X-Git-Url: https://git.llucax.com/software/blitiri.git/blobdiff_plain/abb8358a1515ae8cec441218d39a8838d538d68d..70a0afa4c3907cd348f4c5699897dfe992150567:/blitiri.cgi?ds=sidebyside
diff --git a/blitiri.cgi b/blitiri.cgi
index 99ea7a7..347d27a 100755
--- a/blitiri.cgi
+++ b/blitiri.cgi
@@ -14,10 +14,22 @@
# Directory where entries are stored
data_path = "/tmp/blog/data"
+# Are comments allowed? (if False, comments_path option is not used)
+enable_comments = False
+
+# Directory where comments are stored (must be writeable by the web server)
+comments_path = "/tmp/blog/comments"
+
# Path where templates are stored. Use an empty string for the built-in
# default templates. If they're not found, the built-in ones will be used.
templates_path = "/tmp/blog/templates"
+# Path where the cache is stored (must be writeable by the web server);
+# set to None to disable. When enabled, you must take care of cleaning it up
+# every once in a while.
+#cache_path = "/tmp/blog/cache"
+cache_path = None
+
# URL to the blog, including the name. Can be a full URL or just the path.
blog_url = "/blog/blitiri.cgi"
@@ -34,6 +46,34 @@ author = "Hartmut Kegan"
# Article encoding
encoding = "utf8"
+# Captcha class
+class Captcha (object):
+ def __init__(self, article):
+ self.article = article
+ words = article.title.split()
+ self.nword = hash(article.title) % len(words) % 5
+ self.answer = words[self.nword]
+ self.help = 'gotcha, damn spam bot!'
+
+ def get_puzzle(self):
+ nword = self.nword + 1
+ if nword == 1:
+ n = '1st'
+ elif nword == 2:
+ n = '2nd'
+ elif nword == 3:
+ n = '3rd'
+ else:
+ n = str(nword) + 'th'
+ return "enter the %s word of the article's title" % n
+ puzzle = property(fget = get_puzzle)
+
+ def validate(self, form_data):
+ if form_data.captcha.lower() == self.answer.lower():
+ return True
+ return False
+
+
#
# End of configuration
# DO *NOT* EDIT ANYTHING PAST HERE
@@ -42,6 +82,8 @@ encoding = "utf8"
import sys
import os
+import errno
+import shutil
import time
import datetime
import calendar
@@ -49,6 +91,7 @@ import zlib
import urllib
import cgi
from docutils.core import publish_parts
+from docutils.utils import SystemMessage
# Before importing the config, add our cwd to the Python path
sys.path.append(os.getcwd())
@@ -114,7 +157,9 @@ default_article_header = """
%(umonth)02d-\
%(uday)02d\
%(uhour)02d:%(uminute)02d)
- tagged %(tags)s
+ tagged %(tags)s -
+
@@ -126,6 +171,74 @@ default_article_footer = """
"""
+default_comment_header = """
+
+"""
+
+default_comment_form = """
+
+"""
+
+default_comment_error = '(%(error)s)'
+
+
# Default CSS
default_css = """
body {
@@ -152,7 +265,14 @@ h2 {
border-bottom: 1px solid #99C;
}
-h1 a, h2 a {
+h3 {
+ font-size: small;
+ font-weigth: none;
+ margin-bottom: 1pt;
+ border-bottom: 1px solid #99C;
+}
+
+h1 a, h2 a, h3 a {
text-decoration: none;
color: black;
}
@@ -179,6 +299,94 @@ div.article {
margin-bottom: 2em;
}
+span.cominfo {
+ font-size: xx-small;
+}
+
+span.cominfo a {
+ text-decoration: none;
+ color: #339;
+}
+
+span.cominfo a:hover {
+ text-decoration: none;
+ color: blue;
+}
+
+div.combody {
+ margin-left: 2em;
+}
+
+div.comment {
+ margin-left: 1em;
+ margin-bottom: 1em;
+}
+
+div.comforminner {
+ margin-left: 2em;
+}
+
+div.comform {
+ margin-left: 1em;
