/*
- * $Id$
- *
* This is the main transaction loop of the web service. It maintains a
* persistent session to the Citadel server, handling HTTP WebCit requests as
* they arrive and presenting a user interface.
+ *
+ * Copyright (c) 1996-2011 by the citadel.org team
+ *
+ * This program is open source software. You can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
+
#define SHOW_ME_VAPPEND_PRINTF
#include <stdio.h>
#include <stdarg.h>
#include "webcit.h"
-#include "groupdav.h"
+#include "dav.h"
#include "webserver.h"
-
StrBuf *csslocal = NULL;
HashList *HandlerHash = NULL;
+void stuff_to_cookie(int unset_cookie);
+int GetConnected(void);
+
+
+void PutRequestLocalMem(void *Data, DeleteHashDataFunc DeleteIt)
+{
+ wcsession *WCC = WC;
+ int n;
+
+ n = GetCount(WCC->Hdr->HTTPHeaders);
+ Put(WCC->Hdr->HTTPHeaders, IKEY(n), Data, DeleteIt);
+}
void DeleteWebcitHandler(void *vHandler)
{
if (WCC->Hdr->HR.Handler != NULL)
StrBufAppendTemplate(Target, TP, WCC->Hdr->HR.Handler->DisplayName, 0);
}
+
+
/*
* web-printing funcion. uses our vsnprintf wrapper
*/
+#ifdef UBER_VERBOSE_DEBUGGING
+void wcc_printf(const char *FILE, const char *FUNCTION, long LINE, const char *format,...)
+#else
void wc_printf(const char *format,...)
+#endif
{
wcsession *WCC = WC;
va_list arg_ptr;
if (WCC->WBuf == NULL)
WCC->WBuf = NewStrBuf();
+#ifdef UBER_VERBOSE_DEBUGGING
+ StrBufAppendPrintf(WCC->WBuf, "\n%s:%s:%d[", FILE, FUNCTION, LINE);
+#endif
va_start(arg_ptr, format);
StrBufVAppendPrintf(WCC->WBuf, format, arg_ptr);
va_end(arg_ptr);
+#ifdef UBER_VERBOSE_DEBUGGING
+ StrBufAppendPrintf(WCC->WBuf, "]\n");
+#endif
}
/*
{
if (print_standard_html_footer) {
wc_printf("</div> <!-- end of 'content' div -->\n");
- do_template("trailing", NULL);
+ do_template("trailing");
}
/* If we've been saving it all up for one big output burst,
/*
* Output HTTP headers and leading HTML for a page
*/
-void output_headers( int do_httpheaders, /* 1 = output HTTP headers */
+void output_headers( int do_httpheaders, /* 1 = output HTTP headers */
int do_htmlhead, /* 1 = output HTML <head> section and <body> opener */
- int do_room_banner, /* 0=no, 1=yes,
+ int do_room_banner, /* 0=no, 1=yes,
* 2 = I'm going to embed my own, so don't open the
- * <div id="content"> either.
+ * <div id="content"> either.
