int main(void) { mysqlpp::Connection c(false); if (!c.connect("okzoniom", "localhost", "okzoniom", getDBIdent().c_str())) { cgi_redirect("../error.okz?state=err_db"); return 0; } else { //Set UTF8 mysqlpp::Query q = c.query("SET NAMES utf8"); q.exec(); } cgi_init(); cgi_process_form(); std::string locale = getParam("locale"); std::string title = getParam("title"); std::string content = getParam("content"); if(!title.empty() && !content.empty()) { mysqlpp::Query query = c.query(); query << "INSERT INTO web_news(locale,title,content,date) VALUES " "('" << locale << "'," << mysqlpp::quote << title << "," << mysqlpp::quote << content << "," << mysqlpp::DateTime::now() << ");"; query.execute(); createRSS(locale, c); } cgi_redirect("admin.okz"); return 0; }
/* ** Common implementation for the ticket setup editor pages. */ static void tktsetup_generic( const char *zTitle, /* Page title */ const char *zDbField, /* Configuration field being edited */ const char *zDfltValue, /* Default text value */ const char *zDesc, /* Description of this field */ char *(*xText)(const char*), /* Validity test or NULL */ void (*xRebuild)(void), /* Run after successful update */ int height /* Height of the edit box */ ){ const char *z; int isSubmit; login_check_credentials(); if( !g.perm.Setup ){ login_needed(0); return; } if( PB("setup") ){ cgi_redirect("tktsetup"); } isSubmit = P("submit")!=0; z = P("x"); if( z==0 ){ z = db_get(zDbField, (char*)zDfltValue); } style_header("Edit %s", zTitle); if( P("clear")!=0 ){ login_verify_csrf_secret(); db_unset(zDbField, 0); if( xRebuild ) xRebuild(); cgi_redirect("tktsetup"); }else if( isSubmit ){ char *zErr = 0; login_verify_csrf_secret(); if( xText && (zErr = xText(z))!=0 ){ cgi_printf("<p class=\"tktsetupError\">ERROR: %h</p>\n",(zErr)); }else{ db_set(zDbField, z, 0); if( xRebuild ) xRebuild(); cgi_redirect("tktsetup"); } } cgi_printf("<form action=\"%s/%s\" method=\"post\"><div>\n",(g.zTop),(g.zPath)); login_insert_csrf_secret(); cgi_printf("<p>%s</p>\n" "<textarea name=\"x\" rows=\"%d\" cols=\"80\">%h</textarea>\n" "<blockquote><p>\n" "<input type=\"submit\" name=\"submit\" value=\"Apply Changes\" />\n" "<input type=\"submit\" name=\"clear\" value=\"Revert To Default\" />\n" "<input type=\"submit\" name=\"setup\" value=\"Cancel\" />\n" "</p></blockquote>\n" "</div></form>\n" "<hr />\n" "<h2>Default %s</h2>\n" "<blockquote><pre>\n" "%h\n" "</pre></blockquote>\n",(zDesc),(height),(z),(zTitle),(zDfltValue)); style_footer(); }
int main( int argc, char **argv ) { char *param; int sensornum; int subaddr; int days; int type; cgi_init(); cgi_process_form(); param = cgi_param("sensor"); sensornum = param ? atoi(param) : 255; param = cgi_param("type"); type = param ? atoi(param) : S_RECEIVER; param = cgi_param("subaddr"); subaddr = param ? atoi(param) : 1; param = cgi_param("days"); days = param ? atoi(param) : 1; load_data(sensornum, subaddr, type, days ); create_graph(); cgi_redirect(graphuri); cgi_end(); return( 0 ); }
int main(void) { //Redirect before initializing headers mysqlpp::Connection c(false); if (!c.connect("okzoniom", "localhost", "okzoniom", getDBIdent().c_str())) { cgi_redirect("./error.okz?state=err_db"); return 0; } else { //Set UTF8 mysqlpp::Query q = c.query("SET NAMES utf8"); q.exec(); } cgi_init(); cgi_session_save_path("sessions/"); cgi_session_start(); cgi_process_form(); cgi_init_headers(); header("sidebar_player_list"); menu(); sidebar(); body(c); footer(); cgi_end(); return 0; }
