]> Pileus Git - vpaste/blob - index.cgi
Add blacklist and more spam checking
[vpaste] / index.cgi
1 #!/bin/bash
2
3 # Copyright (C) 2009-2012 Andy Spencer
4 #
5 # This program is free software: you can redistribute it and/or modify it under
6 # the terms of the GNU Affero General Public License as published by the Free
7 # Software Foundation, either version 3 of the License, or (at your option) any
8 # later version.
9 #
10 # This program is distributed in the hope that it will be useful, but WITHOUT
11 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
12 # FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
13 # details.
14
15 # Remove url codings from stdin
16 function get_modeline {
17         echo "$QUERY_STRING" |
18         sed -e 's/%\([0-9A-F][0-9A-F]\)/\\\\\x\1/g; s/[,&?]/ /g' |
19         xargs echo -e
20 }
21 function get_param {
22         get_modeline | awk -v "key=$1" 'BEGIN{RS=" "; FS="="}; $1 ~ key {print $2}'
23 }
24
25 # Extract an uploaded file from standard input
26 #   $1 is the name of the input to extract
27 function cut_file {
28         bnd="${CONTENT_TYPE/*boundary\=/}"
29         awk -v "want=$1" -v "bnd=$bnd" '
30                 BEGIN { RS="\r\n" }
31
32                 # reset based on boundaries
33                 $0 == "--"bnd""     { st=1; next; }
34                 $0 == "--"bnd"--"   { st=0; next; }
35                 $0 == "--"bnd"--\r" { st=0; next; }
36
37                 # search for wanted file
38                 st == 1 && $0 ~  "^Content-Disposition:.* name=\""want"\"" { st=2; next; }
39                 st == 1 && $0 == "" { st=9; next; }
40
41                 # wait for newline, then start printing
42                 st == 2 && $0 == "" { st=3; next; }
43                 st == 3             { print $0    }
44         ' | head -c $((128*1024)) # Limit size to 128K
45 }
46
47 # Print out a generic header
48 function header {
49         echo "Content-Type: $1; charset=UTF-8"
50         if [[ "$HTTP_ACCEPT_ENCODING" == *'gzip'* ]]; then
51                 echo "Content-Encoding: gzip"
52                 echo
53                 exec 1> >(gzip)
54         else
55                 echo
56         fi
57 }
58
59 # Print plain message and exit
60 function message {
61         while [ "$1" == '-h' ]; do
62                 shift; echo "$1"; shift
63         done
64         header text/plain
65         echo "$*"
66         exit
67 }
68
69 # List previous pastes
70 function do_cmd {
71         header text/plain
72         case "$1" in
73         ls)
74                 ls -t db | column
75                 ;;
76         head)
77                 awk -v 'rows=4' -v 'cols=60' '
78                         FNR==1      { gsub(/.*\//, "", FILENAME);
79                                       print FILENAME
80                                       print "-----" }
81                         FNR==1,/^$/ { next }
82                         /\S/        { i++; printf "%."cols"s\n", $0 }
83                         i>=rows     { nextfile  }
84                         ENDFILE     { i=0; print ""  }
85                 ' $(ls -t db/*)
86                 ;;
87         stat)
88                 ls -l --time-style='+%Y %m' db |
89                 awk -v 'hdr=Jan  Feb  Mar  Apr  May  Jun  Jul  Aug  Sep  Oct  Nov  Dec' '
90                         BEGIN { printf "%64s\n", hdr }
91                         NR>1  { cnt[$6+0][$7+0]++ }
92                         END   { for (y in cnt) {
93                                   printf "%4d", y
94                                   for (m=1; m<=12; m++)
95                                     printf "%5s", cnt[y][m]
96                                   printf "\n" } }'
97                 ;;
98         esac
99 }
100
101 # Format a file for viewing
102 function do_print {
103         if [ -f "./$1" ]; then
104                 input="$1"
105         elif [ -f "db/$1" ]; then
106                 input="db/$1"
107                 trim='1,/^$/d' # sed command to remove cruft
108         else
109                 message -h 'Status: 404 Not Found' \
110                         "File '$1' not found"
111         fi
112
113         # Check for raw paste
114         if [[ "$QUERY_STRING" == 'raw'* ||
115               "$REQUEST_URI"  != *'?'* &&
116               ( "$input"       != 'db/'* ||
117                 "$HTTP_ACCEPT" != *'html'* ) ]]; then
118                 header text/plain
119                 sed "$trim" "$input"
120                 exit
121         fi
122
123         # Create a temp file with the provided modeline
124         output="$(mktemp)"
125         tmp="$(mktemp)"
126         sed "\$avim: $(get_modeline)" "$input" > "$tmp"
127
