source: trunk/dnsbl/dnsbl.cgi@ 46

#!/usr/bin/perl
# Main add-IP-to-list CGI
##
# $Id: dnsbl.cgi 46 2014-12-08 22:44:07Z kdeugau $
# Copyright 2009-2011 Kris Deugau <kdeugau@deepnet.cx>
# 
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version. 
# 
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
# 
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
##

use strict;
use warnings;
no warnings qw(uninitialized);
use CGI::Carp qw (fatalsToBrowser);
use CGI::Simple;
use HTML::Template;

use DNSBL;

# Set up the CGI object...
my $q = new CGI::Simple;
# ... and get query-string params as well as POST params if necessary
$q->parse_query_string;

my %webvar;
# This is probably excessive fiddling, but it puts the parameters somewhere my fingers know about...
foreach ($q->param()) {
  $webvar{$_} = $q->param($_);
}

my $dnsbl = new DNSBL;

# try to be friendly to non-US-ASCII characters.  Still need to find what
# difference from RH<->Debian is still at fault.
print $q->header(-charset=>'utf8');

# default DB info - all other settings should be loaded from the DB.
my $dbhost = "localhost";
my $dbname = "dnsbl";
my $dbuser = "dnsbl";
my $dbpass = "spambgone";

# Load a config ref containing DB host, name, user, and pass info based on
# from the server name + full script web path.  This allows us to host
# multiple instances without having to duplicate the code.
# This file is a Perl fragment to be processed inline.
my $cfgname = $ENV{SERVER_NAME}.$ENV{REQUEST_URI};
$cfgname =~ s|[./-]|_|g;
$cfgname =~ s|_dnsbl_cgi.+||;
$cfgname =~ s|_$||;
if (-e "/etc/dnsbl/$cfgname.conf") {
  my $cfg = `cat /etc/dnsbl/$cfgname.conf`;
  ($cfg) = ($cfg =~ /^(.+)$/s);         # avoid warnings, failures, and general nastiness with taint mode
  eval $cfg;
}

my $dbh = $dnsbl->connect($dbhost, $dbname, $dbuser, $dbpass);

my $page;
my $templatedir = $ENV{SCRIPT_FILENAME};
$templatedir =~ s/dnsbl\.cgi//;
$templatedir .= "templates";
$ENV{HTML_TEMPLATE_ROOT} = $templatedir;

my %config;
my $sth = $dbh->prepare("SELECT key,value FROM misc");
$sth->execute;
while (my ($key,$value) = $sth->fetchrow_array) {
  $config{$key} = $value;
}

# decide which page to spit out...
if (!$webvar{page}) {
  $page = HTML::Template->new(filename => "index.tmpl");
} else {
  $page = HTML::Template->new(filename => "$webvar{page}.tmpl");
}

$page->param(pgtitle => $config{pgtitle}) if defined($config{pgtitle});
$page->param(pgcomment => $config{pgcomment}) if defined($config{pgcomment});

if ($webvar{page} eq 'report') {
  my $dnsblsiteroot = $ENV{REQUEST_URI};
  $dnsblsiteroot =~ s|/dnsbl\.cgi\?.+|/|;
  $page->param(dnsblsiteroot => $dnsblsiteroot);

  $page->param(ip => $webvar{ip});
  my $count = $dnsbl->ipexists($webvar{ip});
  $page->param(nreports => $count) if $count;
  $page->param(browsebits => browse($dbh,$webvar{ip}));
  for (my $i=0; $i<3; $i++) {
    my ($block,$org) = $dnsbl->getcontainer($webvar{ip},$i);
    if ($block) {
      my ($bcl,$bal) = $dnsbl->islisted($block);
      $page->param("autob$i" => $bcl);
      $page->param("listb$i" => $bal);
      my ($ol) = $dnsbl->islisted($org);
      $page->param("listorg$i" => $ol);
      $page->param("block$i" => $block);
      $page->param("org$i" => $org);
    }
  }
} elsif ($webvar{page} eq 'dbreport') {
  my $dnsblsiteroot = $ENV{REQUEST_URI};
  $dnsblsiteroot =~ s|/dnsbl\.cgi\?.+|/|;
  $page->param(dnsblsiteroot => $dnsblsiteroot);