+ margin-bottom: 1em;
+}
+
+div.comform label {
+ display: block;
+ border-bottom: 1px solid #99C;
+ margin-top: 0.5em;
+ clear: both;
+}
+
+div.comform span.comformoptional {
+ font-size: xx-small;
+ color: #666;
+}
+
+div.comform input {
+ font-size: small;
+ width: 99%;
+}
+
+div.comformhelp {
+ font-size: xx-small;
+ text-align: right;
+ float: right;
+}
+
+span.formurlexample {
+ color: #111;
+ background-color: #EEF;
+ font-family: monospace;
+ padding-left: 0.2em;
+ padding-right: 0.2em;
+}
+
+textarea.comformbody {
+ font-family: monospace;
+ font-size: small;
+ width: 99%;
+ height: 15em;
+}
+
+button.comformsend {
+ margin-top: 0.5em;
+}
+
+span.comformerror {
+ color: #900;
+ font-size: xx-small;
+ margin-left: 0.5em;
+}
+
+hr {
+ float: left;
+ height: 2px;
+ border: 0;
+ background-color: #99F;
+ width: 60%;
+}
+
div.footer {
margin-top: 1em;
padding-top: 0.4em;
@@ -202,15 +410,79 @@ div.section h1 {
"""
+
+# Cache decorator
+# It only works if the function is pure (that is, its return value depends
+# only on its arguments), and if all the arguments are hash()eable.
+def cached(f):
+ # do not decorate if the cache is disabled
+ if cache_path is None:
+ return f
+
+ def decorate(*args, **kwargs):
+ hashes = '-'.join( str(hash(x)) for x in args +
+ tuple(kwargs.items()) )
+ fname = 'blitiri.%s.%s.cache' % (f.__name__, hashes)
+ cache_file = os.path.join(cache_path, fname)
+ try:
+ s = open(cache_file).read()
+ except:
+ s = f(*args, **kwargs)
+ open(cache_file, 'w').write(s)
+ return s
+
+ return decorate
+
+
# helper functions
-def rst_to_html(rst):
+def rst_to_html(rst, secure = True):
settings = {
'input_encoding': encoding,
'output_encoding': 'utf8',
+ 'halt_level': 1,
+ 'traceback': 1,
+ 'file_insertion_enabled': secure,
+ 'raw_enabled': secure,
}
parts = publish_parts(rst, settings_overrides = settings,
writer_name = "html")
return parts['body'].encode('utf8')
+rst_to_html = cached(rst_to_html)
+
+def validate_rst(rst, secure = True):
+ try:
+ rst_to_html(rst, secure)
+ return None
+ except SystemMessage, e:
+ desc = e.args[0].encode('utf-8') # the error string
+ desc = desc[9:] # remove ":"
+ line = int(desc[:desc.find(':')] or 0) # get the line number
+ desc = desc[desc.find(')')+2:-1] # remove (LEVEL/N)
+ try:
+ desc, context = desc.split('\n', 1)
+ except ValueError:
+ context = ''
+ if desc.endswith('.'):
+ desc = desc[:-1]
+ return (line, desc, context)
+
+def valid_link(link):
+ import re
+ mail_re = r"^[^ \t\n\r@<>()]+@[a-z0-9][a-z0-9\.\-_]*\.[a-z]+$"
+ scheme_re = r'^[a-zA-Z]+:'
+ url_re = r'^(?:[a-z0-9\-]+|[a-z0-9][a-z0-9\-\.\_]*\.[a-z]+)' \
+ r'(?::[0-9]+)?(?:/.*)?$'
+ scheme = ''
+ rest = link
+ if re.match(scheme_re, link, re.I):
+ scheme, rest = link.split(':', 1)
+ if (not scheme or scheme == 'mailto') and re.match(mail_re, rest, re.I):
+ return 'mailto:' + link
+ if not scheme and re.match(url_re, rest, re.I):
+ return 'http://' + rest
+ if scheme:
+ return link
+ return None
def sanitize(obj):
if isinstance(obj, basestring):
@@ -277,6 +549,209 @@ class Templates (object):
return self.get_template(
'art_footer', default_article_footer, article.to_vars())
+ def get_comment_header(self, comment):
+ vars = comment.to_vars()
+ if comment.link:
