X-Git-Url: https://git.exim.org/buildfarm-server.git/blobdiff_plain/aa46e391f5eba6efc0e1f73b1955f2d8a811c11c..9aab6bac9c2c174a5ef8869e9b947a3917e18087:/cgi-bin/register.pl?ds=sidebyside diff --git a/cgi-bin/register.pl b/cgi-bin/register.pl index 158d05e..5b1ce0a 100755 --- a/cgi-bin/register.pl +++ b/cgi-bin/register.pl @@ -1,92 +1,94 @@ #!/usr/bin/perl +=comment + +Copyright (c) 2003-2010, Andrew Dunstan + +See accompanying License file for license details + +=cut + use strict; use DBI; use Template; use CGI; +use Template; +use Captcha::reCAPTCHA; -use vars qw($dbhost $dbname $dbuser $dbpass $dbport $notifyapp); +use vars qw($dbhost $dbname $dbuser $dbpass $dbport $notifyapp $captcha_pubkey $captcha_privkey $template_dir $default_host); require "$ENV{BFConfDir}/BuildFarmWeb.pl"; -#require "BuildFarmWeb.pl"; my $dsn="dbi:Pg:dbname=$dbname"; $dsn .= ";host=$dbhost" if $dbhost; $dsn .= ";port=$dbport" if $dbport; -my $header = < - - - - PostgreSQL BuildFarm Application - - - - - -
- -
-EOS - -my $footer = < -
-

-Hosting for the PostgreSQL Buildfarm is generously -provided by: -CommandPrompt, -The PostgreSQL Company -

-
- - -EOS - +my $template_opts = { INCLUDE_PATH => $template_dir}; +my $template = new Template($template_opts); my $query = new CGI; my $params = $query->Vars; -my ($os, $osv, $comp, $compv, $arch, $email, $owner) = @{$params}{ - qw(os osv comp compv arch email owner)}; +my ($os, $osv, $comp, $compv, $arch, $email, $owner, $challenge, $response ) = @{$params}{ + qw(os osv comp compv arch email owner recaptcha_challenge_field recaptcha_response_field)}; + +my $captcha = Captcha::reCAPTCHA->new; +my $captcha_ok = $captcha->check_answer + ( + $captcha_privkey, + $ENV{'REMOTE_ADDR'}, + $challenge, $response + ); -unless ($os && $osv && $comp && $compv && $arch && $email && $owner) + +unless ($os && $osv && $comp && $compv && $arch && $email && $owner && $captcha_ok->{is_valid}) { - print "Content-Type: text/html\n\n", - $header, - "

You need to complete all the form items. Please try again.

\n", - $footer; - exit; + print "Content-Type: text/html\n\n"; + $template->process('register-incomplete.tt'); + exit; } # some idiot has a script that tries to talk to me # this should catch and dispose of him -if (grep {/rgergerger|\@pgbuildfarm\.org|Content-Type:|http:|mailto:|href=|None|Unknown/} $os,$osv,$comp,$compv,$arch,$email,$owner) +if ((grep {/rgergerger|\@pgbuildfarm\.org|Content-Type:|http:|mailto:|href=|None|Unknown/} $os,$osv,$comp,$compv,$arch,$email,$owner) + || ($email =~ /john.*\@aol.com/) ) { print "Status: 403 Forbidden - go away idiot\n", "Content-Type: text/plain\n\n"; - exit; - + exit; } +# count transitions to and from upper case +my $trans = 1; +my $counttrans = 0; +foreach (split "" ,"$os$osv$comp$compv$arch$owner") +{ + if (/[A-Z]/) + { + next if $trans; + $trans = 1; + $counttrans++; + } + else + { + next unless $trans; + $trans = 0; + $counttrans++; + } +} + +# reject junk with too many transitions into/outof upper case +if ($counttrans > 20) +{ + print + "Status: 403 Forbidden - go away idiot\n", + "Content-Type: text/plain\n\n"; + exit; +} + + + my $secret = ""; my $dummyname=""; # we'll select an animal name when we approve it. foreach (1..8) @@ -116,12 +118,10 @@ my $sth=$db->prepare($statement); my $rv=$sth->execute($dummyname,$secret,$os,$osv,$comp,$compv, $arch,$owner,$email); my $err=$db->errstr; -print "Content-type: text/html\n\n"; -print $header - , "

PostgreSQL BuildFarm Application received

\n" - , "

Thank you. You should hear from us shortly.

" - , $footer; +# everything looks OK, so tell them so +print "Content-type: text/html\n\n"; +$template->process('register-ok.tt'); $sth->finish; $db->disconnect; @@ -131,11 +131,14 @@ use Mail::Send; my $msg = new Mail::Send; -my $me = `id -un`; +my $me = `id -un`; chomp($me); +my $host = `hostname`; chomp ($host); +$host = $default_host unless ($host =~ m/[.]/ || !defined($default_host)); -my $host = `hostname`; +my $from_addr = "PG Build Farm <$me\@$host>"; +$from_addr =~ tr /\r\n//d; -$msg->set('From',"PG Build Farm <$me\@$host>"); +$msg->set('From',$from_addr); $msg->to(@$notifyapp); $msg->subject('New Buildfarm Application');