X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=webcit%2Fwebcit.c;h=22bd92a99f87051e8fade0f53db3c3c003ed947b;hb=fb6f6fa4ec4e3277e30d84326d48e6850822d318;hp=51c7ac73da3eb85f4a4e796d93c272f4253c0dec;hpb=f573ffd76f7b76fe677cff1ba60e17c6b9eddbec;p=citadel.git diff --git a/webcit/webcit.c b/webcit/webcit.c index 51c7ac73d..22bd92a99 100644 --- a/webcit/webcit.c +++ b/webcit/webcit.c @@ -1,29 +1,47 @@ /* - * $Id$ - * * This is the main transaction loop of the web service. It maintains a * persistent session to the Citadel server, handling HTTP WebCit requests as * they arrive and presenting a user interface. + * + * Copyright (c) 1996-2012 by the citadel.org team + * + * This program is open source software. You can redistribute it and/or + * modify it under the terms of the GNU General Public License, version 3. */ + #define SHOW_ME_VAPPEND_PRINTF #include #include #include "webcit.h" -#include "groupdav.h" +#include "dav.h" #include "webserver.h" - -/* - * String to unset the cookie. - * Any date "in the past" will work, so I chose my birthday, right down to - * the exact minute. :) - */ -static char *unset = "; expires=28-May-1971 18:10:00 GMT"; StrBuf *csslocal = NULL; HashList *HandlerHash = NULL; -void WebcitAddUrlHandler(const char * UrlString, - long UrlSLen, +void stuff_to_cookie(int unset_cookie); +extern int GetConnected(void); + + +void PutRequestLocalMem(void *Data, DeleteHashDataFunc DeleteIt) +{ + wcsession *WCC = WC; + int n; + + n = GetCount(WCC->Hdr->HTTPHeaders); + Put(WCC->Hdr->HTTPHeaders, IKEY(n), Data, DeleteIt); +} + +void DeleteWebcitHandler(void *vHandler) +{ + WebcitHandler *Handler = (WebcitHandler*) vHandler; + FreeStrBuf(&Handler->Name); + FreeStrBuf(&Handler->DisplayName); + free (Handler); +} + +void WebcitAddUrlHandler(const char * UrlString, long UrlSLen, + const char *DisplayName, long dslen, WebcitHandlerFunc F, long Flags) { @@ -31,24 +49,45 @@ void WebcitAddUrlHandler(const char * UrlString, NewHandler = (WebcitHandler*) malloc(sizeof(WebcitHandler)); NewHandler->F = F; NewHandler->Flags = Flags; - Put(HandlerHash, UrlString, UrlSLen, NewHandler, NULL); + NewHandler->Name = NewStrBufPlain(UrlString, UrlSLen); + StrBufShrinkToFit(NewHandler->Name, 1); + NewHandler->DisplayName = NewStrBufPlain(DisplayName, dslen); + StrBufShrinkToFit(NewHandler->DisplayName, 1); + Put(HandlerHash, UrlString, UrlSLen, NewHandler, DeleteWebcitHandler); +} + +void tmplput_HANDLER_DISPLAYNAME(StrBuf *Target, WCTemplputParams *TP) +{ + wcsession *WCC = WC; + if (WCC->Hdr->HR.Handler != NULL) + StrBufAppendTemplate(Target, TP, WCC->Hdr->HR.Handler->DisplayName, 0); } /* * web-printing funcion. uses our vsnprintf wrapper */ -void wprintf(const char *format,...) +#ifdef UBER_VERBOSE_DEBUGGING +void wcc_printf(const char *FILE, const char *FUNCTION, long LINE, const char *format,...) +#else +void wc_printf(const char *format,...) +#endif { wcsession *WCC = WC; va_list arg_ptr; if (WCC->WBuf == NULL) WCC->WBuf = NewStrBuf(); +#ifdef UBER_VERBOSE_DEBUGGING + StrBufAppendPrintf(WCC->WBuf, "\n%s:%s:%d[", FILE, FUNCTION, LINE); +#endif va_start(arg_ptr, format); StrBufVAppendPrintf(WCC->WBuf, format, arg_ptr); va_end(arg_ptr); +#ifdef UBER_VERBOSE_DEBUGGING + StrBufAppendPrintf(WCC->WBuf, "]\n"); +#endif } /* @@ -76,8 +115,8 @@ void hprintf(const char *format,...) void wDumpContent(int print_standard_html_footer) { if (print_standard_html_footer) { - wprintf(" \n"); - do_template("trailing", NULL); + wc_printf(" \n"); + do_template("trailing"); } /* If we've been saving it all up for one big output burst, @@ -92,20 +131,14 @@ void wDumpContent(int print_standard_html_footer) /* * Output HTTP headers and leading HTML for a page */ -void output_headers( int do_httpheaders, /* 1 = output HTTP headers */ +void output_headers( int do_httpheaders, /* 1 = output HTTP headers */ int do_htmlhead, /* 1 = output HTML section and opener */ - - int do_room_banner, /* 0=no, 1=yes, - * 2 = I'm going to embed my own, so don't open the - *
