bool OnEmbeddedWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { if (sPageName == "webadmin/user" && WebSock.GetSession()->IsAdmin()) { CString sAction = Tmpl["WebadminAction"]; if (sAction == "display") { Tmpl["Blocked"] = CString(IsBlocked(Tmpl["Username"])); Tmpl["Self"] = CString(Tmpl["Username"].Equals(WebSock.GetSession()->GetUser()->GetUserName())); return true; } if (sAction == "change" && WebSock.GetParam("embed_blockuser_presented").ToBool()) { if (Tmpl["Username"].Equals(WebSock.GetSession()->GetUser()->GetUserName()) && WebSock.GetParam("embed_blockuser_block").ToBool()) { WebSock.GetSession()->AddError("You can't block yourself"); } else if (WebSock.GetParam("embed_blockuser_block").ToBool()) { if (!WebSock.GetParam("embed_blockuser_old").ToBool()) { if (Block(Tmpl["Username"])) { WebSock.GetSession()->AddSuccess("Blocked [" + Tmpl["Username"] + "]"); } else { WebSock.GetSession()->AddError("Couldn't block [" + Tmpl["Username"] + "]"); } } } else if (WebSock.GetParam("embed_blockuser_old").ToBool()){ if (DelNV(Tmpl["Username"])) { WebSock.GetSession()->AddSuccess("Unblocked [" + Tmpl["Username"] + "]"); } else { WebSock.GetSession()->AddError("User [" + Tmpl["Username"] + "is not blocked"); } } return true; } } return false; }
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { if (sPageName == "index") { if (WebSock.IsPost()) { CUser *pUser = CZNC::Get().FindUser(WebSock.GetParam("user")); bool bOutgoing = WebSock.GetParam("direction") == "out"; const CString sLine = WebSock.GetParam("line"); if (!pUser) { Tmpl["user"] = WebSock.GetParam("user"); Tmpl[bOutgoing ? "direction_out" : "direction_in"] = "true"; Tmpl["line"] = sLine; WebSock.GetSession()->AddError("User not found"); return true; } if (bOutgoing) { pUser->PutIRC(sLine); } else { pUser->PutUser(sLine); } WebSock.GetSession()->AddSuccess("Line sent"); } const map<CString,CUser*>& msUsers = CZNC::Get().GetUserMap(); for (map<CString,CUser*>::const_iterator it = msUsers.begin(); it != msUsers.end(); ++it) { CTemplate& l = Tmpl.AddRow("UserLoop"); l["Username"] = (*it->second).GetUserName(); } return true; } return false; }
bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) override { if (sPageName != "index") { // only accept requests to index return false; } if (WebSock.IsPost()) { SetNV("username", WebSock.GetParam("username")); CString sPassword = WebSock.GetParam("password"); if (!sPassword.empty()) { SetNV("password", sPassword); } SetNV(NV_REQUIRE_AUTH, WebSock.GetParam("require_auth")); SetNV(NV_MECHANISMS, WebSock.GetParam("mechanisms")); } Tmpl["Username"] = GetNV("username"); Tmpl["Password"] = GetNV("password"); Tmpl["RequireAuth"] = GetNV(NV_REQUIRE_AUTH); Tmpl["Mechanisms"] = GetMechanismsString(); for (const auto& it : SupportedMechanisms) { CTemplate& Row = Tmpl.AddRow("MechanismLoop"); CString sName(it.szName); Row["Name"] = sName; Row["Description"] = CString(it.szDescription); } return true; }
bool OnEmbeddedWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { if (sPageName == "webadmin/network" && WebSock.GetSession()->IsAdmin()) { CString sAction = Tmpl["WebadminAction"]; CIRCNetwork* pNetwork = SafeGetNetworkFromParam(WebSock); if(pNetwork) { if (sAction == "display") { Tmpl["CGIEnabled"] = CString(IsEnabled(Tmpl["Username"], pNetwork->GetName())); return true; } if (sAction == "change" && WebSock.GetParam("embed_cgiirc_presented").ToBool()) { if (WebSock.GetParam("embed_cgiirc_enable").ToBool()) { if (!WebSock.GetParam("embed_cgiirc_old").ToBool()) { if (Enable(Tmpl["Username"], pNetwork)) { WebSock.GetSession()->AddSuccess("CGI:IRC Enabled [" + Tmpl["Username"] + "/" + pNetwork->GetName() + "]"); } else { WebSock.GetSession()->AddError("Couldn't enable CGI:IRC [" + Tmpl["Username"] + "/" + pNetwork->GetName() + "]"); } } } else if (WebSock.GetParam("embed_cgiirc_old").ToBool()){ if (DelNV("Enabled_" + Tmpl["Username"] + "/" + pNetwork->GetName())) { WebSock.GetSession()->AddSuccess("CGI:IRC Disabled [" + Tmpl["Username"] + "/" + pNetwork->GetName() + "]"); } else { WebSock.GetSession()->AddError("User [" + Tmpl["Username"] + "/" + pNetwork->GetName() + "] does not have CGI:IRC enabled"); } } return true; } } } return false; }
