]> code.citadel.org Git - citadel.git/blob - webcit/webcit.c
49d52eccadf11718d1a6bd378b5df353fdb1ae1c
[citadel.git] / webcit / webcit.c
1 /*
2  * webcit.c
3  *
4  * This is the actual program called by the webserver.  It maintains a
5  * persistent session to the Citadel server, handling HTTP WebCit requests as
6  * they arrive and presenting a user interface.
7  *
8  * $Id$
9  */
10
11 #include <ctype.h>
12 #include <stdlib.h>
13 #include <unistd.h>
14 #include <stdio.h>
15 #include <fcntl.h>
16 #include <signal.h>
17 #include <sys/types.h>
18 #include <sys/wait.h>
19 #include <sys/socket.h>
20 #include <sys/time.h>
21 #include <sys/stat.h>
22 #include <limits.h>
23 #include <netinet/in.h>
24 #include <netdb.h>
25 #include <string.h>
26 #include <pwd.h>
27 #include <errno.h>
28 #include <stdarg.h>
29 #include <pthread.h>
30 #include <signal.h>
31 #include "webcit.h"
32 #include "mime_parser.h"
33
34 /*
35  * String to unset the cookie.
36  * Any date "in the past" will work, so I chose my birthday, right down to
37  * the exact minute.  :)
38  */
39 static char *unset = "; expires=28-May-1971 18:10:00 GMT";
40
41 void unescape_input(char *buf)
42 {
43         int a, b;
44         char hex[3];
45
46         while ((isspace(buf[strlen(buf) - 1])) && (strlen(buf) > 0))
47                 buf[strlen(buf) - 1] = 0;
48
49         for (a = 0; a < strlen(buf); ++a) {
50                 if (buf[a] == '+')
51                         buf[a] = ' ';
52                 if (buf[a] == '%') {
53                         hex[0] = buf[a + 1];
54                         hex[1] = buf[a + 2];
55                         hex[2] = 0;
56                         sscanf(hex, "%02x", &b);
57                         buf[a] = (char) b;
58                         strcpy(&buf[a + 1], &buf[a + 3]);
59                 }
60         }
61
62 }
63
64
65 void addurls(char *url)
66 {
67         char *up, *ptr;
68         char buf[256];
69         int a, b;
70         struct urlcontent *u;
71
72         up = url;
73         while (strlen(up) > 0) {
74
75                 /* locate the = sign */
76                 strncpy(buf, up, 255);
77                 b = (-1);
78                 for (a = 255; a >= 0; --a)
79                         if (buf[a] == '=')
80                                 b = a;
81                 if (b < 0)
82                         return;
83                 buf[b] = 0;
84
85                 u = (struct urlcontent *) malloc(sizeof(struct urlcontent));
86                 u->next = WC->urlstrings;
87                 WC->urlstrings = u;
88                 strcpy(u->url_key, buf);
89
90                 /* now chop that part off */
91                 for (a = 0; a <= b; ++a)
92                         ++up;
93
94                 /* locate the & sign */
95                 ptr = up;
96                 b = strlen(up);
97                 for (a = 0; a < strlen(up); ++a) {
98                         if (!strncmp(ptr, "&", 1)) {
99                                 b = a;
100                                 break;
101                         }
102                         ++ptr;
103                 }
104                 ptr = up;
105                 for (a = 0; a < b; ++a)
106                         ++ptr;
107                 strcpy(ptr, "");
108
109                 u->url_data = malloc(strlen(up) + 1);
110                 strcpy(u->url_data, up);
111                 u->url_data[b] = 0;
112                 unescape_input(u->url_data);
113                 up = ptr;
114                 ++up;
115         }
116 }
117
118 void free_urls(void)
119 {
120         struct urlcontent *u;
121
122         while (WC->urlstrings != NULL) {
123                 free(WC->urlstrings->url_data);
124                 u = WC->urlstrings->next;
125                 free(WC->urlstrings);
126                 WC->urlstrings = u;
127         }
128 }
129
130 /*
131  * Diagnostic function to display the contents of all variables
132  */
133 void dump_vars(void)
134 {
135         struct urlcontent *u;
136
137         for (u = WC->urlstrings; u != NULL; u = u->next) {
138                 wprintf("%38s = %s\n", u->url_key, u->url_data);
139         }
140 }
141
142 char *bstr(char *key)
143 {
144         struct urlcontent *u;
145
146         for (u = WC->urlstrings; u != NULL; u = u->next) {
147                 if (!strcasecmp(u->url_key, key))
148                         return (u->url_data);
149         }
150         return ("");
151 }
152
153
154 void wprintf(const char *format,...)