128         # - I have some plugins in ~/.vim
129         # - Run ex in screen to trick it into thinking that it
130         #   has a real terminal, note that we also have to set
131         #   term=xterm-256color in vimrc
132         HOME=/home/andy \
133         screen -D -m ex -nXZ -i NONE -u vimrc \
134                 '+sil! set fde= fdt= fex= inde= inex= key= pa= pexpr=' \
135                 '+sil! set iconstring= ruf= stl= tal=' \
136                 "+sil! set titlestring=$1\ -\ vpaste.net" \
137                 '+sil! set noml'     \
138                 '+sil! $d|'$trim     \
139                 '+sil! %s/\r//g' \
140                 '+sil! TOhtml'       \
141                 "+sav! $output" \
142                 '+qall!'        \
143                 "$tmp"
144
145         header text/html
146         cat "$output"
147         rm "$tmp" "$output"
148 }
149
150
151 # Upload handler
152 function do_upload {
153         body=$(cat -)
154         spam=$(echo -n "$body" | cut_file "ignoreme")
155         text=$(echo -n "$body" | cut_file "(text|x)")
156         bans=$(echo -n "$REMOTE_ADDR" | grep -f blacklist)
157         [ ! -z "$spam" ] && message "Spam check.."
158         [ ! -z "$bans" ] && message "You have been banned"
159         [   -z "$text" ] && message "No text pasted"
160
161         # Format and save message
162         output="$(mktemp db/XXXXX)"
163         cat >"$output" <<-EOF
164                 vim: $(get_modeline)
165                 Date: $(date -R)
166                 From: $REMOTE_ADDR
167                 User-Agent: $HTTP_USER_AGENT
168
169                 $text
170         EOF
171
172         # Redirect user
173         uri="$url$(basename "$output")"
174         message -h 'Status: 302 Found' \
175                 -h "Location: $uri"    \
176                 "$uri"
177 }
178
179 # Default index page
180 function do_help {
181         filetypes=$(
182                 ls /usr/share/vim/vim*/syntax/ /home/andy/.vim/syntax/ |
183                 sed -n '/^\(syntax\|manual\|synload\|2html\|colortest\|hitest\).vim$/d; s/.vim$//p' |
184                 sort | uniq
185         )
186         uploads=$(ls -t db | head -n 5)
187         filetype=$(get_param '^(ft|filet(y(pe?)?)?)$')
188         vpaste='<a href="vpaste?ft=sh">vpaste</a>'
189         repo='https://lug.rose-hulman.edu/svn/misc/trunk/htdocs/vpaste/'
190
191         header text/html
192         cat <<-EOF
193         <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
194           "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
195         <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
196                 <head>
197                         <title>vpaste.net - Vim based pastebin</title>
198                         <meta http-equiv="Content-type" content="text/html;charset=UTF-8" />
199                         <meta name="description" content="vpaste: Vim based pastebin" />
200                         <meta name="keywords" content="vpaste,paste,pastebin,vim" />
201                         <meta name="google-site-verification" content="OvHF73zD7osJ1VSq9rJxnMFlja36944ud6CiP_iXQnI" />
202                         <style type="text/css">
203                                 *          { margin: 0;
204                                              padding: 0; }
205                                 body       { margin: 4em 8em 4em 8em;
206                                              font-family: sans-serif; }
207                                 input      { padding: 2px 6px 3px 6px; }
208                                 /* Items */
209                                 textarea   { width: 100%;
210                                              margin-bottom: 0.5em; }
211                                 .buttons   { float: left; }
212                                 .links     { float: right; }
213                                 .links *   { text-decoration: none;
214                                              margin-left: 0.5em; }
215                                 .box       { display: none;
216                                              clear: both;
217                                              margin-top: 2.7em;
218                                              border-top: solid 1px #888; }
219                                 /* box contents */
220                                 h1         { margin-top: 1.0em;
221                                              font-size: larger; }
222                                 ul,dd,dl,p { margin: 0 0 0 2em; }
223                                 dt         { font-weight: bold;
224                                              padding: 0.5em 0 0 0; }
