int main(int argc, char **argv) {
char *author;
char *title;
CGI_varlist *varlist;
CGI_varlist *redirect_vars;
CGI_value *value;
char *reason;
cl = clnt_create(PAPER_ADDRESS, PAPERSERVER_PROG, PAPERSERVER_VERS, "tcp");
if (cl == NULL) {
// sprintf(reason, "Error creating RPC client %s", strerror(errno));
redirect_vars = CGI_add_var(NULL, "reason", "Error creating RPC client");
printf("Status: 303\nLocation: %s%s%s\n\n", WEB_BASEPHP, "/papererror.php?", CGI_encode_varlist(redirect_vars, NULL));
// perror("Error creating RPC client!");
CGI_free_varlist(redirect_vars);
exit(1);
}
// fputs("Content-type: text/plain\r\n\r\n", stdout);
varlist = CGI_get_all("/tmp/cgi-upload-XXXXXX");
author = CGI_lookup(varlist, "author");
title = CGI_lookup(varlist, "title");
value = CGI_lookup_all(varlist, "fileToUpload");
if (value == 0 || value[1] == 0) {
redirect_vars = CGI_add_var(NULL, "reason", "No file was uploaded");
printf("Status: 303\nLocation: %s%s%s\n\n", WEB_BASEPHP, "/papererror.php?", CGI_encode_varlist(redirect_vars, NULL));
CGI_free_varlist(redirect_vars);
// fputs("No file was uploaded\r\n", stdout);
}
else {
// printf("Author: %s\n Title: %s\n", author, title);
// printf("Your file \"%s\" was uploaded to my file \"%s\"\r\n",
// value[1], value[0]);
add_article(author, title, strdup(value[0]), strdup(value[1]));
/* Do something with the file here */
unlink(value[0]);
}
CGI_free_varlist(varlist);
clnt_destroy(cl);
return 0;
}
/**
* @internal
*
* Returns a string from the request, either for GET, POST or COOKIE.
*/
ctr_object* ctr_request_string(ctr_object* myself, ctr_argument* argumentList, CGI_varlist* varlist) {
ctr_object* cgiVarObject;
char* cgiVar;
char* value;
cgiVarObject = ctr_internal_cast2string(argumentList->object);
cgiVar = ctr_heap_allocate_cstring( cgiVarObject );
value = (char*) CGI_lookup(varlist, (const char*)cgiVar);
ctr_heap_free( cgiVar );
if (value == NULL) return CtrStdNil;
return ctr_build_string_from_cstring(value);
}
int main(int argc, char **argv) {
CGI_varlist *varlist;
const char *value;
if ((varlist = CGI_get_all(0)) == 0) {
fputs("Content-type: text/plain\r\n\r\n", stdout);
printf("No CGI data received\r\n");
return 0;
}
value = CGI_lookup(varlist, "id");
cl = clnt_create(PAPER_ADDRESS, PAPERSERVER_PROG, PAPERSERVER_VERS, "tcp");
if (cl == NULL) {
fputs("Content-type: text/plain\r\n\r\n", stdout);
perror("Error creating RPC client!");
CGI_free_varlist(varlist); /* free variable list */
exit(1);
}
if (value != NULL) {
get_article_info(value);
}
else {
printf("Content-Type: text/plain\n\n");
printf("id value missing\n\n");
}
CGI_free_varlist(varlist); /* free variable list */
clnt_destroy(cl);
return 0;
}
int main(int argc, char **argv) {
CLIENT *cl;
CGI_varlist *varlist;
int value;
const char *author = "author";
const char *title = "title";
const char *file = "file";
const char* authorTmp;
const char* titleTmp;
CGI_value* fileValue;
char* authorVal;
char* titleVal;
char* fileVal;
if ((varlist = CGI_get_all("/tmp/cgi-upload-XXXXXX")) == NULL ||
varlist == 0)
{
redirectError("No CGI data received");
