initial commit

2026-03-20 00:31:01 +03:00 · 2020-07-31 14:50:57 +03:00
parent 7623cb3234
commit 6cccee95ca
16 changed files with 1720 additions and 0 deletions
--- a/static/admin.html
+++ b/static/admin.html
@@ -0,0 +1,156 @@
+<html>
+<head>
+<style type="text/css">
+.shadow{
+	display:none; 
+	position:absolute;
+	top:0;
+	left:0;
+	width:100%;
+	height:100%;
+}
+.midmsg{
+	position:fixed;
+	top:50%;
+	left:50%;
+	margin-left:auto;
+	margin-right:auto;
+}
+.C{text-align:center;}
+.R{text-align:right;}
+</style>
+<script src="/pass.js" type="text/javascript" language="javascript"></script>
+<script>
+var user="", passwd="", level="", url="";
+const CGI_PATH = "https://ishtar.sao.ru/cgi-bin/auth";
+function parseErr(txt){
+	$('msg').innerHTML = "ïÛÉÂËÁ!<p></p>" + txt.replace("\n", "<br>");
+	setTimeout(function(){$('msg').innerHTML = "";}, 3500);
+}
+function sendrequest(request, req_STR, onOK){
+	var timeout_id
+	request = new XMLHttpRequest();
+	request.open("POST", CGI_PATH, true);
+	request.setRequestHeader("Accept-Charset", "koi8-r");
+	request.overrideMimeType("multipart/form-data; charset=koi8-r");
+	request.setRequestHeader("Cookie", document.cookie); 
+	request.onreadystatechange=function(){
+		if (request.readyState == 4){
+			if (request.status == 200){
+				clearTimeout(timeout_id);
+				onOK(request);
+			}
+			else{
+				clearTimeout(timeout_id);
+				parseErr("ïÛÉÂËÁ ÐÅÒÅÄÁÞÉ ÚÁÐÒÏÓÁ. ðÏÐÒÏÂÕÊÔÅ ÅÝÅ ÒÁÚ.");
+			}
+		}
+	}
+	request.send(req_STR);
+	timeout_id = setTimeout(function(){parseErr("ôÁÊÍÁÕÔ ÐÅÒÅÄÁÞÉ ÚÁÐÒÏÓÁ. ðÏÐÒÏÂÕÊÔÅ ÅÝÅ ÒÁÚ.");}, 3000);
+}
+function run(){
+	var QS;
+	sendrequest(QS, "admin=lsusers", lsusers);
+}
+function lsusers(QS){
+	var ans = QS.responseText;  
+	var pars = ans.split("\n");
+	var i, l, s;
+	for(i=0, l=pars.length; i < l; i++){
+		s = pars[i].split(";");
+		if(pars[i].length < 2) continue;
+		if(s.length != 3){
+			parseErr(ans+"<br>str="+s);
+			return;
+		}
+		addUsersString(s);
+	}
+}
+function addUsersString(str){
+	var ulist = $('userlist');
+	var div = document.createElement('div');
+	ulist.appendChild(div);
+	var u = str[0];
+	div.innerHTML = "<span>"+u+"</span> <span>"+str[1]+"</span> <span>"+str[2]+"</span> "+
+		"<span onclick='delUser(\""+u+"\");'>delete</span> "+
+		"<span onclick='editUser(\""+u+"\",\""+str[1]+"\",\""+str[2]+"\");'>edit</span>";
+}
+function useradd(arg){
+	function pair(name){
+		var str = "<div class='R'>"+name+"<input type=text id="+
+			name+" onchange=\""+name+"=$('"+name+"').value;\""+
+			" onblur=\""+name+"=$('"+name+"').value;\" value='"+eval(name)+"'></div>" 
+		return str;
+	}
+	var div = document.createElement('div');
+	$("box").style.display = "block";
+	div.className = "midmsg";
+	$("box").appendChild(div);
+	div.innerHTML = "<div class='C'>äÏÂÁ×ÉÔØ/ÉÚÍÅÎÉÔØ ÐÏÌØÚÏ×ÁÔÅÌÑ</div>"+
+		pair("user")+pair("passwd")+pair("level")+pair("url")+
+		"<div class='C'><button onclick='addUser(\""+arg+"\");'>OK</button>"+
+		"<button onclick='cancelAdd();'>ïÔÍÅÎÁ</button></div>";
+}
+function chkAns(req, Msg){
+	if(req.responseText.length > 0)
+		parseErr(Msg);
+	else{
+		window.location.reload();
+	}
+}
+function addUser(arg){
+	var request;
+	function cantadd(req){
+		chkAns(req, "ÎÅ ÍÏÇÕ ÄÏÂÁ×ÉÔØ/ÒÅÄÁËÔÉÒÏ×ÁÔØ ÐÏÌØÚÏ×ÁÔÅÌÑ<br>"+req.responseText);
