/*
- * webcit.c
+ * $Id$
*
- * This is the actual program called by the webserver. It maintains a
+ * This is the main transaction loop of the web service. It maintains a
* persistent session to the Citadel server, handling HTTP WebCit requests as
* they arrive and presenting a user interface.
*
- * $Id$
*/
#include <ctype.h>
#include <pthread.h>
#include <signal.h>
#include "webcit.h"
+#include "groupdav.h"
#include "webserver.h"
#include "mime_parser.h"
hex[0] = buf[a + 1];
hex[1] = buf[a + 2];
hex[2] = 0;
+ b = 0;
sscanf(hex, "%02x", &b);
buf[a] = (char) b;
strcpy(&buf[a + 1], &buf[a + 3]);
for (a = 0; a <= b; ++a)
++up;
- /* locate the & sign */
+ /* locate "&" and "?" delimiters */
ptr = up;
b = strlen(up);
for (a = 0; a < strlen(up); ++a) {
- if (!strncmp(ptr, "&", 1)) {
+ if ( (ptr[0] == '&') || (ptr[0] == '?') ) {
b = a;
break;
}
++ptr;
strcpy(ptr, "");
- u->url_data = malloc(strlen(up) + 1);
+ u->url_data = malloc(strlen(up) + 2);
strcpy(u->url_data, up);
u->url_data[b] = 0;
unescape_input(u->url_data);
char wbuf[4096];
va_start(arg_ptr, format);
- vsprintf(wbuf, format, arg_ptr);
+ vsnprintf(wbuf, sizeof wbuf, format, arg_ptr);
va_end(arg_ptr);
- write(WC->http_sock, wbuf, strlen(wbuf));
+ client_write(wbuf, strlen(wbuf));
}
void wDumpContent(int print_standard_html_footer)
{
if (print_standard_html_footer) {
+ wprintf("</DIV>\n"); /* end of "text" div */
do_template("trailing");
}
-
+ /* If we've been saving it all up for one big output burst,
+ * go ahead and do that now.
+ */
+ end_burst();
}
* Copy a string, escaping characters which have meaning in HTML. If
* nbsp is nonzero, spaces are converted to non-breaking spaces.
*/
-void stresc(char *target, char *strbuf, int nbsp)
+void stresc(char *target, char *strbuf, int nbsp, int nolinebreaks)
{
int a;
strcpy(target, "");
strcat(target, ">");
else if (strbuf[a] == QU)
strcat(target, "\"");
- else if ((strbuf[a] == 32) && (nbsp == 1)) {
+ else if ((strbuf[a] == 32) && (nbsp == 1))
strcat(target, " ");
- } else {
+ else if ((strbuf[a] == '\n') && (nolinebreaks))
+ strcat(target, ""); /* nothing */
+ else if ((strbuf[a] == '\r') && (nolinebreaks))
+ strcat(target, ""); /* nothing */
+ else
strncat(target, &strbuf[a], 1);
- }
}
}
-void escputs1(char *strbuf, int nbsp)
+void escputs1(char *strbuf, int nbsp, int nolinebreaks)
{
- char buf[1024];
- stresc(buf, strbuf, nbsp);
+ char *buf;
+
+ if (strbuf == NULL) return;
+ buf = malloc( (3 * strlen(strbuf)) + SIZ );
+ stresc(buf, strbuf, nbsp, nolinebreaks);
wprintf("%s", buf);
+ free(buf);
}
void escputs(char *strbuf)
{
- escputs1(strbuf, 0);
+ escputs1(strbuf, 0, 0);
}
/*
}
+/*
+ * Copy a string, escaping characters for JavaScript strings.
+ */
+void jsesc(char *target, char *strbuf)
+{
+ int a;
+ strcpy(target, "");
+
+ for (a = 0; a < strlen(strbuf); ++a) {
+ if (strbuf[a] == '<')
+ strcat(target, "[");
+ else if (strbuf[a] == '>')
+ strcat(target, "]");
+ else if (strbuf[a] == '\"')
+ strcat(target, """);
+ else if (strbuf[a] == '&')
+ strcat(target, "&;");
+ else if (strbuf[a] == '\'')
+ strcat(target, "\\'");
+ else {
+ strncat(target, &strbuf[a], 1);
+ }
+ }
+}
+void jsescputs(char *strbuf)
+{
+ char outbuf[SIZ];
+
+ jsesc(outbuf, strbuf);
+ wprintf("%s", outbuf);
+}
/*
- * Output all that important stuff that the browser will want to see
- *
- * control codes:
- *
- * Bits 0 and 1:
- * 0 = Nothing. Do not display any leading HTTP or HTML.
