Parent Directory
| 
Revision Log
changed the way the user is determined in access_link
1 #!/usr/local/bin/webwork-perl 2 3 # $Id$ 4 5 # feedback.pl: Mail feedback to a specified user, with the URL of the 6 # referring page automagically included. Reject bogus 7 # destination addresses. 8 # 9 # Usage: invoke as http://site/cgi-bin/feedback.pl?address1,address2,... 10 11 use lib '.'; use webworkInit; # WeBWorKInitLine 12 use Global; 13 use CGI qw(:standard); 14 use CGI::Carp qw(fatalsToBrowser); 15 use HTML::Entities (); 16 use Net::SMTP; 17 18 $ENV{'PATH'} = ''; # try to avoid PATH attacks 19 20 # log access 21 &Global::log_info('', query_string); 22 23 my $Course = param('course'); 24 # establish environment for this script 25 &Global::getCourseEnvironment($Course) if defined $Course; 26 27 # local configuration stuff 28 29 $BGCOLOR = '#ffffff'; 30 $LOGFILE = &Global::getWebworkLogsDirectory() . "webwork-feedback.log"; 31 32 # if path = '/send' we're processing a filled-out form 33 my $ADDR; # define 'globally' so that it can be used by subroutines 34 if (path_info() eq '/send') { 35 36 # Bad destinations shouldn't make it this far, since we already checked 37 # for bad "To:" when generating the feedback form. However, it's still 38 # possible that some evildoer has submitted a bogus form, so we check 39 # again... 40 foreach $ADDR (split(/\s*,\s*/, param('To'))) { 41 &check_destination($ADDR); 42 43 &user_error('You didn\'t enter any comments.') 44 if (param('comments') eq ''); 45 &user_error('You didn\'t enter an e-mail address.') 46 unless (param('email') =~/\@/); 47 48 my $smtp = Net::SMTP->new($Global::smtpServer, Timeout=>10) || 49 &internal_error("Couldn't contact SMTP server."); 50 $smtp->mail($Global::smtpSender); 51 52 if ( $smtp->recipient($ADDR)) { # this one's okay, keep going 53 $smtp->data(&output(0,$ADDR) . access_link($ADDR) ) || 54 &internal_error("Unknown problem sending message data to SMTP server."); 55 } else { # we have a problem with this address 56 $smtp->reset; 57 &internal_error("SMTP server doesn't like this address: <$ADDR>."); 58 } 59 $smtp->quit; 60 &log("Mail sent to: " . $ADDR . " from: " .param('email') ); 61 } 62 # &log("Mail sent to: " . param('To') . " from: " .param('email') ); 63 &thank_you; 64 65 } else { 66 67 # No path info: we're generating a form to be filled-out 68 69 $To = $ENV{'QUERY_STRING'}; 70 $To = $Global::webmaster if ($To eq ''); 71 &check_destination($To); 72 &generate_form; 73 } 74 75 exit(0); 76 77 ############################## Subroutines ################################# 78 79 sub internal_error { 80 my $msg = join " ", @_; 81 &log("ERROR: $msg"); 82 print header, 83 start_html('-title' => "Internal Error", -bgcolor=>"$BGCOLOR"), 84 h1('Internal Error'), 85 b(HTML::Entities::encode($msg)), 86 p, 87 "Your message could not be sent. Please notify ", 88 "<", a({href=>"mailto:$Global::webmaster"}, $Global::webmaster), ">. ", 89 br, 90 "We apologize for the inconvenience.", 91 end_html; 92 exit(1); 93 } 94 95 sub user_error { 96 my $msg = join " ", @_; 97 print header, 98 start_html('-title' => 'User error', -BGCOLOR=>"$BGCOLOR"), 99 h1('User error'), 100 p, 101 b(HTML::Entities::encode($msg)), 102 p, 103 "Please hit the "<B>Back</B>" button on your browser to ", 104 "try again, or notify ", br, 105 "<", a({href=>"mailto:$Global::webmaster"}, $Global::webmaster), "> ", 106 "if you believe this message is in error.", 107 end_html; 108 exit(1); 109 } 110 111 sub check_destination { 112 my($address_list) = @_; 113 114 my (@address) = split(/\+*,\+*/, $address_list); 115 for (@address) { 116 &internal_error("Sorry, I'm not allowed to send mail to <$_>.") 117 if !/$Global::legalAddress/; 118 } 119 } 120 121 #http://webwork.math.rochester.edu/cgi-bin/development/processProblem7.pl?probSetKey=51823&probNum=7&Mode=HTML_tth&course=mth161dev&user=gage&key=NQ18Kry70j*.8Lsok3ulG^QHAp3zRG0hjHE5emT4 122 sub access_link { 123 my $ADDR = shift; 124 my $url = param('referring_url'); 125 $url =~ s/\?.