155 {
156         va_list arg_ptr;
157         char wbuf[1024];
158
159         va_start(arg_ptr, format);
160         vsprintf(wbuf, format, arg_ptr);
161         va_end(arg_ptr);
162
163         write(WC->http_sock, wbuf, strlen(wbuf));
164 }
165
166
167 /*
168  * wDumpContent() wraps up an HTTP session, closes tags, etc.
169  *
170  * print_standard_html_footer should be set to 0 to transmit only, 1 to
171  * append the main menu and closing tags, or 2 to
172  * append the closing tags only.
173  */
174 void wDumpContent(int print_standard_html_footer)
175 {
176         if (WC->fake_frames) {
177                 wprintf("</TABLE>\n");
178                 WC->fake_frames = 0;
179         }
180
181         if (print_standard_html_footer) {
182                 if (print_standard_html_footer != 2) {
183                         wprintf("<BR>");
184                 }
185                 wprintf("</BODY></HTML>\n");
186         }
187
188
189 }
190
191
192 /*
193  * Copy a string, escaping characters which have meaning in HTML.  If
194  * nbsp is nonzero, spaces are converted to non-breaking spaces.
195  */
196 void stresc(char *target, char *strbuf, int nbsp)
197 {
198         int a;
199         strcpy(target, "");
200
201         for (a = 0; a < strlen(strbuf); ++a) {
202                 if (strbuf[a] == '<')
203                         strcat(target, "&lt;");
204                 else if (strbuf[a] == '>')
205                         strcat(target, "&gt;");
206                 else if (strbuf[a] == '&')
207                         strcat(target, "&amp;");
208                 else if (strbuf[a] == '\"')
209                         strcat(target, "&quot;");
210                 else if (strbuf[a] == '\'') 
211                         strcat(target, "&#39;");
212                 else if (strbuf[a] == LB)
213                         strcat(target, "<");
214                 else if (strbuf[a] == RB)
215                         strcat(target, ">");
216                 else if (strbuf[a] == QU)
217                         strcat(target, "\"");
218                 else if ((strbuf[a] == 32) && (nbsp == 1)) {
219                         strcat(target, "&nbsp;");
220                 } else {
221                         strncat(target, &strbuf[a], 1);
222                 }
223         }
224 }
225
226 void escputs1(char *strbuf, int nbsp)
227 {
228         char buf[1024];
229         stresc(buf, strbuf, nbsp);
230         wprintf("%s", buf);
231 }
232
233 void escputs(char *strbuf)
234 {
235         escputs1(strbuf, 0);
236 }
237
238 /*
239  * Escape a string for feeding out as a URL.
240  * FIXME this is not threadsafe!
241  */
242 char *urlesc(char *strbuf)
243 {
244         int a, b, c;
245         char *ec = " #&;`'|*?-~<>^()[]{}$\\";
246         static char outbuf[1024];
247
248         strcpy(outbuf, "");
249
250         for (a = 0; a < strlen(strbuf); ++a) {
251                 c = 0;
252                 for (b = 0; b < strlen(ec); ++b) {
253                         if (strbuf[a] == ec[b])
254                                 c = 1;
255                 }
256                 b = strlen(outbuf);
257                 if (c == 1)
258                         sprintf(&outbuf[b], "%%%02x", strbuf[a]);
259                 else
260                         sprintf(&outbuf[b], "%c", strbuf[a]);
261         }
262         return (outbuf);
263 }
264
265 void urlescputs(char *strbuf)
266 {
267         wprintf("%s", urlesc(strbuf));
268 }
269
270
271
272
273 /*
274  * Output all that important stuff that the browser will want to see
275  *
276  * control codes:
277  * 
278  * Bits 0 and 1:
279  * 0 = Nothing.  Do not display any leading HTTP or HTML.
