2016-08-16 10:28:48 +00:00
|
|
|
#if defined(ENABLE_WWW)
|
|
|
|
|
|
|
|
|
|
#include <microhttpd.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <sys/stat.h>
|
2016-08-17 00:55:03 +00:00
|
|
|
#include <fcntl.h>
|
2016-08-17 09:26:01 +00:00
|
|
|
#include <b64/cdecode.h>
|
2016-08-20 22:01:23 +00:00
|
|
|
#include <sys/socket.h>
|
|
|
|
|
#include <arpa/inet.h>
|
2018-01-23 11:47:34 +00:00
|
|
|
#include <libgen.h>
|
2018-01-19 07:13:06 +00:00
|
|
|
#if defined(__FreeBSD__) || defined(__DragonFly__) || defined(__OpenBSD__)
|
2017-03-17 09:50:37 +00:00
|
|
|
#include <netinet/in.h>
|
|
|
|
|
#endif
|
2016-08-16 10:28:48 +00:00
|
|
|
#include "bbs.h"
|
|
|
|
|
|
2016-08-19 05:23:04 +00:00
|
|
|
#define GET 1
|
|
|
|
|
#define POST 2
|
|
|
|
|
|
2016-08-20 09:22:40 +00:00
|
|
|
#define POSTBUFFERSIZE 65536
|
2016-08-19 05:23:04 +00:00
|
|
|
|
2016-08-16 10:28:48 +00:00
|
|
|
extern struct bbs_config conf;
|
2016-08-20 22:01:23 +00:00
|
|
|
extern char *ipaddress;
|
2016-08-16 10:28:48 +00:00
|
|
|
|
2016-08-17 00:55:03 +00:00
|
|
|
struct mime_type {
|
|
|
|
|
char *ext;
|
|
|
|
|
char *mime;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static struct mime_type **mime_types;
|
|
|
|
|
static int mime_types_count;
|
|
|
|
|
|
2016-08-19 05:23:04 +00:00
|
|
|
struct connection_info_s {
|
|
|
|
|
int connection_type;
|
|
|
|
|
struct user_record *user;
|
|
|
|
|
char *url;
|
|
|
|
|
char **keys;
|
|
|
|
|
char **values;
|
|
|
|
|
int count;
|
|
|
|
|
struct MHD_PostProcessor *pp;
|
|
|
|
|
};
|
|
|
|
|
|
2016-08-20 22:01:23 +00:00
|
|
|
void *www_logger(void * cls, const char * uri, struct MHD_Connection *con) {
|
2018-01-21 05:02:21 +00:00
|
|
|
struct sockaddr *so = (struct sockaddr *)MHD_get_connection_info(con, MHD_CONNECTION_INFO_CLIENT_ADDRESS)->client_addr;
|
2018-01-21 09:05:01 +00:00
|
|
|
char *ipaddr;
|
2018-01-21 05:02:21 +00:00
|
|
|
if (so->sa_family == AF_INET) {
|
2018-01-21 09:05:01 +00:00
|
|
|
ipaddr = (char *)malloc(INET_ADDRSTRLEN + 1);
|
|
|
|
|
inet_ntop(AF_INET, &((struct sockaddr_in *)so)->sin_addr, ipaddr, INET_ADDRSTRLEN);
|
2018-01-21 05:02:21 +00:00
|
|
|
} else if (so->sa_family == AF_INET6) {
|
2018-01-21 09:05:01 +00:00
|
|
|
ipaddr = (char *)malloc(INET6_ADDRSTRLEN + 1);
|
|
|
|
|
inet_ntop(AF_INET6, &((struct sockaddr_in6 *)so)->sin6_addr, ipaddr, INET6_ADDRSTRLEN);
|
2018-01-21 05:02:21 +00:00
|
|
|
}
|
2018-01-21 09:05:01 +00:00
|
|
|
dolog_www(ipaddr, "%s", uri);
|
|
|
|
|
free(ipaddr);
|
|
|
|
|
|
2016-08-20 22:01:23 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-19 05:23:04 +00:00
|
|
|
void www_request_completed(void *cls, struct MHD_Connection *connection, void **con_cls, enum MHD_RequestTerminationCode toe) {
|
|
|
|
|
struct connection_info_s *con_info = *con_cls;
|
|
|
|
|
int i;
|
|
|
|
|
if (con_info == NULL) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (con_info->connection_type == POST) {
|
|
|
|
|
|
|
|
|
|
if (con_info->count > 0) {
