diff options
| -rwxr-xr-x | bin/pep-proxy.py | 31 | ||||
| -rw-r--r-- | bin/sql_build.sql | 17 | ||||
| -rw-r--r-- | cgi-bin/js_check/__init__.pyc | bin | 156 -> 190 bytes | |||
| -rw-r--r-- | cgi-bin/js_check/jsparser.pyc | bin | 27289 -> 28605 bytes | |||
| -rw-r--r-- | cgi-bin/js_check/validate.pyc | bin | 2770 -> 2756 bytes | |||
| -rwxr-xr-x | cgi-bin/test.cgi | 13 | ||||
| -rwxr-xr-x | cgi-bin/upload | 198 | ||||
| -rwxr-xr-x | cgi-bin/view | 49 |
8 files changed, 284 insertions, 24 deletions
diff --git a/bin/pep-proxy.py b/bin/pep-proxy.py new file mode 100755 index 0000000..b44bbbc --- /dev/null +++ b/bin/pep-proxy.py @@ -0,0 +1,31 @@ +#!/usr/bin/env python3 +import http.server +import urllib.request +import re + +class MyHTTPRequestHandler(http.server.CGIHTTPRequestHandler ): + def end_headers(self): + self.send_my_headers() + + http.server.CGIHTTPRequestHandler .end_headers(self) + + def send_my_headers(self): + self.send_header("Access-Control-Allow-Origin", "*") + + def do_GET(self): + if self.path[0:14] == "/cgi-bin/proxy": + self.copyfile(urllib.request.urlopen(self.path[15:]), self.wfile) + elif re.match(r'.+cgi-bin/im/shader/.+$', self.path): + self.path = re.sub(r'(.+cgi-bin/)im/shader/(.+)$', r'\1\2', self.path); + super().do_GET(); + else: + super().do_GET() + + def do_POST(self): + if re.match(r'.+cgi-bin/im/shader/.+$', self.path): + self.path = re.sub(r'(.+cgi-bin/)im/shader/(.+)$', r'\1\2', self.path); + super().do_POST(); + +if __name__ == '__main__': + http.server.test(HandlerClass=MyHTTPRequestHandler) + diff --git a/bin/sql_build.sql b/bin/sql_build.sql new file mode 100644 index 0000000..8badd66 --- /dev/null +++ b/bin/sql_build.sql @@ -0,0 +1,17 @@ +create database IF NOT EXISTS asdfus; +grant all privileges on asdfus.* to 'asdfus'@'localhost' identified by 'gTYgT&M6q'; +flush privileges; +use asdfus; +create table IF NOT EXISTS shaders (id int(11) AUTO_INCREMENT NOT NULL, PRIMARY KEY(id), script blob, image_url blob, thumbnail_url varchar(50), username varchar(30), time bigint(20) NOT NULL, shader_id int(11)); + +create table IF NOT EXISTS shader_ids (id int(11) AUTO_INCREMENT NOT NULL, PRIMARY KEY(id), username varchar(40)); +alter table shaders modify username varchar(30); + +IF EXISTS ( + SELECT * + FROM sys.columns + WHERE name = 'shaders' +) +begin + alter table shaders add name varchar(40); +end; diff --git a/cgi-bin/js_check/__init__.pyc b/cgi-bin/js_check/__init__.pyc Binary files differindex 5d23962..e3d1cac 100644 --- a/cgi-bin/js_check/__init__.pyc +++ b/cgi-bin/js_check/__init__.pyc diff --git a/cgi-bin/js_check/jsparser.pyc b/cgi-bin/js_check/jsparser.pyc Binary files differindex 42b15b8..5ce5c81 100644 --- a/cgi-bin/js_check/jsparser.pyc +++ b/cgi-bin/js_check/jsparser.pyc diff --git a/cgi-bin/js_check/validate.pyc b/cgi-bin/js_check/validate.pyc Binary files differindex 0905b8f..a3c7071 100644 --- a/cgi-bin/js_check/validate.pyc +++ b/cgi-bin/js_check/validate.pyc diff --git a/cgi-bin/test.cgi b/cgi-bin/test.cgi new file mode 100755 index 0000000..e33ee3e --- /dev/null +++ b/cgi-bin/test.cgi @@ -0,0 +1,13 @@ +#!/usr/bin/perl + print "Content-type: text/html\n\n"; + print <<HTML; + <html> +<head> + <title>A Simple Perl CGI</title> + </head> + <body> + <h1>A Simple Perl CGI</h1> + <p>Hello World</p> + </body> +HTML + exit; diff --git a/cgi-bin/upload b/cgi-bin/upload new file mode 100755 index 0000000..4e4ffbd --- /dev/null +++ b/cgi-bin/upload @@ -0,0 +1,198 @@ +#!