- * 1 = HTTP headers plus the room banner
- * 2 = HTTP headers required to terminate the session (unset cookies)
- * 3 = HTTP and HTML headers, but no room banner
- *
- * Bit 2: Set to 1 to auto-refresh page every 30 seconds
- *
- * Bit 3: suppress check for express messages
+ * Copy a string, escaping characters for message text hold
*/
-void output_headers(int controlcode)
+void msgesc(char *target, char *strbuf)
{
+ int a;
+ strcpy(target, "");
+
+ for (a = 0; a < strlen(strbuf); ++a) {
+ if (strbuf[a] == '\'')
+ strcat(target, "\\'");
+ else if (strbuf[a] == '\n')
+ strcat(target, " ");
+ else if (strbuf[a] == '\r')
+ strcat(target, " ");
+ else {
+ strncat(target, &strbuf[a], 1);
+ }
+ }
+}
+
+void msgescputs(char *strbuf) {
+ char *outbuf;
+
+ if (strbuf == NULL) return;
+ outbuf = malloc( (3 * strlen(strbuf)) + SIZ);
+ msgesc(outbuf, strbuf);
+ wprintf("%s", outbuf);
+ free(outbuf);
+}
+
+
+
+
+/*
+ * Output all that important stuff that the browser will want to see
+ */
+void output_headers( int do_httpheaders, /* 1 = output HTTP headers */
+ int do_htmlhead, /* 1 = output HTML <head> section and <body> opener */
+
+ int do_room_banner, /* 0=no, 1=yes, */
+ /* 2 = I'm going to embed my own, so don't open the */
+ /* <div id="content"> either. */
+
+ int unset_cookies, /* 1 = session is terminating, so unset the cookies */
+ int refresh30, /* 1 = automatically refresh page every 30 seconds */
+ int suppress_check, /* 1 = suppress check for instant messages */
+ int cache /* 1 = allow browser to cache this page */
+) {
char cookie[SIZ];
- int print_standard_html_head = 0;
- int refresh30 = 0;
- int suppress_check = 0;
char httpnow[SIZ];
- static int pageseq = 0;
- print_standard_html_head = controlcode & 0x03;
- refresh30 = ((controlcode & 0x04) >> 2);
- suppress_check = ((controlcode & 0x08) >> 3);
wprintf("HTTP/1.0 200 OK\n");
-
httpdate(httpnow, time(NULL));
- if (print_standard_html_head > 0) {
- wprintf("Content-type: text/html\n"
- "Server: %s\n", SERVER
+ if (do_httpheaders) {
+ wprintf("Content-type: text/html\r\n"
+ "Server: %s / %s\n"
+ "Connection: close\r\n",
+ SERVER, serv_info.serv_software
);
- wprintf("Connection: close\n"
- "Pragma: no-cache\n"
- "Cache-Control: no-store\n"
+ }
+
+ if (cache) {
+ wprintf("Pragma: public\r\n"
+ "Cache-Control: max-age=3600, must-revalidate\r\n"
+ "Last-modified: %s\r\n",
+ httpnow
+ );
+ }
+ else {
+ wprintf("Pragma: no-cache\r\n"
+ "Cache-Control: no-store\r\n"
);
}
+
stuff_to_cookie(cookie, WC->wc_session, WC->wc_username,
WC->wc_password, WC->wc_roomname);
