Commit cac6bdd0 authored by noplanman's avatar noplanman Committed by David Morley

Better forms and email sending (#73)

* Improve HTML form output.
Better email message sending.
Various code fixes and simplifications.

* Make email sending more logical.
Fix wrong email field.

* Move email headers up.
Better email formatting when a new rating has been added.
parent 62961183
......@@ -26,8 +26,7 @@ $numrows = pg_num_rows($result);
<th>Active 1<a class="tipsy" title="Number of users active last 1 month on this pod.">?</a></th>
<th>Posts<a class="tipsy" title="Number of total posts on this pod.">?</a></th>
<th>Comm<a class="tipsy" title="Number of total comments on this pod.">?</a></th>
<th>Month<a class="tipsy" title="How many months has this pod been online? Click number for more history.">?</a>
</th>
<th>Month<a class="tipsy" title="How many months has this pod been online? Click number for more history.">?</a></th>
<th>Sc<a class="tipsy" title="System Score on a 100 scale.">?</a></th>
<th>conn<a class="tipsy" title="">?</a></th>
<th>Delete?<a class="tipsy" title="Delete this pod from DB?">?</a></th>
......@@ -41,8 +40,8 @@ $numrows = pg_num_rows($result);
$verdiff = str_replace('.', '', $row['masterversion']) - str_replace('.', '', $row['shortversion']);
$pod_name = htmlentities($row['name'], ENT_QUOTES);
$tip = sprintf(
"\n" . 'This pod %1$s has been watched for %2$s months and its average ping time is %3$s with uptime of %4$s%% this month and was last checked on %5$s. On a score of -20 to +20 this pod is a %6$s right now',
$tip = sprintf(
'This pod %1$s has been watched for %2$s months and its average ping time is %3$s with uptime of %4$s%% this month and was last checked on %5$s. On a score of -20 to +20 this pod is a %6$s right now',
$pod_name,
$row['monthsmonitored'],
$row['responsetime'],
......@@ -82,20 +81,20 @@ $numrows = pg_num_rows($result);
$moreurl = 'https://api.uptimerobot.com/getMonitors?format=json&noJsonCallback=1&customUptimeRatio=7-30-60-90&apiKey=' . $row['stats_apikey'];
echo '<td><div title="Last Check ' . $row['date_updated'] . '" class="tipsy"><a target="_self" href="' . $moreurl . '">' . $row['monthsmonitored'] . '</a></div></td>';
echo '<td>' . $row['score'] . '</td>';
echo '<td><div class="tipsy" title="' . $row['sslvalid'] . '">con info </td>';
echo '<td><div class="tipsy" title="' . $row['sslvalid'] . '">con info</td>';
?>
<td>
<form method="post" action="db/kill.php" target="_blank">
<input name="comments" value="<?php echo $row['sslvalid']; ?>" size=10>
<input name="domain" value="<?php echo $row['domain']; ?>" type="hidden">
<input name="adminkey" value="<?php echo $_COOKIE['adminkey']; ?>" type="hidden">
<input name="action" type="radio" value="warn">warn
<input name="action" type="radio" value="delete">delete
<input type="hidden" name="domain" value="<?php echo $row['domain']; ?>">
<input type="hidden" name="adminkey" value="<?php echo $_COOKIE['adminkey']; ?>">
<label>Comments<input name="comments" value="<?php echo $row['sslvalid']; ?>" size="10"></label>
<label><input type="radio" name="action" value="warn">warn</label>
<label><input type="radio" name="action" value="delete">delete</label>
<input type="submit" value="Process">
</form>
</td>
<?php
echo '</td></tr>';
echo '</tr>';
}
?>
</tbody>
......