/usr/bin/perl + +use strict; +use CGI::Carp qw(fatalsToBrowser); + +use DBI; +use Digest::MD5; +use File::MMagic; +use CGI; +use File::Slurp; +use Data::Dumper; +use Amazon::S3; +use Digest::SHA1; +use JSON +#set the temporary directory here +my $upload_dir = '/tmp/'; +#maximum filesize goes here +my $maxFileSize = 2.2 * 1024 * 1024; + +#aws credentials here +my $aws_access_key_id = "AKIAIR53VPBXKJMXZIBA"; +my $aws_secret_access_key = "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"; + +#SQL CONNECTIONS +my $sql_username = "asdfus"; +my $sql_dbname = "asdfus"; +my $sql_passwd = "gTYgT&M6q"; +my $db_tag = "shader"; + +my $time_now = time(); + + +my $IN = new CGI; +my $resp = {}; + +sub get_postdata{ + return $IN->param('POSTDATA'); +} + +#qq file is the default name for the file parameter when using qq upload. change if necessary +sub get_filedata{ + my $file = $IN->upload('qqfile'); + if ($file){ + return read_file( $file, binmode => ':raw' ) ; + }else{ + return + } +} + + +sub get_filetype{ + my $filedata = shift; + my $mm = new File::MMagic; + my $mtype = $mm->checktype_contents($filedata); + if ($mtype =~ m@^image/(gif|png|jpeg)@gi){ + return $1; + }else{ + return undef; + } +} + + +sub make_photoblaster_directory{ + return substr(Digest::SHA1->sha1_hex($time_now), 0, 2); +} +sub make_photoblaster_filename{ + my $filename = $IN->param("filename") || sprintf("%s_%s", "im", $time_now); + $filename =~ s/[^-a-zA-Z0-9]/-/g; + $filename =~ s/-+/-/g; + $filename =~ s/\....$//; + $filename =~ s/^-//g; + return $filename; +} +sub make_photoblaster_url{ + my $photoblaster_directory = shift; + my $filename = shift; + return sprintf("http://i.asdf.us/im/%s/%s", $photoblaster_directory, $filename); +} +sub add_to_photoblaster_db{ + my $pb_dir = shift; + my $filename = shift; + our $dbh = DBI->connect("DBI:mysql:$sql_dbname", $sql_username, $sql_passwd); + unless($dbh){ return undef && print STDERR "Could not connect to database: $DBI::errstr"}; + my $execute = $dbh->do( + "INSERT INTO im_cmd ". + "(date, name, dir, newfile, tag, remote_addr)". + "VALUES(?,?,?,?,?,?);", + undef, + $time_now, + $IN->param("username") || "", + $pb_dir, + $filename, + $db_tag, + $ENV{REMOTE_ADDR} || '127.0.0.1' + ); + return $execute; +} + +sub write_to_file{ + my $filepath = shift; + my $filedata = shift; + write_file( $filepath, {binmode => ':raw'}, $filedata ) or return undef; + return 1; +} + +sub test_gif_size{ + my $filepath = shift; + my $check_size = -s "$filepath"; + print STDERR qq|Main filesize: $check_size Max Filesize: $maxFileSize nn|; + return $check_size; +} + +sub optimize_gif{ + my $filepath = shift; + my $tmpname = $filepath.".tmp"; + #because system gives the unix exit code + not system("gifsicle -O2 --colors=256 $filepath > $tmpname") or return undef; + not system("mv -f $tmpname $filepath") or return undef; + return 1; +} + +sub upload_to_AmazonS3{ + my $keyname = shift; + my $value = shift; + my $s3 = Amazon::S3->new( + { aws_access_key_id => $aws_access_key_id, + aws_secret_access_key => $aws_secret_access_key + } + ); + my $bucket = $s3->bucket("i.asdf.us"); + $bucket->add_key( + $keyname, $value, + { content_type => 'image/gif', + } + ); + return $bucket; +} + +sub delete_file{ + my $filepath = shift; + unlink($filepath); +} +sub error{ + my $message = shift; + + my $resp = { success => "false", error => $message }; + print JSON->new->encode($resp); + exit 1; +} + +sub main{ + print $IN->header(); + + my $filedata = get_postdata() || get_filedata() || read_file("/tmp/tt.gif", binmode=>":raw"); + unless($filedata){ error("NO DATA RECIEVED") }; + my $filetype = get_filetype($filedata); + unless($filetype){ error("BAD FILE TYPE")}; + + my $photoblaster_directory = make_photoblaster_directory(); + my $photoblaster_filename = sprintf("%s.