Exemplo n.º 1
0
def main(pif):
    os.environ['PATH'] += ':/usr/local/bin'
    pif.render.print_html()
    pif.restrict('vma')
    tform = TraverseForm().read(pif)

    pif.render.set_page_extra(pif.render.increment_js)
    print(pif.render.format_head())
    useful.header_done()
    print(pif.form.get_form())
    if tform.alt:
        print(
            pif.render.format_link('/cgi-bin/traverse.cgi?d=' + tform.alt,
                                   tform.alt))
    print('<br>')
    if tform.patt:
        show_imgs(pif, tform)
    elif tform.scrt:
        show_script(pif, tform)
    elif tform.act:
        do_action(pif, tform)
    elif tform.fnam:
        show_file(pif, tform)
    else:
        print(show_dir(pif, tform))
    print(pif.render.format_tail())
Exemplo n.º 2
0
    def start(self):
        self.log_start()
	self.set_user_info(self.user_id)
	self.set_page_info(self.page_id)
        if not self.is_web:
	    useful.header_done(is_web=False)
	self.duplicate_form = self.form.has('token') and not self.dbh.insert_token(self.form.get_str('token'))
Exemplo n.º 3
0
def simple_html(status=404):
    if not useful.is_header_done():
        print 'Content-Type: text/html\n\n'
        print 'Status:', status, httplib.responses.get(status, '')
    #print '<!--\n' + str(os.environ) + '-->'
    useful.header_done()
    useful.write_comment()
Exemplo n.º 4
0
 def call_main(page_id='cli',
               form_key='',
               defval='',
               args='',
               dbedit=None,
               switches='',
               options=''):
     useful.header_done(False)
     pif = None
     try:
         switch, filelist = get_command_line(switches, options)
         for f in filelist:
             if f.startswith('page_id='):
                 page_id = f[8:]
         if isinstance(page_id, pifile.PageInfoFile):
             pif = page_id
         else:
             pif = get_page_info(page_id, form_key, defval, args, dbedit)
         pif.switch, pif.filelist = switch, filelist
         ret = main_fn(pif)
         useful.write_comment()
         if ret:
             print(ret)
     except SystemExit:
         pass
     except useful.SimpleError as e:
         print('***', e.value)
Exemplo n.º 5
0
def handle_exception(pif,
                     e,
                     header_done=False,
                     write_traceback=True,
                     status_code='unset'):
    log = pif.log if pif and pif.log else logger.Logger()
    log.exc.error('{} {}'.format(os.environ.get('REMOTE_ADDR', '127.0.0.1'),
                                 os.environ.get('REQUEST_URI', 'unknown')))
    str_tb = write_traceback_file(pif, e) if write_traceback else ''
    log_page_call(pif, status_code=status_code)
    if not pif or not pif.render or not pif.dbh:
        if not header_done:
            simple_html()
        if str_tb:
            print('<!--\n' + str_tb + '-->')
        final_exit()
    pif.dbh.set_health(pif.page_id)
    if not useful.is_header_done() and not header_done:
        simple_html()
    useful.header_done()
    useful.write_comment()
    while pif.render.table_count > 0:
        print(pif.render.format_table_end())
    if not pif.is_allowed('a'):
        print('<!--\n' + str_tb + '-->')
        final_exit()
Exemplo n.º 6
0
def simple_html(status=404):
    if not useful.is_header_done():
	print 'Content-Type: text/html\n\n'
	print 'Status:', status, httplib.responses.get(status, '')
    #print '<!--\n' + str(os.environ) + '-->'
    useful.header_done()
    useful.write_comment()
Exemplo n.º 7
0
 def start(self):
     # self.log_start()
     self.set_user_info(self.user_id)
     self.set_page_info(self.page_id)
     if not self.is_web:
         useful.header_done(is_web=False)
     self.duplicate_form = self.form.has(
         'token') and not self.dbh.insert_token(self.form.get_str('token'))
Exemplo n.º 8
0
    def __init__(self, page_id, form_key='', defval='', args='', dbedit=None):
        self.render = self.dbh = None
        self.secure = secure.Security()
        self.htdocs = self.secure.docroot
        config.IS_BETA = self.secure.is_beta
        self.rawcookies = self.secure.get_cookies()
        user_id = self.rawcookies.get('id', '0')
	if isinstance(user_id, str):
	    user_id = eval(user_id)
	if isinstance(user_id, (int, long)):
	    self.id = user_id
	elif isinstance(user_id, tuple):
	    user_id = user_id[0]
	config.USER_ID = self.user_id = user_id
        self.unittest = bool(args)  # args comes from unittest only!
        self.argv = args.split() if args else sys.argv[1:]  # argv comes from command line only!
        self.form = BaseForm(cgi.FieldStorage(), self.argv)
        self.page_id = self.get_page_id(page_id, form_key, defval)
        self.page_name = self.page_id[self.page_id.rfind('.') + 1:]
        self.time_start = datetime.datetime.now().strftime('%Y%m%d.%H%M%S')
        self.request_uri = os.environ.get('REQUEST_URI', 'unknown')
        self.remote_host = os.environ.get('REMOTE_HOST', 'host_unset')
        self.remote_addr = os.environ.get('REMOTE_ADDR', '127.0.0.1')
        self.is_web = 'REQUEST_METHOD' in os.environ  # is apache!
        self.set_server_env()
	self.log = logger.Logger()
        self.format_type = 'python'
        self.render = render.Presentation(self.page_id, self.form.get_int('verbose'))
        self.render.secure = self.secure
        self.render.unittest = self.unittest
        self.render.comment('form', self.form.get_form())
        self.privs = set(self.rawcookies.get('pr', '')) & set(self.form.get_str('privs', 'vuma'))
        self.secure.cookies = self.rawcookies.get('co')
        if self.is_allowed(dbedit):
            self.secure.set_config('edit')

