/** * Função que envia página de erro para o cliente */ int returnErro(int client_socket, char *mensagem, int request_check) { char buffer[100]; /* Preparando cabeçalho de resposta */ if (request_check==404) { httpHeader(client_socket,"text/html",-1,-1, request_check, "Pagina nao encontrada"); } else if (request_check==501) { httpHeader(client_socket,"text/html",-1,-1, request_check, "Metodo nao implementado"); } else if (request_check==403) { httpHeader(client_socket,"text/html",-1,-1, request_check, "Forbidden"); } /* Montando a página de erro */ sprintf(buffer, "<html>\n<head>\n<title>%s : Erro %d</title>\n</head>\n\n", SERVERNAME,request_check); write(client_socket, buffer, strlen(buffer)); sprintf(buffer, "<body>\n<h1>%s : Erro %d</h1>\n", SERVERNAME,request_check); write(client_socket, buffer, strlen(buffer)); sprintf(buffer, "<p>%s</p>\n</body>\n</html>\n",mensagem); write(client_socket, buffer, strlen(buffer)); return 0; }
void TcpServer::OnClientData() { QTcpSocket* connection = qobject_cast<QTcpSocket*>(sender()); quint64 bufferSize = 2048; char buffer[bufferSize]; quint64 dataRead = 0; dataRead = connection->read(buffer, bufferSize); buffer[dataRead] = 0; //qDebug() << "[WEB] Incoming data[" << dataRead << "]: " << buffer; QString value; //Check if it's a Flash policy request, only the first time //if (this->justConnected == true) { value = buffer; if (value.contains("<policy-file-request/>")) { connection->write(XML_CROSS_DOMAIN); qDebug() << "[TcpServer::OnClientData] Sent xml cross domain file"; //this->justConnected = false; return; } else if ( value.contains("HTTP") ) { //then its HTTP request QString response; //Check the data and create response DataHandler(value, response); HttpResponse httpHeader(response); connection->write( httpHeader.GetHeader() ); connection->write( response.toUtf8().constData() ); connection->close(); } //} //Other requests that are not http requests or posts // This may be deleted //else { else if (value == "CORE") { XmlParser xml(buffer, dataRead); int action = CEMI_ACTION_WRITE; int groupAddr = 0; xml.GetValue("cmd", value); if (value == "write") action = CEMI_ACTION_WRITE; else if (value == "read") action = CEMI_ACTION_READ; xml.GetValue("groupAddr", value); groupAddr = Common::GroupAddrToInt(value); //qDebug() << "groupAddr: " << value; xml.GetValue("value", value); emit TcpServerData((int)action, groupAddr, value); } //} //this->justConnected = false; }
/** * Função que envia resposta a requisição POST do browser */ void sendPOSTRequest(Host client, CR_returns returns, Request client_request) { char buffer[100]; if (returns.answerCOD == 501) // Método não suportado pelo servidor returnErro(client.socket,"<h2>Metodo nao suportado</h2>", returns.answerCOD); if (returns.answerCOD == 404) // Arquivo não encontrado returnErro(client.socket,"<h2>Pagina nao encontrada</h2>", returns.answerCOD); if (returns.answerCOD == 403) // Arquivo sem permissão de leitura/execução returnErro(client.socket,"<h2>Forbidden</h2>", returns.answerCOD); if (returns.answerCOD == 200){ //Arquivo OK /*Preparando os objetos posts*/ int cont = contaPosts(client_request.post); /* Preparando cabeçalho de resposta */ httpHeader(client.socket,"text/html",-1,-1, returns.answerCOD, "OK"); /* Montando a página resultado de um POST */ sprintf(buffer, "<html>\n<head>\n<title>Resultado do POST</title>\n</head>\n\n"); write(client.socket, buffer, strlen(buffer)); /* Imprimindo listagem de objetos */ sprintf(buffer, "<body>\n<h2>Variáveis POST</h2><BR>\n"); write(client.socket, buffer, strlen(buffer)); char *tockens; /*Acessando os dados recebidos via POST*/ tockens = strtok (client_request.post,"=&"); sprintf(buffer,"<h4>"); write(client.socket, buffer, strlen(buffer)); int i = 0; /*Imprimindo na tela nome da variaval = valor da variavel*/ while (tockens!=NULL) { if ((i%2)==0) { sprintf(buffer, "Variável: %s", tockens); write(client.socket,buffer,strlen(buffer)); } else { sprintf(buffer, " =<i> %s<BR>\n</i>", tockens); write(client.socket,buffer,strlen(buffer)); } tockens = strtok(NULL,"=&"); i++; } sprintf(buffer,"</h4>"); write(client.socket, buffer, strlen(buffer)); /* Fechando o HTML */ sprintf(buffer, "\n</body>\n</html>\n"); write(client.socket, buffer, strlen(buffer)); } }
