implemented folder actions, keep secret ID out of address bar
[bookman] / index.cgi
1 #!/bin/sh
2
3 exec 2>>error.log
4
5 . shcgi/cgilite.sh
6 mkdir -p users
7 #env >>debug
8 printf 'POST: %s\n' "$cgilite_post" >>debug
9 printf 'action: %s\n' "$(GET action)" >>debug
10
11 wget="$(which wget)"
12 wget(){ "$wget" -T 5 -t 1 -q -U '' $@; }
13 checkid(){ grep -m 1 -xE '[0-9a-zA-Z:_]{12}'; }
14
15 genid(){
16   # generate random ID
17   head -c9 /dev/urandom \
18   | uuencode -m - \
19   | sed -n '2{y;+/;:_;;p}'
20 }
21
22 timeid(){
23   # generate time based ID
24   d=$(date +%s)
25   { printf $(
26       while [ "$d" -gt 0 ]; do
27         printf \\%o $((d % 256))
28         d=$((d / 256))
29       done
30     ) | tac
31     head -c5 /dev/urandom
32   } \
33   | uuencode -m - \
34   | sed -n '2{y;+/;:_;;p}'
35 }
36
37 getFavicon(){
38   url="$1"
39   bid="$2"
40   prot=${url%%://*}
41   domain="${url#*://}"
42   domain="${domain%%/*}"
43   ubase="${prot}://${domain}"
44   file="${BDB}/favicons/${bid}.ico"
45
46   mkdir -p "${BDB}/favicons/" && chmod a+rx "${BDB}/favicons/"
47
48   favinfo="$(
49     wget -O- "$url" \
50     | head -c4096 \
51     | sed -rn \
52       's;^.*(<[Ll][Ii][Nn][Kk]( [^>]*)? [Rr][Re][Ll]='\''([Ss][Hh][Oo][Rr][Tt][Cc][Uu][Tt] )?[Ii][Cc][Oo][Nn]'\''[^>]*>).*$;\1;;
53        s;^.*(<[Ll][Ii][Nn][Kk]( [^>]*)? [Rr][Re][Ll]="([Ss][Hh][Oo][Rr][Tt][Cc][Uu][Tt] )?[Ii][Cc][Oo][Nn]"[^>]*>).*$;\1;;
54        tX; b; :X;
55        s;^.*<([^>]+) [Hh][Rr][Ee][Ff]="([^"]+)".*$:\2;;
56        s;^.*<([^>]+) [Hh][Rr][Ee][Ff]='\''([^'\'']+)'\''.*$:\2;;
57        tY; b; :Y; p
58       '
59   )"
60
61   printf 'Shortcut icon for %s is %s\n' "$url" "$favinfo" >>debug
62   [ -z "$favinfo" ] && favinfo="${ubase}/favicon.ico"
63   case "$favinfo" in
64     http://*|https://*|//*) wget -O "$file" "$favinfo"
65     ;;
66     /*) wget -O "$file" "${ubase}/${favinfo}"
67     ;;
68     *) wget -O "$file" "${url%/*}/${favinfo}"
69     ;;
70   esac
71   [ -f "${file}.1" ] && mv "${file}.1" "$file"
72   chmod a+r "$file"
73 }
74
75 list_folders(){
76   head -qn1 "${BDB}"/????????????.bm \
77   | sort -nk3 \
78   | cut -f1,2
79 }
80
81 order_files(){
82   n=1000
83   list_folders \
84   | while read fid nan; do
85     file="${BDB}/${fid}.bm"
86     sed -ri "1s;^(([^\t]+\t){2})[^\t]+(.*)$;\1${n}\3;;" "$file"
87     n=$((n + 1000))
88   done
89 }
90
91 COKID="$(COOKIE id |checkid)"
92 QRYID="$(GET    id |checkid)"
93 BDB="users/${COKID}"
94
95 if [ -n "$QRYID" ]; then
96   printf '%s 303 See Other\r\n' "$SERVER_PROTOCOL"
97   printf 'Location: %s\r\n' "${SCRIPT_NAME}"
98   SET_COOKIE +8640000 "id=${QRYID}"
99   printf '\r\n'
100   exit 0
101 elif [ -z "$COKID" -a -z "$QRYID" ]; then
102   printf 'Content-Type: text/html; charset=utf-8\r\n\r\n'
