From: SomeDude Date: Sun, 20 Jul 2008 11:53:00 +0000 (+0200) Subject: version 0.3.13 X-Git-Url: https://git.pterodactylus.net/?p=fms.git;a=commitdiff_plain;h=fcb124f8d6d3f5678e82049fb8e5e23c8cfaec6d version 0.3.13 --- diff --git a/CMakeLists.txt b/CMakeLists.txt index ebd70aa..08eed47 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -95,6 +95,7 @@ src/http/pages/optionspage.cpp src/http/pages/peerdetailspage.cpp src/http/pages/peermaintenancepage.cpp src/http/pages/peertrustpage.cpp +src/http/pages/recentlyaddedpage.cpp src/http/pages/showcaptchapage.cpp src/http/pages/versioninfopage.cpp src/nntp/extensiontrust.cpp diff --git a/include/global.h b/include/global.h index 572cb25..868e753 100644 --- a/include/global.h +++ b/include/global.h @@ -7,7 +7,7 @@ #define VERSION_MAJOR "0" #define VERSION_MINOR "3" -#define VERSION_RELEASE "12" +#define VERSION_RELEASE "13" #define FMS_VERSION VERSION_MAJOR"."VERSION_MINOR"."VERSION_RELEASE typedef Poco::ScopedLock Guard; diff --git a/include/http/ipagehandler.h b/include/http/ipagehandler.h index 745f727..11bdc22 100644 --- a/include/http/ipagehandler.h +++ b/include/http/ipagehandler.h @@ -34,6 +34,9 @@ protected: void CreateQueryVarMap(Poco::Net::HTTPServerRequest &request, std::map &vars); + const std::string CreateFormPassword(); + const bool ValidateFormPassword(const std::map &vars); + // replaces html elements with encoded characters (i.e. < becomes <) const std::string SanitizeOutput(const std::string &input); diff --git a/include/http/pages/recentlyaddedpage.h b/include/http/pages/recentlyaddedpage.h new file mode 100644 index 0000000..ec9c1cc --- /dev/null +++ b/include/http/pages/recentlyaddedpage.h @@ -0,0 +1,20 @@ +#ifndef _recentlyaddedpage_ +#define _recentlyaddedpage_ + +#include "../ipagehandler.h" +#include "../../idatabase.h" + +class RecentlyAddedPage:public IPageHandler,public IDatabase +{ +public: + RecentlyAddedPage(const std::string &templatestr):IPageHandler(templatestr) {} + + IPageHandler *New() { return new RecentlyAddedPage(m_template); } + +private: + const bool WillHandleURI(const std::string &uri); + const std::string GeneratePage(const std::string &method, const std::map &queryvars); + +}; + +#endif // _recentlyaddedpage_ diff --git a/src/dbsetup.cpp b/src/dbsetup.cpp index 9b2ab00..b9f30be 100644 --- a/src/dbsetup.cpp +++ b/src/dbsetup.cpp @@ -401,6 +401,12 @@ void SetupDB() LocalIdentityID INTEGER\ );"); + // Temporary table for form passwords + db->Execute("CREATE TEMPORARY TABLE IF NOT EXISTS tmpFormPassword(\ + Date DATETIME,\ + Password TEXT\ + );"); + // low / high / message count for each board db->Execute("CREATE VIEW IF NOT EXISTS vwBoardStats AS \ SELECT tblBoard.BoardID AS 'BoardID', IFNULL(MIN(MessageID),0) AS 'LowMessageID', IFNULL(MAX(MessageID),0) AS 'HighMessageID', COUNT(MessageID) AS 'MessageCount' \ diff --git a/src/freenet/introductionpuzzleinserter.cpp b/src/freenet/introductionpuzzleinserter.cpp index b185b9d..6904186 100644 --- a/src/freenet/introductionpuzzleinserter.cpp +++ b/src/freenet/introductionpuzzleinserter.cpp @@ -52,7 +52,8 @@ void IntroductionPuzzleInserter::CheckForNeededInsert() // identity doesn't have any non-solved puzzles for today - start a new insert if(rs2.Empty()==true) { - if(m_lastinserted.find(rs.GetInt(0))==m_lastinserted.end() || m_lastinserted[rs.GetInt(0)]<=lastinsert) + // make sure we are on the next day or the appropriate amount of time has elapsed since the last insert + if(m_lastinserted.find(rs.GetInt(0))==m_lastinserted.end() || m_lastinserted[rs.GetInt(0)]<=lastinsert || m_lastinserted[rs.GetInt(0)].day()!