*/
int unset_cookies, /* 1 = session is terminating, so unset the cookies */
- int suppress_check, /* 1 = suppress check for instant messages */
- int cache /* 1 = allow browser to cache this page */
+ int suppress_check, /* 1 = suppress check for instant messages */
+ int cache /* 1 = allow browser to cache this page */
) {
wcsession *WCC = WC;
char httpnow[128];
if (do_htmlhead) {
begin_burst();
- do_template("head", NULL);
+ do_template("head");
/* check for ImportantMessages (these display in a div overlaying the main screen) */
- if (!IsEmptyStr(WCC->ImportantMessage)) {
- wc_printf("<div id=\"important_message\">\n"
- "<span class=\"imsg\">");
- StrEscAppend(WCC->WBuf, NULL, WCC->ImportantMessage, 0, 0);
- wc_printf("</span><br />\n"
- "</div>\n"
- );
- StrBufAppendBufPlain(WCC->trailing_javascript,
- HKEY("setTimeout('hide_imsg_popup()', 5000); \n"),
- 0
- );
- WCC->ImportantMessage[0] = 0;
- }
- else if (StrLength(WCC->ImportantMsg) > 0) {
+ if (StrLength(WCC->ImportantMsg) > 0) {
wc_printf("<div id=\"important_message\">\n"
"<span class=\"imsg\">");
StrEscAppend(WCC->WBuf, WCC->ImportantMsg, NULL, 0, 0);
- wc_printf("</span><br />\n"
+ wc_printf("</span><br>\n"
"</div>\n"
);
StrBufAppendBufPlain(WCC->trailing_javascript,
}
if (do_room_banner == 1) {
- wc_printf("<div id=\"banner\">\n");
- embed_room_banner(NULL, navbar_default);
- wc_printf("</div>\n");
+ tmplput_roombanner(NULL, NULL);
}
}
/*
* Output a piece of content to the web browser using conformant HTTP and MIME semantics
*/
-void http_transmit_thing(const char *content_type,
- int is_static) {
+void http_transmit_thing(const char *content_type, int is_static)
+{
-#ifndef TECH_PREVIEW
- lprintf(9, "http_transmit_thing(%s)%s\n",
- content_type,
- ((is_static > 0) ? " (static)" : "")
- );
-#endif
+ syslog(9, "http_transmit_thing(%s)%s\n", content_type, ((is_static > 0) ? " (static)" : ""));
output_headers(0, 0, 0, 0, 0, is_static);
hprintf("Content-type: %s\r\n"
/*
* convenience function to indicate success
*/
-void display_success(char *successmessage)
+void display_success(const char *successmessage)
{
convenience_page("007700", "OK", successmessage);
}
/*
- * Authorization required page
- * This is probably temporary and should be revisited
+ * Authorization required page (sends a 401, causing the browser to request login credentials)
*/
void authorization_required(void)
{
if (WCC->ImportantMsg != NULL)
message = ChrPtr(WCC->ImportantMsg);
- else if (WCC->ImportantMessage != NULL)
- message = WCC->ImportantMessage;
wc_printf(_("The resource you requested requires a valid username and password. "
"You could not be logged in: %s\n"), message);
wcsession *WCC = WC;
FlushStrBuf(WCC->HBuf);
- output_headers(0, 0, 0, 0, 0, 0);
+ output_headers(0, 0, 0, 0, 0, 0);
- hprintf("Content-type: text/html; charset=UTF-8\r\n"
- "Server: %s\r\n"
- "Connection: close\r\n"
+ hprintf("Content-type: text/html; charset=UTF-8\r\n"
+ "Server: %s\r\n"
+ "Connection: close\r\n"
,
- PACKAGE_STRING);
- begin_burst();
+ PACKAGE_STRING);
+ begin_burst();
}
/*
* print ajax response footer
*/
void end_ajax_response(void) {
- wDumpContent(0);
+ wDumpContent(0);
}
char *junk;
size_t len;
+ syslog(LOG_DEBUG, "ajax_servcmd() g_cmd=\"%s\"\n", bstr("g_cmd") );
begin_ajax_response();
Buf = NewStrBuf();
serv_puts(bstr("g_cmd"));
}
case 1:
while (!Done) {
- StrBuf_ServGetln(Buf);
+ if (StrBuf_ServGetln(Buf) < 0)
+ break;
if ( (StrLength(Buf)==3) &&
!strcmp(ChrPtr(Buf), "000")) {
Done = 1;
* This is kind of an ugly hack, but this is the only place it can go.
* If the command was GEXP, then the instant messenger window must be
* running, so reset the "last_pager_check" watchdog timer so
- * that page_popup() doesn't try to open it a second time.
+ * that page_popup() doesn't try to open it a second time. TODO: page_popup isn't with us anymore.