......@@ -62,17 +62,19 @@ if (stristr($outputssl, 'nodeName')) {
$result || die('Error in SQL query: ' . pg_last_error());
$to = $adminemail;
$cc = $_email;
$subject = 'New pod added to '. $_SERVER['HTTP_HOST'];
$message = sprintf(
"%1\$s\n\nStats Url: %2\$s\n\nPod: %3\$s\n\n",
$subject = 'New pod added to ' . $_SERVER['HTTP_HOST'];
$headers = ['From: ' . $_email, 'Reply-To: ' . $_email, 'Cc: ' . $_email];
$message_lines = [
'https://' . $_SERVER['HTTP_HOST'],
'https://api.uptimerobot.com/getMonitors?format=json&noJsonCallback=1&customUptimeRatio=7-30-60-90&apiKey=' . $_stats_apikey,
'https://' . $_SERVER['HTTP_HOST'] . '/db/pull.php?debug=1&domain=' . $_domain
);
$message .= 'Your pod will not show right away, needs to pass a few checks, Give it a few hours!';
$headers = 'From: ' . $_email . "\r\nReply-To: " . $_email . "\r\nCc: " . $_email . "\r\n";
@mail($to, $subject, $message, $headers);
'Stats Url: https://api.uptimerobot.com/getMonitors?format=json&noJsonCallback=1&customUptimeRatio=7-30-60-90&apiKey=' . $_stats_apikey,
'Pod: https://' . $_SERVER['HTTP_HOST'] . '/db/pull.php?debug=1&domain=' . $_domain,
'',
'Your pod will not show up right away, as it needs to pass a few checks first.',
'Give it a few hours!',
];
@mail($to, $subject, implode("\r\n", $message_lines), implode("\r\n", $headers));
echo 'Data successfully inserted! Your pod will be reviewed and live on the list in a few hours!';
......
......@@ -5,11 +5,9 @@
strlen($_token) > 6 || die('bad token');
// Other parameters.
$_save = $_GET['save'] ?? '';
$_delete = $_GET['delete'] ?? '';
$_action = $_GET['action'] ?? '';
$_weight = $_GET['weight'] ?? '';
$_email = $_GET['email'] ?? '';
$_oldemail = $_GET['oldemail'] ?? '';
$_stats_apikey = $_GET['stats_apikey'] ?? '';
$_terms = $_GET['terms'] ?? '';
......@@ -23,11 +21,11 @@ $result = pg_query_params($dbh, $sql, [$_domain]);
$result || die('Error in SQL query: ' . pg_last_error());
while ($row = pg_fetch_array($result)) {
$row['token'] === $_token || die('token not a match');
$row['tokenexpire'] >= date('Y-m-d H:i:s', time()) || die('token expired');
$row['token'] === $_token || die('token mismatch');
$row['tokenexpire'] >= date('Y-m-d H:i:s') || die('token expired');
//delete pod
if ($_delete === $row['token']) {
// Delete and exit.
if ('delete' === $_action) {
$sql = 'DELETE FROM pods WHERE domain = $1';
$result = pg_query_params($dbh, $sql, [$_domain]);
$result || die('Error in SQL query: ' . pg_last_error());
......@@ -35,41 +33,42 @@ while ($row = pg_fetch_array($result)) {
die('pod removed from DB');
}
//save and exit
if ($_save === $row['token']) {
// Save and exit
if ('save' === $_action) {
$_weight <= 10 || die('10 is max weight');
$sql = 'UPDATE pods SET email = $1, stats_apikey = $2, weight = $3, terms = $4 WHERE domain = $5';
$result = pg_query_params($dbh, $sql, [$_email, $_stats_apikey, $_weight, $_terms, $_domain]);
if (!$result) {
die('Error in SQL query: ' . pg_last_error());
}
$result || die('Error in SQL query: ' . pg_last_error());
$to = $_email;
$subject = 'Edit notice from poduptime ';
$message = 'Data for ' . $_domain . " Updated. If it was not you reply and let me know! \n\n";
$headers = "From: " . $adminemail . "\r\nCc:" . $adminemail . "," . $_oldemail . "\r\n";
@mail($to, $subject, $message, $headers);
$headers = ['From: ' . $adminemail, 'Cc: ' . $row['email'], 'Bcc: ' . $adminemail];