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { if (sPageName.empty() || sPageName == "index") { bool bSubmitted = (WebSock.GetParam("submitted").ToInt() != 0); const vector<CChan*>& Channels = m_pUser->GetChans(); for (unsigned int c = 0; c < Channels.size(); c++) { const CString sChan = Channels[c]->GetName(); bool bStick = FindNV(sChan) != EndNV(); if(bSubmitted) { bool bNewStick = WebSock.GetParam("stick_" + sChan).ToBool(); if(bNewStick && !bStick) SetNV(sChan, ""); // no password support for now unless chansaver is active too else if(!bNewStick && bStick) { MCString::iterator it = FindNV(sChan); if(it != EndNV()) DelNV(it); } bStick = bNewStick; } CTemplate& Row = Tmpl.AddRow("ChannelLoop"); Row["Name"] = sChan; Row["Sticky"] = CString(bStick); } if(bSubmitted) { WebSock.GetSession()->AddSuccess("Changes have been saved!"); } return true; } return false; }
CString SafeGetUserNameParam(CWebSock& WebSock) { CString sUserName = WebSock.GetParam("user"); // check for POST param if(sUserName.empty() && !WebSock.IsPost()) { // if no POST param named user has been given and we are not // saving this form, fall back to using the GET parameter. sUserName = WebSock.GetParam("user", false); } return sUserName; }
CString SafeGetNetworkParam(CWebSock& WebSock) { CString sNetwork = WebSock.GetParam("network"); // check for POST param if(sNetwork.empty() && !WebSock.IsPost()) { // if no POST param named user has been given and we are not // saving this form, fall back to using the GET parameter. sNetwork = WebSock.GetParam("network", false); } return sNetwork; }
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { CSmartPtr<CWebSession> spSession = WebSock.GetSession(); if (!m_sSalt.empty()) { Tmpl["Verify"] = "yes"; Tmpl["Code"] = WebSock.GetParam("code", false); Tmpl["Username"] = WebSock.GetParam("user", false); } if (!WebSock.GetParam("submitted").ToUInt()) { return true; } CString sUsername = WebSock.GetParam("user"); if (CZNC::Get().FindUser(sUsername)) { WebSock.PrintErrorPage("Invalid Submission [User " + sUsername + " already exists]"); return true; } CUser* pNewUser = GetNewUser(WebSock); if (!pNewUser) { return true; } CString sErr; CString sAction; // Add User Submission if (!CZNC::Get().AddUser(pNewUser, sErr)) { delete pNewUser; WebSock.PrintErrorPage("Invalid submission [" + sErr + "]"); return true; } sAction = "added"; CTemplate TmplMod; TmplMod["Username"] = sUsername; TmplMod["WebadminAction"] = "change"; if (!CZNC::Get().WriteConfig()) { WebSock.PrintErrorPage("User " + sAction + ", but config was not written"); return true; } spSession->SetUser(pNewUser); WebSock.SetLoggedIn(true); WebSock.UnPauseRead(); WebSock.Redirect("/?cookie_check=true"); return false; }