return 0;
}
if((varlist = CGI_get_post(varlist, "/tmp/cgi-upload-XXXXXX")) == NULL ||
varlist == 0)
{
redirectError("No CGI post data received");
return 0;
}
if(((authorTmp = CGI_lookup(varlist, author)) == NULL) || strlen(authorTmp) == 0)
{
redirectError("Did not receive Author data");
return 0;
}
if(((titleTmp = CGI_lookup(varlist, title)) == NULL) || strlen(titleTmp) == 0)
{
redirectError("Did not receive Title data ");
return 0;
}
if(((fileValue = CGI_lookup_all(varlist, file)) == NULL))
{
redirectError("Did not receive File data");
return 0;
}
if(fileValue == 0 || fileValue[1] == 0){
redirectError("No file was uploaded");
return 0;
}
authorVal = (char*) malloc(strlen(authorTmp)*sizeof(char));
titleVal = (char*) malloc(strlen(titleTmp)*sizeof(char));
fileVal = (char*) malloc(strlen(fileValue[0])*sizeof(char));
strcpy(authorVal, authorTmp);
strcpy(titleVal, titleTmp);
strcpy(fileVal, fileValue[0]);
CGI_free_varlist(varlist);
cl = createClient();
value = addArticle(cl, authorVal, titleVal, fileVal);
clnt_destroy(cl);
if(value < 0){
redirectError("Add Article Error");
}
redirectSuccess(value);
return value;
}
int main(int argc, char **argv)
{
CGI_varlist *vl;
int tlen = strlen(TMP_PATH);
FILE *log;
const char *name, *dir;
char prefix[BUFSIZ] = UPL_PATH, dst[BUFSIZ], srv[BUFSIZ],
*p = getenv("SCRIPT_NAME");
umask(umask((mode_t)0)|S_IWUSR|S_IWGRP|S_IWOTH|S_IXUSR|S_IXGRP|S_IXOTH);
printf("Content-type: text/plain\r\n\r\n");
if(p != NULL) /* The CGI-reported basename must be the target server */
{
char genbuf[BUFSIZ];
if(strlcpy(dst, p, BUFSIZ) >= BUFSIZ) return 1; /* These are self- */
if((p = strrchr(dst, '/')) != NULL) p++; else p = dst;
if(strlcpy(genbuf, p, BUFSIZ) >= BUFSIZ) return 1; /* inflicted errors */
if(strlcpy(srv, p, BUFSIZ) >= BUFSIZ) return 1; /* that users should*/
if((p = strchr(genbuf, '.')) != NULL) *p = '\0';
if((p = strchr(srv, '.')) != NULL) *p = '\0';
if(strlcat(prefix, genbuf, BUFSIZ) >= BUFSIZ ||
strlcat(prefix, "-", BUFSIZ) >= BUFSIZ) return 1; /* not normally see */
} else { e("config error"); return 1; }
if((log = fopen(LOG_PATH, "a")) == NULL) { e("log error"); return 1; }
if((vl = CGI_get_all(TMP_PATH"-XXXXXX")) == 0 ) { e("nodata"); return 1; }
/*All files received--force to disk: sync && echo 3 > /proc/sys/vm/drop_caches*/
sync(); /* Suggest to disk */
if((dir = CGI_lookup(vl, "dir")))
{
FILE *dirs = fopen(DIR_PATH, "r"); /* SMB server permitted directories */
char genbuf[BUFSIZ], f = 1;
if(!dirs) { e("no dir"); return 1; }
while(fgets(genbuf, BUFSIZ, dirs))
{ /* Remove the fgets-included newline */
if((p = strrchr(genbuf, '\n')) != NULL) *p = '\0';
if(!strcmp(genbuf, dir)) { f = 0; break; }
}
fclose(dirs);
if(f) { e("no dir"); return 1; }
}
else { e("no dir"); return 1; }
printf("%s\n", dir);
for(name = CGI_first_name(vl); name != 0; name = CGI_next_name(vl))
{
int i;
CGI_value *val;
if(!(val = CGI_lookup_all(vl, 0))) continue;
for(i = 0; val[i]; i++)
{
struct stat junk_buf; /* Does filename match TMP_PATH, and exist? */
if(!strncmp(val[i], TMP_PATH, tlen) && !stat(val[i], &junk_buf))