either. - */ - + int do_room_banner, /* 1 = include the room banner and
*/ int unset_cookies, /* 1 = session is terminating, so unset the cookies */ - int suppress_check, /* 1 = suppress check for instant messages */ - int cache /* 1 = allow browser to cache this page */ + int suppress_check, /* 1 = suppress check for instant messages */ + int cache /* 1 = allow browser to cache this page */ ) { wcsession *WCC = WC; - char cookie[1024]; char httpnow[128]; hprintf("HTTP/1.1 200 OK\n"); @@ -125,7 +158,7 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers PACKAGE_STRING); } - if (cache) { + if (cache > 0) { char httpTomorow[128]; http_datestring(httpTomorow, sizeof httpTomorow, @@ -146,72 +179,29 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers ); } - stuff_to_cookie(cookie, 1024, - WCC->wc_session, WCC->wc_username, - WCC->wc_password, WCC->wc_roomname); - - if (unset_cookies) { - hprintf("Set-cookie: webcit=%s; path=/\r\n", unset); - } else { - hprintf("Set-cookie: webcit=%s; path=/\r\n", cookie); - if (server_cookie != NULL) { - hprintf("%s\n", server_cookie); - } - } + if (cache < 2) stuff_to_cookie(unset_cookies); if (do_htmlhead) { begin_burst(); - do_template("head", NULL); - - /* check for ImportantMessages (these display in a div overlaying the main screen) */ - if (!IsEmptyStr(WCC->ImportantMessage)) { - wprintf("
\n" - ""); - StrEscAppend(WCC->WBuf, NULL, WCC->ImportantMessage, 0, 0); - wprintf("
\n" - "
\n" - ); - StrBufAppendBufPlain(WCC->trailing_javascript, - HKEY("setTimeout('hide_imsg_popup()', 5000); \n"), - 0 - ); - WCC->ImportantMessage[0] = 0; - } - else if (StrLength(WCC->ImportantMsg) > 0) { - wprintf("
\n" - ""); - StrEscAppend(WCC->WBuf, WCC->ImportantMsg, NULL, 0, 0); - wprintf("
\n" - "
\n" - ); - StrBufAppendBufPlain(WCC->trailing_javascript, - HKEY("setTimeout('hide_imsg_popup()', 5000); \n"), - 0 - ); - FlushStrBuf(WCC->ImportantMsg); - } + do_template("head"); if ( (WCC->logged_in) && (!unset_cookies) ) { - /*DoTemplate(HKEY("iconbar"), NULL, &NoCtx);*/ - page_popup(); + DoTemplate(HKEY("paging"), NULL, &NoCtx); } - - if (do_room_banner == 1) { - wprintf("
\n"); - embed_room_banner(NULL, navbar_default); - wprintf("
\n"); + if (do_room_banner) { + tmplput_roombanner(NULL, NULL); } } - if (do_room_banner == 1) { - wprintf("
\n"); + if (do_room_banner) { + wc_printf("
\n"); } } void output_custom_content_header(const char *ctype) { - hprintf("HTTP/1.1 200 OK\r\n"); - hprintf("Content-type: %s; charset=utf-8\r\n",ctype); - hprintf("Server: %s / %s\r\n", PACKAGE_STRING, ChrPtr(WC->serv_info->serv_software)); - hprintf("Connection: close\r\n"); + hprintf("HTTP/1.1 200 OK\r\n"); + hprintf("Content-type: %s; charset=utf-8\r\n",ctype); + hprintf("Server: %s / %s\r\n", PACKAGE_STRING, ChrPtr(WC->serv_info->serv_software)); + hprintf("Connection: close\r\n"); } @@ -223,26 +213,27 @@ void http_redirect(const char *whichpage) { hprintf("Location: %s\r\n", whichpage); hprintf("URI: %s\r\n", whichpage); hprintf("Content-type: text/html; charset=utf-8\r\n"); - wprintf(""); - wprintf("Go here.", whichpage); - wprintf("\n"); + stuff_to_cookie(0); + begin_burst(); + wc_printf(""); + wc_printf("Go here.", whichpage); + wc_printf("\n"); end_burst(); } /* - * Output a piece of content to the web browser using conformant HTTP and MIME semantics + * Output a piece of content to the web browser using conformant HTTP and MIME semantics. + * + * If this function is