/* ** WEBPAGE: tktedit ** WEBPAGE: debug_tktedit ** ** Edit a ticket. The ticket is identified by the name CGI parameter. ** /tktedit is the official page. The /debug_tktedit page does the same ** thing except that it does not save the ticket change record when you ** press submit - it instead prints the ticket change record at the top ** of the page. The /debug_tktedit page is intended to be used when ** debugging ticket configurations. */ void tktedit_page(void){ const char *zScript; int nName; const char *zName; int nRec; login_check_credentials(); if( !g.perm.ApndTkt && !g.perm.WrTkt ){ login_needed(); return; } zName = P("name"); if( P("cancel") ){ cgi_redirectf("tktview?name=%T", zName); } style_header("Edit Ticket"); if( zName==0 || (nName = strlen(zName))<4 || nName>UUID_SIZE || !validate16(zName,nName) ){ cgi_printf("<span class=\"tktError\">Not a valid ticket id: \\\"%h\\\"</span>\n",(zName)); style_footer(); return; } nRec = db_int(0, "SELECT count(*) FROM ticket WHERE tkt_uuid GLOB '%q*'", zName); if( nRec==0 ){ cgi_printf("<span class=\"tktError\">No such ticket: \\\"%h\\\"</span>\n",(zName)); style_footer(); return; } if( nRec>1 ){ cgi_printf("<span class=\"tktError\">%d tickets begin with:\n" "\\\"%h\\\"</span>\n",(nRec),(zName)); style_footer(); return; } if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1); ticket_init(); getAllTicketFields(); initializeVariablesFromCGI(); initializeVariablesFromDb(); if( g.zPath[0]=='d' ) showAllFields(); form_begin(0, "%R/%s", g.zPath); cgi_printf("<input type=\"hidden\" name=\"name\" value=\"%s\" />\n",(zName)); login_insert_csrf_secret(); zScript = ticket_editpage_code(); Th_Store("login", g.zLogin ? g.zLogin : "******"); Th_Store("date", db_text(0, "SELECT datetime('now')")); Th_CreateCommand(g.interp, "append_field", appendRemarkCmd, 0, 0); Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd, (void*)&zName,0); if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT_SCRIPT<br />\n", -1); if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zName ){ cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zName)); return; } captcha_generate(0); cgi_printf("</form>\n"); if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1); style_footer(); }
int main(void) { cgi_init(); cgi_session_start(); cgi_process_form(); // Is to destroy the session? if (cgi_param("confirm") && !strcmp(cgi_param("confirm"), "yes")) { cgi_session_destroy(); cgi_end(); cgi_redirect("session.cgi"); return 0; } cgi_init_headers(); puts("" "<html>" "<head><title>LibCGI session examples - Destroy session</title>" "</head>" "<body>" ""); cgi_include("session_ex1_desc.html"); puts("" "<table width='70%%' align='center'>" "<tr>" "<td>" ""); if (!cgi_session_var_exists("logged")) { puts("<font face='arial, verdana' size='2'>You are not logged yet</font>"); } else { puts("" "<font face='arial, verdana' size='2'>If you are sure to unregister the session, " "<a href='destroy.cgi?confirm=yes'>click here</a></font>" ""); } puts("</td></tr>"); cgi_include("topbar.htm"); puts("" "</table>" "</body>" "</html>" ""); cgi_end(); return 0; }