=now.day()) { StartInsert(rs.GetInt(0)); m_lastinserted[rs.GetInt(0)]=now; diff --git a/src/freenet/siteinserter.cpp b/src/freenet/siteinserter.cpp index 02b5a73..458b71b 100644 --- a/src/freenet/siteinserter.cpp +++ b/src/freenet/siteinserter.cpp @@ -228,7 +228,7 @@ void SiteInserter::GeneratePages(const long localidentityid, std::string &uskkey if((*i)!="" && (*i).find("index.htm")==std::string::npos && (*i).find("trustlist.htm")==std::string::npos && (*i).find("files.htm")==std::string::npos) { filename=(*i); - infile=fopen(filename.c_str(),"r+b"); + infile=fopen(filename.c_str(),"rb"); if(infile) { fseek(infile,0,SEEK_END); diff --git a/src/freenet/trustlistrequester.cpp b/src/freenet/trustlistrequester.cpp index 9ef9b61..be6bfc1 100644 --- a/src/freenet/trustlistrequester.cpp +++ b/src/freenet/trustlistrequester.cpp @@ -33,6 +33,7 @@ const bool TrustListRequester::HandleAllData(FCPMessage &message) long index; int insertcount=0; int dayinsertcount=0; + int previnsertcount=0; StringFunctions::Split(message["Identifier"],"|",idparts); StringFunctions::Convert(message["DataLength"],datalength); @@ -71,6 +72,23 @@ const bool TrustListRequester::HandleAllData(FCPMessage &message) { m_log->error("TrustListRequester::HandleAllData couldn't get count of identities added in last 24 hours"); } + + // get count of identities added more than 24 hours ago - if 0 then we will accept more than 100 identities now + st=m_db->Prepare("SELECT COUNT(*) FROM tblIdentity WHERE DateAddederror("TrustListRequester::HandleAllData couldn't get count of identities added more than 24 hours ago"); + } + now=Poco::DateTime(); // parse file into xml and update the database @@ -119,7 +137,7 @@ const bool TrustListRequester::HandleAllData(FCPMessage &message) st.Step(); if(st.RowReturned()==false) { - if(insertcount<50 && dayinsertcount<100) + if(insertcount<50 && (dayinsertcount<100 || previnsertcount==0)) { idinsert.Bind(0,identity); idinsert.Bind(1,Poco::DateTimeFormatter::format(now,"%Y-%m-%d %H:%M:%S")); @@ -183,7 +201,7 @@ const bool TrustListRequester::HandleAllData(FCPMessage &message) { m_log->warning("TrustListRequester::HandleAllData TrustList contained more than 50 new identities : "+message["Identifier"]); } - if(dayinsertcount>=100) + if(dayinsertcount>=100 && previnsertcount>0) { m_log->warning("TrustListRequester::HandleAllData TrustList would have inserted more than 100 new identities in the last 24 hours : "+message["Identifier"]); } diff --git a/src/http/fmshttprequesthandlerfactory.cpp b/src/http/fmshttprequesthandlerfactory.cpp index 8d89baa..e91fb51 100644 --- a/src/http/fmshttprequesthandlerfactory.cpp +++ b/src/http/fmshttprequesthandlerfactory.cpp @@ -17,6 +17,7 @@ #include "../../include/http/pages/peermaintenancepage.h" #include "../../include/http/pages/peertrustpage.h" #include "../../include/http/pages/versioninfopage.h" +#include "../../include/http/pages/recentlyaddedpage.h" FMSHTTPRequestHandlerFactory::FMSHTTPRequestHandlerFactory() { @@ -54,6 +55,7 @@ FMSHTTPRequestHandlerFactory::FMSHTTPRequestHandlerFactory() m_pagehandlers.push_back(new PeerMaintenancePage(templatestr)); m_pagehandlers.push_back(new PeerTrustPage(templatestr)); m_pagehandlers.push_back(new VersionInfoPage(templatestr)); + m_pagehandlers.push_back(new RecentlyAddedPage(templatestr)); // homepage must be last - catch all page handler m_pagehandlers.push_back(new HomePage(templatestr)); diff --git a/src/http/ipagehandler.cpp b/src/http/ipagehandler.cpp index 9048d98..c9e4a1a 100644 --- a/src/http/ipagehandler.cpp +++ b/src/http/ipagehandler.cpp @@ -1,8 +1,14 @@ #include "../../include/http/ipagehandler.h" #include "../../include/stringfunctions.h" #include "../../include/http/multipartparser.h" +#include "../../include/db/sqlite3db.h" #include +#include +#include +#include +#include +#include #include @@ -35,6 +41,28 @@ void IPageHandler::CreateArgArray(const std::map &vars, } } +const std::string IPageHandler::CreateFormPassword() +{ + Poco::DateTime date; + Poco::UUIDGenerator uuidgen; + Poco::UUID uuid; + try + { + uuid=uuidgen.createRandom(); + } + catch(...) + { + } + + SQLite3DB::Statement st=SQLite3DB::DB::Instance()->Prepare("INSERT INTO tmpFormPassword(Date,Password) VALUES(?,?);"); + st.Bind(0,Poco::DateTimeFormatter::format(date,"%Y-%m-%d %H:%M:%S")); + st.Bind(1,uuid.toString()); + st.Step(); + + return ""; + +} + const std::string IPageHandler::CreateTrueFalseDropDown(const std::string &name, const std::string &selected) { std::string rval=""; @@ -123,3 +151,49 @@ const std::string IPageHandler::SanitizeOutput(const std::string &input) output=StringFunctions::Replace(output," "," "); return output; } + +const bool IPageHandler::ValidateFormPassword(const std::map &vars) +{ + Poco::DateTime date; + date-=Poco::Timespan(0,1,0,0,0); + + SQLite3DB::Statement st=SQLite3DB::DB::Instance()->Prepare("DELETE FROM tmpFormPassword WHERE Date::const_iterator i=vars.find("formpassword"); + if(i!=vars.end()) + { + st=SQLite3DB::DB::Instance()->Prepare("SELECT COUNT(*) FROM tmpFormPassword WHERE Password=?;"); + st.Bind(0,(*i).second); + st.Step(); + if(st.RowReturned()) + { + if(st.ResultNull(0)==false) + { + int rval=0; + st.ResultInt(0,rval); + if(rval>0) + { + return true; + } + else + { + return false; + } + } + else + { + return false; + } + } + else + { + return false; + } + } + else + { + return false; + } +} diff --git a/src/http/pages/addpeerpage.cpp b/src/http/pages/addpeerpage.cpp index f4e483b..4453af5 100644 --- a/src/http/pages/addpeerpage.cpp +++ b/src/http/pages/addpeerpage.cpp @@ -12,7 +12,7 @@ const std::string AddPeerPage::GeneratePage(const std::string &method, const std { std::string content=""; - if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="add") + if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="add" && ValidateFormPassword(queryvars)) { Poco::DateTime date; std::string publickey=""; @@ -33,6 +33,7 @@ const std::string AddPeerPage::GeneratePage(const std::string &method, const std content+="