- if (print_standard_html_head == 2) {
- wprintf("Set-cookie: webcit=%s\n", unset);
+
+ if (unset_cookies) {
+ wprintf("Set-cookie: webcit=%s; path=/\r\n", unset);
} else {
- wprintf("Set-cookie: webcit=%s\n", cookie);
+ wprintf("Set-cookie: webcit=%s; path=/\r\n", cookie);
if (server_cookie != NULL) {
wprintf("%s\n", server_cookie);
}
}
- if (print_standard_html_head > 0) {
- wprintf("\n");
-
- if (refresh30) svprintf("REFRESHTAG", WCS_STRING,
- "<META HTTP-EQUIV=\"refresh\" CONTENT=\"30\">\n");
- else svprintf("REFRESHTAG", WCS_STRING,
- "<META HTTP-EQUIV=\"refresh\" CONTENT=\"500363689;\">\n");
- /* script for checking for pages (not always launched) */
- svprintf("PAGERSCRIPT", WCS_STRING,
- "<SCRIPT LANGUAGE=\"JavaScript\">\n"
- "function launch_page_popup() {\n"
- "pwin = window.open('/page_popup', 'CitaPage%d', "
- "'toolbar=no,location=no,copyhistory=no,status=no,"
- "scrollbars=yes,resizable=no,height=250,width=400');\n"
- "}\n"
- "</SCRIPT>\n",
- ++pageseq
- );
- /* end script */
-
- do_template("head");
- clear_local_substs();
+ if (do_htmlhead) {
+ /* wprintf("\n"); */
+ begin_burst();
- if (!suppress_check) if (WC->HaveExpressMessages) {
- svprintf("extrabodyparms", WCS_STRING, "%s",
- "onload=\"launch_page_popup()\" ");
- WC->HaveExpressMessages = 0;
+ if (refresh30) {
+ svprintf("REFRESHTAG", WCS_STRING, "%s",
+ "<meta http-equiv=\"refresh\" content=\"30\" />\n");
+ }
+ else {
+ svprintf("REFRESHTAG", WCS_STRING, "%s",
+ "<meta http-equiv=\"refresh\" content=\"500363689;\" />\n");
}
- do_template("background");
- clear_local_substs();
+ do_template("head");
+ }
- if (print_standard_html_head == 1) {
- wprintf("<A NAME=\"TheTop\"></A>");
+ /* ICONBAR */
+ if (do_htmlhead) {
- embed_room_banner(NULL);
+ if (WC->HaveInstantMessages) {
+ wprintf("<div id=\"page_popup\">\n");
+ page_popup();
+ wprintf("</div>\n");
+ }
+ if ( (WC->logged_in) && (!unset_cookies) ) {
+ wprintf("<div id=\"iconbar\">");
+ do_iconbar();
+ wprintf("</div>\n");
+ }
+ if (do_room_banner == 1) {
+ wprintf("<div id=\"banner\">\n");
+ embed_room_banner(NULL, navbar_default);
+ wprintf("</div>\n");
+ }
+ }
+ if (do_room_banner == 1) {
+ wprintf("<div id=\"content\">\n");
+
+ if (strlen(WC->ImportantMessage) > 0) {
+ wprintf("<div id=\"fix_scrollbar_bug\">\n");
+ do_template("beginbox_nt");
+ wprintf("<SPAN CLASS=\"errormsg\">"
+ "%s</SPAN><br />\n", WC->ImportantMessage);
+ do_template("endbox");
+ wprintf("</div>\n");
+ strcpy(WC->ImportantMessage, "");
}
+
}
}
/*
- *
+ * Generic function to do an HTTP redirect. Easy and fun.
