1 # ===================================================================== 2 # showStatic: display misc. static pre-formatted views. 3 # 4 # Copyright (c) 2007,2008,2009,2010,2011 Carlo Strozzi 5 # 6 # This program is free software; you can redistribute it and/or modify 7 # it under the terms of the GNU General Public License as published by 8 # the Free Software Foundation; version 2 dated June, 1991. 9 # 10 # This program is distributed in the hope that it will be useful, 11 # but WITHOUT ANY WARRANTY; without even the implied warranty of 12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 # GNU General Public License for more details. 14 # 15 # You should have received a copy of the GNU General Public License 16 # along with this program; if not, write to the Free Software 17 # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 18 # 19 # ===================================================================== 20 21 # ===================================================================== 22 # Local variables and functions 23 # ===================================================================== 24 25 cgi.group = () 26 cgi.tw.page = () 27 cgi.page = () 28 cgi.subcat = () 29 cgi.page.literal = () 30 cgi.page.uri = () 31 cgi.author = () 32 cgi.watch.node = () 33 34 tmp1 = /dev/null 35 captcha_code = () 36 do_commit = () 37 pls_set = () 38 39 # OpenID Simple Registration Extension 1.0 protocol variables, see 40 # http://openid.net/specs/openid-simple-registration-extension-1_0.html 41 42 cgi.sreg.email = () 43 cgi.sreg.fullname = () 44 cgi.sreg.dob = () 45 cgi.sreg.gender = () 46 cgi.sreg.postcode = () 47 cgi.sreg.country = () 48 cgi.sreg.language = () 49 cgi.sreg.timezone = () 50 cgi.sreg.nickname = () 51 52 # ===================================================================== 53 # Main program 54 # ===================================================================== 55 56 csaGetArgs GET 57 58 #~ $REMOTE_ADDR 192.168.1.2 && csaExit.env 59 60 . $CSA_ROOT/lib/group-stuff.rc 61 62 # Grant further privileges where appropriate. 63 . $CSA_ROOT/lib/group-editor.rc 64 65 # This may be overridden by the switch() below. 66 tpl.var.tw.page = $'cgi.tw.page' 67 tpl.var.tw.page.object = $'tpl.var.tw.page' 68 69 # Add more known static views as needed. 70 71 switch ($'cgi.tw.page') { 72 73 case tw-recent-pages 74 # All list-type static views have a blog style by definition. 75 TNS_TW_STYLE = blog 76 if (~ $'cgi.subcat' [a-z]*) { 77 tpl.include.tw.page = $tw_gstem/$'cgi.subcat'-recent-pages+xml 78 tpl.var.tw.page = tw-$'cgi.subcat'-recent-pages 79 tpl.var.tw.page.object = $'tpl.var.tw.page' 80 tpl.var.tw.page.subcat = $'cgi.subcat' 81 } else tpl.include.tw.page = $tw_gstem/recent-pages+xml 82 83 case tw-recent-headlines 84 # All list-type static views have a blog style by definition. 85 TNS_TW_STYLE = blog 86 if (~ $'cgi.subcat' [a-z]*) { 87 tpl.include.tw.page = $tw_gstem/$'cgi.subcat'-recent-headlines+xml 88 tpl.var.tw.page = tw-$'cgi.subcat'-recent-headlines 89 tpl.var.tw.page.object = $'tpl.var.tw.page' 90 tpl.var.tw.page.subcat = $'cgi.subcat' 91 } else tpl.include.tw.page = $tw_gstem/recent-headlines+xml 92 93 case tw-trackback-form 94 # no 'print' style defined for this view, 95 # but a target page name is required. 96 cgi.style = screen 97 ~ $'cgi.page' () && csaExit.fault 0038 98 csaMkTemp tpl.include.tw.page.captcha 99 captcha_code = `{pwgen -1 -A -B 6} 100 ~ $bqstatus 0 || csaExit.fault 0003 pwgen 101 csaSession.set $captcha_code 10 102 echo $captcha_code | figlet -w 80 -k > $'tpl.include.tw.page.captcha' 103 tpl.var.tw.page = $'cgi.page.literal' 104 tpl.var.tw.page.object = $'tpl.var.tw.page' 105 106 case tw-page-trackbacks 107 # no 'print' style defined for this view, 108 # but a target page name is required. 