improve language handling and url-parameter sanitizing

This commit is contained in:
age 2006-09-01 23:04:17 +00:00
parent f4bf1c7a34
commit baafed8f38
6 changed files with 63 additions and 19 deletions

View file

@ -24,14 +24,15 @@ class CryptoBoxWebserverRender:
website.log.error("Couldn't read cs file: %s" % cs_path)
return "Couldn't read cs file: %s" % cs_path
hdf_path = website.cbxPrefs["Locations"]["LangDir"]+"/"+website.cbxPrefs["WebSettings"]["Language"]+".hdf"
#hdf_path = website.cbxPrefs["Locations"]["LangDir"]+"/"+website.cbxPrefs["WebSettings"]["Language"]+".hdf"
hdf_path = website.cbxPrefs["Locations"]["LangDir"]+"/"+website.settings["Settings.Language"]+".hdf"
if not os.access(hdf_path, os.R_OK):
website.log.error("Couldn't read hdf file: %s" % hdf_path)
return "Couldn't read hdf file: %s" % hdf_path
hdf = neo_util.HDF()
hdf.readFile(hdf_path)
#website.log.info(website.settings)
website.log.info(website.settings)
for key in website.settings.keys():
hdf.setValue(key,str(website.settings[key]))
cs = neo_cs.CS(hdf)

View file

@ -42,19 +42,40 @@ class CryptoBoxWebserverSites(CryptoBox.CryptoBoxProps, CryptoBoxWebserverSettin
# RFC: why shouldn't it be called in __init__? [l]
there is no such thing like __init__ in cherrypy sites [a]
'''
niceparams = { 'weblang': self.settings["Settings.AvailableLanguages"],
'loglevel': ('','info', 'warn', 'debug', 'error'),
'type': ('reboot', 'poweroff')
niceparams = {
'weblang': ["Settings.Language", self.settings["Settings.AvailableLanguages"]],
'loglevel': ["Log.Level", ('','info', 'warn', 'debug', 'error')],
'type': ["Data.Type", ('reboot', 'poweroff')]
}
## check all given evil parameters against the nice ones
## set them to self.settings if accepted, otherwise do nothing
for evilkey in evilparams.keys():
for nicekey in niceparams.keys():
if evilkey == nicekey:
#self.log.warn(niceparams[nicekey][0])
#self.log.warn(niceparams[nicekey][1])
if evilparams[nicekey] and evilparams[nicekey] in niceparams[nicekey][1]:
self.settings[niceparams[nicekey][0]] = evilparams[nicekey]
#self.log.warn(niceparams[nicekey][0])
#self.log.warn(evilparams[nicekey])
'''
## e.g. do this manually
if evilkey == "weblang":
if evilparams["weblang"] and evilparams["weblang"] in niceparams["weblang"]:
self.settings["Settings.Language"] = evilparams["weblang"]
if evilkey == "loglevel":
if evilparams["loglevel"] and evilparams["loglevel"] in niceparams["loglevel"]:
self.settings["Log.Level"] = evilparams["loglevel"]
if evilkey == "type":
if evilparams["type"] and evilparams["type"] in niceparams["type"]:
self.settings["Data.Type"] = evilparams["type"]
'''
return
def __isHDAvailable(self):
return False
def __check_config(self):
#TODO
@ -112,8 +133,9 @@ class CryptoBoxWebserverSites(CryptoBox.CryptoBoxProps, CryptoBoxWebserverSettin
TODO: "action" is unnessessary, remove it here and from all html
files in doc/html/[de|en]/*
'''
# RFC: sanitize?
self.__prepare("show_doc")
# TODO: single pagenames should be sanitized
self.__sanitize_input({"weblang":weblang})
if page:
self.settings["Data.Doc.Page"] = page
else:
@ -121,24 +143,26 @@ class CryptoBoxWebserverSites(CryptoBox.CryptoBoxProps, CryptoBoxWebserverSettin
self.settings["Data.Doc.Page"] ="CryptoBoxUser"
if len(self.settings["Settings.AvailableDocLanguages"]) < 1:
self.settings["Data.Error"] = "NoDocumentation"
## set doclang to weblang, otherwise the default lang from the config will be used
elif weblang in ("en","de"):
self.settings["Settings.DocLang"] = weblang
## set doclang to weblang, otherwise the default weblang from the config will be used for doclang
elif self.settings["Settings.Language"] in ("en","de"):
self.settings["Settings.DocLang"] = self.settings["Settings.Language"]
return website.render(self)
def system(self,typeOfShutdown=""):
def system(self, type="", weblang=""):
self.__prepare("form_system")
if typeOfShutdown == "reboot":
self.__sanitize_input({"type":type,"weblang":weblang})
if type == "reboot":
self.settings["Data.Success"] = "ReBoot"
self.settings["Data.Redirect.Action"] = "show_status"
self.settings["Data.Redirect.Delay"] = "180"
self.log.info("TODO: call function for system reboot")
elif typeOfShutdown == "poweroff":
elif type == "poweroff":
self.settings["Data.Success"] = "PowerOff"
self.log.info("TODO: call function for system shutdown")
else:
self.log.warn("someone tried to shutdown the system in a broken way (%s)" % typeOfShutdown)
self.log.warn("This shutdown-mode (%s) is not supplied." % type)
return website.render(self)
@ -146,7 +170,12 @@ class CryptoBoxWebserverSites(CryptoBox.CryptoBoxProps, CryptoBoxWebserverSettin
self.__prepare("show_status")
return website.render(self)
def umount_do(self):
if not __isHDAvailable():
pass
else:
pass
'''
## DONE: these functions are pythonized
#################### show_log #######################
@ -155,11 +184,6 @@ class CryptoBoxWebserverSites(CryptoBox.CryptoBoxProps, CryptoBoxWebserverSettin
##################### reboot ########################
## but there are even more TODO
##################### check for a harddisk ##########################
# catch this error, to prevent all following actions from execution #
#####################################################################
elif not True: #TODO: replace True with check for hard disk is_harddisk_available()
settings["Data.Error"] = "NoHardDisk"
#-------------------------------------------------------#
# here you may define all cases that require a harddisk #
#-------------------------------------------------------#

