X-Git-Url: https://iankelling.org/git/?p=iankelling.org;a=blobdiff_plain;f=_site%2Fcgi%2Fcomment;h=bf3cf5bad4d46fe1e6cb9fe579bda9f0af384a00;hp=b1e8796607706a844cf9a33ecf1a46500acfebec;hb=0a5b207121956e01733fcf702993522a45551627;hpb=3c09af9cc854c716d9f772d1c8c1e568cacc92b9

diff --git a/_site/cgi/comment b/_site/cgi/comment
index b1e8796..bf3cf5b 100755
--- a/_site/cgi/comment
+++ b/_site/cgi/comment
@@ -1,19 +1,7 @@
 #!/usr/bin/env ruby
 # encoding: utf-8
-# Copyright (C) 2016 Ian Kelling
-
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 2 of the License, or
-# (at your option) any later version.
-
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# Copyright (C) 2019 Ian Kelling
+# SPDX-License-Identifier: AGPL-3.0-or-later
 
 # debian sets LANG=C when starting apache2.
 # the envoding comment above fixes the internal encoding afaik,
@@ -26,7 +14,6 @@ require 'cgi'
 require 'fileutils'
 require 'time'
 require 'sqlite3'
-
 Dir.chdir(File.join(File.dirname(__FILE__), '..'))
 
 require '../b'
@@ -85,7 +72,7 @@ def do_captcha
 <p>#{captcha_q}</p>
 
 <form action="/cgi/comment" method="post">
-  <input class="misc" type="text" name="url">
+  <input class="misc-comment-input" type="text" name="url">
   <input name="goto" type="hidden" value="#{GOTO}">
   <input name="question" type="hidden" value="#{captcha_q}">
   <input name="answer">
@@ -142,6 +129,10 @@ if COMMENT_TXT.length > 1000 or GOTO.length > 150
   fail('length of comment or goto is too great')
 end
 
+if COMMENT_TXT.length <= 2 or COMMENT_TXT =~ /\A\s*\Z/
+  fail('not enough content in comment')
+end
+
 
 captchad = false
 if cgi.has_key?('answer') && cgi.has_key?('question')
@@ -292,45 +283,37 @@ state != 'rate_limited' and
 state != 'suspect'
 SQL
 
+$db.execute('insert into c values (NULL, ?, ?, ?, ?, ?)',
+            [state,
+             IP,
+             NOW,
+             GOTO,
+             COMMENT_TXT])
 
 if date
-  new_count = $db.execute(query + 'and date > ?',date)
+  new_count = $db.execute(query + 'and date > ?', date)
 else
   new_count = $db.execute(query)
 end
+new_count = new_count[0][0]
 
 if new_count == 1
   require 'net/smtp'
-  def send_email(opts={})
-    opts[:to]          ||= ENV['USER']
-    opts[:server]      ||= 'localhost'
-    opts[:from]        ||= ENV['USER']
-    opts[:from_alias]  ||= ENV['USER']
-    opts[:subject]     ||= "test subject"
-    opts[:body]        ||= ""
-
-    msg = <<END_OF_MESSAGE
-From: #{opts[:from_alias]} <#{opts[:from]}>
-To: <#{opts[:to]}>
-Subject: #{opts[:subject]}
-
-#{opts[:body]}
+  to = 'root@localhost'
+  from = 'www-data@' + FQDN
+  server = 'localhost'
+  msg = <<END_OF_MESSAGE
+From: h <#{from}>
+To: <#{to}>
+Subject: new comment on #{FQDN}
+
+empty body
 END_OF_MESSAGE
-
-    Net::SMTP.start(opts[:server]) do |smtp|
-      smtp.send_message msg, opts[:from], opts[:to]
-    end
+  Net::SMTP.start(server) do |smtp|
+    smtp.send_message msg, from, to
   end
-  send_email :subject => 'new comments on iankelling.org'
 end
 
-$db.execute('insert into c values (NULL, ?, ?, ?, ?, ?)',
-            [state,
-             IP,
-             NOW,
-             GOTO,
-             COMMENT_TXT])
-
 post(md_file)
 
 redir