Add Peer

"; content+="
"; + content+=CreateFormPassword(); content+=""; content+="Public Key : "; content+=""; diff --git a/src/http/pages/announceidentitypage.cpp b/src/http/pages/announceidentitypage.cpp index 6de18a3..7858d88 100644 --- a/src/http/pages/announceidentitypage.cpp +++ b/src/http/pages/announceidentitypage.cpp @@ -46,7 +46,7 @@ const std::string AnnounceIdentityPage::GeneratePage(const std::string &method, int requestindex=0; bool willshow=false; - if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="announce") + if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="announce" && ValidateFormPassword(queryvars)) { SQLite3DB::Statement insert=m_db->Prepare("INSERT INTO tblIdentityIntroductionInserts(LocalIdentityID,Day,UUID,Solution) VALUES(?,?,?,?);"); std::string localidentityidstr=""; @@ -81,6 +81,7 @@ const std::string AnnounceIdentityPage::GeneratePage(const std::string &method, content+="

Announce Identity

"; content+=""; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; content+=""; content+=""; content+=""; content+=""; content+=""; content+=""; - content+=""; + content+=""; content+=""; - content+=""; + content+=""; content+=""; content+=""; content+=""; diff --git a/src/http/pages/controlboardpage.cpp b/src/http/pages/controlboardpage.cpp index 380e3de..5677a91 100644 --- a/src/http/pages/controlboardpage.cpp +++ b/src/http/pages/controlboardpage.cpp @@ -23,7 +23,7 @@ const std::string ControlBoardPage::GeneratePage(const std::string &method, cons if(queryvars.find("formaction")!=queryvars.end()) { - if((*queryvars.find("formaction")).second=="remove" && queryvars.find("boardid")!=queryvars.end()) + if((*queryvars.find("formaction")).second=="remove" && queryvars.find("boardid")!=queryvars.end() && ValidateFormPassword(queryvars)) { int boardid=0; StringFunctions::Convert((*queryvars.find("boardid")).second,boardid); @@ -45,7 +45,7 @@ const std::string ControlBoardPage::GeneratePage(const std::string &method, cons st.Step(); } - if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && (*queryvars.find("boardname")).second!="") + if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && (*queryvars.find("boardname")).second!="" && ValidateFormPassword(queryvars)) { Poco::DateTime date; st=m_db->Prepare("INSERT INTO tblBoard(BoardName,DateAdded) VALUES(?,?);"); @@ -90,6 +90,7 @@ const std::string ControlBoardPage::GeneratePage(const std::string &method, cons content+="\r\n"; content+=""; content+="\r\n
Select Identity : "; diff --git a/src/http/pages/boardspage.cpp b/src/http/pages/boardspage.cpp index 8b2866e..e9cc2a3 100644 --- a/src/http/pages/boardspage.cpp +++ b/src/http/pages/boardspage.cpp @@ -47,7 +47,7 @@ const std::string BoardsPage::GeneratePage(const std::string &method, const std: if(queryvars.find("formaction")!=queryvars.end()) { - if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && queryvars.find("boarddescription")!=queryvars.end()) + if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && queryvars.find("boarddescription")!=queryvars.end() && ValidateFormPassword(queryvars)) { std::string boardname=""; std::string boarddescription=""; @@ -63,11 +63,11 @@ const std::string BoardsPage::GeneratePage(const std::string &method, const std: addst.Bind(3,"Added manually"); addst.Step(); } - if((*queryvars.find("formaction")).second=="remove0messages") + if((*queryvars.find("formaction")).second=="remove0messages" && ValidateFormPassword(queryvars)) { m_db->Execute("DELETE FROM tblBoard WHERE BoardID IN (SELECT BoardID FROM vwBoardStats WHERE MessageCount=0 AND BoardID NOT IN (SELECT BoardID FROM tblAdministrationBoard));"); } - if((*queryvars.find("formaction")).second=="update") + if((*queryvars.find("formaction")).second=="update" && ValidateFormPassword(queryvars)) { int boardid; std::vector boardids; @@ -174,21 +174,21 @@ const std::string BoardsPage::GeneratePage(const std::string &method, const std: content+="
"; - content+=""; + content+="
"+CreateFormPassword()+"
"; content+="
"; - content+="
Remove boards with 0 messages
"; + content+="
"+CreateFormPassword()+"Remove boards with 0 messages
"; content+="
"+CreateFormPassword()+"
"+CreateFormPassword()+"
NameDescriptionSave Received Messages *Added Method
"+changetrustlisttruststr+""; content+=""; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; @@ -102,6 +103,7 @@ const std::string ControlBoardPage::GeneratePage(const std::string &method, cons content+="
"; content+=""; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; diff --git a/src/http/pages/createidentitypage.cpp b/src/http/pages/createidentitypage.cpp index 8a65914..10152ba 100644 --- a/src/http/pages/createidentitypage.cpp +++ b/src/http/pages/createidentitypage.cpp @@ -12,7 +12,7 @@ const std::string CreateIdentityPage::GeneratePage(const std::string &method, co { std::string content=""; - if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="create") + if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="create" && ValidateFormPassword(queryvars)) { SQLite3DB::Statement st=m_db->Prepare("INSERT INTO tblLocalIdentity(Name,PublishTrustList,DateCreated) VALUES(?,'false',?);"); std::string name=""; @@ -36,6 +36,7 @@ const std::string CreateIdentityPage::GeneratePage(const std::string &method, co { content+="

