monotreme.org/scripts/user_panel.cgi
2024-10-29 14:58:14 -04:00

67 lines
2.7 KiB
Python

#!/usr/bin/python3
import sqlite3
import os
import http.cookies
import time
print("Content-Type: text/html")
print()
# Ensure the session_id is properly parsed
cookie = http.cookies.SimpleCookie(os.environ.get('HTTP_COOKIE', ''))
session_id = cookie.get('session_id')
if session_id:
session_id = session_id.value
# Connect to SQLite and check the session
db = sqlite3.connect('/var/lib/monotreme/data/monotreme.db')
cursor = db.cursor()
# Check if the session exists and is still valid
cursor.execute("SELECT username FROM sessions WHERE session_id=? AND expires_at > ?", (session_id, int(time.time())))
result = cursor.fetchone()
if result:
username = result[0]
print(f"<h1>Welcome, {username}!</h1>")
print("<p>This is your user panel.</p>")
print("<p>This page contains a couple things once I figure out how databases work.</p>")
print("<p>Click <a href='/cgi-bin/logout.cgi'>here</a> to logout.</p>")
# Fetch and display profile info
cursor.execute("SELECT email, date_joined, last_login FROM users WHERE username=?", (username,))
profile_info = cursor.fetchone()
if profile_info:
email, date_joined, last_login = profile_info
print(f"<p>Email: {email}</p>")
print(f"<p>Date Joined: {date_joined}</p>")
print(f"<p>Last Login: {last_login}</p>")
# Fetch and display recent activity
cursor.execute("SELECT action, timestamp FROM activity_log WHERE username=? ORDER BY timestamp DESC LIMIT 5", (username,))
recent_activity = cursor.fetchall()
print("<h3>Recent Activity</h3>")
if recent_activity:
for action, timestamp in recent_activity:
time_str = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(timestamp))
print(f"<p>{action} at {time_str}</p>")
else:
print("<p>No recent activity</p>")
# Fetch and display notifications
cursor.execute("SELECT message, timestamp FROM notifications WHERE username=? AND read=0 ORDER BY timestamp DESC", (username,))
notifications = cursor.fetchall()
print("<h3>Notifications</h3>")
if notifications:
for message, timestamp in notifications:
time_str = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(timestamp))
print(f"<p>{message} at {time_str}</p>")
else:
print("<p>No new notifications</p>")
else:
print("<h1>Session expired or invalid!</h1>")
print("<a href='/login/'>Login again</a>")
else:
print("<h1>No session found!</h1>")
print("<a href='/login/'>Login again</a>")