  my $err = '';
  my $org0id = $dnsbl->orgexists($webvar{org0});
  if (!$org0id) {
    $org0id = $dnsbl->addorg($webvar{org0});
    $page->param(org0 => $webvar{org0});
  }
  if (!$dnsbl->blockexists($webvar{block0})) {
    my $ret = $dnsbl->addblock($webvar{block0}, $org0id, 0);
    $err .= "error adding $webvar{block0}: $ret<br>\n" if $ret;
    $page->param(block0 => $webvar{block0});
  }
# yes, this is grotty.  PTHBTT!
  if ($webvar{block1}) {
    my $org1id = $dnsbl->orgexists($webvar{org1});
    if (!$org1id) {
      $org1id = $dnsbl->addorg($webvar{org1});
      $page->param(org1 => $webvar{org1});
    }
    if (!$dnsbl->blockexists($webvar{block1})) {
      my $ret = $dnsbl->addblock($webvar{block1}, $org1id, 1);
      $err .= "error adding $webvar{block1}: $ret<br>\n" if $ret;
      $page->param(block1 => $webvar{block1});
    }
    if ($webvar{block2}) {
      my $org2id = $dnsbl->orgexists($webvar{org2});
      if (!$org2id) {
        $org2id = $dnsbl->addorg($webvar{org2});
        $page->param(org2 => $webvar{org2});
      }
      if (!$dnsbl->blockexists($webvar{block2})) {
        my $ret = $dnsbl->addblock($webvar{block2}, $org2id, 2);
        $err .= "error adding $webvar{block2}: $ret<br>\n" if $ret;
        $page->param(block2 => $webvar{block2});
      }
    }
  }
  my $count = $dnsbl->report($webvar{ip});

  $page->param(ip => $webvar{ip});
  $page->param(err => $err);

  $page->param(browsebits => browse($dbh,$webvar{ip}));
}

print $page->output;

exit 0;



## extra subs.  should probably put this in a module somehow to share with browse.cgi

sub browse {
  my $dbh = shift;
  my $ip = shift;
  my $ipcidr = new NetAddr::IP $ip;

  my $basesql = "SELECT b.block,o.orgname,b.listme,o.listme,b.comments,o.comments ".
        "FROM blocks b INNER JOIN orgs o ON b.orgid=o.orgid ".
        "WHERE b.block ";

  my $sth0 = $dbh->prepare($basesql." >> ? AND b.level=0 ORDER BY block");
  my $sth1 = $dbh->prepare($basesql." <<= ? AND b.level=1 ORDER BY block");
  my $sth2 = $dbh->prepare($basesql." <<= ? AND b.level=2 ORDER BY block");
  my $sthiplist = $dbh->prepare("select * from iplist where ip <<= ? order by ip");

  my %ipseen;
  my $out = '';

  my $tmpl0 = new HTML::Template(filename => 'templates/browse-block.tmpl');

