X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=webcit%2Fparamhandling.c;h=f7d1a325d21fd85b83c02b83449628411b2814ec;hb=c610deab77612b51cb238f62acc87fb17726cbff;hp=a1a80be227bd7d81445b8083b962b44018bad304;hpb=d22808b7296b6bcf9843dbbef1fe60d7be750733;p=citadel.git
diff --git a/webcit/paramhandling.c b/webcit/paramhandling.c
index a1a80be22..f7d1a325d 100644
--- a/webcit/paramhandling.c
+++ b/webcit/paramhandling.c
@@ -1,12 +1,24 @@
/*
- * $Id: paramhandling.c 6808 2008-12-11 00:00:36Z dothebart $
- *
* parse urlparts and post data
+ *
+ * Copyright (c) 1996-2013 by the citadel.org team
+ *
+ * This program is open source software. You can redistribute it and/or
+ * modify it under the terms of the GNU General Public License, version 3.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
*/
#include "webcit.h"
#include "webserver.h"
+/* uncomment to see all parameters sent to the server by the browser. */
+/* #define DEBUG_URLSTRINGS */
+
+
void free_url(void *U)
{
urlcontent *u = (urlcontent*) U;
@@ -19,19 +31,21 @@ void free_url(void *U)
*/
void ParseURLParams(StrBuf *url)
{
- const char *aptr, *bptr, *eptr, *up;
- int len, keylen;
- urlcontent *u;
+ const char *aptr, *bptr, *eptr, *up = NULL;
+ int len, keylen = 0;
+ urlcontent *u = NULL;
wcsession *WCC = WC;
- if (WCC->Hdr->urlstrings == NULL)
+ if (WCC->Hdr->urlstrings == NULL) {
WCC->Hdr->urlstrings = NewHash(1, NULL);
+ }
eptr = ChrPtr(url) + StrLength(url);
up = ChrPtr(url);
while ((up < eptr) && (!IsEmptyStr(up))) {
aptr = up;
- while ((aptr < eptr) && (*aptr != '\0') && (*aptr != '='))
+ while ((aptr < eptr) && (*aptr != '\0') && (*aptr != '=')) {
aptr++;
+ }
if (*aptr != '=') {
return;
}
@@ -42,33 +56,47 @@ void ParseURLParams(StrBuf *url)
bptr++;
}
keylen = aptr - up - 1; /* -1 -> '=' */
- if(keylen > sizeof(u->url_key)) {
- lprintf(1, "URLkey to long! [%s]", up);
- continue;
+ if (keylen > sizeof(u->url_key)) {
+ syslog(LOG_WARNING, "%s:%d: invalid url_key of size %d in string size %d",
+ __FILE__, __LINE__, keylen, sizeof(u->url_key)
+ );
}
u = (urlcontent *) malloc(sizeof(urlcontent));
memcpy(u->url_key, up, keylen);
u->url_key[keylen] = '\0';
if (keylen < 0) {
- lprintf(1, "URLkey to long! [%s]", up);
+ syslog(LOG_WARNING, "%s:%d: invalid url_key of size %d", __FILE__, __LINE__, keylen);
free(u);
- continue;
+ return;
}
-
- Put(WCC->Hdr->urlstrings, u->url_key, keylen, u, free_url);
- len = bptr - aptr;
- u->url_data = NewStrBufPlain(aptr, len);
- StrBufUnescape(u->url_data, 1);
-
- up = bptr;
- ++up;
+
+ if (strncmp(u->url_key, "__", 2) != 0)
+ {
+ Put(WCC->Hdr->urlstrings, u->url_key, keylen, u, free_url);
+ len = bptr - aptr;
+ u->url_data = NewStrBufPlain(aptr, len);
+ StrBufUnescape(u->url_data, 1);
#ifdef DEBUG_URLSTRINGS
- lprintf(9, "%s = [%ld] %s\n",
- u->url_key,
- StrLength(u->url_data),
- ChrPtr(u->url_data));
+ syslog(LOG_DEBUG, "%s = [%d] %s\n",
+ u->url_key,
+ StrLength(u->url_data),
+ ChrPtr(u->url_data));
#endif
+ }
