diff options
-rw-r--r-- | .gitignore | 2 | ||||
-rwxr-xr-x | cgi/gb_newentry.cgi | 134 |
2 files changed, 88 insertions, 48 deletions
@@ -16,6 +16,8 @@ /leave-a-message/messages.json /leave-a-message/messages.txt /leave-a-message/archive.txt +/leave-a-message/faillog.txt +/leave-a-message/disavowed_ip /grecaptcha_key /abuseipdb_key diff --git a/cgi/gb_newentry.cgi b/cgi/gb_newentry.cgi index 14cfb91..a4f4cc3 100755 --- a/cgi/gb_newentry.cgi +++ b/cgi/gb_newentry.cgi @@ -1,70 +1,108 @@ #!/usr/bin/python3 -import os,sys,html,json,datetime +from ipaddress import ip_address, ip_network +import os +import sys +import html +import json +import datetime import urllib.parse import requests -#if os.environ['SERVER_NAME']!='chrisoft.org': -# import socks,socket -# socks.set_default_proxy(socks.SOCKS5,"127.0.0.1",1080) -# socket.socket=socks.socksocket -# def getaddrinfo(*args): -# return [(socket.AF_INET,socket.SOCK_STREAM,6,'',(args[0],args[1]))] -# socket.getaddrinfo=getaddrinfo +#if os.environ['SERVER_NAME'] != 'chrisoft.org': +# import socks, socket +# socks.set_default_proxy(socks.SOCKS5, "127.0.0.1", 1080) +# socket.socket = socks.socksocket +# def getaddrinfo(*args): +# return [(socket.AF_INET, socket.SOCK_STREAM, 6, '', (args[0],args[1]))] +# socket.getaddrinfo = getaddrinfo def fail(x=None): - print('Status: 400 Bad Request',end='\r\n') - print('Content-type: text/plain',end='\r\n') - print(end='\r\n') - print('400.') - if x is not None:print(x) - exit() + print('Status: 400 Bad Request', end='\r\n') + print('Content-type: text/plain', end='\r\n') + print(end='\r\n') + print('400.') + if x is not None: + print(x) + sys.exit() -if os.environ['REQUEST_METHOD']!='POST': - fail() +def logfail(x): + failloga = os.environ['DOCUMENT_ROOT'] + '/leave-a-message/faillog.txt' + with open(failloga, mode='a', encoding='utf-8') as f: + f.write(f'time: {mtime}\n') + f.write(f'IP: {os.environ["REMOTE_ADDR"]}\n') + f.write(f'fail reason: {x}\n') + f.write(f'comment: {mcontent}\n') + f.write(f'author: {mname}\n\n') + + +if os.environ['REQUEST_METHOD'] != 'POST': + fail() try: - f=json.load(sys.stdin) + f = json.load(sys.stdin) except Exception: - fail() + fail() try: - mname=urllib.parse.unquote(f['mname'],encoding='utf-8') - mcontent=urllib.parse.unquote(f['mcontent'],encoding='utf-8') - mname=html.escape(mname) - mcontent=html.escape(mcontent).replace('\n','<br>') - mtime=datetime.datetime.now(tz=datetime.timezone(datetime.timedelta(hours=8))).strftime('%Y-%m-%d %H:%M') + mname = urllib.parse.unquote(f['mname'], encoding='utf-8') + mcontent = urllib.parse.unquote(f['mcontent'], encoding='utf-8') + mname = html.escape(mname) + mcontent = html.escape(mcontent).replace('\n', '<br>') + mtimed = datetime.datetime.now(tz=datetime.timezone(datetime.timedelta(hours=8))) + mtime = mtimed.strftime('%Y-%m-%d %H:%M') except Exception as e: - fail() + fail() + +if len(mname) + len(mcontent) > 16384: + fail(x=':)') -if len(mname)+len(mcontent)>16384: - fail(x=':)') +try: + apika = os.environ['DOCUMENT_ROOT'] + '/abuseipdb_key' + with open(apika, mode='r', encoding='utf-8') as apikey_f: + apikey = apikey_f.read() + reqp = { + 'ipAddress': urllib.parse.quote(os.environ['REMOTE_ADDR']), + 'maxAgeInDays': '120', + 'verbose': '', + 'key': apikey.strip() + } + rsp = requests.get('https://api.abuseipdb.com/api/v2/check', params=reqp) + rspj = rsp.json()['data'] + if rspj['totalReports'] > 0: + logfail(x='total reports > 0') + fail(x=':)') +except Exception as e: + fail(x=e) try: - with open(os.environ['DOCUMENT_ROOT']+'/abuseipdb_key',mode='r',encoding='utf-8') as apikey_f: - apikey=apikey_f.read() - rsp=requests.get('https://api.abuseipdb.com/api/v2/check',params={'ipAddress':urllib.parse.quote(os.environ['REMOTE_ADDR']),'maxAgeInDays':'120','verbose':'','key':apikey.strip()}) - rspj=rsp.json()['data'] - if rspj['totalReports']>0: - fail(x=':)') + disava = os.environ['DOCUMENT_ROOT'] + '/leave-a-message/disavowed_ip' + with open(disava, mode='r', encoding='utf-8') as disavowedip: + for ip in disavowedip: + try: + if ip_address(os.environ["REMOTE_ADDR"]) in ip_network(ip.strip()): + logfail(x='ip disavowed') + fail(x=':)') + except ValueError as e: + pass except Exception as e: - fail(x=e) + fail(x=e) -print('Status: 200 OK',end='\r\n') -print('Content-type: text/plain',end='\r\n') +print('Status: 200 OK', end='\r\n') +print('Content-type: text/plain', end='\r\n') print(end='\r\n') -msgp=os.environ['DOCUMENT_ROOT']+'/leave-a-message/messages' -with open(msgp,mode='r',encoding='utf-8') as f: - o=json.load(f) -newm={'cont':mcontent,'author':mname,'time':mtime} +msgp = os.environ['DOCUMENT_ROOT'] + '/leave-a-message/messages' +with open(msgp, mode='r', encoding='utf-8') as f: + o = json.load(f) +newm = {'cont': mcontent, 'author': mname, 'time': mtime} o.append(newm) -with open(msgp,mode='w',encoding='utf-8') as f: - json.dump(o,f) +with open(msgp, mode='w', encoding='utf-8') as f: + json.dump(o, f) -archivp=os.environ['DOCUMENT_ROOT']+'/leave-a-message/archive.txt' -with open(archivp,mode='a',encoding='utf-8') as f: - f.write(f'comment: {mcontent}\n') - f.write(f'author: {mname}\n') - f.write(f'time: {mtime}\n') - f.write(f'IP: {os.environ["REMOTE_ADDR"]}\n\n') +archivp = os.environ['DOCUMENT_ROOT'] + '/leave-a-message/archive.txt' +with open(archivp, mode='a', encoding='utf-8') as f: + f.write(f'comment: {mcontent}\n') + f.write(f'author: {mname}\n') + f.write(f'time: {mtime}\n') + f.write(f'IP: {os.environ["REMOTE_ADDR"]}\n\n') -# vim: set noexpandtab : +# vim: set expandtab : |