Create Identity

"; content+=""; + content+=CreateFormPassword(); content+=""; content+="Name : "; content+=" "; diff --git a/src/http/pages/execquerypage.cpp b/src/http/pages/execquerypage.cpp index 8d46c46..358f34a 100644 --- a/src/http/pages/execquerypage.cpp +++ b/src/http/pages/execquerypage.cpp @@ -10,7 +10,7 @@ const std::string ExecQueryPage::GeneratePage(const std::string &method, const s std::string content=""; std::string query=""; - if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="execute" && queryvars.find("query")!=queryvars.end() && (*queryvars.find("query")).second!="") + if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="execute" && queryvars.find("query")!=queryvars.end() && (*queryvars.find("query")).second!="" && ValidateFormPassword(queryvars)) { query=(*queryvars.find("query")).second; SQLite3DB::Recordset rs=m_db->Query(query); @@ -50,6 +50,7 @@ const std::string ExecQueryPage::GeneratePage(const std::string &method, const s content+="

Execute Query

"; content+=""; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; diff --git a/src/http/pages/homepage.cpp b/src/http/pages/homepage.cpp index d74a30e..417e1af 100644 --- a/src/http/pages/homepage.cpp +++ b/src/http/pages/homepage.cpp @@ -19,7 +19,7 @@ const std::string HomePage::GeneratePage(const std::string &method, const std::m Option::Instance()->Get("FCPHost",fcphost); Option::Instance()->Get("FProxyPort",fproxyport); - if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="shutdown") + if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="shutdown" && ValidateFormPassword(queryvars)) { m_log->trace("HomePage::GeneratePage requested shutdown"); ((FMSApp *)&FMSApp::instance())->Terminate(); @@ -94,6 +94,7 @@ const std::string HomePage::GeneratePage(const std::string &method, const std::m content+="

"; content+=""; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; diff --git a/src/http/pages/insertedfilespage.cpp b/src/http/pages/insertedfilespage.cpp index 65cdeea..e97bf63 100644 --- a/src/http/pages/insertedfilespage.cpp +++ b/src/http/pages/insertedfilespage.cpp @@ -16,7 +16,7 @@ const std::string InsertedFilesPage::GeneratePage(const std::string &method, con Option::Instance()->Get("FProxyPort",fproxyport); - if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="removefile" && queryvars.find("fileid")!=queryvars.end()) + if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="removefile" && queryvars.find("fileid")!=queryvars.end() && ValidateFormPassword(queryvars)) { SQLite3DB::Statement del=m_db->Prepare("DELETE FROM tblFileInserts WHERE FileInsertID=?;"); del.Bind(0,(*queryvars.find("fileid")).second); @@ -40,6 +40,7 @@ const std::string InsertedFilesPage::GeneratePage(const std::string &method, con content+=""+SanitizeOutput(filename)+" - "+sizestr+" bytes"; content+="

"; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; diff --git a/src/http/pages/localidentitiespage.cpp b/src/http/pages/localidentitiespage.cpp index 5fa76b5..d4e0d44 100644 --- a/src/http/pages/localidentitiespage.cpp +++ b/src/http/pages/localidentitiespage.cpp @@ -18,11 +18,13 @@ const std::string LocalIdentitiesPage::GeneratePage(const std::string &method, c content+=""; content+=""; - content+=""; + content+=""; content+=""; content+=""; content+=""; @@ -86,7 +88,7 @@ const std::string LocalIdentitiesPage::GeneratePage(const std::string &method, c trustst.Reset(); content+=""; - content+=""; + content+=""; content+=""; content+=""; st.Step(); @@ -232,7 +234,7 @@ void LocalIdentitiesPage::handleRequest(Poco::Net::HTTPServerRequest &request, P CreateQueryVarMap(request,vars); std::string formaction=""; - if(vars.find("formaction")!=vars.end()) + if(vars.find("formaction")!=vars.end() && ValidateFormPassword(vars)) { formaction=(*vars.find("formaction")).second; if(formaction=="update") diff --git a/src/http/pages/optionspage.cpp b/src/http/pages/optionspage.cpp index 5a1d8e1..5c61e16 100644 --- a/src/http/pages/optionspage.cpp +++ b/src/http/pages/optionspage.cpp @@ -38,9 +38,10 @@ const std::string OptionsPage::GeneratePage(const std::string &method, const std { std::string content="