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { if (sPageName == "index") { if (WebSock.IsPost()) { CUser *pUser = CZNC::Get().FindUser(WebSock.GetParam("user").Token(0, false, "/")); if (!pUser) { WebSock.GetSession()->AddError("User not found"); return true; } CIRCNetwork *pNetwork = pUser->FindNetwork(WebSock.GetParam("user").Token(1, false, "/")); if (!pNetwork) { WebSock.GetSession()->AddError("Network not found"); return true; } bool bToServer = WebSock.GetParam("send_to") == "server"; const CString sLine = WebSock.GetParam("line"); Tmpl["user"] = pUser->GetUserName(); Tmpl[bToServer ? "to_server" : "to_client"] = "true"; Tmpl["line"] = sLine; if (bToServer) { pNetwork->PutIRC(sLine); } else { pNetwork->PutUser(sLine); } WebSock.GetSession()->AddSuccess("Line sent"); } const map<CString,CUser*>& msUsers = CZNC::Get().GetUserMap(); for (map<CString,CUser*>::const_iterator it = msUsers.begin(); it != msUsers.end(); ++it) { CTemplate& l = Tmpl.AddRow("UserLoop"); l["Username"] = (*it->second).GetUserName(); vector<CIRCNetwork*> vNetworks = (*it->second).GetNetworks(); for (vector<CIRCNetwork*>::const_iterator it2 = vNetworks.begin(); it2 != vNetworks.end(); ++it2) { CTemplate& NetworkLoop = l.AddRow("NetworkLoop"); NetworkLoop["Username"] = (*it->second).GetUserName(); NetworkLoop["Network"] = (*it2)->GetName(); } } return true; } return false; }
bool ChanPage(CWebSock& WebSock, CTemplate& Tmpl, CIRCNetwork* pNetwork, CChan* pChan = NULL) { CSmartPtr<CWebSession> spSession = WebSock.GetSession(); Tmpl.SetFile("add_edit_chan.tmpl"); CUser* pUser = pNetwork->GetUser(); if (!pUser) { WebSock.PrintErrorPage("That user doesn't exist"); return true; } if (!WebSock.GetParam("submitted").ToUInt()) { Tmpl["User"] = pUser->GetUserName(); Tmpl["Network"] = pNetwork->GetName(); if (pChan) { Tmpl["Action"] = "editchan"; Tmpl["Edit"] = "true"; Tmpl["Title"] = "Edit Channel" + CString(" [" + pChan->GetName() + "]"); Tmpl["ChanName"] = pChan->GetName(); Tmpl["BufferCount"] = CString(pChan->GetBufferCount()); Tmpl["DefModes"] = pChan->GetDefaultModes(); Tmpl["Key"] = pChan->GetKey(); if (pChan->InConfig()) { Tmpl["InConfig"] = "true"; } } else { Tmpl["Action"] = "addchan"; Tmpl["Title"] = "Add Channel" + CString(" for User [" + pUser->GetUserName() + "]"); Tmpl["BufferCount"] = CString(pUser->GetBufferCount()); Tmpl["DefModes"] = CString(pUser->GetDefaultChanModes()); Tmpl["InConfig"] = "true"; } // o1 used to be AutoCycle which was removed CTemplate& o2 = Tmpl.AddRow("OptionLoop"); o2["Name"] = "keepbuffer"; o2["DisplayName"] = "Keep Buffer"; if ((pChan && pChan->KeepBuffer()) || (!pChan && pUser->KeepBuffer())) { o2["Checked"] = "true"; } CTemplate& o3 = Tmpl.AddRow("OptionLoop"); o3["Name"] = "detached"; o3["DisplayName"] = "Detached"; if (pChan && pChan->IsDetached()) { o3["Checked"] = "true"; } FOR_EACH_MODULE(i, pUser) { CTemplate& mod = Tmpl.AddRow("EmbeddedModuleLoop"); mod.insert(Tmpl.begin(), Tmpl.end()); mod["WebadminAction"] = "display"; if ((*i)->OnEmbeddedWebRequest(WebSock, "webadmin/channel", mod)) { mod["Embed"] = WebSock.FindTmpl(*i, "WebadminChan.tmpl"); mod["ModName"] = (*i)->GetModName(); } }
virtual bool OnEmbeddedWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { if (sPageName == "webadmin/channel") { CString sChan = Tmpl["ChanName"]; bool bStick = FindNV(sChan) != EndNV(); if (Tmpl["WebadminAction"].Equals("display")) { Tmpl["Sticky"] = CString(bStick); } else if (WebSock.GetParam("embed_stickychan_presented").ToBool()) { bool bNewStick = WebSock.GetParam("embed_stickychan_sticky").ToBool(); if(bNewStick && !bStick) { SetNV(sChan, ""); // no password support for now unless chansaver is active too WebSock.GetSession()->AddSuccess("Channel become sticky!"); } else if(!bNewStick && bStick) { DelNV(sChan); WebSock.GetSession()->AddSuccess("Channel stopped being sticky!"); } } return true; } return false; }
