X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=webcit%2Fwebcit.c;h=e88ebf0063a72ecf8782189dfd368cf4d6442067;hb=1a9e08616fa839db9a46a4f2c6d9e34420150b81;hp=4908d44f436f7a93b270d50f5b98142ed98b05ae;hpb=57eba726fbad7b16f7b9624e9d01f16eaccb35b2;p=citadel.git diff --git a/webcit/webcit.c b/webcit/webcit.c index 4908d44f4..e88ebf006 100644 --- a/webcit/webcit.c +++ b/webcit/webcit.c @@ -13,12 +13,6 @@ #include "webserver.h" -/* - * String to unset the cookie. - * Any date "in the past" will work, so I chose my birthday, right down to - * the exact minute. :) - */ -static char *unset = "; expires=28-May-1971 18:10:00 GMT"; StrBuf *csslocal = NULL; HashList *HandlerHash = NULL; @@ -27,12 +21,12 @@ void DeleteWebcitHandler(void *vHandler) { WebcitHandler *Handler = (WebcitHandler*) vHandler; FreeStrBuf(&Handler->Name); + FreeStrBuf(&Handler->DisplayName); free (Handler); - } -void WebcitAddUrlHandler(const char * UrlString, - long UrlSLen, +void WebcitAddUrlHandler(const char * UrlString, long UrlSLen, + const char *DisplayName, long dslen, WebcitHandlerFunc F, long Flags) { @@ -41,14 +35,22 @@ void WebcitAddUrlHandler(const char * UrlString, NewHandler->F = F; NewHandler->Flags = Flags; NewHandler->Name = NewStrBufPlain(UrlString, UrlSLen); + StrBufShrinkToFit(NewHandler->Name, 1); + NewHandler->DisplayName = NewStrBufPlain(DisplayName, dslen); + StrBufShrinkToFit(NewHandler->DisplayName, 1); Put(HandlerHash, UrlString, UrlSLen, NewHandler, DeleteWebcitHandler); } - +void tmplput_HANDLER_DISPLAYNAME(StrBuf *Target, WCTemplputParams *TP) +{ + wcsession *WCC = WC; + if (WCC->Hdr->HR.Handler != NULL) + StrBufAppendTemplate(Target, TP, WCC->Hdr->HR.Handler->DisplayName, 0); +} /* * web-printing funcion. uses our vsnprintf wrapper */ -void wprintf(const char *format,...) +void wc_printf(const char *format,...) { wcsession *WCC = WC; va_list arg_ptr; @@ -86,7 +88,7 @@ void hprintf(const char *format,...) void wDumpContent(int print_standard_html_footer) { if (print_standard_html_footer) { - wprintf(" \n"); + wc_printf(" \n"); do_template("trailing", NULL); } @@ -115,7 +117,6 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers int cache /* 1 = allow browser to cache this page */ ) { wcsession *WCC = WC; - char cookie[1024]; char httpnow[128]; hprintf("HTTP/1.1 200 OK\n"); @@ -135,7 +136,7 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers PACKAGE_STRING); } - if (cache) { + if (cache > 0) { char httpTomorow[128]; http_datestring(httpTomorow, sizeof httpTomorow, @@ -156,18 +157,7 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers ); } - stuff_to_cookie(cookie, 1024, - WCC->wc_session, WCC->wc_username, - WCC->wc_password, WCC->wc_roomname); - - if (unset_cookies) { - hprintf("Set-cookie: webcit=%s; path=/\r\n", unset); - } else { - hprintf("Set-cookie: webcit=%s; path=/\r\n", cookie); - if (server_cookie != NULL) { - hprintf("%s\n", server_cookie); - } - } + if (cache < 2) stuff_to_cookie(unset_cookies); if (do_htmlhead) { begin_burst(); @@ -175,10 +165,10 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers /* check for ImportantMessages (these display in a div overlaying the main screen) */ if (!IsEmptyStr(WCC->ImportantMessage)) { - wprintf("