+ else {
+ len = bptr - aptr;
+ u->url_data = NewStrBufPlain(aptr, len);
+ StrBufUnescape(u->url_data, 1);
+ syslog(LOG_WARNING, "REJECTED because of __ is internal only: %s = [%d] %s\n",
+ u->url_key,
+ StrLength(u->url_data),
+ ChrPtr(u->url_data));
+
+ free_url(u);
+ }
+ up = bptr;
+ ++up;
}
}
@@ -96,7 +124,7 @@ void dump_vars(void)
Cursor = GetNewHashPos (WCC->Hdr->urlstrings, 0);
while (GetNextHashPos(WCC->Hdr->urlstrings, Cursor, &HKLen, &HKey, &U)) {
u = (urlcontent*) U;
- wprintf("%38s = %s\n", u->url_key, ChrPtr(u->url_data));
+ wc_printf("%38s = %s\n", u->url_key, ChrPtr(u->url_data));
}
}
@@ -292,55 +320,63 @@ void upload_handler(char *name, char *filename, char *partnum, char *disp,
void *content, char *cbtype, char *cbcharset,
size_t length, char *encoding, char *cbid, void *userdata)
{
+ wcsession *WCC = WC;
urlcontent *u;
+ long keylen;
+
#ifdef DEBUG_URLSTRINGS
- lprintf(9, "upload_handler() name=%s, type=%s, len=%d\n", name, cbtype, length);
+ syslog(LOG_DEBUG, "upload_handler() name=%s, type=%s, len="SIZE_T_FMT, name, cbtype, length);
#endif
- if (WC->Hdr->urlstrings == NULL)
- WC->Hdr->urlstrings = NewHash(1, NULL);
+ if (WCC->Hdr->urlstrings == NULL)
+ WCC->Hdr->urlstrings = NewHash(1, NULL);
/* Form fields */
if ( (length > 0) && (IsEmptyStr(cbtype)) ) {
u = (urlcontent *) malloc(sizeof(urlcontent));
- safestrncpy(u->url_key, name, sizeof(u->url_key));
+ keylen = safestrncpy(u->url_key, name, sizeof(u->url_key));
u->url_data = NewStrBufPlain(content, length);
- Put(WC->Hdr->urlstrings, u->url_key, strlen(u->url_key), u, free_url);
+ if (strncmp(u->url_key, "__", 2) != 0)
+ {
+ Put(WCC->Hdr->urlstrings, u->url_key, keylen, u, free_url);
+ }
+ else {
+ syslog(LOG_INFO, "REJECTED because of __ is internal only: %s = [%d] %s\n",
+ u->url_key,
+ StrLength(u->url_data),
+ ChrPtr(u->url_data));
+
+ free_url(u);
+ }
#ifdef DEBUG_URLSTRINGS
- lprintf(9, "Key: <%s> len: [%ld] Data: <%s>\n",
+ syslog(LOG_DEBUG, "Key: <%s> len: [%d] Data: <%s>",
u->url_key,
StrLength(u->url_data),
ChrPtr(u->url_data));
#endif
}
- /** Uploaded files */
+ /* Uploaded files */
if ( (length > 0) && (!IsEmptyStr(cbtype)) ) {
- WC->upload = malloc(length);
- if (WC->upload != NULL) {
- WC->upload_length = length;
- safestrncpy(WC->upload_filename, filename,
- sizeof(WC->upload_filename));
- safestrncpy(WC->upload_content_type, cbtype,
- sizeof(WC->upload_content_type));
- memcpy(WC->upload, content, length);
- }
- else {
- lprintf(3, "malloc() failed: %s\n", strerror(errno));
- }
+ WCC->upload = NewStrBufPlain(content, length);
+ WCC->upload_length = length;
+ WCC->upload_filename = NewStrBufPlain(filename, -1);
+ safestrncpy(WCC->upload_content_type, cbtype, sizeof(WC->upload_content_type));
+#ifdef DEBUG_URLSTRINGS
+ syslog(LOG_DEBUG, "File: <%s> len: [%ld]", filename, (long int)length);
+#endif
+
}
}
-
-
void PutBstr(const char *key, long keylen, StrBuf *Value)
{
urlcontent *u;
- if(keylen > sizeof(u->url_key)) {