int main(void) { mysqlpp::Connection c(false); if (!c.connect("okzoniom", "localhost", "okzoniom", getDBIdent().c_str())) { cgi_redirect("./error.okz?state=err_db"); return 0; } else { //Set UTF8 mysqlpp::Query q = c.query("SET NAMES utf8"); q.exec(); } cgi_init(); cgi_session_save_path("sessions/"); cgi_session_start(); cgi_process_form(); std::string login = getParam("login"); std::string mdp = getParam("password"); if (login.empty() || mdp.empty()) { cgi_redirect("./login.okz?state=err_fill_all_field"); return 0; } //Login regex boost::regex reg_pseudo("[a-zA-Z0-9]{2,}"); if (!regex_match(login, reg_pseudo)) { cgi_redirect("./login.okz?state=err_login_char"); return 0; } std::string password; mysqlpp::Query query = c.query("SELECT password FROM game_account where login=%0Q;"); query.parse(); mysqlpp::StoreQueryResult r = query.store(login); if (r && r.num_rows() > 0) { r[0]["password"].to_string(password); } else { cgi_redirect("./login.okz?state=err_no_account"); return 0; } hashwrapper* wrapper = new md5wrapper(); std::string md5mdp = wrapper->getHashFromString(mdp); delete wrapper; if (password == md5mdp) { cgi_session_register_var("login", login.c_str()); cgi_session_register_var("locale", "fr_FR.UTF-8"); } else { cgi_redirect("./login.okz?state=err_password"); return 0; } cgi_redirect("./index.okz"); return 0; }
static PyObject * p_cgi_redirect (PyObject *self, PyObject *args) { CGI *cgi = ((CGIObject *) self)->cgi; char *s; PyObject *rv; if (!PyArg_ParseTuple(args, "s:redirect(str)", &s)) return NULL; cgi_redirect (cgi, "%s", s); rv = Py_None; Py_INCREF(rv); return rv; }
void cmd_del(CGI *cgi) { struct ipc_torrent t; char *torrent; torrent = hdf_get_value(cgi->hdf, "Query.torrent", "None"); btpd_connect(); if (torrent_spec(torrent, &t)) handle_ipc_res(btpd_del(ipc, &t), "del", torrent); cgi_redirect(cgi, "%s", hdf_get_value(cgi->hdf, "CGI.ScriptName", "")); }
/* ** WEBPAGE: tktnew ** WEBPAGE: debug_tktnew ** ** Enter a new ticket. The tktnew_template script in the ticket ** configuration is used. The /tktnew page is the official ticket ** entry page. The /debug_tktnew page is used for debugging the ** tktnew_template in the ticket configuration. /debug_tktnew works ** just like /tktnew except that it does not really save the new ticket ** when you press submit - it just prints the ticket artifact at the ** top of the screen. */ void tktnew_page(void){ const char *zScript; char *zNewUuid = 0; login_check_credentials(); if( !g.perm.NewTkt ){ login_needed(); return; } if( P("cancel") ){ cgi_redirect("home"); } style_header("New Ticket"); if( g.thTrace ) Th_Trace("BEGIN_TKTNEW<br />\n", -1); ticket_init(); initializeVariablesFromCGI(); getAllTicketFields(); initializeVariablesFromDb(); if( g.zPath[0]=='d' ) showAllFields(); form_begin(0, "%R/%s", g.zPath); login_insert_csrf_secret(); if( P("date_override") && g.perm.Setup ){ cgi_printf("<input type=\"hidden\" name=\"date_override\" value=\"%h\">\n",(P("date_override"))); } zScript = ticket_newpage_code(); Th_Store("login", g.zLogin ? g.zLogin : "******"); Th_Store("date", db_text(0, "SELECT datetime('now')")); Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd, (void*)&zNewUuid, 0); if( g.thTrace ) Th_Trace("BEGIN_TKTNEW_SCRIPT<br />\n", -1); if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zNewUuid ){ cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zNewUuid)); return; } captcha_generate(0); cgi_printf("</form>\n"); if( g.thTrace ) Th_Trace("END_TKTVIEW<br />\n", -1); style_footer(); }
