3 # FEX CGI for (user) operation control
5 # Author: Ulli Horlacher <framstag@rus.uni-stuttgart.de>
8 BEGIN { ($ENV{PERLINIT}||'') =~ /(.+)/s and eval $1 }
12 use Digest::MD5 qw(md5_hex);
15 ($FEXLIB) = $ENV{FEXLIB} =~ /(.+)/;
16 die "$0: no $FEXLIB\n" unless -d $FEXLIB;
18 our ($FEXHOME,$mdomain,$nomail,$faillog);
21 # load common code, local config : $HOME/lib/fex.ph
22 require "$FEXLIB/fex.pp" or die "$0: cannot load $FEXLIB/fex.pp - $!\n";
24 my $error = 'F*EX operation control ERROR';
26 chdir $spooldir or die "$spooldir - $!\n";
28 $akeydir = "$spooldir/.akeys";
31 # look for CGI parameters
34 foreach my $v (keys %PARAM) {
36 # debuglog("Param: $v=\"$vv\"");
37 if ($v =~ /^akey$/i and $vv =~ /^(\w+)$/) {
39 } elsif ($v =~ /^(from|user)$/i) {
40 $user = normalize_email($vv);
41 $user .= '@'.$mdomain if $mdomain and $user !~ /@/;
42 } elsif ($v =~ /^id$/i) {
43 $id = checkchars($vv);
47 if ($akey and not $user and not $id) {
48 if (open $akey,'<',"$akeydir/$akey/@" and $id = getline($akey)) {
50 $user = readlink "$akeydir/$akey"
51 or http_die("internal server error: no $akey symlink");
53 $user = untaint($user);
54 if ($akey ne md5_hex("$user:$id")) {
60 $head = "$ENV{SERVER_NAME} F*EX operation control";
62 # display HTML form and request user data
65 unless (open $idf,'<',"$user/@") {
66 faillog("user $from, id $id");
67 html_error($error,"wrong user or auth-ID");
70 if (-e "$user/\@CAPTIVE") { html_error($error,"captive user") }
75 $akey = untaint(md5_hex("$user:$id"));
76 unlink "$akeydir/$akey";
77 symlink "../$user","$akeydir/$akey";
80 faillog("user $from, id $id");
81 html_error($error,"wrong user or auth-ID");
83 unlink $faillog if $faillog;
84 http_header("200 OK");
85 print html_header($head);
86 # authorized login URL
87 my $url = "$ENV{PROTO}://$ENV{HTTP_HOST}/fup/".b64("from=$user&id=$id");
90 ' function show_user() { return(alert('
91 ' "server:\\t$ENV{HTTP_HOST}\\n"+'
92 ' "user:\\t$user\\n"+'
93 ' "auth-ID:\\t$id\\n"+'
97 '<h2>for user <a href="#" onclick="show_user();" title="click to see account data">$user</a></h2>'
100 ($quota,$du) = check_sender_quota($user);
103 <tr title="You as the sender have a server disk quota of $quota MB and currently using $du MB">
104 <td>sender quota (used):<td align=\"right\">$quota ($du) MB
108 ($quota,$du) = check_recipient_quota($user);
111 <tr title="You as the recipient have a server disk quota of $quota MB and currently using $du MB">
112 <td>recipient quota (used):<td align=\"right\">$quota ($du) MB
119 '<a href="/fup?akey=$akey&command=LISTRECEIVED">'
120 'Retrieve a list of all your received files</a> in F*EX spool.'
124 '<form action="/fuc?akey=$akey"'
126 ' accept-charset="UTF-8"'
127 ' enctype="multipart/form-data">'
128 ' <input type="hidden" name="user" value="$user">'
129 ' <input type="hidden" name="id" value="$id">'
130 ' <script>function show_id() {return(alert("auth-ID: $id"));}</script>'
131 ' Change your <a href="#" onclick="show_id();" title="$id">auth-ID</a> to'
132 ' <input type="text" name="nid" size="16">'
133 ' <input type="submit" value="remember it!">'
135 if (-s "$user/\@ALLOWED_RECIPIENTS") {
137 # ' (You are a restricted user)';
141 # '<a href="/fup?akey=$akey&command=LISTSENT">'
142 # 'Show download URLs of files you have sent</a>.'
146 '<a href="/fup?akey=$akey&command=RENOTIFY">'
147 'Resend notification e-mails for files you have sent</a>.'
153 '<a href="/fup?akey=$akey&command=LIST&to=*">'
154 'Forward a copy of a file</a> you already have uploaded to another recipient.'
156 '<a href="/rup?akey=$akey">'
157 'Redirect files</a> you have uploaded to a wrong or misspelled recipient.'
162 '<a href="/fup?akey=$akey&command=RENOTIFY">'
163 'Resend notification e-mails for files you have sent</a>.'
168 ' Create a subuser who can send you files. Enter his e-mail address:<br>'
169 ' <input type="text" name="subuser" size="60">'
170 ' <input type="checkbox" name="otuser" value="once">for only one upload<br>'
174 ' <input type="submit" value="create subuser">'
178 ' Comment to send with information e-mail:<br>'
179 ' <input type="text" name="comment" size="80"><br>'
180 ' <input type="submit" value="create subuser and send e-mail">'
185 ' <a href="/fuc?akey=$akey">Manage your subusers and groups</a>'
187 ' <a href="/fuc?ab=load&akey=$akey">Edit your address book</a>'
191 ' <a href="/fuc?disclaimer=CHANGE&akey=$akey">'
192 ' Change the disclaimer</a> to be sent with notification e-mail.'
197 ' <a href="/fuc?encryption=CHANGE&akey=$akey">'
198 ' (De)activate e-mail encryption</a>.'
199 )) if -s "$ENV{HOME}/.gnupg/pubring.gpg";
200 if ((readlink "$user/\@NOTIFICATION"||'') =~ /short/i) {
203 ' Get <a href="/fuc?notification=detailed&akey=$akey">detailed</a> notification e-mails (current setting: <em>brief</em>).'
208 ' Get <a href="/fuc?notification=short&akey=$akey">brief</a> notification e-mails (current setting: <em>detailed</em>).'
211 if ((readlink "$user/\@REMINDER"||'') =~ /no/i) {
214 ' Get <a href="/fuc?reminder=yes&akey=$akey">reminder</a> notification e-mails (current setting: <em>no reminders</em>).'
219 ' Get <a href="/fuc?reminder=no&akey=$akey">no reminder</a> notification e-mails (current setting: <em>send reminders</em>).'
222 if (-e "$user/\@MIME") {
225 ' <a href="/fuc?mime=no&akey=$akey">Save</a> files after download (current setting: <em>display</em>).'
230 ' <a href="/fuc?mime=yes&akey=$akey">Display</a> files when downloading with web browser (current setting: <em>save</em>).'
235 ' <a href="/fup?akey=$akey">Back to fup (upload page)</a>'
239 print "</body></html>\n";
243 my $login = -x "$FEXHOME/login" ? 'login' : 'fup';
245 "HTTP/1.1 302 Found",
246 "Location: $ENV{PROTO}://$ENV{HTTP_HOST}/$login",