/*
- * webcit.c
+ * $Id$
*
- * This is the actual program called by the webserver. It maintains a
+ * This is the main transaction loop of the web service. It maintains a
* persistent session to the Citadel server, handling HTTP WebCit requests as
* they arrive and presenting a user interface.
*
- * $Id$
*/
#include <ctype.h>
#include <pthread.h>
#include <signal.h>
#include "webcit.h"
+#include "groupdav.h"
#include "webserver.h"
#include "mime_parser.h"
hex[0] = buf[a + 1];
hex[1] = buf[a + 2];
hex[2] = 0;
+ b = 0;
sscanf(hex, "%02x", &b);
buf[a] = (char) b;
strcpy(&buf[a + 1], &buf[a + 3]);
{
if (print_standard_html_footer) {
wprintf("</DIV>\n"); /* end of "text" div */
-
- /* NAVBAR
- wprintf("<div id=\"navbar\">");
- wprintf("FIXME the navbar should go here, dude...\n");
- wprintf("</div>\n");
- */
-
do_template("trailing");
}
+ /* If we've been saving it all up for one big output burst,
+ * go ahead and do that now.
+ */
+ end_burst();
}
int do_room_banner, /* 0=no, 1=yes, */
/* 2 = I'm going to embed my own, so don't open the */
- /* <div id="text"> either. */
+ /* <div id="content"> either. */
int unset_cookies, /* 1 = session is terminating, so unset the cookies */
int refresh30, /* 1 = automatically refresh page every 30 seconds */
) {
char cookie[SIZ];
char httpnow[SIZ];
- char onload_fcn[SIZ];
- static int pageseq = 0;
wprintf("HTTP/1.0 200 OK\n");
httpdate(httpnow, time(NULL));
if (do_httpheaders) {
wprintf("Content-type: text/html\n"
- "Server: %s\n", SERVER
+ "Server: %s / %s\n", SERVER, serv_info.serv_software
);
if (!cache)
wprintf("Connection: close\n"
}
if (do_htmlhead) {
- wprintf("\n");
+ /* wprintf("\n"); */
+ begin_burst();
if (refresh30) {
svprintf("REFRESHTAG", WCS_STRING, "%s",
"<meta http-equiv=\"refresh\" content=\"500363689;\" />\n");
}
- /* script for checking for pages (not always launched) */
-
- sprintf(onload_fcn, "function onload_fcn() { \n");
- if (!suppress_check) if (WC->HaveExpressMessages) {
- strcat(onload_fcn, " launch_page_popup(); \n");
- WC->HaveExpressMessages = 0;
- }
- strcat(onload_fcn, "} \n");
-
- svprintf("PAGERscript", WCS_STRING,
- "<script type=\"text/javascript\">\n"
- "function launch_page_popup() {\n"
- "pwin = window.open('/page_popup', 'CitaPage%d', "
- "'toolbar=no,location=no,copyhistory=no,status=no,"
- "scrollbars=yes,resizable=no,height=250,width=400');\n"
- "}\n"
-
- "%s\n"
- "</script>\n",
- ++pageseq,
- onload_fcn
- );
- /* end script */
-
do_template("head");
-
- svprintf("extrabodyparms", WCS_STRING, "%s",
- "onload='onload_fcn();' ");
-
- do_template("background");
}
/* ICONBAR */
if (do_htmlhead) {
+
+ if (WC->HaveInstantMessages) {
+ wprintf("<div id=\"page_popup\">\n");
+ page_popup();
+ wprintf("</div>\n");
+ }
if ( (WC->logged_in) && (!unset_cookies) ) {
wprintf("<div id=\"iconbar\">");
do_iconbar();
}
if (do_room_banner == 1) {
wprintf("<div id=\"banner\">\n");
- embed_room_banner(NULL);
+ embed_room_banner(NULL, navbar_default);
wprintf("</div>\n");
}
}
- if (do_room_banner != 2) {
- wprintf("<div id=\"text\">\n");
- }
+ if (do_room_banner == 1) {
+ wprintf("<div id=\"content\">\n");
+
+ if (strlen(WC->ImportantMessage) > 0) {
+ do_template("beginbox_nt");
+ wprintf("<SPAN CLASS=\"errormsg\">"
+ "%s</SPAN><br />\n", WC->ImportantMessage);
+ do_template("endbox");
+ strcpy(WC->ImportantMessage, "");
+ }
- if (strlen(WC->ImportantMessage) > 0) {
- do_template("beginbox_nt");
- wprintf("<SPAN CLASS=\"errormsg\">"
- "%s</SPAN><br />\n", WC->ImportantMessage);
- do_template("endbox");
- strcpy(WC->ImportantMessage, "");
}
}
/*
- *
+ * Generic function to do an HTTP redirect. Easy and fun.