103
104   cat <<-EOF
105         <!DOCTYPE HTML>
106         <HTML><head>
107           <title>Bookman - New Collection</title>
108         </head><body id="newcollection">
109           <h1>You have not yet set up a collection on this server.</h1>
110           Click <a href="${SCRIPT_NAME}?action=newid">here</a> to start a new collection.
111         </body></HTML>
112         EOF
113   exit 0
114 elif ! [ -d "${BDB}" ]; then
115   printf '%s 404 Not Found\r\n' "$SERVER_PROTOCOL"
116   printf 'Content-Type: text/html; charset=utf-8\r\n\r\n'
117
118   cat <<-EOF
119         <!DOCTYPE HTML>
120         <HTML><head>
121           <title>Bookman - 404</title>
122         </head><body id="missingcollection">
123           <h1>The collection you requested does not exist on this server.</h1>
124           Click <a href="${SCRIPT_NAME}?action=newid">here</a> to start a new collection.
125         </body></HTML>
126         EOF
127   exit 0
128 fi
129
130 case "$(GET action)" in
131   newid)
132     NEWID="$(genid)"
133
134     { git init "users/${NEWID}" || mkdir -p "users/${NEWID}"; } >&-
135
136     printf '%s 303 See Other\r\n' "$SERVER_PROTOCOL"
137     printf 'Location: %s\r\n' "${SCRIPT_NAME}?id=${NEWID}"
138     SET_COOKIE +8640000 "id=${NEWID}"
139     printf '\r\n'
140     exit 0
141     ;;
142   newfolder)
143     name="$(POST name |head -n1)"
144     fid="$(timeid)"
145     order="$(
146       head -qn1 "${BDB}"/????????????.bm \
147       | cut -f3 \
148       | sort -n \
149       | tail -n1 \
150       || printf 1
151     )"
152     order="$(((order + 1000) / 1000 * 1000))"
153     if [ -n "$name" -a -d "${BDB}" ]; then
154       printf '%s\t%s\t%s\n' "$fid" "$(HTML "$name")" "$order" >"${BDB}/${fid}.bm"
155     fi
156     REDIRECT "${SCRIPT_NAME}#${fid}"
157     ;;
158   modfolder)
159     name="$(POST name |head -n1)"
160     fid="$(POST fid | checkid)"
161     file="${BDB}/${fid}.bm"
162     if [ "$(POST control)" = confirm -a -n "$name" -a -f "$file" ]; then
163       order="$(head -n1 "$file" |cut -f3 || printf 1000)"
164       printf '%s\t%s\t%s\n' "$fid" "$(HTML "$name")" "$order" >"${file%.bm}.tmp"
165       tail -n+2 "$file" >>"${file%.bm}.tmp"
166       mv "${file%.bm}.tmp" "$file"
167     fi
168     REDIRECT "${SCRIPT_NAME}#${fid}"
169     ;;
170   delfolder)
171     fid="$(POST fid | checkid)"
172     target="$(POST target | checkid)"
173     file="${BDB}/${fid}.bm"
174     tfile="${BDB}/${target}.bm"
175     if [ "$(POST control)" = confirm -a -f "$file" ]; then
176       if [ "$target" = "____________" ] || tail -n+2 "$file" >>"$tfile"; then
177         rm -f "$file"
178       fi
179     fi
180     REDIRECT "${SCRIPT_NAME}#${target}"
181     ;;
182   movefolder)
183     fid="$(POST fid | checkid)"
184     target="$(POST target | checkid)"
185     file="${BDB}/${fid}.bm"
186     tfile="${BDB}/${target}.bm"
187     if [ "$target" = "____________" -a -f "$file" -a "$(POST control)" = confirm ]; then
188       read nan1 nan2 last nan3 <"${BDB}/$(list_folders |tail -n1 |cut -f1).bm"
189       sed -ri "1s;^(([^\t]+\t){2})[^\t]+(.*)$;\1$((${last:-0} + 1000))\3;;" "$file"
190     elif [ -f "$tfile" -a -f "$file" -a "$(POST control)" = confirm ]; then
