Initial Commit

Put this under git so people can change it instead of complaining about it [SZM]

Initial Commit
Put this under git so people can change it instead of complaining about it [SZM]
d7edc692 · root · d7edc692 · d7edc692 · d7edc692 · d7edc692
Commit d7edc692 authored 11 years ago by root
--- a/.gitignore
+++ b/.gitignore
+*.db
+*~
--- a/README.md
+++ b/README.md
+GMS registration form 
+
+Features:
+ - Totally independent of whatever the convoluted framework people want to use for MemberDB (insert year here) is
+   - Therefore can be reused regardless of how many incomplete versions of MemberDB people make
+ - Isn't the scanned, hand written, pdf form we have used for the last X years
+ - Doesn't use a text file like all our other online forms
+
+Flaws:
+ - Don't care about validation much
+ - Don't care about user friendliness much
+ - Would probably break, if we had like, more than 200 people use it at the same time, cos that's going to happen
+ - Makes wheel members go all glazy eyed and talk about frameworks
+ 
--- a/form.html
+++ b/form.html
+<html>
+	<head><title>UCC Membership Registration</title></head>
+	<body>
+		<h1>UCC Membership Registration</h1>
+		<p> Fill out the following information, then pay us money.</p> 
+
+		<form action="index.cgi" method="post">
+			<table>
+				<tr><td>Realname (First Last)</td><td><input type="text" name="real_name"></td></tr>
+				<tr><td>Username (lowercase)</td><td><input type="text" name="username"></td></tr>
+				<tr><td>Email Address</td><td><input type="text" name="email_address"></td></tr>
+				<tr><td>Phone Number</td><td><input type="text" name="phone_number"></td></tr>
+				<tr><td>Student/Staff/DL Number</td><td><input type="text" name="student_no"></td></tr>
+				<tr><td>DOB (YYYY-MM-DD)</td><td><input type="text" name="date_of_birth"></td></tr>
+			</table>
+			<p>Gender:</p>
+			<table>
+				<tr><td>Female:</td><td><input type="radio" name="gender" value="female"></td> </tr>
+				<tr><td>Male:</td><td><input type="radio" name="gender" value="male"></td> </tr>
+				<tr><td>Other:</td><td><input type="radio" name="gender" value="other"></td> </tr>
+			</table>
+			<p>Address:</p>
+			<textarea rows="5" cols="50" name="address"></textarea>
+			<p></p>
+
+			<p>Membership Type</p>
+			<table>
+				<tr><td>Rejoining:</td><td><input type="radio" name="membership_type" value="Rejoining"></td> </tr>
+				<tr><td>New Member:</td><td><input type="radio" name="membership_type" value="New Member"></td> </tr>
+				<tr><td>Life Member:</td><td><input type="radio" name="membership_type" value="Life Member"></td> </tr>
+			</table>
+
+			<p>Membership Type II</p>
+			<table>
+				<tr><td>UWA Student, Guild</td><td><input type="radio" name="guild_member" value="guild"></td> </tr>
+				<tr><td>UWA Student, NON-Guild</td><td><input type="radio" name="guild_member" value="student_noguild"></td></tr>
+				<tr><td>UWA Staff, Guild</td><td><input type="radio" name="guild_member" value="staff_guild"</td></tr>
+				<tr><td>CASSA/ComSSA Member</td><td><input type="radio" name="guild_member" value="friend club"></td></tr>
+				<tr><td>None of the above</td><td><input type="radio" name="guild_member" value="none" checked="yes"></td></tr>
+			</table>
+
+			<p> Anti-spam: What animal is on the banner in the UCC clubroom? <input type="text" name="secret"></p>
+			<p> <b>I agree to abide by the UCC's constitution, rulings of the UCC Committee and network usage guidelines</b> <input type="checkbox" name="agree" value="yes"></p>
+			<input type="submit" value="Submit"> <input type="reset">	
+
+		</form>
+	</body>
+</html>
--- a/index.cgi
+++ b/index.cgi
+#!/usr/bin/python
+
+import sys
+import os
+import sqlite3
+import cgi
+import smtplib
+from email.mime.text import MIMEText
+import datetime
+
+# Create database pending.db read/writable by www-data
+# $ sqlite3 pending.dp
+# sqlite> CREATE TABLE member(real_name, username, address, membership_type, guild_member, phone_number, email_address, student_no, date_of_birth, gender, signed_up, paid);
+# Get rid of database by DROP TABLE or deleting the file
+
+
+target_email = "exec@ucc.asn.au" # Who will be notified
+secret_answers = ["Tux","tux","TUX","Penguin","penguin","PENGUIN"]
+def print_form(name):
+	""" Print the form """
+	f = open(name,"r")
+	for line in f.readlines():
+		print(line)
+	f.close()
+
+if __name__ == "__main__":
+	""" Do the shit """
+	con = sqlite3.connect("pending.db")
+	c = con.cursor()
+
+	# Values we expect
+	values = {
+		"real_name" : "",
+		"username" : "",
+		"address" : "",
+		"membership_type" : "",
+		"guild_member" : False,
+		"phone_number" : "",
+		"email_address" : "",
+		"student_no" : "",
+		"date_of_birth" : "",
+		"gender" : "",
+	}
+
+	form = cgi.FieldStorage()
+	# No values? Print the form
+	if len(form.keys()) <= 0:
+		print("Content-type: text/html\n")
+		print_form("form.html")
+		sys.exit(0)
+
+	# Check we have all the values
+	for k in values.keys():
+		if k not in form:
+			print("Content-type: text/html\n")
+			print("<p><b>Missing value for %s</b></p>" %k)
+			print_form("form.html")
+			sys.exit(0)	
+		values[k] = form[k].value
+
+	# Sanity checks!