|
|
|
|
|
for (i=0;i<con_info->count;i++) {
|
|
|
|
|
free(con_info->values[i]);
|
|
|
|
|
free(con_info->keys[i]);
|
|
|
|
|
}
|
|
|
|
|
free(con_info->values);
|
|
|
|
|
free(con_info->keys);
|
|
|
|
|
}
|
2016-08-21 11:58:35 +00:00
|
|
|
|
|
|
|
|
if (con_info->pp != NULL) {
|
|
|
|
|
MHD_destroy_post_processor(con_info->pp);
|
|
|
|
|
}
|
2016-08-19 05:23:04 +00:00
|
|
|
}
|
2016-08-19 07:37:07 +00:00
|
|
|
if (con_info->user != NULL) {
|
|
|
|
|
free(con_info->user->loginname);
|
|
|
|
|
free(con_info->user->password);
|
|
|
|
|
free(con_info->user->firstname);
|
|
|
|
|
free(con_info->user->lastname);
|
|
|
|
|
free(con_info->user->email);
|
|
|
|
|
free(con_info->user->location);
|
|
|
|
|
free(con_info->user->sec_info);
|
2018-01-21 05:02:21 +00:00
|
|
|
free(con_info->user->signature);
|
2016-08-19 07:37:07 +00:00
|
|
|
free(con_info->user);
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-19 05:23:04 +00:00
|
|
|
free(con_info->url);
|
|
|
|
|
free(con_info);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int iterate_post (void *coninfo_cls, enum MHD_ValueKind kind, const char *key, const char *filename, const char *content_type, const char *transfer_encoding, const char *data, uint64_t off, size_t size) {
|
|
|
|
|
struct connection_info_s *con_info = coninfo_cls;
|
|
|
|
|
|
|
|
|
|
int i;
|
2016-08-21 11:58:35 +00:00
|
|
|
|
|
|
|
|
if (size == 0) {
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2016-08-19 05:23:04 +00:00
|
|
|
if (con_info != NULL) {
|
|
|
|
|
if (con_info->connection_type == POST) {
|
|
|
|
|
for (i=0;i<con_info->count;i++) {
|
|
|
|
|
if (strcmp(con_info->keys[i], key) == 0) {
|
2016-08-20 09:27:34 +00:00
|
|
|
con_info->values[i] = (char *)realloc(con_info->values[i], strlen(con_info->values[i]) + size + 1);
|
2016-08-19 05:23:04 +00:00
|
|
|
strcat(con_info->values[i], data);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (con_info->count == 0) {
|
|
|
|
|
con_info->keys = (char **)malloc(sizeof(char *));
|
|
|
|
|
con_info->values = (char **)malloc(sizeof(char *));
|
|
|
|
|
} else {
|
|
|
|
|
con_info->keys = (char **)realloc(con_info->keys, sizeof(char *) * (con_info->count + 1));
|
|
|
|
|
con_info->values = (char **)realloc(con_info->values, sizeof(char *) * (con_info->count + 1));
|
|
|
|
|
}
|
|
|
|
|
con_info->keys[con_info->count] = strdup(key);
|
2016-08-20 09:27:34 +00:00
|
|
|
con_info->values[con_info->count] = strdup(data);
|
2016-08-19 05:23:04 +00:00
|
|
|
con_info->count++;
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
} else {
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-17 00:55:03 +00:00
|
|
|
void www_init() {
|
|
|
|
|
FILE *fptr;
|
2018-01-21 09:05:01 +00:00
|
|
|
char buffer[PATH_MAX];
|
2016-08-17 00:55:03 +00:00
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
mime_types_count = 0;
|
|
|
|
|
|
2018-01-21 09:05:01 +00:00
|
|
|
snprintf(buffer, PATH_MAX, "%s/mime.types", conf.www_path);