109 cgi.style = screen 110 ~ $'cgi.page' () && csaExit.fault 0038 111 tpl.var.tw.page = $'cgi.page.literal' 112 tpl.var.tw.page.object = $'tpl.var.tw.page' 113 tpl.include.tw.page = $tw_gstem/$'cgi.page'-tbk+xml 114 115 case tw-recent-changes 116 # All list-type static views have a blog style by definition. 117 TNS_TW_STYLE = blog 118 tpl.include.tw.page = $tw_gstem/recent-changes+xml 119 120 case tw-recent-comments 121 # All list-type static views have a blog style by definition. 122 TNS_TW_STYLE = blog 123 tpl.include.tw.page = $tw_gstem/recent-comments+xml 124 125 case tw-group-cloud 126 # All list-type static views have a blog style by definition. 127 TNS_TW_STYLE = blog 128 tpl.include.tw.page = $tw_gstem/tag-cloud+xml 129 130 case tw-cat-cloud 131 # All list-type static views have a blog style by definition. 132 TNS_TW_STYLE = blog 133 tpl.include.tw.page = $tw_gstem/cat-cloud+xml 134 135 case tw-reg-form 136 # Logged-in users are already registered by definition. 137 csaTrue $CSA_AUTH_OK && csaExit.fault --back 1028 138 139 # Show self-registration form only if appropriate, not to 140 # have the user waste time filling a request that the 141 # 'registerUser' method will refuse to accept. 142 ~ $TNS_SELFREG_AUTH *[a-z]* || csaExit.fault 403 0022 143 144 # no 'print' style defined for this view. 145 cgi.style = screen 146 csaMkTemp tpl.include.tw.page.captcha 147 captcha_code = `{pwgen -1 -A -B 6} 148 ~ $bqstatus 0 || csaExit.fault 0003 pwgen 149 csaSession.set $captcha_code 10 150 echo $captcha_code | figlet -w 80 -k > $'tpl.include.tw.page.captcha' 151 152 # This can be useful to avoid requesting the captcha code if desired, 153 # by turning the relevant form field from type=text to type=hidden 154 # value=$[tpl.var.tw.captcha:x] 155 156 tpl.var.tw.captcha = $captcha_code 157 158 # Try and get e-mail from session data if missing. 159 if (~ $'cgi.sreg.email' () && !~ $CSA_SESSION(13) -) { 160 cgi.sreg.email = $CSA_SESSION(13) 161 } 162 163 csaSetClear tpl.var.tw.sreg.email cgi.sreg.email 164 csaSetClear tpl.var.tw.sreg.fullname cgi.sreg.fullname 165 csaSetClear tpl.var.tw.sreg.dob cgi.sreg.dob 166 csaSetClear tpl.var.tw.sreg.gender cgi.sreg.gender 167 csaSetClear tpl.var.tw.sreg.postcode cgi.sreg.postcode 168 csaSetClear tpl.var.tw.sreg.country cgi.sreg.country 169 csaSetClear tpl.var.tw.sreg.language cgi.sreg.language 170 csaSetClear tpl.var.tw.sreg.timezone cgi.sreg.timezone 171 csaSetClear tpl.var.tw.sreg.nickname cgi.sreg.nickname 172 173 if (~ $'cgi.reg.openid' http://* https://*) { 174 csaSetClear tpl.var.tw.reg.openid cgi.reg.openid 175 } else tpl.var.tw.reg.openid = $CSA_SESSION(15) 176 177 ~ $'tpl.var.tw.reg.openid' - && tpl.var.tw.reg.openid = () 178 179 tpl.var.tw.reg.auth = $^TNS_SELFREG_AUTH 180 181 case tw-shop-form 182 183 # Thest whether shopping is allowed to non-authenticated buyers. 184 # This check will also be done by cartCheckout but I do it also 185 # here for the user's convenience. 186 187 if (!csaTrue $CSA_AUTH_OK) { 188 189 if (!csaTrue $TNS_BUY_ANONYMOUS) { 190 191 # Show self-registration form if appropriate. 192 csaIsInteractive && ~ $TNS_SELFREG_AUTH *[a-z]* && 193 csaTrue $TNS_SELFREG_AUTOASK && csaExit.location $CSA_RPC_URI'?0=showStatic&x-csa-lang='$CSA_LANG^'&1='$'cgi.group'^'&2=tw-reg-form' 194 195 csaExit.needauth 196 } 197 } 198 199 # no 'print' style defined for this view. 200 cgi.style = screen 201 csaMkTemp tpl.include.tw.page.captcha 202 captcha_code = `{pwgen -1 -A -B 6} 203 ~ $bqstatus 0 || csaExit.fault 0003 pwgen 204 csaSession.set $captcha_code 10 205 echo $captcha_code | figlet -w 80 -k > $'tpl.include.tw.page.captcha' 206 tpl.var.tw.page = $'cgi.page.literal' 207 tpl.var.tw.page.object = $'tpl.var.tw.page' 208 209 # This can be useful to avoid requesting the captcha code if desired, 210 # by turning the relevant form field from type=text to type=hidden 211 # value=$[tpl.var.tw.captcha:x] 212 213 tpl.var.tw.captcha = $captcha_code 214 215 # Set Principal Lock Semaphore(s) (PLS) if not yet done. 216 csaTrue $pls_set || csaLock $tw_gstem/order+dat || csaExit.fault 217 pls_set = true 218 219 # Create shop order table if it does not yet exist. 