*/
void http_redirect(char *whichpage) {
wprintf("HTTP/1.0 302 Moved Temporarily\n");
-void check_for_express_messages()
+void check_for_instant_messages()
{
char buf[SIZ];
+ lprintf(9, "Checking for instant messages...\n");
serv_puts("NOOP");
serv_gets(buf);
- if (buf[3] == '*') WC->HaveExpressMessages = 1;
+ if (buf[3] == '*') WC->HaveInstantMessages = 1;
+ lprintf(9, "...done\n");
}
fstat(fileno(fp), &statbuf);
bytes = statbuf.st_size;
- lprintf(3, "Static: %s, (%s; %ld bytes)\n", what, content_type, bytes);
+ /* lprintf(3, "Static: %s, (%s; %ld bytes)\n",
+ what, content_type, bytes); */
bigbuffer = malloc(bytes + 2);
fread(bigbuffer, bytes, 1, fp);
fclose(fp);
wprintf("<TABLE WIDTH=100%% BORDER=0 BGCOLOR=\"#%s\"><TR><TD>", titlebarcolor);
wprintf("<SPAN CLASS=\"titlebar\">%s</SPAN>\n", titlebarmsg);
wprintf("</TD></TR></TABLE>\n");
- wprintf("</div><div id=\"text\">\n");
+ wprintf("</div>\n<div id=\"content\">\n");
escputs(messagetext);
wprintf("<hr />\n");
int i;
strcpy(actbuf, cmdbuf);
- if (!strncasecmp(actbuf, "GET /", 5))
- strcpy(actbuf, &actbuf[5]);
- if (!strncasecmp(actbuf, "PUT /", 5))
- strcpy(actbuf, &actbuf[5]);
- if (!strncasecmp(actbuf, "POST /", 6))
- strcpy(actbuf, &actbuf[6]);
+ /*
+ * First strip out the http method
+ */
+ remove_token(actbuf, 0, ' ');
+ if (actbuf[0] == ' ') strcpy(actbuf, &actbuf[1]);
+ if (actbuf[0] == '/') strcpy(actbuf, &actbuf[1]);
+
+ /*
+ * Now kill invalid (for webcit) characters
+ */
for (i = 0; i < strlen(actbuf); ++i) {
if (actbuf[i] == ' ') {
actbuf[i] = 0;
void session_loop(struct httprequest *req)
{
char cmd[SIZ];
+ char method[SIZ];
char action[SIZ];
char buf[SIZ];
int a, b;
int ContentLength = 0;
int BytesRead = 0;
char ContentType[512];
- char *content;
- char *content_end;
+ char *content = NULL;
+ char *content_end = NULL;
struct httprequest *hptr;
char browser_host[SIZ];
char user_agent[SIZ];
- int body_start;
+ int body_start = 0;
/* We stuff these with the values coming from the client cookies,
* so we can use them to reconnect a timed out session if we have to.
char c_username[SIZ];
char c_password[SIZ];
char c_roomname[SIZ];
+ char c_httpauth_string[SIZ];
+ char c_httpauth_user[SIZ];
+ char c_httpauth_pass[SIZ];
char cookie[SIZ];
strcpy(c_username, "");
strcpy(c_password, "");
strcpy(c_roomname, "");
+ strcpy(c_httpauth_string, "");
+ strcpy(c_httpauth_user, DEFAULT_HTTPAUTH_USER);
+ strcpy(c_httpauth_pass, DEFAULT_HTTPAUTH_PASS);
WC->upload_length = 0;
WC->upload = NULL;
strcpy(cmd, hptr->line);
hptr = hptr->next;
+ extract_token(method, cmd, 0, ' ');
extract_action(action, cmd);
while (hptr != NULL) {
cookie_to_stuff(cookie, NULL,
c_username, c_password, c_roomname);
}
+ else if (!strncasecmp(buf, "Authorization: Basic ", 21)) {
+ CtdlDecodeBase64(c_httpauth_string, &buf[21], strlen(&buf[21]));
+ extract_token(c_httpauth_user, c_httpauth_string, 0, ':');
+ extract_token(c_httpauth_pass, c_httpauth_string, 1, ':');
+ }
else if (!strncasecmp(buf, "Content-length: ", 16)) {
ContentLength = atoi(&buf[16]);
}
ContentType, ContentLength);
body_start = strlen(content);
-/***** old version
- BytesRead = 0;
- while (BytesRead < ContentLength) {
- a=read(WC->http_sock, &content[BytesRead+body_start],
- ContentLength - BytesRead);
- if (a <= 0) BytesRead = ContentLength;
- else BytesRead += a;
- }
-*******/
-
- /* Now we're daring and read it all at once. */
- client_read(WC->http_sock, &content[BytesRead+body_start], ContentLength);
+ /* Be daring and read it all at once. */
+ client_read(WC->http_sock, &content[BytesRead+body_start],
+ ContentLength);
if (!strncasecmp(ContentType,
"application/x-www-form-urlencoded", 33)) {
}
#endif
- check_for_express_messages();
+ /*
+ * If we're not logged in, but we have HTTP Authentication data,
+ * try logging in to Citadel using that.