|
2016-08-17 00:55:03 +00:00
|
|
|
|
|
|
|
|
fptr = fopen(buffer, "r");
|
|
|
|
|
if (!fptr) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2018-01-21 09:05:01 +00:00
|
|
|
fgets(buffer, 256, fptr);
|
2016-08-17 00:55:03 +00:00
|
|
|
while (!feof(fptr)) {
|
|
|
|
|
chomp(buffer);
|
|
|
|
|
|
|
|
|
|
for (i=0;i<strlen(buffer);i++) {
|
|
|
|
|
if (buffer[i] == ' ') {
|
|
|
|
|
buffer[i] = '\0';
|
|
|
|
|
if (mime_types_count == 0) {
|
|
|
|
|
mime_types = (struct mime_type **)malloc(sizeof(struct mime_type *));
|
|
|
|
|
} else {
|
|
|
|
|
mime_types = (struct mime_type **)realloc(mime_types, sizeof(struct mime_type *) * (mime_types_count + 1));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mime_types[mime_types_count] = (struct mime_type *)malloc(sizeof(struct mime_type));
|
|
|
|
|
|
|
|
|
|
mime_types[mime_types_count]->mime = strdup(buffer);
|
|
|
|
|
mime_types[mime_types_count]->ext = strdup(&buffer[i+1]);
|
|
|
|
|
|
|
|
|
|
mime_types_count++;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-21 09:05:01 +00:00
|
|
|
fgets(buffer, 256, fptr);
|
2016-08-17 00:55:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fclose(fptr);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char *www_get_mime_type(const char *extension) {
|
|
|
|
|
int i;
|
|
|
|
|
static char default_mime_type[] = "application/octet-stream";
|
|
|
|
|
|
2018-01-21 09:05:01 +00:00
|
|
|
if (extension == NULL) {
|
|
|
|
|
return default_mime_type;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-17 00:55:03 +00:00
|
|
|
for (i=0;i<mime_types_count;i++) {
|
|
|
|
|
if (strcasecmp(extension, mime_types[i]->ext) == 0) {
|
|
|
|
|
return mime_types[i]->mime;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return default_mime_type;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-17 09:26:01 +00:00
|
|
|
int www_401(char *header, char *footer, struct MHD_Connection * connection) {
|
2018-01-21 09:05:01 +00:00
|
|
|
char buffer[PATH_MAX];
|
2018-01-21 05:02:21 +00:00
|
|
|
char *page, *page_tmp;
|
2016-08-17 09:26:01 +00:00
|
|
|
struct stat s;
|
|
|
|
|
char *whole_page;
|
|
|
|
|
struct MHD_Response *response;
|
|
|
|
|
int ret;
|
|
|
|
|
FILE *fptr;
|
|
|
|
|
|
2018-01-21 09:05:01 +00:00
|
|
|
snprintf(buffer, PATH_MAX, "%s/401.tpl", conf.www_path);
|
2016-08-17 09:26:01 +00:00
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
page_tmp = NULL;
|
2016-08-17 09:26:01 +00:00
|
|
|
|
|
|
|
|
if (stat(buffer, &s) == 0) {
|
2018-01-21 05:02:21 +00:00
|
|
|
page_tmp = (char *)malloc(s.st_size + 1);
|
|
|
|
|
if (page_tmp == NULL) {
|
2016-08-17 09:26:01 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
memset(page_tmp, 0, s.st_size + 1);
|
2016-08-17 09:26:01 +00:00
|
|
|
fptr = fopen(buffer, "r");
|
|
|
|
|
if (fptr) {
|
2018-01-21 05:02:21 +00:00
|
|
|
fread(page_tmp, s.st_size, 1, fptr);
|
2016-08-17 09:26:01 +00:00
|
|
|
fclose(fptr);
|
|
|
|
|
} else {
|
2018-01-21 05:02:21 +00:00
|
|
|