191       read nan1 nan2 tid nan3 <"$tfile"
192       sed -ri "1s;^(([^\t]+\t){2})[^\t]+(.*)$;\1$((${tid:-1} -1))\2;;" "$file"
193       order_files
194     fi
195     REDIRECT "${SCRIPT_NAME}#${fid}"
196     ;;
197   newbookmark)
198     fid="$(POST fid | checkid)"
199     name="$(POST name |head -n1)"
200     url="$(POST url |head -n1)"
201     file="${BDB}/${fid}.bm"
202     bid="$(timeid)"
203     if [ -n "$name" -a -f "${file}" ]; then
204       printf '%s\t%s\t%s\n' "$bid" "$(HTML "$name")" "$(HTML "$url")" >>"${file}"
205     fi
206     getFavicon "$url" "$bid"
207     REDIRECT "${SCRIPT_NAME}#${fid}"
208     ;;
209   modbookmark)
210     bid="$(POST bid | checkid)"
211     name="$(POST name |head -n1)"
212     url="$(POST url |head -n1)"
213     file="$(grep -lE "^${bid}" "${BDB}"/????????????.bm)"
214     if [ -w "$file" -a -n "$name" -a -n "$url" ]; then
215       bm="$(printf '%s\t%s\t%s' "$bid" "$(HTML "$name")" "$(HTML "$url")" |sed -r 's;[\&\;];\\&;g;')"
216       sed -ri "s;^${bid}\t.*$;${bm};" "$file"
217     fi
218     getFavicon "$url" "$bid"
219     REDIRECT "${SCRIPT_NAME}#${fid}"
220     ;;
221 esac
222
223 list_bookmarks(){
224   fid="$1"
225   bmodify="$(GET bmodify |checkid)"
226
227   tail -n+2 "${BDB}/${fid}.bm" \
228   | while read bid name url; do
229     if [ "${bid}" = "$bmodify" ]; then
230       cat <<-EOF
231         <form class="modbookmark" method="POST" action="${SCRIPT_NAME}?action=modbookmark">
232           <input type="hidden" name="bid" value="${bid}" />
233           <input type="text" name="name" value="${name}")" placeholder="Name" />
234           <input type="text" name="url"  value="${url}")" placeholder="URL" />
235           <button type="submit">Modify</button>
236         </form>
237         EOF
238     else
239       cat <<-EOF
240         <div class="bookmark">
241           <a class="modify" href="${SCRIPT_NAME}?bmodify=${bid}">Modify</a>
242           <a class="link" href="${url}")"><img src="${BDB}/favicons/${bid}.ico"/>${name}</a>
243         </div>
244         EOF
245     fi
246   done
247 }
248
249 foldermod(){
250   fmodify="$(GET fmodify |checkid )"
251   fdelete="$(GET fdelete |checkid )"
252   fmove="$(GET fmove |checkid )"
253
254   if [ -n "$fmodify" ]; then
255     read fid fname order <"${BDB}/${fmodify}.bm"
256     cat <<-EOF
257         <form class="modfolder rename" method="POST" action="${SCRIPT_NAME}?action=modfolder">
258           <h1>Rename Folder: ${fname}</h1>
259           <input type="hidden" name="fid" value="${fid}" />
260           <label class="tab">Rename</label>
261           <a class="tab"
262             href="${SCRIPT_NAME}?fdelete=${fid}">Delete</a>
263           <a class="tab"
264             href="${SCRIPT_NAME}?fmove=${fid}">Move</a>
265           <input type="text" name="name" value="${fname}" />
266           <button type="submit" name="control" value="confirm">OK</button>
267           <button type="submit" name="control" value="cancel">Cancel</button>
268         </form>
269         EOF
270   elif [ -n "$fdelete" ]; then
271     read fid fname order <"${BDB}/${fdelete}.bm"
272     cat <<-EOF
273         <form class="modfolder delete" method="POST" action="${SCRIPT_NAME}?action=delfolder">