- lprintf(1, "URLkey to long! [%s]", key);
+ if(keylen >= sizeof(u->url_key)) {
+ syslog(LOG_WARNING, "%s:%d: invalid url_key of size %ld", __FILE__, __LINE__, keylen);
FreeStrBuf(&Value);
return;
}
@@ -349,6 +385,14 @@ void PutBstr(const char *key, long keylen, StrBuf *Value)
u->url_data = Value;
Put(WC->Hdr->urlstrings, u->url_key, keylen, u, free_url);
}
+void PutlBstr(const char *key, long keylen, long Value)
+{
+ StrBuf *Buf;
+
+ Buf = NewStrBufPlain(NULL, sizeof(long) * 16);
+ StrBufPrintf(Buf, "%ld", Value);
+ PutBstr(key, keylen, Buf);
+}
@@ -357,11 +401,21 @@ int ConditionalBstr(StrBuf *Target, WCTemplputParams *TP)
if(TP->Tokens->nParameters == 3)
return HaveBstr(TKEY(2));
else {
- if (TP->Tokens->Params[3]->Type == TYPE_LONG)
- return LBstr(TKEY(2)) == TP->Tokens->Params[3]->lvalue;
- else
- return strcmp(Bstr(TKEY(2)),
- TP->Tokens->Params[3]->Start) == 0;
+ if (IS_NUMBER(TP->Tokens->Params[3]->Type))
+ {
+ return LBstr(TKEY(2)) ==
+ GetTemplateTokenNumber(Target,
+ TP,
+ 3,
+ 0);
+ }
+ else {
+ const char *pch;
+ long len;
+
+ GetTemplateTokenString (Target, TP, 3, &pch, &len);
+ return strcmp(Bstr(TKEY(2)), pch) == 0;
+ }
}
}
@@ -372,22 +426,34 @@ void tmplput_bstr(StrBuf *Target, WCTemplputParams *TP)
StrBufAppendTemplate(Target, TP, Buf, 1);
}
+
+void tmplput_bstrforward(StrBuf *Target, WCTemplputParams *TP)
+{
+ const StrBuf *Buf = SBstr(TKEY(0));
+ if (Buf != NULL) {
+ StrBufAppendBufPlain(Target, HKEY("?"), 0);
+ StrBufAppendBufPlain(Target, TKEY(0), 0);
+ StrBufAppendBufPlain(Target, HKEY("="), 0);
+ StrBufAppendTemplate(Target, TP, Buf, 1);
+ }
+}
+
void diagnostics(void)
{
output_headers(1, 1, 1, 0, 0, 0);
- wprintf("Session: %d
\n", WC->wc_session);
- wprintf("Command:
\n");
+ wc_printf("Session: %d
\n", WC->wc_session);
+ wc_printf("Command:
\n");
/*
-StrEscPuts(WC->UrlFragment1);
- wprintf("
\n");
- StrEscPuts(WC->UrlFragment2);
- wprintf("
\n");
- StrEscPuts(WC->UrlFragment3);
+StrEscAppend(WC->WBuf, NULL, WC->UrlFragment1, 0, 0);
+ wc_printf("
\n");
+StrEscAppend(WC->WBuf, NULL, WC->UrlFragment12 0, 0);
+ wc_printf("
\n");
+StrEscAppend(WC->WBuf, NULL, WC->UrlFragment3, 0, 0);
*/
- wprintf("
\n");
- wprintf("Variables:
\n");
+ wc_printf("
\n");
+ wc_printf("Variables:
\n");
dump_vars();
- wprintf("
\n");
+ wc_printf("
\n");
wDumpContent(1);
}
@@ -399,17 +465,20 @@ void tmplput_url_part(StrBuf *Target, WCTemplputParams *TP)
wcsession *WCC = WC;
if (WCC != NULL) {
- if (TP->Tokens->Params[0]->lvalue == 0) {
- if (WCC->Hdr->Handler != NULL)
- UrlBuf = Name = WCC->Hdr->Handler->Name;
+ long n;
+
+ n = GetTemplateTokenNumber(Target, TP, 0, 0);
+ if (n == 0) {
+ if (WCC->Hdr->HR.Handler != NULL)
+ UrlBuf = Name = WCC->Hdr->HR.Handler->Name;
}
- else if (TP->Tokens->Params[0]->lvalue == 1) {
+ else if (n == 1) {
UrlBuf = NewStrBuf();
- StrBufExtract_token(UrlBuf, WCC->Hdr->ReqLine, 0, '/');
+ StrBufExtract_token(UrlBuf, WCC->Hdr->HR.ReqLine, 0, '/');
}
else {
UrlBuf = NewStrBuf();