+ vars['linked_author'] = '%s' \
+ % (comment.link, comment.author)
+ else:
+ vars['linked_author'] = comment.author
+ return self.get_template(
+ 'com_header', default_comment_header, vars)
+
+ def get_comment_footer(self, comment):
+ return self.get_template(
+ 'com_footer', default_comment_footer, comment.to_vars())
+
+ def get_comment_form(self, article, form_data, captcha_puzzle):
+ vars = article.to_vars()
+ vars.update(form_data.to_vars(self))
+ vars['captcha_puzzle'] = captcha_puzzle
+ return self.get_template(
+ 'com_form', default_comment_form, vars)
+
+ def get_comment_error(self, error):
+ return self.get_template(
+ 'com_error', default_comment_error, dict(error=error))
+
+
+class CommentFormData (object):
+ def __init__(self, author = '', link = '', captcha = '', body = ''):
+ self.author = author
+ self.link = link
+ self.captcha = captcha
+ self.body = body
+ self.author_error = ''
+ self.link_error = ''
+ self.captcha_error = ''
+ self.body_error = ''
+ self.action = ''
+ self.method = 'post'
+
+ def to_vars(self, template):
+ render_error = template.get_comment_error
+ a_error = self.author_error and render_error(self.author_error)
+ l_error = self.link_error and render_error(self.link_error)
+ c_error = self.captcha_error \
+ and render_error(self.captcha_error)
+ b_error = self.body_error and render_error(self.body_error)
+ return {
+ 'form_author': sanitize(self.author),
+ 'form_link': sanitize(self.link),
+ 'form_captcha': sanitize(self.captcha),
+ 'form_body': sanitize(self.body),
+
+ 'form_author_error': a_error,
+ 'form_link_error': l_error,
+ 'form_captcha_error': c_error,
+ 'form_body_error': b_error,
+
+ 'form_action': self.action,
+ 'form_method': self.method,
+ }
+
+
+class Comment (object):
+ def __init__(self, article, number, created = None):
+ self.article = article
+ self.number = number
+ if created is None:
+ self.created = datetime.datetime.now()
+ else:
+ self.created = created
+
+ self.loaded = False
+
+ # loaded on demand
+ self._author = author
+ self._link = ''
+ self._raw_content = 'Removed comment'
+
+
+ def get_author(self):
+ if not self.loaded:
+ self.load()
+ return self._author
+ author = property(fget = get_author)
+
+ def get_link(self):
+ if not self.loaded:
+ self.load()
+ return self._link
+ link = property(fget = get_link)
+
+ def get_raw_content(self):
+ if not self.loaded:
+ self.load()
+ return self._raw_content
+ raw_content = property(fget = get_raw_content)
+
+
+ def set(self, author, raw_content, link = '', created = None):
+ self.loaded = True
+ self._author = author
+ self._raw_content = raw_content
+ self._link = link
+ self.created = created or datetime.datetime.now()
+
+
+ def load(self):
+ filename = os.path.join(comments_path, self.article.uuid,
+ str(self.number))
+ try:
+ raw = open(filename).readlines()
+ except:
+ return
+
+ count = 0
+ for l in raw:
+ if ':' in l:
+ name, value = l.split(':', 1)
+ if name.lower() == 'author':
+ self._author = value.strip()
+ elif name.lower() == 'link':
+ self._link = value.strip()
+ elif l == '\n':
+ # end of header
+ break
+ count += 1
+ self._raw_content = ''.join(raw[count + 1:])
+ self.loaded = True
+
+ def save(self):
+ filename = os.path.join(comments_path, self.article.uuid,
+ str(self.number))