*/
if (!strncasecmp(bstr("g_cmd"), "GEXP", 4)) {
WCC->last_pager_check = time(NULL);
}
+/*
+ * Save a URL destination so we can go to it later
+ */
+void push_destination(void) {
+ wcsession *WCC = WC;
+
+ if (!WCC) {
+ wc_printf("no session");
+ return;
+ }
+
+ FreeStrBuf(&WCC->PushedDestination);
+ WCC->PushedDestination = NewStrBufDup(SBSTR("url"));
+ syslog(9, "Push: %s\n", ChrPtr(WCC->PushedDestination));
+ wc_printf("OK");
+}
+
+/*
+ * Go to the URL saved by push_destination()
+ */
+void pop_destination(void) {
+ wcsession *WCC = WC;
-void ReadPostData(void)
+ /*
+ * If we are in the middle of a new user signup, the server may request that
+ * we first pass through a registration screen.
+ */
+ if ((WCC) && (WCC->need_regi)) {
+ if ((WCC->PushedDestination != NULL) && (StrLength(WCC->PushedDestination) > 0)) {
+ /* Registering will take us to the My Citadel Config room, so save our place */
+ StrBufAppendBufPlain(WCC->PushedDestination, HKEY("?go="), 0);
+ StrBufUrlescAppend(WCC->PushedDestination, WCC->CurRoom.name, NULL);
+ }
+ WCC->need_regi = 0;
+ display_reg(1);
+ return;
+ }
+
+ /*
+ * Do something reasonable if we somehow ended up requesting a pop without
+ * having first done a push.
+ */
+ if ( (!WCC) || (WCC->PushedDestination == NULL) || (StrLength(WCC->PushedDestination) == 0) ) {
+ do_welcome();
+ return;
+ }
+
+ /*
+ * All righty then! We have a destination saved, so go there now.
+ */
+ syslog(9, "Pop: %s\n", ChrPtr(WCC->PushedDestination));
+ http_redirect(ChrPtr(WCC->PushedDestination));
+}
+
+
+
+int ReadPostData(void)
{
- int body_start = 0;
+ int rc;
+ int urlencoded_post = 0;
wcsession *WCC = WC;
StrBuf *content = NULL;
+ urlencoded_post = (strncasecmp(ChrPtr(WCC->Hdr->HR.ContentType), "application/x-www-form-urlencoded", 33) == 0) ;
+
content = NewStrBufPlain(NULL, WCC->Hdr->HR.ContentLength + 256);
- StrBufPrintf(content,
+ if (!urlencoded_post)
+ {
+ StrBufPrintf(content,
"Content-type: %s\n"
- "Content-length: %ld\n\n",
- ChrPtr(WCC->Hdr->HR.ContentType),
+ "Content-length: %ld\n\n",
+ ChrPtr(WCC->Hdr->HR.ContentType),
WCC->Hdr->HR.ContentLength);
-/*
- hprintf("Content-type: %s\n"
- "Content-length: %d\n\n",
- ContentType, ContentLength);
-*/
- body_start = StrLength(content);
+ }
/** Read the entire input data at once. */
- client_read_to(WCC->Hdr, content,
- WCC->Hdr->HR.ContentLength,
- SLEEPING);
+ rc = client_read_to(WCC->Hdr, content,
+ WCC->Hdr->HR.ContentLength,
+ SLEEPING);
+ if (rc < 0)
+ return rc;
+
- if (!strncasecmp(ChrPtr(WCC->Hdr->HR.ContentType), "application/x-www-form-urlencoded", 33)) {
- StrBufCutLeft(content, body_start);
+ if (urlencoded_post) {
ParseURLParams(content);
} else if (!strncasecmp(ChrPtr(WCC->Hdr->HR.ContentType), "multipart", 9)) {
char *Buf;
content = NULL;
}
FreeStrBuf(&content);
+ return 1;
}
HashList *Floors;
void *vFloor;
- lprintf(1, "parsing rest URL: %s\n", ChrPtr(WCC->Hdr->HR.ReqLine));
+ syslog(1, "parsing rest URL: %s\n", ChrPtr(WCC->Hdr->HR.ReqLine));
WCC->Directory = NewHash(1, Flathash);
WCC->CurrentFloor = NULL;
*/
void session_loop(void)
{
- int Flags = 0;
int xhttp;
StrBuf *Buf;
* so we can use them to reconnect a timed out session if we have to.
