char * http_servlet_tmpl_func_query_string(struct tmpl_ctx *ctx, char **errmsgp, int ac, char **av) { struct http_servlet_tmpl_arg *const arg = tmpl_ctx_get_arg(ctx); const char *const mtype = tmpl_ctx_get_mtype(ctx); const char *eqs = http_request_get_query_string(arg->req); char *dqs; if (ac != 1) { errno = EINVAL; return (NULL); } /* URL-decode query string */ if ((dqs = MALLOC(mtype, strlen(eqs) + 1)) == NULL) return (NULL); http_request_url_decode(eqs, dqs); /* Return it */ return (dqs); }
static int WebServletRun(struct http_servlet *servlet, struct http_request *req, struct http_response *resp) { FILE *f; const char *path; const char *query; int priv = 0; if (Enabled(&gWeb.options, WEB_AUTH)) { const char *username; const char *password; ConsoleUser u; struct console_user iu; /* Get username and password */ if ((username = http_request_get_username(req)) == NULL) username = ""; if ((password = http_request_get_password(req)) == NULL) password = ""; strlcpy(iu.username, username, sizeof(iu.username)); RWLOCK_RDLOCK(gUsersLock); u = ghash_get(gUsers, &iu); RWLOCK_UNLOCK(gUsersLock); if ((u == NULL) || strcmp(u->password, password)) { http_response_send_basic_auth(resp, "Access Restricted"); return (1); } priv = u->priv; } if (!(f = http_response_get_output(resp, 1))) { return 0; } if (!(path = http_request_get_path(req))) return 0; if (!(query = http_request_get_query_string(req))) return 0; if (!strcmp(path,"/mpd.css")) { http_response_set_header(resp, 0, "Content-Type", "text/css"); WebShowCSS(f); } else if (!strcmp(path,"/bincmd")) { http_response_set_header(resp, 0, "Content-Type", "text/plain"); http_response_set_header(resp, 1, "Pragma", "no-cache"); http_response_set_header(resp, 1, "Cache-Control", "no-cache, must-revalidate"); pthread_cleanup_push(WebServletRunCleanup, NULL); GIANT_MUTEX_LOCK(); WebRunBinCmd(f, query, priv); GIANT_MUTEX_UNLOCK(); pthread_cleanup_pop(0); } else if (!strcmp(path,"/") || !strcmp(path,"/cmd")) { http_response_set_header(resp, 0, "Content-Type", "text/html"); http_response_set_header(resp, 1, "Pragma", "no-cache"); http_response_set_header(resp, 1, "Cache-Control", "no-cache, must-revalidate"); pthread_cleanup_push(WebServletRunCleanup, NULL); GIANT_MUTEX_LOCK(); fprintf(f, "<!DOCTYPE HTML " "PUBLIC \"-//W3C//DTD HTML 4.01//EN\" " "\"http://www.w3.org/TR/html4/strict.dtd\">\n"); fprintf(f, "<HTML>\n"); fprintf(f, "<HEAD><TITLE>Multi-link PPP Daemon for FreeBSD (mpd)</TITLE>\n"); fprintf(f, "<LINK rel='stylesheet' href='/mpd.css' type='text/css'>\n"); fprintf(f, "</HEAD>\n<BODY>\n"); fprintf(f, "<H1>Multi-link PPP Daemon for FreeBSD</H1>\n"); if (!strcmp(path,"/")) WebShowSummary(f, priv); else if (!strcmp(path,"/cmd")) WebRunCmd(f, query, priv); GIANT_MUTEX_UNLOCK(); pthread_cleanup_pop(0); fprintf(f, "</BODY>\n</HTML>\n"); } else { http_response_send_error(resp, 404, NULL); } return 1; }
void wiki_handle_rest_call(HttpRequest *req, HttpResponse *res, char *func) { if (func != NULL && *func != '\0') { if (!strcmp(func, "page/get")) { char *page = http_request_param_get(req, "page"); if (page == NULL) page = http_request_get_query_string(req); if (page && (access(page, R_OK) == 0)) { http_response_printf(res, "%s", file_read(page)); http_response_send(res); return; } } else if (!strcmp(func, "page/set")) { char *wikitext = NULL, *page = NULL; if( ( (wikitext = http_request_param_get(req, "text")) != NULL) && ( (page = http_request_param_get(req, "page")) != NULL)) { file_write(page, wikitext); http_response_printf(res, "success"); http_response_send(res); return; } } else