        os.chdir(self.secure.docroot)
        self.cwd = os.getcwd()
        self.render.is_beta = self.secure.is_beta
        self.cgibin = '../cgi-bin'

        self.dbh = dbhand.DBHandler(self.secure.config, self.user_id, self.log.dbq, self.render.verbose)
        self.dbh.dbi.nowrites = self.unittest
        self.log_start()
        page_info = self.dbh.fetch_page(self.page_id)
	if not page_info:
	    raise useful.SimpleError('Your request is incorrect (bad page id, %s).  Please try something else.' % self.page_id)
        self.render.set_page_info(page_info)
        self.render.not_released = (self.render.flags & self.dbh.FLAG_PAGE_INFO_HIDDEN) != 0
        self.render.hide_title = (self.render.flags & self.dbh.FLAG_PAGE_INFO_HIDE_TITLE) != 0
	self.render.is_admin = self.is_allowed('a')
	self.render.is_moderator = self.is_allowed('m')
	self.render.is_user = self.is_allowed('u')
	self.render.is_viewer = self.is_allowed('v')
        if not self.is_web:
	    useful.header_done(is_web=False)
	self.duplicate_form = self.form.has('token') and not self.dbh.insert_token(self.form.get_str('token'))
Exemplo n.º 9
0
def blister(pif):
    pif.render.print_html()
    #global pagename
    #pagename = pif.form.get_str('page', 'blister')

    dblist = bfiles.SimpleFile(useful.relpath(config.SRC_DIR, pif.page_name + '.dat'))

    print pif.render.format_head()
    useful.header_done()
    print do_tree_page(pif, dblist)
    print pif.render.format_tail()
Exemplo n.º 10
0
def blister(pif):
    pif.render.print_html()
    #global pagename
    #pagename = pif.form.get_str('page', 'blister')

    dblist = bfiles.SimpleFile(
        useful.relpath(config.SRC_DIR, pif.page_name + '.dat'))