274           <h1>Delete Folder: ${fname}</h1>
275           <input type="hidden" name="fid" value="${fid}" />
276           <a class="tab" href="${SCRIPT_NAME}?fmodify=${fid}">Rename</a>
277           <label class="tab">Delete</label>
278           <a class="tab"
279             href="${SCRIPT_NAME}?fmove=${fid}">Move</a>
280           <label>Pass Bookmarks on to:</label>
281           <select name="target">
282             $(printf '<option value="%s">%s</option>' $(list_folders |grep -v "^${fid}"))
283             <option value="____________">(discard)</option>
284           </select>
285           <button type="submit" name="control" value="confirm">OK</button>
286           <button type="submit" name="control" value="cancel">Cancel</button>
287         </form>
288         EOF
289   elif [ -n "$fmove" ]; then
290     read fid fname order <"${BDB}/${fmove}.bm"
291     cat <<-EOF
292         <form class="modfolder move" method="POST" action="${SCRIPT_NAME}?action=movefolder">
293           <h1>Move Folder: ${fname}</h1>
294           <input type="hidden" name="fid" value="${fid}" />
295           <a class="tab" href="${SCRIPT_NAME}?fmodify=${fid}">Rename</a>
296           <a class="tab" href="${SCRIPT_NAME}?fdelete=${fid}">Delete</a>
297           <label class="tab">Move</label>
298           <label>Move before folder:</label>
299           <select name="target">
300             $(printf '<option value="%s">%s</option>' $(list_folders |grep -v "^${fid}"))
301             <option value="____________">(last)</option>
302           </select>
303           <button type="submit" name="control" value="confirm">OK</button>
304           <button type="submit" name="control" value="cancel">Cancel</button>
305         </form>
306         EOF
307   fi
308 }
309
310 show_folders(){
311   list_folders \
312   | while read fid fname order; do
313     cat <<-EOF
314         <section class="folder" id="${fid}">
315           <h1>${fname}</h1>
316           <a class="modify" href="${SCRIPT_NAME}?fmodify=${fid}">Modify</a>
317           $(list_bookmarks "$fid")
318           <form class="newbookmark" method="POST" action="${SCRIPT_NAME}?action=newbookmark">
319             <input type="hidden" name="fid" value="${fid}" />
320             <input type="text" name="name" value="" placeholder="Name" />
321             <input type="text" name="url"  value="" placeholder="URL" />
322             <button type="submit">New Bookmark</button>
323           </form>
324         </section>
325         EOF
326   done
327 }
328
329 SET_COOKIE +8640000 "id=${COKID}"      # Refresh Cookie
330 printf 'Content-Type: text/html; charset=utf-8\r\n\r\n'
331
332 cat <<EOF
333 <!DOCTYPE HTML>
334 <HTML><head>
335   <title>Bookman - Your Collection</title>
336   <link rel="stylesheet" type="text/css" href="bookmarks.css" />
337 </head><body id="collection">
338   $(foldermod)
339   $(show_folders)
340   <form class="newfolder" method="POST" action="${SCRIPT_NAME}?action=newfolder">
341     <input type="text" name="name" value="" placeholder="New Folder" />
342     <button type="submit">New</button>
343   </form>
344 </body></HTML>
345 EOF
346
347 #set filetype=sh