static void
cgiviewHTMLAttributeValue(App *app, HTML *html, Buf *buf)
{
unsigned char *referer;
URL *url;
unsigned char *urlstring;
View *view;
view = &app->view;
if (html->currentAttributeIsURL)
{
url = urlRelative(html->base, html->currentAttribute->value);
urlstring = escapeHTML(url ? url->url : (unsigned char *) "");
fprintf(view->out, "<a href=\"%s%s", me, urlstring);
free(urlstring);
referer = escapeHTML(html->url);
fprintf(view->out, "&referer=%s\">", referer);
free(referer);
urlFree(url);
viewHTMLText(app, buf);
fprintf(view->out, "</a>");
}
else
{
viewHTMLAttributeValue(app, buf);
}
}
void die_va(int errorcode,char query[], const char *fmt, va_list ap) {
char queryesc[MaxQueryLen*2+1];
escapeHTML(queryesc, sizeof queryesc, query);
printf("<search>\n");
printf("<error>\n");
printf(" <errorcode>%i</errorcode>\n",errorcode);
printf(" <errormessage>");
vprintf(fmt,ap);
printf("</errormessage>\n");
printf("</error>\n");
printf("<RESULT_INFO TOTAL=\"0\" QUERY=\"%s\" HILITE=\"\" TIME=\"0\" FILTERED=\"0\" SHOWABAL=\"0\" BOITHOHOME=\"%s\"/>\n",queryesc,bfile(""));
printf("</search>\n");
vfprintf(stderr,fmt,ap);
fprintf(stderr,"\n");
va_end(ap);
exit(1);
}
void LogWidget::message( const QString & inmessage, Severity severity ) const
{
QTime tm = QTime::currentTime();
QString output = tm.toString( "hh:mm:ss" ) + QString( " : " );
// escape any HTML markup that may be in the text
QString message( inmessage );
escapeHTML( message );
if ( severity == LOG_MESSAGE )
{
output += QString("<b>") + message + QString("</b>");
}
else
{
output.append( "<b><span style=\"color:" );
output.append( (severity == LOG_WARNING) ? m_warningColor : m_errorColor );
output.append( "\">" );
output.append( message );
output.append( "</span></b>" );
}
// add hard break where they had \n
output.replace( QString("\n"), QString("<br>") );
m_textEdit->insertHtml( output );
// scroll down to find cursor
m_textEdit->ensureCursorVisible();
}
static void
cgiviewHTTPResponseHeaderValue(App *app, Buf *buf, unsigned char *url)
{
unsigned char *urlstring;
View *view;
view = &app->view;
if (url)
{
urlstring = escapeHTML(url);
fprintf(view->out, "<a href=\"%s%s\">", me, urlstring);
free(urlstring);
viewHTTP(app, buf);
fprintf(view->out, "</a>");
}
else
{
viewHTTPHeaderValue(app, buf);
}
}
void QFEHelpEditorWidget::toEntity()
{
QString txt=getSelection();
replaceSelection(escapeHTML(txt));
}
//API sample
void ApiSample::Response()
{
CHttpResponseHdr header;
string strResp;
string abc, def;
abc = m_session->_POST_VARS_["abc"];
def = m_session->_POST_VARS_["def"];
if( abc == "" || def == "" )
{
header.SetStatusCode(SC200);
header.SetField("Content-Type", "text/html");
strResp = "<html></head><title>API Sample</title></head><body>API Sample: couldn't get the corresponding POST data</body></html>";
header.SetField("Content-Length", strResp.length());
}
else
{
int a = atoi(abc.c_str());
int d = atoi(def.c_str());
int sum = a + d;
char szTmp[64];
sprintf(szTmp, "%d", sum);
header.SetStatusCode(SC200);
header.SetField("Content-Type", "text/html");
m_session->SetCookie("test1", "value1", 90, NULL, "/", NULL, FALSE, FALSE);
m_session->SetCookie("test2", "value2", 100, NULL, "/", NULL, TRUE, TRUE);
m_session->SetCookie("test3", "value3", 120, NULL, "/", ".uplusware.com", TRUE, TRUE);
m_session->SetCookie("test4", "value4", -1, NULL, "/", NULL);
string strValue1, strValue2, strValue3;
int r1 = m_session->GetSessionVar("session_var1", strValue1);
int r2 = m_session->GetSessionVar("session_var2", strValue2);
int r3 = m_session->GetSessionVar("session_var3", strValue3);
if(r1 != 0)
m_session->SetSessionVar("session_var1", "hello session 1! = ] <script>alert(\"aaaa\")</script>");
if(r2 != 0)
m_session->SetSessionVar("session_var2", "hello session 2! = ]");
if(r3 != 0)
m_session->SetSessionVar("session_var3", "hello session 3! = ]");
string strServerValue1, strServerValue2, strServerValue3;
int s1 = m_session->GetServerVar("server_var1", strServerValue1);
int s2 = m_session->GetServerVar("server_var2", strServerValue2);
int s3 = m_session->GetServerVar("server_var3", strServerValue3);
if(s1 != 0)
m_session->SetServerVar("server_var1", "hello server 1! = ]");
if(s2 != 0)
m_session->SetServerVar("server_var2", "hello server 2! = ]");
if(s3 != 0)
m_session->SetServerVar("server_var3", "hello server 3! = ]");
string strEscapedValue1, strEscapedValue2, strEscapedValue3;
string strEscapedServerValue1, strEscapedServerValue2, strEscapedServerValue3;
escapeHTML(strValue1.c_str(), strEscapedValue1);
escapeHTML(strValue2.c_str(), strEscapedValue2);
escapeHTML(strValue3.c_str(), strEscapedValue3);
escapeHTML(strServerValue1.c_str(), strEscapedServerValue1);
escapeHTML(strServerValue2.c_str(), strEscapedServerValue2);
escapeHTML(strServerValue3.c_str(), strEscapedServerValue3);
strResp = "<html></head><title>API Sample</title></head><body><h1>niuhttpd web server/0.3</h1>API Sample: ";
strResp += abc;
strResp += " + ";
strResp += def;
strResp += " = ";
strResp += szTmp;
strResp += "<p><a href='javascript:alert(document.cookie)'>cookie</a>";
strResp += "<p>Session Variables: <p>session_var1=";
strResp += strEscapedValue1;
strResp += "<p>session_var2=";
strResp += strEscapedValue2;
strResp += "<p>session_var3=";
strResp += strEscapedValue3;
strResp += "<p>Server Variables: <p>server_var1=";
strResp += strEscapedServerValue1;
strResp += "<p>server_var2=";
strResp += strEscapedServerValue2;
strResp += "<p>server_var3=";
strResp += strEscapedServerValue3;
strResp += "</body></html>";
header.SetField("Content-Length", strResp.length());
}
m_session->SendHeader(header.Text(), header.Length());
m_session->SendContent(strResp.c_str(), strResp.length());
}