free(page_tmp);
|
|
|
|
|
page_tmp = NULL;
|
2016-08-17 09:26:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
if (page_tmp == NULL) {
|
|
|
|
|
page_tmp = (char *)malloc(16);
|
|
|
|
|
if (page_tmp == NULL) {
|
2016-08-17 09:26:01 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
sprintf(page_tmp, "Missing Content");
|
2016-08-17 09:26:01 +00:00
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
|
|
|
|
|
page = str_replace(page_tmp, "@@WWW_URL@@", conf.www_url);
|
|
|
|
|
free(page_tmp);
|
|
|
|
|
|
2016-08-17 09:26:01 +00:00
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
|
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
|
|
|
|
|
2016-08-20 21:27:24 +00:00
|
|
|
response = MHD_create_response_from_buffer (strlen(whole_page), (void*)whole_page, MHD_RESPMEM_MUST_FREE);
|
2016-08-17 09:26:01 +00:00
|
|
|
|
|
|
|
|
MHD_add_response_header(response, "WWW-Authenticate", "Basic realm=\"BBS Area\"");
|
|
|
|
|
|
|
|
|
|
ret = MHD_queue_response (connection, 401, response);
|
|
|
|
|
MHD_destroy_response (response);
|
|
|
|
|
free(page);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-17 00:55:03 +00:00
|
|
|
int www_404(char *header, char *footer, struct MHD_Connection * connection) {
|
2018-01-21 09:05:01 +00:00
|
|
|
char buffer[PATH_MAX];
|
2018-01-21 05:02:21 +00:00
|
|
|
char *page, *page_tmp;
|
2016-08-17 00:55:03 +00:00
|
|
|
struct stat s;
|
|
|
|
|
char *whole_page;
|
|
|
|
|
struct MHD_Response *response;
|
|
|
|
|
int ret;
|
|
|
|
|
FILE *fptr;
|
|
|
|
|
|
2018-01-21 09:05:01 +00:00
|
|
|
snprintf(buffer, PATH_MAX, "%s/404.tpl", conf.www_path);
|
2016-08-17 00:55:03 +00:00
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
page_tmp = NULL;
|
2016-08-17 00:55:03 +00:00
|
|
|
|
|
|
|
|
if (stat(buffer, &s) == 0) {
|
2018-01-21 05:02:21 +00:00
|
|
|
page_tmp = (char *)malloc(s.st_size + 1);
|
|
|
|
|
if (page_tmp == NULL) {
|
2016-08-17 00:55:03 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
memset(page_tmp, 0, s.st_size + 1);
|
2016-08-17 00:55:03 +00:00
|
|
|
fptr = fopen(buffer, "r");
|
|
|
|
|
if (fptr) {
|
2018-01-21 05:02:21 +00:00
|
|
|
fread(page_tmp, s.st_size, 1, fptr);
|
2016-08-17 00:55:03 +00:00
|
|
|
fclose(fptr);
|
|
|
|
|
} else {
|
2018-01-21 05:02:21 +00:00
|
|
|
free(page_tmp);
|
2016-08-17 00:55:03 +00:00
|
|
|
page = NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
if (page_tmp == NULL) {
|
|
|
|
|
page_tmp = (char *)malloc(16);
|
|
|
|
|
if (page_tmp == NULL) {
|
2016-08-17 00:55:03 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
sprintf(page_tmp, "Missing Content");
|
2016-08-17 00:55:03 +00:00
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
|
|
|
|
|
page = str_replace(page_tmp, "@@WWW_URL@@", conf.www_url);
|
|
|
|
|
free(page_tmp);
|
|
|
|
|
|
2016-08-17 00:55:03 +00:00
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
|
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
|
|
|
|
|
2016-08-20 21:27:24 +00:00