%s", make_photoblaster_filename(), $filetype); + + my $filepath = $main::upload_dir . $photoblaster_filename; + + if ($filetype =~ /gif$/i){ + unless(write_to_file($filepath, $filedata)){ + error("UNABLE TO WRITE TO FILE"); + } + unless (optimize_gif($filepath)){ + error("UNABLE TO OPTIMIZE GIF"); + } + my $filedata = read_file($filepath, binmode=>":raw"); + } + + my $filesize = length($filedata); + if ($filesize < 1) { + error( "EMPTY FILE"); + } elsif ($filesize > $maxFileSize) { + error("FILE TOO LARGE"); + } + + unless(upload_to_AmazonS3(sprintf("im/%s/%s", $photoblaster_directory, $photoblaster_filename), $filedata)){ + error("UNABLE TO UPLOAD TO AMAZONS3"); + }; + delete_file($filepath); + my $photoblaster_url = make_photoblaster_url($photoblaster_directory, $photoblaster_filename); + unless(add_to_photoblaster_db($photoblaster_directory, $photoblaster_filename)){ + print STDERR "problem adding value to db"; + } + my $resp = { + success => "true", + url => $photoblaster_url, + filesize => $filesize + }; + print JSON->new->encode($resp); +} + +main(); + diff --git a/cgi-bin/view b/cgi-bin/view index d818519..6bb55b4 100755 --- a/cgi-bin/view +++ b/cgi-bin/view @@ -72,40 +72,41 @@ sub main{ } my $res; - given($params->{f}){ - when(/info/){ + for($params->{f}){ + /info/ && do { unless(defined $params->{id}) { not_specified_error("id"); }; $res = mysql_retrieve('SELECT * FROM shaders WHERE id = ?', $params->{id}); - } - when(/all/){ + last; + }; + /all/ && do { $res = mysql_retrieve('select * from shaders order by id'); - } - when(/range/){ + last; + }; + /range/ && do { unless (defined $params->{limit}){ not_specified_error("limit") }; - if (defined $params->{last}){ - $res = mysql_retrieve(sprintf(' select * from shaders order by id desc limit %s , %s', $param->{last}, $params->{limit})); - }else{ - $res = mysql_retrieve(sprintf(' select * from shaders order by id desc limit 0 , %s', $params->{limit})); - } - } - when(/history/){ + $res = mysql_retrieve(' select * from shaders order by id desc limit ? , ?', ($params->{last} || 0), $params->{limit}); + last; + }; + /history/ && do{ unless(defined $params->{id}) { not_specified_error("id"); }; $res = mysql_retrieve('SELECT * FROM shaders WHERE shader_id = ? order by id', $params->{id}); - } - when(/username/){ + last; + }; + /username/ && do{ unless(defined $params->{username}) { not_specified_error("username") }; $res = mysql_retrieve('select * from shaders where username = ?', $params->{username}); - } - when(/list_users/){ + last; + }; + /list_users/ && do{ $res = mysql_retrieve('select distinct username from shaders;'); - } - when(/originals/){ + last; + }; + /originals/ && do{ $res = mysql_retrieve('select shaders.* from shader_ids cross join shaders on shader_ids.id = shaders.shader_id'); - } - default { - response({ ERROR => "Function parameter f improperly defined"}, $callback); - exit(1); - }; + last; + }; + response({ ERROR => "Function parameter f improperly defined"}, $callback); + exit(1); } response($res, $callback); } |