rudism
/
dotplan-online
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

removed sendmail execution from test environment

This commit is contained in:
Rudis Muiznieks 2020-07-23 18:39:34 -05:00
parent 86c8b4ba73
commit f4eda3697e
1 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
server.pl
View File

@ -14,7 +14,7 @@ my $pid_file = $ENV{'PID_FILE'} || './data/dotplan.pid';
my $log_file = $ENV{'LOG_FILE'} || './data/dotplan.log'; my $log_file = $ENV{'LOG_FILE'} || './data/dotplan.log';
my $database = $ENV{'DATABASE'} || './data/users.db'; my $database = $ENV{'DATABASE'} || './data/users.db';
my $plan_dir = $ENV{'PLAN_DIR'} || './data/plans'; my $plan_dir = $ENV{'PLAN_DIR'} || './data/plans';
my $sendmail = $ENV{'SENDMAIL'} || '/bin/true'; my $sendmail = $ENV{'SENDMAIL'};
my @sendmail_args = defined $ENV{'SENDMAIL_ARGS'} ? split(/,/, $ENV{'SENDMAIL_ARGS'}) : (); my @sendmail_args = defined $ENV{'SENDMAIL_ARGS'} ? split(/,/, $ENV{'SENDMAIL_ARGS'}) : ();
my $pw_token_expiration_minutes = $ENV{'PW_TOKEN_EXPIRATION_MINUTES'} || 10; my $pw_token_expiration_minutes = $ENV{'PW_TOKEN_EXPIRATION_MINUTES'} || 10;
@ -272,7 +272,7 @@ EOF
my $token = util_token(24); my $token = util_token(24);
$sth->execute($crypted, $token, $email); $sth->execute($crypted, $token, $email);
die $sth->errstr if $sth->err; die $sth->errstr if $sth->err;
util_sendmail($email, '[DOTPLAN] Verify your email', util_sendmail($cgi, $email, '[DOTPLAN] Verify your email',
"Please verify your email address.\n" . "Please verify your email address.\n" .
"Click the following link or copy it into your browser:\n" . "Click the following link or copy it into your browser:\n" .
"https://$hostname/verify.html?token=$token"); "https://$hostname/verify.html?token=$token");
@ -355,7 +355,7 @@ EOF
my $sth = util_get_dbh()->prepare("UPDATE users SET pw_token=?, pw_token_expires=datetime('now', '+10 minutes') WHERE email=?"); my $sth = util_get_dbh()->prepare("UPDATE users SET pw_token=?, pw_token_expires=datetime('now', '+10 minutes') WHERE email=?");
$sth->execute($token, $email); $sth->execute($token, $email);
die $sth->errstr if $sth->err; die $sth->errstr if $sth->err;
util_sendmail($email, '[DOTPLAN] Password reset request', util_sendmail($cgi, $email, '[DOTPLAN] Password reset request',
"Someone (hopefully you) has requested to change your password.\n" . "Someone (hopefully you) has requested to change your password.\n" .
"If it wasn't you, you can ignore and delete this email.\n\n" . "If it wasn't you, you can ignore and delete this email.\n\n" .
"Otherwise, click the following link or copy it into your browser:\n" . "Otherwise, click the following link or copy it into your browser:\n" .
@ -493,9 +493,7 @@ EOF
# send an email # send an email
sub util_sendmail { sub util_sendmail {
my $recipient = shift; my ($cgi, $recipient, $subject, $body) = @_;
my $subject = shift;
my $body = shift;
my $email = <<EOF; my $email = <<EOF;
To: $recipient To: $recipient
@ -505,10 +503,18 @@ Subject: $subject
$body $body
EOF EOF
my @arg = ($sendmail); if (defined $sendmail) {
push @arg, @sendmail_args; eval {
push @arg, $recipient; my @arg = ($sendmail);
IPC::Run::run \@arg, \$email or die "sendmail exited with $?"; push @arg, @sendmail_args;
push @arg, $recipient;
IPC::Run::run \@arg, \$email or die "sendmail exited with $?";
};
if ($@) {
my $req_id = $cgi->param('request_id');
util_log("ERR(sendmail) $req_id $@");
}
}
} }
# encrypt a password with a provided or random salt # encrypt a password with a provided or random salt