|
|
|
response = MHD_create_response_from_buffer (strlen(whole_page), (void*)whole_page, MHD_RESPMEM_MUST_FREE);
|
2016-08-17 00:55:03 +00:00
|
|
|
|
|
|
|
|
ret = MHD_queue_response (connection, MHD_HTTP_NOT_FOUND, response);
|
|
|
|
|
MHD_destroy_response (response);
|
|
|
|
|
free(page);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int www_403(char *header, char *footer, struct MHD_Connection * connection) {
|
2018-01-21 09:05:01 +00:00
|
|
|
char buffer[PATH_MAX];
|
2018-01-21 05:02:21 +00:00
|
|
|
char *page, *page_tmp;
|
2016-08-17 00:55:03 +00:00
|
|
|
struct stat s;
|
|
|
|
|
char *whole_page;
|
|
|
|
|
struct MHD_Response *response;
|
|
|
|
|
int ret;
|
|
|
|
|
FILE *fptr;
|
2018-01-25 10:25:17 +00:00
|
|
|
char *endptr;
|
2016-08-17 00:55:03 +00:00
|
|
|
|
2018-01-21 09:05:01 +00:00
|
|
|
snprintf(buffer, PATH_MAX, "%s/403.tpl", conf.www_path);
|
2016-08-17 00:55:03 +00:00
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
page_tmp = NULL;
|
2016-08-17 00:55:03 +00:00
|
|
|
|
|
|
|
|
if (stat(buffer, &s) == 0) {
|
2018-01-21 05:02:21 +00:00
|
|
|
page_tmp = (char *)malloc(s.st_size + 1);
|
|
|
|
|
if (page_tmp == NULL) {
|
2016-08-17 00:55:03 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
memset(page_tmp, 0, s.st_size + 1);
|
2016-08-17 00:55:03 +00:00
|
|
|
fptr = fopen(buffer, "r");
|
|
|
|
|
if (fptr) {
|
2018-01-21 05:02:21 +00:00
|
|
|
fread(page_tmp, s.st_size, 1, fptr);
|
2016-08-17 00:55:03 +00:00
|
|
|
fclose(fptr);
|
|
|
|
|
} else {
|
2018-01-21 05:02:21 +00:00
|
|
|
free(page_tmp);
|
|
|
|
|
page_tmp = NULL;
|
2016-08-17 00:55:03 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
if (page_tmp == NULL) {
|
|
|
|
|
page_tmp = (char *)malloc(16);
|
|
|
|
|
if (page_tmp == NULL) {
|
2016-08-17 00:55:03 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
sprintf(page_tmp, "Missing Content");
|
2016-08-17 00:55:03 +00:00
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
|
|
|
|
|
page = str_replace(page_tmp, "@@WWW_URL@@", conf.www_url);
|
|
|
|
|
free(page_tmp);
|
|
|
|
|
|
2016-08-17 00:55:03 +00:00
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
|
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
|
|
|
|
|
2016-08-20 21:27:24 +00:00
|
|
|
response = MHD_create_response_from_buffer (strlen(whole_page), (void*)whole_page, MHD_RESPMEM_MUST_FREE);
|
2016-08-17 00:55:03 +00:00
|
|
|
|
|
|
|
|
ret = MHD_queue_response (connection, MHD_HTTP_NOT_FOUND, response);
|
|
|
|
|
MHD_destroy_response (response);
|
|
|
|
|
free(page);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-17 09:26:01 +00:00
|
|
|
struct user_record *www_auth_ok(struct MHD_Connection *connection, const char *url) {
|
2017-10-02 09:31:42 +00:00
|
|
|
char *ptr = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, "Authorization");
|
|
|
|
|
char *user_password;
|
2016-08-17 09:26:01 +00:00
|
|
|
base64_decodestate state;
|
|
|
|
|
char decoded_pass[34];
|
|
|
|
|
int len;