280  * 1 = HTTP headers plus the room banner
281  * 2 = HTTP headers required to terminate the session (unset cookies)
282  * 3 = HTTP and HTML headers, but no room banner
283  *
284  * Bit 2: Set to 1 to auto-refresh page every 30 seconds
285  *
286  * Bit 3: suppress check for express messages
287  */
288 void output_headers(int controlcode)
289 {
290         char cookie[256];
291         int print_standard_html_head = 0;
292         int refresh30 = 0;
293         int suppress_check = 0;
294         char httpnow[256];
295         static int pageseq = 0;
296
297         print_standard_html_head        =       controlcode & 0x03;
298         refresh30                       =       ((controlcode & 0x04) >> 2);
299         suppress_check                  =       ((controlcode & 0x08) >> 3);
300
301         wprintf("HTTP/1.0 200 OK\n");
302
303         httpdate(httpnow, time(NULL));
304
305         if (print_standard_html_head > 0) {
306                 wprintf("Content-type: text/html\n");
307                 wprintf("Server: %s\n", SERVER);
308                 wprintf("Connection: close\n");
309                 wprintf("Pragma: no-cache\n");
310                 wprintf("Cache-Control: no-store\n");
311         }
312         stuff_to_cookie(cookie, WC->wc_session, WC->wc_username,
313                         WC->wc_password, WC->wc_roomname);
314         if (print_standard_html_head == 2) {
315                 wprintf("Set-cookie: webcit=%s\n", unset);
316         } else {
317                 wprintf("Set-cookie: webcit=%s\n", cookie);
318         }
319
320         if (print_standard_html_head > 0) {
321                 wprintf("\n");
322                 wprintf("<HTML><HEAD><TITLE>");
323                 escputs(serv_info.serv_humannode);
324                 wprintf("</TITLE>\n"
325                         "<META HTTP-EQUIV=\"Expires\" CONTENT=\"0\">\n"
326                         "<META HTTP-EQUIV=\"Pragma\" CONTENT=\"no-cache\">\n"
327                         "<meta name=\"MSSmartTagsPreventParsing\" content=\"TRUE\">\n");
328                 if (refresh30) wprintf(
329                         "<META HTTP-EQUIV=\"refresh\" CONTENT=\"30\">\n");
330                 wprintf("</HEAD>\n");
331
332                 /* script for checking for pages (not always launched) */
333                 wprintf("<SCRIPT LANGUAGE=\"JavaScript\">\n");
334                 wprintf("function launch_page_popup() {\n");
335                 wprintf("pwin = window.open('/page_popup', 'CitaPage%d', "
336                         "'toolbar=no,location=no,copyhistory=no,status=no,"
337                         "scrollbars=yes,resizable=no,height=150,width=400');\n",
338                         ++pageseq);
339                 wprintf("}\n");
340                 wprintf("</SCRIPT>\n");
341                 /* end script */
342
343                 /* (JavaScript keyboard-based navigation would go here) */
344
345                 if (!suppress_check) if (WC->HaveExpressMessages) {
346                         svprintf("extrabodyparms", WCS_STRING, "%s", 
347                                 "onload=\"launch_page_popup()\" ");
348                         WC->HaveExpressMessages = 0;
349                 }
350                 do_template("background.html");
351                 clear_local_substs();
352
353         if (print_standard_html_head == 1) {
354                 wprintf("<A NAME=\"TheTop\"></A>");
355
356                 wprintf("<TABLE border=0 width=100%%><TR VALIGN=TOP>"
357                         "<TD>\n");
358
359                 embed_room_banner(NULL);
360
361                 wprintf("</TD></TR><TR VALIGN=TOP><TD>\n");
362                 
363                 WC->fake_frames = 1;
364                 }
365         }
366 }
367
368
369 /*
370  *
371  */
372 void http_redirect(char *whichpage) {
373         wprintf("HTTP/1.0 302 Moved Temporarily\n");
374         wprintf("Location: %s\n", whichpage);
375         wprintf("URI: %s\n", whichpage);
376         wprintf("Content-type: text/html\n\n");
377         wprintf("<html><body>\n");
378         wprintf("you really want to be <A HREF=\"%s\">here</A> now\n",
379                 whichpage);
380         wprintf("</body></html>\n");
381 }
382
383
384
385 void check_for_express_messages()
386 {
387         char buf[256];
388
389         serv_puts("NOOP");
390         serv_gets(buf);
391         if (buf[3] == '*') WC->HaveExpressMessages = 1;
392 }
393
394
395
396
397 void output_static(char *what)
398 {
399         char buf[4096];
400         FILE *fp;
401         struct stat statbuf;
402         off_t bytes;
403         char *bigbuffer;
404
405         sprintf(buf, "static/%s", what);
406         fp = fopen(buf, "rb");
407         if (fp == NULL) {
408                 wprintf("HTTP/1.0 404 %s\n", strerror(errno));
409                 wprintf("Content-Type: text/plain\n");
410                 wprintf("\n");
411                 wprintf("Cannot open %s: %s\n", what, strerror(errno));
412         } else {
413                 output_headers(0);
414
415                 if (!strncasecmp(&what[strlen(what) - 4], ".gif", 4))
416                         wprintf("Content-type: image/gif\n");
417                 else if (!strncasecmp(&what[strlen(what) - 4], ".txt", 4))
418                         wprintf("Content-type: text/plain\n");
419                 else if (!strncasecmp(&what[strlen(what) - 4], ".jpg", 4))
420                         wprintf("Content-type: image/jpeg\n");
421                 else if (!strncasecmp(&what[strlen(what) - 5], ".html", 5))