*$//; 126 if (defined param('user')) { 127 $USER = param('user'); 128 } 129 else { 130 $USER = $ADDR; #param('To'); 131 $USER =~s/@.*$//; # determine the user (the recipient of this message) from the mail message 132 } # if param('user') not defined. E.g feedback before login. 133 134 my $warning_limit = $^W; $^W=0; 135 $url .= '?probSetKey='.param('probSetKey').'&probNum='.param('probNum').'&Mode='.param('Mode').'&show_old_answers=1'.'&course='.param('course')."&user=$USER&key=".param('key'); 136 $^W= $warning_limit; 137 return ("-------\nTo go directly to the student's page, click on the Access Link and enter your password under Fast relogin.\nAccess Link " . $url . "\n"); 138 } 139 140 sub log { 141 my $msg = $_[0]; 142 # open(LOGFILE, ">> $LOGFILE") || &internal_error("Can't write to $LOGFILE"); # warn("Can't write to $LOGFILE\n"); 143 open(LOGFILE, ">> $LOGFILE") || warn("Can't write to $LOGFILE\n"); ## above line leads to an infinite loop 144 print LOGFILE 'Date: ', scalar(localtime), "\n"; 145 print LOGFILE $msg; 146 print LOGFILE "\n------\n"; 147 close(LOGFILE); 148 } 149 150 sub thank_you { 151 print header, 152 start_html( '-title'=>'Thank You', -BGCOLOR=>"$BGCOLOR"), 153 h1('Your message has been mailed.'), 154 "To: ", param('To'), 155 '<pre><br><br>',&output(0,param('To') ),'</pre>', 156 end_html; 157 } 158 159 sub generate_form { 160 161 my $list = "," . $To; 162 $list =~ s/,/<li>/g; 163 my $from = param('email'); 164 $from = ' ' unless defined $from; 165 166 print header, 167 start_html('-title'=>'WeBWorK - Feedback', -bgcolor=>"$BGCOLOR"), 168 img({align=>'LEFT', alt=>"", src=>$Global::headerImgUrl}), 169 p({align=>'right'}), 170 br({clear=>'ALL'}), 171 hr, 172 h1('WeBWorK Feedback Gateway'), 173 start_form('POST', url() . '/send'), 174 hidden('To', $To), 175 hidden('name'), 176 hidden('id'), 177 hidden('referring_url', referer()), 178 hidden('probSetKey'), 179 hidden('setnum'), 180 hidden('probNum'), 181 hidden('course'), 182 hidden('section'), 183 hidden('recitation'), 184 hidden('Mode'), 185 hidden('user'), 186 hidden('key'), 187 strong("To: "), kbd($To), br, 188 strong("From: "), param('name'), br, 189 p, 190 textfield(-name=>'email',-default => $from, -size=>'32',-override=>1), ' ', b('E-mail'), i(' (must be filled in!)'),br, 191 p, 192 b('Your comments:'), ' ', i('(must be filled in!)'), br, 193 textarea('comments', '', 15, 70), 194 p, 195 b(submit('submit', 'Submit Your Comments')), 196 end_form, 197 end_html; 198 } 199 200 sub output { 201 my $suppress_output = $_[0]; 202 my $addr = $_[1]; 203 my $msg; 204 my $replyTo = param('email'); 205 $replyTo .= ', ' . $Global::defaultReply if ($Global::defaultReply =~ /\w/); 206 207 $msg = 208 # message header 209 "From: " . param('email') . " (" . param('name') . ")\n" . 210 "To: " . $addr . "\n" . 211 "Reply-To: " . $replyTo . "\n" . 212 "X-Remote-Host: " . remote_host . " (" . remote_addr . ")\n" . 213 "Subject: WeBWorK Feedback from " . param('course'). "/" . param('user'). "\n" . 214 "\n" . 215 216 # message body: student data 217 "User: " . param('user') . "\n" . 218 "Name: " . param('name') . "\n" . 219 "Student ID: " . param('id') . "\n" . 220 "Course: " . param('course') . "\n" . 221 "Section: " . param('section') . "\n" . 222 "Recitation: " . param('recitation') . "\n" . 223 "PSVN: " . param('probSetKey') . "\n" . 224 "Set number: " . param('setnum') . "\n" . 225 "Problem number: " . param('probNum') . "\n" . 226 "Mode: " . param('Mode') . "\n" . 227 "Key: " . param('key') . "\n" . 228 # "DataMunger URL: $munger" . "\n" . 229 "\n"; 230 231 # for logs: don't log actual message, just student info 232 return $msg if $suppress_output; 233 234 # message body: message 235 $msg .= "Allegedly from: " . param('email') . "\n" . 236 "Comments:\n-------\n" . param('comments') . "\n"; 237 238 return $msg; 239 } 240
| aubreyja at gmail dot com | ViewVC Help |
| Powered by ViewVC 1.0.9 |