*/
void http_redirect(char *whichpage) {
wprintf("HTTP/1.0 302 Moved Temporarily\n");
- wprintf("Location: %s\n", whichpage);
- wprintf("URI: %s\n", whichpage);
- wprintf("Content-type: text/html\n\n");
+ wprintf("Location: %s\r\n", whichpage);
+ wprintf("URI: %s\r\n", whichpage);
+ wprintf("Content-type: text/html\r\n\r\n");
wprintf("<html><body>\n");
wprintf("you really want to be <A HREF=\"%s\">here</A> now\n",
whichpage);
-void check_for_express_messages()
+void check_for_instant_messages()
{
char buf[SIZ];
serv_puts("NOOP");
serv_gets(buf);
- if (buf[3] == '*') WC->HaveExpressMessages = 1;
+ if (buf[3] == '*') WC->HaveInstantMessages = 1;
}
/*
* Output a piece of content to the web browser
*/
-void http_transmit_thing(char *thing, size_t length, char *content_type) {
- output_headers(0);
- wprintf("Content-type: %s\n"
- "Content-length: %ld\n"
- "Server: %s\n"
- "Connection: close\n"
- "\n",
+void http_transmit_thing(char *thing, size_t length, char *content_type,
+ int is_static) {
+
+ output_headers(0, 0, 0, 0, 0, 0, is_static);
+
+ wprintf("Content-type: %s\r\n"
+ "Server: %s\r\n"
+ "Connection: close\r\n",
content_type,
- (long) length,
- SERVER
+ SERVER);
+
+#ifdef HAVE_ZLIB
+ /* If we can send the data out compressed, please do so. */
+ if (WC->gzip_ok) {
+ char *compressed_data = NULL;
+ uLongf compressed_len;
+
+ compressed_len = (uLongf) ((length * 101) / 100) + 100;
+ compressed_data = malloc(compressed_len);
+
+ if (compress_gzip((Bytef *) compressed_data,
+ &compressed_len,
+ (Bytef *) thing,
+ (uLongf) length, Z_BEST_SPEED) == Z_OK) {
+ wprintf("Content-encoding: gzip\r\n"
+ "Content-length: %ld\r\n"
+ "\r\n",
+ (long) compressed_len
+ );
+ client_write(compressed_data, (size_t)compressed_len);
+ free(compressed_data);
+ return;
+ }
+ }
+#endif
+
+ /* No compression ... just send it out as-is */
+ wprintf("Content-length: %ld\r\n"
+ "\r\n",
+ (long) length
);
- write(WC->http_sock, thing, (size_t)length);
+ client_write(thing, (size_t)length);
}
char *bigbuffer;
char content_type[SIZ];
- lprintf(9, "output_static(%s)\n", what);
sprintf(buf, "static/%s", what);
fp = fopen(buf, "rb");
if (fp == NULL) {
wprintf("HTTP/1.0 404 %s\n", strerror(errno));
- wprintf("Content-Type: text/plain\n");
- wprintf("\n");
+ wprintf("Content-Type: text/plain\r\n");
+ wprintf("\r\n");
wprintf("Cannot open %s: %s\n", what, strerror(errno));
} else {
if (!strncasecmp(&what[strlen(what) - 4], ".gif", 4))
strcpy(content_type, "image/jpeg");
else if (!strncasecmp(&what[strlen(what) - 4], ".png", 4))
strcpy(content_type, "image/png");
+ else if (!strncasecmp(&what[strlen(what) - 4], ".ico", 4))
+ strcpy(content_type, "image/x-icon");
else if (!strncasecmp(&what[strlen(what) - 5], ".html", 5))
strcpy(content_type, "text/html");
+ else if (!strncasecmp(&what[strlen(what) - 4], ".htm", 4))
+ strcpy(content_type, "text/html");
else if (!strncasecmp(&what[strlen(what) - 4], ".wml", 4))
strcpy(content_type, "text/vnd.wap.wml");
else if (!strncasecmp(&what[strlen(what) - 5], ".wmls", 5))
else if (!strncasecmp(&what[strlen(what) - 6], ".wmlsc", 6))
strcpy(content_type, "application/vnd.wap.wmlscriptc");