$subject = 'Edit notice from poduptime';
$message = 'Data for ' . $_domain . ' updated. If it was not you reply and let me know!';
@mail($to, $subject, $message, implode("\r\n", $headers));
die('Data saved. Will go into effect on next hourly change');
}
//form
echo 'Authorized to edit <b>' . $_domain . '</b> until ' . $row['tokenexpire'] . '<br>';
echo '<form action="" method="get">';
echo '<input type="hidden" name="oldemail" value="' . $row['email'] . '">';
echo '<input type="hidden" name="save" value="' . $_token . '">';
echo '<input type="hidden" name="token" value="' . $_token . '">';
echo '<input type="hidden" name="domain" value="' . $_domain . '">';
echo 'Stats Key <input type="text" size="50" name="stats_apikey" value="' . $row['stats_apikey'] . '"">Uptimerobot API key for this monitor<br>';
echo 'Email <input type="text" size="20" name="email" value="' . $row['email'] . '"><br>';
echo 'Terms Link <input type="text" size="20" name="terms" value="' . $row['terms'] . '"><br>';
echo 'Weight <input type="text" size="2" name="weight" value="' . $row['weight'] . '"> This lets you weight your pod lower on the list if you have too much trafic coming in, 10 is the norm use lower to move down the list.<br>';
echo '<input type="submit" name="submit">';
echo '</form><br><br><br>';
echo '<form action="" method="get">';
echo '<input type="hidden" name="delete" value="' . $_token . '">';
echo '<input type="hidden" name="token" value="' . $_token . '">';
echo '<input type="hidden" name="domain" value="' . $_domain . '">';
echo 'WARNING: This can not be undone, you will need to add your pod again if you want back on list: <input type="submit" name="submit" value="delete">';
echo '</form><br><br><br>';
// Forms.
?>
Authorized to edit <b><?php echo $_domain; ?></b> until <?php echo $row['tokenexpire']; ?><br>
<form action="edit.php" method="get">
<input type="hidden" name="domain" value="<?php echo $_domain; ?>">
<input type="hidden" name="token" value="<?php echo $_token; ?>">
<label>Stats Key <input type="text" size="50" name="stats_apikey" value="<?php echo $row['stats_apikey']; ?>">Uptimerobot API key for this monitor</label><br>
<label>Email <input type="text" size="20" name="email" value="<?php echo $row['email']; ?>"></label><br>
<label>Terms Link <input type="text" size="20" name="terms" value="<?php echo $row['terms']; ?>"></label><br>
<label>Weight <input type="text" size="2" name="weight" value="<?php echo $row['weight']; ?>"> This lets you weight your pod lower on the list if you have too much traffic coming in, 10 is the norm use lower to move down the list.</label><br>
<input type="submit" name="action" value="save">
</form>
<br>
<br>
<br>
<form action="edit.php" method="get">
<input type="hidden" name="domain" value="<?php echo $_domain; ?>">
<input type="hidden" name="token" value="<?php echo $_token; ?>">
WARNING: This can not be undone, you will need to add your pod again if you want back on list: <input type="submit" name="action" value="delete">
</form>
<?php
}
<?php
$systemTimeZone = exec('date +%Z');
// Required parameters.
($_domain = $_POST['domain'] ?? null) || die('no pod domain given');
......@@ -20,33 +19,37 @@ $rows = pg_num_rows($result);
$rows > 0 || die('domain not found');
while ($row = pg_fetch_array($result)) {
if ($_email) {
$row['email'] === $_email || die('email not a match');
// Set up common variables.
