X-Git-Url: https://git.llucax.com/software/blitiri.git/blobdiff_plain/a5749f095f091ee8af98d0a92abea8276d1001e4..70a0afa4c3907cd348f4c5699897dfe992150567:/blitiri.cgi diff --git a/blitiri.cgi b/blitiri.cgi index 11a7df8..347d27a 100755 --- a/blitiri.cgi +++ b/blitiri.cgi @@ -14,6 +14,9 @@ # Directory where entries are stored data_path = "/tmp/blog/data" +# Are comments allowed? (if False, comments_path option is not used) +enable_comments = False + # Directory where comments are stored (must be writeable by the web server) comments_path = "/tmp/blog/comments" @@ -21,6 +24,12 @@ comments_path = "/tmp/blog/comments" # default templates. If they're not found, the built-in ones will be used. templates_path = "/tmp/blog/templates" +# Path where the cache is stored (must be writeable by the web server); +# set to None to disable. When enabled, you must take care of cleaning it up +# every once in a while. +#cache_path = "/tmp/blog/cache" +cache_path = None + # URL to the blog, including the name. Can be a full URL or just the path. blog_url = "/blog/blitiri.cgi" @@ -37,6 +46,34 @@ author = "Hartmut Kegan" # Article encoding encoding = "utf8" +# Captcha class +class Captcha (object): + def __init__(self, article): + self.article = article + words = article.title.split() + self.nword = hash(article.title) % len(words) % 5 + self.answer = words[self.nword] + self.help = 'gotcha, damn spam bot!' + + def get_puzzle(self): + nword = self.nword + 1 + if nword == 1: + n = '1st' + elif nword == 2: + n = '2nd' + elif nword == 3: + n = '3rd' + else: + n = str(nword) + 'th' + return "enter the %s word of the article's title" % n + puzzle = property(fget = get_puzzle) + + def validate(self, form_data): + if form_data.captcha.lower() == self.answer.lower(): + return True + return False + + # # End of configuration # DO *NOT* EDIT ANYTHING PAST HERE @@ -45,6 +82,8 @@ encoding = "utf8" import sys import os +import errno +import shutil import time import datetime import calendar @@ -52,6 +91,7 @@ import zlib import urllib import cgi from docutils.core import publish_parts +from docutils.utils import SystemMessage # Before importing the config, add our cwd to the Python path sys.path.append(os.getcwd()) @@ -118,7 +158,8 @@ default_article_header = """ %(uday)02d\ %(uhour)02d:%(uminute)02d)
tagged %(tags)s - - with %(comments)s comment(s) + with %(comments)s + comment(s)

@@ -134,7 +175,7 @@ default_comment_header = """

Comment #%(number)d

-by %(author)s +by %(linked_author)s on %(year)04d-%(month)02d-%(day)02d %(hour)02d:%(minute)02d

@@ -146,6 +187,57 @@ default_comment_footer = """
""" +default_comment_form = """ +
+ +

Your comment

+
+
+
+ + +
+
+ + +
+ like http://www.example.com/ + or mailto:you@example.com +
+
+
+ + +
%(captcha_puzzle)s
+
+
+ + +
+ in + \ +RestructuredText format, please +
+
+
+ +
+
+
+
+""" + +default_comment_error = '(%(error)s)' + # Default CSS default_css = """ @@ -230,6 +322,63 @@ div.comment { margin-bottom: 1em; } +div.comforminner { + margin-left: 2em; +} + +div.comform { + margin-left: 1em; + margin-bottom: 1em; +} + +div.comform label { + display: block; + border-bottom: 1px solid #99C; + margin-top: 0.5em; + clear: both; +} + +div.comform span.comformoptional { + font-size: xx-small; + color: #666; +} + +div.comform input { + font-size: small; + width: 99%; +} + +div.comformhelp { + font-size: xx-small; + text-align: right; + float: right; +} + +span.formurlexample { + color: #111; + background-color: #EEF; + font-family: monospace; + padding-left: 0.2em; + padding-right: 0.2em; +} + +textarea.comformbody { + font-family: monospace; + font-size: small; + width: 99%; + height: 15em; +} + +button.comformsend { + margin-top: 0.5em; +} + +span.comformerror { + color: #900; + font-size: xx-small; + margin-left: 0.5em; +} + hr { float: left; height: 2px; @@ -261,15 +410,79 @@ div.section h1 { """ + +# Cache decorator +# It only works if the function is pure (that is, its return value depends +# only on its arguments), and if all the arguments are hash()eable. +def cached(f): + # do not decorate if the cache is disabled + if cache_path is None: + return f + + def decorate(*args, **kwargs): + hashes = '-'.join( str(hash(x)) for x in args + + tuple(kwargs.items()) ) + fname = 'blitiri.