diff options
author | B Stack <bgstack15@gmail.com> | 2021-02-01 09:07:23 -0500 |
---|---|---|
committer | B Stack <bgstack15@gmail.com> | 2021-02-01 09:07:23 -0500 |
commit | a4481dc007ff202882b783ed4b36e03a8b4c1d05 (patch) | |
tree | 0f8b5ccb6ea5e966e8d517b07936479ef49b3516 /toggle-editing.cgi | |
download | gallery-a4481dc007ff202882b783ed4b36e03a8b4c1d05.tar.gz gallery-a4481dc007ff202882b783ed4b36e03a8b4c1d05.tar.bz2 gallery-a4481dc007ff202882b783ed4b36e03a8b4c1d05.zip |
initial commit
Diffstat (limited to 'toggle-editing.cgi')
-rwxr-xr-x | toggle-editing.cgi | 145 |
1 files changed, 145 insertions, 0 deletions
diff --git a/toggle-editing.cgi b/toggle-editing.cgi new file mode 100755 index 0000000..1dd944b --- /dev/null +++ b/toggle-editing.cgi @@ -0,0 +1,145 @@ +#!/bin/sh +# File: gallery/toggle-editing.cgi +# Author: bgstack15@gmail.com +# Startdate: 2021-01-25 11:49 +# SPDX-License-Identifier: GPL-3.0 +# Title: Toggle the editing of this gallery +# Purpose: toggle the [edit] buttons in the requested gallery +# History: +# Usage: +# called by a link in the custom sigal theme +# required parameters include id +# Reference: +# apply.cgi +# Improve: +# Documentation: +# Dependencies: +# /etc/gallery-cgi.conf +# sigal.conf.py from indicated gallery_id +# Reverse dependencies: +DEBUG=0 +export DRYRUN= +export meta="<meta" # for turning off the automatic reloads +response=0 +test -e /etc/gallery-cgi.conf && . /etc/gallery-cgi.conf +# for the "sed -i"-ed conf file: +chgrp_string="admins" +chmod_string="g+rw" + +fix_perms() { + # call: fix_perms "${file}" + chmod "${chmod_string}" "${1}" + chgrp "${chgrp_string}" "${1}" +} + +printf "%s\n\n" "Content-type: text/html" +echo "<html><head><title>Toggle editing</title>" +echo "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">" +echo "</head><body>" + +# find gallery_id from query string, for GET +echo "${QUERY_STRING}" | grep -qE "(^|\&|\?)id=[^\&]+" && { + export gallery_id="$( echo "${QUERY_STRING}" | grep -oE "(^|\&|\?)id=[^\&]+" | awk -F'=' '{$1="";print;}' | sed -r -e 's:^ ::' )" +} + +# dynamically load the config file from the gallery_id defined in gallery-cgi.conf +if test "${REQUEST_METHOD}" = "GET" ; +then + eval export sigal_conf_py=\"\${"${gallery_id}"}\"/sigal.conf.py +fi + +test -n "${DEBUG}" && test ${DEBUG} -ge 3 1>/dev/null 2>&1 && { + echo "<pre>" + env + echo "</pre>" +} + +if test "${REQUEST_METHOD}" = "POST" ; +then + # if POST, then gallery_id is here and not earlier. + + stdin="$( cat )" + + # interpret input variables + export boundary="$( echo "${CONTENT_TYPE}" | awk '{print $2}' | awk -F'=' '{print $2}' )" + export stdin2="$( echo "${stdin}" | sed -r -e "s/-*${boundary}-*/%%%%%%%%%%/g;" | awk '/%%%%%%%/{a=a+1} $0 !~ /%%%%%/ && a {print a,$0}' )" + + # find gallery_id from form data + export gallery_id="$( echo "${stdin2}" | awk '/Content-Disposition.*="id"/{a=$1} $1==a && $0 !~ /^[0-9]\s*$|Content-Disposition/{print $2}' | tr -d '[\n\r]' )" + export referer="$( echo "${stdin2}" | awk '/Content-Disposition.*="referer"/{a=$1} $1==a && $0 !~ /^[0-9]\s*$|Content-Disposition/{print $2}' | tr -d '[\n\r]' )" + test -n "${DEBUG}" && test ${DEBUG} -ge 2 1>/dev/null 2>&1 && { + echo "<pre>" + echo "gallery_id=${gallery_id}" + echo "STDIN START" + echo "${stdin2}" + echo "STDIN STOP" + echo "</pre>" + } + export password="$( echo "${stdin2}" | awk '/Content-Disposition.*="password"/{a=$1} $1==a && $0 !~ /^[0-9]\s*$|Content-Disposition/{$1="";print;}' | sed -r -e 's/^\s*//;' | tr -d '[\n\r]' )" + test -n "${DEBUG}" && test ${DEBUG} -ge 2 1>/dev/null 2>&1 && { + echo "<pre>" + echo "password=\"${password}\"" + echo "desired_password=\"${desired_password}\"" + echo "</pre>" + } + + # dynamically load the config file from the POST gallery_id defined in gallery-cgi.conf + eval export sigal_conf_py=\"\${"${gallery_id}"}\"/sigal.conf.py + # read config file for desired values + desired_password="$( awk -F'=' '$1 ~ /edit_password/ {print $2}' "${sigal_conf_py}" | sed -r -e "s/[\"']//g;" -e 's/^ //;' | tr '[A-Z]' '[a-z]' )" + # check if password is correct + if test "${password}" = "${desired_password}" ; + then + action="enable" + else + # bad password + echo "bad password" + echo "${meta} http-equiv=\"Refresh\" content=\"0; url='${referer}'\" />" + fi + + +else + # HANDLE the GET + edit_enabled="$( awk -F'=' '$1 ~ /edit_enabled/ {print $2}' "${sigal_conf_py}" | sed -r -e "s/[\"']//g;" -e 's/^ //;' | tr '[A-Z]' '[a-z]' )" + if test "${edit_enabled}" = "true" || test "${edit_enabled}" = "1" || test "${edit_enabled}" = "yes" || test "${edit_enabled}" = "on" ; + then + # go ahead and disable it + action="disable" + else + # we need to ask to enable it + echo "<form method=\"post\" enctype=\"multipart/form-data\" id=\"toggle\" action=\"$( basename "${0}" )\" >" + echo " <label for=\"password\">Password:</label>" + echo " <input type=\"password\" id=\"password\" name=\"password\">" + echo " <input type=\"hidden\" id=\"referer\" name=\"referer\" value=\"${HTTP_REFERER}\">" + echo " <input type=\"hidden\" id=\"id\" name=\"id\" value=\"${gallery_id}\">" + echo " <input type=\"submit\" value=\"Submit\">" + echo "</form>" + fi +fi + +# take action if necessary +case "${action}" in + disable) + echo "Disabling editing..." + sed -i -r -e '/edit_enabled/{s/True/False/}' "${sigal_conf_py}" 1>&2 + response=$? + fix_perms "${sigal_conf_py}" + test ${response} -eq 0 && echo "${meta} http-equiv=\"Refresh\" content=\"1; url='${HTTP_REFERER}'\" />" + ;; + enable) + echo "Enabling editing..." + sed -i -r -e '/edit_enabled/{s/False/True/}' "${sigal_conf_py}" 1>&2 + response=$? + fix_perms "${sigal_conf_py}" + test ${response} -eq 0 && echo "${meta} http-equiv=\"Refresh\" content=\"1; url='${referer}'\" />" + ;; + "") + : + ;; + *) + echo "Unknown action ${action}." + ;; +esac + +printf '%s' "</body></html>" +exit ${response} |