$uuid = md5(uniqid($_domain, true));
$link = sprintf('https://%1$s/db/edit.php?domain=%2$s&token=%3$s', $_SERVER['HTTP_HOST'], $_domain, $uuid);
$headers = ['From: ' . $adminemail];
$message_lines = [];
$uuid = md5(uniqid($_domain, true));
$expire = date('Y-m-d H:i:s', time() + 2700);
$sql = 'UPDATE pods SET token = $1, tokenexpire = $2 WHERE domain = $3';
$result = pg_query_params($dbh, $sql, [$uuid, $expire, $_domain]);
$result || die('Error in SQL query: ' . pg_last_error());
if ($_email) {
$row['email'] === $_email || die('email mismatch');
$to = $_email;
$subject = 'Temporary edit key for ' . $_SERVER['HTTP_HOST'];
$message = 'Link: https://' . $_SERVER['HTTP_HOST'] . '/db/edit.php?domain=' . $_domain . '&token=' . $uuid . ' Expires: ' . $expire . ' ' . $systemTimeZone . "\n\n";
$headers = "From: " . $adminemail . "\r\nBcc: " . $adminemail . "\r\n";
@mail($to, $subject, $message, $headers);
echo 'Link sent to your email';
$to = $_email;
$subject = 'Temporary edit key for ' . $_SERVER['HTTP_HOST'];
$headers[] = 'Bcc: ' . $adminemail;
$expire = time() + 2700;
$output = 'Link sent to your email';
} else {
$uuid = md5(uniqid($_domain, true));
$expire = date('Y-m-d H:i:s', time() + 9700);
$to = $adminemail;
$subject = 'FORWARD REQUEST: Temporary edit key for ' . $_SERVER['HTTP_HOST'];
$message_lines[] = 'User trying to edit pod without email address.';
$message_lines[] = 'Email found: ' . $row['email'];
$expire = time() + 9700;
$output = 'Link sent to administrator to review and verify, if approved they will forward the edit key to you.';
}
$sql = 'UPDATE pods SET token = $1, tokenexpire = $2 WHERE domain = $3';
$result = pg_query_params($dbh, $sql, [$uuid, $expire, $_domain]);
$result = pg_query_params($dbh, $sql, [$uuid, date('Y-m-d H:i:s', $expire), $_domain]);
$result || die('Error in SQL query: ' . pg_last_error());
$to = $adminemail;
$subject = 'FORWARD REQUEST: Temporary edit key for ' . $_SERVER['HTTP_HOST'];
$message = 'User trying to edit pod without email address. Email found: ' . $row['email'] . ' Link: https://' . $_SERVER['HTTP_HOST'] . '/db/edit.php?domain=' . $_domain . '&token=' . $uuid . ' Expires: ' . $expire . ' ' . $systemTimeZone . "\n\n";
$headers = "From: " . $adminemail . "\r\nBcc: " . $adminemail . "\r\n";
@mail($to, $subject, $message, $headers);
echo 'Link sent to administrator to review and verify, if approved they will forward the edit key to you.';
}
$message_lines[] = 'Link: ' . $link;
$message_lines[] = 'Expires: ' . date('Y-m-d H:i:s T', $expire);
@mail($to, $subject, implode("\r\n", $message_lines), implode("\r\n", $headers));
echo $output;
}
......@@ -3,6 +3,7 @@
// Required parameters.
($_domain = $_POST['domain'] ?? null) || die('no pod domain given');
($_adminkey = $_POST['adminkey'] ?? null) || die('no admin key given');
$adminkey === $_adminkey || die('admin key mismatch');
($_action = $_POST['action'] ?? null) || die('no action selected');
// Other parameters.