else if (!strncasecmp(&what[strlen(what) - 5], ".wbmp", 5))
- wprintf("Content-type: image/vnd.wap.wbmp");
+ strcpy(content_type, "image/vnd.wap.wbmp");
+ else if (!strncasecmp(&what[strlen(what) - 3], ".js", 3))
+ strcpy(content_type, "text/javascript");
else
- wprintf("Content-type: application/octet-stream");
+ strcpy(content_type, "application/octet-stream");
fstat(fileno(fp), &statbuf);
bytes = statbuf.st_size;
- lprintf(3, "Static: %s, %ld bytes\n", what, bytes);
- bigbuffer = malloc(bytes);
+ /* lprintf(3, "Static: %s, (%s; %ld bytes)\r\n",
+ what, content_type, bytes); */
+ bigbuffer = malloc(bytes + 2);
fread(bigbuffer, bytes, 1, fp);
fclose(fp);
- http_transmit_thing(bigbuffer, (size_t)bytes, content_type);
+ http_transmit_thing(bigbuffer, (size_t)bytes, content_type, 1);
free(bigbuffer);
}
if (!strcasecmp(bstr("force_close_session"), "yes")) {
serv_gets(buf);
if (buf[0] == '2') {
bytes = extract_long(&buf[4], 0);
- xferbuf = malloc(bytes);
+ xferbuf = malloc(bytes + 2);
/* Read it from the server */
read_server_binary(xferbuf, bytes);
serv_gets(buf);
/* Write it to the browser */
- http_transmit_thing(xferbuf, (size_t)bytes, "image/gif");
+ http_transmit_thing(xferbuf, (size_t)bytes, "image/gif", 0);
free(xferbuf);
} else {
/*
wprintf("HTTP/1.0 404 %s\n", &buf[4]);
- output_headers(0);
- wprintf("Content-Type: text/plain\n"
- "\n"
+ output_headers(0, 0, 0, 0, 0, 0, 0);
+ wprintf("Content-Type: text/plain\r\n"
+ "\r\n"
"Error retrieving image: %s\n",
&buf[4]
);
serv_gets(buf);
if (buf[0] == '2') {
bytes = extract_long(&buf[4], 0);
- content = malloc(bytes);
- extract(content_type, &buf[4], 3);
- output_headers(0);
+ content = malloc(bytes + 2);
+ extract_token(content_type, &buf[4], 3, '|', sizeof content_type);
+ output_headers(0, 0, 0, 0, 0, 0, 0);
read_server_binary(content, bytes);
serv_puts("CLOS");
serv_gets(buf);
- http_transmit_thing(content, bytes, content_type);
+ http_transmit_thing(content, bytes, content_type, 0);
free(content);
} else {
wprintf("HTTP/1.0 404 %s\n", &buf[4]);
- output_headers(0);
- wprintf("Content-Type: text/plain\n");
- wprintf("\n");
+ output_headers(0, 0, 0, 0, 0, 0, 0);
+ wprintf("Content-Type: text/plain\r\n");
+ wprintf("\r\n");
wprintf("Error retrieving part: %s\n", &buf[4]);
}
serv_gets(buf);
if (buf[0] == '2') {
bytes = extract_long(&buf[4], 0);
- extract(content_type, &buf[4], 3);
+ extract_token(content_type, &buf[4], 3, '|', sizeof content_type);
- content = malloc(bytes + 1);
+ content = malloc(bytes + 2);
read_server_binary(content, bytes);
serv_puts("CLOS");
void convenience_page(char *titlebarcolor, char *titlebarmsg, char *messagetext)
{
wprintf("HTTP/1.0 200 OK\n");
- output_headers(1);
+ output_headers(1, 1, 2, 0, 0, 0, 0);
+ wprintf("<div id=\"banner\">\n");
wprintf("<TABLE WIDTH=100%% BORDER=0 BGCOLOR=\"#%s\"><TR><TD>", titlebarcolor);
wprintf("<SPAN CLASS=\"titlebar\">%s</SPAN>\n", titlebarmsg);
- wprintf("</TD></TR></TABLE><BR>\n");
+ wprintf("</TD></TR></TABLE>\n");
+ wprintf("</div>\n<div id=\"content\">\n");
escputs(messagetext);
- wprintf("<HR>\n");
+ wprintf("<hr />\n");
wDumpContent(1);
}
* Display a blank page.