|
|
|
|
|
char *username;
|
|
|
|
|
char *password;
|
|
|
|
|
int i;
|
2017-10-02 09:31:42 +00:00
|
|
|
struct user_record *u;
|
2016-08-17 09:26:01 +00:00
|
|
|
|
2017-10-02 09:31:42 +00:00
|
|
|
if (ptr == NULL) {
|
2016-08-17 09:26:01 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-02 09:31:42 +00:00
|
|
|
user_password = strdup(ptr);
|
|
|
|
|
|
2016-08-17 09:26:01 +00:00
|
|
|
if (strncasecmp(user_password, "basic ", 6) == 0) {
|
|
|
|
|
if (strlen(&user_password[6]) <= 48) {
|
|
|
|
|
base64_init_decodestate(&state);
|
|
|
|
|
len = base64_decode_block(&user_password[6], strlen(&user_password[6]), decoded_pass, &state);
|
|
|
|
|
decoded_pass[len] = '\0';
|
|
|
|
|
|
|
|
|
|
username = decoded_pass;
|
|
|
|
|
for (i=0;i<strlen(decoded_pass);i++) {
|
|
|
|
|
if (decoded_pass[i] == ':') {
|
|
|
|
|
decoded_pass[i] = '\0';
|
|
|
|
|
password = &decoded_pass[i+1];
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-10-02 09:31:42 +00:00
|
|
|
u = check_user_pass(username, password);
|
|
|
|
|
free(user_password);
|
|
|
|
|
|
|
|
|
|
return u;
|
2016-08-17 09:26:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
2017-10-02 09:31:42 +00:00
|
|
|
free(user_password);
|
2016-08-17 09:26:01 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-16 10:28:48 +00:00
|
|
|
int www_handler(void * cls, struct MHD_Connection * connection, const char * url, const char * method, const char * version, const char * upload_data, size_t * upload_data_size, void ** ptr) {
|
|
|
|
|
struct MHD_Response *response;
|
|
|
|
|
|
|
|
|
|
int ret;
|
2018-01-21 05:02:21 +00:00
|
|
|
char *page, *page_tmp;
|
2018-01-21 09:05:01 +00:00
|
|
|
char buffer[PATH_MAX];
|
2016-08-16 10:28:48 +00:00
|
|
|
struct stat s;
|
2018-01-21 05:02:21 +00:00
|
|
|
char *header, *header_tmp;
|
|
|
|
|
char *footer, *footer_tmp;
|
2016-08-16 10:28:48 +00:00
|
|
|
char *whole_page;
|
|
|
|
|
FILE *fptr;
|
2016-08-17 00:55:03 +00:00
|
|
|
char *mime;
|
|
|
|
|
int i;
|
|
|
|
|
int fno;
|
2016-08-17 09:26:01 +00:00
|
|
|
const char *url_ = url;
|
2016-08-19 05:23:04 +00:00
|
|
|
char *subj, *to, *body;
|
|
|
|
|
struct connection_info_s *con_inf;
|
2016-08-20 03:52:02 +00:00
|
|
|
int conference, area, msg;
|
|
|
|
|
char *url_copy;
|
|
|
|
|
char *aptr;
|
|
|
|
|
const char *val;
|
|
|
|
|
int skip;
|
|
|
|
|
char *replyid;
|
2018-01-23 10:57:58 +00:00
|
|
|
char *filename;
|
2018-01-25 10:25:17 +00:00
|
|
|
int email;
|
|
|
|
|
char *endptr;
|
2018-02-15 04:43:37 +00:00
|
|
|
int file_dir;
|
|
|
|
|
int file_sub;
|
|
|
|
|
char *filen;
|
2018-01-21 09:05:01 +00:00
|
|
|
// char *static_buffer;
|
|
|
|
|
|
2018-01-25 10:34:26 +00:00
|
|
|
page = NULL;
|
|
|
|
|
|
2016-08-19 05:23:04 +00:00
|
|
|
if (strcmp(method, "GET") == 0) {
|
|
|
|
|
if (*ptr == NULL) {
|
|
|
|
|
con_inf = (struct connection_info_s *)malloc(sizeof(struct connection_info_s));
|
|
|
|
|
if (!con_inf) {
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