%s.%s.cache' % (f.__name__, hashes) + cache_file = os.path.join(cache_path, fname) + try: + s = open(cache_file).read() + except: + s = f(*args, **kwargs) + open(cache_file, 'w').write(s) + return s + + return decorate + + # helper functions -def rst_to_html(rst): +def rst_to_html(rst, secure = True): settings = { 'input_encoding': encoding, 'output_encoding': 'utf8', + 'halt_level': 1, + 'traceback': 1, + 'file_insertion_enabled': secure, + 'raw_enabled': secure, } parts = publish_parts(rst, settings_overrides = settings, writer_name = "html") return parts['body'].encode('utf8') +rst_to_html = cached(rst_to_html) + +def validate_rst(rst, secure = True): + try: + rst_to_html(rst, secure) + return None + except SystemMessage, e: + desc = e.args[0].encode('utf-8') # the error string + desc = desc[9:] # remove ":" + line = int(desc[:desc.find(':')] or 0) # get the line number + desc = desc[desc.find(')')+2:-1] # remove (LEVEL/N) + try: + desc, context = desc.split('\n', 1) + except ValueError: + context = '' + if desc.endswith('.'): + desc = desc[:-1] + return (line, desc, context) + +def valid_link(link): + import re + mail_re = r"^[^ \t\n\r@<>()]+@[a-z0-9][a-z0-9\.\-_]*\.[a-z]+$" + scheme_re = r'^[a-zA-Z]+:' + url_re = r'^(?:[a-z0-9\-]+|[a-z0-9][a-z0-9\-\.\_]*\.[a-z]+)' \ + r'(?::[0-9]+)?(?:/.*)?$' + scheme = '' + rest = link + if re.match(scheme_re, link, re.I): + scheme, rest = link.split(':', 1) + if (not scheme or scheme == 'mailto') and re.match(mail_re, rest, re.I): + return 'mailto:' + link + if not scheme and re.match(url_re, rest, re.I): + return 'http://' + rest + if scheme: + return link + return None def sanitize(obj): if isinstance(obj, basestring): @@ -337,13 +550,66 @@ class Templates (object): 'art_footer', default_article_footer, article.to_vars()) def get_comment_header(self, comment): + vars = comment.to_vars() + if comment.link: + vars['linked_author'] = '%s' \ + % (comment.link, comment.author) + else: + vars['linked_author'] = comment.author return self.get_template( - 'com_header', default_comment_header, comment.to_vars()) + 'com_header', default_comment_header, vars) def get_comment_footer(self, comment): return self.get_template( 'com_footer', default_comment_footer, comment.to_vars()) + def get_comment_form(self, article, form_data, captcha_puzzle): + vars = article.to_vars() + vars.update(form_data.to_vars(self)) + vars['captcha_puzzle'] = captcha_puzzle + return self.get_template( + 'com_form', default_comment_form, vars) + + def get_comment_error(self, error): + return self.get_template( + 'com_error', default_comment_error, dict(error=error)) + + +class CommentFormData (object): + def __init__(self, author = '', link = '', captcha = '', body = ''): + self.author = author + self.link = link + self.captcha = captcha + self.body = body + self.author_error = '' + self.link_error = '' + self.captcha_error = '' + self.body_error = '' + self.action = '' + self.method = 'post' + + def to_vars(self, template): + render_error = template.get_comment_error + a_error = self.author_error and render_error(self.author_error) + l_error = self.link_error and render_error(self.link_error) + c_error = self.captcha_error \ + and render_error(self.captcha_error) + b_error = self.body_error and render_error(self.body_error) + return { + 