/* * *** Ripped from HTTPD util.c (why are so many PORTABLE things not in APR UTIL?) */ int ap_unescape_url(char *url) { /* Traditional */ #ifdef CASE_BLIND_FILESYSTEM return unescape_url(url, "/\\", NULL); #else return unescape_url(url, "/", NULL); #endif }
int main() { FILE *in; extern FILE *popen(); char buff[512]; char *data; data = getenv("QUERY_STRING"); printf("Content-type: text/plain\n\n"); printf("Webshell.cgi\n"); printf("------------\n"); if (data != NULL) { unescape_url(data); printf("$ %s\n\n",data); if (!(in = popen(data, "r"))) { return -1; } while (fgets(buff, sizeof(buff), in) != NULL ) { printf("%s", buff); } pclose(in); } return 0; }
char * getcgivar(char *cgistring, char *param) { register int i; char *result = NULL; char cgiinput[BUFFER_LEN]; static char result2[BUFFER_LEN]; char *nvpair; strcpy(cgiinput, cgistring); /** Change all plusses back to spaces **/ for (i = 0; cgiinput[i]; i++) if (cgiinput[i] == '+') cgiinput[i] = ' '; nvpair = strtok(cgiinput, "&"); while (nvpair) { char *test = getparam(nvpair); if (!vcSTRCASECMP(test, param)) { result = getvalue(nvpair); free((void *) test); break; } free((void *) test); nvpair = strtok(NULL, "&"); } unescape_url(result); strcpy(result2, result); free((void *) result); return (result2); }
bool HttpRequestPacket::Unescape_url(string &url) { char * pszUrl = strdup(url.c_str()); unescape_url(pszUrl); url = pszUrl; free(pszUrl); return true; }
static void tabwin_handle_drag (GtkWidget *widget, GdkDragContext *context, gint x, gint y, GtkSelectionData *data, guint info, guint time, gpointer p) { const guchar *seldata = NULL; gchar *dfname; char tmp[MAXLEN]; int pos, skip = 5; if (data != NULL) { seldata = gtk_selection_data_get_data(data); } if (info != GRETL_FILENAME) { return; } /* ignore the wrong sort of data */ if (data == NULL || (dfname = (gchar *) seldata) == NULL || strlen(dfname) <= 5 || strncmp(dfname, "file:", 5)) { return; } if (strncmp(dfname, "file://", 7) == 0) skip = 7; #ifdef G_OS_WIN32 if (strncmp(dfname, "file:///", 8) == 0) skip = 8; #endif /* there may be multiple files: we ignore all but the first */ *tmp = 0; if ((pos = gretl_charpos('\r', dfname)) > 0 || (pos = gretl_charpos('\n', dfname) > 0)) { strncat(tmp, dfname + skip, pos - skip); } else { strcat(tmp, dfname + skip); } /* handle spaces and such */ unescape_url(tmp); #ifdef G_OS_WIN32 filename_to_win32(tryfile, tmp); #else strcpy(tryfile, tmp); #endif if (has_suffix(tryfile, ".inp")) { do_open_script(EDIT_SCRIPT); } }
void Controller_Module::peer_callback( OSC::Signal *sig, OSC::Signal::State state, void *v ) { char *s; DMESSAGE( "Paramter limits: %f %f", sig->parameter_limits().min, sig->parameter_limits().max ); /* only show outputs */ if ( sig->direction() != OSC::Signal::Output ) return; /* only list CV signals for now */ if ( ! ( sig->parameter_limits().min == 0.0 && sig->parameter_limits().max == 1.0 ) ) return; if ( ! v ) { /* if( state == OSC::Signal::Created ) */ /* timeline->connect_osc(); */ /* else */ /* timeline->update_osc_connection_state(); */ } else { /* building menu */ // const char *name = sig->peer_name(); assert( sig->path() ); char *path = strdup( sig->path() ); unescape_url( path ); asprintf( &s, "%s/%s", peer_prefix, path ); peer_menu->add( s, 0, NULL, (void*)( sig ), 0 ); /* FL_MENU_TOGGLE | */ /* ( ((Controller_Module*)v)->_osc_output()->is_connected_to( sig ) ? FL_MENU_VALUE : 0 ) ); */ free( path ); free( s ); } }
int main(int argc, char **argv){ char *str=NULL, *s; size_t n; if(argc<2) getline(&str, &n, stdin); else { str=calloc(1+strlen(*(argv+1)), sizeof(char)); strcpy(str, *(argv+1)); } if(s=strpbrk(str, "\r\n")) *s=0; while(s=strchr(str, '+')) *s=' '; unescape_url(str); fputs(str, stdout); return 0; }
void Controller_Module::add_osc_connections_to_menu ( Fl_Menu_Button *m, const char *prefix ) { /* peer_menu = m; */ const char *peer_prefix = prefix; // mixer->osc_endpoint->list_peer_signals( this ); Port *p = control_output[0].connected_port(); const char *number_path = p->osc_number_path(); const char *name_path = p->osc_path(); const char *paths[] = { number_path,name_path,NULL }; for ( const char **cpath = paths; *cpath; cpath++ ) { const char ** conn = mixer->osc_endpoint->get_connections( *cpath ); if ( conn ) { for ( const char **s = conn; *s; s++ ) { /* building menu */ char *path = strdup( *s ); unescape_url( path ); char *ns; asprintf( &ns, "%s/%s", peer_prefix, path ); peer_menu->add( ns, 0, NULL, const_cast<char*>(*s), 0 ); free( path ); // free(*s); } free( conn ); } } }
int ReadCGIQueryString (list_t * env) { char *qs; char *token; int i; if (getenv ("QUERY_STRING") != NULL) { qs = strdup (getenv ("QUERY_STRING")); } else { return (0); } /* change plusses into spaces */ for (i = 0; qs[i]; i++) { if (qs[i] == '+') { qs[i] = ' '; } }; /** split on & and ; to extract name value pairs */ token = strtok (qs, "&;"); while (token) { unescape_url (token); myputenv (env, token, global.var_prefix); myputenv (env, token, global.get_prefix); token = strtok (NULL, "&;"); } free (qs); return (0); }
main(int argc, char *argv[]) { entry entries[MAX_ENTRIES]; register int x,m=0; int cl; printf("Content-type: text/html%c%c",10,10); if(strcmp(getenv("REQUEST_METHOD"),"POST")) { printf("This script should be referenced with a METHOD of POST.\n"); printf("If you don't understand this, see this "); printf("<A HREF=\"http://www.ncsa.uiuc.edu/SDG/Software/Mosaic/Docs/fill-out-forms/overview.html\">forms overview</A>.%c",10); exit(1); } if(strcmp(getenv("CONTENT_TYPE"),"application/x-www-form-urlencoded")) { printf("This script can only be used to decode form results. \n"); exit(1); } cl = atoi(getenv("CONTENT_LENGTH")); for(x=0;cl && (!feof(stdin));x++) { m=x; entries[x].val = fmakeword(stdin,'&',&cl); plustospace(entries[x].val); unescape_url(entries[x].val); entries[x].name = makeword(entries[x].val,'='); } printf("<H1>Query Results</H1>"); printf("You submitted the following name/value pairs:<p>%c",10); printf("<ul>%c",10); for(x=0; x <= m; x++) printf("<li> <code>%s : %s</code>%c",entries[x].name, entries[x].val,10); printf("</ul>%c",10); }
main(int argc, char *argv[]) { entry entries[10000]; register int x,m=0; char *cl; printf("Content-type: text/html%c%c",10,10); if(strcmp(getenv("REQUEST_METHOD"),"GET")) { printf("This script should be referenced with a METHOD of GET.\n"); printf("If you don't understand this, see this "); printf("<A HREF=\"http://www.ncsa.uiuc.edu/SDG/Software/Mosaic/Docs/fill-out-forms/overview.html\">forms overview</A>.%c",10); exit(1); } cl = getenv("QUERY_STRING"); if(cl == NULL) { printf("No query information to decode.\n"); exit(1); } for(x=0;cl[0] != '\0';x++) { m=x; getword(entries[x].val,cl,'&'); plustospace(entries[x].val); unescape_url(entries[x].val); getword(entries[x].name,entries[x].val,'='); } printf("<H1>Query Results</H1>"); printf("You submitted the following name/value pairs:<p>%c",10); printf("<ul>%c",10); for(x=0; x <= m; x++) printf("<li> <code>%s = %s</code>%c",entries[x].name, entries[x].val,10); printf("</ul>%c",10); }