\n" + wc_printf("
\n" ""); StrEscAppend(WCC->WBuf, NULL, WCC->ImportantMessage, 0, 0); - wprintf("
\n" + wc_printf("
\n" "
\n" ); StrBufAppendBufPlain(WCC->trailing_javascript, @@ -188,10 +178,10 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers WCC->ImportantMessage[0] = 0; } else if (StrLength(WCC->ImportantMsg) > 0) { - wprintf("
\n" + wc_printf("
\n" ""); StrEscAppend(WCC->WBuf, WCC->ImportantMsg, NULL, 0, 0); - wprintf("
\n" + wc_printf("
\n" "
\n" ); StrBufAppendBufPlain(WCC->trailing_javascript, @@ -201,19 +191,18 @@ void output_headers( int do_httpheaders, /* 1 = output HTTP headers FlushStrBuf(WCC->ImportantMsg); } if ( (WCC->logged_in) && (!unset_cookies) ) { - /*DoTemplate(HKEY("iconbar"), NULL, &NoCtx);*/ - page_popup(); + DoTemplate(HKEY("paging"), NULL, &NoCtx); } if (do_room_banner == 1) { - wprintf("
\n"); + wc_printf("
\n"); embed_room_banner(NULL, navbar_default); - wprintf("
\n"); + wc_printf("
\n"); } } if (do_room_banner == 1) { - wprintf("
\n"); + wc_printf("
\n"); } } @@ -233,9 +222,10 @@ void http_redirect(const char *whichpage) { hprintf("Location: %s\r\n", whichpage); hprintf("URI: %s\r\n", whichpage); hprintf("Content-type: text/html; charset=utf-8\r\n"); - wprintf(""); - wprintf("Go here.", whichpage); - wprintf("\n"); + begin_burst(); + wc_printf(""); + wc_printf("Go here.", whichpage); + wc_printf("\n"); end_burst(); } @@ -250,7 +240,7 @@ void http_transmit_thing(const char *content_type, #ifndef TECH_PREVIEW lprintf(9, "http_transmit_thing(%s)%s\n", content_type, - (is_static ? " (static)" : "") + ((is_static > 0) ? " (static)" : "") ); #endif output_headers(0, 0, 0, 0, 0, is_static); @@ -264,41 +254,6 @@ void http_transmit_thing(const char *content_type, end_burst(); } -/* - * print menu box like used in the floor view or admin interface. - * This function takes pair of strings as va_args, - * Title Title string of the box - * Class CSS Class for the box - * nLines How many string pairs should we print? (URL, UrlText) - * ... Pairs of URL Strings and their Names - */ -void print_menu_box(char* Title, char *Class, int nLines, ...) -{ - va_list arg_list; - long i; - - svput("BOXTITLE", WCS_STRING, Title); - do_template("beginboxx", NULL); - - wprintf(""); - - do_template("endbox", NULL); -} - - /* * Convenience functions to display a page containing only a string @@ -311,14 +266,14 @@ void convenience_page(const char *titlebarcolor, const char *titlebarmsg, const { hprintf("HTTP/1.1 200 OK\n"); output_headers(1, 1, 2, 0, 0, 0); - wprintf("
\n"); - wprintf("
", titlebarcolor); - wprintf("%s\n", titlebarmsg); - wprintf("
\n"); - wprintf("
\n
\n"); + wc_printf("
\n"); + wc_printf("
", titlebarcolor); + wc_printf("%s\n", titlebarmsg); + wc_printf("
\n"); + wc_printf("
\n
\n"); escputs(messagetext); - wprintf("
\n"); + wc_printf("