called, it is expected that begin_burst() has already been called + * and some sort of content has been fed into the buffer. This function will transmit a + * bunch of headers to the client. end_burst() will add some headers of its own, and then + * transmit the buffered content to the client. */ -void http_transmit_thing(const char *content_type, - int is_static) { - -#ifndef TECH_PREVIEW - lprintf(9, "http_transmit_thing(%s)%s\n", - content_type, - (is_static ? " (static)" : "") - ); -#endif +void http_transmit_thing(const char *content_type, int is_static) +{ + syslog(9, "http_transmit_thing(%s)%s", content_type, ((is_static > 0) ? " (static)" : "")); output_headers(0, 0, 0, 0, 0, is_static); hprintf("Content-type: %s\r\n" @@ -254,41 +245,6 @@ void http_transmit_thing(const char *content_type, end_burst(); } -/* - * print menu box like used in the floor view or admin interface. - * This function takes pair of strings as va_args, - * Title Title string of the box - * Class CSS Class for the box - * nLines How many string pairs should we print? (URL, UrlText) - * ... Pairs of URL Strings and their Names - */ -void print_menu_box(char* Title, char *Class, int nLines, ...) -{ - va_list arg_list; - long i; - - svput("BOXTITLE", WCS_STRING, Title); - do_template("beginboxx", NULL); - - wprintf(""); - - do_template("endbox", NULL); -} - - /* * Convenience functions to display a page containing only a string @@ -300,15 +256,14 @@ void print_menu_box(char* Title, char *Class, int nLines, ...) void convenience_page(const char *titlebarcolor, const char *titlebarmsg, const char *messagetext) { hprintf("HTTP/1.1 200 OK\n"); - output_headers(1, 1, 2, 0, 0, 0); - wprintf("
\n"); - wprintf("
", titlebarcolor); - wprintf("%s\n", titlebarmsg); - wprintf("
\n"); - wprintf("
\n
\n"); + output_headers(1, 1, 1, 0, 0, 0); + wc_printf("
\n"); + wc_printf("
", titlebarcolor); + wc_printf("%s\n", titlebarmsg); + wc_printf("
\n"); + wc_printf("
\n
\n"); escputs(messagetext); - - wprintf("
\n"); + wc_printf("
\n"); wDumpContent(1); } @@ -338,30 +293,46 @@ void url_do_template(void) { /* * convenience function to indicate success */ -void display_success(char *successmessage) +void display_success(const char *successmessage) { convenience_page("007700", "OK", successmessage); } /* - * Authorization required page - * This is probably temporary and should be revisited + * Authorization required page (sends a 401, causing the browser to request login credentials) */ -void authorization_required(const char *message) +void authorization_required(void) { + wcsession *WCC = WC; + const char *message = ""; + hprintf("HTTP/1.1 401 Authorization Required\r\n"); + hprintf( + "Server: %s / %s\r\n" + "Connection: close\r\n", + PACKAGE_STRING, ChrPtr(WC->serv_info->serv_software) + ); hprintf("WWW-Authenticate: Basic realm=\"%s\"\r\n", ChrPtr(WC->serv_info->serv_humannode)); hprintf("Content-Type: text/html\r\n"); - wprintf("

"); - wprintf(_("Authorization Required")); - wprintf("

\r\n"); - wprintf(_("The resource you requested requires a valid username and password. " - "You could not be logged in: %s\n"), message); + begin_burst(); + wc_printf("

"); + wc_printf(_("Authorization Required")); + wc_printf("