int loadParams(cgiRequestObj *request, char* (*getenv2)(const char*, void* thread_context), char *raw_post_data, ms_uint32 raw_post_data_length, void* thread_context) { register int x,m=0; char *s, *queryString = NULL, *httpCookie = NULL; int debuglevel; int maxParams = MS_DEFAULT_CGI_PARAMS; if (getenv2==NULL) getenv2 = &msGetEnv; if(getenv2("REQUEST_METHOD", thread_context)==NULL) { msIO_printf("This script can only be used to decode form results and \n"); msIO_printf("should be initiated as a CGI process via a httpd server.\n"); return -1; } debuglevel = (int)msGetGlobalDebugLevel(); if(strcmp(getenv2("REQUEST_METHOD", thread_context),"POST") == 0) { /* we've got a post from a form */ char *post_data; int data_len; request->type = MS_POST_REQUEST; s = getenv2("CONTENT_TYPE", thread_context); if (s != NULL) request->contenttype = msStrdup(s); /* we've to set default Content-Type which is * application/octet-stream according to * W3 RFC 2626 section 7.2.1 */ else request->contenttype = msStrdup("application/octet-stream"); if (raw_post_data) { post_data = msStrdup(raw_post_data); data_len = raw_post_data_length; } else { if(MS_SUCCESS != readPostBody( request, &post_data )) return -1; data_len = strlen(post_data); } /* if the content_type is application/x-www-form-urlencoded, we have to parse it like the QUERY_STRING variable */ if(strncmp(request->contenttype, "application/x-www-form-urlencoded", strlen("application/x-www-form-urlencoded")) == 0) { while( data_len > 0 && isspace(post_data[data_len-1]) ) post_data[--data_len] = '\0'; while( post_data[0] ) { if(m >= maxParams) { maxParams *= 2; request->ParamNames = (char **) msSmallRealloc(request->ParamNames,sizeof(char *) * maxParams); request->ParamValues = (char **) msSmallRealloc(request->ParamValues,sizeof(char *) * maxParams); } request->ParamValues[m] = makeword(post_data,'&'); plustospace(request->ParamValues[m]); unescape_url(request->ParamValues[m]); request->ParamNames[m] = makeword(request->ParamValues[m],'='); m++; } free( post_data ); } else request->postrequest = post_data; /* check the QUERY_STRING even in the post request since it can contain information. Eg a wfs request with */ s = getenv2("QUERY_STRING", thread_context); if(s) { if (debuglevel >= MS_DEBUGLEVEL_DEBUG) msDebug("loadParams() QUERY_STRING: %s\n", s); queryString = msStrdup(s); for(x=0; queryString[0] != '\0'; x++) { if(m >= maxParams) { maxParams *= 2; request->ParamNames = (char **) msSmallRealloc(request->ParamNames,sizeof(char *) * maxParams); request->ParamValues = (char **) msSmallRealloc(request->ParamValues,sizeof(char *) * maxParams); } request->ParamValues[m] = makeword(queryString,'&'); plustospace(request->ParamValues[m]); unescape_url(request->ParamValues[m]); request->ParamNames[m] = makeword(request->ParamValues[m],'='); m++; } } } else { if(strcmp(getenv2("REQUEST_METHOD", thread_context),"GET") == 0) { /* we've got a get request */ request->type = MS_GET_REQUEST; s = getenv2("QUERY_STRING", thread_context); if(s == NULL) { msIO_setHeader("Content-Type","text/html"); msIO_sendHeaders(); msIO_printf("No query information to decode. QUERY_STRING not set.\n"); return -1; } if (debuglevel >= MS_DEBUGLEVEL_DEBUG) msDebug("loadParams() QUERY_STRING: %s\n", s); if(strlen(s)==0) { msIO_setHeader("Content-Type","text/html"); msIO_sendHeaders(); msIO_printf("No query information to decode. QUERY_STRING is set, but empty.\n"); return -1; } /* don't modify the string returned by getenv2 */ queryString = msStrdup(s); for(x=0; queryString[0] != '\0'; x++) { if(m >= maxParams) { maxParams *= 2; request->ParamNames = (char **) msSmallRealloc(request->ParamNames,sizeof(char *) * maxParams); request->ParamValues = (char **) msSmallRealloc(request->ParamValues,sizeof(char *) * maxParams); } request->ParamValues[m] = makeword(queryString,'&'); plustospace(request->ParamValues[m]); unescape_url(request->ParamValues[m]); request->ParamNames[m] = makeword(request->ParamValues[m],'='); m++; } } else { msIO_setHeader("Content-Type","text/html"); msIO_sendHeaders(); msIO_printf("This script should be referenced with a METHOD of GET or METHOD of POST.\n"); return -1; } } /* check for any available cookies */ s = getenv2("HTTP_COOKIE", thread_context); if(s != NULL) { httpCookie = msStrdup(s); request->httpcookiedata = msStrdup(s); for(x=0; httpCookie[0] != '\0'; x++) { if(m >= maxParams) { maxParams *= 2; request->ParamNames = (char **) msSmallRealloc(request->ParamNames,sizeof(char *) * maxParams); request->ParamValues = (char **) msSmallRealloc(request->ParamValues,sizeof(char *) * maxParams); } request->ParamValues[m] = makeword(httpCookie,';'); plustospace(request->ParamValues[m]); unescape_url(request->ParamValues[m]); request->ParamNames[m] = makeword_skip(request->ParamValues[m],'=',' '); m++; } } if (queryString) free(queryString); if (httpCookie) free(httpCookie); return(m); }
main(int argc, char *argv[]) { register int x,m=0; char *cl; char w[256]; char tfile[L_tmpnam]; int subs,slims,sides,drinks,allow; char name[32]; char phone[10]; char address[64]; FILE *tfp,*order; printf("Content-type: text/html%c%c",LF,LF); cl=getenv("QUERY_STRING"); if((!cl) || (!cl[0])) dump_form(); tmpnam(tfile); if(!(tfp=fopen(tfile,"w"))) { printf("<TITLE>Server Error</TITLE>%c",LF); printf("<H1>Server Error</H1>%c",LF); printf("Server unable to get a temporary file. Please try again later.<P>%c",LF); exit(1); } subs=0;slims=0;sides=0;drinks=0;allow=0; name[0]='\0'; phone[0]='\0'; address[0]='\0'; for(x=0;cl[0] != '\0'; x++) { m=x; getword(w,cl,'='); plustospace(w); unescape_url(w); if(!strcmp(w,"pwd")) { getword(w,cl,'&'); plustospace(w); unescape_url(w); allow=(strcmp(w,PASSWORD) ? 0 : 1); } if(!strcmp(w,"sub")) { getword(w,cl,'&'); plustospace(w); unescape_url(w); subs |= (1 << atoi(w)); } else if(!strcmp(w,"slj")) { getword(w,cl,'&'); plustospace(w); unescape_url(w); slims |= (1 << atoi(w)); } else if(!strcmp(w,"sde")) { getword(w,cl,'&'); plustospace(w); unescape_url(w); sides |= (1 << atoi(w)); } else if(!strcmp(w,"pop")) { getword(w,cl,'&'); plustospace(w); unescape_url(w); drinks |= (1 << atoi(w)); } else if(!strcmp(w,"name")) { getword(w,cl,'&'); plustospace(w); unescape_url(w); strcpy(name,w); } else if(!strcmp(w,"phone")) { getword(w,cl,'&'); plustospace(w); unescape_url(w); strcpy(phone,w); } else if(!strcmp(w,"adr")) { getword(w,cl,'&'); plustospace(w); unescape_url(w); strcpy(address,w); } } if(!name[0]) print_error("you didn't give your name"); if(!address[0]) print_error("you didn't give your address"); if(!phone[0]) print_error("you didn't give your phone number"); if((!subs) && (!slims) && (!sides) && (!drinks)) print_error("you didn't order anything"); if(allow) { char t[256]; sprintf(t,"/bin/mail %s",JJ_FAX); if(!