+ try:
+ f = open(filename, 'w')
+ f.write('Author: %s\n' % self.author)
+ f.write('Link: %s\n' % self.link)
+ f.write('\n')
+ f.write(self.raw_content)
+ except:
+ return
+
+
+ def to_html(self):
+ return rst_to_html(self.raw_content)
+
+ def to_vars(self):
+ return {
+ 'number': self.number,
+ 'author': sanitize(self.author),
+ 'link': sanitize(self.link),
+ 'date': self.created.isoformat(' '),
+ 'created': self.created.isoformat(' '),
+
+ 'year': self.created.year,
+ 'month': self.created.month,
+ 'day': self.created.day,
+ 'hour': self.created.hour,
+ 'minute': self.created.minute,
+ 'second': self.created.second,
+ }
+
+class CommentDB (object):
+ def __init__(self, article):
+ self.path = os.path.join(comments_path, article.uuid)
+ self.comments = []
+ self.load(article)
+
+ def load(self, article):
+ try:
+ f = open(os.path.join(self.path, 'db'))
+ except:
+ return
+
+ for l in f:
+ # Each line has the following comma separated format:
+ # number, created (epoch)
+ # Empty lines are meaningful and represent removed
+ # comments (so we can preserve the comment number)
+ l = l.split(',')
+ try:
+ n = int(l[0])
+ d = datetime.datetime.fromtimestamp(float(l[1]))
+ except:
+ # Removed/invalid comment
+ self.comments.append(None)
+ continue
+ self.comments.append(Comment(article, n, d))
+
+ def save(self):
+ old_db = os.path.join(self.path, 'db')
+ new_db = os.path.join(self.path, 'db.tmp')
+ f = open(new_db, 'w')
+ for c in self.comments:
+ s = ''
+ if c is not None:
+ s = ''
+ s += str(c.number) + ', '
+ s += str(time.mktime(c.created.timetuple()))
+ s += '\n'
+ f.write(s)
+ f.close()
+ os.rename(new_db, old_db)
+
class Article (object):
def __init__(self, path, created = None, updated = None):
@@ -292,6 +767,7 @@ class Article (object):
self._author = author
self._tags = []
self._raw_content = ''
+ self._comments = []
def get_title(self):
@@ -318,6 +794,12 @@ class Article (object):
return self._raw_content
raw_content = property(fget = get_raw_content)
+ def get_comments(self):
+ if not self.loaded:
+ self.load()
+ return self._comments
+ comments = property(fget = get_comments)
+
def __cmp__(self, other):
if self.path == other.path:
@@ -334,9 +816,22 @@ class Article (object):
return cmp(self.title, other.title)
+ def add_comment(self, author, raw_content, link = ''):
+ c = Comment(self, len(self.comments))
+ c.set(author, raw_content, link)
+ self.comments.append(c)
+ return c
+
+
def load(self):
+ # XXX this tweak is only needed for old DB format, where
+ # article's paths started with a slash
+ path = self.path
+ if path.startswith('/'):
+ path = path[1:]
+ filename = os.path.join(data_path, path)
try:
- raw = open(data_path + '/' + self.path).readlines()
+ raw = open(filename).readlines()
except:
return
@@ -357,6 +852,8 @@ class Article (object):
break
count += 1
self._raw_content = ''.join(raw[count + 1:])
+ db = CommentDB(self)
+ self._comments = db.comments
self.loaded = True
def to_html(self):
@@ -369,6 +866,7 @@ class Article (object):
'date': self.created.isoformat(' '),
'uuid': self.uuid,
'tags': self.get_tags_links(),
+ 'comments': len(self.comments),
'created': self.created.isoformat(' '),
'ciso': self.created.isoformat(),
@@ -481,15 +979,35 @@ class ArticleDB (object):
