static int writeAuthFile(char *path) { FILE *fp; WebsKey *kp, *ap; WebsRole *role; WebsUser *user; WebsHash roles, users; char *tempFile; assert(path && *path); tempFile = websTempFile(NULL, "gp"); if ((fp = fopen(tempFile, "w" FILE_TEXT)) == 0) { error("Can't open %s", tempFile); return -1; } fprintf(fp, "#\n# %s - Authorization data\n#\n\n", basename(path)); roles = websGetRoles(); if (roles >= 0) { for (kp = hashFirst(roles); kp; kp = hashNext(roles, kp)) { role = kp->content.value.symbol; fprintf(fp, "role name=%s abilities=", kp->name.value.string); for (ap = hashFirst(role->abilities); ap; ap = hashNext(role->abilities, ap)) { fprintf(fp, "%s,", ap->name.value.string); } fputc('\n', fp); } fputc('\n', fp); } users = websGetUsers(); if (users >= 0) { for (kp = hashFirst(users); kp; kp = hashNext(users, kp)) { user = kp->content.value.symbol; fprintf(fp, "user name=%s password=%s roles=%s", user->name, user->password, user->roles); fputc('\n', fp); } } fclose(fp); unlink(path); if (rename(tempFile, path) < 0) { error("Can't create new %s", path); return -1; } return 0; }
static int processUploadHeader(Webs *wp, char *line) { WebsUpload *file; char *key, *headerTok, *rest, *nextPair, *value; if (line[0] == '\0') { wp->uploadState = UPLOAD_CONTENT_DATA; return 0; } trace(7, "Header line: %s", line); headerTok = line; stok(line, ": ", &rest); if (scaselesscmp(headerTok, "Content-Disposition") == 0) { /* The content disposition header describes either a form variable or an uploaded file. Content-Disposition: form-data; name="field1" >>blank line Field Data ---boundary Content-Disposition: form-data; name="field1" filename="user.file" >>blank line File data ---boundary */ key = rest; wp->uploadVar = wp->clientFilename = 0; while (key && stok(key, ";\r\n", &nextPair)) { key = strim(key, " ", WEBS_TRIM_BOTH); stok(key, "= ", &value); value = strim(value, "\"", WEBS_TRIM_BOTH); if (scaselesscmp(key, "form-data") == 0) { /* Nothing to do */ } else if (scaselesscmp(key, "name") == 0) { wp->uploadVar = sclone(value); } else if (scaselesscmp(key, "filename") == 0) { if (wp->uploadVar == 0) { websError(wp, HTTP_CODE_BAD_REQUEST, "Bad upload state. Missing name field"); return -1; } wp->clientFilename = sclone(value); /* Create the file to hold the uploaded data */ if ((wp->uploadTmp = websTempFile(uploadDir, "tmp")) == 0) { websError(wp, HTTP_CODE_INTERNAL_SERVER_ERROR, "Can't create upload temp file %s. Check upload temp dir %s", wp->uploadTmp, uploadDir); return -1; } trace(5, "File upload of: %s stored as %s", wp->clientFilename, wp->uploadTmp); if ((wp->upfd = open(wp->uploadTmp, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0600)) < 0) { websError(wp, HTTP_CODE_INTERNAL_SERVER_ERROR, "Can't open upload temp file %s", wp->uploadTmp); return -1; } /* Create the files[id] */ file = wp->currentFile = walloc(sizeof(WebsUpload)); memset(file, 0, sizeof(WebsUpload)); file->clientFilename = sclone(wp->clientFilename); file->filename = sclone(wp->uploadTmp); } key = nextPair; } } else if (scaselesscmp(headerTok, "Content-Type") == 0) { if (wp->clientFilename) { trace(5, "Set files[%s][CONTENT_TYPE] = %s", wp->uploadVar, rest); wp->currentFile->contentType = sclone(rest); } } return 0; }
/* Returns a pointer to an allocated qualified unique temporary file name. This filename must eventually be deleted with wfree(). */ PUBLIC char *websGetCgiCommName() { return sclone(websTempFile(NULL, "cgi")); }