/** * Função para enviar o arquivo */ void sendFile(int client_socket, CR_returns returns){ char dados; int i; /* Abrindo arquivo */ FILE *arq = fopen(returns.dir, "r"); /* Ver se o sistema tem acesso ao arquivo */ if (!arq) { returns.answerCOD = 403; httpHeader(client_socket,"text/html",-1,-1, returns.answerCOD, "Forbidden"); returnErro(client_socket,"Acesso Negado", returns.answerCOD); } else { int tamanho = S_ISREG(returns.statBuffer.st_mode) ? returns.statBuffer.st_size : -1; /* Preparando cabeçalho de resposta */ httpHeader(client_socket,get_mime_type(returns.dir),tamanho ,returns.statBuffer.st_mtime, returns.answerCOD, "OK"); /*Enviando arquivo */ while ((i = read(returns.n, &dados,1))) write(client_socket, &dados, 1); } }
int main(int argc, char ** argv){ cgi thisCGI; getCGIdata(&thisCGI); char * name=NULL; extractPOSTdata(&thisCGI, "name", &name); httpHeader(TEXT); if(user_exists(name)){ puts("exists\n"); }else{ puts("no\n"); } return 1; }
/** Prüfen ob ein Email in der Datenbank existiert. - für Registrierungsformular - Javascript führt Anfrage aus --> Auswertung der Antwort im Browser --> dem Benutzer wir eine Warnung angezeigt, wenn die E-Mail schon in der DB existiert. */ int main(int argc, char ** argv){ cgi thisCGI; init_CGI(&thisCGI); get_CGI_data(&thisCGI); char * email=NULL; extract_POST_data(&thisCGI, "email", &email); httpHeader(TEXT); if(email_exists(email)){ puts("exists\n"); }else{ puts("no\n"); } printf("Email war: '%s'\n", email); return 1; }
int main(int argc, char ** argv){ cgi datCGI; char * teach=NULL; char * acceptTOS=NULL; person reg_person; bool pw_short=false; init_person(®_person); init_CGI(&datCGI); get_CGI_data(&datCGI); if(datCGI.request_method == GET){ print_exit_failure("Use POST!"); } //Für die Namen: siehe HTML-Dokument mit entsprechenden <input>-Elementen extract_POST_data(&datCGI, "name_vor", ®_person.first_name); remove_newline(reg_person.first_name); clean_string(reg_person.first_name); extract_POST_data(&datCGI, "name", ®_person.name); remove_newline(reg_person.name); clean_string(reg_person.name); extract_POST_data(&datCGI, "email", ®_person.email); remove_newline(reg_person.email); clean_string(reg_person.email); extract_POST_data(&datCGI, "pass", ®_person.password); remove_newline(reg_person.password); extract_POST_data(&datCGI, "acronym", ®_person.acronym); remove_newline(reg_person.acronym); clean_string(reg_person.acronym); extract_POST_data(&datCGI, "teach", &teach); remove_newline(teach); extract_POST_data(&datCGI, "acceptTOS", &acceptTOS); remove_newline(acceptTOS); //TODO: fehlerhaften Aufruf abfangen if(strcmp(teach, "true") == 0){ reg_person.isTeacher=true; if(strlen(reg_person.acronym) != 3){ print_html_error("Das Kürzel muss genau 3 Zeichen lang sein", "/registrierung.html"); exit(EXIT_FAILURE); } }else{ reg_person.isTeacher=false; } //Die E-Mail-Adresse muss genau EIN '@' beinhalten if((strchr(reg_person.email, '@') == strrchr(reg_person.email, '@')) && strchr(reg_person.email, '@')) { #ifdef DEBUG fprintf(stderr, "es scheint alles zu passen (EMAIL)\n"); #endif // DEBUG if(strlen(reg_person.password)<8){ pw_short=true; } insert_user(®_person); } //fprintf(stderr, "\nnow comes da htmlz\n"); httpCacheControl("no-store, no-cache, must-revalidate, max-age=0"); httpHeader(HTML); //printf("%s\n", datCGI.POST_data); print_html_head("Passwort erneut eingeben", "Verifikation"); puts("<body>\n\ <div id='login-form'>\n"); printf("<p><span>Herzlich willkommen <span style='font-weight: bold;'>%s %s.