View file

@ -9,6 +9,8 @@ help!
- SuccessMessage.InitRunning contains only the first sentence
- SuccessMessage.ReBoot: add a hint for automatic redirection (3rd sentence)
- EmptyCryptoPassword: change 'Text' accordingly to English string.
- Button.System: is in eglish
- ErrorMessage.NoDocumentation: is in english
Below are some smaller changes in English sentences. Someone may change it accordingly.
- MountFailed: add 'Pleasy try again' to the end of the string.

View file

@ -211,6 +211,12 @@ Lang {
Title = Keine Festplatte
Text = Es wurde kein Datenträger gefunden, der zur Speicherung der verschlüsselten Daten geeignet ist. Prüfe bitte, ob beim Anschalten des Computers eine Festplatte vom BIOS erkannt wurde.
}
NoDocumentation {
Title = Keine Hilfeseiten
Text = Es sind keine Hilfeseiten verfügbar!
}
}
}

View file

@ -250,6 +250,11 @@ Lang {
Title = No hard disk
Text = No disk suitable for an encrypted filesystem found. Please ensure the BIOS detected the disk during power-on of the computer.
}
NoDocumentation {
Title = No Documentation
Text = There is no Documentation available!
}
}
}

View file

@ -55,6 +55,7 @@ Lang {
Protocol = Dnevnik
Documentation = Priročnik
Status = Stanje
System = System
}
@ -210,6 +211,11 @@ Lang {
Title = Ni trdega diska
Text = Primeren trdi disk za shranjenje kriptiranega datotečnega sistema ni zaznan. Poskrbite da bo med zagonom BIOS zaznal trdi disk.
}
NoDocumentation {
Title = No Documentation
Text = There is no Documentation available!
}
}
}