422                         wprintf("Content-type: text/html\n");
423                 else
424                         wprintf("Content-type: application/octet-stream\n");
425
426                 fstat(fileno(fp), &statbuf);
427                 bytes = statbuf.st_size;
428                 fprintf(stderr, "Static: %s, %ld bytes\n", what, bytes);
429                 wprintf("Content-length: %ld\n", (long) bytes);
430                 wprintf("\n");
431                 bigbuffer = malloc(bytes);
432                 fread(bigbuffer, bytes, 1, fp);
433                 fclose(fp);
434                 write(WC->http_sock, bigbuffer, bytes);
435                 free(bigbuffer);
436         }
437         if (!strcasecmp(bstr("force_close_session"), "yes")) {
438                 end_webcit_session();
439         }
440 }
441
442
443 /*
444  * When the browser requests an image file from the Citadel server,
445  * this function is called to transmit it.
446  */
447 void output_image()
448 {
449         char buf[256];
450         char xferbuf[4096];
451         off_t bytes;
452         off_t thisblock;
453         off_t accomplished = 0L;
454
455
456         serv_printf("OIMG %s|%s", bstr("name"), bstr("parm"));
457         serv_gets(buf);
458         if (buf[0] == '2') {
459                 bytes = extract_long(&buf[4], 0);
460                 output_headers(0);
461                 wprintf("Content-type: image/gif\n");
462                 wprintf("Content-length: %ld\n", (long) bytes);
463                 wprintf("\n");
464
465                 while (bytes > (off_t) 0) {
466                         thisblock = (off_t) sizeof(xferbuf);
467                         if (thisblock > bytes) {
468                                 thisblock = bytes;
469                         }
470                         serv_printf("READ %ld|%ld", accomplished, thisblock);
471                         serv_gets(buf);
472                         if (buf[0] == '6') {
473                                 thisblock = extract_long(&buf[4], 0);
474                                 serv_read(xferbuf, (int) thisblock);
475                         }
476                         else {
477                                 memset(xferbuf, 0, thisblock);
478                         }
479                         write(WC->http_sock, xferbuf, thisblock);
480                         bytes = bytes - thisblock;
481                         accomplished = accomplished + thisblock;
482                 }
483                 serv_puts("CLOS");
484                 serv_gets(buf);
485         } else {
486                 wprintf("HTTP/1.0 404 %s\n", &buf[4]);
487                 output_headers(0);
488                 wprintf("Content-Type: text/plain\n");
489                 wprintf("\n");
490                 wprintf("Error retrieving image: %s\n", &buf[4]);
491         }
492
493 }
494
495 /*
496  */
497 void output_mimepart()
498 {
499         char buf[256];
500         char xferbuf[4096];
501         off_t bytes;
502         off_t thisblock;
503         off_t accomplished = 0L;
504         char content_type[256];
505         
506         serv_printf("OPNA %s|%s", bstr("msgnum"), bstr("partnum"));
507         serv_gets(buf);
508         if (buf[0] == '2') {
509                 bytes = extract_long(&buf[4], 0);
510                 extract(content_type, &buf[4], 3);
511                 output_headers(0);
512                 wprintf("Content-type: %s\n", content_type);
513                 wprintf("Content-length: %ld\n", (long) bytes);
514                 wprintf("\n");
515
516                 while (bytes > (off_t) 0) {
517                         thisblock = (off_t) sizeof(xferbuf);
518                         if (thisblock > bytes) {
519                                 thisblock = bytes;
520                         }
521                         serv_printf("READ %ld|%ld", accomplished, thisblock);
522                         serv_gets(buf);
523                         if (buf[0] == '6') {
524                                 thisblock = extract_long(&buf[4], 0);
525                                 serv_read(xferbuf, (int) thisblock);
526                         }
527                         else {
528                                 memset(xferbuf, 0, thisblock);
529                         }
530                         write(WC->http_sock, xferbuf, thisblock);
531                         bytes = bytes - thisblock;
532                         accomplished = accomplished + thisblock;
533                 }
534                 serv_puts("CLOS");
535                 serv_gets(buf);
536         } else {
537                 wprintf("HTTP/1.0 404 %s\n", &buf[4]);
538                 output_headers(0);
539                 wprintf("Content-Type: text/plain\n");
540                 wprintf("\n");
541                 wprintf("Error retrieving part: %s\n", &buf[4]);
542         }
543
544 }
545
546
547 /*
548  * Convenience functions to display a page containing only a string
549  */
550 void convenience_page(char *titlebarcolor, char *titlebarmsg, char *messagetext)
551 {
552         wprintf("HTTP/1.0 200 OK\n");
553         output_headers(1);
554         wprintf("<TABLE WIDTH=100%% BORDER=0 BGCOLOR=%s><TR><TD>", titlebarcolor);
555         wprintf("<FONT SIZE=+1 COLOR=\"FFFFFF\"");
556         wprintf("<B>%s</B>\n", titlebarmsg);
557         wprintf("</FONT></TD></TR></TABLE><BR>\n");
558         escputs(messagetext);
559
560         wprintf("<HR>\n");
561         wDumpContent(1);
562 }
563
564
565 /*
566  * Display a blank page.
