parser = mailtools.MailParser()
addrhdrs = ('From', 'To', 'Cc', 'Bcc') # decode name only
quoted = '\n-----Original Message-----\n'
for hdr in ('From', 'To', 'Date'):
rawhdr = getfield(form, hdr)
if hdr not in addrhdrs:
dechdr = parser.decodeHeader(rawhdr) # 3.0: decode for display
else: # encoded on sends
dechdr = parser.decodeAddrHeader(rawhdr) # email names only
quoted += '%s: %s\n' % (hdr, dechdr)
quoted += '\n' + getfield(form, 'text')
quoted = '\n' + quoted.replace('\n', '\n> ')
return quoted
form = cgi.FieldStorage() # parse form or URL data
user, pswd, site = commonhtml.getstandardpopfields(form)
pswd = secret.decode(pswd)
try:
if form['action'].value == 'Reply':
headers = {'From': mailconfig.myaddress, # 3.0: commonhtml decodes
'To': getfield(form, 'From'),
'Cc': mailconfig.myaddress,
'Subject': 'Re: ' + getfield(form, 'Subject')}
commonhtml.editpage('Reply', headers, quotetext(form))
elif form['action'].value == 'Forward':
headers = {'From': mailconfig.myaddress, # 3.0: commonhtml decodes
'To': '',
'Cc': mailconfig.myaddress,
'Subject': 'Fwd: ' + getfield(form, 'Subject')}
############################################################
# On submit in pop password input window--make view list;
# in 2.0 we only fetch mail headers here, and fetch 1 full
# message later upon request; we still fetch all headers
# each time the index page is made: caching requires a db;
############################################################
import cgi
import loadmail, commonhtml
from externs import mailtools
from secret import encode # user-defined encoder module
MaxHdr = 35 # max length of email hdrs in list
# only pswd comes from page here, rest usually in module
formdata = cgi.FieldStorage()
mailuser, mailpswd, mailsite = commonhtml.getstandardpopfields(formdata)
try:
newmails = loadmail.loadmailhdrs(mailsite, mailuser, mailpswd)
mailnum = 1
maillist = []
for mail in newmails: # list of hdr text
msginfo = []
hdrs = mailtools.MailParser().parseHeaders(mail) # email.Message
for key in ('Subject', 'From', 'Date'):
msginfo.append(hdrs.get(key, '?')[:MaxHdr])
msginfo = ' | '.join(msginfo)
maillist.append((
msginfo,
commonhtml.urlroot + 'onViewListLink.py',
{
# password here, and only ever sends both as URL params or
# hidden fields after the password has been encrypted by a
# user-uploadable encryption module; put html in commonhtml?
##############################################################
# page template
pswdhtml = """
<form method=get action=%sonViewPswdSubmit.py>
<p>
Please enter POP account password below, for user "%s" and site "%s".
<p><input name=pswd type=password>
<input type=submit value="Submit"></form></p>
<hr><p><i>Security note</i>: The password you enter above will be transmitted
over the Internet to the server machine, but is not displayed, is never
transmitted in combination with a username unless it is encrypted, and is
never stored anywhere: not on the server (it is only passed along as hidden
fields in subsequent pages), and not on the client (no cookies are generated).
This is still not guaranteed to be totally safe; use your browser's back button
to back out of PyMailCgi at any time.</p>
"""
# generate the password input page
import commonhtml # usual parms case:
user, pswd, site = commonhtml.getstandardpopfields({}) # from module here,
commonhtml.pageheader(kind='POP password input') # from html|url later
print pswdhtml % (commonhtml.urlroot, user, site)
commonhtml.pagefooter()
# On submit in pop password input window--make view list;
# in 2.0 we only fetch mail headers here, and fetch 1 full
# message later upon request; we still fetch all headers
# each time the index page is made: caching requires a db;
############################################################
import cgi
import loadmail, commonhtml
from externs import mailtools
from secret import encode # user-defined encoder module
MaxHdr = 35 # max length of email hdrs in list
# only pswd comes from page here, rest usually in module
formdata = cgi.FieldStorage()
mailuser, mailpswd, mailsite = commonhtml.getstandardpopfields(formdata)
try:
newmails = loadmail.loadmailhdrs(mailsite, mailuser, mailpswd)
mailnum = 1
maillist = []
for mail in newmails: # list of hdr text
msginfo = []
hdrs = mailtools.MailParser().parseHeaders(mail) # email.Message
for key in ("Subject", "From", "Date"):
msginfo.append(hdrs.get(key, "?")[:MaxHdr])
msginfo = " | ".join(msginfo)
maillist.append(
(
msginfo,
commonhtml.urlroot + "onViewListLink.py",
# password here, and only ever sends both as URL params or
# hidden fields after the password has been encrypted by a
# user-uploadable encryption module; put html in commonhtml?
##############################################################
# page template
pswdhtml = """
<form method=get action=%sonViewPswdSubmit.py>
<p>
Please enter POP account password below, for user "%s" and site "%s".
<p><input name=pswd type=password>
<input type=submit value="Submit"></form></p>
<hr><p><i>Security note</i>: The password you enter above will be transmitted
over the Internet to the server machine, but is not displayed, is never
transmitted in combination with a username unless it is encrypted, and is
never stored anywhere: not on the server (it is only passed along as hidden
fields in subsequent pages), and not on the client (no cookies are generated).
This is still not guaranteed to be totally safe; use your browser's back button
to back out of PyMailCgi at any time.</p>
"""
# generate the password input page
import commonhtml # usual parms case:
user, pswd, site = commonhtml.getstandardpopfields({}) # from module here,
commonhtml.pageheader(kind='POP password input') # from html|url later
print pswdhtml % (commonhtml.urlroot, user, site)
commonhtml.pagefooter()
полях формы только после того, как пароль будет зашифрован с помощью
модуля шифрования, выгружаемого пользователем;
# ---------------------------------------------------------------------------- #
"""
# шаблон страницы
pswdhtml = """
<form method="POST" action="%sonViewPswdSubmit.py">
<p>
Введите пароль учетной записи пользователя "%s" на сервере POP "%s".
</p>
<p><input name="pswd" type="password">
<input type="submit" value="Submit"></form></p>
<hr><p><i>Примечание, касающееся безопасности</i>: Пароль введенный
в поле выше, будет отправлен на сервер через Интернет, но он нигде
не отображается, никогда не передается в паре с именем пользователя
в незашифрованном виде и нигде не сохраняется: ни на сервере (он только
передается последующим страницам в скрытых полях форм), ни на стороне
клиента (система не генерирует никаких cookies). Тем не менее, полная
безопасность не гарантируется; при работе с PyMailCGI вы можете
использовать кнопку "Назад" ("Back") своего браузера в любой
момент времени.</p>
"""
# создание страницы ввода пароля
import commonhtml
# обычный прием работы с параметрами:
user, pswd, site = commonhtml.getstandardpopfields({}) # сначала из модуля
commonhtml.pageheader(kind='POP password input') # затем из html|url
print(pswdhtml % (commonhtml.urlroot, user, site))
commonhtml.pagefooter()
