case $(POST action) in
create)
- if [ ! -f "$chatfile" ]; then
+ if mkdir "${_DATA}/${LOCATION}"; then
{ randomid; printf ' '; STRING "$nickname"; echo; } >"$chatfile"
fi
REDIRECT "$(URL "/$LOCATION")"
;;
submit)
- if [ -f "$chatfile" -a "$channelkey" = "$(POST channelkey)" ]; then
+ read lasttime x <<-EOFread
+ $(tail -n 50 "$chatfile" |grep -F " $(STRING "$nickname"): " |tail -n1)
+ EOFread
+ if [ "$lasttime" ]; then
+ lasttime="$(date -d "${lasttime%_*} ${lasttime#*_}" +%s)"
+ else
+ lasttime=0
+ fi
+ if [ -f "$chatfile" -a "$channelkey" = "$(POST channelkey)" -a "$(POST timenonce)" -gt "$lasttime" ]; then
printf "%s %s: %s\n" "$(date +%F_%T)" "$(STRING "$nickname")" "$(POST message |STRING)" >>"$chatfile"
fi
REDIRECT "$(URL "/$LOCATION")"
{ printf '
[form #channel method="POST"
[submit "action" "submit" style="display: none;"]
- [input type=hidden name=channelkey value="%s"]
+ [input type=hidden name=channelkey value="%s"][input type=hidden name=timenonce value="%s"]
[a .settings href="?settings#nick" Settings][input autocomplete="off" name="message" autofocus=true][submit "action" "submit" Send!]
]
- ' "$channelkey"
+ ' "$channelkey" "$_DATE"
SHESCAPE='s;[]&<>#."[];\\&;g;'
while sleep 10; do printf '\n'; done &
_EXEC=.
_DATA=.
+SESSION_TIMEOUT=43200
. "$_EXEC/cgilite/logging.sh"
. "$_EXEC/cgilite/cgilite.sh"
. "$_EXEC/cgilite/session.sh"
yield_page(){
page="$1"
- printf 'Content-Type: text/html; charset=utf-8\r\n\r\n'
+ printf '%s\r\n' 'Content-Type: text/html; charset=utf-8' \
+ "Content-Security-Policy: script-src 'none'" \
+ ''
{ printf '[html
[head
[meta name="viewport" content="width=device-width"]
exit 0
;;
\&?*)
- chatfile="$_DATA/${LOCATION}"
+ chatfile="$_DATA/${LOCATION}/channel"
. "$_EXEC/channel.sh"
exit 0
;;
projects / httpchat / commitdiff