*/
wcsession *WCC;
-
-
- Buf = NewStrBuf();
-
+
WCC= WC;
-
WCC->upload_length = 0;
WCC->upload = NULL;
- WCC->is_mobile = 0;
- WCC->trailing_javascript = NewStrBuf();
WCC->Hdr->nWildfireHeaders = 0;
- if (WCC->Hdr->HR.Handler != NULL)
- Flags = WCC->Hdr->HR.Handler->Flags; /* so we can temporarily add our own... */
if (WCC->Hdr->HR.ContentLength > 0) {
- ReadPostData();
+ if (ReadPostData() < 0) {
+ return;
+ }
+ }
+
+ Buf = NewStrBuf();
+ WCC->trailing_javascript = NewStrBuf();
+
+ /* Convert base64-encoded URL's back to plain text */
+ if (!strncmp(ChrPtr(WCC->Hdr->this_page), "/B64", 4)) {
+ StrBufCutLeft(WCC->Hdr->this_page, 4);
+ StrBufDecodeBase64(WCC->Hdr->this_page);
+ http_redirect(ChrPtr(WCC->Hdr->this_page));
+ goto SKIP_ALL_THIS_CRAP;
}
/* If there are variables in the URL, we must grab them now */
/* If the client sent a nonce that is incorrect, kill the request. */
if (havebstr("nonce")) {
- lprintf(9, "Comparing supplied nonce %s to session nonce %ld\n",
- bstr("nonce"), WCC->nonce);
+ syslog(9, "Comparing supplied nonce %s to session nonce %d\n",
+ bstr("nonce"), WCC->nonce
+ );
if (ibstr("nonce") != WCC->nonce) {
- lprintf(9, "Ignoring request with mismatched nonce.\n");
+ syslog(9, "Ignoring request with mismatched nonce.\n");
hprintf("HTTP/1.1 404 Security check failed\r\n");
hprintf("Content-Type: text/plain\r\n");
begin_burst();
}
/*
- * If we're not connected to a Citadel server, try to hook up the
- * connection now.
+ * If we're not connected to a Citadel server, try to hook up the connection now.
*/
if (!WCC->connected) {
- if (GetConnected ())
+ if (GetConnected()) {
+ hprintf("HTTP/1.1 503 Service Unavailable\r\n");
+ hprintf("Content-Type: text/html\r\n");
+ begin_burst();
+ wc_printf("<html><head><title>503 Service Unavailable</title></head><body>\n");
+ wc_printf(_("This program was unable to connect or stay "
+ "connected to the Citadel server. Please report "
+ "this problem to your system administrator.")
+ );
+ wc_printf("<br>");
+ wc_printf("<a href=\"http://www.citadel.org/doku.php/"
+ "faq:generalquestions:webcit_unable_to_connect\">%s</a>",
+ _("Read More...")
+ );
+ wc_printf("</body></html>\n");
+ end_burst();
goto SKIP_ALL_THIS_CRAP;
+ }
}
-
/*
* If we're not logged in, but we have authentication data (either from
* a cookie or from http-auth), try logging in to Citadel using that.
&& (StrLength(WCC->Hdr->c_username) > 0)
&& (StrLength(WCC->Hdr->c_password) > 0))
{
+ long Status;
+
FlushStrBuf(Buf);
serv_printf("USER %s", ChrPtr(WCC->Hdr->c_username));
StrBuf_ServGetln(Buf);
- if (GetServerStatus(Buf, NULL) == 3) {
+ if (GetServerStatus(Buf, &Status) == 3) {
serv_printf("PASS %s", ChrPtr(WCC->Hdr->c_password));
StrBuf_ServGetln(Buf);
if (GetServerStatus(Buf, NULL) == 2) {
goto SKIP_ALL_THIS_CRAP;
}
}
+ else if (Status == 541) {
+ WCC->logged_in = 1;
+ }
}
xhttp = (WCC->Hdr->HR.eReqType != eGET) &&
(WCC->Hdr->HR.eReqType != eHEAD);
/*
- * If a 'gotofirst' parameter has been specified, attempt to goto that room
+ * If a 'go' (or 'gotofirst') parameter has been specified, attempt to goto that room
* prior to doing anything else.