+	}
+	if(user==""){
+		parseErr("ïÔÓÕÔÓÔ×ÕÅÔ ÉÍÑ ÐÏÌØÚÏ×ÁÔÅÌÑ");
+		return;
+	}
+	if(passwd==""){
+		parseErr("îÅ ÚÁÄÁÎ ÐÁÒÏÌØ ÐÏÌØÚÏ×ÁÔÅÌÑ");
+		return;
+	}
+	if(level=="" || Number(level) < 0){
+		parseErr("îÅ ÚÁÄÁÎ ÉÌÉ ÚÁÄÁÎ ÎÅ×ÅÒÎÏ ÕÒÏ×ÅÎØ ÄÏÓÔÕÐÁ ÐÏÌØÚÏ×ÁÔÅÌÑ");
+		return;
+	}
+	if(url==""){
+		parseErr("îÅ ÚÁÄÁÎ ÁÄÒÅÓ ÄÏÓÔÕÐÎÙÈ ÐÏÌØÚÏ×ÁÔÅÌÀ ÒÅÓÕÒÓÏ× (ÉÌÉ \"/\", ÅÓÌÉ ÄÏÓÔÕÐÎÏ ×ÓÅ)");
+		return;
+	}
+	sendrequest(request,
+				"admin="+arg+"&user="+user+"&passwd="+passwd+"&level="+level+"&URL="+url,
+				cantadd);
+	user = passwd = level = url = ""; 
+}
+function cancelAdd(){
+	user = passwd = level = url = "";
+	$("box").innerHTML = "";
+	$("box").style.display = "none";
+}
+function delUser(username){
+	var request;
+	function cantdel(req){
+		chkAns(req, "ÎÅ ÍÏÇÕ ÕÄÁÌÉÔØ ÐÏÌØÚÏ×ÁÔÅÌÑ<br>"+req.responseText);
+	}
+	sendrequest(request, "admin=userdel&user="+username, cantdel);
+}
+function editUser(username, ulevl, uurl){
+	user = username; passwd = "";
+	level = ulevl; url = uurl;
+	useradd("usermod");
+}
+</script>
+<title>õÐÒÁ×ÌÅÎÉÅ ÐÏÌØÚÏ×ÁÔÅÌÑÍÉ</title>
+</head>
+<body onload="getcookie(CGI_PATH); run();">
+<div class="shadow" id="box"></div>
+<div id="inout" style="position: fixed; top: 10px; right: 10px; cursor: pointer; font-weight: bold;" onclick="inout();" >÷ÈÏÄ</div>
+<div onclick="useradd('useradd');">îÏ×ÙÊ ÐÏÌØÚÏ×ÁÔÅÌØ</div>
+<div id="userlist"></div>
+
+<div id="msg" style="margin-top: 15px; color: red;"></div>
+</body>
+</html>
--- a/static/auth.js
+++ b/static/auth.js
@@ -0,0 +1,71 @@
+auth = function(){
+	var wsKey = "";
+	function _ilogin(){
+		$("inout").innerHTML = "Log in";
+		$("inout").onclick = auth.login;
+	}
+	function _ilogout(){
+		$("shadow").style.display = "none";
+		$("inout").innerHTML = "Log out";
+		$("inout").onclick = auth.logout;
+	}
+	function _wsk(request){
+		var wsKey = request.responseText;
+		if(wsKey) console.log("Web key received: " + wsKey);
+	}
+	function reqAuth(request){
+		var txt = request.responseText;
+		dbg("received " + txt);
+		if(txt == "AuthOK"){ // cookies received
+			sendrequest("get/?getWSkey", _wsk);
+			_ilogout();
+		}else if(txt == "NeedAuth"){
+			_ilogin();
+		}else{
+			parseErr(txt);
+		}
+	}
+	function init1(){
+		sendrequest("auth/?check=1", reqAuth);
+		var l = document.createElement('a');
+		l.id = "inout";
+		l.href = "#";
+		var s1 = document.createElement('style');
+		s1.type = 'text/css';
+		s1.innerHTML = ".inout{position:absolute;top:0;right:0;background-color:green;"
+		document.body.appendChild(s1);
+		l.className = "inout";
+		document.body.appendChild(l);
+		var d = document.createElement('div');
+		d.id = "shadow";
+		var s = document.createElement('style');
+		s.type = 'text/css';
+		s.innerHTML = '.shadow{position:absolute;text-align:center;vertical-align:center;top:0;display:none;left:0;width:100%;height:100%;background-color:lightGrey;opacity:0.9;}';
+		document.body.appendChild(s);
+		d.innerHTML = "<div>Login:</div><div><input type=text id='login'></div><div>Password:</div><div><input type=password id='passwd'></div><button onclick='auth.send();'>OK</button>";
+		d.className = "shadow";
+		document.body.appendChild(d);
+	}
+	function login1(){
+		$("shadow").style.display = "block";
+	}
+	function logout1(){
