int main(int argc, char *argv[], char **envp) { Str mailcapfile; extern char *getenv(); char *p; int length; Str qs = NULL; struct parsed_tagarg *cgiarg; char *mode; char *sent_cookie; GC_INIT(); p = getenv("REQUEST_METHOD"); if (p == NULL || strcasecmp(p, "post")) goto request_err; p = getenv("CONTENT_LENGTH"); if (p == NULL || (length = atoi(p)) <= 0) goto request_err; qs = Strfgets(stdin); Strchop(qs); if (qs->length != length) goto request_err; cgiarg = cgistr2tagarg(qs->ptr); p = getenv("LOCAL_COOKIE_FILE"); if (p) { FILE *f = fopen(p, "r"); if (f) { local_cookie = Strfgets(f)->ptr; fclose(f); } } sent_cookie = tag_get_value(cgiarg, "cookie"); if (local_cookie == NULL || sent_cookie == NULL || strcmp(local_cookie, sent_cookie) != 0) { /* Local cookie doesn't match */ bye("Local cookie doesn't match: It may be an illegal execution", ""); } mode = tag_get_value(cgiarg, "mode"); mailcapfile = Strnew_charp(expandPath(USER_MAILCAP)); if (mode && !strcmp(mode, "edit")) { char *referer; /* check if I can edit my mailcap */ if ((referer = getenv("HTTP_REFERER")) != NULL) { if (strncmp(referer, "file://", 7) != 0 && strncmp(referer, "exec://", 7) != 0) { /* referer is not file: nor exec: */ bye("It may be an illegal execution\n referer=", referer); } } /* edit mailcap */ editMailcap(mailcapfile->ptr, cgiarg); } else { /* initial panel */ printMailcapPanel(mailcapfile->ptr); } return 0; request_err: bye("Incomplete Request:", qs ? qs->ptr : "(null)"); exit(1); }
int main(int argc, char *argv[], char **envp) { extern char *getenv(); char *p; int length; Str qs = NULL; struct parsed_tagarg *cgiarg; char *mode; char *bmark; char *url; char *title; char *sent_cookie; p = getenv("REQUEST_METHOD"); if (p == NULL || strcasecmp(p, "post")) goto request_err; p = getenv("CONTENT_LENGTH"); if (p == NULL || (length = atoi(p)) <= 0) goto request_err; qs = Strfgets(stdin); Strchop(qs); if (qs->length != length) goto request_err; cgiarg = cgistr2tagarg(qs->ptr); p = getenv("LOCAL_COOKIE_FILE"); if (p) { FILE *f = fopen(p, "r"); if (f) { Local_cookie = Strfgets(f)->ptr; fclose(f); } } sent_cookie = tag_get_value(cgiarg, "cookie"); if (sent_cookie == NULL || Local_cookie == NULL || strcmp(sent_cookie, Local_cookie) != 0) { /* local cookie doesn't match: It may be an illegal invocation */ printf("Content-Type: text/plain\n\n"); printf("Local cookie doesn't match: It may be an illegal invocation\n"); exit(1); } mode = tag_get_value(cgiarg, "mode"); bmark = expandPath(tag_get_value(cgiarg, "bmark")); url = tag_get_value(cgiarg, "url"); title = tag_get_value(cgiarg, "title"); if (bmark == NULL || url == NULL) goto request_err; if (mode && !strcmp(mode, "panel")) { if (title == NULL) title = ""; print_bookmark_panel(bmark, url, title); } else if (mode && !strcmp(mode, "register")) { printf("Content-Type: text/plain\n"); if (insert_bookmark(bmark, cgiarg)) { printf("w3m-control: BACK\n"); printf("w3m-control: BACK\n"); } printf("\n"); } return 0; request_err: printf("Content-Type: text/plain\n\n"); printf("Incomplete Request: %s\n", qs ? qs->ptr : "(null)"); exit(1); }