*/
void blank_page(void) {
- output_headers(7);
+ output_headers(1, 1, 0, 0, 1, 0, 0);
wDumpContent(2);
}
+/*
+ * A template has been requested
+ */
+void url_do_template(void) {
+ do_template(bstr("template"));
+}
+
/*
void change_start_page(void) {
if (bstr("startpage") == NULL) {
- display_error("startpage set to null");
+ strcpy(WC->ImportantMessage,
+ "startpage set to null");
+ display_main_menu();
return;
}
set_preference("startpage", bstr("startpage"));
- output_headers(3);
+ output_headers(1, 1, 0, 0, 0, 0, 0);
do_template("newstartpage");
wDumpContent(1);
}
-void display_error(char *errormessage)
-{
- convenience_page("770000", "Error", errormessage);
-}
-
void display_success(char *successmessage)
{
convenience_page("007700", "OK", successmessage);
int i;
strcpy(actbuf, cmdbuf);
- if (!strncasecmp(actbuf, "GET /", 5))
- strcpy(actbuf, &actbuf[5]);
- if (!strncasecmp(actbuf, "PUT /", 5))
- strcpy(actbuf, &actbuf[5]);
- if (!strncasecmp(actbuf, "POST /", 6))
- strcpy(actbuf, &actbuf[6]);
+ /*
+ * First strip out the http method
+ */
+ remove_token(actbuf, 0, ' ');
+ if (actbuf[0] == ' ') strcpy(actbuf, &actbuf[1]);
+ if (actbuf[0] == '/') strcpy(actbuf, &actbuf[1]);
+
+ /*
+ * Now kill invalid (for webcit) characters
+ */
for (i = 0; i < strlen(actbuf); ++i) {
if (actbuf[i] == ' ') {
actbuf[i] = 0;
{
struct urlcontent *u;
- lprintf(5, "Upload handler called: %s, %ld bytes\n",
- cbtype, (long)length);
-
/* Form fields */
if ( (length > 0) && (strlen(cbtype) == 0) ) {
u = (struct urlcontent *) malloc(sizeof(struct urlcontent));
memcpy(WC->upload, content, length);
}
else {
- lprintf(9, "malloc() failed: %s\n",
- strerror(errno));
+ lprintf(3, "malloc() failed: %s\n", strerror(errno));
}
}
void session_loop(struct httprequest *req)
{
char cmd[SIZ];
+ char method[SIZ];
char action[SIZ];
char buf[SIZ];
int a, b;
int ContentLength = 0;
- int BytesRead;
+ int BytesRead = 0;
char ContentType[512];
- char *content;
- char *content_end;
+ char *content = NULL;
+ char *content_end = NULL;
struct httprequest *hptr;
char browser_host[SIZ];
char user_agent[SIZ];
- int body_start;
+ int body_start = 0;
/* We stuff these with the values coming from the client cookies,
* so we can use them to reconnect a timed out session if we have to.
char c_username[SIZ];
char c_password[SIZ];
char c_roomname[SIZ];
+ char c_httpauth_string[SIZ];
+ char c_httpauth_user[SIZ];
+ char c_httpauth_pass[SIZ];
char cookie[SIZ];
strcpy(c_username, "");
strcpy(c_password, "");
strcpy(c_roomname, "");
+ strcpy(c_httpauth_string, "");
+ strcpy(c_httpauth_user, DEFAULT_HTTPAUTH_USER);
+ strcpy(c_httpauth_pass, DEFAULT_HTTPAUTH_PASS);
WC->upload_length = 0;
WC->upload = NULL;
+ WC->vars = NULL;
WC->is_wap = 0;
strcpy(cmd, hptr->line);
hptr = hptr->next;
+ extract_token(method, cmd, 0, ' ', sizeof method);
extract_action(action, cmd);
while (hptr != NULL) {
hptr = hptr->next;
if (!strncasecmp(buf, "Cookie: webcit=", 15)) {
- strcpy(cookie, &buf[15]);
+ safestrncpy(cookie, &buf[15], sizeof cookie);
cookie_to_stuff(cookie, NULL,
- c_username, c_password, c_roomname);
+ c_username, sizeof c_username,
+ c_password, sizeof c_password,
+ c_roomname, sizeof c_roomname);
+ }
+ else if (!strncasecmp(buf, "Authorization: Basic ", 21)) {
+ CtdlDecodeBase64(c_httpauth_string, &buf[21], strlen(&buf[21]));
+ extract_token(c_httpauth_user, c_httpauth_string, 0, ':', sizeof c_httpauth_user);
+ extract_token(c_httpauth_pass, c_httpauth_string, 1, ':', sizeof c_httpauth_pass);
}
else if (!strncasecmp(buf, "Content-length: ", 16)) {
ContentLength = atoi(&buf[16]);
}
if (ContentLength > 0) {
- lprintf(5, "Content length: %d\n", ContentLength);
content = malloc(ContentLength + SIZ);
memset(content, 0, ContentLength + SIZ);
sprintf(content, "Content-type: %s\n"
ContentType, ContentLength);
body_start = strlen(content);
- BytesRead = 0;
- while (BytesRead < ContentLength) {
- a=read(WC->http_sock, &content[BytesRead+body_start],
- ContentLength - BytesRead);
- if (a <= 0) BytesRead = ContentLength;
- else BytesRead += a;
- }
+ /* Be daring and read it all at once. */
+ client_read(WC->http_sock, &content[BytesRead+body_start],
+ ContentLength);
if (!strncasecmp(ContentType,
"application/x-www-form-urlencoded", 33)) {
addurls(&content[body_start]);
} else if (!strncasecmp(ContentType, "multipart", 9)) {
- content_end = content + ContentLength;
+ content_end = content + ContentLength + body_start;
mime_parser(content, content_end, *upload_handler,
NULL, NULL, NULL, 0);
}
do_listsub();
goto SKIP_ALL_THIS_CRAP;
}
+#ifdef WEBCIT_WITH_CALENDAR_SERVICE
+ if (!strcasecmp(action, "freebusy")) {
+ do_freebusy(cmd);
+ goto SKIP_ALL_THIS_CRAP;
+ }
+#endif
+
+ /*
+ * If we're not logged in, but we have HTTP Authentication data,
+ * try logging in to Citadel using that.