    print pif.render.format_head()
    useful.header_done()
    print do_tree_page(pif, dblist)
    print pif.render.format_tail()
Exemplo n.º 11
0
def main(pif):
    pif.render.print_html()
    print pif.render.format_head()
    useful.header_done()
    manf = MannoFile(useful.relpath(config.SRC_DIR, 'tomica.dat'))
    mans = manf.dictlist
    if pif.form.has('num'):
        print '<meta http-equiv="refresh" content="0;url=single.cgi?id=%s">' % pif.form.get_str('num')
        return
    else:
        run_file(pif, manf, year=pif.form.get_str('year'))
        #print pif.render.format_matrix(llineup)
    print pif.render.format_tail()
Exemplo n.º 12
0
    def print_html(self, content='text/html', status=200):
	if not useful.is_header_done():
	    print 'Content-Type:', content
	    if content == 'text/csv':
		print "Content-Description: File Transfer\nContent-Disposition: attachment; filename=%s\nExpires: 0" % self.filename
	    print 'Status:', status, httplib.responses.get(status, '')
	    #useful.html_done = True
	    self.print_cookie()
	    print
	    if content == 'text/html':
		self.is_html = True
		print '<!DOCTYPE html>'
		print
	    useful.header_done()
Exemplo n.º 13
0
def main(pif):
    pif.render.print_html()
    print(pif.render.format_head())
    useful.header_done()
    manf = MannoFile(useful.relpath(config.SRC_DIR, 'tomica.dat'))
    # mans = manf.dictlist
    if pif.form.has('num'):
        print('<meta http-equiv="refresh" content="0;url=single.cgi?id=%s">' %
              pif.form.get_str('num'))
        return
    else:
        run_file(pif, manf, year=pif.form.get_str('year'))
        # print(pif.render.format_matrix(llineup))
    print(pif.render.format_tail())
Exemplo n.º 14
0
def handle_form(pif):
    pif.render.print_html()
    mod_id = pif.form.get_str('m')
    if not mod_id:
        mod_id = pif.form.get_str('mod_id')
    if mod_id:
        pif.render.title = 'Variations - ' + mod_id
    elif pif.form.has('f'):
        pif.render.title = 'Variations - ' + pif.form.get_str('f')
    print(pif.render.format_head())
    useful.header_done()
    if not pif.is_allowed('a'):
        return

    pif.dbh.set_verbose(True)
    vid = vrdata.VariationImportData()
    vid.verbose = pif.render.verbose
    nvars = list()
    file_dir = pif.form.get_str('d', 'src/mbxf')

    print(pif.form, '<br>')
    if pif.form.has("recalc"):  # doesn't really fit the pattern
        print("recalc<br>")
        for k in pif.form.keys(end='.var'):
            nvars.append(k[0:-4] + "=" + pif.form.get_str(k))
    elif pif.duplicate_form:  # not pif.dbh.insert_token(pif.form.get_str('token')):
        print('duplicate form submission detected')
    else:
        do_action(pif, mod_id)
    print("<br><hr>")

    # args = ''
    if pif.form.has('settings'):
        show_settings(pif, vid, pif.form.get_str('f'))
    elif pif.form.has('f'):
        show_file(pif, vid, file_dir, pif.form.get_str('f'), ' '.join(nvars))
    else:
        show_index(pif,
                   vid,
                   file_dir,
                   start=pif.form.get_str('s'),
                   num=pif.form.get_int('n', 100),
                   ff=int(pif.form.get_int('ff')))