567  */
568 void blank_page(void) {
569         output_headers(7);
570         wDumpContent(2);
571 }
572
573
574 void display_error(char *errormessage)
575 {
576         convenience_page("770000", "Error", errormessage);
577 }
578
579 void display_success(char *successmessage)
580 {
581         convenience_page("007700", "OK", successmessage);
582 }
583
584
585
586 void extract_action(char *actbuf, char *cmdbuf)
587 {
588         int i;
589
590         strcpy(actbuf, cmdbuf);
591         if (!strncasecmp(actbuf, "GET /", 5))
592                 strcpy(actbuf, &actbuf[5]);
593         if (!strncasecmp(actbuf, "PUT /", 5))
594                 strcpy(actbuf, &actbuf[5]);
595         if (!strncasecmp(actbuf, "POST /", 6))
596                 strcpy(actbuf, &actbuf[6]);
597
598         for (i = 0; i < strlen(actbuf); ++i) {
599                 if (actbuf[i] == ' ') {
600                         actbuf[i] = 0;
601                         i = 0;
602                 }
603                 if (actbuf[i] == '/') {
604                         actbuf[i] = 0;
605                         i = 0;
606                 }
607                 if (actbuf[i] == '?') {
608                         actbuf[i] = 0;
609                         i = 0;
610                 }
611                 if (actbuf[i] == '&') {
612                         actbuf[i] = 0;
613                         i = 0;
614                 }
615         }
616 }
617
618
619 void upload_handler(char *name, char *filename, char *partnum, char *disp,
620                         void *content, char *cbtype, size_t length,
621                         char *encoding, void *userdata)
622 {
623
624         fprintf(stderr, "UPLOAD HANDLER CALLED\n");
625         fprintf(stderr, "    name = %s\n", name);
626         fprintf(stderr, "filename = %s\n", filename);
627         fprintf(stderr, "encoding = %s\n", encoding);
628         fprintf(stderr, "    type = %s\n", cbtype);
629         fprintf(stderr, "  length = %ld\n", (long)length);
630
631         if ( (strlen(name) > 0) || (strlen(filename) > 0) ) {
632                 WC->upload = malloc(length);
633                 if (WC->upload != NULL) {
634                         WC->upload_length = length;
635                         memcpy(WC->upload, content, length);
636                 }
637         }
638 }
639
640
641 /*
642  * Entry point for WebCit transaction
643  */
644 void session_loop(struct httprequest *req)
645 {
646         char cmd[256];
647         char action[256];
648         char buf[256];
649         int a, b;
650         int ContentLength = 0;
651         int BytesRead;
652         char ContentType[512];
653         char *content;
654         char *content_end;
655         struct httprequest *hptr;
656         char browser_host[256];
657         char user_agent[256];
658
659         /* We stuff these with the values coming from the client cookies,
660          * so we can use them to reconnect a timed out session if we have to.
