Difference between revisions of "LSL HTTP server/examples/kellys stupid web status updater"

From Second Life Wiki
Jump to navigation Jump to search
Line 37: Line 37:
cgitb.enable()
cgitb.enable()


# This file needs to be readable and writable from this cgi
file_name = "my_url"
file_name = "my_url"


form = cgi.FieldStorage()
form = cgi.FieldStorage()
# If we have Message then this is a status update.
if (form.has_key("Message")):
if (form.has_key("Message")):
        # Redirect back to the form
         print "Status: 302 Moved"
         print "Status: 302 Moved"
         print "Location: http://www.myurl.com/path/to/form"
         print "Location: http://www.myurl.com/path/to/form"
         print
         print


        # Read in the url from the file
         f = open(file_name,'r')
         f = open(file_name,'r')
         base_url = f.read()
         base_url = f.read()
        # Build the complete url with query args.
         message = form["Message"].value
         message = form["Message"].value
         args = "?Message=%s" % urllib.quote(message)
         args = "?Message=%s" % urllib.quote(message)
        # Make the request, giving the status to the script.
         response = urllib2.urlopen(base_url + args)
         response = urllib2.urlopen(base_url + args)


# If we have URL then this is an URL update
if (form.has_key("URL")):
if (form.has_key("URL")):
         print form["URL"].value
         # Write the url to the file, overwriting the existing file.
         f = open(file_name,'w')
         f = open(file_name,'w')
         f.write(form["URL"].value)
         f.write(form["URL"].value)
        # Let the caller know it worked.
         print "Content-Type: text/html"
         print "Content-Type: text/html"
         print
         print

Revision as of 12:18, 21 July 2009

What

This is a dead stupid, insecure and simple system that will update the floating text above a prim according to what is entered in the web form. Uses html forms, python and LSL.

index.html

A simple webform that sends the input to our cgi. <html4strict><html>

  <body>
        


<form ACTION="cgi-bin/post.cgi" METHOD="GET"> <textarea name="Message" rows="5" cols="40" onfocus="this.value=; this.onfocus=null;">Enter your status update here.</textarea>

<INPUT TYPE="submit" title="FOO"> </form>

  <body>

</html></html4strict>

post.cgi

A simple CGI that takes GETs and looks for two parameters:

  • URL: if found will write the value to a file
  • Message: if found will read from the file and send the contents to the url in the file

Bugs:

  • Entering no text in the form will cause the cgi to error.

Errata:

  • This is probably really insecure.
  • You need to create the file 'my_url' (or whatever you set file_name as) in your cgi-bin directory.
  • That file needs to be readable and writable by your cgi. Depending on your setup something like this might work:
touch my_url
chmod 600 my_url
  • You may need to be more permissive depending on your server configuration, but this worked on my shared hosting system.

<python>

  1. !/usr/bin/python

import cgi, urllib2, urllib import cgitb cgitb.enable()

  1. This file needs to be readable and writable from this cgi

file_name = "my_url"

form = cgi.FieldStorage()

  1. If we have Message then this is a status update.

if (form.has_key("Message")):

       # Redirect back to the form
       print "Status: 302 Moved"
       print "Location: http://www.myurl.com/path/to/form"
       print
       # Read in the url from the file
       f = open(file_name,'r')
       base_url = f.read()
       # Build the complete url with query args.
       message = form["Message"].value
       args = "?Message=%s" % urllib.quote(message)
       # Make the request, giving the status to the script.
       response = urllib2.urlopen(base_url + args)
  1. If we have URL then this is an URL update

if (form.has_key("URL")):

       # Write the url to the file, overwriting the existing file.
       f = open(file_name,'w')
       f.write(form["URL"].value)
       # Let the caller know it worked.
       print "Content-Type: text/html"
       print
       print "OK"

</python>

status.lsl

<lsl> // Set this to whatever text you want above your status string header = "My Status:\n"; // This is the url to the post.cgi from above string updater_url = "http://mywebsite.com/cgi-bin/post.cgi";

// The magic changed flags to know when to re-request an url // CHANGED_REGION | CHANGED_REGION_START | CHANGED_TELEPORT integer CHANGED_URL = 1792;

// Setup run anytime we think our url has been lost. setup() {

   llSetObjectName("HTTP Server: Status Updates");
   llRequestURL();

}

// Debug incoming requests to see all header information. debug(key id, string method, string body) {

   llOwnerSay(method + ": " + body);
   list headers = ["x-script-url","x-path-info","x-query-string","x-remote-ip","user-agent"];
   integer i;
   for (i=0;i<5;++i)
   {
       llOwnerSay(llList2String(headers,i) + ": " + llGetHTTPHeader(id,llList2String(headers,i)));
   }

}

default {

   // These events mean we need to run setup()
   state_entry() { setup(); }
   on_rez(integer n) { setup(); }
   changed(integer c) { if (c & (CHANGED_URL) ) setup(); }

   http_request(key id, string method, string body)
   {
       // debug(id, method, body);
       
       if (method == URL_REQUEST_GRANTED)
       {
           // Register our url for new status updates.
           llHTTPRequest(updater_url + "?URL=" + body + "/",[],"");
       }
       else if (method == URL_REQUEST_DENIED)
       {
           // Might be good to have this email.
           llSay(0, "Something went wrong, no url. " + body);
       }
       else if (method == "GET")
       {
           // Process a status update by parsing the query string
           string t = llGetHTTPHeader(id,"x-query-string");
           list l = llParseString2List(t,["?","=","&"],[]);
           // We want the value after Message
           integer i = llListFindList(l,["Message"]) + 1;
           // If there was no Message argument then i = (-1) + 1 => 0.
           // As long as i > 0 we found Message so put up whatever came next as the status.
           if (i > 0)
           {
               llSetText(header + llUnescapeURL(llList2String(l,i)),<1,1,0>,1);
               llHTTPResponse(id,200,"OK");
           }
           else
           {
               llHTTPResponse(id,400,"Must Specify a message!");
           }
       }
       else
       {
           llHTTPResponse(id,405,"Method unsupported");
       }
   }

} </lsl>