' def print_result(form,flist) : print '' print '
Your information has been submitted.
' if flist!=[] : xdatah = string.maketrans("\x00\x01\xff\t\n\b\r<>"," ") print '| ' + f + ': | ' print ' | ' + string.translate(form[f],xdatah)[:g_vlimit] + ' |
' print '
Fileform ' + g_version + '
' print '' print '' # Go through a list of e-mail addresses and make sure they follow # our rules def check_addr(alist) : nlist = [] for addr in alist : if addr[-len(g_domain):]==g_domain and string.count(addr,"@")==1 : nlist.append(addr) return nlist # Make an RFC822 To header from a list of addresses def maketo(alist) : header = "To: " + string.join(alist, ", ") return header # The main routine! def Main() : # # Get info about our environment # env = os.environ k = "USER" if env.has_key(k) : user = env[k] else : k = "SCRIPT_NAME" if env.has_key(k) : user = string.split(env[k],"/")[-2] else : user = "noone" k = "REMOTE_HOST" if env.has_key(k) : client = env[k] else : k = "REMOTE_ADDR" if env.has_key(k) : client = env[k] else : client = "[none]" k = "HTTP_HOST" if env.has_key(k) : server = env["HTTP_HOST"] else : server = "[none]" k = "HTTP_REFERER" if env.has_key(k) : referurl = env[k] else : referurl = "[none]" # # Set up a few more things we'll need # referparts = urlparse.urlparse(referurl) useraddr = user + "@" + server xaddr = string.maketrans("\x00\x01\xff\t\n\b\r:%!,","__________ ") xdataf = string.maketrans("\x00\x01\xff\t\n\b", "______") xdatam = string.maketrans("\x00\x01\xff\t\n\b\r","____ _ ") xfile = string.maketrans("\x00\x01\xff\t\n\b\f\r/:\\","___________") xlist = string.maketrans("\x00\x01\xff\t\n\f\r/:\\\"',."," ") n = string.find(referparts[1],":") if n>=0 : h = string.split(referparts[1],":") referhost = h[0] else : referhost = referparts[1] # # The referring URL must end with the domain specified in the # global variable (g_domain) or we do nothing at all # if referhost[-len(g_domain):]==g_domain : print_header() # Start the result web page as # soon as possible to caputure # unanticpated errors form = cgi.SvFormContentDict() # Get the CGI variables fields = form.keys() # Get the form fields and sort 'em fields.sort() # Some fields are for us, some are data echolist = [] notifylist = [] outname = "" maillist = [] fieldlist = [] for f in fields : ft = string.lower(f) if ft=="echo" : echolist = string.split(string.translate(form[f],xlist)) if ft=="fields" : fieldlist = string.split(string.translate(form[f],xlist)) elif ft=="file" : outname = string.translate(form[f],xfile) elif ft=="mail" : maillist = check_addr(string.split(string.translate(form[f],xaddr))) elif ft=="next" : dummy = form[f] elif ft=="notify" : notifylist = check_addr(string.split(string.translate(form[f],xaddr))) else : dummy = form[f] if fieldlist==[] : fieldlist = fields if echolist!=[] : if echolist[0]=="all" : echolist = fieldlist timestamp = time.strftime('%Y.%m.%d %X',time.localtime(time.time())) # If the file field supplied a file name we'll be appending to a # disk file if outname!="" : outname = outname + ".data" outfile = open(outname,'a') outno = outfile.fileno() fcntl.flock(outno,2) # Be sure and lock out everybody else! out = [] out.append(timestamp + "\t") out.append(client + "\t") out.append(urllib.quote(referurl) + "\t") for f in fieldlist : ft = string.lower(f) if ft=="echo" : dummy = form[f] elif ft=="field" : dummy = form[f] elif ft=="file" : dummy = form[f] elif ft=="next" : dummy = form[f] elif ft=="notify" : dummy = form[f] elif form.has_key(f) : out.append(string.translate(form[f],xdataf)[:g_vlimit] + "\t") else : out.append("\t") out.append(os.linesep) for o in out: outfile.write(o) fcntl.flock(outno,8) outfile.close() # If the mail field supplied one or more addresses we'll be sending the # data via e-mail if maillist!=[] : text = maketo(maillist) + "\n" text = text + "Subject: Fileform submission data\n" text = text + "X-Fileform: " + g_version + "\n" text = text + "\n" text = text + "\n timestamp: " + timestamp text = text + "\n client: " + client text = text + "\n referurl: " + urllib.quote(referurl) for f in fieldlist : ft = string.lower(f) if ft=="echo" : dummy = form[f] elif ft=="field" : dummy = form[f] elif ft=="file" : dummy = form[f] elif ft=="mail" : dummy = form[f] elif ft=="next" : dummy = form[f] elif ft=="notify" : dummy = form[f] elif form.has_key(f) : text = text + "\n " + ft + ": " + string.translate(form[f],xdatam)[:g_vlimit] else : text = text + "\n " + ft + ": " mserver = smtplib.SMTP("localhost") results = mserver.sendmail(useraddr,maillist,text) mserver.quit() # If the notify field supplied one or more addresses we'll be sending them # notification if notifylist!=[] : text = maketo(notifylist) + "\n" text = text + "Subject: Fileform submission notice\n" text = text + "X-Fileform: " + g_version + "\n" text = text + "\n" text = text + "Form submission from " + client + "!" mserver = smtplib.SMTP("localhost") results = mserver.sendmail(useraddr,notifylist,text) mserver.quit() print_result(form,echolist) print_footer() Main()