diff --git a/pin.run b/pin.run
index 556deb0..636fc77 100755
--- a/pin.run
+++ b/pin.run
@@ -10,6 +10,8 @@ locale.setlocale(locale.LC_TIME, "de_DE.utf8")
origin_url = "https://augustiner-kantorei.de/pinnwand"
database = "db.cfg"
+MAX_DATABASEFILESIZE= 100 * 1024 * 1024 # 100 MiB
+MAX_ARGUMENTLENGTH = 200 # characters
def get_arguments():
"""Wrapper for cgi-environment.
@@ -26,13 +28,13 @@ def get_arguments():
args = get_arguments()
oversize=False
-if os.path.getsize(database) < 100 * 1024 * 1024:
+if os.path.getsize(database) < MAX_DATABASEFILESIZE:
# only add entries if file size does not exceed 100 MiB
if "ort" in args and "name" in args and "comment" in args:
# fail if input is too long
- if max(map(len, list(args[i] for i in args))) > 200:
+ if max(map(len, list(args[i] for i in args))) > MAX_ARGUMENTLENGTH:
# overlong input is a clear indication someone is fiddling with the interface
# this deserves no proper exit message
exit()
@@ -40,9 +42,6 @@ if os.path.getsize(database) < 100 * 1024 * 1024:
# add entry
try:
zeit = datetime.timestamp(datetime(int(args["year"]), int(args["month"]), int(args["day"]), int(args["hour"]), int(args["minute"])))
- except:
- exit()
- try:
with open(database, "a") as f:
f.write("\t".join(
[
@@ -54,7 +53,8 @@ if os.path.getsize(database) < 100 * 1024 * 1024:
]
))
f.write("\n")
- except Exception as e:
+ except:
+ # an exception here stems most likely from strange arguments and indicates fiddling. no mercy.
exit()
else:
oversize = True
@@ -192,9 +192,9 @@ else:
Zeitpunkt (Tag. Monat. Jahr Stunde:Minute)
- Treffpunkt
- Name
- Bemerkung
+ Treffpunkt
+ Name
+ Bemerkung
""")