Пример #1
0
Account *accountCreate(sqlite3 *DB, char *name, char *email, char *username, char *password) {
    int rc;
    Account *account = NULL;
    sqlite3_stmt *statement;

    rc = sqlite3_prepare_v2(
        DB,
        "INSERT INTO accounts(createdAt, name, email, username, password)"
        "     VALUES         (        ?,    ?,     ?,        ?,        ?)",
        -1, &statement, NULL);

    if (rc != SQLITE_OK) return NULL;

    char *escapedName  = bsEscape(name);
    char *escapedEmail = bsEscape(email);

    if (sqlite3_bind_int(statement, 1, time(NULL))              != SQLITE_OK) goto fail;
    if (sqlite3_bind_text(statement, 2, escapedName, -1, NULL)  != SQLITE_OK) goto fail;
    if (sqlite3_bind_text(statement, 3, escapedEmail, -1, NULL) != SQLITE_OK) goto fail;
    if (sqlite3_bind_text(statement, 4, username, -1, NULL)     != SQLITE_OK) goto fail;
    if (sqlite3_bind_text(statement, 5, password, -1, NULL)     != SQLITE_OK) goto fail;

    if (sqlite3_step(statement) == SQLITE_DONE) {
        account = accountGetByEmail(DB, email);
    }

fail:
    bsDel(escapedName);
    bsDel(escapedEmail);
    sqlite3_finalize(statement);
    return account;
}
Пример #2
0
static inline ListCell *parseQS(char *path) {
    ListCell *qs = NULL;

    char *copy = bsNew(path);
    char *segment, *key, *value;

    bool s = true;

    for (;;) {
        if (s) {segment = strtok(copy, "="); s = false;}
        else   {segment = strtok(NULL, "=");}

        if (segment == NULL) break;
        if (*(segment + strlen(segment) + 1) == '&') continue;

        key     = segment;
        segment = strtok(NULL, "&\0");

        if (segment == NULL) break;

        key   = urldecode(key);
        value = urldecode(segment);
        qs    = listCons(kvNew(key, value), sizeof(KV), qs);

        bsDel(key);
        bsDel(value);
    }

    bsDel(copy);

    return qs;
}
Пример #3
0
void requestDel(Request *req) {
    if (req->path        != NULL) bsDel(req->path);
    if (req->uri         != NULL) bsDel(req->uri);
    if (req->queryString != NULL) kvDelList(req->queryString);
    if (req->postBody    != NULL) kvDelList(req->postBody);
    if (req->headers     != NULL) kvDelList(req->headers);
    if (req->cookies     != NULL) kvDelList(req->cookies);
    if (req->account     != NULL) accountDel(req->account);

    free(req);
}
Пример #4
0
static inline ListCell *parseCookies(char *header) {
    ListCell *cookies = NULL;

    char *copy = bsNew(header);
    char *segment, *key;

    bool s = true;

    for (;;) {
        if (s) {segment = strtok(copy, "="); s = false;}
        else   {segment = strtok(NULL, "=");}

        if (segment == NULL) break;

        if (*segment == ' ') segment += 1;

        key     = segment;
        segment = strtok(NULL, ";\0");

        if (segment == NULL) break;

        cookies = listCons(kvNew(key, segment), sizeof(KV), cookies);
    }

    bsDel(copy);

    return cookies;
}
Пример #5
0
char *bsEscape(char *bs)
{
    char *copy = bsNew(bs);
    char *res  = bsNew("");

    char *c = copy;
    char *p = copy;

    while (*c != '\0') {
        if (*c == '<') {
            *c = '\0';
            bsLCat(&res, p);
            bsLCat(&res, "&lt;");
            p = c + 1;
        } else if (*c == '>') {
            *c = '\0';
            bsLCat(&res, p);
            bsLCat(&res, "&gt;");
            p = c + 1;
        }
        c++;
    }

    bsLCat(&res, p);
    bsDel(copy);
    return res;
}
Пример #6
0
Post *postCreate(sqlite3 *DB, int authorId, char *body) {
    int rc, t;
    Post *post = NULL;
    sqlite3_stmt *statement;

