int attach_init() { char *buf, buf2[1024], *t2, *t3; int n; srand(time(0)*2+getpid()); chdir(BBSHOME); printf("Content-Type: application/octet-stream \n"); printf("Content-Disposition: attachment; filename=tshirt.csv \n\n", CHARSET); n=atoi(getsenv("CONTENT_LENGTH")); if(n>5000000) n=5000000; buf=calloc(n+1, 1); if(buf==0) http_fatal("memory overflow"); fread(buf, 1, n, stdin); buf[n]=0; t2=strtok(buf, "&"); while(t2) { t3=strchr(t2, '='); if(t3!=0) { t3[0]=0; t3++; __unhcode(t3); parm_add(trim(t2), t3); } t2=strtok(0, "&"); } strsncpy(buf2, getsenv("QUERY_STRING"), 1024); t2=strtok(buf2, "&"); while(t2) { t3=strchr(t2, '='); if(t3!=0) { t3[0]=0; t3++; __unhcode(t3); parm_add(trim(t2), t3); } t2=strtok(0, "&"); } strsncpy(buf2, getsenv("HTTP_COOKIE"), 1024); t2=strtok(buf2, ";"); while(t2) { t3=strchr(t2, '='); if(t3!=0) { t3[0]=0; t3++; parm_add(trim(t2), t3); } t2=strtok(0, ";"); } strsncpy(fromhost, getsenv("REMOTE_ADDR"), 32); seteuid(BBSUID); if(geteuid()!=BBSUID) http_fatal("uid error."); shm_init(); loginok=user_init(¤tuser, &u_info); if(u_info==0){ u_info=&guest; } return; }
int getformarg(char *buf, char *sec, char *qry, int len) { char *t2, *t3; qry[0] = 0; sec[0] = 0; t2 = strtok(buf, "&"); while (t2) { t3 = strchr(t2, '='); if (t3 != 0) { t3[0] = 0; t3++; __unhcode(t3); if (!strcmp(t2, "sec")) { strsncpy(sec, t3, len); } if (!strcmp(t2, "qry")) { strsncpy(qry, t3, len); } } t2 = strtok(NULL, "&"); } if (!qry[0]) return -1; while (qry[0] == ' ') memmove(qry, qry + 1, strlen(qry)); if ((t2 = strchr(qry, ' '))) *t2 = 0; return 0; }
int geturlarg(char *buf, char *sec, char *qry, int len) { char *t2; qry[0] = 0; sec[0] = 0; t2 = strtok(buf, "+"); if (!t2) return -1; __unhcode(t2); strsncpy(sec, t2, len); t2 = strtok(NULL, "+"); if (!t2) return -1; __unhcode(t2); strsncpy(qry, t2, len); return 0; }
int main() { gdImagePtr im; int black; int white; int brect[8]; int x, y; char *err; char s[5]; /* String to draw. */ double sz = 40.; char fontpath[256]; unsigned int r; char buf[50]; char userid[IDLEN + 1]; struct MD5Context mdc; unsigned int pass[4]; if (initbbsinfo(&bbsinfo) < 0) return -1; bzero(pass, sizeof(pass)); strsncpy(buf, getsenv("QUERY_STRING"), sizeof (buf)); __unhcode(buf); if (strncmp(buf, "userid=", 7)) { userid[0] = 0; } else { strsncpy(userid, buf+7, IDLEN+1); // errlog("%s",userid); } if (userid[0] == 0) { s[0] = 0; } else { MD5Init(&mdc); MD5Update(&mdc, (void *)(&bbsinfo.ucachehashshm->regkey), sizeof(int) * 4); MD5Update(&mdc, userid, strlen(userid)); MD5Final((char *)pass, &mdc); sprintf(s, "%d%d%d%d", pass[0]%10, pass[1] % 10, pass[2] % 10, pass[3] % 10); } getrandomint(&r); sprintf(fontpath, MY_BBS_HOME "/etc/fonts/%d.ttf", r % MAXFONTS); /* User supplied font */ fprintf(stdout, "Content-type: image/png\r\n\r\n"); /* obtain brect so that we can size the image */ err = gdImageStringTTF(NULL, &brect[0], 0, fontpath, sz, 0., 0, 0, s); if (err) { return 1; } /* create an image big enough for the string plus a little whitespace */ x = brect[2] - brect[6] + 6; y = brect[3] - brect[7] + 6; im = gdImageCreate(x, y); /* Background color (first allocated) */ white = gdImageColorResolve(im, 255, 255, 255); black = gdImageColorResolve(im, 0, 0, 0); /* render the string, offset origin to center string*/ /* note that we use top-left coordinate for adjustment * since gd origin is in top-left with y increasing downwards. */ x = 3 - brect[6]; y = 3 - brect[7]; err = gdImageStringFT(im, &brect[0], black, fontpath, sz, 0.0, x, y, s); if (err) { return 1; } /* Write img to stdout */ gdImagePng(im, stdout); /* Destroy it */ gdImageDestroy(im); return 0; }