    print(pif.render.format_tail())
Exemplo n.º 15
0
def handle_exception(pif, header_done=False, write_traceback=True):
    str_tb = ''
    if write_traceback:
        str_tb = write_traceback_file(pif)
    if not pif or not pif.render or not pif.dbh:
        if not header_done:
            simple_html()
        if str_tb:
            print '<!--\n' + str_tb + '-->'
        final_exit()
    pif.dbh.set_health(pif.page_id)
    import useful
    if not useful.is_header_done() and not header_done:
        simple_html()
    useful.header_done()
    useful.write_comment()
    while pif.render.table_count > 0:
        print pif.render.format_table_end()
    if not pif.is_allowed('a'):
        print '<!--\n' + str_tb + '-->'
        final_exit()
Exemplo n.º 16
0
def handle_exception(pif, header_done=False, write_traceback=True):
    str_tb = ''
    if write_traceback:
	str_tb = write_traceback_file(pif)
    if not pif or not pif.render or not pif.dbh:
	if not header_done:
	    simple_html()
	if str_tb:
	    print '<!--\n' + str_tb + '-->'
        final_exit()
    pif.dbh.set_health(pif.page_id)
    import useful
    if not useful.is_header_done() and not header_done:
	simple_html()
    useful.header_done()
    useful.write_comment()
    while pif.render.table_count > 0:
        print pif.render.format_table_end()
    if not pif.is_allowed('a'):
        print '<!--\n' + str_tb + '-->'
        final_exit()
Exemplo n.º 17
0
def handle_form(pif):
    pif.render.print_html()
    mod_id = pif.form.get_str('m')
    if not mod_id:
	mod_id = pif.form.get_str('mod_id')
    if mod_id:
        pif.render.title = 'Variations - ' + mod_id
    elif pif.form.has('f'):
        pif.render.title = 'Variations - ' + pif.form.get_str('f')
    print pif.render.format_head()
    useful.header_done()
    if not pif.is_allowed('a'):
        return

    pif.dbh.set_verbose(True)
    vid = vrdata.VariationImportData()
    vid.verbose = pif.render.verbose
    nvars = list()
    file_dir = pif.form.get_str('d', 'src/mbxf')

    print pif.form, '<br>'
    if pif.form.has("recalc"):  # doesn't really fit the pattern
        print "recalc<br>"
        for k in pif.form.keys(end='.var'):
            nvars.append(k[0:-4] + "=" + pif.form.get_str(k))
    elif pif.duplicate_form: #not pif.dbh.insert_token(pif.form.get_str('token')):
	print 'duplicate form submission detected'
    else:
        do_action(pif, mod_id)
    print "<br><hr>"

    args = ''
    if pif.form.has('settings'):
	show_settings(pif, vid, pif.form.get_str('f'))
    elif pif.form.has('f'):
        show_file(pif, vid, file_dir, pif.form.get_str('f'), ' '.join(nvars))
    else:
        show_index(pif, vid, file_dir, start=pif.form.get_str('s'), num=pif.form.get_int('n', 100), ff=int(pif.form.get_int('ff')))

    print pif.render.format_tail()
Exemplo n.º 18
0
def main(pif):
    os.environ['PATH'] += ':/usr/local/bin'
    pif.render.print_html()
    pif.restrict('vma')
    tform = TraverseForm().read(pif)

