Fixed bug 301. /listsub operations do not require a

[citadel.git] / webcit / webcit.c

diff --git a/webcit/webcit.c b/webcit/webcit.c
index 25efc69e123bb6a578fbcf2f6f79b878eb3a7070..c65fd7f3ddeaea800ab6dd787f16c3032216c3c7 100644 (file)
--- a/webcit/webcit.c
+++ b/webcit/webcit.c
@@ -11,7 +11,6 @@
 #include "webcit.h"
 #include "groupdav.h"
 #include "webserver.h"
-#include "mime_parser.h"
 
 #include <stdio.h>
 #include <stdarg.h>
@@ -23,7 +22,7 @@
  */
 static char *unset = "; expires=28-May-1971 18:10:00 GMT";
 
-/**
+/**   
  * \brief remove escaped strings from i.e. the url string (like %20 for blanks)
  * \param buf the buffer to examine
  */
@@ -204,15 +203,16 @@ void wDumpContent(int print_standard_html_footer)
  * \param nbsp If nonzero, spaces are converted to non-breaking spaces.
  * \param nolinebreaks if set, linebreaks are removed from the string.
  */
-void stresc(char *target, char *strbuf, int nbsp, int nolinebreaks)
+long stresc(char *target, long tSize, char *strbuf, int nbsp, int nolinebreaks)
 {
-       char *aptr, *bptr;
+       char *aptr, *bptr, *eptr;
 
        *target = '\0';
        aptr = strbuf;
        bptr = target;
+       eptr = target + tSize - 6; // our biggest unit to put in... 
 
-       while (!IsEmptyStr(aptr) ){
+       while ((bptr < eptr) && !IsEmptyStr(aptr) ){
                if (*aptr == '<') {
                        memcpy(bptr, "&lt;", 4);
                        bptr += 4;
@@ -250,10 +250,10 @@ void stresc(char *target, char *strbuf, int nbsp, int nolinebreaks)
                        bptr += 6;
                }
                else if ((*aptr == '\n') && (nolinebreaks)) {
-                       strcat(bptr, "");       /* nothing */
+                       *bptr='\0';     /* nothing */
                }
                else if ((*aptr == '\r') && (nolinebreaks)) {
-                       strcat(bptr, "");       /* nothing */
+                       *bptr='\0';     /* nothing */
                }
                else{
                        *bptr = *aptr;
@@ -262,6 +262,9 @@ void stresc(char *target, char *strbuf, int nbsp, int nolinebreaks)
                aptr ++;
        }
        *bptr = '\0';
+       if ((bptr = eptr - 1 ) && !IsEmptyStr(aptr) )
+               return -1;
+       return (bptr - target);
 }
 
 /**
@@ -273,10 +276,12 @@ void stresc(char *target, char *strbuf, int nbsp, int nolinebreaks)
 void escputs1(char *strbuf, int nbsp, int nolinebreaks)
 {
        char *buf;
+       long Siz;
 
        if (strbuf == NULL) return;
-       buf = malloc( (3 * strlen(strbuf)) + SIZ );
-       stresc(buf, strbuf, nbsp, nolinebreaks);
+       Siz = (3 * strlen(strbuf)) + SIZ ;
+       buf = malloc(Siz);
+       stresc(buf, Siz, strbuf, nbsp, nolinebreaks);
        wprintf("%s", buf);
        free(buf);
 }
@@ -298,7 +303,7 @@ void escputs(char *strbuf)
 void urlesc(char *outbuf, char *strbuf)
 {
        int a, b, c, len, eclen, olen;
-       char *ec = " #&;`'|*?-~<>^()[]{}/$\"\\";
+       char *ec = " +#&;`'|*?-~<>^()[]{}/$\"\\";
 
        strcpy(outbuf, "");
        len = strlen(strbuf);
@@ -412,7 +417,7 @@ void msgescputs1( char *strbuf)
        outbuf = malloc( buflen);
        outbuf2 = malloc( buflen);
        msgesc(outbuf, strbuf);
-       stresc(outbuf2, outbuf, 0, 0);
+       stresc(outbuf2, buflen, outbuf, 0, 0);
        wprintf("%s", outbuf2);
        free(outbuf);
        free(outbuf2);
@@ -460,7 +465,7 @@ void output_headers(        int do_httpheaders,     /**< 1 = output HTTP headers
                wprintf("Content-type: text/html; charset=utf-8\r\n"
                        "Server: %s / %s\n"
                        "Connection: close\r\n",
-                       SERVER, serv_info.serv_software
+                       PACKAGE_STRING, serv_info.serv_software
                );
        }
 