+		sendrequest("auth/?LogOut=1", _ilogin);
+	}
+	function sendlogpass(){
+		$("shadow").style.display = "none";
+		var l = $("login").value, p = $("passwd").value;
+		if(!l || !p){
+			parseErr("give login and password");
+			return;
+		}
+		var str = "auth/?login=" + l + "&passwd=" + p;
+		sendrequest(str, reqAuth);
+	}
+	return{
+		init: init1,
+		login: login1,
+		logout: logout1,
+		send: sendlogpass
+	};
+}();
--- a/static/index.html
+++ b/static/index.html
@@ -0,0 +1,13 @@
+<html>
+<head>
+	<title>Index</title>
+	<script src="/static/requests.js" type="text/javascript" language="javascript"></script>
+	<script src="/static/auth.js" type="text/javascript" language="javascript"></script>
+</head>
+<body onload="auth.init();">
+<p>Text
+<p>More text
+<p>
+<div id="errmsg" style='background-color: red;'></div>
+</body>
+</html>
--- a/static/pass.html
+++ b/static/pass.html
@@ -0,0 +1,92 @@
+<html>
+<head>
+<title>á×ÔÏÒÉÚÁÃÉÑ</title>
+<script>
+const CGI_PATH = "https://ishtar.sao.ru/cgi-bin/auth";
+var URL=new Array(), RTN=null, reqnmbr=0;
+function $(id){ return document.getElementById(id);}
+function getargs(){
+	var QS = window.location.search.substring(1);
+	var pars = QS.split("&");
+	var i=0, s;
+	while((s=pars[i++])){
+		if(s.indexOf('URL') == 0){
+			s = s.split('=');
+			URL[URL.length] = s[1];
+		}
+		else if(s.indexOf('RTN') == 0){
+			s = s.split('=');
+			RTN = s[1];
+		}
+	}
+	if(URL.length == 0){alert("ïÔÓÕÔÓÔ×ÕÅÔ URL ÄÌÑ Á×ÔÏÒÉÚÁÃÉÉ"); return;}
+	if(RTN == null) RTN = URL[0];
+}
+function sendrequest(req_STR, onOK){
+	var request = new XMLHttpRequest(), timeout_id;
+	request.open("POST", CGI_PATH, true);
+	request.setRequestHeader("Accept-Charset", "koi8-r");
+	request.overrideMimeType("multipart/form-data; charset=koi8-r"); 
+	request.onreadystatechange=function(){
+		if (request.readyState == 4){
+			if (request.status == 200){
+				clearTimeout(timeout_id);
+				if(onOK) onOK(request);
+			}
+			else{
+				clearTimeout(timeout_id);
+				parseErr("request sending error");
+			}
+		}
+	}
+	request.send(req_STR);
+	timeout_id = setTimeout(function(){request.onreadystatechange=null; request.abort(); parseErr("request timeout");}, 3000);
+}
+function subm(id){
+	var str, str1, i;
+	var login = $('login').value;
+	var pass = $('passwd').value;
+	if(login == "" || pass == ""){
+		if(id) $(id).focus();
+		return;
+	}
+	var str = "login=" + login + " passwd=" + pass;
+	for(i = 0; i < URL.length; i++){
+		str1 = str + " URL=" + URL[i];
+		sendrequest(str1);
+	}
+}
+function onOK(request){
+	var txt = request.responseText;
+	if(txt.indexOf("KEY") != 0){
+		parseErr(txt);
+		return;
+	}
+	var n = txt.indexOf('\n');
+	if(n) txt = txt.substring(0, n);
+	var d = new Date();
+	d.setTime(d.getTime() + 72e6); // ÓÒÏË ÄÅÊÓÔ×ÉÑ ËÕËÉ - 20 ÞÁÓÏ×
+	txt += "; expires="+d.toGMTString();
+	document.cookie = txt;
+	if(++reqnmbr == URL.length) document.location.href = RTN;
+}
+function parseErr(txt){
+	console.log("Error: " + txt);
+	$('msg').innerHTML = "Error: " + txt;
+	setTimeout(function(){$('msg').innerHTML = "";}, 3500);
+}
+
+</script>
+</head>
+<body onload="getargs();">
+<div align="center">
+<h2>ðÏÖÁÌÕÊÓÔÁ ××ÅÄÉÔÅ ÒÅÇÉÓÔÒÁÃÉÏÎÎÕÀ ÉÎÆÏÒÍÁÃÉÀ ÄÌÑ ÐÏÌÕÞÅÎÉÑ ÄÏÓÔÕÐÁ Ë ÓÅÒ×ÉÓÁÍ</h2>
+<div style="border: 1px solid; text-align: center; width: 200px; margin: 0 auto; padding: 5px;" id="pass">
