int _httpUpdate(http_t *http, http_status_t *status)
{
char line[32768], /* Line from connection... */
*value; /* Pointer to value on line */
http_field_t field; /* Field index */
int major, minor; /* HTTP version numbers */
if (!httpGets(line, sizeof(line), http))
{
*status = HTTP_ERROR;
return (0);
}
if (line[0] == '\0')
{
if (http->status == HTTP_CONTINUE)
{
*status = http->status;
return (0);
}
if (http->status < HTTP_BAD_REQUEST)
http->digest_tries = 0;
httpGetLength2(http);
switch (http->state)
{
case HTTP_GET :
case HTTP_POST :
case HTTP_POST_RECV :
case HTTP_PUT :
http->state = (http_state_t)(http->state+1);
case HTTP_POST_SEND :
case HTTP_HEAD :
break;
default :
http->state = HTTP_WAITING;
break;
}
*status = http->status;
return (0);
}
else if (!strncmp(line, "HTTP/", 5))
{
int intstatus;
if (sscanf(line, "HTTP/%d.%d%d", &major, &minor, &intstatus) != 3)
{
*status = http->status = HTTP_ERROR;
return (0);
}
http->version = (http_version_t)(major * 100 + minor);
*status = http->status = (http_status_t)intstatus;
}
else if ((value = strchr(line, ':')) != NULL)
{
*value++ = '\0';
while (isspace(*value))
value ++;
if (!strcaseinsensitivecmp(line, "expect"))
{
http->expect = (http_status_t)atoi(value);
}
else if (!strcaseinsensitivecmp(line, "cookie"))
{
httpSetCookie(http, value);
}
else if ((field = http_field(line)) != HTTP_FIELD_UNKNOWN)
httpSetField(http, field, value);
#ifdef DEBUG
else
DEBUG_printf(("1_httpUpdate: unknown field %s seen!", line));
#endif /* DEBUG */
}
else
{
*status = http->status = HTTP_ERROR;
return (0);
}
return (1);
}
PUBLIC void espRemoveCookie(HttpConn *conn, cchar *name)
{
httpSetCookie(conn, name, "", "/", NULL, -1, 0);
}
void espSetCookie(HttpConn *conn, cchar *name, cchar *value, cchar *path, cchar *cookieDomain, MprTime lifespan,
bool isSecure)
{
httpSetCookie(conn, name, value, path, cookieDomain, lifespan, isSecure);
}
/**
Benutzer anmelden (Passwort Überprüfen)
*/
int main(int argc, char ** argv)
{
cgi datCGI;
init_CGI(&datCGI);
person login_person;
init_person(&login_person);
//fprintf(stderr, "Hallo vor Post\n");
get_CGI_data(&datCGI);
if(datCGI.request_method != POST) {
print_exit_failure("Use POST!");
}
//fprintf(stderr, "POST_DATA: %s", datCGI.POST_data);
//Aus POST_data den String zwischen <AttributName>= und '&' ausschneiden
extract_POST_data(&datCGI, "email", &login_person.email);
remove_newline(login_person.email);
extract_POST_data(&datCGI, "pass", &login_person.password);
remove_newline(login_person.password);
if(login_person.email == NULL) {
httpSetCookie("EMAIL", "NULL");
httpSetCookie("SID", "0");
httpCacheControl("no-cache");
char * redirectString=NULL;
asprintf(&redirectString, "https://%s/incorrect_password.html", datCGI.http_host);
httpRedirect(redirectString);
}
//fprintf(stderr, "POST_DATA: %s", datCGI.POST_data);
//TODO: Verhindern, dass sich ein anderer Nutzer vom selben Rechner aus einloggt wenn der erste noch nicht abgemeldet ist
//(zweimaliges Anmelden verhindern)
//Das ist sehr unwahrscheinlich
/*
if(datCGI.http_cookies != NULL){
person already_logged_in_person;
init_person(&already_logged_in_person);
char * cook_sid=NULL;
if(extract_COOKIE_data(&datCGI, "EMAIL", &already_logged_in_person.email) == 0 && extract_COOKIE_data(&datCGI, "SID", &cook_sid) == 0){
//print_exit_failure("Hier ist schon jemand eingeloggt");
already_logged_in_person.sid=atoi(cook_sid);
if(get_person_by_sid(&already_logged_in_person)){
print_exit_failure("Hier ist schon jemand eingeloggt");
}
}
}*/
UserState user_state=verify_user(&login_person);
//Zwei cookies setzen
if(user_state == PW_CORRECT || user_state == PW_CORRECT_ALREADY_LOGGED_IN) {
httpSetCookie("EMAIL", login_person.email);
char * sid_string;
asprintf(&sid_string, "%d", login_person.sid);
httpSetCookie("SID", sid_string);
httpCacheControl("no-store, no-cache, must-revalidate, max-age=0");
char * redirectString=NULL;
asprintf(&redirectString, "https://%s/cgi-bin/all_messages.cgi", datCGI.http_host);
httpRedirect(redirectString);
}
if(user_state == PW_INCORRECT) {
httpSetCookie("EMAIL", "NULL");
httpSetCookie("SID", "0");
httpCacheControl("no-store, no-cache, must-revalidate, max-age=0");
char * redirectString=NULL;
asprintf(&redirectString, "https://%s/incorrect_password.html", datCGI.http_host);
httpRedirect(redirectString);
}
/*
httpHeader(HTML);
printf("<!DOCTYPE html><head>\
<title>InfoWall -- Anmeldung</title>\
<meta http-equiv=\"content-type\" content=\"text/html;charset=utf-8\" />\
<meta name=\"viewport\" content=\"width=device-width\">\
</head>\
<body>");
printf("%s\n", datCGI.POST_data);
puts("<h1>Erhaltene Daten:</h1>\n");
printf("<br>CONTENT_LENGTH: %d -- REQUEST_METHOD: %s\n", datCGI.content_length, datCGI.request_method);
printf("<br>Name: %s\nPassword: %s\n", login_person.email, login_person.password);
printf("<br>Post Data: %s\n", datCGI.POST_data);
puts("<br>\n\n\n\n");
if(login_person.auth && user_state==0){
puts("<h2>Personendaten:</h2>\n");
printf("<br>User ID: %d\n", login_person.id);
printf("<br>Vorname: %s\n", login_person.first_name);
printf("<br>Nachname: %s\n", login_person.name);
printf("<br>Email: %s\n", login_person.email);
printf("<br>Passwort: %s (richtig)\n", login_person.password);
printf("<br>Faecher: %s\n", login_person.courses);
if(login_person.isTeacher)printf("<br>Kuerzel: %s\n", login_person.acronym);
printf("<br>SID: %d\n", login_person.sid);
puts("<a href=\"/cgi-bin/logout.cgi\" style=\"color: green;\">LOGOUT</a>\
<br><a href=\"/cgi-bin/all_messages.cgi\">Alle Nachrichten</a>");
puts("<iframe src=\"/cgi-bin/all_messages.cgi\" style=\"width: 100%; height: 500px;\"");
}else{
puts("<br>YOU FAIL!!\n");
if(user_state == 1){
puts("Bereits angemeldet!");
printf("<a href=\"/cgi-bin/logout.cgi\">LOGOUT</a>\
<br><a href=\"/cgi-bin/all_messages.cgi\">Alle Nachrichten</a>");
}
}
printf("</body>\
</html>");*/
exit(0);
}
