ref: 82fd45075d72cb8ccb0aa307ea4123c44db86f75
parent: 5cf42c28a0223319b7744ce57bfeeea7dd70a850
author: uriel <[email protected]>
date: Fri Sep 26 10:23:19 EDT 2008
Experimental comments system
--- a/bin/cgilib.rc
+++ b/bin/cgilib.rc
@@ -2,6 +2,8 @@
fn dprint { echo $* >[1=2] }
+fn escape_html { sed 's/&/\&/g; s/</\</g; s/>/\>/g' $* }
+
fn perm_redirect {
echo 'Status: 301 Moved Permanantly
Location: '^$1^'
@@ -16,7 +18,7 @@
pair = `{echo -n $pair | sed 's/=/\&/'} \
ifs=() \
if(~ $pair(1) $*)
- $pair(1) = `{urldecode $pair(2)}
+ $pair(1) = `{echo $pair(2) | urldecode | tr -d ' '}
}
}
@@ -36,9 +38,54 @@
# .rec parsing
fn parse_rec {
- for(i in `{sed 's/% *//; /^$/q' < $1}) {
- v = `{echo $i | sed 's/^/rec_/; s/=.*//;'}
- $v = `{echo $i | sed
+ ifs='
+' for(i in `{sed 's/% *//g; /^$/q' < $1}) {
+ v = `{echo -n $i | sed 's/^/rec_/; s/=.*//;'}
+ $v = `{echo -n $i | sed 's/^[^=]*=//'}
}
- rec_data = `{sed -n '/^$/,$p' < $1}
+ ifs=() rec_data = `{sed -n '/^[^%]./,$p' < $1}
+}
+
+
+fn urldecode {
+awk '
+BEGIN {
+ hextab ["0"] = 0; hextab ["8"] = 8;
+ hextab ["1"] = 1; hextab ["9"] = 9;
+ hextab ["2"] = 2; hextab ["A"] = hextab ["a"] = 10
+ hextab ["3"] = 3; hextab ["B"] = hextab ["b"] = 11;
+ hextab ["4"] = 4; hextab ["C"] = hextab ["c"] = 12;
+ hextab ["5"] = 5; hextab ["D"] = hextab ["d"] = 13;
+ hextab ["6"] = 6; hextab ["E"] = hextab ["e"] = 14;
+ hextab ["7"] = 7; hextab ["F"] = hextab ["f"] = 15;
+}
+{
+ decoded = ""
+ i = 1
+ len = length ($0)
+ while ( i <= len ) {
+ c = substr ($0, i, 1)
+ if ( c == "%" ) {
+ if ( i+2 <= len ) {
+ c1 = substr ($0, i+1, 1)
+ c2 = substr ($0, i+2, 1)
+ if ( hextab [c1] == "" || hextab [c2] == "" ) {
+ print "WARNING: invalid hex encoding: %" c1 c2 | "cat >&2"
+ } else {
+ code = 0 + hextab [c1] * 16 + hextab [c2] + 0
+ c = sprintf ("%c", code)
+ i = i + 2
+ }
+ } else {
+ print "WARNING: invalid % encoding: " substr ($0, i, len - i)
+ }
+ } else if ( c == "+" ) {
+ c = " "
+ }
+ decoded = decoded c
+ ++i
+ }
+ print decoded
+}
+'
}
--- a/bin/controller.rc
+++ b/bin/controller.rc
@@ -1,5 +1,5 @@
#!/usr/local/plan9/bin/rc
-. cgilib.rc
+. ./cgilib.rc
cd ..
forbidden_uri_chars='[^a-zA-Z0-9_+\-\/\.]'
@@ -175,7 +175,9 @@
}
fn debug_handler {
echo '<pre>'
- env |quote_html
+ env | quote_html
+ echo ---------------------
+ umask
echo '</pre>'
}
@@ -187,6 +189,17 @@
set_handler blog_post_handler $body.md
if not
set_handler md_handler $body.md
+
+ if (! ~ $#allowComments 0 && ~ $REQUEST_METHOD POST) {
+ get_post_args comment_user_name comment_text
+ ddir = $body.md_werc/comments/
+ umask 002
+ mkdir -m 775 -p $ddir
+ d = `{date -n} # Obvious race
+ { echo '% user_name='^$comment_user_name'
+
+'^$comment_text } > $ddir/$d.rec
+ }
}
if not if (~ $body */_debug)
set_handler debug_handler
@@ -218,7 +231,7 @@
# Rss feeds. TODO: we should check that the request is for a real blog dir
if not if (~ $REQUEST_URI */index.rss) {
uri = `{echo $uri | sed 's/index.rss$//'}
- if(~ $blogDirs 0)
+ if (~ $blogDirs 0)
blogDirs = $sitedir^$uri
uri=$baseuri$"uri
master_template=feeds/rss20.tpl
--- a/lib/default_master.tpl
+++ b/lib/default_master.tpl
@@ -33,6 +33,29 @@
% genbody
+% if (! ~ $#allowComments 0) {
+
+%{
+cdir = $body.md_werc/comments
+if (test -d $cdir) {
+ echo '<hr /><h2>Comments</h2>'
+ for(c in `{ls $cdir}) {
+ parse_rec $c
+
+ echo '<div>'
+ echo User: $rec_user_name '<br />'
+ echo $rec_data | escape_html | sed 's,$,<br />,'
+ echo '<hr /></div>'
+ }
+}
+%}
+
+<form action="" method="post">
+ <input type="text" name="comment_user_name" value="Anonimous glenda" /><input type="submit" name="post_comment" value="Post a comment" />
+ <textarea name="comment_text" id="comment_text" cols="80" rows="16"></textarea>
+</form>
+% }
+
</div>
<div id="footer">