+ */
+ if ((!WC->logged_in)
+ && (strlen(c_httpauth_user) > 0)
+ && (strlen(c_httpauth_pass) > 0)) {
+ serv_printf("USER %s", c_httpauth_user);
+ serv_gets(buf);
+ if (buf[0] == '3') {
+ serv_printf("PASS %s", c_httpauth_pass);
+ serv_gets(buf);
+ if (buf[0] == '2') {
+ become_logged_in(c_httpauth_user,
+ c_httpauth_pass, buf);
+ strcpy(WC->httpauth_user, c_httpauth_user);
+ strcpy(WC->httpauth_pass, c_httpauth_pass);
+ }
+ }
+ }
+
+ /*
+ * The GroupDAV stuff relies on HTTP authentication instead of
+ * our session's authentication.
+ */
+ if (!strncasecmp(action, "groupdav", 8)) {
+ groupdav_main(req, ContentType, /* do GroupDAV methods */
+ ContentLength, content+body_start);
+ if (!WC->logged_in) {
+ WC->killthis = 1; /* If not logged in, don't */
+ } /* keep the session active */
+ goto SKIP_ALL_THIS_CRAP;
+ }
- check_for_express_messages();
+
+ /*
+ * If this isn't a GroupDAV session, it's an ordinary browser
+ * connecting to the user interface. Only allow GET and POST
+ * methods.
+ */
+ if ((strcasecmp(method, "GET")) && (strcasecmp(method, "POST"))) {
+ wprintf("HTTP/1.1 405 Method Not Allowed\r\n");
+ groupdav_common_headers();
+ wprintf("Content-Length: 0\r\n\r\n");
+ goto SKIP_ALL_THIS_CRAP;
+ }
/*
* If we're not logged in, but we have username and password cookies
* supplied by the browser, try using them to log in.
*/
- if ((!WC->logged_in) && (strlen(c_username) > 0) && (strlen(c_password) > 0)) {
+ if ((!WC->logged_in)
+ && (strlen(c_username) > 0)
+ && (strlen(c_password) > 0)) {
serv_printf("USER %s", c_username);
serv_gets(buf);
if (buf[0] == '3') {
}
}
+ /*
+ * If there are instant messages waiting, retrieve them for display.