(order=popen(t,"w"))) print_error("the server was unable to open a pipe to mail"); printf("<TITLE>Order Sent</TITLE>%c",LF); printf("<H1>Order Sent</H1>%c",LF); printf("Your order has been sent to the UIUC e-mail to FAX gateway.<P>%c",LF); } else { printf("<TITLE>Your Order</TITLE>%c",LF); printf("<H1>Your Order</H1>%c",LF); printf("This is how your order would have looked if it had been sent.<P><PLAINTEXT>%c",LF); order=stdout; } fprintf(order,"My name is %s, and I would like to have the following%c", name,LF); fprintf(order,"order delivered to %s:%c%c",address,LF,LF); for(x=0;x<12;x++) if(subs & (1 << x)) fprintf(order,"\t(1) %s%c",sublist[x],LF); for(x=0;x<6;x++) if(slims & (1 << x)) fprintf(order,"\t(1) %s Slim Jim%c",slimlist[x],LF); for(x=0;x<2;x++) if(sides & (1 << x)) fprintf(order,"\t(1) %s%c",sidelist[x],LF); for(x=0;x<4;x++) if(drinks & (1 << x)) fprintf(order,"\t(1) %s%c",poplist[x],LF); fprintf(order,"%cPlease feel free to call me at %s if there is any%c",LF, phone,LF); fprintf(order,"problem. Thank you.%c%c.%c",LF,LF,LF); fclose(order); exit(0); }
main(int argc, char *argv[]) { entry entries[MAXENTRIES]; register int x, m = 0; int cl, invalid = 0, didroot = 0, didhtml = 0; char protocol; if (strcmp(getenv("REQUEST_METHOD"), "POST")) { printf("We can't do much with a blank subscription card, "); printf("can we?\n"); exit(1); } if (strcmp(getenv("CONTENT_TYPE"), "application/x-www-form-urlencoded")) { printf("This script can only be used to decode form "); printf("results.\n"); exit(1); } cl = atoi(getenv("CONTENT_LENGTH")); sprintf(command, "%s ", GETSTATS); for(x = 0; cl && (!feof(stdin)); x++) { m = x; entries[x].val = fmakeword(stdin, '&', &cl); plustospace(entries[x].val); unescape_url(entries[x].val); entries[x].name = makeword(entries[x].val,'='); if (!strcmp(entries[x].name, "protocol")) { protocol = entries[x].val[0]; if (protocol == 'G') sprintf(command, "%s -G %s", command); else if (protocol == 'N') sprintf(command, "%s -N %s", command); else if (protocol == 'C') sprintf(command, "%s -C %s", command); else if (protocol == 'P') sprintf(command, "%s -P %s", command); else if (protocol == 'M') sprintf(command, "%s -A %s", command); else if (protocol == 'U') sprintf(command, "%s -O %s", command); } if (!didroot) { sprintf(command, "%s -dr %s", command, ROOTDIR); didroot = 1; } if (!strcmp(entries[x].name, "logfilename")) if (strlen(entries[x].val)) sprintf(command, "%s -l %s", command, entries[x].val); else sprintf(command, "%s -l %s", command, LOGFILE); if (!strcmp(entries[x].name, "common") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -M", command); if (!strcmp(entries[x].name, "concise") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -c", command); if (!strcmp(entries[x].name, "toplines") && strlen(entries[x].val)) sprintf(command, "%s -t %s ", command, entries[x].val); if (!strcmp(entries[x].name, "all") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -a ", command); if (!strcmp(entries[x].name, "monthly") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -m ", command); if (!strcmp(entries[x].name, "weekly") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -w ", command); if (!strcmp(entries[x].name, "daysweek") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -ds ", command); if (!strcmp(entries[x].name, "daily") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -d ", command); if (!strcmp(entries[x].name, "hoursday") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -hs ", command); if (!strcmp(entries[x].name, "hourly") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -h ", command); if (!strcmp(entries[x].name, "full-hostname") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -f ", command); if (!strcmp(entries[x].name, "full-access") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -fa ", command); if (!strcmp(entries[x].name, "full-lastaccess") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -fd ", command); if (!strcmp(entries[x].name, "full-bytes") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -fb ", command); if (!strcmp(entries[x].name, "request-name") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -r ", command); if (!strcmp(entries[x].name, "request-accesses") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -ra ", command); if (!strcmp(entries[x].name, "request-lastaccesses") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -rd ", command); if (!strcmp(entries[x].name, "request-bytes") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -rb ", command); if (!strcmp(entries[x].name, "request-filesize") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -rf ", command); if (!strcmp(entries[x].name, "domain-name") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -dn ", command); if (!strcmp(entries[x].name, "domain-requests") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -da ", command); if (!strcmp(entries[x].name, "domain-lastaccesses") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -dd ", command); if (!strcmp(entries[x].name, "domain-bytes") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -db ", command); if (!strcmp(entries[x].name, "domain-sub") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -du ", command); if (!strcmp(entries[x].name, "filetree") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -dt ", command); if (!strcmp(entries[x].name, "error") && !strcmp(entries[x].val, "on")) sprintf(command, "%s -e ", command); if (!strcmp(entries[x].name, "samask")) if (strlen(entries[x].val) != 0) sprintf(command, "%s -sa \"%s\"", command, entries[x].val); if (!strcmp(entries[x].name, "ssmask")) if (strlen(entries[x].val) != 0) sprintf(command, "%s -ss \"%s\"", command, entries[x].val); if (!strcmp(entries[x].name, "srmask")) if (strlen(entries[x].val) != 0) sprintf(command, "%s -sr \"%s\"", command, entries[x].val); if (!strcmp(entries[x].name, "spmask")) if (strlen(entries[x].val) != 0) sprintf(command, "%s -sp \"%s\"", command, entries[x].val); if (!strcmp(entries[x].name, "sdmask")) if (strlen(entries[x].val) != 0) sprintf(command, "%s -sd \"%s\"", command, entries[x].val); if (!strcmp(entries[x].name, "shmask")) if (strlen(entries[x].val) != 0) sprintf(command, "%s -sh \"%s\"", command, entries[x].val); if (!strcmp(entries[x].name, "swmask")) if (strlen(entries[x].val) != 0) sprintf(command, "%s -sw \"%s\"", command, entries[x].val); if (!strcmp(entries[x].name, "mailme") && strlen(entries[x].val) != 0) { sprintf(command, "%s | /usr/ucb/mail -s \"%s\" %s", command, SUBJECT, entries[x].val); printf("Content-type: text/html\n\n"); printf("<title>It's in the mail...</title>\n<p>\n"); printf("<h1>Your log request is being mailed to "); printf("you.</h1>\n"); printf("The following command was executed:\n"); printf("<p>\n<code>%s</code>\n", command); } else if (!strcmp(entries[x].name, "mailme") && strlen(entries[x].val) == 0 && !didhtml) { sprintf(command, "%s -ht", command); didhtml = 1; } } sprintf(command, "%s &\n", command); system(command); exit(0); }