+
+	# Check secret question
+	if form["secret"].value not in secret_answers: 
+		print("content-type: text/html\n")
+		print("<p><b>Incorrect or missing secret answer</b></p>")
+		print_form("form.html")
+		sys.exit(0)
+
+	# Check user aggress
+	if "agree" not in form or form["agree"].value not in ["yes"]:
+		print("content-type: text/html\n")
+		print("<p><b>You must agree to abide by the UCC's constitution, rulings of the UCC Committee and network usage guildlines</b></p>")
+		print_form("form.html")
+		sys.exit(0)
+	
+	# Check user isn't already in database
+	c.execute("SELECT * FROM member WHERE username=?", (values["username"],))
+	if len(c.fetchall()) > 0:
+		print("Status:400\n")
+		print("User already registered")
+		print("If you registered *last* year but not this year, poke committee@ucc.asn.au to reset the database.")
+		sys.exit(0)
+
+	# Check email isn't already in database
+	c.execute("SELECT * FROM member WHERE email_address=?", (values["email_address"],))
+	if len(c.fetchall()) > 0:
+		print("Status:400\n")
+		print("Email already registered.\n")
+		print("If you registered *last* year but not this year, poke committee@ucc.asn.au to reset the database.")
+		sys.exit(0)
+
+	# Sanity checks complete; set other values
+	values.update({"signed_up" : datetime.datetime.now()})
+	values.update({"paid" : "No"})
+
+	# Produce emails
+	generic = "The following information was registered for UCC Membership:\n\n"
+	hidden_fields = ["phone_number", "date_of_birth", "student_no", "address"] # Don't email these fields
+	for k in values.keys():
+		if k not in hidden_fields:
+			generic += "%s: %s\n" % (k, values[k])
+		else:
+			generic += "%s: <hidden>\n" % k
+
+	userMsg = "Dear %s\n\n" % values["real_name"].split(" ")[0]
+	userMsg += generic + "\n\n"
+	userMsg += "Payment details:\n"
+	userMsg += "Bank: Westpac Bank\nAccount: The University Computer Club\nAccount Number: 285739\nBSB: 036054\nDescription: %s\n\nOr via dispense." % values["username"]
+	userMsg += "If this is incorrect, please contact %s\n\n" % target_email 
+	userMsg += "Warm regards,\n%s" % sys.argv[0]
+
+	execMsg = "Dear Wizengamot,\n\n"
+	execMsg += generic + "\n\n"
+
+
+	execMsg += "On motsugo run the next line to see all the fields:\n"
+	execMsg += "echo \"SELECT * FROM member WHERE email_address = \'%s\';\" | sqlite3 /services/gms/register/pending.db\n\n" % values["email_address"]
+	execMsg += "Once you are satisfied payment has been made, please add these details to MemberDB at:\n https://secure.ucc.asn.au/members\n"
+	execMsg += "If there are any problems contact wheel@ucc.asn.au\n\n"
+
+
+	execMsg += "Warm regards,\n%s" % sys.argv[0]
+	# Send emails
+
+	userMsg = MIMEText(userMsg)
+	execMsg = MIMEText(execMsg)
+	emails = [values["email_address"], target_email] 
+	for i,msg in enumerate([userMsg, execMsg]):
+		msg["Subject"] = "UCC Member Registration"
+		msg["From"] = "exec@ucc.asn.au"
+		msg["To"] = emails[i]
+		s = smtplib.SMTP("localhost")
+		s.sendmail(msg["From"], [msg["To"]], msg.as_string())
+		s.quit()
+
+	# Tell them what happened.
+	print("Content-type: text/plain\n")
+	print("You should receive the following email shortly:\n\n")
+	print(userMsg)	
+
+	# Do the thing
+	c.execute("INSERT INTO member("+",".join(values.keys())+") VALUES("+",".join(["?" for _ in xrange(len(values.keys()))])+")", [values[k] for k in values.keys()])
+	con.commit()
+	con.close()
+
+	sys.exit(0)
+	
+	
+
+