Fixed secuity issue

tshrinivasan · Nov 9, 2018 · 8d99b4d · 8d99b4d
1 parent 540eb2b
commit 8d99b4d
Showing 1 changed file with 39 additions and 19 deletions.
diff --git a/mailer.py b/mailer.py
@@ -1,9 +1,11 @@
 """Mailer script."""
+
 import hashlib
 import sys
 import os
 import smtplib
 import urllib2
+from urlparse import urlparse
 from optparse import OptionParser
 from flask import Flask, request, redirect, url_for, render_template, session
 from email.MIMEMultipart import MIMEMultipart
@@ -12,6 +14,8 @@
 import time
 import datetime
 
+
+
 reload(sys)
 sys.setdefaultencoding("utf-8")
 
@@ -45,35 +49,51 @@ def mailer(email, file_url, file_name):
     timestamp = datetime.datetime.fromtimestamp(ts).strftime('%Y-%m-%d-%H-%M-%S')
 
 
-    fromaddr = "your_email"
+    fromaddr = "freetamilebooksteam@gmail.com"
     toaddr = email
-    password = "your_password"
+    password = "password here "
     msg = MIMEMultipart()
+    msg["Subject"] = "Ebook from FreeTamilEbooks.com"
     msg['From'] = fromaddr
     msg['To'] = toaddr
+#    msg['cc'] = "tshrinivasan@gmail.com"
     part = MIMEBase('application', 'octet-stream')
-    req = urllib2.Request(
+    parsed_uri = urlparse(file_url)
+    if parsed_uri.hostname == 'freetamilebooks.com':	
+
+        req = urllib2.Request(
         file_url,
         headers={
             'User-Agent':
             'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11'
         })
-    part.set_payload(urllib2.urlopen(req).read())
+
-    encoders.encode_base64(part)
+#    file_name = file_name.encode('utf-8')
-    part.add_header('Content-Disposition',
+
-                    "attachment; filename= %s" % file_name)
+#    file_name = "/tmp/" + timestamp + "-" + file_name
-    msg.attach(part)
+#    print file_name
-    server = smtplib.SMTP('smtp.gmail.com', 587)
+#    os.system(" wget -O " + file_name + "   "  + file_url)
-    server.starttls()
+
-    server.login(fromaddr, password)
+        part.set_payload(urllib2.urlopen(req).read())
-    text = msg.as_string()
+#    part.set_payload(open(file_name).read())
-    server.sendmail(fromaddr, toaddr, text)
+        encoders.encode_base64(part)
-    server.quit()
+        part.add_header('Content-Disposition',
-
+#                    "attachment; filename= %s" % os.path.basename(file_name))
-    log = open("logs/log.csv", "a")
+                     "attachment; filename= %s" % file_name)
-    log_content = timestamp +"," + email + "," + file_url +"," + file_name + "\n"
+        msg.attach(part)
-    log.write(log_content)
+        server = smtplib.SMTP('smtp.gmail.com', 587)
-    log.close()
+        server.ehlo()
+        server.starttls()
+        server.ehlo() 
+        server.login(fromaddr, password)
+        text = msg.as_string()
+        server.sendmail(fromaddr, toaddr, text)
+        server.quit()
+
+        log = open("/var/www/html/Send2Kindle/logs/log.csv", "a")
+        log_content = timestamp +"," + email + "," + file_url +"," + file_name + "\n"
+        log.write(log_content)
+        log.close()
 
 if __name__ == "__main__":
     parser = OptionParser()