\r\n"); + + if (WCC->ImportantMsg != NULL) { + message = ChrPtr(WCC->ImportantMsg); + } + + wc_printf( + _("The resource you requested requires a valid username and password. " + "You could not be logged in: %s\n"), + message + ); wDumpContent(0); - } + /* * Convenience functions to wrap around asynchronous ajax responses */ @@ -369,30 +340,22 @@ void begin_ajax_response(void) { wcsession *WCC = WC; FlushStrBuf(WCC->HBuf); - output_headers(0, 0, 0, 0, 0, 0); + output_headers(0, 0, 0, 0, 0, 0); - hprintf("Content-type: text/html; charset=UTF-8\r\n" - "Server: %s\r\n" - "Connection: close\r\n" + hprintf("Content-type: text/html; charset=UTF-8\r\n" + "Server: %s\r\n" + "Connection: close\r\n" , - PACKAGE_STRING); - begin_burst(); + PACKAGE_STRING); + begin_burst(); } + /* * print ajax response footer */ void end_ajax_response(void) { - wDumpContent(0); -} - - /* If it's a "force 404" situation then display the error and bail. */ -void do_404(void) -{ - hprintf("HTTP/1.1 404 Not found\r\n"); - hprintf("Content-Type: text/plain\r\n"); - wprintf("Not found\r\n"); - end_burst(); + wDumpContent(0); } @@ -407,6 +370,7 @@ void ajax_servcmd(void) char *junk; size_t len; + syslog(LOG_DEBUG, "ajax_servcmd() g_cmd=\"%s\"", bstr("g_cmd") ); begin_ajax_response(); Buf = NewStrBuf(); serv_puts(bstr("g_cmd")); @@ -424,7 +388,8 @@ void ajax_servcmd(void) } case 1: while (!Done) { - StrBuf_ServGetln(Buf); + if (StrBuf_ServGetln(Buf) < 0) + break; if ( (StrLength(Buf)==3) && !strcmp(ChrPtr(Buf), "000")) { Done = 1; @@ -455,7 +420,7 @@ void ajax_servcmd(void) * This is kind of an ugly hack, but this is the only place it can go. * If the command was GEXP, then the instant messenger window must be * running, so reset the "last_pager_check" watchdog timer so - * that page_popup() doesn't try to open it a second time. + * that page_popup() doesn't try to open it a second time. TODO: page_popup isn't with us anymore. */ if (!strncasecmp(bstr("g_cmd"), "GEXP", 4)) { WCC->last_pager_check = time(NULL); @@ -473,96 +438,185 @@ void seconds_since_last_gexp(void) char buf[256]; if ( (time(NULL) - WC->last_pager_check) < 30) { - wprintf("NO\n"); + wc_printf("NO\n"); } else { memset(buf, 0, 5); serv_puts("NOOP"); serv_getln(buf, sizeof buf); if (buf[3] == '*') { - wprintf("YES"); + wc_printf("YES"); } else { - wprintf("NO"); + wc_printf("NO"); + } + } +} + + +/* + * Save a URL destination so we can go to it later + */ +void push_destination(void) { + wcsession *WCC = WC; + + if (!WCC) { + wc_printf("no session"); + return; + } + + FreeStrBuf(&WCC->PushedDestination); + WCC->PushedDestination = NewStrBufDup(SBSTR("url")); + syslog(9, "Push: %s", ChrPtr(WCC->PushedDestination)); + wc_printf("OK"); +} + + +/* + * Go to the URL saved by push_destination() + */ +void pop_destination(void) { + wcsession *WCC = WC; + + /* + * If we are in the middle of a new user signup, the server may request that + * we first pass through a registration screen. + */ + if ((WCC) && (WCC->need_regi)) { + if ((WCC->PushedDestination != NULL) && (StrLength(WCC->PushedDestination) > 0)) { + /* Registering will take us to the My Citadel Config room, so save our place */ + StrBufAppendBufPlain(WCC->PushedDestination, HKEY("?go="), 0); + StrBufUrlescAppend(WCC->PushedDestination, WCC->CurRoom.name, NULL); } + WCC->need_regi = 0; + display_reg(1); + return; + } + + /* + * Do something reasonable if we somehow ended up requesting a pop without + * having first done a push. + */ + if ( (!WCC) || (WCC->PushedDestination == NULL) || (StrLength(WCC->PushedDestination) == 0) ) { + do_welcome(); + return; } + + /* + * All righty then! We have a destination saved, so go there now. + */ + syslog(9, "Pop: %s", ChrPtr(WCC->PushedDestination)); + http_redirect(ChrPtr(WCC->PushedDestination)); } -void ReadPostData(void) +int ReadPostData(void) { - const char *content_end = NULL; - int body_start = 0; + int rc; + int urlencoded_post = 0; wcsession *WCC = WC; StrBuf *content = NULL; - content = NewStrBuf(); + urlencoded_post = (strncasecmp(ChrPtr(WCC->Hdr->HR.ContentType), "application/x-www-form-urlencoded", 33) == 0) ; + + content = NewStrBufPlain(NULL, WCC->Hdr->HR.ContentLength + 256); - StrBufPrintf(content, + if (!urlencoded_post) + { + StrBufPrintf(content, "Content-type: %s\n" - "Content-length: %ld\n\n", - ChrPtr(WCC->Hdr->ContentType), - WCC->Hdr->ContentLength); -/* - hprintf("Content-type: %s\n" - "Content-length: %d\n\n", - ContentType, ContentLength); -*/ - body_start = StrLength(content); + "Content-length: %ld\n\n", + ChrPtr(WCC->Hdr->HR.ContentType), + WCC->Hdr->HR.ContentLength); + } /** Read the entire input data at once. */ - client_read_to(&WCC->Hdr->http_sock, - content, - WCC->Hdr->ReadBuf, &WCC->Hdr->Pos, - WCC->Hdr->ContentLength, - SLEEPING); + rc = client_read_to(WCC->Hdr, content, + WCC->Hdr->HR.ContentLength, + SLEEPING); + if (rc < 0) + return rc; + - if (!strncasecmp(ChrPtr(WCC->Hdr->ContentType), "application/x-www-form-urlencoded", 33)) { - StrBufCutLeft(content, body_start); + if (urlencoded_post) { ParseURLParams(content); - } else if (!strncasecmp(ChrPtr(WCC->Hdr->ContentType), "multipart", 9)) { - content_end = ChrPtr(content) + - WCC->Hdr->ContentLength + - body_start; - mime_parser(ChrPtr(content), content_end, *upload_handler, NULL, NULL, NULL, 0); + } else if (!strncasecmp(ChrPtr(WCC->Hdr->HR.ContentType), "multipart", 9)) { + char *Buf; + char *BufEnd; + long len; + + len = StrLength(content); + Buf = SmashStrBuf(&content); + BufEnd = Buf + len; + mime_parser(Buf, BufEnd, *upload_handler, NULL, NULL, NULL, 0); + free(Buf); + } else if (WCC->Hdr->HR.ContentLength > 0) { + WCC->upload = content; + WCC->upload_length = StrLength(WCC->upload); + content = NULL; } FreeStrBuf(&content); + return 1; } +int Conditional_REST_DEPTH(StrBuf *Target, WCTemplputParams *TP) +{ + long Depth, IsDepth; + long offset = 0; + wcsession *WCC = WC; + + if (WCC->Hdr->HR.Handler != NULL) + offset ++; + Depth = GetTemplateTokenNumber(Target, TP, 2, 0); + IsDepth = GetCount(WCC->Directory) + offset; + +// LogTemplateError(Target, "bla", 1, TP, "REST_DEPTH: %ld : %ld\n", Depth, IsDepth); + if (Depth < 0) { + Depth = -Depth; + return IsDepth > Depth; + } + else + return Depth == IsDepth; +} + + + /* * Entry point for WebCit transaction */ void session_loop(void) { - int Flags = 0; int xhttp; StrBuf *Buf; - char buf[SIZ]; - /* * We stuff these with the values coming from the client cookies, * so we can use them to reconnect a timed out session if we have to. */ wcsession *WCC; - - - Buf = NewStrBuf(); - + WCC= WC; - WCC->upload_length = 0; WCC->upload = NULL; - WCC->is_mobile = 0; - WCC->trailing_javascript = NewStrBuf(); WCC->Hdr->nWildfireHeaders = 0; - if (WCC->Hdr->Handler != NULL) - Flags = WCC->Hdr->Handler->Flags; /* so we can temporarily add our own... */ - if (WCC->Hdr->ContentLength > 0) { - ReadPostData(); + if (WCC->Hdr->HR.ContentLength > 0) { + if (ReadPostData() < 0) { + return; + } + } + + Buf = NewStrBuf(); + WCC->trailing_javascript = NewStrBuf(); + + /* Convert base64-encoded URL's back to plain text */ + if (!strncmp(ChrPtr(WCC->Hdr->this_page), "/B64", 4)) { + StrBufCutLeft(WCC->Hdr->this_page, 4); + StrBufDecodeBase64(WCC->Hdr->this_page); + http_redirect(ChrPtr(WCC->Hdr->this_page)); + goto SKIP_ALL_THIS_CRAP; } /* If there are variables in the URL, we must grab them now */ @@ -571,40 +625,58 @@ void session_loop(void) /* If the client sent a nonce that is incorrect, kill the request. */ if (havebstr("nonce")) { - lprintf(9, "Comparing supplied nonce %s to session nonce %ld\n", - bstr("nonce"), WCC->nonce); + syslog(9, "Comparing supplied nonce %s to session nonce %d", + bstr("nonce"), WCC->nonce + ); if (ibstr("nonce") != WCC->nonce) { - lprintf(9, "Ignoring request with mismatched nonce.\n"); + syslog(9, "Ignoring request with mismatched nonce."); hprintf("HTTP/1.1 404 Security check failed\r\n"); - hprintf("Content-Type: text/plain\r\n\r\n"); - wprintf("Security check failed.