# Main
#
-
-def render_html(articles, db, actyear = None):
+def render_comments(article, template, form_data):
+ print ''
+ for c in article.comments:
+ if c is None:
+ continue
+ print template.get_comment_header(c)
+ print c.to_html()
+ print template.get_comment_footer(c)
+ if not form_data:
+ form_data = CommentFormData()
+ form_data.action = blog_url + '/comment/' + article.uuid + '#comment'
+ captcha = Captcha(article)
+ print template.get_comment_form(article, form_data, captcha.puzzle)
+
+def render_html(articles, db, actyear = None, show_comments = False,
+ redirect = None, form_data = None):
+ if redirect:
+ print 'Status: 303 See Other\r\n',
+ print 'Location: %s\r\n' % redirect,
+ print 'Content-type: text/html; charset=utf-8\r\n',
+ print '\r\n',
template = Templates(templates_path, db, actyear)
- print 'Content-type: text/html; charset=utf-8\n'
print template.get_main_header()
for a in articles:
print template.get_article_header(a)
print a.to_html()
print template.get_article_footer(a)
+ if show_comments:
+ render_comments(a, template, form_data)
print template.get_main_footer()
def render_artlist(articles, db, actyear = None):
@@ -569,7 +1087,9 @@ def handle_cgi():
atom = False
style = False
post = False
+ post_preview = False
artlist = False
+ comment = False
if os.environ.has_key('PATH_INFO'):
path_info = os.environ['PATH_INFO']
@@ -577,9 +1097,11 @@ def handle_cgi():
atom = path_info == '/atom'
tag = path_info.startswith('/tag/')
post = path_info.startswith('/post/')
+ post_preview = path_info.startswith('/preview/post/')
artlist = path_info.startswith('/list')
- if not style and not atom and not post and not tag \
- and not artlist:
+ comment = path_info.startswith('/comment/') and enable_comments
+ if not style and not atom and not post and not post_preview \
+ and not tag and not comment and not artlist:
date = path_info.split('/')[1:]
try:
if len(date) > 1 and date[0]:
@@ -593,13 +1115,30 @@ def handle_cgi():
elif post:
uuid = path_info.replace('/post/', '')
uuid = uuid.replace('/', '')
+ elif post_preview:
+ art_path = path_info.replace('/preview/post/', '')
+ art_path = urllib.unquote_plus(art_path)
+ art_path = os.path.join(data_path, art_path)
+ art_path = os.path.realpath(art_path)
+ common = os.path.commonprefix([data_path, art_path])
+ if common != data_path: # something nasty happened
+ post_preview = False
+ art_path = art_path[len(data_path)+1:]
elif tag:
t = path_info.replace('/tag/', '')
t = t.replace('/', '')
t = urllib.unquote_plus(t)
tags = set((t,))
+ elif comment:
+ uuid = path_info.replace('/comment/', '')
+ uuid = uuid.replace('#comment', '')
+ uuid = uuid.replace('/', '')
+ author = form.getfirst('comformauthor', '')
+ link = form.getfirst('comformlink', '')
+ captcha = form.getfirst('comformcaptcha', '')
+ body = form.getfirst('comformbody', '')
- db = ArticleDB(data_path + '/db')
+ db = ArticleDB(os.path.join(data_path, 'db'))
if atom:
articles = db.get_articles(tags = tags)
articles.sort(reverse = True)
@@ -607,11 +1146,61 @@ def handle_cgi():
elif style:
render_style()
elif post:
- render_html( [db.get_article(uuid)], db, year )
+ render_html( [db.get_article(uuid)], db, year, enable_comments )
+ elif post_preview:
+ article = Article(art_path, datetime.datetime.now(),