  $sth0->execute($ip);
  while (my ($block0,$org0,$listmeb0,$listmeo0,$bcomments0,$ocomments0) = $sth0->fetchrow_array) {
    my $block0cidr = new NetAddr::IP $block0;
    $tmpl0->param(lvlclass => 'lvl0'.($dnsbl->autolist_block($block0) ? ' auto0' : '').
        ( $ipcidr->within($block0cidr) ? ' inhere' : ''));
    $tmpl0->param(netclass => ($listmeb0 ? 'b0list' : ''));
    $tmpl0->param(net => $block0);
    $tmpl0->param(orgclass => ($listmeo0 ? 'b0org' : ''));
    $tmpl0->param(org => $org0);
    $tmpl0->param(bcomment => $bcomments0) if $bcomments0;
    $tmpl0->param(ocomment => $ocomments0) if $ocomments0;
    $sth1->execute($block0);
    my $lvl1out = '';
    if ($sth1->rows > 0) {
      while (my ($block1,$org1,$listmeb1,$listmeo1,$bcomments1,$ocomments1) = $sth1->fetchrow_array) {
        my $block1cidr = new NetAddr::IP $block1;
        my $tmpl1 = new HTML::Template(filename => 'templates/browse-block.tmpl');
        $tmpl1->param(lvlclass => 'lvl1'.($dnsbl->autolist_block($block1) ? ' auto1' : '').
                ( $ipcidr->within($block1cidr) ? ' inhere' : ''));
        $tmpl1->param(netclass => ($listmeb1 ? 'b1list' : ''));
        $tmpl1->param(net => $block1);
        $tmpl1->param(orgclass => ($listmeo1 ? 'b1org' : ''));
        $tmpl1->param(org => $org1);
        $tmpl1->param(bcomment => $bcomments1) if $bcomments1;
        $tmpl1->param(ocomment => $ocomments1) if $ocomments1;
        $tmpl1->param(indent => '  ');
        my $lvl2out = '';
        $sth2->execute($block1);
        if ($sth2->rows > 0) {
          while (my ($block2,$org2,$listmeb2,$listmeo2,$bcomments2,$ocomments2) = $sth2->fetchrow_array) {
            my $block2cidr = new NetAddr::IP $block2;
            my $tmpl2 = new HTML::Template(filename => 'templates/browse-block.tmpl');
            $tmpl2->param(lvlclass => 'lvl2'.($dnsbl->autolist_block($block2) ? ' auto2' : '').
                ( $ipcidr->within($block2cidr) ? ' inhere' : ''));
            $tmpl2->param(netclass => ($listmeb2 ? 'b2list' : ''));
            $tmpl2->param(net => $block2);
            $tmpl2->param(orgclass => ($listmeo2 ? 'b2org' : ''));
            $tmpl2->param(org => $org2);
            $tmpl2->param(bcomment => $bcomments2) if $bcomments2;
            $tmpl2->param(ocomment => $ocomments2) if $ocomments2;
            $tmpl2->param(indent => '    ');
            $sthiplist->execute($block2);
            my @iprows;
            while (my @data4 = $sthiplist->fetchrow_array) {
              my %iprow;
              $iprow{ip} = $data4[0];
              $iprow{ipcount} = $data4[1];
              $iprow{indent} = '    ';
              $iprow{repeater} = 1 if $ip eq $data4[0];
#       ip        | count | s4list |             added
              push @iprows, \%iprow;
              $ipseen{$data4[0]} = 1;
            }
            $tmpl2->param(iplist => \@iprows);
            $lvl2out .= $tmpl2->output;
          }
        }

        $sthiplist->execute($block1);
        my @iprows;
        while (my @data4 = $sthiplist->fetchrow_array) {
          next if $ipseen{$data4[0]};
          my %iprow;
          $iprow{ip} = $data4[0];
          $iprow{ipcount} = $data4[1];
          $iprow{indent} = '  ';
          $iprow{repeater} = 1 if $ip eq $data4[0];
#       ip        | count | s4list |             added
          push @iprows, \%iprow;
          $ipseen{$data4[0]} = 1;
        }
        $tmpl1->param(iplist => \@iprows);
        $tmpl1->param(subs => $lvl2out);
        $lvl1out .= $tmpl1->output;

      }
    } # sth1->rows
    $sthiplist->execute($block0);
    my @iprows;
    while (my @data4 = $sthiplist->fetchrow_array) {
      next if $ipseen{$data4[0]};
      my %iprow;
      $iprow{ip} = $data4[0];
      $iprow{ipcount} = $data4[1];
      $iprow{indent} = '';
      $iprow{repeater} = 1 if $ip eq $data4[0];
#       ip        | count | s4list |             added
      push @iprows, \%iprow;
      $ipseen{$data4[0]} = 1;
    }
    $tmpl0->param(iplist => \@iprows);
    $tmpl0->param(subs => $lvl1out);
  }

  return $tmpl0->output;
} # end browse()