'form_author': sanitize(self.author), + 'form_link': sanitize(self.link), + 'form_captcha': sanitize(self.captcha), + 'form_body': sanitize(self.body), + + 'form_author_error': a_error, + 'form_link_error': l_error, + 'form_captcha_error': c_error, + 'form_body_error': b_error, + + 'form_action': self.action, + 'form_method': self.method, + } + class Comment (object): def __init__(self, article, number, created = None): @@ -381,6 +647,14 @@ class Comment (object): raw_content = property(fget = get_raw_content) + def set(self, author, raw_content, link = '', created = None): + self.loaded = True + self._author = author + self._raw_content = raw_content + self._link = link + self.created = created or datetime.datetime.now() + + def load(self): filename = os.path.join(comments_path, self.article.uuid, str(self.number)) @@ -404,6 +678,19 @@ class Comment (object): self._raw_content = ''.join(raw[count + 1:]) self.loaded = True + def save(self): + filename = os.path.join(comments_path, self.article.uuid, + str(self.number)) + try: + f = open(filename, 'w') + f.write('Author: %s\n' % self.author) + f.write('Link: %s\n' % self.link) + f.write('\n') + f.write(self.raw_content) + except: + return + + def to_html(self): return rst_to_html(self.raw_content) @@ -529,6 +816,13 @@ class Article (object): return cmp(self.title, other.title) + def add_comment(self, author, raw_content, link = ''): + c = Comment(self, len(self.comments)) + c.set(author, raw_content, link) + self.comments.append(c) + return c + + def load(self): # XXX this tweak is only needed for old DB format, where # article's paths started with a slash @@ -685,23 +979,35 @@ class ArticleDB (object): # Main # - -def render_html(articles, db, actyear = None, show_comments = False): +def render_comments(article, template, form_data): + print '' + for c in article.comments: + if c is None: + continue + print template.get_comment_header(c) + print c.to_html() + print template.get_comment_footer(c) + if not form_data: + form_data = CommentFormData() + form_data.action = blog_url + '/comment/' + article.uuid + '#comment' + captcha = Captcha(article) + print template.get_comment_form(article, form_data, captcha.puzzle) + +def render_html(articles, db, actyear = None, show_comments = False, + redirect = None, form_data = None): + if redirect: + print 'Status: 303 See Other\r\n', + print 'Location: %s\r\n' % redirect, + print 'Content-type: text/html; charset=utf-8\r\n', + print '\r\n', template = Templates(templates_path, db, actyear) - print 'Content-type: text/html; charset=utf-8\n' print template.get_main_header() for a in articles: print template.get_article_header(a) print a.to_html() print template.get_article_footer(a) if show_comments: - print '' - for c in a.comments: - if c is None: - continue - print template.get_comment_header(c) - print c.to_html() - print template.get_comment_footer(c) + render_comments(a, template, form_data) print template.get_main_footer() def render_artlist(articles, db, actyear = None): @@ -781,7 +1087,9 @@ def handle_cgi(): atom = False style = False post = False + post_preview = False artlist = False + comment = False if os.environ.has_key('PATH_INFO'): path_info = os.environ['PATH_INFO'] @@ -789,9 +1097,11 @@ def handle_cgi(): atom = path_info == '/atom' tag = path_info.startswith('/tag/') post = path_info.startswith('/post/') + post_preview = path_info.startswith('/preview/post/') artlist = path_info.startswith('/list') - if not style and not atom and not post and not tag \ - and not artlist: + comment = path_info.startswith('/comment/') and enable_comments + if not style and not atom and not post and not post_preview \ + and not tag and not comment and not artlist: date = path_info.split('/')[1:] try: if len(date) > 1 and date[0]: @@ -805,11 +1115,28 @@ def