Options

\r\n"; content+=""; + content+=CreateFormPassword(); content+="
Export IdentitiesImport Identities
"; content+=""; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; content+=""; content+="
"; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; @@ -63,7 +65,7 @@ const std::string LocalIdentitiesPage::GeneratePage(const std::string &method, c st.ResultText(9,maxmessagedelay); content+="
"+SanitizeOutput(CreateShortIdentityName(name,publickey))+""+CreateFormPassword()+""+SanitizeOutput(CreateShortIdentityName(name,publickey))+""+CreateTrueFalseDropDown("singleuse["+countstr+"]",singleuse)+""+CreateTrueFalseDropDown("publishtrustlist["+countstr+"]",publishtrustlist)+""+CreateTrueFalseDropDown("publishboardlist["+countstr+"]",publishboardlist)+"
"+CreateFormPassword()+"
"+publickey+"
"; - if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="save") + if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="save" && ValidateFormPassword(queryvars)) { SQLite3DB::Statement update=m_db->Prepare("UPDATE tblOption SET OptionValue=? WHERE Option=?;"); std::vector options; diff --git a/src/http/pages/peerdetailspage.cpp b/src/http/pages/peerdetailspage.cpp index f4661ab..9e70ca8 100644 --- a/src/http/pages/peerdetailspage.cpp +++ b/src/http/pages/peerdetailspage.cpp @@ -36,21 +36,21 @@ const std::string PeerDetailsPage::GeneratePage(const std::string &method, const StringFunctions::Convert((*queryvars.find("identityid")).second,identityid); } - if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="deletemessages") + if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="deletemessages" && ValidateFormPassword(queryvars)) { SQLite3DB::Statement del=m_db->Prepare("DELETE FROM tblMessage WHERE IdentityID=?;"); del.Bind(0,identityid); del.Step(); } - if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="hide") + if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="hide" && ValidateFormPassword(queryvars)) { SQLite3DB::Statement del=m_db->Prepare("UPDATE tblIdentity SET Hidden='true' WHERE IdentityID=?;"); del.Bind(0,identityid); del.Step(); } - if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="show") + if(identityid!=0 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="show" && ValidateFormPassword(queryvars)) { SQLite3DB::Statement del=m_db->Prepare("UPDATE tblIdentity SET Hidden='false' WHERE IdentityID=?;"); del.Bind(0,identityid); @@ -112,6 +112,7 @@ const std::string PeerDetailsPage::GeneratePage(const std::string &method, const content+=""; content+=""; content+="
OptionValueDescription
Hidden in Main Peer Trust Page"+hidden; content+=" "; + content+=CreateFormPassword(); content+=""; if(hidden=="false") { @@ -140,6 +141,7 @@ const std::string PeerDetailsPage::GeneratePage(const std::string &method, const content+="Message Count"+messagecountstr; content+="  "; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; diff --git a/src/http/pages/peermaintenancepage.cpp b/src/http/pages/peermaintenancepage.cpp index 502cea6..f605f5f 100644 --- a/src/http/pages/peermaintenancepage.cpp +++ b/src/http/pages/peermaintenancepage.cpp @@ -17,7 +17,7 @@ const std::string PeerMaintenancePage::GeneratePage(const std::string &method, c std::string tempval; Poco::DateTime date; - if(queryvars.find("formaction")!=queryvars.end()) + if(queryvars.find("formaction")!=queryvars.end() && ValidateFormPassword(queryvars)) { if((*queryvars.find("formaction")).second=="removenotseen") { @@ -83,6 +83,9 @@ const std::string PeerMaintenancePage::GeneratePage(const std::string &method, c content+="

Peer Maintenance

"; content+="

Removing a peer will not remove the messages they sent, but will remove everything else about that peer, including their trust levels.

"; + content+="

"; + content+="Recently Added Peers"; + content+="