    t  = time(NULL);
    rc = sqlite3_prepare_v2(
        DB,
        "INSERT INTO posts(createdAt, author, body)"
        "     VALUES      (        ?,      ?,    ?)",
        -1, &statement, NULL);

    if (rc != SQLITE_OK) return NULL;

    char *escapedBody = bsEscape(body);

    if (sqlite3_bind_int(statement, 1, t)                      != SQLITE_OK) goto fail;
    if (sqlite3_bind_int(statement, 2, authorId)               != SQLITE_OK) goto fail;
    if (sqlite3_bind_text(statement, 3, escapedBody, -1, NULL) != SQLITE_OK) goto fail;

    if (sqlite3_step(statement) == SQLITE_DONE) {
        post = postNew(sqlite3_last_insert_rowid(DB),
                       t, authorId, body);
    }

fail:
    bsDel(escapedBody);
    sqlite3_finalize(statement);
    return post;
}
Пример #7
0
void do_response(Request *req, Response ** res, sqlite3 *db)
{
    if (!req->account) return;

    int id = -1;
	char *idStr = NULL;
    if((idStr = kvFindList(req->queryString, "id"))){
        sscanf(idStr, "%d", &id);	
    }

    Post *post = postGetById(db, id);
    if (!post) goto fail;

    likeDel(likeCreate(db, req->account->id, post->authorId, post->id));

    if (kvFindList(req->queryString, "r")) {
        char sbuff[1024];
        sprintf(sbuff, "/profile?id=%d", post->authorId);
        bsDel(idStr);
        *res = responseNewRedirect(sbuff);
    }

fail:
    *res = responseNewRedirect("/dashboard");
}
Пример #8
0
void responseDel(Response *response)
{
    if (response->headers) kvDelList(response->headers);
    if (response->body) bsDel(response->body);

    free(response);
}
Пример #9
0
Session *sessionCreate(sqlite3 *DB, char *username, char *password)
{
    int aid;
    char *sid = NULL;
    Session *session = NULL;
    sqlite3_stmt *statement;

    if (sqlite3_prepare_v2(DB,
                           "SELECT id"
                           "  FROM accounts"
                           " WHERE username = ?"
                           "   AND password = ?",
                           -1, &statement, NULL) != SQLITE_OK) {
        return NULL;
    }

    if (sqlite3_bind_text(statement, 1, username, -1, NULL) != SQLITE_OK)
        goto fail;
    if (sqlite3_bind_text(statement, 2, password, -1, NULL) != SQLITE_OK)
        goto fail;
    if (sqlite3_step(statement) != SQLITE_ROW)
        goto fail;

    sid = bsRandom(24, username);
    aid = sqlite3_column_int(statement, 0);
    sqlite3_finalize(statement);

    if (sqlite3_prepare_v2(DB,
                           "INSERT INTO sessions(createdAt, account, session)"
                           "     VALUES         (        ?,       ?,       ?)",
                           -1, &statement, NULL) != SQLITE_OK) {
        goto fail;
    }

    if (sqlite3_bind_int(statement, 1, time(NULL)) != SQLITE_OK) goto fail;
    if (sqlite3_bind_int(statement, 2, aid) != SQLITE_OK) goto fail;
    if (sqlite3_bind_text(statement, 3, sid, -1, NULL) != SQLITE_OK) goto fail;
    if (sqlite3_step(statement) != SQLITE_DONE)
        goto fail;

    session = sessionGetBySId(DB, sid);

fail:
    if (sid)
        bsDel(sid);

    sqlite3_finalize(statement);

    return session;
}
Пример #10
0
void accountDel(Account *account) {
    bsDel(account->name);
    bsDel(account->email);
    bsDel(account->username);
    free(account);
}
Пример #11
0
void postDel(Post *post) {
    bsDel(post->body);
    free(post);
}
Пример #12
0
void sessionDel(Session *session)
{
    bsDel(session->sessionId);
    free(session);
}