220 if (!csaIsFullPath --exists --quiet $tw_gstem/order+dat) { 221 maketable --input \ 222 $CSA_ROOT/lib/order.xrf > $tw_gstem/order+dat || 223 csaExit.fault 0003 maketable 224 } 225 226 # Pre-fill the shopper form with the latest available data, if any. 227 if (!~ $CSA_PGM(1) CSA2 && !~ $CSA_AUTH_USER ()) { 228 229 awktable -H -i $tw_gstem/order+dat -- ' 230 # Retain only the most recent record, if any. 231 $k_user == ENVIRON["CSA_AUTH_USER"] {out_=$0} 232 END {if(out_ != "") print out_}' | 233 csa-tbl2rc --prefix tbl_order. > $tmp1 234 235 csaStatus || csaExit.fault 0003 awktable/csa-tbl2rc 236 237 . $tmp1 238 239 # Set default values where possible. We are likely to have 240 # been pre-authenticated in a previous request before reaching 241 # this static view, so we cannot rely on 'tbl_user.' vars here. 242 # At most, we can try and get what we need from session data. 243 244 ~ $'tbl_order.o_fullname' () && 245 tbl_order.o_fullname = $'cgi.author' 246 247 if (~ $'tbl_order.o_email' () && ~ $CSA_SESSION(13) *'@'*.*) { 248 tbl_order.o_email = $CSA_SESSION(13) 249 } 250 251 # Pre-fill template vars with previous values if available. 252 csaSetClear tpl.var.tw.ord.fullname tbl_order.o_fullname 253 csaSetClear tpl.var.tw.ord.nick tbl_order.o_nick 254 csaSetClear tpl.var.tw.ord.email tbl_order.o_email 255 csaSetClear tpl.var.tw.ord.phone tbl_order.o_phone 256 csaSetClear tpl.var.tw.ord.town tbl_order.o_town 257 csaSetClear tpl.var.tw.ord.addr tbl_order.o_addr 258 csaSetClear tpl.var.tw.ord.zip tbl_order.o_zip 259 csaSetClear tpl.var.tw.ord.state tbl_order.o_state 260 csaSetClear tpl.var.tw.ord.ctry tbl_order.o_ctry 261 csaSetClear tpl.var.tw.ord.vat tbl_order.o_vat 262 csaSetClear tpl.var.tw.ord.iorg tbl_order.o_iorg 263 csaSetClear tpl.var.tw.ord.itown tbl_order.o_itown 264 csaSetClear tpl.var.tw.ord.iaddr tbl_order.o_iaddr 265 csaSetClear tpl.var.tw.ord.izip tbl_order.o_izip 266 csaSetClear tpl.var.tw.ord.istate tbl_order.o_istate 267 csaSetClear tpl.var.tw.ord.ictry tbl_order.o_ictry 268 } 269 270 case tw-editor-menu 271 272 # This is available to both global and group-level editors, 273 # with the relevant sections toggled by the associated 274 # conditionals. If a non-editor calls this function she 275 # will then be blocked by the autorization checks called 276 # by the invoked methods. 277 278 # Display the administration menu (requires admin privileges). 279 ~ ,$TNS_AUTH_GRP, *,editor,* || csaExit.needauth 280 281 if (csaIsFullPath --exists --quiet $CSA_TPL_ROOT/tw-editor-menu.txt) { 282 # custom template. 283 tpl.include.tw.page = $CSA_TPL_ROOT/tw-editor-menu.txt 284 } else { 285 # default template. 286 tpl.include.tw.page = $tw_dstem/tw-editor-menu.txt 287 } 288 289 # Not really needed with this particular view, but I leave it 290 # in place as an example. 291 # 292 #if (csaIsFullPath --exists --quiet $CSA_TPL_ROOT/tw-editor-menu.rdf) { 293 # # custom extra RDF page section. 294 # tpl.include.tw.page.rdf = $CSA_TPL_ROOT/tw-editor-menu.rdf 295 #} else { 296 # # default extra RDF page section. 297 # tpl.include.tw.page.rdf = $tw_dstem/tw-editor-menu.rdf 298 #} 299 300 case tw-session-form 301 302 if (csaIsFullPath --exists --quiet $CSA_TPL_ROOT/tw-session-form.txt) { 303 # custom template. 304 tpl.include.tw.page = $CSA_TPL_ROOT/tw-session-form.txt 305 } else { 306 # default template. 