+ */
+ check_for_instant_messages();
+
if (!strcasecmp(action, "image")) {
output_image();
do_welcome();
} else if (!strcasecmp(action, "blank")) {
blank_page();
+ } else if (!strcasecmp(action, "do_template")) {
+ url_do_template();
+ } else if (!strcasecmp(action, "display_aide_menu")) {
+ display_aide_menu();
} else if (!strcasecmp(action, "display_main_menu")) {
display_main_menu();
} else if (!strcasecmp(action, "whobbs")) {
display_enter();
} else if (!strcasecmp(action, "post")) {
post_message();
- } else if (!strcasecmp(action, "delete_msg")) {
- delete_msg();
- } else if (!strcasecmp(action, "confirm_move_msg")) {
- confirm_move_msg();
} else if (!strcasecmp(action, "move_msg")) {
move_msg();
+ } else if (!strcasecmp(action, "delete_msg")) {
+ delete_msg();
} else if (!strcasecmp(action, "userlist")) {
userlist();
} else if (!strcasecmp(action, "showuser")) {
display_entroom();
} else if (!strcasecmp(action, "entroom")) {
entroom();
+ } else if (!strcasecmp(action, "display_whok")) {
+ display_whok();
+ } else if (!strcasecmp(action, "do_invt_kick")) {
+ do_invt_kick();
} else if (!strcasecmp(action, "display_editroom")) {
display_editroom();
} else if (!strcasecmp(action, "netedit")) {
netedit();
} else if (!strcasecmp(action, "editroom")) {
editroom();
- } else if (!strcasecmp(action, "display_whok")) {
- display_whok();
} else if (!strcasecmp(action, "display_editinfo")) {
- display_edit("Room info", "EINF 0", "RINF", "/editinfo");
+ display_edit("Room info", "EINF 0", "RINF", "/editinfo", 1);
} else if (!strcasecmp(action, "editinfo")) {
save_edit("Room info", "EINF 1", 1);
} else if (!strcasecmp(action, "display_editbio")) {
sprintf(buf, "RBIO %s", WC->wc_username);
- display_edit("Your bio", "NOOP", buf, "editbio");
+ display_edit("Your bio", "NOOP", buf, "editbio", 3);
} else if (!strcasecmp(action, "editbio")) {
save_edit("Your bio", "EBIO", 0);
- } else if (!strcasecmp(action, "confirm_delete_room")) {
- confirm_delete_room();
+ } else if (!strcasecmp(action, "confirm_move_msg")) {
+ confirm_move_msg();
} else if (!strcasecmp(action, "delete_room")) {
delete_room();
} else if (!strcasecmp(action, "validate")) {
edit_me();
} else if (!strcasecmp(action, "display_siteconfig")) {
display_siteconfig();
- } else if (!strcasecmp(action, "page_popup")) {
- page_popup();
+ } else if (!strcasecmp(action, "chat_recv")) {
+ chat_recv();
+ } else if (!strcasecmp(action, "chat_send")) {
+ chat_send();
} else if (!strcasecmp(action, "siteconfig")) {
siteconfig();
} else if (!strcasecmp(action, "display_generic")) {
} else if (!strcasecmp(action, "select_user_to_edit")) {
select_user_to_edit(NULL, NULL);
} else if (!strcasecmp(action, "display_edituser")) {
- display_edituser(NULL);
+ display_edituser(NULL, 0);
} else if (!strcasecmp(action, "edituser")) {
edituser();
} else if (!strcasecmp(action, "create_user")) {
#endif
} else if (!strcasecmp(action, "summary")) {
summary();
+ } else if (!strcasecmp(action, "iconbar")) {
+ do_iconbar();
+ } else if (!strcasecmp(action, "display_customize_iconbar")) {
+ display_customize_iconbar();
+ } else if (!strcasecmp(action, "commit_iconbar")) {
+ commit_iconbar();
+ } else if (!strcasecmp(action, "set_room_policy")) {
+ set_room_policy();
+ } else if (!strcasecmp(action, "display_inetconf")) {
+ display_inetconf();
+ } else if (!strcasecmp(action, "save_inetconf")) {
+ save_inetconf();
+ } else if (!strcasecmp(action, "setup_wizard")) {
+ do_setup_wizard();
} else if (!strcasecmp(action, "diagnostics")) {
- output_headers(1);
+ output_headers(1, 1, 1, 0, 0, 0, 0);
- wprintf("You're in session %d<HR>\n", WC->wc_session);
- wprintf("Command: <BR><PRE>\n");
+ wprintf("You're in session %d<hr />\n", WC->wc_session);
+ wprintf("Command: <br /><PRE>\n");
escputs(cmd);
- wprintf("</PRE><HR>\n");
- wprintf("Variables: <BR><PRE>\n");
+ wprintf("</PRE><hr />\n");
+ wprintf("Variables: <br /><PRE>\n");
dump_vars();
- wprintf("</PRE><HR>\n");
+ wprintf("</PRE><hr />\n");
wDumpContent(1);
}
/* When all else fais, display the main menu. */