+ datetime.datetime.now())
+ render_html( [article], db, year, enable_comments )
elif artlist:
articles = db.get_articles()
articles.sort(cmp = Article.title_cmp)
render_artlist(articles, db)
+ elif comment:
+ form_data = CommentFormData(author.strip().replace('\n', ' '),
+ link.strip().replace('\n', ' '), captcha,
+ body.replace('\r', ''))
+ article = db.get_article(uuid)
+ captcha = Captcha(article)
+ redirect = False
+ valid = True
+ if not form_data.author:
+ form_data.author_error = 'please, enter your name'
+ valid = False
+ if form_data.link:
+ link = valid_link(form_data.link)
+ if link:
+ form_data.link = link
+ else:
+ form_data.link_error = 'please, enter a ' \
+ 'valid link'
+ valid = False
+ if not captcha.validate(form_data):
+ form_data.captcha_error = captcha.help
+ valid = False
+ if not form_data.body:
+ form_data.body_error = 'please, write a comment'
+ valid = False
+ else:
+ error = validate_rst(form_data.body, secure=False)
+ if error is not None:
+ (line, desc, ctx) = error
+ at = ''
+ if line:
+ at = ' at line %d' % line
+ form_data.body_error = 'error%s: %s' \
+ % (at, desc)
+ valid = False
+ if valid:
+ c = article.add_comment(form_data.author,
+ form_data.body, form_data.link)
+ c.save()
+ cdb = CommentDB(article)
+ cdb.comments = article.comments
+ cdb.save()
+ redirect = blog_url + '/post/' + uuid + '#comment-' \
+ + str(c.number)
+ render_html( [article], db, year, enable_comments, redirect,
+ form_data )
else:
articles = db.get_articles(year, month, day, tags)
articles.sort(reverse = True)
@@ -635,11 +1224,12 @@ def handle_cmd():
print "Error: article (%s) must be inside data_path (%s)" % \
(art_path, data_path)
return 1
- art_path = art_path[len(data_path):]
+ art_path = art_path[len(data_path)+1:]
- if not os.path.isfile(data_path + '/db'):
- open(data_path + '/db', 'w').write('')
- db = ArticleDB(data_path + '/db')
+ db_filename = os.path.join(data_path, 'db')
+ if not os.path.isfile(db_filename):
+ open(db_filename, 'w').write('')
+ db = ArticleDB(db_filename)
if cmd == 'add':
article = Article(art_path, datetime.datetime.now(),
@@ -650,6 +1240,17 @@ def handle_cmd():
return 1
db.articles.append(article)
db.save()
+ if enable_comments:
+ comment_dir = os.path.join(comments_path, article.uuid)
+ try:
+ os.mkdir(comment_dir, 0775)
+ except OSError, e:
+ if e.errno != errno.EEXIST:
+ print "Error: can't create comments " \
+ "directory %s (%s)" \
+ % (comment_dir, e)
+ # otherwise is probably a removed and re-added
+ # article
elif cmd == 'rm':
article = Article(art_path)
for a in db.articles:
@@ -658,8 +1259,12 @@ def handle_cmd():
else:
print "Error: no such article"
return 1
+ if enable_comments:
+ r = raw_input('Remove comments [y/N]? ')
db.articles.remove(a)
db.save()
+ if enable_comments and r.lower() == 'y':
+ shutil.rmtree(os.path.join(comments_path, a.uuid))
elif cmd == 'update':
article = Article(art_path)
for a in db.articles:
@@ -678,7 +1283,10 @@ def handle_cmd():
if os.environ.has_key('GATEWAY_INTERFACE'):
+ i = datetime.datetime.now()
handle_cgi()
+ f = datetime.datetime.now()
+ print '' % (f-i)
else:
sys.exit(handle_cmd())
Comment #%(number)d
+by %(linked_author)s + on %(year)04d-%(month)02d-%(day)02d %(hour)02d:%(minute)02d + +