* lets start knit-picking on buffersizes.

[citadel.git] / webcit / paging.c

diff --git a/webcit/paging.c b/webcit/paging.c
index b8b0bb37891dbdb1f34e269211758b1dbdc7f311..96247ae3fe48a44babe2f3451d90c52ef6f3c36d 100644 (file)
--- a/webcit/paging.c
+++ b/webcit/paging.c
@@ -18,15 +18,14 @@ void display_page(void)
        strcpy(recp, bstr("recp"));
 
         output_headers(1, 1, 2, 0, 0, 0);
-        wprintf("<div id=\"banner\">\n"
-                "<TABLE class=\"paging_banner\"><TR><TD>"
-                "<SPAN CLASS=\"titlebar\">");
+        wprintf("<div id=\"banner\">\n");
+        wprintf("<h1>");
        wprintf(_("Send instant message"));
-       wprintf("</SPAN>"
-                "</TD></TR></TABLE>\n"
-                "</div>\n<div id=\"content\">\n"
-        );
-                                                                                                                             
+       wprintf("</h1>");
+        wprintf("</div>\n");
+
+       wprintf("<div id=\"content\" class=\"service\">\n");
+
         wprintf("<div class=\"fix_scrollbar_bug\">"
                "<table class=\"paging_background\"><tr><td>\n");
 
@@ -35,6 +34,7 @@ void display_page(void)
        wprintf("<br>\n");
 
        wprintf("<FORM METHOD=\"POST\" action=\"page_user\">\n");
+       wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
 
        wprintf("<TABLE border=0 width=100%%><TR><TD>\n");
 
@@ -68,7 +68,7 @@ void page_user(void)
 
        safestrncpy(recp, bstr("recp"), sizeof recp);
 
-       if (strlen(bstr("send_button")) == 0) {
+       if (IsEmptyStr(bstr("send_button"))) {
                safestrncpy(WC->ImportantMessage,
                        _("Message was not sent."),
                        sizeof WC->ImportantMessage
@@ -80,7 +80,7 @@ void page_user(void)
                if (buf[0] == '4') {
                        text_to_server(bstr("msgtext"));
                        serv_puts("000");
-                       stresc(buf, recp, 0, 0);
+                       stresc(buf, 256, recp, 0, 0);
                        snprintf(WC->ImportantMessage,
                                sizeof WC->ImportantMessage,
                                "%s%s.",
@@ -338,10 +338,11 @@ void chat_recv(void) {
                wprintf("<img src=\"static/blank.gif\" onLoad=\"parent.window.close();\">\n");
        }
 
-       if (strlen(output_data) > 0) {
-
-               if (output_data[strlen(output_data)-1] == '\n') {
-                       output_data[strlen(output_data)-1] = 0;
+       if (!IsEmptyStr(output_data)) {
+               int len;
+               len = strlen(output_data);
+               if (output_data[len-1] == '\n') {
+                       output_data[len-1] = 0;
                }
 
                /** Output our fun to the other frame. */
@@ -437,15 +438,15 @@ void chat_send(void) {
                strcpy(send_this, "");
        }
 
-       if (strlen(bstr("help_button")) > 0) {
+       if (!IsEmptyStr(bstr("help_button"))) {
                strcpy(send_this, "/help");
        }
 
-       if (strlen(bstr("list_button")) > 0) {
+       if (!IsEmptyStr(bstr("list_button"))) {
                strcpy(send_this, "/who");
        }
 
-       if (strlen(bstr("exit_button")) > 0) {
+       if (!IsEmptyStr(bstr("exit_button"))) {
                strcpy(send_this, "/quit");
        }
 
@@ -461,7 +462,7 @@ void chat_send(void) {
        WC->serv_sock = WC->chat_sock;
        WC->chat_sock = i;
 
-       while (strlen(send_this) > 0) {
+       while (!IsEmptyStr(send_this)) {
                if (strlen(send_this) < 67) {
                        serv_puts(send_this);
                        strcpy(send_this, "");
@@ -483,6 +484,7 @@ void chat_send(void) {
        WC->chat_sock = i;
 
        wprintf("<FORM METHOD=\"POST\" action=\"chat_send\" NAME=\"chatsendform\">\n");
+       wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
        wprintf("<INPUT TYPE=\"text\" SIZE=\"80\" MAXLENGTH=\"%d\" "
                "NAME=\"send_this\">\n", SIZ-10);
        wprintf("<br />");