if (!strcmp(func, "page/delete")) { char *page = http_request_param_get(req, "page"); if (page == NULL) page = http_request_get_query_string(req); if (page && (unlink(page) > 0)) { http_response_printf(res, "success"); http_response_send(res); return; } } else if (!strcmp(func, "page/exists")) { char *page = http_request_param_get(req, "page"); if (page == NULL) page = http_request_get_query_string(req); if (page && (access(page, R_OK) == 0)) { http_response_printf(res, "success"); http_response_send(res); return; } } else if (!strcmp(func, "pages") || !strcmp(func, "search")) { WikiPageList **pages = NULL; int n_pages, i; char *expr = http_request_param_get(req, "expr"); if (expr == NULL) expr = http_request_get_query_string(req); pages = wiki_get_pages(&n_pages, expr); if (pages) { for (i=0; i<n_pages; i++) { struct tm *pTm; char datebuf[64]; pTm = localtime(&pages[i]->mtime); strftime(datebuf, sizeof(datebuf), "%Y-%m-%d %H:%M", pTm); http_response_printf(res, "%s\t%s\n", pages[i]->name, datebuf); } http_response_send(res); return; } } } http_response_set_status(res, 500, "Error"); http_response_printf(res, "<html><body>Failed</body></html>\n"); http_response_send(res); return; }
void wiki_handle_http_request(HttpRequest *req) { HttpResponse *res = http_response_new(req); char *page = http_request_get_path_info(req); char *command = http_request_get_query_string(req); char *wikitext = ""; util_dehttpize(page); /* remove any encoding on the requested page name. */ if (!strcmp(page, "/")) { if (access("WikiHome", R_OK) != 0) wiki_redirect(res, "/WikiHome?create"); page = "/WikiHome"; } if (!strcmp(page, "/styles.css")) { /* Return CSS page */ http_response_set_content_type(res, "text/css"); http_response_printf(res, "%s", CssData); http_response_send(res); exit(0); } if (!strcmp(page, "/favicon.ico")) { /* Return favicon */ http_response_set_content_type(res, "image/ico"); http_response_set_data(res, FaviconData, FaviconDataLen); http_response_send(res); exit(0); } page = page + 1; /* skip slash */ if (!strncmp(page, "api/", 4)) { char *p; page += 4; for (p=page; *p != '\0'; p++) if (*p=='?') { *p ='\0'; break; } wiki_handle_rest_call(req, res, page); exit(0); } /* A little safety. issue a malformed request for any paths, * There shouldn't need to be any.. */ if (strchr(page, '/')) { http_response_set_status(res, 404, "Not Found"); http_response_printf(res, "<html><body>404 Not Found</body></html>\n"); http_response_send(res); exit(0); } if (!strcmp(page, "Changes")) { wiki_show_changes_page(res); } else if (!strcmp(page, "ChangesRss")) { wiki_show_changes_page_rss(res); } else if (!strcmp(page, "Search")) { wiki_show_search_results_page(res, http_request_param_get(req, "expr")); } else if (!strcmp(page, "Create")) { if ( (wikitext = http_request_param_get(req, "title")) != NULL) { /* create page and redirect */ wiki_redirect(res, http_request_param_get(req, "title")); } else { /* show create page form */ wiki_show_create_page(res); } } else { /* TODO: dont blindly write wikitext data to disk */ if ( (wikitext = http_request_param_get(req, "wikitext")) != NULL) { file_write(page, wikitext); } if (access(page, R_OK) == 0) /* page exists */ { wikitext = file_read(page); if (!strcmp(command, "edit")) { /* print edit page */ wiki_show_edit_page(res, wikitext, page); } else { wiki_show_page(res, wikitext, page); } } else { if (!strcmp(command, "create")) { wiki_show_edit_page(res, NULL, page); } else { char buf[1024]; snprintf(buf, 1024, "%s?create", page); wiki_redirect(res, buf); } } } }