/* ** WEBPAGE: tktsetup_timeline */ void tktsetup_timeline_page(void){ login_check_credentials(); if( !g.perm.Setup ){ login_needed(0); return; } if( P("setup") ){ cgi_redirect("tktsetup"); } style_header("Ticket Display On Timelines"); db_begin_transaction(); cgi_printf("<form action=\"%s/tktsetup_timeline\" method=\"post\"><div>\n",(g.zTop)); login_insert_csrf_secret(); cgi_printf("<hr />\n"); entry_attribute("Ticket Title", 40, "ticket-title-expr", "t", "title", 0); cgi_printf("<p>An SQL expression in a query against the TICKET table that will\n" "return the title of the ticket for display purposes.</p>\n"); cgi_printf("<hr />\n"); entry_attribute("Ticket Status", 40, "ticket-status-column", "s", "status", 0); cgi_printf("<p>The name of the column in the TICKET table that contains the ticket\n" "status in human-readable form. Case sensitive.</p>\n"); cgi_printf("<hr />\n"); entry_attribute("Ticket Closed", 40, "ticket-closed-expr", "c", "status='Closed'", 0); cgi_printf("<p>An SQL expression that evaluates to true in a TICKET table query if\n" "the ticket is closed.</p>\n"); cgi_printf("<hr />\n" "<p>\n" "<input type=\"submit\" name=\"submit\" value=\"Apply Changes\" />\n" "<input type=\"submit\" name=\"setup\" value=\"Cancel\" />\n" "</p>\n" "</div></form>\n"); db_end_transaction(0); style_footer(); }
int main(void) { cgi_init(); mysqlpp::Connection c(false); if (!c.connect("okzoniom", "localhost", "okzoniom", getDBIdent().c_str())) { cgi_redirect("./error.okz?state=err_db"); return 0; } else { //Set UTF8 mysqlpp::Query q = c.query("SET NAMES utf8"); q.exec(); } initializeFaction(c); cgi_session_save_path("sessions/"); cgi_session_start(); cgi_process_form(); cgi_init_headers(); __tr("your_army"); header("your_army"); menu(); sidebar(); if (cgi_session_var("login") == NULL) { std::cout << "<div class=\"err\">" << __tr("profil_mustlogin") << "</div>"; } else { displayState(); show(cgi_session_var("login"), c); } footer(); return 0; }
int main(void) { //Redirect before initializing headers mysqlpp::Connection c(false); if (!c.connect("okzoniom", "localhost", "okzoniom", getDBIdent().c_str())) { cgi_redirect("./error.okz?state=err_db"); return 0; } else { //Set UTF8 mysqlpp::Query q = c.query("SET NAMES utf8"); q.exec(); } cgi_init(); cgi_session_save_path("sessions/"); cgi_session_start(); cgi_process_form(); std::string login = getParam("n"); cgi_init_headers(); header("sidebar_profil", ", "+login); menu(); sidebar(); std::cout << "<div class=\"body\"><div class=\"main\">"; initializeFaction(c); int id,faction, xp, level; mysqlpp::Query query = c.query("SELECT id,faction,xp,level FROM game_account where login = %0Q;"); query.parse(); mysqlpp::StoreQueryResult r = query.store(login); if (r && r.num_rows() > 0) { //Should only be one account with that name id = r[0]["id"]; //Will be used to get the number of units faction = r[0]["faction"]; xp = r[0]["xp"]; level = r[0]["level"]; std::cout << "<p>" << __tr("account") << ": <strong>" << login << "</strong><br />" << __tr("xp") << ": <strong>" << xp << "</strong><br />" << __tr("level") << ": <strong>" << level << "</strong><br />" << __tr("faction") << ": <strong>" << __tr(factionName[faction]) << "</strong>" "<div class=\"hr\"></div>" "<center><p><strong>" << __tr("army_composition") << ":</strong></p>"; //Now we have the account, get its units and their number query.reset(); query << "select unit_name,unit_number from game_unit_available where id_account = %0;"; query.parse(); mysqlpp::StoreQueryResult u = query.store(id); if (u && u.num_rows() > 0) { std::cout << "<table class=\"army\"><tr>" << "<td><strong>" << __tr("unit") << "</strong></td>" << "<td><strong>" << __tr("number") << "</strong></td></tr>"; for (size_t i = 0; i < u.num_rows(); ++i) { int num = u[i]["unit_number"]; if( num > 0) { std::string name; u[i]["unit_name"].to_string(name); std::cout << "<tr><td><strong>" << __tr(name) << "</strong></td>" << "<td><strong>" << num << "</strong></td></tr>"; } } std::cout << "</table></center>"; } else { std::cout << "<center><em>" << __tr("army_empty") << "</em></center>"; } std::cout << "</p>" << std::endl; } else { std::cout << "<p>" << __tr("player_notfound") << "</p>" << std::endl; } std::cout << "</div></div>"; footer(); return 0; }