/* Returns the contents of the provided fields in a newly allocated * string, or a negative value on error. * * @body: is the string to search the xml field at, should be null-terminated. * @xml_field: the XML field to check for (e.g., MYFIELD) * @value: the value that was found */ static int parse_reply(worker_st * ws, char *body, unsigned body_length, const char *field, unsigned field_size, const char *xml_field, unsigned xml_field_size, char **value) { char *p; char temp1[64]; char temp2[64]; unsigned temp2_len, temp1_len; unsigned len, xml = 0; if (body == NULL || body_length == 0) return -1; if (memmem(body, body_length, "<?xml", 5) != 0) { xml = 1; if (xml_field) { field = xml_field; field_size = xml_field_size; } snprintf(temp1, sizeof(temp1), "<%s>", field); snprintf(temp2, sizeof(temp2), "</%s>", field); temp1_len = strlen(temp1); temp2_len = strlen(temp2); /* body should contain <field>test</field> */ *value = strcasestr(body, temp1); if (*value == NULL) { oclog(ws, LOG_HTTP_DEBUG, "cannot find '%s' in client XML message", field); return -1; } *value += temp1_len; p = *value; len = 0; while (*p != 0) { if (*p == '<' && (strncasecmp(p, temp2, temp2_len) == 0)) { break; } p++; len++; } } else { /* non-xml version */ snprintf(temp1, sizeof(temp1), "%s=", field); temp1_len = strlen(temp1); /* body should be "username=test&password=test" */ *value = strcasestr(body, temp1); if (*value == NULL) { oclog(ws, LOG_HTTP_DEBUG, "cannot find '%s' in client message", field); return -1; } *value += temp1_len; p = *value; len = 0; while (*p != 0) { if (*p == '&') { break; } p++; len++; } } if (len == 0) { *value = talloc_strdup(ws->req.body, ""); if (*value != NULL) return 0; return -1; } if (xml) *value = unescape_html(ws->req.body, *value, len, NULL); else *value = unescape_url(ws->req.body, *value, len, NULL); if (*value == NULL) { oclog(ws, LOG_ERR, "%s requested but no such field in client message", field); return -1; } return 0; }
int ReadCGIPOSTValues (list_t * env) { size_t content_length = 0; size_t max_len; size_t i, j, x; sliding_buffer_t sbuf; buffer_t token; unsigned char *data; const char *CONTENT_LENGTH = "CONTENT_LENGTH"; if ((getenv (CONTENT_LENGTH) == NULL) || (strtoul (getenv (CONTENT_LENGTH), NULL, 10) == 0)) return (0); if (getenv ("CONTENT_TYPE")) { if (strncasecmp (getenv ("CONTENT_TYPE"), "multipart/form-data", 19) == 0) { /* This is a mime request, we need to go to the mime handler */ i = rfc2388_handler (env); return (i); } } s_buffer_init (&sbuf, 32768); sbuf.fh = STDIN; if (getenv (CONTENT_LENGTH)) { sbuf.maxread = strtoul (getenv (CONTENT_LENGTH), NULL, 10); } haserl_buffer_init (&token); /* Allow 2MB content, unless they have a global upload set */ max_len = ((global.uploadkb == 0) ? 2048 : global.uploadkb) *1024; do { /* x is true if this token ends with a matchstr or is at the end of stream */ x = s_buffer_read (&sbuf, "&"); content_length += sbuf.len; if (content_length > max_len) { die_with_message (NULL, NULL, "Attempted to send content larger than allowed limits."); } if ((x == 0) || (token.data)) { buffer_add (&token, (char *) sbuf.segment, sbuf.len); } if (x) { data = sbuf.segment; sbuf.segment[sbuf.len] = '\0'; if (token.data) { /* add the ASCIIZ */ buffer_add (&token, sbuf.segment + sbuf.len, 1); data = token.data; } /* change plusses into spaces */ j = strlen ((char *) data); for (i = 0; i <= j; i++) { if (data[i] == '+') { data[i] = ' '; } } unescape_url ((char *) data); myputenv (env, (char *) data, global.var_prefix); myputenv (env, (char *) data, global.post_prefix); if (token.data) { buffer_reset (&token); } } } while (!sbuf.eof); s_buffer_destroy (&sbuf); buffer_destroy (&token); return (0); }
void SVDeviceTest::refresh() { OutputDebugString("--------------- refresh() --------------\n"); if (m_pFinish) { m_pFinish->setText(""); } char szQuery[4096] = {0}; int nSize = 4095; #ifdef WTGET GetEnvironmentVariable( "QUERY_STRING", szQuery,nSize); #else char * tmpquery; tmpquery = getenv( "QUERY_STRING"); if(tmpquery != NULL) { strcpy(szQuery,tmpquery); } else { return; } #endif strParam = szQuery; if(strlen(szQuery) > 0) { unescape_url(szQuery); m_szQuery = szQuery; if(m_pSubContent) { m_pSubContent->clear(); //new WText(m_szWaiting, m_pSubContent->elementAt(0, 0)); if(m_pWait) m_pWait->setText(m_szWaiting); } //Jansion.zhou 2007-01-07 //if(m_pClose) // m_pClose->setEnabled(false); //if (m_pClose) // m_pClose->SetDisable(); OutputDebugString("--------------- m_pHideButton will clicked --------------\n"); WebSession::js_af_up = "update('" + getCmd() + "');"; } else { m_szQuery = ""; if(m_pSubContent) { int nRow = m_pSubContent->numRows(); new WText(m_szQueryEmpty, m_pSubContent->elementAt(nRow, 0)); } OutputDebugString("--------------- m_pHideButton is not clicked --------------\n"); //if (m_pClose) // m_pClose->setEnabled(true); } int bTrans = GetIniFileInt("translate", "translate", 0, "general.ini"); if(bTrans == 1) { pTranslateBtn->show(); pExChangeBtn->show(); } else { pTranslateBtn->hide(); pExChangeBtn->hide(); } }
void decode_url(char *url) { plustospace(url); unescape_url(url); unpercent_url(url); }