\n"); wDumpContent(1); } @@ -358,18 +313,34 @@ void display_success(char *successmessage) * Authorization required page * This is probably temporary and should be revisited */ -void authorization_required(const char *message) +void authorization_required(void) { + wcsession *WCC = WC; + const char *message = ""; + hprintf("HTTP/1.1 401 Authorization Required\r\n"); + hprintf( + "Server: %s / %s\r\n" + "Connection: close\r\n", + PACKAGE_STRING, ChrPtr(WC->serv_info->serv_software) + ); hprintf("WWW-Authenticate: Basic realm=\"%s\"\r\n", ChrPtr(WC->serv_info->serv_humannode)); hprintf("Content-Type: text/html\r\n"); - wprintf("

"); - wprintf(_("Authorization Required")); - wprintf("

\r\n"); - wprintf(_("The resource you requested requires a valid username and password. " + begin_burst(); + wc_printf("

"); + wc_printf(_("Authorization Required")); + wc_printf("

\r\n"); + + + if (WCC->ImportantMsg != NULL) + message = ChrPtr(WCC->ImportantMsg); + else if (WCC->ImportantMessage != NULL) + message = WCC->ImportantMessage; + + wc_printf(_("The resource you requested requires a valid username and password. " "You could not be logged in: %s\n"), message); wDumpContent(0); - + end_webcit_session(); } /* @@ -396,14 +367,6 @@ void end_ajax_response(void) { wDumpContent(0); } - /* If it's a "force 404" situation then display the error and bail. */ -void do_404(void) -{ - hprintf("HTTP/1.1 404 Not found\r\n"); - hprintf("Content-Type: text/plain\r\n"); - wprintf("Not found\r\n"); - end_burst(); -} /* @@ -483,17 +446,17 @@ void seconds_since_last_gexp(void) char buf[256]; if ( (time(NULL) - WC->last_pager_check) < 30) { - wprintf("NO\n"); + wc_printf("NO\n"); } else { memset(buf, 0, 5); serv_puts("NOOP"); serv_getln(buf, sizeof buf); if (buf[3] == '*') { - wprintf("YES"); + wc_printf("YES"); } else { - wprintf("NO"); + wc_printf("NO"); } } } @@ -502,18 +465,17 @@ void seconds_since_last_gexp(void) void ReadPostData(void) { - const char *content_end = NULL; int body_start = 0; wcsession *WCC = WC; StrBuf *content = NULL; - content = NewStrBuf(); + content = NewStrBufPlain(NULL, WCC->Hdr->HR.ContentLength + 256); StrBufPrintf(content, "Content-type: %s\n" "Content-length: %ld\n\n", - ChrPtr(WCC->Hdr->ContentType), - WCC->Hdr->ContentLength); + ChrPtr(WCC->Hdr->HR.ContentType), + WCC->Hdr->HR.ContentLength); /* hprintf("Content-type: %s\n" "Content-length: %d\n\n", @@ -522,25 +484,96 @@ void ReadPostData(void) body_start = StrLength(content); /** Read the entire input data at once. */ - client_read_to(&WCC->Hdr->http_sock, - content, - WCC->Hdr->ReadBuf, &WCC->Hdr->Pos, - WCC->Hdr->ContentLength, + client_read_to(WCC->Hdr, content, + WCC->Hdr->HR.ContentLength, SLEEPING); - if (!strncasecmp(ChrPtr(WCC->Hdr->ContentType), "application/x-www-form-urlencoded", 33)) { + if (!strncasecmp(ChrPtr(WCC->Hdr->HR.ContentType), "application/x-www-form-urlencoded", 33)) { StrBufCutLeft(content, body_start); ParseURLParams(content); - } else if (!strncasecmp(ChrPtr(WCC->Hdr->ContentType), "multipart", 9)) { - content_end = ChrPtr(content) + - WCC->Hdr->ContentLength + - body_start; - mime_parser(ChrPtr(content), content_end, *upload_handler, NULL, NULL, NULL, 0); + } else if (!strncasecmp(ChrPtr(WCC->Hdr->HR.ContentType), "multipart", 9)) { + char *Buf; + char *BufEnd; + long len; + + len = StrLength(content); + Buf = SmashStrBuf(&content); + BufEnd = Buf + len; + mime_parser(Buf, BufEnd, *upload_handler, NULL, NULL, NULL, 0); + free(Buf); + } else if (WCC->Hdr->HR.ContentLength > 0) { + WCC->upload = content; + WCC->upload_length = StrLength(WCC->upload); + content = NULL; } FreeStrBuf(&content); } +void ParseREST_URL(void) +{ + StrBuf *Buf; + StrBuf *pFloor = NULL; + wcsession *WCC = WC; + long i = 0; + const char *pCh = NULL; + HashList *Floors; + void *vFloor; + + lprintf(1, "parsing rest URL: %s\n", ChrPtr(WCC->Hdr->HR.ReqLine)); + + WCC->Directory = NewHash(1, Flathash); + WCC->CurrentFloor = NULL; + + Buf = NewStrBuf(); + while (StrBufExtract_NextToken(Buf, WCC->Hdr->HR.ReqLine, &pCh, '/') >= 0) + { + if (StrLength(Buf) != 0) { + /* ignore empty path segments */ + StrBufUnescape(Buf, 1); + Put(WCC->Directory, IKEY(i), Buf, HFreeStrBuf); + if (i==0) + pFloor = Buf; + Buf = NewStrBuf(); + } + i++; + } + + FreeStrBuf(&Buf); + if (pFloor != NULL) + { + Floors = GetFloorListHash(NULL, NULL); + + if (Floors != NULL) + { + if (GetHash(WCC->FloorsByName, SKEY(pFloor), &vFloor)) + WCC->CurrentFloor = (Floor*) vFloor; + } + } +} + +int Conditional_REST_DEPTH(StrBuf *Target, WCTemplputParams *TP) +{ + long Depth, IsDepth; + long offset = 0; + wcsession *WCC = WC; + + if (WCC->Hdr->HR.Handler != NULL) + offset ++; + Depth = GetTemplateTokenNumber(Target, TP, 2, 0); + IsDepth = GetCount(WCC->Directory) + offset; + +// LogTemplateError(Target, "bla", 1, TP, "REST_DEPTH: %ld : %ld\n", Depth, IsDepth); + if (Depth < 0) { + Depth = -Depth; + return IsDepth > Depth; + } + else + return Depth == IsDepth; +} + + + /* * Entry point for WebCit transaction */ @@ -550,8 +583,6 @@ void session_loop(void) int xhttp; StrBuf *Buf; - char buf[SIZ]; - /* * We stuff these with the values coming from the client cookies, * so we can use them to reconnect a timed out session if we have to. @@ -568,10 +599,10 @@ void session_loop(void) WCC->is_mobile = 0; WCC->trailing_javascript = NewStrBuf(); WCC->Hdr->nWildfireHeaders = 0; - if (WCC->Hdr->Handler != NULL) - Flags = WCC->Hdr->Handler->Flags; /* so we can temporarily add our own... */ + if (WCC->Hdr->HR.Handler != NULL) + Flags = WCC->Hdr->HR.Handler->Flags; /* so we can temporarily add our own... */ - if (WCC->Hdr->ContentLength > 0) { + if (WCC->Hdr->HR.ContentLength > 0) { ReadPostData(); } @@ -586,8 +617,9 @@ void session_loop(void) if (ibstr("nonce") != WCC->nonce) { lprintf(9, "Ignoring request with mismatched nonce.\n"); hprintf("HTTP/1.1 404 Security check failed\r\n"); - hprintf("Content-Type: text/plain\r\n\r\n"); - wprintf("Security check failed.\r\n"); + hprintf("Content-Type: text/plain\r\n"); + begin_burst(); + wc_printf("Security check failed.