- StrBufExtract_token(UrlBuf, WCC->Hdr->ReqLine, 1, '/');
+ StrBufExtract_token(UrlBuf, WCC->Hdr->HR.ReqLine, 1, '/');
}
if (UrlBuf == NULL) {
@@ -420,16 +489,91 @@ void tmplput_url_part(StrBuf *Target, WCTemplputParams *TP)
}
}
+typedef struct __BstrPair {
+ StrBuf *x;
+ StrBuf *y;
+}BstrPair;
+CtxType CTX_BSTRPAIRS = CTX_NONE;
+void HFreeBstrPair(void *pv)
+{
+ BstrPair *p = (BstrPair*) pv;
+ FreeStrBuf(&p->x);
+ FreeStrBuf(&p->y);
+ free(pv);
+}
+
+HashList *iterate_GetBstrPairs(StrBuf *Target, WCTemplputParams *TP)
+{
+ StrBuf *X, *Y;
+ const char *ch = NULL;
+ long len;
+ const StrBuf *TheBStr;
+ BstrPair *OnePair;
+ HashList *List;
+ const char *Pos = NULL;
+ int i = 0;
+
+ if (HaveTemplateTokenString(NULL, TP, 2, &ch, &len))
+ {
+ GetTemplateTokenString(Target, TP, 2, &ch, &len);
+ }
+ else
+ {
+ return NULL;
+ }
+
+ TheBStr = SBstr(ch, len);
+ if ((TheBStr == NULL) || (StrLength(TheBStr) == 0))
+ return NULL;
+ List = NewHash(1, NULL);
+ while (Pos != StrBufNOTNULL)
+ {
+ X = NewStrBufPlain(NULL, StrLength(TheBStr));
+ StrBufExtract_NextToken(X, TheBStr, &Pos, '|');
+ if (Pos == StrBufNOTNULL) {
+ FreeStrBuf(&X);
+ DeleteHash(&List);
+ return NULL;
+ }
+ Y = NewStrBufPlain(NULL, StrLength(TheBStr));
+ StrBufExtract_NextToken(Y, TheBStr, &Pos, '|');
+ OnePair = (BstrPair*)malloc(sizeof(BstrPair));
+ OnePair->x = X;
+ OnePair->y = Y;
+ Put(List, IKEY(i), OnePair, HFreeBstrPair);
+ i++;
+ }
+ return List;
+}
+
+
+void tmplput_bstr_pair(StrBuf *Target, WCTemplputParams *TP, int XY)
+{
+ BstrPair *Pair = (BstrPair*) CTX(CTX_BSTRPAIRS);
+
+ StrBufAppendTemplate(Target, TP, (XY)?Pair->y:Pair->x, 0);
+}
+
+void tmplput_bstr_pair_x(StrBuf *Target, WCTemplputParams *TP)
+{ tmplput_bstr_pair(Target, TP, 0); }
+void tmplput_bstr_pair_y(StrBuf *Target, WCTemplputParams *TP)
+{ tmplput_bstr_pair(Target, TP, 1); }
void
InitModule_PARAMHANDLING
(void)
{
- WebcitAddUrlHandler(HKEY("diagnostics"), diagnostics, NEED_URL);
+ RegisterCTX(CTX_BSTRPAIRS);
+ WebcitAddUrlHandler(HKEY("diagnostics"), "", 0, diagnostics, NEED_URL);
+
+ RegisterIterator("ITERATE:BSTR:PAIR", 1, NULL, iterate_GetBstrPairs, NULL, DeleteHash, CTX_BSTRPAIRS, CTX_NONE, IT_NOFLAG);
+ RegisterNamespace("BSTR:PAIR:X", 1, 2, tmplput_bstr_pair_x, NULL, CTX_BSTRPAIRS);
+ RegisterNamespace("BSTR:PAIR:Y", 1, 2, tmplput_bstr_pair_y, NULL, CTX_BSTRPAIRS);
- RegisterConditional(HKEY("COND:BSTR"), 1, ConditionalBstr, CTX_NONE);
- RegisterNamespace("BSTR", 1, 2, tmplput_bstr, CTX_NONE);
- RegisterNamespace("URLPART", 1, 2, tmplput_url_part, CTX_NONE);
+ RegisterConditional("COND:BSTR", 1, ConditionalBstr, CTX_NONE);
+ RegisterNamespace("BSTR", 1, 2, tmplput_bstr, NULL, CTX_NONE);
+ RegisterNamespace("BSTR:FORWARD", 1, 2, tmplput_bstrforward, NULL, CTX_NONE);
+ RegisterNamespace("URLPART", 1, 2, tmplput_url_part, NULL, CTX_NONE);
}
@@ -445,4 +589,5 @@ SessionDetachModule_PARAMHANDLING
(wcsession *sess)
{
DeleteHash(&sess->Hdr->urlstrings);
+ FreeStrBuf(&sess->upload_filename);
}