    pif.render.set_page_extra(pif.render.increment_js)
    print pif.render.format_head()
    useful.header_done()
    print pif.form.get_form()
    if tform.alt:
	print pif.render.format_link('/cgi-bin/traverse.cgi?d=' + tform.alt, tform.alt)
    print '<br>'
    if tform.patt:
        show_imgs(pif, tform)
    elif tform.scrt:
        show_script(pif, tform)
    elif tform.act:
        do_action(pif, tform)
    elif tform.fnam:
        show_file(pif, tform)
    else:
        print show_dir(pif, tform)
    print pif.render.format_tail()
Exemplo n.º 19
0
    def format_template(self, template, **kwargs):
        if self.tail.get('flags'):
            self.flag_list = list(self.shown_flags)
            self.flag_list.sort(key=lambda x: self.flag_info[x][0])
	titleimage = self.find_image_path(self.page_id.split('.'))
	if titleimage:
	    titleimage = '/' + titleimage
	page_info = {
	    'messages': useful.header_done(silent=True),
	    'hierarchy': self.hierarchy,
	    'is_beta': self.is_beta,
	    'styles': self.styles,
	    'title': self.title,
	    'hide_title': self.hide_title,
	    'is_admin': self.is_admin,
	    'is_moderator': self.is_moderator,
	    'is_user': self.is_user,
	    'titleimage': titleimage,
	    'tail': self.tail,
	    'page_id': self.page_id,
	    'description': self.description,
	    'note': self.note,
	    'pic_dir': self.pic_dir,
	    'large': self.large,
	    'verbose': self.verbose,
	    'not_released': self.not_released,
	    'flags': self.flags,
	    'flag_info': self.flag_info,
	    'shown_flags': self.shown_flags,
	    'secure': self.secure,
	    'extra': self.extra,
	    'comment_button': self.comment_button,
	    'footer': self.footer,
	    'bamcamark': self.bamcamark,
	    'token': self.format_form_token(useful.generate_token(6)),
	}
	output = useful.render_template(template, page=page_info, config_context=config, **kwargs)
	if self.unittest:
	    return "[redacted]"
	return output
Exemplo n.º 20
0
    def call_main(page_id, form_key='', defval='', args='', dbedit=None):
        #useful.write_comment('PID', os.getpid())
        pif = None
        try:
            import pifile
            if isinstance(page_id, pifile.PageInfoFile):
                pif = page_id
            else:
                pif = get_page_info(page_id, form_key, defval, args, dbedit)
            if '/etc/passwd' in os.environ.get(
                    'QUERY_STRING', '') or '%2fetc%2fpasswd' in os.environ.get(
                        'QUERY_STRING', '').lower():
                raise useful.Redirect('http://www.nsa.gov/')
        except SystemExit:
            pass
        except useful.SimpleError as e:
            simple_html(status=e.status)
            print useful.render_template('error.html',
                                         error=[e.value],
                                         page={'tail': ''})
            if pif:
                pif.log.debug.error('SimpleError: ' + str(e) + ' - ' +
                                    '''%s''' %
                                    os.environ.get('REQUEST_URI', ''))
            handle_exception(pif, True, False)
            return
        except MySQLdb.OperationalError:
            simple_html()
            print 'The database is currently down, and thus, this page is unable to be shown.<p>'
            str_tb = write_traceback_file(pif)
            handle_exception(pif, True)
            return
        except useful.Redirect as e:
            if not useful.is_header_done():
                pif.render.print_html()
            print pif.render.format_template('forward.html',
                                             url=e.value,
                                             delay=e.delay)
            return
        except:
            handle_exception(pif)
            return

        try:
            ret = main_fn(pif)
            if not useful.is_header_done():
                pif.render.print_html()
            useful.write_comment()
            if ret and not pif.unittest:
                print ret
        except SystemExit:
            pass
        except useful.SimpleError as e:
            if not useful.is_header_done():
                pif.render.print_html(status=e.status)
            print pif.render.format_template('error.html', error=[e.value])
        except useful.Redirect as e:
            if not useful.is_header_done():
                pif.render.print_html()
            print pif.render.format_template('forward.html',
                                             url=e.value,
                                             delay=e.delay)
        except useful.DelayedRedirect as e:
            if not useful.is_header_done():
                pif.render.print_html()
            print pif.render.format_template('forward.html',
                                             url=e.value,
                                             delay=e.delay)
        except MySQLdb.OperationalError:
            if not useful.is_header_done():
                pif.render.print_html()
            print 'The database is currently done, and thus, this page is unable to be shown.<p>'
            str_tb = write_traceback_file(pif)
        except:
            handle_exception(pif)
            raise
        useful.header_done(True)
        useful.write_comment()
Exemplo n.º 21
0
    def call_main(page_id, form_key='', defval='', args='', dbedit=None):
	#useful.write_comment('PID', os.getpid())
        pif = None
        try:
            import pifile
            if isinstance(page_id, pifile.PageInfoFile):
                pif = page_id
            else:
                pif = get_page_info(page_id, form_key, defval, args, dbedit)
		pif.start()
	    if '/etc/passwd' in os.environ.get('QUERY_STRING', '') or '%2fetc%2fpasswd' in os.environ.get('QUERY_STRING', '').lower():
		raise useful.Redirect('https://www.nsa.gov/')
        except SystemExit:
            pass
	except useful.SimpleError as e:
	    simple_html(status=e.status)
	    print useful.render_template('error.html', error=[e.value], page={'tail':''})
	    if pif:
		pif.log.debug.error('SimpleError: ' + str(e) + ' - ' + '''%s''' % os.environ.get('REQUEST_URI', ''))
            handle_exception(pif, True, False)
            return
        except MySQLdb.OperationalError:
	    simple_html()
            print 'The database is currently down, and thus, this page is unable to be shown.<p>'
	    str_tb = write_traceback_file(pif)
            handle_exception(pif, True)
            return
	except useful.Redirect as e:
	    if not useful.is_header_done():
		pif.render.print_html()
	    print pif.render.format_template('forward.html', url=e.value, delay=e.delay)
	    return
        except:
            handle_exception(pif)
            return