@@ -565,7 +570,7 @@ void http_transmit_thing(char *thing, size_t length, char *content_type,
                "Server: %s\r\n"
                "Connection: close\r\n",
                content_type,
-               SERVER);
+               PACKAGE_STRING);
 
 #ifdef HAVE_ZLIB
        /** If we can send the data out compressed, please do so. */
@@ -734,7 +739,9 @@ void output_image()
                 * Instead of an ugly 404, send a 1x1 transparent GIF
                 * when there's no such image on the server.
                 */
-               output_static("static/blank.gif");
+               char blank_gif[SIZ];
+               snprintf (blank_gif, SIZ, "%s%s", static_dirs[0], "/blank.gif");
+               output_static(blank_gif);
        }
 
 
@@ -992,7 +999,7 @@ void begin_ajax_response(void) {
                 "Cache-Control: no-cache\r\n"
                "Expires: -1\r\n"
                ,
-                SERVER);
+                PACKAGE_STRING);
         begin_burst();
 }
 
@@ -1303,7 +1310,7 @@ void session_loop(struct httprequest *req)
                        wprintf("HTTP/1.1 404 Security check failed\r\n");
                        wprintf("Content-Type: text/plain\r\n");
                        wprintf("\r\n");
-                       wprintf("Security check failed.\r\n");
+                       wprintf("You have sent a malformed or invalid request.\r\n");
                }
                goto SKIP_ALL_THIS_CRAP;        /* Don't try to connect */
        }
@@ -1499,6 +1506,8 @@ void session_loop(struct httprequest *req)
                url_do_template();
        } else if (!strcasecmp(action, "display_aide_menu")) {
                display_aide_menu();
+       } else if (!strcasecmp(action, "server_shutdown")) {
+               display_shutdown();
        } else if (!strcasecmp(action, "display_main_menu")) {
                display_main_menu();
        } else if (!strcasecmp(action, "who")) {
@@ -1525,6 +1534,10 @@ void session_loop(struct httprequest *req)
                begin_ajax_response();
                calendar_section();
                end_ajax_response();
+       } else if (!strcasecmp(action, "mini_calendar")) {
+               begin_ajax_response();
+               ajax_mini_calendar();
+               end_ajax_response();
        } else if (!strcasecmp(action, "iconbar_ajax_menu")) {
                begin_ajax_response();
                do_iconbar();
@@ -1755,6 +1768,10 @@ void session_loop(struct httprequest *req)
                display_sieve();
        } else if (!strcasecmp(action, "save_sieve")) {
                save_sieve();
+       } else if (!strcasecmp(action, "display_pushemail")) {
+               display_pushemail();
+       } else if (!strcasecmp(action, "save_pushemail")) {
+               save_pushemail();
        } else if (!strcasecmp(action, "display_add_remove_scripts")) {
                display_add_remove_scripts(NULL);
        } else if (!strcasecmp(action, "create_script")) {
@@ -1817,5 +1834,18 @@ SKIP_ALL_THIS_CRAP:
        }
 }
 
+/**
+ * \brief Replacement for sleep() that uses select() in order to avoid SIGALRM
+ * \param seconds how many seconds should we sleep?
+ */
+void sleeeeeeeeeep(int seconds)
+{
+       struct timeval tv;
+
+       tv.tv_sec = seconds;
+       tv.tv_usec = 0;
+       select(0, NULL, NULL, NULL, &tv);
+}
+
 
 /*@}*/