handle_cgi(): elif post: uuid = path_info.replace('/post/', '') uuid = uuid.replace('/', '') + elif post_preview: + art_path = path_info.replace('/preview/post/', '') + art_path = urllib.unquote_plus(art_path) + art_path = os.path.join(data_path, art_path) + art_path = os.path.realpath(art_path) + common = os.path.commonprefix([data_path, art_path]) + if common != data_path: # something nasty happened + post_preview = False + art_path = art_path[len(data_path)+1:] elif tag: t = path_info.replace('/tag/', '') t = t.replace('/', '') t = urllib.unquote_plus(t) tags = set((t,)) + elif comment: + uuid = path_info.replace('/comment/', '') + uuid = uuid.replace('#comment', '') + uuid = uuid.replace('/', '') + author = form.getfirst('comformauthor', '') + link = form.getfirst('comformlink', '') + captcha = form.getfirst('comformcaptcha', '') + body = form.getfirst('comformbody', '') db = ArticleDB(os.path.join(data_path, 'db')) if atom: @@ -819,11 +1146,61 @@ def handle_cgi(): elif style: render_style() elif post: - render_html( [db.get_article(uuid)], db, year, True ) + render_html( [db.get_article(uuid)], db, year, enable_comments ) + elif post_preview: + article = Article(art_path, datetime.datetime.now(), + datetime.datetime.now()) + render_html( [article], db, year, enable_comments ) elif artlist: articles = db.get_articles() articles.sort(cmp = Article.title_cmp) render_artlist(articles, db) + elif comment: + form_data = CommentFormData(author.strip().replace('\n', ' '), + link.strip().replace('\n', ' '), captcha, + body.replace('\r', '')) + article = db.get_article(uuid) + captcha = Captcha(article) + redirect = False + valid = True + if not form_data.author: + form_data.author_error = 'please, enter your name' + valid = False + if form_data.link: + link = valid_link(form_data.link) + if link: + form_data.link = link + else: + form_data.link_error = 'please, enter a ' \ + 'valid link' + valid = False + if not captcha.validate(form_data): + form_data.captcha_error = captcha.help + valid = False + if not form_data.body: + form_data.body_error = 'please, write a comment' + valid = False + else: + error = validate_rst(form_data.body, secure=False) + if error is not None: + (line, desc, ctx) = error + at = '' + if line: + at = ' at line %d' % line + form_data.body_error = 'error%s: %s' \ + % (at, desc) + valid = False + if valid: + c = article.add_comment(form_data.author, + form_data.body, form_data.link) + c.save() + cdb = CommentDB(article) + cdb.comments = article.comments + cdb.save() + redirect = blog_url + '/post/' + uuid + '#comment-' \ + + str(c.number) + render_html( [article], db, year, enable_comments, redirect, + form_data ) else: articles = db.get_articles(year, month, day, tags) articles.sort(reverse = True) @@ -863,6 +1240,17 @@ def handle_cmd(): return 1 db.articles.append(article) db.save() + if enable_comments: + comment_dir = os.path.join(comments_path, article.uuid) + try: + os.mkdir(comment_dir, 0775) + except OSError, e: + if e.errno != errno.EEXIST: + print "Error: can't create comments " \ + "directory %s (%s)" \ + % (comment_dir, e) + # otherwise is probably a removed and re-added + # article elif cmd == 'rm': article = Article(art_path) for a in db.articles: @@ -871,8 +1259,12 @@ def handle_cmd(): else: print "Error: no such article" return 1 + if enable_comments: + r = raw_input('Remove comments [y/N]? ') db.articles.remove(a) db.save() + if enable_comments and r.lower() == 'y': + shutil.rmtree(os.path.join(comments_path, a.uuid)) elif cmd == 'update': article = Article(art_path) for a in db.articles: @@ -891,7 +1283,10 @@ def handle_cmd(): if os.environ.has_key('GATEWAY_INTERFACE'): + i = datetime.datetime.now() handle_cgi() + f = datetime.datetime.now() + print '' % (f-i) else: sys.exit(handle_cmd())