void cgi_init( int *result ) { int cl, i, in_multipart_headers, which_entry, length_gotten; char * boundary; /* Default, no errors, no name/value pairs ("entries"): */ cgi_errno = CGIERR_NONE; cgi_num_entries = 0; length_gotten = 0; /* Check for REQUEST_METHOD (set by HTTP server): */ if (getenv("REQUEST_METHOD") == NULL) { /* None set? Assume the user is invoking the CGI from a shell prompt (for debugging): */ cgi_request_method = CGIREQ_NONE; } else { /* Determine the exact request method, and grab the data (if any) in the appropriate manner: */ if (strcmp(getenv("REQUEST_METHOD"), "POST") == 0) { /* Post method (data is sent to us via "stdin"): */ cgi_request_method = CGIREQ_POST; if (getenv("CONTENT_TYPE") == NULL) { /* Content type is not set! */ cgi_errno = CGIERR_INCORRECT_TYPE; cgi_content_type = CGITYPE_UNKNOWN; CGI_RETURN(cgi_errno); } else if (strcmp(getenv("CONTENT_TYPE"), "application/x-www-form-urlencoded") == 0) { cgi_content_type = CGITYPE_APPLICATION_X_WWW_FORM_URLENCODED; /* How much data do we expect? */ if (getenv("CONTENT_LENGTH") == NULL || sscanf(getenv("CONTENT_LENGTH"), "%d", &cl) != 1) { cgi_errno = CGIERR_BAD_CONTENT_LENGTH; CGI_RETURN(cgi_errno); } /* Create space for it: */ cgi_query = malloc(cl + 1); /* 2.0.1 - Tadek Orlowski ([email protected]) ... "+1" */ if (cgi_query == NULL) { cgi_errno = CGIERR_OUT_OF_MEMORY; CGI_RETURN(cgi_errno); } /* Read it in: */ fgets(cgi_query, cl + 1, stdin); /* Verify that we got as much data as we expected: */ if (strlen(cgi_query) != cl) cgi_errno = CGIERR_CONTENT_LENGTH_DISCREPANCY; } else if (strstr(getenv("CONTENT_TYPE"), "multipart/form-data") == getenv("CONTENT_TYPE")) { cgi_content_type = CGITYPE_MULTIPART_FORM_DATA; cgi_query = malloc(2050); if (cgi_query == NULL) { cgi_errno = CGIERR_OUT_OF_MEMORY; CGI_RETURN(cgi_errno); } /* Determine the boundary string: */ if (strstr(getenv("CONTENT_TYPE"), "boundary=") == NULL) { cgi_errno = CGIERR_NO_BOUNDARY; CGI_RETURN(cgi_errno); } boundary = strdup(strstr(getenv("CONTENT_TYPE"), "boundary=") + 9); debug("boundary", boundary); /* Read in until there's no more: */ in_multipart_headers = 0; which_entry = -1; do { length_gotten = lineread(stdin, cgi_query, 2048); debug("cgi_query", cgi_query); if (length_gotten > 0) { if (strstr(cgi_query, boundary) == cgi_query + 2 && cgi_query[0] == '-' && cgi_query[1] == '-') { /* We got a boundary! */ in_multipart_headers = 1; which_entry = -1; } else /* (Not a boundary) */ { if (in_multipart_headers == 1) { /* We had just got a boundary, read headers: */ if (cgi_query[0] == '\r' || cgi_query[0] == '\n') { /* Blank line, end of headers: */ in_multipart_headers = 0; } else /* (Not a blank line) */ { /* What kind of header is it? */ if (strstr(cgi_query, "Content-Disposition: ") == cgi_query) { /* Content-disposition: */ /* For now, just look for "name=": */ if (strstr(cgi_query, "name=\"") != NULL) { /* Add a new entry: */ which_entry = cgi_num_entries; cgi_num_entries++; /* Make more room: */ cgi_entries = realloc(cgi_entries, sizeof(cgi_entry_type) * cgi_num_entries); if (cgi_entries == NULL) { cgi_errno = CGIERR_OUT_OF_MEMORY; CGI_RETURN(cgi_errno); } /* Fill in the name slot: */ cgi_entries[which_entry].name = strdup(strstr(cgi_query, "name=\"") + 6); /* Truncate after quote: */ if (strchr(cgi_entries[which_entry]. name, '\"') != NULL) { strcpy(strchr(cgi_entries [which_entry].name, '\"'), "\0"); } /* Set default content-type: */ cgi_entries[which_entry]. content_type = "application/octet-stream"; /* Set default content-length: */ cgi_entries[which_entry]. content_length = 0; /* Set default value: */ cgi_entries[which_entry].val = strdup(""); debug("entry.name", cgi_entries[which_entry].name); } } else if (strstr(cgi_query, "Content-Type: ") == cgi_query) { /* Content-type: */ cgi_entries[which_entry].content_type = strdup(strstr(cgi_query, "Content-Type: ") + 14); debug("entry.content_type", cgi_entries[which_entry]. content_type); } } } else /* in_multipart_headers == 0 */ { /* If we're recording into a particular entry, copy the data: */ if (which_entry != -1) { /* Make more room: */ cgi_entries[which_entry].val = realloc(cgi_entries[which_entry].val, strlen(cgi_entries[which_entry]. val) + length_gotten + 1); if (cgi_entries[which_entry].val == NULL) { cgi_errno = CGIERR_OUT_OF_MEMORY; CGI_RETURN(cgi_errno); } /* Append the data: */ memcpy(cgi_entries[which_entry].val + (cgi_entries[which_entry]. content_length), cgi_query, length_gotten); cgi_entries[which_entry].content_length = (cgi_entries[which_entry].content_length + length_gotten); } } } } } while (length_gotten > 0); free(cgi_query); } else { /* Content type is unrecognized! */ cgi_errno = CGIERR_INCORRECT_TYPE; cgi_content_type = CGITYPE_UNKNOWN; CGI_RETURN(cgi_errno); } } else if (strcmp(getenv("REQUEST_METHOD"), "GET") == 0) { /* For now, assume Content Type of "application/x-www-form-urlencoded" (Is this a bad assumption?) */ cgi_content_type = CGITYPE_APPLICATION_X_WWW_FORM_URLENCODED; /* GET method (data sent via "QUERY_STRING" env. variable): */ cgi_request_method = CGIREQ_GET; /* Get a pointer to the data: */ cgi_query = getenv("QUERY_STRING"); if (cgi_query == NULL) { /* Does the "QUERY_STRING" env. variable not exist!? */ cgi_errno = CGIERR_NULL_QUERY_STRING; CGI_RETURN(cgi_errno); } else { /* Determine the content length by seeing how big the string is: */ cl = strlen(cgi_query); } } else { /* Something else? We can't handle it! */ cgi_request_method = CGIREQ_UNKNOWN; cgi_errno = CGIERR_UNKNOWN_METHOD; cgi_num_entries = 0; CGI_RETURN(cgi_errno); } if (cgi_content_type != CGITYPE_MULTIPART_FORM_DATA) { /* How many entries (name/value pairs) do we need to allocate space for? (They should be separated by "&"'s) */ cgi_num_entries = 0; for (i = 0; i <= cl; i++) if (cgi_query[i] == '&' || cgi_query[i] == '\0') cgi_num_entries++; /* Allocate the space for that many structures: */ cgi_entries = malloc(sizeof(cgi_entry_type) * cgi_num_entries); if (cgi_entries == NULL) { cgi_errno = CGIERR_OUT_OF_MEMORY; CGI_RETURN(cgi_errno); } /* Grab each name/value pair: */ cgi_num_entries = 0; /* (Begin with the first half of the first pair): */ if (cgi_query[0] != '\0' && cgi_query[0] != '&') { cgi_entries[0].name = cgi_query; cgi_entries[0].content_type = "text/html"; } /* Go through the entire string of characters: */ for (i = 0; i <= cl; i++) { if (cgi_query[i] == '&') { /* "&" represents the end of a name/value pair: */ cgi_entries[cgi_num_entries].name = cgi_query + i + 1; cgi_entries[cgi_num_entries].content_type = "text/html"; cgi_query[i] = '\0'; } else if (cgi_query[i] == '=') { /* "=" is the end of the name half of a name/value pair: */ cgi_entries[cgi_num_entries].val = cgi_query + i + 1; /* plustospace(cgi_entries[cgi_num_entries].val); unescape_url(cgi_entries[cgi_num_entries].val); */ cgi_num_entries++; cgi_query[i] = '\0'; } } for (i = 0; i < cgi_num_entries; i++) { plustospace(cgi_entries[i].val); unescape_url(cgi_entries[i].val); } } /* Fix any NULL strings to be empty strings */ /* 2.0.4 - MJ Pomraning ([email protected]) */ for (i = 0; i < cgi_num_entries; i++) { if (cgi_entries[i].name == NULL) cgi_entries[i].name = ""; if (cgi_entries[i].val == NULL) cgi_entries[i].val = ""; } } CGI_RETURN(CGIERR_NONE); }