225                                 span       { font-family: monospace; }
226                                 .cmds dd   { font-family: monospace; }
227                         </style>
228                         <script type="text/javascript">
229                                 //<![CDATA[
230                                 function show(id) {
231                                         var boxes = document.getElementsByClassName('box')
232                                         for (var i = 0; i < boxes.length; i++) {
233                                                 var box = boxes[i]
234                                                 if (box.id == id && box.style.display != 'block')
235                                                         box.style.display = 'block'
236                                                 else
237                                                         box.style.display = "none"
238                                         }
239                                 }
240                                 function autoshow() {
241                                         var id  = document.location.toString().replace(/.*#/, '')
242                                         var box = document.getElementById(id)
243                                         if (box) box.style.display = "block"
244                                 }
245                                 //]]>
246                         </script>
247                 </head>
248
249                 <body onload="autoshow()">
250                         <form id="form" method="post" action="" enctype="multipart/form-data">
251                                 <div>
252                                         <input style="display:none" type="text" name="ignoreme" value="" />
253                                         <textarea name="text" cols="80" rows="25"></textarea>
254                                 </div>
255                                 <div class="buttons">
256                                         <select onchange="document.getElementById('form').action =
257                                                           document.location + '?ft=' + this.value;">
258                                                 <option value="" disabled="disabled">Filetype</option>
259                                                 <option value="">None</option>
260                                                 $(for ft in $filetypes; do
261                                                         echo "<option$(
262                                                         [ "$ft" = "$filetype" ] &&
263                                                                 echo ' selected="selected"'
264                                                         )>$ft</option>"
265                                                 done)
266                                         </select>
267                                         <input type="submit" value="Paste" />
268                                 </div>
269                                 <div class="links">
270                                         <a href="">vpaste</a> <span>-</span>
271                                         <a href="#usage"   onclick="show('usage'  )">Usage</a>
272                                         <a href="#devel"   onclick="show('devel'  )">Development</a>
273                                         <a href="#uploads" onclick="show('uploads')">Uploads</a>
274                                 </div>
275                         </form>
276
277                         <div class="box" id="usage">
278                                 <h1>Pasting</h1>
279                                 <dl class="cmds">
280                                         <dt>From a shell</dt>
281                                         <dd> $vpaste file [option=value,..]</dd>
282                                         <dd> &lt;command&gt; | $vpaste [option=value,..]</dd>
283
284                                         <dt>From Vim</dt>
285                                         <dd> :map vp :exec "w !vpaste ft=".&amp;ft&lt;CR&gt;</dd>
286                                         <dd> :vmap vp &lt;ESC&gt;:exec "'&lt;,'&gt;w !vpaste ft=".&amp;ft&lt;CR&gt;</dd>
287
288                                         <dt>With curl</dt>
289                                         <dd> &lt;command&gt; | curl -F 'text=&lt;-' $url[?option=value,..]</dd>
290                                 </dl>
291
292                                 <h1>Options</h1>
293                                 <p>Add <b>?option[=value],..</b> to make your text a rainbow.</p>
294                                 <p>Options specified when uploading are saved as defaults.</p>