+ */
+ if ((!WC->logged_in)
+ && (strlen(c_httpauth_user) > 0)
+ && (strlen(c_httpauth_pass) > 0)) {
+ serv_printf("USER %s", c_httpauth_user);
+ serv_gets(buf);
+ if (buf[0] == '3') {
+ serv_printf("PASS %s", c_httpauth_pass);
+ serv_gets(buf);
+ if (buf[0] == '2') {
+ become_logged_in(c_httpauth_user,
+ c_httpauth_pass, buf);
+ strcpy(WC->httpauth_user, c_httpauth_user);
+ strcpy(WC->httpauth_pass, c_httpauth_pass);
+ }
+ }
+ }
+
+ /*
+ * The GroupDAV stuff relies on HTTP authentication instead of
+ * our session's authentication.
+ */
+ if (!strncasecmp(action, "groupdav", 8)) {
+ groupdav_main(req, ContentType, /* do GroupDAV methods */
+ ContentLength, content+body_start);
+ if (!WC->logged_in) {
+ WC->killthis = 1; /* If not logged in, don't */
+ } /* keep the session active */
+ goto SKIP_ALL_THIS_CRAP;
+ }
+
+
+ /*
+ * If this isn't a GroupDAV session, it's an ordinary browser
+ * connecting to the user interface. Only allow GET and POST
+ * methods.
+ */
+ if ((strcasecmp(method, "GET")) && (strcasecmp(method, "POST"))) {
+ wprintf("HTTP/1.1 405 Method Not Allowed\r\n");
+ groupdav_common_headers();
+ wprintf("Content-Length: 0\r\n\r\n");
+ goto SKIP_ALL_THIS_CRAP;
+ }
/*
* If we're not logged in, but we have username and password cookies
* supplied by the browser, try using them to log in.
*/
- if ((!WC->logged_in) && (strlen(c_username) > 0) && (strlen(c_password) > 0)) {
+ if ((!WC->logged_in)
+ && (strlen(c_username) > 0)
+ && (strlen(c_password) > 0)) {
serv_printf("USER %s", c_username);
serv_gets(buf);
if (buf[0] == '3') {
}
}
+ /*
+ * If there are instant messages waiting, retrieve them for display.
+ */
+ check_for_instant_messages();
+
if (!strcasecmp(action, "image")) {
output_image();
blank_page();
} else if (!strcasecmp(action, "do_template")) {
url_do_template();
+ } else if (!strcasecmp(action, "display_aide_menu")) {
+ display_aide_menu();
} else if (!strcasecmp(action, "display_main_menu")) {
display_main_menu();
} else if (!strcasecmp(action, "whobbs")) {
display_enter();
} else if (!strcasecmp(action, "post")) {
post_message();
- } else if (!strcasecmp(action, "do_stuff_to_one_msg")) {
- do_stuff_to_one_msg();
} else if (!strcasecmp(action, "move_msg")) {
move_msg();
+ } else if (!strcasecmp(action, "delete_msg")) {
+ delete_msg();
} else if (!strcasecmp(action, "userlist")) {
userlist();
} else if (!strcasecmp(action, "showuser")) {
display_entroom();
} else if (!strcasecmp(action, "entroom")) {
entroom();
+ } else if (!strcasecmp(action, "display_whok")) {
+ display_whok();
+ } else if (!strcasecmp(action, "do_invt_kick")) {
+ do_invt_kick();
} else if (!strcasecmp(action, "display_editroom")) {
display_editroom();
} else if (!strcasecmp(action, "netedit")) {
netedit();
} else if (!strcasecmp(action, "editroom")) {
editroom();
- } else if (!strcasecmp(action, "display_whok")) {
- display_whok();
} else if (!strcasecmp(action, "display_editinfo")) {
display_edit("Room info", "EINF 0", "RINF", "/editinfo", 1);
} else if (!strcasecmp(action, "editinfo")) {
display_edit("Your bio", "NOOP", buf, "editbio", 3);
} else if (!strcasecmp(action, "editbio")) {
save_edit("Your bio", "EBIO", 0);
+ } else if (!strcasecmp(action, "confirm_move_msg")) {
+ confirm_move_msg();
} else if (!strcasecmp(action, "confirm_delete_room")) {
confirm_delete_room();
} else if (!strcasecmp(action, "delete_room")) {
chat_recv();
} else if (!strcasecmp(action, "chat_send")) {
chat_send();
- } else if (!strcasecmp(action, "page_popup")) {
- page_popup();
} else if (!strcasecmp(action, "siteconfig")) {
siteconfig();
} else if (!strcasecmp(action, "display_generic")) {