int getEntries( inStruct Sentries ) { register int x; char *stquery, *tmpq, *tmpStr, *tmpStr1, *tmpPtr; char reqMethod[100]; int msgLength; char contentType[100]; char boundary[MAX_TOKEN]; int i; putenv( "HOME=/" ); if ( getenv( "CONTENT_TYPE" ) != NULL ) { strcpy( contentType, getenv( "CONTENT_TYPE" ) ); } else { strcpy( contentType, "" ); } if ( getenv( "REQUEST_METHOD" ) != NULL ) { strcpy( reqMethod, getenv( "REQUEST_METHOD" ) ); } else { strcpy( reqMethod, "" ); } if ( getenv( "HTTP_COOKIE" ) != NULL ) { strcpy( Sentries->cookieStr, getenv( "HTTP_COOKIE" ) ); } else { strcpy( Sentries->cookieStr, "" ); } if ( strstr( Sentries->cookieStr, "*" ) != NULL || strstr( Sentries->cookieStr, ".." ) != NULL || strstr( Sentries->cookieStr, "?" ) != NULL || strstr( Sentries->cookieStr, "/" ) != NULL || strstr( Sentries->cookieStr, "\\" ) != NULL ) { Sentries->op = -1; return 1; } if ( !strcmp( reqMethod, "POST" ) || !strcmp( reqMethod, "post" ) ) { msgLength = atoi( getenv( "CONTENT_LENGTH" ) ) + 10; stquery = malloc( msgLength ); if ( fread( stquery, 1, msgLength, stdin ) != ( msgLength - 10 ) ) { webErrorExit( "short fread", 0 ); } stquery[msgLength] = '\0'; } else { stquery = malloc( QSIZE ); if ( getenv( "QUERY_STRING" ) != NULL ) { strcpy( stquery, getenv( "QUERY_STRING" ) ); } else { strcpy( stquery, "" ); } } if ( strstr( contentType, "multipart/form-data" ) != NULL ) { i = msgLength - 10; getBoundary( &stquery, boundary ); /*** printf("Boundary:**%s**<BR>\n",boundary);fflush(stdout); ***/ for ( x = 0; *stquery != '\0'; x++ ) { if ( x == MAX_ENTRIES ) { webErrorExit( "MaxEntries Exceeded", x ); } Sentries->m = x; /*** printf("GettingX:%i....\n",x);fflush(stdout); ***/ tmpPtr = stquery; if ( getmultipartword( &Sentries->entries[x], &stquery, boundary, i ) != 0 ) { break; } i -= stquery - tmpPtr; /*** printf("%i:%s=%s<BR>\n",entries[x].size,entries[x].name,entries[x].val);fflush(stdout);***/ } Sentries->m--; } else { /** the following is to take care of the home col. name bad length pb Linux on RedHat7 *******/ fixstr1 = malloc( 10 ); free( fixstr1 ); /******************************************************/ for ( x = 0; stquery[0] != '\0'; x++ ) { if ( x == MAX_ENTRIES ) { webErrorExit( "MaxEntries Exceeded", x ); } Sentries->m = x; Sentries->entries[x].val = malloc( HUGE_STRING ); getword( Sentries->entries[x].val, stquery, '&' ); plustospace( Sentries->entries[x].val ); unescape_url( Sentries->entries[x].val ); char* wd = ( char * ) makeword( Sentries->entries[x].val, '=' ); // JMC cppcheck - leak sprintf( Sentries->entries[x].name, wd ); free( wd ); // JMC cppcheck - leak } } return 0; }
int main(int argc, char *argv[]) { pentry entries[MAXPOSTVARS]; entry gentries[MAXGETVARS]; char *gcl; register int i; int cl=0; ConnectDb(); if(getenv("REMOTE_ADDR")!=NULL) sprintf(gcHost,"%.99s",getenv("REMOTE_ADDR")); if(getenv("HTTP_USER_AGENT")!=NULL) { if(strstr(getenv("HTTP_USER_AGENT"),"Firefox")) guBrowserFirefox=1; } #if defined(Linux) gethostname(gcHostname, 98); #else //Solaris sysinfo(SI_HOSTNAME, gcHostname, 98); #endif if(strcmp(getenv("REQUEST_METHOD"),"POST")) { //Get //SSLCookieLogin(); gcl = getenv("QUERY_STRING"); for(i=0;gcl[0] != '\0' && i<MAXGETVARS;i++) { getword(gentries[i].val,gcl,'&'); plustospace(gentries[i].val); unescape_url(gentries[i].val); getword(gentries[i].name,gentries[i].val,'='); if(!strcmp(gentries[i].name,"gcFunction")) sprintf(gcFunction,"%.99s",gentries[i].val); else if(!strcmp(gentries[i].name,"gcPage")) sprintf(gcPage,"%.99s",gentries[i].val); } if(gcPage[0]) { if(!strcmp(gcPage,"MyAccount")) MyAccountGetHook(gentries,i); } } else { //Post cl = atoi(getenv("CONTENT_LENGTH")); for(i=0;cl && (!feof(stdin)) && i<MAXPOSTVARS ;i++) { entries[i].val = fmakeword(stdin,'&',&cl); plustospace(entries[i].val); unescape_url(entries[i].val); entries[i].name = makeword(entries[i].val,'='); if(!strcmp(entries[i].name,"gcFunction")) sprintf(gcFunction,"%.99s",entries[i].val); else if(!strcmp(entries[i].name,"gcPage")) sprintf(gcPage,"%.99s",entries[i].val); else if(!strcmp(entries[i].name,"gcLogin")) sprintf(gcLogin,"%.99s",entries[i].val); else if(!strcmp(entries[i].name,"gcPasswd")) sprintf(gcPasswd,"%.99s",entries[i].val); } } //Not required to be logged in gcFunction section if(gcFunction[0]) { if(!strncmp(gcFunction,"Logout",5)) { printf("Set-Cookie: iRadiusLogin=; expires=\"Mon, 01-Jan-1971 00:10:10 GMT\"\n"); printf("Set-Cookie: iRadiusPasswd=; expires=\"Mon, 01-Jan-1971 00:10:10 GMT\"\n"); guPermLevel=0; gcUser[0]=0; guLoginClient=0; htmlLogin(); } } /*if(!strcmp(gcFunction,"Login")) SetLogin(); if(!guPermLevel || !gcUser[0] || !guLoginClient) SSLCookieLogin()ยจ; //First page after valid login if(!strcmp(gcFunction,"Login")) htmlMyAccountd();*/ //Per page command tree MyAccountCommands(entries,i); //default logged in page htmlMyAccount(); return(0); }//end of main()
/* Returns the contents of the password field in a newly allocated * string, or a negative value on error. * * @body: is the string to search the xml field at, should be null-terminated. * @value: the value that was found */ static int match_password_in_reply(worker_st * ws, char *body, unsigned body_length, char **value) { char *p; unsigned len, xml = 0; if (body == NULL || body_length == 0) return -1; if (memmem(body, body_length, "<?xml", 5) != 0) { xml = 1; /* body should contain <password?>test</password?> */ *value = strcasestr(body, "<password"); if (*value == NULL) { oclog(ws, LOG_HTTP_DEBUG, "cannot find password in client XML message"); return -1; } /* find terminator */ p = strchr(*value, '>'); if (p == NULL) { oclog(ws, LOG_HTTP_DEBUG, "unterminated password in client XML message"); return -1; } p++; *value = p; len = 0; while (*p != 0) { if (*p == '<' && (strncasecmp(p, "</password", sizeof("</password")-1) == 0)) { break; } p++; len++; } } else { /* non-xml version */ /* body should be "username=test&password?=test" */ *value = strcasestr(body, "password"); if (*value == NULL) { oclog(ws, LOG_HTTP_DEBUG, "cannot find password in client message"); return -1; } p = strchr(*value, '='); if (p == NULL) { oclog(ws, LOG_HTTP_DEBUG, "unterminated password in client message"); return -1; } p++; *value = p; len = 0; while (*p != 0) { if (*p == '&') { break; } p++; len++; } } if (len == 0) { *value = talloc_strdup(ws->req.body, ""); if (*value != NULL) return 0; return -1; } if (xml) *value = unescape_html(ws->req.body, *value, len, NULL); else *value = unescape_url(ws->req.body, *value, len, NULL); if (*value == NULL) { oclog(ws, LOG_ERR, "password requested but no such field in client message"); return -1; } return 0; }
