From 169bd77e58fefd930ddc936f524489ddd5149397 Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Mon, 26 Nov 2007 04:36:01 +0000 Subject: [PATCH] Fixed bug 301. /listsub operations do not require a security nonce because they do not maintain an ongoing session with the server. Also cleaned this screen up visually. --- webcit/listsub.c | 68 +++++++++++++++++++++--------------------------- webcit/webcit.c | 2 +- 2 files changed, 31 insertions(+), 39 deletions(-) diff --git a/webcit/listsub.c b/webcit/listsub.c index f219ffcb8..ef7d93b74 100644 --- a/webcit/listsub.c +++ b/webcit/listsub.c @@ -1,18 +1,13 @@ /* * $Id$ - */ -/** - * \defgroup ListSubForms Web forms for handling mailing list subscribe/unsubscribe requests. - * \ingroup WebcitDisplayItems + * + * Web forms for handling mailing list subscribe/unsubscribe requests. */ -/*@{*/ #include "webcit.h" - - -/** - * \brief List subscription handling +/* + * List subscription handling */ void do_listsub(void) { @@ -50,13 +45,14 @@ void do_listsub(void) strcpy(email, bstr("email")); strcpy(subtype, bstr("subtype")); - wprintf("
" - "
" - ""); - wprintf(_("List subscribe/unsubscribe")); - wprintf("

\n"); + wprintf("
"); + wprintf("
"); + + svprintf("BOXTITLE", WCS_STRING, _("List subscribe/unsubscribe")); + do_template("beginbox"); + wprintf("

"); - /** + /* * Subscribe command */ if (!strcasecmp(cmd, "subscribe")) { @@ -98,7 +94,7 @@ void do_listsub(void) } } - /** + /* * Unsubscribe command */ else if (!strcasecmp(cmd, "unsubscribe")) { @@ -136,7 +132,7 @@ void do_listsub(void) } } - /** + /* * Confirm command */ else if (!strcasecmp(cmd, "confirm")) { @@ -164,16 +160,14 @@ void do_listsub(void) wprintf("%s
\n", &buf[4]); } - /** + /* * Any other (invalid) command causes the form to be displayed */ else { -FORM: wprintf("
\n"); - wprintf("\n", WC->nonce); - wprintf("\n"); +FORM: wprintf("\n"); - wprintf("\n"); + wprintf("

\n"); - wprintf("\n"); + wprintf("\" maxlength=128 size=60>

\n"); - wprintf("
Name of list" - "\n"); serv_puts("LPRM"); serv_getln(buf, sizeof buf); @@ -182,39 +176,37 @@ FORM: wprintf("\n"); extract_token(sroom, buf, 0, '|', sizeof sroom); self = extract_int(buf, 4) & QR2_SELFLIST ; if (self) { - wprintf("\n"); + wprintf("\n"); } } } - wprintf("" - "
Your e-mail address" + wprintf("Your e-mail address: " "
" - "(If subscribing) preferred format: " + wprintf("(If subscribing) preferred format: " "One message at a time  " "Digest format  " - "
\n" + "

\n" "\n" "\n" + " VALUE=\"unsubscribe\">

\n" "
\n" ); - wprintf("
When you attempt to subscribe or unsubscribe to " + wprintf("
When you attempt to subscribe or unsubscribe to " "a mailing list, you will receive an e-mail containing" " one additional web link to click on for final " "confirmation. This extra step is for your " @@ -224,11 +216,11 @@ FORM: wprintf("
\n"); } + wprintf("
"); + do_template("endbox"); + wprintf("
"); + wprintf("\n"); wDumpContent(0); end_webcit_session(); } - - - -/*@}*/ diff --git a/webcit/webcit.c b/webcit/webcit.c index 28cb08a1b..c65fd7f3d 100644 --- a/webcit/webcit.c +++ b/webcit/webcit.c @@ -1310,7 +1310,7 @@ void session_loop(struct httprequest *req) wprintf("HTTP/1.1 404 Security check failed\r\n"); wprintf("Content-Type: text/plain\r\n"); wprintf("\r\n"); - wprintf("Security check failed.\r\n"); + wprintf("You have sent a malformed or invalid request.\r\n"); } goto SKIP_ALL_THIS_CRAP; /* Don't try to connect */ } -- 2.30.2