1 (* COCANWIKI - a wiki written in Objective CAML.
2 * Written by Richard W.M. Jones <rich@merjis.com>.
3 * Copyright (C) 2004 Merjis Ltd.
4 * $Id: contact.ml,v 1.11 2006/05/09 11:36:16 rich Exp $
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; see the file COPYING. If not, write to
18 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
19 * Boston, MA 02111-1307, USA.
30 open Cocanwiki_template
33 let subj_rex = Pcre.regexp "\\$\\w+"
35 let run r (q : cgi) dbh hostid {hostname = hostname} user =
36 let template = get_template dbh hostid "contact.txt" in
39 error ~back_button:true ~title:"Bad form"
40 dbh hostid q (msg ^ " Please contact the owner of the site by email.");
44 (* Get the name field. *)
49 fail "The 'name' field is missing in that form." in
51 (* Get the contacts / emails from the database. *)
53 "select id, subject from contacts
54 where hostid = $hostid and name = $name" in
59 | [] -> fail "There is no such contact form in the database."
60 | _ -> assert false in
63 PGSQL(dbh) "select email from contact_emails where contactid = $id" in
66 fail "There are no email addresses associated with that contact id.";
68 (* Now process the strings passed as parameters to the script. Any
69 * parameter which starts with 'file' (eg. 'file0') is treated as a
70 * file upload automatically.
72 let names = List.map fst q#params in
74 if q#is_multipart then (
76 List.filter (fun str -> String.starts_with str "file") names in
78 List.filter (fun str -> str <> "id" &&
79 not (String.starts_with str "file")) names in
85 * Ignore repeat parameters. - Don't use these in forms.
87 let rec uniq = function
90 | x :: y :: xs when compare x y = 0 -> uniq (x :: xs)
91 | x :: y :: xs -> x :: uniq (y :: xs)
94 let names = uniq (List.sort compare names) in
95 let uploads = uniq (List.sort compare uploads) in
97 (* Some browsers send an empty file for empty uploads. Remove those. *)
99 let not_empty name = (q#upload name).upload_value <> "" in
100 List.filter not_empty uploads in
102 (* Substitute any $Field fields in the subject line. The substitution
103 * is very simple-minded.
106 let n = String.length pat in
107 assert (n > 0 && pat.[0] = '$');
108 let fieldname = String.sub pat 1 (n-1) in
109 if List.mem fieldname names then
114 let subject = Pcre.substitute ~rex:subj_rex ~subst subject in
116 (* Get the IP address for logging purposes. *)
118 try Connection.remote_ip (Request.connection r) with Not_found -> "" in
120 (* Get the User-Agent string. Consider in future rejecting spammers
121 * who don't set User-Agent.
124 try Table.get (Request.headers_in r) "User-Agent" with Not_found -> "" in
126 (* Get the user details, if any. *)
129 Anonymous -> "anonymous"
130 | User (userid, username, _, _) ->
131 sprintf "%s (%ld)" username userid in
133 template#set "ip" ip;
134 template#set "ua" ua;
135 template#set "username" username;
136 template#set "hostname" hostname;
138 (* Construct the table of names, values for the initial email. *)
139 let table = List.map (fun name ->
140 let value = q#param name in
141 [ "name", Template.VarString name;
142 "value", Template.VarString value ]) names in
143 template#table "names" table;
145 (* Any uploads to follow? *)
146 template#conditional "uploads" (uploads <> []);
147 template#set "nr_uploads" (string_of_int (List.length uploads));
149 (* Send the initial email. *)
150 let body = template#to_string in
151 Sendmail.send_mail ~subject ~to_addr:emails body;
153 (* Send the following uploads by email. *)
154 List.iter (fun name ->
155 let upload = q#upload name in
156 let subject = upload.upload_filename in
157 (* XXX This is insecure. *)
158 let content_type = upload.upload_content_type in
159 let body = upload.upload_value in
161 Sendmail.send_mail ~subject ~to_addr:emails ~content_type body)
165 ok ~title:"Thank you for your contact" ~buttons:[ok_button "/"]
166 dbh hostid q "An email was sent and you should receive a reply shortly."
169 register_script ~restrict:[CanView] run