	try:
            ret = main_fn(pif)
	    if not useful.is_header_done():
		pif.render.print_html()
	    if pif.render.is_html:
		useful.write_comment("Page:", pif.page_id, 'Time:', time.time() - pif.start_seconds)
            if ret and not pif.unittest:
                print ret
        except SystemExit:
            pass
	except useful.SimpleError as e:
	    if not useful.is_header_done():
		pif.render.print_html(status=e.status)
	    print pif.render.format_template('error.html', error=[e.value])
	except useful.Redirect as e:
	    if not useful.is_header_done():
		pif.render.print_html()
	    print pif.render.format_template('forward.html', url=e.value, delay=e.delay)
        except MySQLdb.OperationalError:
	    if not useful.is_header_done():
		pif.render.print_html()
            print 'The database is currently done, and thus, this page is unable to be shown.<p>'
	    str_tb = write_traceback_file(pif)
        except:
            handle_exception(pif)
            raise
	useful.header_done(True)
	useful.write_comment()
Exemplo n.º 22
0
    def call_main(page_id, form_key='', defval='', args='', dbedit=None):
        # useful.write_comment('PID', os.getpid(), 'GURU', config.GURU_ID)
        status_code = 'unset'
        pif = None
        try:
            pif = (page_id if isinstance(page_id, pifile.PageInfoFile) else
                   get_page_info(page_id, form_key, defval, args, dbedit))
        except SystemExit:
            pass
        except pymysql.OperationalError as e:
            status_code = 'db'
            simple_html()
            print(
                'The database is currently down, and thus, this page is unable to be shown.<p>'
            )
            write_traceback_file(pif, e)
            handle_exception(pif, e, True, status_code=status_code)
            return
        except Exception as e:
            status_code = 'exc'
            simple_html()
            handle_exception(pif, e, status_code=status_code)
            return

        pif.start()

        try:
            if ('/etc/passwd' in os.environ.get('QUERY_STRING', '')
                    or '%2fetc%2fpasswd' in os.environ.get('QUERY_STRING',
                                                           '').lower()):
                raise useful.Redirect('https://www.nsa.gov/')
            ret = main_fn(pif)
            if not useful.is_header_done():
                pif.render.print_html()
            if pif.render.is_html:
                useful.write_comment("Page:", pif.page_id, 'Time:',
                                     time.time() - pif.start_seconds)
            if ret and not pif.unittest:
                print(ret)
        except SystemExit:
            pass  # the happiest exception on earth
            status_code = 'exit'
        except useful.SimpleError as e:
            if not useful.is_header_done():
                status_code = e.status
                pif.render.print_html(status=e.status)
            print(pif.render.format_template('error.html', error=[e.value]))
        except useful.Redirect as e:
            if not useful.is_header_done():
                status_code = 302
                pif.render.print_html(status=302)
            print(
                pif.render.format_template('forward.html',
                                           url=e.value,
                                           delay=e.delay))
        except pymysql.OperationalError as e:
            if not useful.is_header_done():
                status_code = 500
                pif.render.print_html(status=500)
            print(
                'The database is currently down, and thus, this page is unable to be shown.<p>'
            )
            write_traceback_file(pif, e)
        except Exception as e:
            status_code = 'exc'
            handle_exception(pif, e, status_code=status_code)
            raise
        useful.header_done(True)
        useful.write_comment()
        log_page_call(pif, status_code=status_code)