int main(int argc, char *argv[]) { cgi_init(); cgi_process_form(); struct sockaddr_in servaddr, cliaddr; char buf[MAXSIZE]; int sockfd, n; char flush[BUFSIZE]; char str[BUFSIZE]; char local_dir[BUFSIZE] = "/home/xwp/upload/"; int fd; char flag_n; struct stat f_stat; char filename[BUFSIZE]; char scces = 'n'; bzero(flush, sizeof(flush)); bzero(str, sizeof(str)); bzero(filename, sizeof(filename)); if(cgi_param("msg")){ strcpy(str,cgi_param("msg"));} if(cgi_param("video")){ strcpy(filename,cgi_param("video"));} if(cgi_param("Flush")){ strcpy(flush,cgi_param("Flush"));} sockfd = socket(AF_INET, SOCK_STREAM, 0); bzero(&servaddr, sizeof(servaddr)); servaddr.sin_family = AF_INET; inet_pton(AF_INET, "127.0.0.1", &servaddr.sin_addr); servaddr.sin_port = htons(SERV_PORT); bzero(&cliaddr, sizeof(cliaddr)); cliaddr.sin_family = AF_INET; cliaddr.sin_addr.s_addr = htonl(INADDR_ANY); cliaddr.sin_port = htons(SERV_PORT + 1); bind(sockfd, (struct sockaddr *)&cliaddr, sizeof(cliaddr)); connect(sockfd, (struct sockaddr *)&servaddr, sizeof(servaddr)); if(strlen(str) != 0) { flag_n = '1'; write(sockfd, &flag_n, sizeof(flag_n)); read(sockfd, &flag_n, sizeof(flag_n)); if((n = write(sockfd, str, strlen(str))) > 0) { cgi_redirect("../word.html"); cgi_end(); close(sockfd); return 0; } } else if(strlen(filename) != 0) { { flag_n = '2'; write(sockfd, &flag_n, sizeof(flag_n)); read(sockfd, &flag_n, sizeof(flag_n)); strcat(local_dir, filename); write(sockfd, filename, strlen(filename) + 1); read(sockfd, &scces, 1); if(scces != 'y'){ } if(stat(local_dir,&f_stat) == -1){ } write(sockfd, &f_stat.st_size, sizeof(f_stat.st_size)); read(sockfd, &scces, 1); if(scces != 'y'){ } if((fd = open(local_dir, O_RDONLY)) == -1){ } while((n = read(fd, buf, MAXSIZE))){ write(sockfd, buf, n); } cgi_redirect("../upload.html"); } close(fd); cgi_end(); close(sockfd); return 0; } else if(strlen(flush) != 0) { flag_n = '0'; write(sockfd, &flag_n, sizeof(flag_n)); //read(sockfd, &flag_n, sizeof(flag_n)); //if((n = write(sockfd, flush, strlen(flush))) > 0) //{ cgi_redirect("../flash.html"); cgi_end(); close(sockfd); return 0; //} } }
int main(int argc, char **argv, char **envp) { CGI *cgi = NULL; NEOERR *err; mdb_conn *conn = NULL; /* skey, user, pass, return jsoncallback*/ char *s, *u, *r, *jcbk; //sleep(20); mtc_init("logout"); mconfig_parse_file(SITE_CONFIG, &g_cfg); mutil_wrap_fcgi(argc, argv, envp); if (mdb_init(&conn, DB_DSN) != MDB_ERR_NONE) { mtc_err("init db error %s", mdb_get_errmsg(conn)); printf("Content-Type: text/html; charset=UTF-8\r\n\r\n"); printf("{errcode: %d}", SAM_ERR_INIT); return 1; } #ifndef DROP_FCGI while (FCGI_Accept() >= 0) { #endif /* * cgi init */ err = cgi_init(&cgi, NULL); if (err != STATUS_OK) { mtc_err("init cgi error"); printf("Content-Type: text/html; charset=UTF-8\r\n\r\n"); printf("{errcode: %d}", SAM_ERR_INIT); goto opfinish; } err = cgi_parse(cgi); if (err != STATUS_OK) { mtc_err("parse cgi error"); hdf_set_int_value(cgi->hdf, PRE_OUTPUT".errcode", SAM_ERR_PARSE); goto opfinish; } u = hdf_get_value(cgi->hdf, PRE_COOKIE".samuser", NULL); s = hdf_get_value(cgi->hdf, PRE_COOKIE".samkey", NULL); if (s && u) { if (user_has_login(conn, u, s)) { user_logout(conn, u); cgi_cookie_clear(cgi, "samuser", SITE_DOMAIN, NULL); cgi_cookie_clear(cgi, "samkey", SITE_DOMAIN, NULL); hdf_set_value(cgi->hdf, PRE_OUTPUT".success", "1"); goto opfinish; } } hdf_set_int_value(cgi->hdf, PRE_OUTPUT".errcode", SAM_ERR_NOTLOGIN); opfinish: if (cgi) { r = hdf_get_value(cgi->hdf, PRE_QUERY".r", NULL); if (r) { cgi_redirect(cgi, r); } else { jcbk = hdf_get_value(cgi->hdf, PRE_QUERY".jsoncallback", NULL); if (jcbk != NULL) { mjson_execute_hdf(cgi->hdf, jcbk, 0); } else { mjson_output_hdf(cgi->hdf, 0); } } #ifdef DEBUG_HDF hdf_write_file(cgi->hdf, HF_LOG_PATH"hdf.logout"); #endif cgi_destroy(&cgi); } #ifndef DROP_FCGI } /* FCGI_Accept() */ #endif mdb_destroy(conn); return 0; }
int main(int argc, char **argv, char **envp) { CGI *cgi; NEOERR *err; int ret; HASH *dbh; HASH *tplh; session_t *session = NULL; char *requri, *jsoncb; int (*data_handler)(CGI *cgi, HASH *dbh, session_t *session); void *lib; //sleep(20); mconfig_parse_file(SITE_CONFIG, &g_cfg); mtc_init(TC_ROOT"viki"); ret = ltpl_init(&tplh); if (ret != RET_RBTOP_OK) { mtc_err("init templates error"); mutil_redirect("初始化模板失败", TGT_SELF, URL_CLOSE, true); return ret; } ret = ldb_init(&dbh); if (ret != RET_RBTOP_OK) { mtc_err("init db error"); mutil_redirect("初始化数据库失败", TGT_SELF, URL_CLOSE, true); return ret; } lib = dlopen(NULL, RTLD_NOW|RTLD_GLOBAL); if (lib == NULL) { mtc_err("possible? %s", dlerror()); mutil_redirect("初始化库函数失败", TGT_SELF, URL_CLOSE, true); return 1; } #ifndef DROP_FCGI cgiwrap_init_emu(NULL, &read_cb, &printf_cb, &write_cb, NULL, NULL, NULL); while (FCGI_Accept() >= 0) { #endif cgiwrap_init_std(argc, argv, environ); err = cgi_init(&cgi, NULL); JUMP_NOK_CGI(err, response); err = cgi_parse(cgi); JUMP_NOK_CGI(err, response); #ifdef NCGI_MODE hdf_set_value(cgi->hdf, PRE_REQ_URI_RW, "/csc/hc"); hdf_set_value(cgi->hdf, PRE_COOKIE".uin", "1001"); hdf_set_value(cgi->hdf, PRE_COOKIE".uname", "bigml"); hdf_set_value(cgi->hdf, PRE_COOKIE".musn", "8Y]u0|v=*MS]U3J"); #endif ret = session_init(cgi->hdf, dbh, &session); if (ret != RET_RBTOP_OK) { mtc_err("init session failure"); goto response; } requri = hdf_get_value(cgi->hdf, PRE_REQ_URI_RW, "NULL"); if (mutil_client_attack(cgi->hdf, requri, LMT_CLI_ATTACK, PERIOD_CLI_ATTACK)) { goto response; } ret = lfile_access_rewrited(cgi, dbh, session); if (ret != RET_RBTOP_OK) { goto response; } data_handler = lutil_get_data_handler(lib, cgi); if (data_handler == NULL) { mtc_err("get handler failure"); ret = RET_RBTOP_NEXIST; goto response; } ret = (*data_handler)(cgi, dbh, session); response: if (cgi != NULL && cgi->hdf != NULL) { #ifdef DEBUG_HDF hdf_write_file(cgi->hdf, TC_ROOT"hdf.viki"); #endif switch (CGI_REQ_TYPE(cgi)) { case CGI_REQ_HTML: if (CGI_REQ_METHOD(cgi) != CGI_REQ_GET) { goto resp_ajax; } if (ret != RET_RBTOP_OK && ret == RET_RBTOP_NEXIST) { cgi_redirect(cgi, "/404.html"); } else { ret = ltpl_render(cgi, tplh, session); if (ret != RET_RBTOP_OK) { if (ret == RET_RBTOP_NEXIST) cgi_redirect(cgi, "/404.html"); else cgi_redirect(cgi, "/503.html"); } } break; case CGI_REQ_AJAX: resp_ajax: ldb_opfinish_json(ret, cgi->hdf, NULL, 0); jsoncb = hdf_get_value(cgi->hdf, PRE_REQ_AJAX_FN, NULL); if (jsoncb != NULL) { mjson_execute_hdf(cgi->hdf, jsoncb, session->tm_cache_browser); } else { mjson_output_hdf(cgi->hdf, session->tm_cache_browser); } break; default: cgi_redirect(cgi, "/503.html"); break; } cgi_destroy(&cgi); session_destroy(&session); } #ifndef DROP_FCGI } #endif ldb_destroy(dbh); ltpl_destroy(tplh); mconfig_cleanup(&g_cfg); return 0; }