"; content+=""; content+=""; @@ -102,6 +105,7 @@ const std::string PeerMaintenancePage::GeneratePage(const std::string &method, c content+=""; content+=""; content+=""; content+=""; content+=""; content+=""; content+=""; content+=""; - content+=""; + content+=""; content+=""; content+=""; content+=""; content+=""; - content+=""; + content+=""; content+=""; content+=""; content+=""; diff --git a/src/http/pages/peertrustpage.cpp b/src/http/pages/peertrustpage.cpp index 92f804c..3fee7ac 100644 --- a/src/http/pages/peertrustpage.cpp +++ b/src/http/pages/peertrustpage.cpp @@ -148,7 +148,7 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s } } - if(localidentityid!=-1 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="update") + if(localidentityid!=-1 && queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="update" && ValidateFormPassword(queryvars)) { std::vector identityids; std::vector oldlmt; @@ -276,6 +276,7 @@ const std::string PeerTrustPage::GeneratePage(const std::string &method, const s content+=""; content+="
"; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; diff --git a/src/http/pages/recentlyaddedpage.cpp b/src/http/pages/recentlyaddedpage.cpp new file mode 100644 index 0000000..2b09ce8 --- /dev/null +++ b/src/http/pages/recentlyaddedpage.cpp @@ -0,0 +1,95 @@ +#include "../../../include/http/pages/recentlyaddedpage.h" +#include "../../../include/global.h" +#include "../../../include/stringfunctions.h" + +#include +#include +#include + +const std::string RecentlyAddedPage::GeneratePage(const std::string &method, const std::map &queryvars) +{ + std::string content=""; + Poco::DateTime date; + int count=0; + std::string countstr="0"; + + if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="delete" && ValidateFormPassword(queryvars)) + { + std::vector identityids; + CreateArgArray(queryvars,"chkdel",identityids); + + SQLite3DB::Statement del=m_db->Prepare("DELETE FROM tblIdentity WHERE IdentityID=?;"); + + for(std::vector::iterator i=identityids.begin(); i!=identityids.end(); i++) + { + if((*i)!="") + { + del.Bind(0,(*i)); + del.Step(); + del.Reset(); + } + } + + } + + content="

Recently Added Peers

"; + + SQLite3DB::Statement st=m_db->Prepare("SELECT IdentityID, PublicKey, Name, DateAdded, AddedMethod FROM tblIdentity WHERE DateAdded>=? ORDER BY DateAdded DESC;"); + date-=Poco::Timespan(5,0,0,0,0); + st.Bind(0,Poco::DateTimeFormatter::format(date,"%Y-%m-%d %H:%M:%S")); + st.Step(); + + content+=""; + content+=CreateFormPassword(); + content+=""; + content+="
Stats
never seen"; content+=""; + content+=CreateFormPassword(); content+=""; content+=""; content+=""; @@ -119,6 +123,7 @@ const std::string PeerMaintenancePage::GeneratePage(const std::string &method, c content+="last seen more than 20 days ago"; content+="
"; + content+=CreateFormPassword(); content+=""; content+=""; content+="
"; @@ -136,6 +141,7 @@ const std::string PeerMaintenancePage::GeneratePage(const std::string &method, c content+="		last sent a message more than 30 days ago"; content+="
"; + content+=CreateFormPassword(); content+=""; content+=""; content+="
"; @@ -150,6 +156,7 @@ const std::string PeerMaintenancePage::GeneratePage(const std::string &method, c content+="		never sent a message"; content+="
"; + content+=CreateFormPassword(); content+=""; content+=""; content+="
"; @@ -167,6 +174,7 @@ const std::string PeerMaintenancePage::GeneratePage(const std::string &method, c content+="		added more than 20 days ago and never sent a message"; content+="
"; + content+=CreateFormPassword(); content+=""; content+=""; content+="
"; @@ -184,6 +192,7 @@ const std::string PeerMaintenancePage::GeneratePage(const std::string &method, c content+="		last seen more than 20 days ago and never sent a message"; content+="
"; + content+=CreateFormPassword(); content+=""; content+=""; content+="
"; @@ -191,13 +200,17 @@ const std::string PeerMaintenancePage::GeneratePage(const std::string &method, c content+="
"; + content+=CreateFormPassword(); + content+="last seen days ago
"; + content+=CreateFormPassword(); + content+="last seen days ago, and have null local trust
"; + content+=""; + + while(st.RowReturned()) + { + std::string identityidstr=""; + std::string publickey=""; + std::string name=""; + std::string dateadded=""; + std::string addedmethod=""; + + st.ResultText(0,identityidstr); + st.ResultText(1,publickey); + st.ResultText(2,name); + st.ResultText(3,dateadded); + st.ResultText(4,addedmethod); + + StringFunctions::Convert(count,countstr); + + content+=""; + content+=""; + content+=""; + content+=""; + content+=""; + content+=""; + + count++; + + st.Step(); + } + content+=""; + content+="
NameDate AddedAdded Method
"; + content+=""; + content+=SanitizeOutput(CreateShortIdentityName(name,publickey)); + content+=""; + content+=""+dateadded+""+SanitizeOutput(addedmethod)+"
"; + + return StringFunctions::Replace(m_template,"[CONTENT]",content); +} + +const bool RecentlyAddedPage::WillHandleURI(const std::string &uri) +{ + if(uri.find("recentlyadded.")!=std::string::npos) + { + return true; + } + else + { + return false; + } +}