*/
- if (havebstr("gotofirst")) {
+ if (havebstr("go")) {
int ret;
+ syslog(9, "Explicit room selection: %s\n", bstr("go"));
+ ret = gotoroom(sbstr("go")); /* do quietly to avoid session output! */
+ if ((ret/100) != 2) {
+ syslog(1, "Unable to change to [%s]; Reason: %d\n", bstr("go"), ret);
+ }
+ }
+ else if (havebstr("gotofirst")) {
+ int ret;
+ syslog(9, "Explicit room selection: %s\n", bstr("gotofirst"));
ret = gotoroom(sbstr("gotofirst")); /* do quietly to avoid session output! */
if ((ret/100) != 2) {
- lprintf(1, "GOTOFIRST: Unable to change to [%s]; Reason: %d\n",
- bstr("gotofirst"), ret);
+ syslog(1, "Unable to change to [%s]; Reason: %d\n", bstr("gotofirst"), ret);
}
}
/*
* If we aren't in any room yet, but we have cookie data telling us where we're
- * supposed to be, and 'gotofirst' was not specified, then go there.
+ * supposed to be, and 'go' was not specified, then go there.
*/
else if ( (StrLength(WCC->CurRoom.name) == 0) && ( (StrLength(WCC->Hdr->c_roomname) > 0) )) {
int ret;
- lprintf(9, "We are in '%s' but cookie indicates '%s', going there...\n",
+ syslog(9, "We are in '%s' but cookie indicates '%s', going there...\n",
ChrPtr(WCC->CurRoom.name),
ChrPtr(WCC->Hdr->c_roomname)
);
ret = gotoroom(WCC->Hdr->c_roomname); /* do quietly to avoid session output! */
if ((ret/100) != 2) {
- lprintf(1, "COOKIEGOTO: Unable to change to [%s]; Reason: %d\n",
+ syslog(1, "COOKIEGOTO: Unable to change to [%s]; Reason: %d\n",
ChrPtr(WCC->Hdr->c_roomname), ret);
}
}
if (WCC->Hdr->HR.Handler != NULL) {
- if (!WCC->logged_in && ((WCC->Hdr->HR.Handler->Flags & ANONYMOUS) == 0)) {
+ if ( (!WCC->logged_in)
+ && ((WCC->Hdr->HR.Handler->Flags & ANONYMOUS) == 0)
+ && (WCC->serv_info->serv_supports_guest == 0)
+ ) {
display_login();
}
else {
end_ajax_response();
}
}
- /* When all else fais, display the main menu. */
+ /* When all else fails, display the default landing page or a main menu. */
else {
/*
* ordinary browser users get a nice login screen, DAV etc. requsets
* are given a 401 so they can handle it appropriate.
*/
if (!WCC->logged_in) {
- if (xhttp)
+ if (xhttp) {
authorization_required();
- else
- display_login();
+ }
+ else {
+ display_default_landing_page();
+ }
}
/*
* Toplevel dav requests? or just a flat browser request?
*/
else {
if (xhttp)
- groupdav_main();
+ dav_main();
else
display_main_menu();
}
}
+
+/*
+ * Display the appropriate landing page for this site.