int main(int argc, char **argv, char **envp) { CGI *cgi = NULL; NEOERR *err; mdb_conn *conn = NULL; /* skey, user, pass, return jsoncallback*/ char *s, *u, *p, *r, *jcbk; /* keeptime(hours) */ int t; char tm[LEN_TM_GMT]; //sleep(20); mtc_init("login"); mconfig_parse_file(SITE_CONFIG, &g_cfg); mutil_wrap_fcgi(argc, argv, envp); if (mdb_init(&conn, DB_DSN) != MDB_ERR_NONE) { mtc_err("init db error %s", mdb_get_errmsg(conn)); printf("Content-Type: text/html; charset=UTF-8\r\n\r\n"); printf("{errcode: %d}", SAM_ERR_INIT); return 1; } #ifndef DROP_FCGI while (FCGI_Accept() >= 0) { #endif /* * cgi init */ err = cgi_init(&cgi, NULL); if (err != STATUS_OK) { mtc_err("init cgi error"); printf("Content-Type: text/html; charset=UTF-8\r\n\r\n"); printf("{errcode: %d}", SAM_ERR_INIT); goto opfinish; } err = cgi_parse(cgi); if (err != STATUS_OK) { mtc_err("parse cgi error"); hdf_set_int_value(cgi->hdf, PRE_OUTPUT".errcode", SAM_ERR_PARSE); goto opfinish; } #if 0 if (mutil_client_attack_cookie(cgi->hdf, "login", 30, 60)) { mtc_err("client attack"); hdf_set_int_value(cgi->hdf, PRE_OUTPUT".errcode", SAM_ERR_NEEDREST); goto opfinish; } #endif u = hdf_get_value(cgi->hdf, PRE_COOKIE".samuser", NULL); s = hdf_get_value(cgi->hdf, PRE_COOKIE".samkey", NULL); if (s && u) { if (user_has_login(conn, u, s)) { hdf_set_copy(cgi->hdf, PRE_OUTPUT".samuser", PRE_COOKIE".samuser"); hdf_set_copy(cgi->hdf, PRE_OUTPUT".samkey", PRE_COOKIE".samkey"); goto done; } } u = hdf_get_value(cgi->hdf, PRE_QUERY".u", NULL); p = hdf_get_value(cgi->hdf, PRE_QUERY".p", NULL); if (!u || !p) { mtc_err("parameter miss %s %s", u, p); hdf_set_int_value(cgi->hdf, PRE_OUTPUT".errcode", SAM_ERR_NEEDINPUT); goto opfinish; } s = user_login_auth(conn, u, p); if (!s) { mtc_err("login error %s %s", u, p); hdf_set_int_value(cgi->hdf, PRE_OUTPUT".errcode", SAM_ERR_PASSW); goto opfinish; } cgiwrap_write(P3P_HEADER, strlen(P3P_HEADER)); cgi_cookie_set(cgi, "samuser", u, NULL, SITE_DOMAIN, NULL, 1, 0); cgi_cookie_set(cgi, "samkey", s, NULL, SITE_DOMAIN, NULL, 1, 0); #if 0 t = hdf_get_int_value(cgi->hdf, PRE_QUERY".t", 0); mmisc_getdatetime_gmt(tm, sizeof(tm), "%A, %d-%b-%Y %T GMT", 60*60*t); cgi_cookie_set(cgi, "samkey", s, NULL, SITE_DOMAIN, tm, 1, 0); #endif hdf_set_value(cgi->hdf, PRE_OUTPUT".samuser", u); hdf_set_value(cgi->hdf, PRE_OUTPUT".samkey", s); free(s); done: /* * TODO set samkey, samuser to app's domain * DONE this is done by jsonp */ hdf_set_value(cgi->hdf, PRE_OUTPUT".success", "1"); opfinish: if (cgi) { r = hdf_get_value(cgi->hdf, PRE_QUERY".r", NULL); if (r) { cgi_redirect(cgi, r); } else { jcbk = hdf_get_value(cgi->hdf, PRE_QUERY".jsoncallback", NULL); if (jcbk != NULL) { mjson_execute_hdf(cgi->hdf, jcbk, 0); } else { mjson_output_hdf(cgi->hdf, 0); } } #ifdef DEBUG_HDF hdf_write_file(cgi->hdf, HF_LOG_PATH"hdf.login"); #endif cgi_destroy(&cgi); } #ifndef DROP_FCGI } /* FCGI_Accept() */ #endif mdb_destroy(conn); return 0; }