\r\n"); end_burst(); goto SKIP_ALL_THIS_CRAP; } @@ -604,8 +636,8 @@ void session_loop(void) /* - * If we're not logged in, but we have HTTP Authentication data, - * try logging in to Citadel using that. + * If we're not logged in, but we have authentication data (either from + * a cookie or from http-auth), try logging in to Citadel using that. */ if ((!WCC->logged_in) && (StrLength(WCC->Hdr->c_username) > 0) @@ -622,66 +654,91 @@ void session_loop(void) WCC->Hdr->c_password, Buf); } else { /* Should only display when password is wrong */ - authorization_required(&buf[4]); + WCC->ImportantMsg = NewStrBufPlain(ChrPtr(Buf) + 4, StrLength(Buf) - 4); + authorization_required(); FreeStrBuf(&Buf); goto SKIP_ALL_THIS_CRAP; } } } - xhttp = (WCC->Hdr->eReqType != eGET) && - (WCC->Hdr->eReqType != ePOST) && - (WCC->Hdr->eReqType != eHEAD); + xhttp = (WCC->Hdr->HR.eReqType != eGET) && + (WCC->Hdr->HR.eReqType != ePOST) && + (WCC->Hdr->HR.eReqType != eHEAD); /* - * If we're not logged in, but we have username and password cookies - * supplied by the browser, try using them to log in. + * If a 'gotofirst' parameter has been specified, attempt to goto that room + * prior to doing anything else. */ - if ((!WCC->logged_in) - && (StrLength(WCC->Hdr->c_username)>0) - && (StrLength(WCC->Hdr->c_password)>0)) { - ReEstablish_Session(); + if (havebstr("gotofirst")) { + int ret; + ret = gotoroom(sbstr("gotofirst")); /* do quietly to avoid session output! */ + if ((ret/100) != 2) { + lprintf(1, "GOTOFIRST: Unable to change to [%s]; Reason: %d\n", + bstr("gotofirst"), ret); + } } /* - * If a 'gotofirst' parameter has been specified, attempt to goto that room - * prior to doing anything else. + * If we aren't in any room yet, but we have cookie data telling us where we're + * supposed to be, and 'gotofirst' was not specified, then go there. */ - if (havebstr("gotofirst")) { + else if ( (StrLength(WCC->CurRoom.name) == 0) && ( (StrLength(WCC->Hdr->c_roomname) > 0) )) { int ret; - ret = gotoroom(sbstr("gotofirst")); /* do this quietly to avoid session output! */ - if (ret != 0) - lprintf(1, "GOTOFIRST: Unable to change to [%s]; Reason: %d\n", bstr("gotofirst"), ret); + + lprintf(9, "We are in '%s' but cookie indicates '%s', going there...\n", + ChrPtr(WCC->CurRoom.name), + ChrPtr(WCC->Hdr->c_roomname) + ); + ret = gotoroom(WCC->Hdr->c_roomname); /* do quietly to avoid session output! */ + if ((ret/100) != 2) { + lprintf(1, "COOKIEGOTO: Unable to change to [%s]; Reason: %d\n", + ChrPtr(WCC->Hdr->c_roomname), ret); + } } - if (WCC->Hdr->Handler != NULL) { - if (!WCC->logged_in && ((WCC->Hdr->Handler->Flags & ANONYMOUS) == 0)) { + if (WCC->Hdr->HR.Handler != NULL) { + if (!WCC->logged_in && ((WCC->Hdr->HR.Handler->Flags & ANONYMOUS) == 0)) { display_login(NULL); } else { - if ((WCC->Hdr->Handler->Flags & AJAX) != 0) +/* + if ((WCC->Hdr->HR.Handler->Flags & PARSE_REST_URL) != 0) + ParseREST_URL(); +*/ + if ((WCC->Hdr->HR.Handler->Flags & AJAX) != 0) begin_ajax_response(); - WCC->Hdr->Handler->F(); - if ((WCC->Hdr->Handler->Flags & AJAX) != 0) + WCC->Hdr->HR.Handler->F(); + if ((WCC->Hdr->HR.Handler->Flags & AJAX) != 0) end_ajax_response(); } } /* When all else fais, display the main menu. */ else { - if (!WCC->logged_in) - display_login(NULL); - else - display_main_menu(); + /* + * ordinary browser users get a nice login screen, DAV etc. requsets + * are given a 401 so they can handle it appropriate. + */ + if (!WCC->logged_in) { + if (xhttp) + authorization_required(); + else + display_login(NULL); + } + /* + * Toplevel