+<div>éÍÑ:</div><div><input type=text id="login" onchange="subm('passwd');"></div>
+<div>ðÁÒÏÌØ:</div><div><input type=password id="passwd" onchange="subm('login');"></div><br>
+<div align=center><button onclick="subm();">OK</button></div>
+</div>
+<div id="msg" style="margin-top: 15px; color: red;"></div>
+</div>
+<body>
+</html>
--- a/static/pass.js
+++ b/static/pass.js
@@ -0,0 +1,56 @@
+// move this file to the root html directory
+// change const's EXURL & PASSURL
+var KEY;
+const PASSURL="https://ishtar.sao.ru/pass";
+const EXURL = "https://ishtar.sao.ru/cgi-bin/auth";
+function $(id){
+	return document.getElementById(id);
+}
+function checkcookie(){
+	var txt = document.cookie;
+	if(txt.length==0 || txt.indexOf('KEY')<0){
+		$("inout").innerHTML = "÷ÏÊÔÉ";
+		 return 0;
+	}
+	else{
+		$("inout").innerHTML = "÷ÙÊÔÉ";
+		return 1;
+	}
+}
+function getcookie(){
+/*	ÂÅÚ ÁÒÇÕÍÅÎÔÏ× - ÄÌÑ ÔÅËÕÝÅÊ ÓÔÒÁÎÉÃÙ,
+	ËÁÖÄÙÊ ÁÒÇÕÍÅÎÔ - ÄÏÐ. "ÐÅÞÅÎØËÁ"
+*/
+	var i, newurl = PASSURL+"?URL="+document.location.href;
+	for(i = 0; i < getcookie.arguments.length; i++)
+		newurl += "&URL=" + getcookie.arguments[i];
+	if(!checkcookie())
+		document.location.href = newurl;
+}
+function onEX(){
+	var d = new Date();
+	d.setTime(d.getTime() - 1000);
+	var str = "KEY=; expires="+d.toGMTString()+"; path="+document.location.pathname;
+	document.cookie = str;
+	window.location.reload();
+}
+function exit(){
+	var request = new XMLHttpRequest();
+	request.open("POST", EXURL, true);
+	request.setRequestHeader("Accept-Charset", "koi8-r");
+	request.setRequestHeader("Cookie", document.cookie);
+	request.overrideMimeType("multipart/form-data; charset=koi8-r"); 
+	request.onreadystatechange=function(){
+		if (request.readyState == 4){
+			if (request.status == 200){
+				onEX();
+			}
+			else alert("ïÛÉÂËÁ ÓÏÅÄÉÎÅÎÉÑ");
+		}
+	}
+	request.send("")
+}
+function inout(){
+	if(checkcookie()) exit();
+	else getcookie();
+}
--- a/static/requests.js
+++ b/static/requests.js
@@ -0,0 +1,43 @@
+const Debug = true;
+
+var elementsCache = {};
+function $(id) {
+    if (elementsCache[id] === undefined)
+        elementsCache[id] = document.getElementById(id);
+    return elementsCache[id];
+}
+
+function dbg(text){
+	if(Debug) console.log("Debug message: " + text);
+}
+
+function sendrequest(req_STR, onOK, postdata){
+	var request = new XMLHttpRequest(), timeout_id;
+	dbg("send request " + req_STR);
+	var method = postdata ? "POST" : "GET";
+	request.open(method, req_STR, true);
+	//request.setRequestHeader("Accept-Charset", "koi8-r");
+	//request.overrideMimeType("multipart/form-data; charset=koi8-r"); 
+	request.onreadystatechange=function(){
+		if(request.readyState == 4){
+			if(request.status == 200){
+				clearTimeout(timeout_id);
+				if(onOK) onOK(request);
+			}
+			else{
+				clearTimeout(timeout_id);
+				parseErr("request sending error");
+			}
+		}
+	}
+	request.send(postdata);
+	timeout_id = setTimeout(function(){request.onreadystatechange=null; request.abort(); parseErr("request timeout");}, 5000);
+}
+
+function parseErr(txt){
+	console.log("Error: " + txt);
+	var msgDiv = $('errmsg');
+	if(!msgDiv) return;
+	msgDiv.innerHTML = "Error: " + txt;
+	setTimeout(function(){msgDiv.innerHTML = "";}, 3500);
+}