| OLD | NEW | 
|---|
| (Empty) |  | 
|  | 1 # coding: utf-8 | 
|  | 2 | 
|  | 3 # This file is part of the Adblock Plus web scripts, | 
|  | 4 # Copyright (C) 2006-2015 Eyeo GmbH | 
|  | 5 # | 
|  | 6 # Adblock Plus is free software: you can redistribute it and/or modify | 
|  | 7 # it under the terms of the GNU General Public License version 3 as | 
|  | 8 # published by the Free Software Foundation. | 
|  | 9 # | 
|  | 10 # Adblock Plus is distributed in the hope that it will be useful, | 
|  | 11 # but WITHOUT ANY WARRANTY; without even the implied warranty of | 
|  | 12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | 
|  | 13 # GNU General Public License for more details. | 
|  | 14 # | 
|  | 15 # You should have received a copy of the GNU General Public License | 
|  | 16 # along with Adblock Plus.  If not, see <http://www.gnu.org/licenses/>. | 
|  | 17 | 
|  | 18 import os | 
|  | 19 import errno | 
|  | 20 import fcntl | 
|  | 21 import random | 
|  | 22 import string | 
|  | 23 import wsgiref.util | 
|  | 24 from urlparse import parse_qsl, urljoin | 
|  | 25 from urllib import urlencode | 
|  | 26 | 
|  | 27 from sitescripts.utils import get_config, sendMail | 
|  | 28 from sitescripts.web import url_handler, form_handler | 
|  | 29 | 
|  | 30 VERIFICATION_PATH = '/verifyEmail' | 
|  | 31 VERIFICATION_CODE_PARAM = 'code' | 
|  | 32 | 
|  | 33 def generate_verification_code(): | 
|  | 34   return ''.join(random.sample(string.letters + string.digits, 32)) | 
|  | 35 | 
|  | 36 def get_filename_for_verification_code(config, verification_code): | 
|  | 37   directory = config.get('submitEmail', 'pendingVerficationsDirectory') | 
|  | 38   return os.path.join(directory, verification_code) | 
|  | 39 | 
|  | 40 def create_file_for_verification_code(config): | 
|  | 41   flags = os.O_CREAT | os.O_EXCL | os.O_WRONLY | getattr(os, 'O_BINARY', 0) | 
|  | 42 | 
|  | 43   while True: | 
|  | 44     verification_code = generate_verification_code() | 
|  | 45     filename = get_filename_for_verification_code(config, verification_code) | 
|  | 46 | 
|  | 47     try: | 
|  | 48       return (os.open(filename, flags), verification_code) | 
|  | 49     except OSError as e: | 
|  | 50       if e.errno != errno.EEXIST: | 
|  | 51         raise | 
|  | 52 | 
|  | 53 def verify_email_address(config, verification_code): | 
|  | 54   if verification_code in ('', os.path.curdir, os.path.pardir): | 
|  | 55     return False | 
|  | 56   if os.path.sep in verification_code: | 
|  | 57     return False | 
|  | 58 | 
|  | 59   verification_filename = get_filename_for_verification_code(config, verificatio
     n_code) | 
|  | 60   try: | 
|  | 61     file = open(verification_filename, 'rb') | 
|  | 62   except IOError as e: | 
|  | 63     if e.errno == errno.ENOENT: | 
|  | 64       return False | 
|  | 65     raise | 
|  | 66 | 
|  | 67   with file: | 
|  | 68     email = file.read() | 
|  | 69 | 
|  | 70   verified_filename = config.get('submitEmail', 'verifiedEmailAddressesFile') | 
|  | 71   with open(verified_filename, 'ab', 0) as file: | 
|  | 72     fcntl.lockf(file, fcntl.LOCK_EX) | 
|  | 73     try: | 
|  | 74       file.write(email) | 
|  | 75       file.write('\n') | 
|  | 76     finally: | 
|  | 77       fcntl.lockf(file, fcntl.LOCK_UN) | 
|  | 78 | 
|  | 79   try: | 
|  | 80     os.unlink(verification_filename) | 
|  | 81   except OSError as e: | 
|  | 82     if e.errno != errno.ENOENT: | 
|  | 83       raise | 
|  | 84 | 
|  | 85   return True | 
|  | 86 | 
|  | 87 @url_handler('/submitEmail') | 
|  | 88 @form_handler | 
|  | 89 def submitEmail(environ, start_response, data): | 
|  | 90   email = data.get('email', '').strip() | 
|  | 91   if not email or '\r' in email or '\n' in email: | 
|  | 92     start_response('400 Bad Request', [('Content-Type', 'text/plain')]) | 
|  | 93     if email: | 
|  | 94       message = 'No newlines allowed in email address.' | 
|  | 95     else | 
|  | 96       message = 'No email address given.' | 
|  | 97     return [message] | 
|  | 98 | 
|  | 99   config = get_config() | 
|  | 100   fd, verification_code = create_file_for_verification_code(config) | 
|  | 101   try: | 
|  | 102     os.write(fd, email.encode('utf-8')) | 
|  | 103   finally: | 
|  | 104     os.close(fd) | 
|  | 105 | 
|  | 106   sendMail( | 
|  | 107     config.get('submitEmail', 'verificationEmailTemplate'), | 
|  | 108     { | 
|  | 109       'recipient': email, | 
|  | 110       'verification_url': '%s?%s' % ( | 
|  | 111         urljoin(wsgiref.util.application_uri(environ), VERIFICATION_PATH), | 
|  | 112         urlencode([(VERIFICATION_CODE_PARAM, verification_code)]) | 
|  | 113       ) | 
|  | 114     } | 
|  | 115   ) | 
|  | 116 | 
|  | 117   start_response('200 OK', [('Content-Type', 'text/plain')]) | 
|  | 118   return ["Thanks for your submission! You'll receive a verification email short
     ly."] | 
|  | 119 | 
|  | 120 @url_handler(VERIFICATION_PATH) | 
|  | 121 def verifyEmail(environ, start_response): | 
|  | 122   config = get_config() | 
|  | 123 | 
|  | 124   params = dict(parse_qsl(environ.get('QUERY_STRING', ''))) | 
|  | 125   verification_code = params.get(VERIFICATION_CODE_PARAM, '') | 
|  | 126 | 
|  | 127   if verify_email_address(config, verification_code): | 
|  | 128     option = 'successfulVerificationRedirectLocation' | 
|  | 129   else: | 
|  | 130     option = 'unknownVerificationCodeRedirectLocation' | 
|  | 131 | 
|  | 132   start_response('303 See other', [('Location', config.get('submitEmail', option
     ))]) | 
|  | 133   return [] | 
| OLD | NEW | 
|---|