661          */
662         char c_host[256];
663         char c_port[256];
664         char c_username[256];
665         char c_password[256];
666         char c_roomname[256];
667         char cookie[256];
668
669         strcpy(c_host, defaulthost);
670         strcpy(c_port, defaultport);
671         strcpy(c_username, "");
672         strcpy(c_password, "");
673         strcpy(c_roomname, "");
674
675         WC->upload_length = 0;
676         WC->upload = NULL;
677
678         hptr = req;
679         if (hptr == NULL) return;
680
681         strcpy(cmd, hptr->line);
682         hptr = hptr->next;
683         extract_action(action, cmd);
684
685         while (hptr != NULL) {
686                 strcpy(buf, hptr->line);
687                 hptr = hptr->next;
688
689                 if (!strncasecmp(buf, "Cookie: webcit=", 15)) {
690                         strcpy(cookie, &buf[15]);
691                         cookie_to_stuff(cookie, NULL,
692                                       c_username, c_password, c_roomname);
693                 }
694                 else if (!strncasecmp(buf, "Content-length: ", 16)) {
695                         ContentLength = atoi(&buf[16]);
696                 }
697                 else if (!strncasecmp(buf, "Content-type: ", 14)) {
698                         strcpy(ContentType, &buf[14]);
699                 }
700                 else if (!strncasecmp(buf, "User-agent: ", 12)) {
701                         strcpy(user_agent, &buf[12]);
702                 }
703         }
704
705         if (ContentLength > 0) {
706                 fprintf(stderr, "Content length: %d\n", ContentLength);
707                 content = malloc(ContentLength + 1);
708                 memset(content, 0, ContentLength+1);
709                 BytesRead = 0;
710
711                 while (BytesRead < ContentLength) {
712                         a=read(WC->http_sock, &content[BytesRead],
713                                 ContentLength - BytesRead);
714                         if (a <= 0) BytesRead = ContentLength;
715                         else BytesRead += a;
716                 }
717
718                 if (!strncasecmp(ContentType,
719                               "application/x-www-form-urlencoded", 33)) {
720                         addurls(content);
721                 } else if (!strncasecmp(ContentType, "multipart", 9)) {
722                         content_end = content + ContentLength;
723                         mime_parser(content, content_end, *upload_handler,
724                                         NULL, NULL, NULL, 0);
725                 }
726         } else {
727                 content = NULL;
728         }
729
730         /* If there are variables in the URL, we must grab them now */
731         for (a = 0; a < strlen(cmd); ++a)
732                 if ((cmd[a] == '?') || (cmd[a] == '&')) {
733                         for (b = a; b < strlen(cmd); ++b)
734                                 if (isspace(cmd[b]))
735                                         cmd[b] = 0;
736                         addurls(&cmd[a + 1]);
737                         cmd[a] = 0;
738                 }
739         /*
740          * If we're not connected to a Citadel server, try to hook up the
741          * connection now.  Preference is given to the host and port specified
742          * by browser cookies, if cookies have been supplied.
743          */
744         if (!WC->connected) {
745                 if (strlen(bstr("host")) > 0)
746                         strcpy(c_host, bstr("host"));
747                 if (strlen(bstr("port")) > 0)
748                         strcpy(c_port, bstr("port"));
749
750                 if (!strcasecmp(c_host, "uds")) {
751                         /* unix domain socket */
752                         sprintf(buf, "%s/citadel.socket", c_port);
753                         WC->serv_sock = uds_connectsock(buf);
754                 }
755                 else {
756                         /* tcp socket */
757                         WC->serv_sock = tcp_connectsock(c_host, c_port);
758                 }
759
760                 if (WC->serv_sock < 0) {
761                         do_logout();
762                         goto SKIP_ALL_THIS_CRAP;
763                 }
764                 else {
765                         WC->connected = 1;
766                         serv_gets(buf); /* get the server welcome message */
767                         locate_host(browser_host, WC->http_sock);
768                         get_serv_info(browser_host, user_agent);
769                 }
770         }
771
772         check_for_express_messages();
773
774         /*
775          * If we're not logged in, but we have username and password cookies
776          * supplied by the browser, try using them to log in.
777          */
778         if ((!WC->logged_in) && (strlen(c_username) > 0) && (strlen(c_password) > 0)) {
779                 serv_printf("USER %s", c_username);
780                 serv_gets(buf);
781                 if (buf[0] == '3') {
782                         serv_printf("PASS %s", c_password);
783                         serv_gets(buf);
784                         if (buf[0] == '2') {
785                                 become_logged_in(c_username, c_password, buf);
786                         }
787                 }
788         }
789         /*
790          * If we don't have a current room, but a cookie specifying the
791          * current room is supplied, make an effort to go there.
