#!/usr/bin/python
import cgitb; cgitb.enable()
import cgi
import os
import subprocess
import sys
# Target list name
ListName = "blaag"
print "Content-type: text/html"
print
print "
Into the fray..."
print "Invite your friends!
"
form = cgi.FieldStorage()
#print "Environment:
";
#for param in os.environ.keys():
# print "%s: %s
" % (param,os.environ[param])
#print "number of form elements: " + str(len(form)) + "
"
# References:
# http://www.tutorialspoint.com/python/python_cgi_programming.htm
# http://httpd.apache.org/docs/2.0/howto/auth.html
from string import *
rfc822_specials = '()<>@,;:\\"[]'
def isAddressValid(addr):
'''Validate an email address'''
# First we validate the name portion (name@domain)
c = 0
while c < len(addr):
if addr[c] == '"' and (not c or addr[c - 1] == '.' or addr[c - 1] == '"'):
c = c + 1
while c < len(addr):
if addr[c] == '"': break
if addr[c] == '\\' and addr[c + 1] == ' ':
c = c + 2
continue
if ord(addr[c]) < 32 or ord(addr[c]) >= 127: return 0
c = c + 1
else: return 0
if addr[c] == '@': break
if addr[c] != '.': return 0
c = c + 1
continue
if addr[c] == '@': break
if ord(addr[c]) <= 32 or ord(addr[c]) >= 127: return 0
if addr[c] in rfc822_specials: return 0
c = c + 1
if not c or addr[c - 1] == '.': return 0
# Next we validate the domain portion (name@domain)
domain = c = c + 1
if domain >= len(addr): return 0
count = 0
while c < len(addr):
if addr[c] == '.':
if c == domain or addr[c - 1] == '.': return 0
count = count + 1
if ord(addr[c]) <= 32 or ord(addr[c]) >= 127: return 0
if addr[c] in rfc822_specials: return 0
c = c + 1
return count >= 1
# GET method
if os.environ['REQUEST_METHOD'] == "GET":
print """
Use this form to invite your friends to the list '""" + ListName + """'. A standard mailman confirmation will be sent
to the specified address.
NOTE: Once subscribed, users may unsubscribe using the standard mailman techniques, described
in the mailman welcome email.
|
"""
# POST method
if os.environ['REQUEST_METHOD'] == "POST":
# print "Got form items:
"
# for k in form.keys():
# print "key %s with value %s
" % (k, form.getvalue(k))
# Check that the email address was typed correctly
if form.getvalue('address') == form.getvalue('address_verify'):
invitee = form.getvalue('address')
pass
else:
print """
The supplied addresses do not match, type better next time!
Ok, I'll try my best
"""
sys.exit()
# Verify that the input is a valid email address
if isAddressValid(invitee):
pass
else:
print """
The supplied input is not a valid email address, stop hacking!
Ok, I will stop hacking
"""
sys.exit()
# Fire off new_add_members, passing address as stdin
# we're emulating something like: echo "ADDRESS" | new_add_members -r - LISTNAME
proc = subprocess.Popen(
[
'sudo',
'/usr/sbin/new_add_members',
'-r',
'-',
ListName,
],
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
)
# the value of 'address' is sent via stdin
stdout,stderr = proc.communicate(form.getvalue('address'))
print stdout
if stderr:
print stderr
print "
Invite another friend!"