\r\n"); + hprintf("Content-Type: text/plain\r\n"); + begin_burst(); + wc_printf("Security check failed.\r\n"); end_burst(); goto SKIP_ALL_THIS_CRAP; } } /* - * If we're not connected to a Citadel server, try to hook up the - * connection now. + * If we're not connected to a Citadel server, try to hook up the connection now. */ if (!WCC->connected) { - if (GetConnected ()) + if (GetConnected()) { + hprintf("HTTP/1.1 503 Service Unavailable\r\n"); + hprintf("Content-Type: text/html\r\n"); + begin_burst(); + wc_printf("503 Service Unavailable\n"); + wc_printf(_("This program was unable to connect or stay " + "connected to the Citadel server. Please report " + "this problem to your system administrator.") + ); + wc_printf("
"); + wc_printf("%s", + _("Read More...") + ); + wc_printf("\n"); + end_burst(); goto SKIP_ALL_THIS_CRAP; + } } - /* - * If we're not logged in, but we have HTTP Authentication data, - * try logging in to Citadel using that. + * If we're not logged in, but we have authentication data (either from + * a cookie or from http-auth), try logging in to Citadel using that. */ - if ((!WCC->logged_in) - && (StrLength(WCC->Hdr->c_username) > 0) - && (StrLength(WCC->Hdr->c_password) > 0)) - { + if ( (!WCC->logged_in) + && (StrLength(WCC->Hdr->c_username) > 0) + && (StrLength(WCC->Hdr->c_password) > 0) + ) { + long Status; + FlushStrBuf(Buf); serv_printf("USER %s", ChrPtr(WCC->Hdr->c_username)); StrBuf_ServGetln(Buf); - if (GetServerStatus(Buf, NULL) == 3) { + if (GetServerStatus(Buf, &Status) == 3) { serv_printf("PASS %s", ChrPtr(WCC->Hdr->c_password)); StrBuf_ServGetln(Buf); if (GetServerStatus(Buf, NULL) == 2) { @@ -612,66 +684,138 @@ void session_loop(void) WCC->Hdr->c_password, Buf); } else { /* Should only display when password is wrong */ - authorization_required(&buf[4]); + WCC->ImportantMsg = NewStrBufPlain(ChrPtr(Buf) + 4, StrLength(Buf) - 4); + authorization_required(); FreeStrBuf(&Buf); goto SKIP_ALL_THIS_CRAP; } } + else if (Status == 541) { + WCC->logged_in = 1; + } } - xhttp = (WCC->Hdr->eReqType != eGET) && - (WCC->Hdr->eReqType != ePOST) && - (WCC->Hdr->eReqType != eHEAD); + xhttp = (WCC->Hdr->HR.eReqType != eGET) && + (WCC->Hdr->HR.eReqType != ePOST) && + (WCC->Hdr->HR.eReqType != eHEAD); /* - * If we're not logged in, but we have username and password cookies - * supplied by the browser, try using them to log in. + * If a 'go' (or 'gotofirst') parameter has been specified, attempt to goto that room + * prior to doing anything else. */ - if ((!WCC->logged_in) - && (StrLength(WCC->Hdr->c_username)>0) - && (StrLength(WCC->Hdr->c_password)>0)) { - ReEstablish_Session(); + if (havebstr("go")) { + int ret; + syslog(9, "Explicit room selection: %s", bstr("go")); + ret = gotoroom(sbstr("go")); /* do quietly to avoid session output! */ + if ((ret/100) != 2) { + syslog(1, "Unable to change to [%s]; Reason: %d", bstr("go"), ret); + } + } + else if (havebstr("gotofirst")) { + int ret; + syslog(9, "Explicit room selection: %s", bstr("gotofirst")); + ret = gotoroom(sbstr("gotofirst")); /* do quietly to avoid session output! */ + if ((ret/100) != 2) { + syslog(1, "Unable to change to [%s]; Reason: %d", bstr("gotofirst"), ret); + } } /* - * If a 'gotofirst' parameter has been specified, attempt to goto that room - * prior to doing anything else. + * If we aren't in any room yet, but we have cookie data telling us where we're + * supposed to be, and 'go' was not specified, then go there. */ - if (havebstr("gotofirst")) { + else if ( (StrLength(WCC->CurRoom.name) == 0) && ( (StrLength(WCC->Hdr->c_roomname) > 0) )) { int ret; - ret = gotoroom(sbstr("gotofirst")); /* do this quietly to avoid session output! */ - if (ret != 0) - lprintf(1, "GOTOFIRST: Unable to change to [%s]; Reason: %d\n", bstr("gotofirst"), ret); + + syslog(9, "We are in '%s' but cookie indicates '%s', going there...", + ChrPtr(WCC->CurRoom.name), + ChrPtr(WCC->Hdr->c_roomname) + ); + ret = gotoroom(WCC->Hdr->c_roomname); /* do quietly to avoid session output! */ + if ((ret/100) != 2) { + syslog(1, "COOKIEGOTO: Unable to change to [%s]; Reason: %d", + ChrPtr(WCC->Hdr->c_roomname), ret); + } } - if (WCC->Hdr->Handler != NULL) { - if (!WCC->logged_in && ((WCC->Hdr->Handler->Flags & ANONYMOUS) == 0)) { - display_login(NULL); + if (WCC->Hdr->HR.Handler != NULL) { + if ( (!WCC->logged_in) + && ((WCC->Hdr->HR.Handler->Flags & ANONYMOUS) == 0) + && (WCC->serv_info->serv_supports_guest == 0) + ) { + display_login(); } else { - if ((WCC->Hdr->Handler->Flags & AJAX) != 0) + if ((WCC->Hdr->HR.Handler->Flags & AJAX) != 0) { begin_ajax_response(); - WCC->Hdr->Handler->F(); - if ((WCC->Hdr->Handler->Flags & AJAX) != 0) + } + WCC->Hdr->HR.Handler->F(); + if ((WCC->Hdr->HR.Handler->Flags & AJAX) != 0) { end_ajax_response(); + } } } - /* When all else fais, display the main menu. */ + /* When all else fails, display the default landing page or a main menu. */ else { - if (!WCC->logged_in) - display_login(NULL); - else - display_main_menu(); + /* + * ordinary browser users get a nice login screen, DAV etc. requsets + * are given a 401 so they can handle it appropriate. + */ + if (!WCC->logged_in) { + if (xhttp) { + authorization_required(); + } + else { + display_default_landing_page(); + } + } + /* + * Toplevel dav requests? or just a flat browser request? + */ + else { + if (xhttp) { + dav_main(); + } + else { + display_main_menu(); + } + } } SKIP_ALL_THIS_CRAP: - if (WCC->SavePrefsToServer) { - save_preferences(); - WCC->SavePrefsToServer = 0; - } FreeStrBuf(&Buf); fflush(stdout); - WCC->Hdr->http_host = NULL; +} + + + +/* + * Display the appropriate landing page for this site. + */ +void display_default_landing_page(void) { + wcsession *WCC = WC; + + if (WCC && WCC->serv_info && WCC->serv_info->serv_supports_guest) { + /* default action */ + + if (havebstr("go")) { + syslog(9, "Explicit room selection: %s", bstr("go")); + StrBuf *teh_room = NewStrBufPlain(bstr("go"), strlen(bstr("go"))); + smart_goto(teh_room); + FreeStrBuf(&teh_room); + } + else if (default_landing_page) { + http_redirect(default_landing_page); + } + else { + StrBuf *teh_lobby = NewStrBufPlain(HKEY("_BASEROOM_")); + smart_goto(teh_lobby); + FreeStrBuf(&teh_lobby); + } + } + else { + display_login(); + } } @@ -687,13 +831,27 @@ void sleeeeeeeeeep(int seconds) select(0, NULL, NULL, NULL, &tv); } +int Conditional_IS_HTTPS(StrBuf *Target, WCTemplputParams *TP) +{ + return is_https != 0; +} + +void AppendImportantMessage(const char *pch, long len) +{ + wcsession *WCC = WC; + + if (StrLength(WCC->ImportantMsg) > 0) { + StrBufAppendBufPlain(WCC->ImportantMsg, HKEY("\n"), 0); + } + + StrBufAppendBufPlain(WCC->ImportantMsg, pch, len, 0); +} int ConditionalImportantMesage(StrBuf *Target, WCTemplputParams *TP) { wcsession *WCC = WC; if (WCC != NULL) - return ((!IsEmptyStr(WCC->ImportantMessage)) || - (StrLength(WCC->ImportantMsg) > 0)); + return (StrLength(WCC->ImportantMsg) > 0); else return 0; } @@ -703,11 +861,7 @@ void tmplput_importantmessage(StrBuf *Target, WCTemplputParams *TP) wcsession *WCC = WC; if (WCC != NULL) { - if (!IsEmptyStr(WCC->ImportantMessage)) { - StrEscAppend(Target, NULL, WCC->ImportantMessage, 0, 0); - WCC->ImportantMessage[0] = '\0'; - } - else if (StrLength(WCC->ImportantMsg) > 0) { + if (StrLength(WCC->ImportantMsg) > 0) { StrEscAppend(Target, WCC->ImportantMsg, NULL, 0, 0); FlushStrBuf(WCC->ImportantMsg); } @@ -728,6 +882,12 @@ void tmplput_csslocal(StrBuf *Target, WCTemplputParams *TP) csslocal, 0); } +void tmplput_packagestring(StrBuf *Target, WCTemplputParams *TP) +{ + StrBufAppendBufPlain(Target, + HKEY(PACKAGE_STRING), 0); +} + extern char static_local_dir[PATH_MAX]; @@ -736,27 +896,34 @@ InitModule_WEBCIT (void) { char dir[SIZ]; - WebcitAddUrlHandler(HKEY("404"), do_404, ANONYMOUS|COOKIEUNNEEDED); - WebcitAddUrlHandler(HKEY("blank"), blank_page, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC); - - - WebcitAddUrlHandler(HKEY("blank"), blank_page, ANONYMOUS); - WebcitAddUrlHandler(HKEY("do_template"), url_do_template, ANONYMOUS); - WebcitAddUrlHandler(HKEY("sslg"), seconds_since_last_gexp, AJAX|LOGCHATTY); - WebcitAddUrlHandler(HKEY("ajax_servcmd"), ajax_servcmd, 0); - + WebcitAddUrlHandler(HKEY("blank"), "", 0, blank_page, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC); + WebcitAddUrlHandler(HKEY("landing"), "", 0, display_default_landing_page, ANONYMOUS|COOKIEUNNEEDED); + WebcitAddUrlHandler(HKEY("do_template"), "", 0, url_do_template, ANONYMOUS); + WebcitAddUrlHandler(HKEY("sslg"), "", 0, seconds_since_last_gexp, AJAX|LOGCHATTY); + WebcitAddUrlHandler(HKEY("ajax_servcmd"), "", 0, ajax_servcmd, 0); + WebcitAddUrlHandler(HKEY("webcit"), "", 0, blank_page, URLNAMESPACE); + WebcitAddUrlHandler(HKEY("push"), "", 0, push_destination, AJAX); + WebcitAddUrlHandler(HKEY("pop"), "", 0, pop_destination, 0); + + WebcitAddUrlHandler(HKEY("401"), "", 0, authorization_required, ANONYMOUS|COOKIEUNNEEDED); RegisterConditional(HKEY("COND:IMPMSG"), 0, ConditionalImportantMesage, CTX_NONE); - RegisterNamespace("CSSLOCAL", 0, 0, tmplput_csslocal, CTX_NONE); - RegisterNamespace("IMPORTANTMESSAGE", 0, 0, tmplput_importantmessage, CTX_NONE); - RegisterNamespace("TRAILING_JAVASCRIPT", 0, 0, tmplput_trailing_javascript, CTX_NONE); + RegisterConditional(HKEY("COND:REST:DEPTH"), 0, Conditional_REST_DEPTH, CTX_NONE); + RegisterConditional(HKEY("COND:IS_HTTPS"), 0, Conditional_IS_HTTPS, CTX_NONE); + + RegisterNamespace("CSSLOCAL", 0, 0, tmplput_csslocal, NULL, CTX_NONE); + RegisterNamespace("IMPORTANTMESSAGE", 0, 0, tmplput_importantmessage, NULL, CTX_NONE); + RegisterNamespace("TRAILING_JAVASCRIPT", 0, 0, tmplput_trailing_javascript, NULL, CTX_NONE); + RegisterNamespace("URL:DISPLAYNAME", 0, 1, tmplput_HANDLER_DISPLAYNAME, NULL, CTX_NONE); + RegisterNamespace("PACKAGESTRING", 0, 1, tmplput_packagestring, NULL, CTX_NONE); - snprintf(dir, SIZ, "%s/static.local/webcit.css", static_local_dir); + + snprintf(dir, SIZ, "%s/webcit.css", static_local_dir); if (!access(dir, R_OK)) { - lprintf(9, "Using local Stylesheet [%s]\n", dir); - csslocal = NewStrBufPlain(HKEY("")); + syslog(9, "Using local Stylesheet [%s]", dir); + csslocal = NewStrBufPlain(HKEY("")); } else - lprintf(9, "Didn't find site local Stylesheet [%s]\n", dir); + syslog(9, "No Site-local Stylesheet [%s] installed.", dir); } @@ -783,19 +950,19 @@ SessionNewModule_WEBCIT (wcsession *sess) { sess->ImportantMsg = NewStrBuf(); - sess->WBuf = NewStrBuf(); - sess->HBuf = NewStrBuf(); + sess->WBuf = NewStrBufPlain(NULL, SIZ * 4); + sess->HBuf = NewStrBufPlain(NULL, SIZ / 4); } void SessionDetachModule_WEBCIT (wcsession *sess) { - DeleteHash(&sess->Hdr->urlstrings);// TODO? - if (sess->upload_length > 0) { - free(sess->upload); - sess->upload_length = 0; - } + DeleteHash(&sess->Directory); + + FreeStrBuf(&sess->upload); + sess->upload_length = 0; + FreeStrBuf(&sess->trailing_javascript); if (StrLength(sess->WBuf) > SIZ * 30) /* Bigger than 120K? release. */ @@ -815,5 +982,6 @@ SessionDestroyModule_WEBCIT FreeStrBuf(&sess->WBuf); FreeStrBuf(&sess->HBuf); FreeStrBuf(&sess->ImportantMsg); + FreeStrBuf(&sess->PushedDestination); }