|
||||||
|
);
|
|
@ -0,0 +1,2 @@
|
||||||
|
<h1>Error</h1>
|
||||||
|
The email address you entered does not appear to be valid. Please go back and try again.
|
|
@ -0,0 +1,2 @@
|
||||||
|
<h1>Error</h1>
|
||||||
|
The fingerprint you entered does not appear to be valid. Please go back and try again.
|
|
@ -0,0 +1,2 @@
|
||||||
|
<h1>Error</h1>
|
||||||
|
You did not answer the security question correctly. Please go back and try again.
|
|
@ -6,6 +6,7 @@ use FCGI;
|
||||||
use Switch;
|
use Switch;
|
||||||
use File::Slurp;
|
use File::Slurp;
|
||||||
use Template::Simple;
|
use Template::Simple;
|
||||||
|
use Email::Valid;
|
||||||
use FindBin qw($Bin);
|
use FindBin qw($Bin);
|
||||||
|
|
||||||
my $VERSION = "1.0";
|
my $VERSION = "1.0";
|
||||||
|
@ -34,17 +35,37 @@ while ($request->Accept() <= 0) {
|
||||||
my $code;
|
my $code;
|
||||||
|
|
||||||
switch ($ENV{"REQUEST_URI"}) {
|
switch ($ENV{"REQUEST_URI"}) {
|
||||||
case "/debug" {
|
|
||||||
# TODO - remove this, it's a security vulnerability
|
|
||||||
use Data::Dumper;
|
|
||||||
$content = "<textarea>" . Dumper(\%ENV) . "</textarea>";
|
|
||||||
$code = "\n"; # 200 OK
|
|
||||||
}
|
|
||||||
case "/" {
|
case "/" {
|
||||||
my $tt = read_file("$Bin/index.tt");
|
my $tt = read_file("$Bin/index.tt");
|
||||||
$content = ${ $tmpl->render($tt, {version => $VERSION}) };
|
$content = ${ $tmpl->render($tt, {version => $VERSION}) };
|
||||||
$code = "\n"; # 200 OK
|
$code = "\n"; # 200 OK
|
||||||
}
|
}
|
||||||
|
case "/subscribe" {
|
||||||
|
read STDIN, my $buf, $ENV{"CONTENT_LENGTH"};
|
||||||
|
my @pairs = split /&/, $buf;
|
||||||
|
my %input;
|
||||||
|
for (@pairs) {
|
||||||
|
$_ =~ s/\+/ /g;
|
||||||
|
$_ =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
||||||
|
my ($a, $b) = split '=', $_;
|
||||||
|
$input{$a} = $b;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!($input{"spam"} =~ m/London/i)) {
|
||||||
|
$content = read_file("$Bin/e_security.tt");
|
||||||
|
last;
|
||||||
|
}
|
||||||
|
if (!($input{"fp"} =~ m/^[A-F0-9]{40}$/)) {
|
||||||
|
$content = read_file("$Bin/e_fingerprint.tt");
|
||||||
|
last;
|
||||||
|
}
|
||||||
|
if (!Email::Valid->address($input{"email"})) {
|
||||||
|
$content = read_file("$Bin/e_email.tt");
|
||||||
|
last;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Add the email to database
|
||||||
|
}
|
||||||
else {
|
else {
|
||||||
my $tt = read_file("$Bin/error.tt");
|
my $tt = read_file("$Bin/error.tt");
|
||||||
$content = ${ $tmpl->render($tt, {err => 404}) };
|
$content = ${ $tmpl->render($tt, {err => 404}) };
|
||||||
|
|
Loading…
Reference in New Issue