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { if (sPageName == "index") { for (MCString::iterator it = BeginNV(); it != EndNV(); ++it) { CTemplate& Row = Tmpl.AddRow("NotesLoop"); Row["Key"] = it->first; Row["Note"] = it->second; } return true; } else if (sPageName == "delnote") { DelNote(WebSock.GetParam("key", false)); WebSock.Redirect("/mods/notes/"); return true; } else if (sPageName == "addnote") { AddNote(WebSock.GetParam("key"), WebSock.GetParam("note")); WebSock.Redirect("/mods/notes/"); return true; } return false; }
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { CUser *pUser = WebSock.GetSession()->GetUser(); if (sPageName == "index") { MSCString::iterator it = m_PubKeys.find(pUser->GetUserName()); if (it != m_PubKeys.end()) { SCString::iterator it2; for (it2 = it->second.begin(); it2 != it->second.end(); ++it2) { CTemplate& row = Tmpl.AddRow("KeyLoop"); row["Key"] = *it2; } } return true; } else if (sPageName == "add") { AddKey(pUser, WebSock.GetParam("key")); WebSock.Redirect(GetWebPath()); return true; } else if (sPageName == "delete") { MSCString::iterator it = m_PubKeys.find(pUser->GetUserName()); if (it != m_PubKeys.end()) { if (it->second.erase(WebSock.GetParam("key", false))) { if (it->second.size() == 0) { m_PubKeys.erase(it); } Save(); } } WebSock.Redirect(GetWebPath()); return true; } return false; }
bool CLogMod::OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { CFile LogFile(m_sLogPath); CDir LogDir (LogFile.GetDir()); for(std::vector<CFile*>::iterator it = LogDir.begin(); it != LogDir.end(); ++it) { CTemplate& Row = Tmpl.AddRow("LogsLoop"); Row["File"] = (**it).GetShortName(); } if (WebSock.HasParam("file", false)) { CString path = CDir::CheckPathPrefix(GetSavePath(), LogFile.GetDir() + WebSock.GetParam("file", false)); if (path.empty()) { WebSock.PrintErrorPage("Invalid Path"); return true; } CFile DisplayFile(path); CString content; DisplayFile.Open(); int PageSize = 1024 * 1024; int Page = 0; if (WebSock.HasParam("page", false)) { Page = WebSock.GetParam("page", false).ToInt(); DisplayFile.Seek(Page * PageSize); } Tmpl["Prev"] = CString(Page - 1); Tmpl["Next"] = CString(Page + 1); Tmpl["Curr"] = WebSock.GetParam("file", false); DisplayFile.ReadFile(content, PageSize); DisplayFile.Close(); Tmpl["Log"] = content; } return true; }
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { if (sPageName == "index") { bool bSubmitted = (WebSock.GetParam("submitted").ToInt() != 0); if (bSubmitted) { CString FormUsername = WebSock.GetParam("user"); if (!FormUsername.empty()) SetUsername(FormUsername); CString FormPassword = WebSock.GetParam("password"); if (!FormPassword.empty()) SetPassword(FormPassword); SetUseCloakedHost(WebSock.GetParam("usecloakedhost").ToBool()); SetUseChallenge(WebSock.GetParam("usechallenge").ToBool()); SetRequestPerms(WebSock.GetParam("requestperms").ToBool()); SetJoinOnInvite(WebSock.GetParam("joinoninvite").ToBool()); } Tmpl["Username"] = m_sUsername; CTemplate& o1 = Tmpl.AddRow("OptionLoop"); o1["Name"] = "usecloakedhost"; o1["DisplayName"] = "UseCloakedHost"; o1["Tooltip"] = "Whether to cloak your hostname (+x) automatically on connect."; o1["Checked"] = CString(m_bUseCloakedHost); CTemplate& o2 = Tmpl.AddRow("OptionLoop"); o2["Name"] = "usechallenge"; o2["DisplayName"] = "UseChallenge"; o2["Tooltip"] = "Whether to use the CHALLENGEAUTH mechanism to avoid sending passwords in cleartext."; o2["Checked"] = CString(m_bUseChallenge); CTemplate& o3 = Tmpl.AddRow("OptionLoop"); o3["Name"] = "requestperms"; o3["DisplayName"] = "RequestPerms"; o3["Tooltip"] = "Whether to request voice/op from Q on join/devoice/deop."; o3["Checked"] = CString(m_bRequestPerms); CTemplate& o4 = Tmpl.AddRow("OptionLoop"); o4["Name"] = "joinoninvite"; o4["DisplayName"] = "JoinOnInvite"; o4["Tooltip"] = "Whether to join channels when Q invites you."; o4["Checked"] = CString(m_bJoinOnInvite); if (bSubmitted) { WebSock.GetSession()->AddSuccess("Changes have been saved!"); } return true; } return false; }