dav requests? or just a flat browser request? + */ + else { + if (xhttp) + groupdav_main(); + else + display_main_menu(); + } } SKIP_ALL_THIS_CRAP: - if (WCC->SavePrefsToServer) { - save_preferences(); - WCC->SavePrefsToServer = 0; - } FreeStrBuf(&Buf); fflush(stdout); - WCC->Hdr->http_host = NULL; } @@ -746,27 +803,28 @@ InitModule_WEBCIT (void) { char dir[SIZ]; - WebcitAddUrlHandler(HKEY("404"), do_404, ANONYMOUS|COOKIEUNNEEDED); - WebcitAddUrlHandler(HKEY("blank"), blank_page, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC); - - - WebcitAddUrlHandler(HKEY("blank"), blank_page, ANONYMOUS); - WebcitAddUrlHandler(HKEY("do_template"), url_do_template, ANONYMOUS); - WebcitAddUrlHandler(HKEY("sslg"), seconds_since_last_gexp, AJAX|LOGCHATTY); - WebcitAddUrlHandler(HKEY("ajax_servcmd"), ajax_servcmd, 0); + WebcitAddUrlHandler(HKEY("blank"), "", 0, blank_page, ANONYMOUS|COOKIEUNNEEDED|ISSTATIC); + WebcitAddUrlHandler(HKEY("do_template"), "", 0, url_do_template, ANONYMOUS); + WebcitAddUrlHandler(HKEY("sslg"), "", 0, seconds_since_last_gexp, AJAX|LOGCHATTY); + WebcitAddUrlHandler(HKEY("ajax_servcmd"), "", 0, ajax_servcmd, 0); + WebcitAddUrlHandler(HKEY("webcit"), "", 0, blank_page, URLNAMESPACE); + WebcitAddUrlHandler(HKEY("401"), "", 0, authorization_required, ANONYMOUS|COOKIEUNNEEDED); RegisterConditional(HKEY("COND:IMPMSG"), 0, ConditionalImportantMesage, CTX_NONE); - RegisterNamespace("CSSLOCAL", 0, 0, tmplput_csslocal, CTX_NONE); - RegisterNamespace("IMPORTANTMESSAGE", 0, 0, tmplput_importantmessage, CTX_NONE); - RegisterNamespace("TRAILING_JAVASCRIPT", 0, 0, tmplput_trailing_javascript, CTX_NONE); + RegisterConditional(HKEY("COND:REST:DEPTH"), 0, Conditional_REST_DEPTH, CTX_NONE); + + RegisterNamespace("CSSLOCAL", 0, 0, tmplput_csslocal, NULL, CTX_NONE); + RegisterNamespace("IMPORTANTMESSAGE", 0, 0, tmplput_importantmessage, NULL, CTX_NONE); + RegisterNamespace("TRAILING_JAVASCRIPT", 0, 0, tmplput_trailing_javascript, NULL, CTX_NONE); + RegisterNamespace("URL:DISPLAYNAME", 0, 1, tmplput_HANDLER_DISPLAYNAME, NULL, CTX_NONE); - snprintf(dir, SIZ, "%s/static.local/webcit.css", static_local_dir); + snprintf(dir, SIZ, "%s/webcit.css", static_local_dir); if (!access(dir, R_OK)) { lprintf(9, "Using local Stylesheet [%s]\n", dir); - csslocal = NewStrBufPlain(HKEY("")); + csslocal = NewStrBufPlain(HKEY("")); } else - lprintf(9, "Didn't find site local Stylesheet [%s]\n", dir); + lprintf(9, "No Site-local Stylesheet [%s] installed. \n", dir); } @@ -793,19 +851,19 @@ SessionNewModule_WEBCIT (wcsession *sess) { sess->ImportantMsg = NewStrBuf(); - sess->WBuf = NewStrBuf(); - sess->HBuf = NewStrBuf(); + sess->WBuf = NewStrBufPlain(NULL, SIZ * 4); + sess->HBuf = NewStrBufPlain(NULL, SIZ / 4); } void SessionDetachModule_WEBCIT (wcsession *sess) { - DeleteHash(&sess->Hdr->urlstrings);// TODO? - if (sess->upload_length > 0) { - free(sess->upload); - sess->upload_length = 0; - } + DeleteHash(&sess->Directory); + + FreeStrBuf(&sess->upload); + sess->upload_length = 0; + FreeStrBuf(&sess->trailing_javascript); if (StrLength(sess->WBuf) > SIZ * 30) /* Bigger than 120K? release. */