int main(int argc, char **argv, char **envp) { CGI *cgi; NEOERR *err = STATUS_OK; HASH *dbh, *tplh, *evth; session_t *session = NULL; char *temps; int http_max_upload; NEOERR* (*data_handler)(CGI *cgi, HASH *dbh, HASH *evth, session_t *session); void *lib; //sleep(20); mutil_makesure_coredump(); mtc_init(TC_ROOT"viki"); err = lerr_init(); DIE_NOK_CGI(err); err = mcfg_parse_file(SITE_CONFIG, &g_cfg); DIE_NOK_CGI(err); err = mtpl_set_tplpath(PATH_TPL); DIE_NOK_CGI(err); err = mtpl_InConfigRend_init(PATH_TPL"/config/email", "email", &g_datah); DIE_NOK_CGI(err); err = mtpl_InConfigRend_init(PATH_TPL"/config/inbox", "inbox", &g_datah); DIE_NOK_CGI(err); err = ltpl_init(&tplh, NULL); DIE_NOK_CGI(err); err = hash_insert(g_datah, "runtime_templates", (void*)tplh); DIE_NOK_CGI(err); err = ldb_init(&dbh); DIE_NOK_CGI(err); err = levt_init(&evth); DIE_NOK_CGI(err); lib = dlopen(NULL, RTLD_NOW|RTLD_GLOBAL); if (!lib) { err = nerr_raise(NERR_SYSTEM, "dlopen %s", dlerror()); DIE_NOK_CGI(err); } #ifdef USE_FASTCGI cgiwrap_init_emu(NULL, &read_cb, &printf_cb, &write_cb, NULL, NULL, NULL); while (FCGI_Accept() >= 0) { #endif cgiwrap_init_std(argc, argv, environ); err = cgi_init(&cgi, NULL); if (err != STATUS_OK) goto response; http_max_upload = hdf_get_int_value(g_cfg, PRE_CONFIG".http_max_upload", 0); if (http_max_upload > 0) { err = mcs_register_upload_parse_cb(cgi, &http_max_upload); if (err != STATUS_OK) goto response; } err = cgi_parse(cgi); if (err != STATUS_OK) goto response; #ifdef NCGI_MODE hdf_set_value(cgi->hdf, PRE_REQ_URI_RW, "/image/member/pic"); hdf_set_value(cgi->hdf, PRE_COOKIE".uin", "1001"); hdf_set_value(cgi->hdf, PRE_COOKIE".uname", "bigml"); hdf_set_value(cgi->hdf, PRE_COOKIE".musn", "8Y]u0|v=*MS]U3J"); hdf_set_value(cgi->hdf, PRE_QUERY".ip", "222.247.56.14"); hdf_set_value(cgi->hdf, PRE_QUERY".to", "cj_BXTSJ"); hdf_set_value(cgi->hdf, PRE_QUERY".s", "koldddd"); hdf_set_value(cgi->hdf, PRE_QUERY".JsonCallback", "Ape.transport.read"); hdf_set_value(cgi->hdf, PRE_QUERY".type", "phone"); hdf_set_value(cgi->hdf, PRE_QUERY".mid", "485010473"); #endif err = session_init(cgi, dbh, &session); if (err != STATUS_OK) goto response; if (lutil_client_attack(cgi->hdf, session, "lcs_uname")) { err = nerr_raise(LERR_ATTACK, "%s need a rest, babey!", session->dataer); goto response; } if ((data_handler = lutil_get_data_handler(lib, cgi, session)) == NULL) { err = nerr_raise(LERR_MISS_DATA, "dataer %s not found", session->dataer); goto response; } err = (*data_handler)(cgi, dbh, evth, session); response: if (cgi != NULL && cgi->hdf != NULL) { lerr_opfinish_json(err, cgi->hdf); if (!session) session = session_default(); switch (session->reqtype) { case CGI_REQ_HTML: err = ltpl_render(cgi, tplh, session); if (err != STATUS_OK) { SAFE_FREE(session->render); if (nerr_match(err, LERR_MISS_TPL)) { session->render = strdup("404"); } else { session->render = strdup("503"); } TRACE_NOK(err); err = ltpl_render(cgi, tplh, session); TRACE_NOK(err); } break; case CGI_REQ_AJAX: resp_ajax: temps = hdf_get_value(cgi->hdf, PRE_REQ_AJAX_FN, NULL); if (temps != NULL) { mjson_execute_hdf(cgi->hdf, temps, session->tm_cache_browser); } else { mjson_output_hdf(cgi->hdf, session->tm_cache_browser); } break; case CGI_REQ_IMAGE: temps = hdf_get_value(cgi->hdf, PRE_OUTPUT".302", NULL); if (temps) { cgi_redirect_uri(cgi, temps); } else if (session->data) { mimg_output(session->data); session->data = NULL; } else goto resp_ajax; break; default: cgi_redirect(cgi, "/503.html"); break; } #ifdef DEBUG_HDF hdf_write_file(cgi->hdf, TC_ROOT"hdf.viki"); #endif cgi_destroy(&cgi); session_destroy(&session); cgi = NULL; session = NULL; } #ifdef USE_FASTCGI } #endif levt_destroy(evth); ldb_destroy(dbh); ltpl_destroy(tplh); mtpl_InConfigRend_destroy(g_datah); mcfg_cleanup(&g_cfg); return 0; }