int main(int argc, char **argv, char **envp) { int postsize; char *xmldata, *data; xmlDocPtr doc; xmlNodePtr cur, anode; int bbdnsock; int bbdnport; char *status = NULL; struct config_t maincfg; /* Read in config file */ maincfg = maincfgopen(); bbdnport = maincfg_get_int(&maincfg, "BLDPORT"); maincfgclose(&maincfg); key_get(systemkey); char *request_method; if (!bbdn_conect(&bbdnsock, "", bbdnport)) cgi_error(500, bstrerror()); request_method = getenv("HTTP_REQUEST_METHOD")!=NULL ? strdup(getenv("HTTP_REQUEST_METHOD")) : strdup(getenv("REQUEST_METHOD")); // We will handel the post stuf our self. Set REQUEST_METHOD to GET so cgi-util ignores it. setenv("REQUEST_METHOD", "GET", 1); if (cgi_init() != CGIERR_NONE) { cgi_error(500, "Can't init cgi-util"); } /* * Either called from command line, and then we want a file. * or a http get/put * Or we are handling a web request, and getting the data from stdin. */ if ((cgi_getentrystr("method") != NULL) && (strcmp(cgi_getentrystr("method"),"rest") == 0)) { char api[100], coll[100], url[512]; char *requrle; if (getenv("REQUEST_URI") == NULL) { cgi_error(500, "Can't read REQUEST_URI"); } requrle = strdup(getenv("REQUEST_URI")); unescape_url(requrle); sscanf(requrle,"/%[a-z]/%[a-zA-Z0-9_-]/%[^?]", api, coll, url); #ifdef DEBUG fprintf(stderr, "api: \"%s\"\n",api); fprintf(stderr, "coll: \"%s\"\n",coll); fprintf(stderr, "url: \"%s\"\n",url); fprintf(stderr, "request_method: \"%s\"\n",request_method); fprintf(stderr, "reques url \"%s\"\n",getenv("REQUEST_URI")); fprintf(stderr, "reques url unescaped \"%s\"\n",requrle); #endif free(requrle); if (strcmp(request_method,"POST") == 0 || strcmp(request_method,"ADDDELAYED") == 0 || strcmp(request_method,"PUT") == 0) { if (getenv("CONTENT_LENGTH") == NULL) { cgi_error(500, "Can't read CONTENT_LENGTH"); } // Get data length postsize = atoi(getenv("CONTENT_LENGTH")); data = malloc(postsize + 1); if (data == NULL) { cgi_error(500, "Can't allocate data."); } // Read data fread(data, 1, postsize, stdin); data[postsize] = '\0'; // add in to repo if (bbdn_docadd(bbdnsock, coll, // collection name url, // url cgi_getentrystr("documenttype"), // document type data, // data postsize, // data size 0, // lastmodified cgi_getentrystr("acl_allow")!=NULL ? cgi_getentrystr("acl_allow") : "Everyone", // acl allow cgi_getentrystr("acl_denied"), // acl denied cgi_getentrystr("title"), // title cgi_getentrystr("documentformat"), // document format cgi_getentrystr("attributes"), // attributes NULL, // image 0 // image size ) != 1) { cgi_error(500, "bbdn_docadd() failed. Can't add document."); } if (strcmp(request_method,"ADDDELAYED") != 0) { // close it sd_close(bbdnsock, coll); } asprintf(&status,"Added %s to %s\n",url,coll); } else if (strcmp(request_method,"DELETE") == 0) { if (url[0] == '\0') { if (sd_deletecollection(bbdnsock, coll) != 1) { cgi_error(500, "Can't delete collection"); } asprintf(&status,"Deleted collection %s\n",coll); } else { if (bbdn_deleteuri(bbdnsock, coll, url) != 1) { cgi_error(500, "Can't delete document"); } asprintf(&status,"Deleted url %s in %s\n",url,coll); } } else if (strcmp(request_method,"CLOSE") == 0) { sd_close(bbdnsock, coll); asprintf(&status,"Closed %s\n",coll); } else { cgi_error(500, "Unknown request method \"%s\"", request_method ); } #ifdef DEBUG // Print the envirement so we can better see what is going on. char** env; for (env = envp; *env != 0; env++) { char* thisEnv = *env; fprintf(stderr, "%s\n", thisEnv); } #endif } else if ((cgi_getentrystr("do") != NULL) && (strcmp(cgi_getentrystr("do"),"add") == 0)) { char *data; int datasize; int n; const char *url = getenv("HTTP_X_FILENAME") ? getenv("HTTP_X_FILENAME") : cgi_getentrystr("url"); const char *coll = cgi_getentrystr("collection"); if (url == NULL) { cgi_error(500, "No url specified. Either set http header HTTP_X_FILENAME or get parameter 'url'.\n"); } if (coll == NULL) { cgi_error(500, "No collection specified\n"); } char *tmpname; FILE *fh; asprintf(&tmpname,"/tmp/%s",url); fh = fopen(tmpname,"wb"); if (fh == NULL) { cgi_error(500, "Can't open file %s",tmpname); } if ((data = malloc( atoi(getenv("CONTENT_LENGTH")) )) == NULL) { cgi_error(500, "Can't malloc data"); } datasize = 0; while ((n = fread ((unsigned char *)(data + datasize),1,1024,stdin)) > 0) { datasize += n; } fwrite(data,1,datasize,fh); fclose(fh); free(tmpname); // bbdn_docadd(bbdnsock, xmldoc.collection, uri, xmldoc.documenttype, xmldoc.body, xmldoc.bodysize, // xmldoc.lastmodified, xmldoc.aclallow, xmldoc.acldeny, xmldoc.title, xmldoc.documentformat, xmldoc.attributes, image, image_size); bbdn_docadd(bbdnsock, coll, url, "", data, datasize, 0, "Everyone", "", "omp1", "", "", NULL, 0); // close it sd_close(bbdnsock, coll); } else if ((cgi_getentrystr("do") != NULL) && (strcmp(cgi_getentrystr("do"),"delete") == 0)) { const char *url = getenv("HTTP_X_FILENAME") ? getenv("HTTP_X_FILENAME") : cgi_getentrystr("url"); const char *coll = cgi_getentrystr("collection"); if (url == NULL) { cgi_error(500, "No url specified. Either set http header HTTP_X_FILENAME or get parameter 'url'.\n"); } if (coll == NULL) { cgi_error(500, "No collection specified\n"); } bbdn_deleteuri(bbdnsock, coll, url); asprintf(&status,"%s deleted.\n", url); } else if (getenv("CONTENT_LENGTH") != NULL) { // Get data length postsize = atoi(getenv("CONTENT_LENGTH")); xmldata = malloc(postsize + 1); // Read data fread(xmldata, 1, postsize, stdin); xmldata[postsize] = '\0'; //fprintf(stderr, "Received %i bytes.\n", postsize); //fprintf(stderr, "Got document:\n%s\n", xmldata); //parsing xml doc = xmlParseDoc((xmlChar*)xmldata); if (doc == NULL) cgi_error(500, "Unable to parse document"); cur = xmlDocGetRootElement(doc); if (cur == NULL) { xmlFreeDoc(doc); cgi_error(500, "empty document"); } // Some document checking if (xmlStrcmp(cur->name, (const xmlChar *)ROOT_NODE_NAME)) { xmlFreeDoc(doc); cgi_error(500, "document of the wrong type, root node != %s, but %s\n", ROOT_NODE_NAME, cur->name); } if ((anode = xml_find_child(cur, "key")) != NULL) { char *p; p = (char *)xmlNodeListGetString(doc, anode->xmlChildrenNode, 1); if (p == NULL) cgi_error(500, "No key data"); if ((systemkey[0] != '\0') && (!key_equal(systemkey, p))) { cgi_error(500, "Keys does not match: Got \"%s\" but wanted \"%s\"\n",p,systemkey); } } else { cgi_error(500, "Did not receive a key"); } if ((anode = xml_find_child(cur, "version")) != NULL) { xmlChar *p; p = xmlNodeListGetString(doc, anode->xmlChildrenNode, 1); version = atoi((char*)p); xmlFree(p); } else { cgi_error(500, "Did not receive a version number"); } for (cur = cur->xmlChildrenNode; cur != NULL; cur = cur->next) { if ((!xmlStrcmp(cur->name, (const xmlChar *) "key"))){ // Ignore } else if ((!xmlStrcmp(cur->name, (const xmlChar *) "version"))){ // Ignore } else if ((!xmlStrcmp(cur->name, (const xmlChar *) "add"))){ xml_add(bbdnsock, doc, cur); } else if ((!xmlStrcmp(cur->name, (const xmlChar *) "delete"))){ xml_delete(bbdnsock, doc, cur); } else if ((!xmlStrcmp(cur->name, (const xmlChar *) "close"))) { xml_close(bbdnsock, doc, cur); } else if ((!xmlStrcmp(cur->name, (const xmlChar *) "create"))) { xml_create(bbdnsock, doc, cur); } else if ((!xmlStrcmp(cur->name, (const xmlChar *) "users"))) { xml_users(doc, cur); } else if ((!xmlStrcmp(cur->name, (const xmlChar *) "gcwhispers"))) { xml_gcwhispers(bbdnsock, doc, cur); } else if ((!xmlStrcmp(cur->name, (const xmlChar *) "error"))) { xml_errormsg(bbdnsock, doc, cur); } else if ((!xmlStrcmp(cur->name, (xmlChar*)"text"))) { //fprintf(stderr, "Got text: %s\n", xmlNodeListGetString(doc, cur, 1)); // Ignore for now } else { warnx("Unknown xml node '%s'", cur->name); } } } else { cgi_error(500, "Didn't receive any command or data."); } if (status != NULL) { printf("Content-type: text/plain\n\n"); printf(status); } else { cgi_error(500, "Reached end of program without status."); } return 0; }