</span><br>Bitte %s zum Anmelden %s Passwort ein</p>\n", reg_person.first_name, reg_person.name, reg_person.isTeacher ? "geben Sie" : "gib", reg_person.isTeacher ? "Ihr" : "dein" ); printf("<form method='post' action='/cgi-bin/login.cgi' style='border-radius: 1em; padding: 1em;' autocomplete='off'>\n\ <input type='hidden' name='email' value='%s' />\n\ <input class='textIn' placeholder='Passwort' type='password' id='pass' name='pass' required>\n\ <button class='submitButton' type='submit'>Anmelden*</button>\n\ </form>\n",reg_person.email); puts("<small>* Cookies müssen aktiviert sein!</small>\n"); if(pw_short){ puts("<br><small style='color: yellow; background-color: red;'>Sie sollten wirklich ein längeres Passwort verwenden!!</small>\n"); } puts("</div>\n</body>\n</html>\n"); /*puts("Erhaltene Daten:\n"); printf("CONTENT_LENGTH: %d\n", datCGI.content_length); printf("Name: %s\nPassword: %s\n", reg_person.name, reg_person.password); printf("Kuerzel: %s\nTeach: %s\n", reg_person.acronym, teach); printf("accepted TOS: %s\n\n", acceptTOS); printf("Post Data: %s\n", datCGI.POST_data);*/ exit(0); }
bool HttpRequestProcessor::preprocessRequest() { //Es kommt erstmal auf jeden Fall etwas Text. _socket->setTextModeEnabled(true); QString line; if (readLine(_socket, line)) { //do fancy stuff } else return false; //Erst beliebige Leerzeichen, dann GET oder PUT oder POST, dann Pfad, Evtl. Parameter, dann welche HTTP-Version. QRegExp httpHelloRegExp("(GET|PUT|POST|DELETE)\\s+([^\\?]+)(\\?\\S*)?\\s+HTTP/1.(0|1)"); //TODO: Vielleicht besser die RegExp einmal statisch erstellen statt immer wieder? if (httpHelloRegExp.indexIn(line) == -1) { std::cerr << "not well-formed: \"" << line << "\"" << std::endl; this->send400(); return false; } //Es kam ein gültiger Request. _requestType = httpHelloRegExp.cap(1); _requestPath = QUrl::fromPercentEncoding(httpHelloRegExp.cap(2).toUtf8()); _httpVersion = httpHelloRegExp.cap(4); QString parameters = httpHelloRegExp.cap(3); std::cerr << "requestPath: " << _requestPath << std::endl << "parameters: " << parameters << std::endl << "httpVersion: 1." << _httpVersion << std::endl; //Erst Parameter abfragen, dann können in der Zwischenzeit Daten //für die Header reinkommen. Müsste so rum schneller sein. QRegExp httpParameter("([^=]+)=([^&]+)&?"); int pos=1; while ((pos = httpParameter.indexIn(parameters, pos)) != -1) { pos += httpParameter.matchedLength(); _parameterMap[QUrl::fromPercentEncoding(httpParameter.cap(1).toUtf8())] = QUrl::fromPercentEncoding(httpParameter.cap(2).toUtf8()); //std::cerr << httpParameter.cap(1) << " = " << httpParameter.cap(2) << std::endl; } //Header abfragen. QRegExp httpHeader("(\\S\\S*):\\s\\s*([^\\n]*)"); int httpHeaderCount=0; while (readLine(_socket, line)) { httpHeaderCount++; //mehr als 127 Header-Zeilen wollen wir nicht verarbeiten: Da ist sicher jemand böses am Werk... if (httpHeaderCount>127) { this->send400(); return false; } if (httpHeader.indexIn(line) != -1) { _headerMap[httpHeader.cap(1)] = httpHeader.cap(2); //std::cerr << httpHeader.cap(1) << ": " << httpHeader.cap(2) << std::endl; } else break; } //Jetzt kommt potentiell kein Text mehr. _socket->setTextModeEnabled(false); return true; }
int httpResp( char* payload, int paylen ){ if( paylen > 14 && strcmp(payload, "GET / HTTP")){ //start ( '/' is the trailing part of the URL ) if(substr("\r\n\r\n", payload, paylen)){ //end //requested a webpage, in one packet. //printf_str("requested a webpage!\n"); g_httpContentLen = htmlDefault(); //content length seems to be minus the headers, the actual content length (surprise!) httpHeader(); //printf_int("header length:", g_httpHeaderLen); //printf_str("\n"); //printf_int("content length:", g_httpContentLen); //printf_str("\n"); return 1; } }else if(paylen >= 18 && substr("POST /data", payload, paylen)){ // get the specified past # ms of data. int pos = substr("rawLen=", payload, paylen); if(pos){ char* p; p = payload; p+= pos; int rawlen = atoi_(p, 10); if(rawlen >= 32 && rawlen <= 4000){ u32* wr_ptr = pWR_PTR; u32 ptr = ((*wr_ptr) & 0x3ffe0) - (rawlen*16*2); u32* dest = (u32*)HTTP_CONTENT; u32* src = (u32*)ptr; int i; for(i=0; i< rawlen*8; i++){ src = (u32*) ( ((u32)src) & 0x3ffff ); *dest++ = *src++; } g_httpContentLen = rawlen * 32; httpHeader(); } else { char* dest = (char*)HTTP_CONTENT; int len = 0; dest = strcpy_(dest, &len, "/data: rawLen unspecified or out of range"); g_httpContentLen = len; httpHeader(); } return 1; } }else if(paylen >= 18 && substr("POST",payload,paylen) ){ int pos = substr("POST",payload,paylen); payload += pos; paylen -= pos; char paramChanged = 0; if(substr("data_stream=",payload, paylen) ){ if(substr("=Enable",payload, paylen) ){ //then turn on the data stream! u32* wr_ptr = pWR_PTR; u32* tr_ptr = pTR_PTR; g_streamEnabled = 1; (*tr_ptr) = (*wr_ptr); //so that we don't spend a long time catching up. paramChanged = 1; } if(substr("=Disable",payload, paylen)){ g_streamEnabled = 0; paramChanged = 1; } } if(substr("filter_data",payload,paylen)){ if(substr("=Enable",payload, paylen) ){ *pRAW_ENAB = 0; //enable filter = disable raw. paramChanged = 1; } if(substr("=Disable",payload, paylen)){ *pRAW_ENAB = 1; //enable filter = disable raw. paramChanged = 1; } } // --- look at the mouse channels. char* p; pos = substr("xpos_chan=",payload,paylen); if(pos){ p = payload; p += pos; //g_mouseXpos = (u8)(PhysicalToLogicalChan(atoi_( p, 3)) & 0xff); paramChanged = 1; } pos = substr("ypos_chan=",payload,paylen); if(pos){ p = payload; p += pos; //g_mouseYpos = (u8)(PhysicalToLogicalChan(atoi_( p, 3)) & 0xff); paramChanged = 1; } pos = substr("xneg_chan=",payload,paylen); if(pos){ p = payload; p += pos; //g_mouseXneg = (u8)(PhysicalToLogicalChan(atoi_( p, 3)) & 0xff); paramChanged = 1; } pos = substr("yneg_chan=",payload,paylen); if(pos){ p = payload; p += pos; //g_mouseYneg = (u8)(PhysicalToLogicalChan(atoi_( p, 3)) & 0xff); paramChanged = 1; } //set the destination IP pos = substr("ip1=",payload,paylen); if(pos){ payload += pos; paylen -= pos; //speed up the search.. p = payload; u32 tip = atoi_(p,3) & 0xff; NetDataDestIP &= 0xffffff00 ; //big-endian order. NetDataDestIP += tip; paramChanged = 1; } pos = substr("ip2=",payload,paylen); if(pos){ payload += pos; paylen -= pos; //speed up the search.. p = payload; u32 tip = atoi_(p,3) & 0xff; NetDataDestIP &= 0xffff00ff ; NetDataDestIP += tip << 8; paramChanged = 1; } pos = substr("ip3=",payload,paylen); if(pos){ payload += pos; paylen -= pos; //speed up the search.. p = payload; u32 tip = atoi_(p,3) & 0xff; NetDataDestIP &= 0xff00ffff ; NetDataDestIP += tip << 16; paramChanged = 1; } pos = substr("ip4=",payload,paylen); if(pos){ payload += pos; paylen -= pos; //speed up the search.. p = payload; u32 tip = atoi_(p,3) & 0xff; NetDataDestIP &= 0x00ffffff ; NetDataDestIP += tip << 24; paramChanged = 1; } // -------------------------- if(paramChanged){ g_httpContentLen = htmlDefault(); httpHeader(); return 1; } // calibrate thresholds! if(substr("calibrate=Cal",payload,paylen)){ //look at the last 2 seconds of data & measure mean. //*assuming that the absolute value has been taken* int sum[16]; int i,j; for(i=0; i<16;i++){ sum[i] = 0; } u32* wr_ptr = pWR_PTR; u32 ptr = ((*wr_ptr) & 0x3ffe0) - (16*2048*2); ptr &= 0x3ffff; u16* p = (u16*)ptr; for(j=0; j<2048; j++){ for(i=0; i<16; i++){ sum[i] += *p++; p = (u16*)((u32)p & 0x3ffff); } } for(i=0; i<16;i++){ sum[i] = sum[i] >> 11; } int len = htmlDefault(); char* dest = (char*)HTTP_CONTENT; len -= 19; //overwrite the </body> </html> dest += len; dest = strcpy_(dest, &len, "<table>\n"); for(i=0; i<16; i++){ int logical = 0/*PhysicalToLogicalChan(i)*/; dest = strcpy_(dest, &len, "<tr><td>Channel "); dest = strprintf_int(dest, &len, i ); dest = strcpy_(dest, &len, "</td><td>mean "); dest = strprintf_int(dest, &len, sum[logical]); dest = strcpy_(dest, &len, "</td></tr>\n"); } dest = strcpy_( dest, &len, "</table></body></html>\r\n" ); g_httpContentLen = len ; httpHeader(); return 1; }