diff --git a/Blogger/README.md b/Blogger/README.md index 33b2f09..2c958fe 100644 --- a/Blogger/README.md +++ b/Blogger/README.md @@ -6,6 +6,7 @@ Blackend for my blog at https://blog.iohub.dev ## Change logs ### v0.2.x-a +* Patch 7: Fix sendmail API security bug * Patch 6: Chage libraries load order * Patch 5: Add user photo to portfolio * Patch 4: Add package dependencies diff --git a/Blogger/api/sendmail.lua b/Blogger/api/sendmail.lua index 26e370b..6e8aab4 100644 --- a/Blogger/api/sendmail.lua +++ b/Blogger/api/sendmail.lua @@ -3,20 +3,28 @@ local data = ... -- print(data.content) local error_msg = {} local iserror = false -for k,v in pairs(data.to) do - print("sent to:"..v) - local to = v - local from = "From: mrsang@lxsang.me\n" - local suject = "Subject: " .. data.title .. "\n" - local content = data.content.."\n" - local cmd = 'echo "' .. utils.escape(from .. suject .. content) .. '"| sendmail ' .. to - --print(cmd) - local r = os.execute(cmd) - if not r then - iserror = true - table.insert(error_msg, v) - print("Unable to send mail to: "..v) +local tmp_name = "/tmp/"..os.time(os.date("!*t")) +local file = io.open (tmp_name , "w") +if file then + file:write("From: mrsang@lxsang.me\n") + file:write("Subject: " .. data.title .. "\n") + file:write( data.content.."\n") + file:close() + for k,v in pairs(data.to) do + print("sent to:"..v) + local to = v + local cmd = 'cat ' ..tmp_name .. '| sendmail ' .. to + --print(cmd) + local r = os.execute(cmd) + if not r then + iserror = true + table.insert(error_msg, v) + print("Unable to send mail to: "..v) + end end +else + iserror = true + table.insert(error_msg, "Cannot create mail file") end local result = {} result.error = iserror diff --git a/Blogger/build/debug/README.md b/Blogger/build/debug/README.md index 33b2f09..2c958fe 100644 --- a/Blogger/build/debug/README.md +++ b/Blogger/build/debug/README.md @@ -6,6 +6,7 @@ Blackend for my blog at https://blog.iohub.dev ## Change logs ### v0.2.x-a +* Patch 7: Fix sendmail API security bug * Patch 6: Chage libraries load order * Patch 5: Add user photo to portfolio * Patch 4: Add package dependencies diff --git a/Blogger/build/debug/package.json b/Blogger/build/debug/package.json index a1ad299..0531786 100644 --- a/Blogger/build/debug/package.json +++ b/Blogger/build/debug/package.json @@ -6,7 +6,7 @@ "author": "Xuan Sang LE", "email": "xsang.le@gmail.com" }, - "version":"0.2.6-a", + "version":"0.2.7-a", "category":"Internet", "iconclass":"fa fa-book", "dependencies": ["SimpleMDE@1.11.2-r","Katex@0.11.1-r"], diff --git a/Blogger/build/debug/sendmail.lua b/Blogger/build/debug/sendmail.lua index 26e370b..6e8aab4 100644 --- a/Blogger/build/debug/sendmail.lua +++ b/Blogger/build/debug/sendmail.lua @@ -3,20 +3,28 @@ local data = ... -- print(data.content) local error_msg = {} local iserror = false -for k,v in pairs(data.to) do - print("sent to:"..v) - local to = v - local from = "From: mrsang@lxsang.me\n" - local suject = "Subject: " .. data.title .. "\n" - local content = data.content.."\n" - local cmd = 'echo "' .. utils.escape(from .. suject .. content) .. '"| sendmail ' .. to - --print(cmd) - local r = os.execute(cmd) - if not r then - iserror = true - table.insert(error_msg, v) - print("Unable to send mail to: "..v) +local tmp_name = "/tmp/"..os.time(os.date("!*t")) +local file = io.open (tmp_name , "w") +if file then + file:write("From: mrsang@lxsang.me\n") + file:write("Subject: " .. data.title .. "\n") + file:write( data.content.."\n") + file:close() + for k,v in pairs(data.to) do + print("sent to:"..v) + local to = v + local cmd = 'cat ' ..tmp_name .. '| sendmail ' .. to + --print(cmd) + local r = os.execute(cmd) + if not r then + iserror = true + table.insert(error_msg, v) + print("Unable to send mail to: "..v) + end end +else + iserror = true + table.insert(error_msg, "Cannot create mail file") end local result = {} result.error = iserror diff --git a/Blogger/build/release/Blogger.zip b/Blogger/build/release/Blogger.zip index 07769d6..5571e96 100644 Binary files a/Blogger/build/release/Blogger.zip and b/Blogger/build/release/Blogger.zip differ diff --git a/Blogger/package.json b/Blogger/package.json index a1ad299..0531786 100644 --- a/Blogger/package.json +++ b/Blogger/package.json @@ -6,7 +6,7 @@ "author": "Xuan Sang LE", "email": "xsang.le@gmail.com" }, - "version":"0.2.6-a", + "version":"0.2.7-a", "category":"Internet", "iconclass":"fa fa-book", "dependencies": ["SimpleMDE@1.11.2-r","Katex@0.11.1-r"], diff --git a/packages.json b/packages.json index e6df81c..580e55c 100644 --- a/packages.json +++ b/packages.json @@ -55,7 +55,7 @@ "description": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/Blogger/README.md", "category": "Internet", "author": "Xuan Sang LE", - "version": "0.2.6-a", + "version": "0.2.7-a", "dependencies": ["SimpleMDE@1.11.2-r","Katex@0.11.1-r"],"mimes":["none"], "download": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/Blogger/build/release/Blogger.zip" }, @@ -129,26 +129,6 @@ "dependencies": [], "download": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/Katex/build/release/Katex.zip" }, - { - "pkgname": "libjpeg", - "name": "libjpeg", - "description": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/libjpeg/README.md", - "category": "Library", - "author": "", - "version": "0.1.1-a", - "dependencies": [], - "download": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/libjpeg/build/release/libjpeg.zip" - }, - { - "pkgname": "libwvnc", - "name": "libwvnc", - "description": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/libwvnc/README.md", - "category": "Library", - "author": "", - "version": "0.1.2-a", - "dependencies": ["libjpeg@0.1.1-a"], - "download": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/libwvnc/build/release/libwvnc.zip" - }, { "pkgname": "LuaPlayground", "name": "LuaPlayground", @@ -259,6 +239,26 @@ "dependencies": [], "download": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/VizApp/build/release/VizApp.zip" }, + { + "pkgname": "libjpeg", + "name": "libjpeg", + "description": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/libjpeg/README.md", + "category": "Library", + "author": "", + "version": "0.1.1-a", + "dependencies": [], + "download": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/libjpeg/build/release/libjpeg.zip" + }, + { + "pkgname": "libwvnc", + "name": "libwvnc", + "description": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/libwvnc/README.md", + "category": "Library", + "author": "", + "version": "0.1.2-a", + "dependencies": ["libjpeg@0.1.1-a"], + "download": "https://raw.githubusercontent.com/lxsang/antosdk-apps/master/libwvnc/build/release/libwvnc.zip" + }, { "pkgname": "vTerm", "name": "Virtual Terminal",