+ */
+void display_default_landing_page(void) {
+ wcsession *WCC = WC;
+
+ if (WCC && WCC->serv_info && WCC->serv_info->serv_supports_guest) {
+ /* default action */
+
+ if (default_landing_page) {
+ http_redirect(default_landing_page);
+ }
+ else {
+ StrBuf *teh_lobby = NewStrBufPlain(HKEY("_BASEROOM_"));
+ smart_goto(teh_lobby);
+ FreeStrBuf(&teh_lobby);
+ }
+ }
+ else {
+ display_login();
+ }
+}
+
+
/*
* Replacement for sleep() that uses select() in order to avoid SIGALRM
*/
select(0, NULL, NULL, NULL, &tv);
}
+int Conditional_IS_HTTPS(StrBuf *Target, WCTemplputParams *TP)
+{
+ return is_https != 0;
+}
+
+void AppendImportantMessage(const char *pch, long len)
+{
+ wcsession *WCC = WC;
+
+ if (StrLength(WCC->ImportantMsg) > 0) {
+ StrBufAppendBufPlain(WCC->ImportantMsg, HKEY("\n"), 0);
+ }
+
+ StrBufAppendBufPlain(WCC->ImportantMsg, pch, len, 0);
+}
int ConditionalImportantMesage(StrBuf *Target, WCTemplputParams *TP)
{
wcsession *WCC = WC;
if (WCC != NULL)
- return ((!IsEmptyStr(WCC->ImportantMessage)) ||
- (StrLength(WCC->ImportantMsg) > 0));
+ return (StrLength(WCC->ImportantMsg) > 0);
else
return 0;
}
wcsession *WCC = WC;
if (WCC != NULL) {
- if (!IsEmptyStr(WCC->ImportantMessage)) {
- StrEscAppend(Target, NULL, WCC->ImportantMessage, 0, 0);
- WCC->ImportantMessage[0] = '\0';
- }
- else if (StrLength(WCC->ImportantMsg) > 0) {
+ if (StrLength(WCC->ImportantMsg) > 0) {
StrEscAppend(Target, WCC->ImportantMsg, NULL, 0, 0);
FlushStrBuf(WCC->ImportantMsg);
}
csslocal, 0);
}
+void tmplput_packagestring(StrBuf *Target, WCTemplputParams *TP)
+{
+ StrBufAppendBufPlain(Target,
+ HKEY(PACKAGE_STRING), 0);
+}
+
extern char static_local_dir[PATH_MAX];
WebcitAddUrlHandler(HKEY("sslg"), "", 0, seconds_since_last_gexp, AJAX|LOGCHATTY);
WebcitAddUrlHandler(HKEY("ajax_servcmd"), "", 0, ajax_servcmd, 0);
WebcitAddUrlHandler(HKEY("webcit"), "", 0, blank_page, URLNAMESPACE);
+ WebcitAddUrlHandler(HKEY("push"), "", 0, push_destination, AJAX);
+ WebcitAddUrlHandler(HKEY("pop"), "", 0, pop_destination, 0);
WebcitAddUrlHandler(HKEY("401"), "", 0, authorization_required, ANONYMOUS|COOKIEUNNEEDED);
RegisterConditional(HKEY("COND:IMPMSG"), 0, ConditionalImportantMesage, CTX_NONE);
RegisterConditional(HKEY("COND:REST:DEPTH"), 0, Conditional_REST_DEPTH, CTX_NONE);
+ RegisterConditional(HKEY("COND:IS_HTTPS"), 0, Conditional_IS_HTTPS, CTX_NONE);
RegisterNamespace("CSSLOCAL", 0, 0, tmplput_csslocal, NULL, CTX_NONE);
RegisterNamespace("IMPORTANTMESSAGE", 0, 0, tmplput_importantmessage, NULL, CTX_NONE);
RegisterNamespace("TRAILING_JAVASCRIPT", 0, 0, tmplput_trailing_javascript, NULL, CTX_NONE);
RegisterNamespace("URL:DISPLAYNAME", 0, 1, tmplput_HANDLER_DISPLAYNAME, NULL, CTX_NONE);
+ RegisterNamespace("PACKAGESTRING", 0, 1, tmplput_packagestring, NULL, CTX_NONE);
+
snprintf(dir, SIZ, "%s/webcit.css", static_local_dir);
if (!access(dir, R_OK)) {
- lprintf(9, "Using local Stylesheet [%s]\n", dir);
+ syslog(9, "Using local Stylesheet [%s]\n", dir);
csslocal = NewStrBufPlain(HKEY("<link href=\"static.local/webcit.css\" rel=\"stylesheet\" type=\"text/css\" />"));
}
else
- lprintf(9, "No Site-local Stylesheet [%s] installed. \n", dir);
+ syslog(9, "No Site-local Stylesheet [%s] installed. \n", dir);
}
FreeStrBuf(&sess->WBuf);
FreeStrBuf(&sess->HBuf);
FreeStrBuf(&sess->ImportantMsg);
+ FreeStrBuf(&sess->PushedDestination);
}