307 tpl.include.tw.page = $tw_dstem/tw-session-form.txt 308 } 309 310 case tw-unwatch-request 311 312 # Unsubscription from unauthenticated users require that either 313 # a user-ID or a PIN is entered, see the relevant response 314 # template. Authenticated users will be automatically redirected 315 # to the actual request processor. Subscription requesta are not 316 # hadled by this program, but they are rather managed directly 317 # by the relevant rpclib processor. This is because a user may want 318 # to unsubscribe by simply clicking on the unsubscribe link that 319 # she received in e-mail, when she may not be logged into the 320 # system yet, and she may not even know how to log-in because 321 # the local business-logic does not notify authentication 322 # credentials to registered users (depending on how local templates 323 # and group settings are configured). 324 325 csaTrue $CSA_AUTH_OK && csaExit.location $CSA_RPC_URI'?0=unwatch&x-csa-lang='$CSA_LANG^'&1='$'cgi.group'^'&2='$CSA_AUTH_USER'&3='$'cgi.watch.node' 326 327 # For the user's convenience, try and get e-mail from session 328 # data if available. 329 330 ~ $CSA_SESSION(13) *'@'*.* && 331 tpl.var.tw.reg.email = $CSA_SESSION(13) 332 333 tpl.var.tw.node = $'cgi.watch.node' 334 335 if (csaIsFullPath --exists --quiet \ 336 $CSA_TPL_ROOT/$'cgi.tw.page'.txt) { 337 # custom template. 338 tpl.include.tw.page = $CSA_TPL_ROOT/$'cgi.tw.page'.txt 339 340 } else { 341 342 # default template. 343 tpl.include.tw.page = $tw_dstem/$'cgi.tw.page'.txt 344 } 345 346 case * 347 csaExit.fault 0038 348 } 349 350 # These two views use the same response templates. 351 ~ $'cgi.tw.page' tw-recent-headlines && cgi.tw.page = tw-recent-pages 352 353 #~ $REMOTE_ADDR 192.168.1.2 && csaExit.env 354 355 # This is mainly to set the "Print" action, and possibly other 356 # page-level functions, to something sensible even when in virtual 357 # views (i.e. tw-*). 358 359 ~ $'tpl.var.tw.page' () && tpl.var.tw.page = $TNS_GROUP_HOME(1) 360 361 # Set template vars to their final values. 362 tpl.var.tw.group = $'tbl_group.g_name' 363 tpl.var.tw.page.object = $'tpl.var.tw.page' 364 365 if (csaIsFullPath --exists --quiet $CSA_TPL_ROOT/$'cgi.tw.page'.txt) { 366 # custom special-page display template. 367 tpl.include.html.body = $CSA_TPL_ROOT/$'cgi.tw.page'.txt 368 } else { 369 # default special-page display template. 370 tpl.include.html.body = $tw_dstem/$'cgi.tw.page'.txt 371 } 372 373 . $CSA_ROOT/lib/tpl-stuff.rc 374 375 # Create page widgets if necessary. 376 377 # Set target year/month for the calendar widget 378 gencal_month = ($CSA_TIME_LOCAL(1) $CSA_TIME_LOCAL(2)) 379 380 gencal_xml = $tw_gstem/cal-$gencal_month(1)^-$gencal_month(2)^+xml 381 genarch_xml = $tw_gstem/year-links+xml 382 gencat_xml = $tw_gstem/cat-links+xml 383 384 if (!csaIsFullPath --exists --quiet $gencal_xml $genarch_xml $gencat_xml) { 385 # Set Principal Lock Semaphore(s) (PLS). 386 csaLock $tw_gstem/page+dat || csaExit.fault 387 pls_set = true 388 389 gencal_rcs = $tw_gstem/RCS/cal-$gencal_month(1)^-$gencal_month(2)^+xml,v 390 genarch_rcs = $tw_gstem/RCS/year-links+xml,v 391 gencat_rcs = $tw_gstem/RCS/cat-links+xml,v 392 393 gencat_mt = $tw_gstem/cat-mt+xml 394 gencat_mw = $tw_gstem/cat-mw+xml 395 396 gencat_mt_rcs = $tw_gstem/RCS/cat-mt+xml,v 397 gencat_mw_rcs = $tw_gstem/RCS/cat-mw+xml,v 398 399 widget_input = $tw_gstem/page+dat 400 401 . $CSA_ROOT/lib/widgets.rc 402 403 # Commit widget creation if necessary. 404 ~ $do_commit () || csaCommit || csaExit.fault 405 } 406 407 # Static views do not correspond to actual pages on disk, 408 # so we need to toggle unapplicable sections in templates. 409 410 tpl.if.tw.ispage = '(::DEL:)' 411 tpl.fi.tw.ispage = '(:DEL::)' 412 tpl.if.tw.printable = '(::DEL:)' 413 tpl.fi.tw.printable = '(:DEL::)' 414 tpl.if.tw.isview = () 415 tpl.fi.tw.isview = () 416 417 csaExit.ok $tpl_file 418 419 # End of program.