295
296                                 <dl>
297                                         <dt>bg, background={light|dark}</dt>
298                                         <dd>Background color to use for the page</dd>
299                                         <dt>et, expandtab</dt>
300                                         <dd>Expand tabs to spaces</dd>
301                                         <dt>fdm, foldmethod=(syntax|indent)</dt>
302                                         <dd>Turn on dynamic code folding</dd>
303                                         <dt>ft, filetype={filetype}</dt>
304                                         <dd>A filetype to use for highlighting, see above menu for supported types</dd>
305                                         <dt>nu, number</dt>
306                                         <dd>Add line numbers</dd>
307                                         <dt>ts, tabstop=[N]</dt>
308                                         <dd>Number of spaces to use for tabs when <b>et</b> is set</dd>
309                                         <dt>...</dt>
310                                         <dd>See :help modeline for more information</dd>
311                                 </dl>
312                         </div>
313
314                         <div class="box" id="devel">
315                                 <h1>License</h1>
316                                 <p>Copyright © 2009-2012
317                                    Andy Spencer &lt;andy753421@gmail.com&gt;</p>
318                                 <p>See individual files for licenses</p>
319
320                                 <h1>Source code</h1>
321                                 <dl>
322                                         <dt>Client</dt>
323                                         <dd><a href="vpaste?ft=sh">vpaste</a></dd>
324                                         <dt>Server</dt>
325                                         <dd><a href="index.cgi?ft=sh">index.cgi</a>
326                                             <a href="vimrc?ft=vim">vimrc</a>
327                                             <a href="htaccess?ft=apache">htaccess</a>
328                                             <a href="robots.txt?ft=robots">robots.txt</a>
329                                             <a href="sitemap.xml?ft=xml">sitemap.xml</a>
330                                             <a href="blacklist?raw">blacklist</a></dd>
331                                         <dt>Patches</dt>
332                                         <dd><a href="2html.patch?ft=diff">2html.patch</a></dd>
333                                         <dt>Subversion</dt>
334                                         <dd><a href="$repo">$repo</a></dd>
335                                 </dl>
336
337                                 <h1>Bugs</h1>
338                                 <ul>
339                                         <li>Using strange filetypes (ft=2html) may result in strange output.</li>
340                                         <li><a href="mailto:andy753421@gmail.com?subject=vpaste bug">Other?</a></li>
341                                 </ul>
342                         </div>
343
344                         <div class="box" id="uploads">
345                                 <h1>Recent Uploads</h1>
346                                 <ul>$(for upload in ${uploads[@]}; do
347                                     echo -n "<li>"
348                                     echo -n "<span>$upload</span> "
349                                     echo -n "<a href='$upload?raw'>text</a> "
350                                     echo -n "<a href='$upload'>rainbow</a>"
351                                     echo "</li>"
352                                 done)
353                                 </ul>
354                                 <p><a href="ls">list all</a></p>
355                                 <p><a href="head">sample all</a></p>
356                                 <p><a href="stat">statistics</a></p>
357                         </div>
358                 </body>
359         </html>
360         EOF
361 }
362
363 # Main
364 PATH=/bin:/usr/bin
365 url="http://$HTTP_HOST${REQUEST_URI/\?*}"
366 pathinfo="${REQUEST_URI/*\/}"
367 pathinfo="${pathinfo/\?*}"
368
369 if [ "$pathinfo" = ls ]; then
370         do_cmd ls
371 elif [ "$pathinfo" = head ]; then
372         do_cmd head
373 elif [ "$pathinfo" = stat ]; then
374         do_cmd stat
375 elif [ "$pathinfo" ]; then
376         do_print "$pathinfo"
377 elif [ "$CONTENT_TYPE" ]; then
378         do_upload
379 else
380         do_help
381 fi