792          */
793         if ((strlen(WC->wc_roomname) == 0) && (strlen(c_roomname) > 0)) {
794                 serv_printf("GOTO %s", c_roomname);
795                 serv_gets(buf);
796                 if (buf[0] == '2') {
797                         strcpy(WC->wc_roomname, c_roomname);
798                 }
799         }
800         if (!strcasecmp(action, "static")) {
801                 strcpy(buf, &cmd[12]);
802                 for (a = 0; a < strlen(buf); ++a)
803                         if (isspace(buf[a]))
804                                 buf[a] = 0;
805                 output_static(buf);
806         } else if (!strcasecmp(action, "image")) {
807                 output_image();
808         } else if ((!WC->logged_in) && (!strcasecmp(action, "login"))) {
809                 do_login();
810         } else if (!WC->logged_in) {
811                 display_login(NULL);
812         }
813         /* Various commands... */
814
815         else if (!strcasecmp(action, "do_welcome")) {
816                 do_welcome();
817         } else if (!strcasecmp(action, "blank")) {
818                 blank_page();
819         } else if (!strcasecmp(action, "display_main_menu")) {
820                 display_main_menu();
821         } else if (!strcasecmp(action, "whobbs")) {
822                 whobbs();
823         } else if (!strcasecmp(action, "knrooms")) {
824                 list_all_rooms_by_floor();
825         } else if (!strcasecmp(action, "gotonext")) {
826                 slrp_highest();
827                 gotonext();
828         } else if (!strcasecmp(action, "skip")) {
829                 gotonext();
830         } else if (!strcasecmp(action, "ungoto")) {
831                 ungoto();
832         } else if (!strcasecmp(action, "dotgoto")) {
833                 slrp_highest();
834                 smart_goto(bstr("room"));
835         } else if (!strcasecmp(action, "dotskip")) {
836                 smart_goto(bstr("room"));
837         } else if (!strcasecmp(action, "termquit")) {
838                 do_logout();
839         } else if (!strcasecmp(action, "readnew")) {
840                 readloop("readnew");
841         } else if (!strcasecmp(action, "readold")) {
842                 readloop("readold");
843         } else if (!strcasecmp(action, "readfwd")) {
844                 readloop("readfwd");
845         } else if (!strcasecmp(action, "headers")) {
846                 readloop("headers");
847         } else if (!strcasecmp(action, "display_enter")) {
848                 display_enter();
849         } else if (!strcasecmp(action, "post")) {
850                 post_message();
851         } else if (!strcasecmp(action, "delete_msg")) {
852                 delete_msg();
853         } else if (!strcasecmp(action, "confirm_move_msg")) {
854                 confirm_move_msg();
855         } else if (!strcasecmp(action, "move_msg")) {
856                 move_msg();
857         } else if (!strcasecmp(action, "userlist")) {
858                 userlist();
859         } else if (!strcasecmp(action, "showuser")) {
860                 showuser();
861         } else if (!strcasecmp(action, "display_page")) {
862                 display_page();
863         } else if (!strcasecmp(action, "page_user")) {
864                 page_user();
865         } else if (!strcasecmp(action, "chat")) {
866                 do_chat();
867         } else if (!strcasecmp(action, "display_private")) {
868                 display_private("", 0);
869         } else if (!strcasecmp(action, "goto_private")) {
870                 goto_private();
871         } else if (!strcasecmp(action, "zapped_list")) {
872                 zapped_list();
873         } else if (!strcasecmp(action, "display_zap")) {
874                 display_zap();
875         } else if (!strcasecmp(action, "zap")) {
876                 zap();
877         } else if (!strcasecmp(action, "display_entroom")) {
878                 display_entroom();
879         } else if (!strcasecmp(action, "entroom")) {
880                 entroom();
881         } else if (!strcasecmp(action, "display_editroom")) {
882                 display_editroom();
883         } else if (!strcasecmp(action, "editroom")) {
884                 editroom();
885         } else if (!strcasecmp(action, "display_whok")) {
886                 display_whok();
887         } else if (!strcasecmp(action, "display_editinfo")) {
888                 display_edit("Room info", "EINF 0", "RINF", "/editinfo");
889         } else if (!strcasecmp(action, "editinfo")) {
890                 save_edit("Room info", "EINF 1", 1);
891         } else if (!strcasecmp(action, "display_editbio")) {
892                 sprintf(buf, "RBIO %s", WC->wc_username);
893                 display_edit("Your bio", "NOOP", buf, "editbio");
894         } else if (!strcasecmp(action, "editbio")) {
895                 save_edit("Your bio", "EBIO", 0);
896         } else if (!strcasecmp(action, "confirm_delete_room")) {