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { if (sPageName == "index") { Tmpl["Cert"] = CString(HasPemFile()); return true; } else if (sPageName == "update") { CFile fPemFile(PemFile()); if (fPemFile.Open(O_WRONLY | O_TRUNC | O_CREAT)) { fPemFile.Write(WebSock.GetParam("cert", true, "")); fPemFile.Close(); } WebSock.Redirect("/mods/cert/"); return true; } else if (sPageName == "delete") { CFile::Delete(PemFile()); WebSock.Redirect("/mods/cert/"); return true; } return false; }
virtual bool OnWebRequest(CWebSock& WebSock, const CString& sPageName, CTemplate& Tmpl) { CSmartPtr<CWebSession> spSession = WebSock.GetSession(); if (sPageName == "settings") { // Admin Check if (!spSession->IsAdmin()) { return false; } return SettingsPage(WebSock, Tmpl); } else if (sPageName == "adduser") { // Admin Check if (!spSession->IsAdmin()) { return false; } return UserPage(WebSock, Tmpl); } else if (sPageName == "editchan") { CUser* pUser = SafeGetUserFromParam(WebSock); // Admin||Self Check if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pUser)) { return false; } if (!pUser) { WebSock.PrintErrorPage("No such username"); return true; } CString sChan = WebSock.GetParam("name"); if(sChan.empty() && !WebSock.IsPost()) { sChan = WebSock.GetParam("name", false); } CChan* pChan = pUser->FindChan(sChan); if (!pChan) { WebSock.PrintErrorPage("No such channel"); return true; } return ChanPage(WebSock, Tmpl, pUser, pChan); } else if (sPageName == "addchan") { CUser* pUser = SafeGetUserFromParam(WebSock); // Admin||Self Check if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pUser)) { return false; } if (pUser) { return ChanPage(WebSock, Tmpl, pUser); } WebSock.PrintErrorPage("No such username"); return true; } else if (sPageName == "delchan") { CUser* pUser = CZNC::Get().FindUser(WebSock.GetParam("user", false)); // Admin||Self Check if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pUser)) { return false; } if (pUser) { return DelChan(WebSock, pUser); } WebSock.PrintErrorPage("No such username"); return true; } else if (sPageName == "deluser") { if (!spSession->IsAdmin()) { return false; } if (!WebSock.IsPost()) { // Show the "Are you sure?" page: CString sUser = WebSock.GetParam("user", false); CUser* pUser = CZNC::Get().FindUser(sUser); if (!pUser) { WebSock.PrintErrorPage("No such username"); return true; } Tmpl.SetFile("del_user.tmpl"); Tmpl["Username"] = sUser; return true; } // The "Are you sure?" page has been submitted with "Yes", // so we actually delete the user now: CString sUser = WebSock.GetParam("user"); CUser* pUser = CZNC::Get().FindUser(sUser); if (pUser && pUser == spSession->GetUser()) { WebSock.PrintErrorPage("Please don't delete yourself, suicide is not the answer!"); return true; } else if (CZNC::Get().DeleteUser(sUser)) { WebSock.Redirect("listusers"); return true; } WebSock.PrintErrorPage("No such username"); return true; } else if (sPageName == "edituser") { CString sUserName = SafeGetUserNameParam(WebSock); CUser* pUser = CZNC::Get().FindUser(sUserName); if(!pUser) { if(sUserName.empty()) { pUser = spSession->GetUser(); } // else: the "no such user" message will be printed. } // Admin||Self Check if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pUser)) { return false; } if (pUser) { return UserPage(WebSock, Tmpl, pUser); } WebSock.PrintErrorPage("No such username"); return true; } else if (sPageName == "listusers" && spSession->IsAdmin()) { return ListUsersPage(WebSock, Tmpl); } else if (sPageName == "traffic" && spSession->IsAdmin()) { return TrafficPage(WebSock, Tmpl); } else if (sPageName.empty() || sPageName == "index") { return true; } return false; }