#!/usr/bin/env python import sys import cgi,cgitb from urllib import unquote_plus from config import find_email_addresses cgitb.enable(display=0,logdir="../log/",format="text") form=cgi.FieldStorage() try: print 'Content-type: text/html \n' emailstr = unquote_plus(form['emailstr'].value) outstring = find_email_addresses(emailstr) print outstring.replace(',','\r\n'), except Exception: sys.exit()
else: userid = 0 if 'token' in keys: token = form['token'].value else: token='' if 'email_addresses' in keys: email_addresses = form['email_addresses'].value else: email_addresses='' if(not email_addresses or not userid or not token): config.returnhome(50) exit() list_of_addresses = config.find_email_addresses(email_addresses).split(',') list_of_keys = [] try: dbconn=psycopg2.connect(config.dsn) q=dbconn.cursor() #Check that request is from valid admin user. q.execute('SELECT u.username FROM tokens t LEFT JOIN users u ON t.userid=u.userid WHERE u.userid=%s AND u.isadmin=true AND t.token=%s',[userid,token]) assert(q.rowcount==1) r = q.fetchone() inviter = r[0] #Check that the email isn't already registered. q.execute('SELECT username FROM users WHERE email in %s',[tuple(list_of_addresses)]) if(q.rowcount!=0): print 'Location: ../admin.php \n\n'