int parse_CGI_encoded(llist *entries, char *buffer) { int i, j, num, token; int len = strlen(buffer); char *lexeme; entrytype entry; node *window; if ((lexeme = (char *)malloc(sizeof(char) * len + 1)) == NULL) exit(1); list_create(entries); window = entries->head; entry.name = NULL; entry.value = NULL; i = 0; num = 0; token = _NAME; while (i < len) { j = 0; while ( (buffer[i] != '=') && (buffer[i] != '&') && (i < len) ) { lexeme[j] = (buffer[i] == '+') ? ' ' : buffer[i]; i++; j++; } lexeme[j] = '\0'; if (token == _NAME) { entry.name = newstr(lexeme); unescape_url(entry.name); if ( (buffer[i] != '=') || (i == len - 1) ) { if ((entry.value = (char *)malloc(sizeof(char))) == NULL) exit(1); entry.value[0]=0; window = list_insafter(entries, window, entry); FREE(entry.name); FREE(entry.value); if (i == len - 1) /* null value at end of expression */ num++; else { /* error in expression */ FREE(lexeme); return -1; } } else token = _VALUE; } else { entry.value = newstr(lexeme); unescape_url(entry.value); window = list_insafter(entries, window, entry); FREE(entry.name); FREE(entry.value); token = _NAME; num++; } i++; j = 0; } FREE(lexeme); FREE(entry.name); FREE(entry.value); return num; }
static int process_json(bgpstream_broker_datasource_t *broker_ds, bgpstream_input_mgr_t *input_mgr, const char *js, jsmntok_t *root_tok, size_t count) { int i, j, k; jsmntok_t *t = root_tok + 1; int arr_len, obj_len; int time_set = 0; int num_results = 0; // per-file info char *url = NULL; size_t url_len = 0; int url_set = 0; char collector[BGPSTREAM_UTILS_STR_NAME_LEN] = ""; int collector_set = 0; char project[BGPSTREAM_UTILS_STR_NAME_LEN] = ""; int project_set = 0; char type[BGPSTREAM_UTILS_STR_NAME_LEN] = ""; int type_set = 0; uint32_t initial_time = 0; int initial_time_set = 0; uint32_t duration = 0; int duration_set = 0; if (count == 0) { fprintf(stderr, "ERROR: Empty JSON response from broker\n"); goto retry; } if (root_tok->type != JSMN_OBJECT) { fprintf(stderr, "ERROR: Root object is not JSON\n"); fprintf(stderr, "INFO: JSON: %s\n", js); goto err; } // iterate over the children of the root object for (i = 0; i < root_tok->size; i++) { // all keys must be strings if (t->type != JSMN_STRING) { fprintf(stderr, "ERROR: Encountered non-string key: '%.*s'\n", t->end - t->start, js + t->start); goto err; } if (json_strcmp(js, t, "time") == 0) { NEXT_TOK; json_type_assert(t, JSMN_PRIMITIVE); json_strtoul(broker_ds->last_response_time, t); time_set = 1; NEXT_TOK; } else if (json_strcmp(js, t, "type") == 0) { NEXT_TOK; json_str_assert(js, t, "data"); NEXT_TOK; } else if (json_strcmp(js, t, "error") == 0) { NEXT_TOK; if (json_isnull(js, t) == 0) { // i.e. there is an error set fprintf(stderr, "ERROR: Broker reported an error: %.*s\n", t->end - t->start, js + t->start); goto err; } NEXT_TOK; } else if (json_strcmp(js, t, "queryParameters") == 0) { NEXT_TOK; json_type_assert(t, JSMN_OBJECT); // skip over this object t = json_skip(t); } else if (json_strcmp(js, t, "data") == 0) { NEXT_TOK; json_type_assert(t, JSMN_OBJECT); NEXT_TOK; json_str_assert(js, t, "dumpFiles"); NEXT_TOK; json_type_assert(t, JSMN_ARRAY); arr_len = t->size; // number of dump files NEXT_TOK; // first elem in array for (j = 0; j < arr_len; j++) { json_type_assert(t, JSMN_OBJECT); obj_len = t->size; NEXT_TOK; url_set = 0; project_set = 0; collector_set = 0; type_set = 0; initial_time_set = 0; duration_set = 0; for (k = 0; k < obj_len; k++) { if (json_strcmp(js, t, "urlType") == 0) { NEXT_TOK; if (json_strcmp(js, t, "simple") != 0) { // not yet supported? fprintf(stderr, "ERROR: Unsupported URL type '%.*s'\n", t->end - t->start, js + t->start); goto err; } NEXT_TOK; } else if (json_strcmp(js, t, "url") == 0) { NEXT_TOK; json_type_assert(t, JSMN_STRING); if (url_len < (t->end - t->start + 1)) { url_len = t->end - t->start + 1; if ((url = realloc(url, url_len)) == NULL) { fprintf(stderr, "ERROR: Could not realloc URL string\n"); goto err; } } json_strcpy(url, t, js); unescape_url(url); url_set = 1; NEXT_TOK; } else if (json_strcmp(js, t, "project") == 0) { NEXT_TOK; json_type_assert(t, JSMN_STRING); json_strcpy(project, t, js); project_set = 1; NEXT_TOK; } else if (json_strcmp(js, t, "collector") == 0) { NEXT_TOK; json_type_assert(t, JSMN_STRING); json_strcpy(collector, t, js); collector_set = 1; NEXT_TOK; } else if (json_strcmp(js, t, "type") == 0) { NEXT_TOK; json_type_assert(t, JSMN_STRING); json_strcpy(type, t, js); type_set = 1; NEXT_TOK; } else if (json_strcmp(js, t, "initialTime") == 0) { NEXT_TOK; json_type_assert(t, JSMN_PRIMITIVE); json_strtoul(initial_time, t); initial_time_set = 1; NEXT_TOK; } else if (json_strcmp(js, t, "duration") == 0) { NEXT_TOK; json_type_assert(t, JSMN_PRIMITIVE); json_strtoul(duration, t); duration_set = 1; NEXT_TOK; } else { fprintf(stderr, "ERROR: Unknown field '%.*s'\n", t->end - t->start, js + t->start); goto err; } } // file obj has been completely read if (url_set == 0 || project_set == 0 || collector_set == 0 || type_set == 0 || initial_time_set == 0 || duration_set == 0) { fprintf(stderr, "ERROR: Invalid dumpFile record\n"); goto retry; } #ifdef WITH_BROKER_DEBUG fprintf(stderr, "----------\n"); fprintf(stderr, "URL: %s\n", url); fprintf(stderr, "Project: %s\n", project); fprintf(stderr, "Collector: %s\n", collector); fprintf(stderr, "Type: %s\n", type); fprintf(stderr, "InitialTime: %" PRIu32 "\n", initial_time); fprintf(stderr, "Duration: %" PRIu32 "\n", duration); #endif // do we need to update our current_window_end? if (initial_time + duration > broker_ds->current_window_end) { broker_ds->current_window_end = (initial_time + duration); } if (bgpstream_input_mgr_push_sorted_input( input_mgr, strdup(url), strdup(project), strdup(collector), strdup(type), initial_time, duration) <= 0) { goto err; } num_results++; } } // TODO: handle unknown tokens } if (time_set == 0) { goto err; } free(url); return num_results; retry: free(url); return ERR_RETRY; err: fprintf(stderr, "ERROR: Invalid JSON response received from broker\n"); free(url); return ERR_RETRY; }