......@@ -18,28 +19,27 @@ $result = pg_query_params($dbh, $sql, [$_domain]);
$result || die('one Error in SQL query: ' . pg_last_error());
while ($row = pg_fetch_array($result)) {
$adminkey === $_adminkey || die('admin key mismatch');
$email = $row['email'] ?? null;
//save and exit
if ($_action === 'delete') {
$sql = 'DELETE FROM pods WHERE domain = $1';
$result = pg_query_params($dbh, $sql, [$_domain]);
$result || die('two Error in SQL query: ' . pg_last_error());
$sql = 'DELETE FROM pods WHERE domain = $1';
$res_delete = pg_query_params($dbh, $sql, [$_domain]);
$res_delete || die('two Error in SQL query: ' . pg_last_error());
if ($row['email']) {
$to = $row['email'];
if ($email) {
$to = $email;
$headers = ['From: ' . $adminemail, 'Cc: ' . $adminemail];
$subject = 'Pod deleted from ' . $_SERVER['HTTP_HOST'];
$message = 'Pod ' . $_domain . ' was deleted from ' . $_SERVER['HTTP_HOST'] . ' as it was dead on the list. ' . $_comments . " Feel free to add back at any time. \n\n";
$headers = "From: " . $adminemail ."\r\nCc:" . $adminemail . "," . $row['email'] . "\r\n";
@mail($to, $subject, $message, $headers);
$message = 'Pod ' . $_domain . ' was deleted from ' . $_SERVER['HTTP_HOST'] . ' as it was dead on the list. ' . $_comments . ' Feel free to add back at any time.';
@mail($to, $subject, $message, implode("\r\n", $headers));
}
} elseif ($_action === 'warn') {
if ($row['email']) {
$to = $row['email'];
if ($email) {
$to = $email;
$headers = ['From: ' . $adminemail, 'Cc: ' . $adminemail];
$subject = 'Pod removal warning from ' . $_SERVER['HTTP_HOST'];
$message = 'Pod ' . $_domain . ' is on the list to be deleted now because: ' . $_comments . ". \n\n Please let me know if you need help fixing before it is removed. \n\n";
$headers = "From: " . $adminemail ."\r\nCc:" . $adminemail . "," . $row['email'] . "\r\n";
@mail($to, $subject, $message, $headers);
$message = 'Pod ' . $_domain . ' is on the list to be deleted now because: ' . $_comments . ".\r\nPlease let me know if you need help fixing before it is removed.";
@mail($to, $subject, $message, implode("\r\n", $headers));
}
}
......
......@@ -20,8 +20,16 @@ $result = pg_query_params($dbh, $sql, [$_domain, $_comment, $_rating, $_username
$result || die('Error in SQL query: ' . pg_last_error());
$to = $adminemail;
$headers = ['From: ' . $_email];
$subject = 'New rating added to poduptime ';
$message = 'Pod:' . $_domain . $_domain . $_username . $_userurl . $_comment . $_rating . "\n\n";
$headers = 'From: ' . $_email . "\r\n";
@mail($to, $subject, $message, $headers);
$message_lines = [
'Pod: ' . $_domain,
'Username: ' . $_username,
'User URL: ' . $_userurl,
'Comment: ' . $_comment,
'Rating:' . $_rating,
];
@mail($to, $subject, implode("\r\n", $message_lines), implode("\r\n", $headers));
echo 'Comment posted!';
......@@ -3,7 +3,7 @@ Want your pod listed?<br>
Its easy start monitoring on your pod with a free <a href="https://uptimerobot.com" target="_blank">Uptime Robot</a> account.<br>
Create a monitor for your pod, then in "My Settings" create a monitor-specific API key and paste below.<br>
<br>
<form action="https://<?php echo $_SERVER['HTTP_HOST'] ?>/db/add.php" method="post">
<form action="db/add.php" method="post">
<label>Monitor API Key: <input type="text" name="stats_apikey" class="xlarge span8" placeholder="m58978-80abdb799f6ccf15e3e4ttwe"> (don't copy the period on the end)</label><br>
<label>Pod Domain Name: <input type="text" name="domain" class="xlarge span4" placeholder="domain.com"></label><br>
<label>Pod Terms Link: <input type="text" name="terms" class="xlarge span4" value="/terms" placeholder="/terms"></label><br>
......
<form action="https://<?php echo $_SERVER['HTTP_HOST'] ?>/db/gettoken.php" method="post">
<form action="db/gettoken.php" method="post">
<label>Pod Domain Name: <input type="text" name="domain"></label>
<label>Registered Email: <input type="text" name="email" placeholder="Ok to leave blank if you forgot"></label>
<input type="submit" value="send">
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment