/*******************************************************************
* 顯示佈告相關 TAG (一般區 & 精華區 & 信件 通用)
*
*
*******************************************************************/
void
ShowPost(char *tag, BOARDHEADER * board, POST_FILE * pf)
{
char *p, *para = NULL;
int pagesize, start, end;
char value[256];
if (request_rec->URLParaType != PostRead
&& request_rec->URLParaType != TreaRead
&& request_rec->URLParaType != MailRead
&& request_rec->URLParaType != SkinModify)
{
return;
}
if ((p = strchr(tag, ' ')) != NULL)
{
*p = '\0';
para = p + 1;
}
#if 0
fprintf(fp_out, "<%d>, tag=[%s], \n", request_rec->URLParaType, tag);
fflush(fp_out);
#endif
if (!strcasecmp(tag, "Num"))
{
fprintf(fp_out, "%d", pf->num);
}
else if (!strcasecmp(tag, "Date"))
{
fprintf(fp_out, "%s", pf->date);
}
else if (!strcasecmp(tag, "Sender"))
{
fprintf(fp_out, "%s", pf->fh.owner);
}
else if (!strcasecmp(tag, "BackList"))
{
#ifdef TORNADO_OPTIMIZE
if (isTORNADO)
return;
#endif
GetPara3(value, "PAGE", para, 4, "-1");
pagesize = atoi(value);
find_list_range(&start, &end, pf->num, pagesize, pf->total_rec);
GetPara3(value, "VALUE", para, sizeof(value), MSG_PostBackList);
fprintf(fp_out, "<A HREF=\"%d-%d\">%s</A>", start, end, value);
}
else if (!strcasecmp(tag, "BackListNum"))
{
GetPara3(value, "PAGE", para, 3, "-1");
pagesize = atoi(value);
find_list_range(&start, &end, pf->num, pagesize, pf->total_rec);
fprintf(fp_out, "%d-%d", start, end);
}
else if (!strcasecmp(tag, "Last"))
{
#if 0
if (isTORNADO)
return;
#endif
GetPara3(value, "VALUE", para, sizeof(value), MSG_PostLast);
if (!strcmp(pf->lfname, "-1"))
{
fprintf(fp_out, "%s", value);
}
else
{
if (pf->type & LAST_POST_IS_HTML)
fprintf(fp_out, "<A HREF=\"%s/PostHtml.html\" target=\"new\">%s</A>", pf->lfname, value);
else
fprintf(fp_out, "<A HREF=\"%s.html\">%s</A>", pf->lfname, value);
}
}
else if (!strcasecmp(tag, "Next"))
{
#if 0
if (isTORNADO)
return;
#endif
GetPara3(value, "VALUE", para, sizeof(value), MSG_PostNext);
if (!strcmp(pf->nfname, "-1"))
{
fprintf(fp_out, "%s", value);
}
else
{
if (pf->type & NEXT_POST_IS_HTML)
fprintf(fp_out, "<A HREF=\"%s/PostHtml.html\" Target=\"new\">%s</A>", pf->nfname, value);
else
fprintf(fp_out, "<A HREF=\"%s.html\">%s</A>", pf->nfname, value);
}
}
#ifdef TTT
else if (!strcasecmp(tag, "LastRelated"))
{
GetPara3(value, "VALUE", para, sizeof(value), MSG_PostLastRelated);
if (!strcmp(pf->lrfname, "-1"))
{
fprintf(fp_out, "%s", value);
}
else
{
fprintf(fp_out, "<A HREF=\"%s.html\">%s</A>", pf->lrfname, value);
}
}
else if (!strcasecmp(tag, "NextRelated"))
{
GetPara3(value, "VALUE", para, sizeof(value), MSG_PostNextRelated);
if (!strcmp(pf->nrfname, "-1"))
{
fprintf(fp_out, "%s", value);
}
else
{
fprintf(fp_out, "<A HREF=\"%s.html\">%s</A>", pf->nrfname, value);
}
}
#endif
else if (!strcasecmp(tag, "Reply"))
{
#ifdef TORNADO_OPTIMIZE
if (isTORNADO)
return;
#endif
GetPara3(value, "VALUE", para, sizeof(value), MSG_PostReply);
fprintf(fp_out, "<A HREF=\"%s/%s\">%s</A>",
pf->fh.filename,
(request_rec->URLParaType == MailRead) ? HTML_MailReply : HTML_PostReply,
value);
}
else if (!strcasecmp(tag, "Send"))
{
#ifdef TORNADO_OPTIMIZE
if (isTORNADO)
return;
#endif
GetPara3(value, "VALUE", para, sizeof(value), MSG_PostSend);
fprintf(fp_out, "<A HREF=\"%s\">%s</A>", HTML_PostSend, value);
}
else if (!strcasecmp(tag, "Edit"))
{
#ifdef TORNADO_OPTIMIZE
if (isTORNADO)
return;
#endif
if (PSCorrect != Correct)
return;
GetPara3(value, "VALUE", para, sizeof(value), MSG_PostEdit);
fprintf(fp_out, "<A HREF=\"%s/%s\">%s</A>",
pf->fh.filename, HTML_PostEdit, value);
}
else if (!strcasecmp(tag, "Forward"))
{
#ifdef TORNADO_OPTIMIZE
if (isTORNADO)
return;
#endif
if (request_rec->URLParaType != MailRead && PSCorrect != Correct)
return;
GetPara3(value, "VALUE", para, sizeof(value), MSG_PostForward);
fprintf(fp_out, "<A HREF=\"%s/%s\">%s</A>",
pf->fh.filename,
(request_rec->URLParaType == MailRead) ? HTML_MailForward : HTML_PostForward,
value);
}
else if (!strcasecmp(tag, "Delete"))
{
#ifdef TORNADO_OPTIMIZE
if (isTORNADO)
return;
#endif
if (request_rec->URLParaType != MailRead && PSCorrect != Correct)
return;
GetPara3(value, "VALUE", para, sizeof(value), MSG_PostDelete);
fprintf(fp_out, "<A HREF=\"%s/%s\">%s</A>",
pf->fh.filename,
(request_rec->URLParaType == MailRead) ? HTML_MailDelete : HTML_PostDelete,
value);
}
else if (!strcasecmp(tag, "Content"))
{
if (request_rec->URLParaType == MailRead && PSCorrect != Correct)
return;
if (request_rec->URLParaType == SkinModify)
ShowArticle(pf->POST_NAME, FALSE, FALSE);
else
ShowArticle(pf->POST_NAME, FALSE, TRUE);
}
else if (!strcasecmp(tag, "Title") || !strcasecmp(tag, "Subject"))
{
#ifdef QP_BASE64_DECODE
if (strstr(pf->fh.title, "=?")) /* title maybe encoded */
{
char source[STRLEN];
strcpy(source, pf->fh.title);
decode_line(pf->fh.title, source);
}
#endif
souts(pf->fh.title, STRLEN);
fprintf(fp_out, "%s", pf->fh.title);
}
else if (!strcasecmp(tag, "ReplyContent"))
{
if (request_rec->URLParaType == MailRead && PSCorrect != Correct)
return;
include_ori(pf->POST_NAME, NULL); /* lthuang */
}
else if (!strcasecmp(tag, "ReplyTitle") || !strcasecmp(tag, "ReplySubject"))
{
#ifdef QP_BASE64_DECODE
if (strstr(pf->fh.title, "=?")) /* title maybe encoded */
{
strcpy(value, pf->fh.title);
decode_line(pf->fh.title, value);
}
#endif
souts(pf->fh.title, STRLEN);
if (strncmp(pf->fh.title, STR_REPLY, REPLY_LEN))
fprintf(fp_out, "%s", STR_REPLY);
fprintf(fp_out, "%s", pf->fh.title);
}
else if (!strcasecmp(tag, "Body"))
{
if (request_rec->URLParaType == MailRead && PSCorrect != Correct)
return;
if (strstr(skin_file->filename, "PostHtml.html")
|| strstr(skin_file->filename, HTML_PostEdit))
{
ShowArticle(pf->POST_NAME, TRUE, FALSE);
}
else
ShowArticle(pf->POST_NAME, TRUE, TRUE);
}
else if (!strcasecmp(tag, "FileName"))
{
fprintf(fp_out, "%s", pf->fh.filename);
}
else if (!strcasecmp(tag, "LastFileName"))
{
fprintf(fp_out, "%s.html", pf->lfname);
}
else if (!strcasecmp(tag, "NextFileName"))
{
fprintf(fp_out, "%s.html", pf->nfname);
}
}
/*******************************************************************
* 根據 URLParaType 執行 POST 的要求
*
* return HttpRespondType
*******************************************************************/
int
DoPostRequest(REQUEST_REC * r, BOARDHEADER * board, POST_FILE * pf)
{
int result, URLParaType;
char *form_data, *boardname;
result = WEB_ERROR;
URLParaType = r->URLParaType;
boardname = board->filename;
/* Get FORM data */
if ((form_data = GetFormBody(r->content_length, WEBBBS_ERROR_MESSAGE)) == NULL)
return WEB_ERROR;
#ifdef DEBUG
weblog_line(server->debug_log, form_data);
fflush(server->debug_log);
#endif
if (PSCorrect == nLogin && URLParaType == PostSend)
{
/* PostSend allow username&password in form body without login */
char pass[PASSLEN * 3];
GetPara2(username, "Name", form_data, IDLEN, ""); /* get userdata from form */
GetPara2(pass, "Password", form_data, PASSLEN * 3, "");
Convert(pass, password);
PSCorrect = CheckUserPassword(username, password);
}
if (URLParaType == PostSend
|| URLParaType == TreaSend
|| URLParaType == PostEdit
|| URLParaType == TreaEdit
|| URLParaType == PostForward
|| URLParaType == TreaForward
|| URLParaType == PostDelete
|| URLParaType == TreaDelete
|| URLParaType == SkinModify
|| URLParaType == AccessListModify
)
{
int perm;
/* boardname should set in advance, now in ParseURI() */
if (get_board(board, boardname) <= 0 || board->filename[0] == '\0')
return WEB_BOARD_NOT_FOUND;
if ((perm = CheckBoardPerm(board, &curuser)) != WEB_OK)
return perm;
}
if (PSCorrect == Correct
|| (PSCorrect == gLogin && (URLParaType == PostSend || URLParaType == TreaSend))
|| URLParaType == UserNew)
{
int start, end;
char path[PATHLEN];
switch (URLParaType)
{
case PostSend:
case TreaSend:
if ((result = PostArticle(form_data, board, pf)))
{
#if 1
if (URLParaType == TreaSend)
{
if (strlen(pf->POST_NAME))
sprintf(skin_file->filename, "/%streasure/%s/%s/$",
BBS_SUBDIR, boardname, pf->POST_NAME);
else
sprintf(skin_file->filename, "/%streasure/%s/$",
BBS_SUBDIR, boardname);
}
else
{
sprintf(skin_file->filename, "/%sboards/%s/",
BBS_SUBDIR, boardname);
}
#endif
if (PSCorrect == Correct)
UpdateUserRec(URLParaType, &curuser, board);
}
break;
case MailSend:
if ((result = PostArticle(form_data, board, pf)))
{
sprintf(skin_file->filename, "/%smail/", BBS_SUBDIR);
UpdateUserRec(URLParaType, &curuser, NULL);
}
break;
case PostEdit:
case TreaEdit:
if ((result = EditArticle(form_data, board, pf)))
{
sprintf(skin_file->filename, "/%s%s.html",
BBS_SUBDIR, pf->POST_NAME);
}
break;
case PostForward:
case TreaForward:
case MailForward:
if ((result = ForwardArticle(form_data, board, pf)))
{
find_list_range(&start, &end, pf->num, DEFAULT_PAGE_SIZE, pf->total_rec);
setdotfile(path, pf->POST_NAME, NULL);
sprintf(skin_file->filename, "/%s%s%d-%d",
BBS_SUBDIR, path, start, end);
}
break;
case PostDelete:
case TreaDelete:
case MailDelete:
if ((result = DeleteArticle(form_data, board, pf)))
{
if (URLParaType == PostDelete)
{
find_list_range(&start, &end, pf->num, DEFAULT_PAGE_SIZE, pf->total_rec);
sprintf(skin_file->filename, "/%sboards/%s/%d-%d",
BBS_SUBDIR, boardname, start, end);
}
else if (URLParaType == TreaDelete)
{
setdotfile(path, pf->POST_NAME, NULL);
sprintf(skin_file->filename, "/%s%s",
BBS_SUBDIR, path);
}
else
/* MailDelete */
{
sprintf(skin_file->filename, "/%smail/", BBS_SUBDIR);
}
}
break;
case UserNew:
if ((result = NewUser(form_data, &curuser)))
sprintf(skin_file->filename, "%s%s%s",
HTML_PATH, BBS_SUBDIR, HTML_UserNewOK);
break;
case UserIdent:
if ((result = DoUserIdent(form_data, &curuser)))
sprintf(skin_file->filename, "%s%s%s",
HTML_PATH, BBS_SUBDIR, HTML_UserIdentOK);
break;
case UserData:
if ((result = UpdateUserData(form_data, &curuser)))
sprintf(skin_file->filename, "/%susers/%s",
BBS_SUBDIR, HTML_UserData);
break;
case UserPlan:
if ((result = UpdateUserPlan(form_data, &curuser)))
sprintf(skin_file->filename, "/%susers/%s",
BBS_SUBDIR, HTML_UserPlan);
break;
case UserSign:
if ((result = UpdateUserSign(form_data, &curuser)))
sprintf(skin_file->filename, "/%susers/%s",
BBS_SUBDIR, HTML_UserSign);
break;
case UserFriend:
if ((result = UpdateUserFriend(form_data, &curuser)))
sprintf(skin_file->filename, "/%susers/%s",
BBS_SUBDIR, HTML_UserFriend);
break;
#ifdef WEB_ADMIN
case BoardModify: /* admin function */
if (!HAS_PERM(PERM_SYSOP)
#ifdef NSYSUBBS
|| !strstr(request_rec->fromhost, "140.17.12.")
#endif
)
{
sprintf(WEBBBS_ERROR_MESSAGE,
"%s 沒有權限修改看板設定", username);
result = WEB_ERROR;
}
else if ((result = ModifyBoard(form_data, board)))
sprintf(skin_file->filename, "/%sboards/%s/%s",
BBS_SUBDIR, boardname, HTML_BoardModify);
break;
#endif
case SkinModify: /* customize board skins */
if (strcmp(username, board->owner) && !HAS_PERM(PERM_SYSOP))
{
sprintf(WEBBBS_ERROR_MESSAGE,
"%s 沒有權限修改討論區介面", username);
result = WEB_ERROR;
}
else if (!(board->brdtype & BRD_WEBSKIN))
{
sprintf(WEBBBS_ERROR_MESSAGE,
"討論區 [%s] 尚未打開自定介面功\能", board->filename);
result = WEB_ERROR;
}
else if ((result = ModifySkin(form_data, board, pf)))