{ /* RFC-1867 files come in name pairs, and the index must be advanced. */
FILE *goodfile;
const char *z;
time_t epoch = time(NULL);
struct tm *now = localtime(&epoch);
int j = i++; /* Now, val[j] == tmp_name, val[i] == user's sent name. */
strftime(dst, BUFSIZ, "%y/%m/%d %H:%M:%S", now);
fprintf(log, "%s %s %s", dst, getenv("REMOTE_ADDR"), val[i]);
if((z = strrchr(val[i], '/')) != NULL) z++; else z = val[i];
if((p = strrchr(z, '\\')) != NULL) z = p + 1; /* IE sends full path. */
if(strlcpy(dst, prefix, BUFSIZ) >= BUFSIZ ||
strlcat(dst, z, BUFSIZ) >= BUFSIZ) /* Skip if basename oversized. */
{
e("error\n");
fprintf(log, " _FLEN-RETAINED_ %s\n", val[j]);
continue;
}
if(link(val[j], dst) && /* On link failure, try to keep this data. */
(strlcat(dst, val[j] + tlen, BUFSIZ) >= BUFSIZ || /* new filename */
link(val[j], dst))) /* mkstemp suffix appended */
{
printf("name_error\t%s\n", val[i]);
fprintf(log, " _LINK-RETAINED_ %s\n", val[j]);
continue;
} else fprintf(log, " _RENAMED_ %s", dst);
if(unlink(val[j]))
{
printf("tmp_error\t%s\n", val[i]); /* This is not a fatal error */
fprintf(log, " _UNLINK-RETAINED_ %s", val[j]);
}
fprintf(log,"\n");
if((goodfile = fopen(dst, "r")))
{
SHA256_CTX ctx;
uchar buf[BUFSIZ];
char cmd[BUFSIZ], dirbuf[BUFSIZ];
/* Report the sha256sum--at least client can verify this leg of the trip */
sha256_init(&ctx);
while((j = fread(buf, 1, BUFSIZ, goodfile))) sha256_update(&ctx, buf, j);
sha256_final(&ctx, buf);
fclose(goodfile);
for(j = 0; j < 32; j++) printf("%02x", buf[j]);
printf("\t%s\n", val[i]);
/* Build the smbclient command line - add -e for encryption if desired */
if(strlcpy(cmd, "smbclient -mSMB3 -A/usr/local/etc/.", BUFSIZ) >= BUFSIZ ||
strlcat(cmd, srv, BUFSIZ) >= BUFSIZ ||/*Note:smbclient didn't get*/
strlcat(cmd, ".auth '//", BUFSIZ) >= BUFSIZ ||/* SMB3 until Samba v4.1*/
strlcat(cmd, srv, BUFSIZ) >= BUFSIZ) { E(); continue; }
if(*dir != '/' && strlcat(cmd, "/", BUFSIZ) >= BUFSIZ) { E(); continue; }
if( strlcpy(dirbuf, dir, BUFSIZ) >= BUFSIZ) { E(); continue; }
if((p = strchr(dirbuf + 1, '/')) != NULL)
{ /* Pull the share name off, then cd to subdir */
*p = '\0';
if(strlcat(cmd, dirbuf, BUFSIZ) >= BUFSIZ ||
strlcat(cmd, "' -c 'cd \"", BUFSIZ) >= BUFSIZ ||
strlcat(cmd, p + 1, BUFSIZ) >= BUFSIZ ||
strlcat(cmd, "\"; ", BUFSIZ) >= BUFSIZ) { E(); continue; }
} /* smbclient doesn't cd properly if this isn't done */
else
{ /* No subdir, so put directly */
if(strlcat(cmd, dir, BUFSIZ) >= BUFSIZ ||
strlcat(cmd, "' -c '", BUFSIZ) >= BUFSIZ) { E(); continue; }
}
if(strlcat(cmd, "put \"", BUFSIZ) >= BUFSIZ ||
strlcat(cmd, dst, BUFSIZ) >= BUFSIZ ||
strlcat(cmd, "\" \"", BUFSIZ) >= BUFSIZ ||
strlcat(cmd, z, BUFSIZ) >= BUFSIZ ||
strlcat(cmd, "\"; dir \"", BUFSIZ) >= BUFSIZ ||
strlcat(cmd, z, BUFSIZ) >= BUFSIZ ||
strlcat(cmd, "\"' 2>&1", BUFSIZ) >= BUFSIZ) { E(); continue; }
fprintf(log, "%s\n", cmd);
if((goodfile = popen(cmd, "r"))) /* Run the SMB transfer */
{
while(fgets(cmd, BUFSIZ, goodfile)) printf("%s", cmd);
pclose(goodfile);
}
}
}
}
}
CGI_free_varlist(vl);
fclose(log);
fflush(NULL);
return 0;
}