897                 confirm_delete_room();
898         } else if (!strcasecmp(action, "delete_room")) {
899                 delete_room();
900         } else if (!strcasecmp(action, "validate")) {
901                 validate();
902         } else if (!strcasecmp(action, "display_editpic")) {
903                 display_graphics_upload("your photo",
904                                         "UIMG 0|_userpic_",
905                                         "/editpic");
906         } else if (!strcasecmp(action, "editpic")) {
907                 do_graphics_upload("UIMG 1|_userpic_");
908         } else if (!strcasecmp(action, "display_editroompic")) {
909                 display_graphics_upload("the graphic for this room",
910                                         "UIMG 0|_roompic_",
911                                         "/editroompic");
912         } else if (!strcasecmp(action, "editroompic")) {
913                 do_graphics_upload("UIMG 1|_roompic_");
914         } else if (!strcasecmp(action, "select_floor_to_edit_pic")) {
915                 select_floor_to_edit_pic();
916         } else if (!strcasecmp(action, "display_editfloorpic")) {
917                 sprintf(buf, "UIMG 0|_floorpic_|%s",
918                         bstr("which_floor"));
919                 display_graphics_upload("the graphic for this floor",
920                                         buf,
921                                         "/editfloorpic");
922         } else if (!strcasecmp(action, "editfloorpic")) {
923                 sprintf(buf, "UIMG 1|_floorpic_|%s",
924                         bstr("which_floor"));
925                 do_graphics_upload(buf);
926         } else if (!strcasecmp(action, "display_reg")) {
927                 display_reg(0);
928         } else if (!strcasecmp(action, "register")) {
929                 register_user();
930         } else if (!strcasecmp(action, "display_changepw")) {
931                 display_changepw();
932         } else if (!strcasecmp(action, "changepw")) {
933                 changepw();
934         } else if (!strcasecmp(action, "display_edit_node")) {
935                 display_edit_node();
936         } else if (!strcasecmp(action, "display_netconf")) {
937                 display_netconf();
938         } else if (!strcasecmp(action, "display_confirm_unshare")) {
939                 display_confirm_unshare();
940         } else if (!strcasecmp(action, "display_confirm_delete_node")) {
941                 display_confirm_delete_node();
942         } else if (!strcasecmp(action, "delete_node")) {
943                 delete_node();
944         } else if (!strcasecmp(action, "unshare")) {
945                 unshare();
946         } else if (!strcasecmp(action, "display_add_node")) {
947                 display_add_node();
948         } else if (!strcasecmp(action, "add_node")) {
949                 add_node();
950         } else if (!strcasecmp(action, "display_share")) {
951                 display_share();
952         } else if (!strcasecmp(action, "share")) {
953                 share();
954         } else if (!strcasecmp(action, "terminate_session")) {
955                 slrp_highest();
956                 terminate_session();
957         } else if (!strcasecmp(action, "edit_me")) {
958                 edit_me();
959         } else if (!strcasecmp(action, "display_siteconfig")) {
960                 display_siteconfig();
961         } else if (!strcasecmp(action, "page_popup")) {
962                 page_popup();
963         } else if (!strcasecmp(action, "siteconfig")) {
964                 siteconfig();
965         } else if (!strcasecmp(action, "display_generic")) {
966                 display_generic();
967         } else if (!strcasecmp(action, "do_generic")) {
968                 do_generic();
969         } else if (!strcasecmp(action, "display_menubar")) {
970                 display_menubar(1);
971         } else if (!strcasecmp(action, "output_mimepart")) {
972                 output_mimepart();
973         } else if (!strcasecmp(action, "diagnostics")) {
974                 output_headers(1);
975
976                 wprintf("You're in session %d<HR>\n", WC->wc_session);
977                 wprintf("Command: <BR><PRE>\n");
978                 escputs(cmd);
979                 wprintf("</PRE><HR>\n");
980                 wprintf("Variables: <BR><PRE>\n");
981                 dump_vars();
982                 wprintf("</PRE><HR>\n");
983                 wDumpContent(1);
984         }
985         /* When all else fais, display the main menu. */
986         else {
987                 display_main_menu();
988         }
989
990 SKIP_ALL_THIS_CRAP:
991         fflush(stdout);
992         if (content != NULL) {
993                 free(content);
994                 content = NULL;
995         }
996         free_urls();
997         if (WC->upload_length > 0) {
998                 free(WC->upload);
999                 WC->upload_length = 0;
1000         }
1001 }