con_inf->connection_type = GET;
|
|
|
|
|
con_inf->user = NULL;
|
|
|
|
|
con_inf->count = 0;
|
|
|
|
|
con_inf->url = strdup(url);
|
2016-08-21 11:58:35 +00:00
|
|
|
con_inf->pp = NULL;
|
2016-08-19 05:23:04 +00:00
|
|
|
*ptr = con_inf;
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
|
|
|
|
} else if (strcmp(method, "POST") == 0) {
|
|
|
|
|
if (*ptr == NULL) {
|
|
|
|
|
con_inf = (struct connection_info_s *)malloc(sizeof(struct connection_info_s));
|
|
|
|
|
if (!con_inf) {
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
con_inf->connection_type = POST;
|
|
|
|
|
con_inf->user = NULL;
|
|
|
|
|
con_inf->count = 0;
|
|
|
|
|
con_inf->url = strdup(url);
|
2016-08-21 11:58:35 +00:00
|
|
|
con_inf->pp = NULL;
|
2016-08-19 05:23:04 +00:00
|
|
|
*ptr = con_inf;
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
2016-08-21 02:41:50 +00:00
|
|
|
} else {
|
|
|
|
|
return MHD_NO;
|
2016-08-17 09:26:01 +00:00
|
|
|
}
|
2016-08-19 05:23:04 +00:00
|
|
|
|
|
|
|
|
con_inf = *ptr;
|
2016-08-16 10:28:48 +00:00
|
|
|
|
2018-01-21 09:05:01 +00:00
|
|
|
snprintf(buffer, PATH_MAX, "%s/header.tpl", conf.www_path);
|
2016-08-16 10:28:48 +00:00
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
header_tmp = NULL;
|
2016-08-16 10:28:48 +00:00
|
|
|
|
|
|
|
|
if (stat(buffer, &s) == 0) {
|
2018-01-21 05:02:21 +00:00
|
|
|
header_tmp = (char *)malloc(s.st_size + 1);
|
|
|
|
|
if (header_tmp == NULL) {
|
2016-08-16 10:28:48 +00:00
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
memset(header_tmp, 0, s.st_size + 1);
|
2016-08-16 10:28:48 +00:00
|
|
|
fptr = fopen(buffer, "r");
|
|
|
|
|
if (fptr) {
|
2018-01-21 05:02:21 +00:00
|
|
|
fread(header_tmp, s.st_size, 1, fptr);
|
2016-08-16 10:28:48 +00:00
|
|
|
fclose(fptr);
|
|
|
|
|
} else {
|
2018-01-21 05:02:21 +00:00
|
|
|
free(header_tmp);
|
|
|
|
|
header_tmp = NULL;
|
2016-08-16 10:28:48 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
if (header_tmp == NULL) {
|
|
|
|
|
header_tmp = (char *)malloc(strlen(conf.bbs_name) * 2 + 61);
|
|
|
|
|
if (header_tmp == NULL) {
|
2016-08-16 10:28:48 +00:00
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
sprintf(header_tmp, "<HTML>\n<HEAD>\n<TITLE>%s</TITLE>\n</HEAD>\n<BODY>\n<H1>%s</H1><HR />", conf.bbs_name, conf.bbs_name);
|
2016-08-16 10:28:48 +00:00
|
|
|
}
|
|
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
header = str_replace(header_tmp, "@@WWW_URL@@", conf.www_url);
|
|
|
|
|
free(header_tmp);
|
|
|
|
|
|
2018-01-21 09:05:01 +00:00
|
|
|
snprintf(buffer, PATH_MAX, "%s/footer.tpl", conf.www_path);
|
2016-08-16 10:28:48 +00:00
|
|
|
|
2018-01-21 09:05:01 +00:00
|
|
|
footer_tmp = NULL;
|
2016-08-16 10:28:48 +00:00
|
|
|
|
|
|
|
|
if (stat(buffer, &s) == 0) {
|
2018-01-21 05:02:21 +00:00
|
|
|
footer_tmp = (char *)malloc(s.st_size + 1);
|
|
|
|
|
if (footer_tmp == NULL) {
|
2016-08-16 10:28:48 +00:00
|
|
|
free(header);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
memset(footer_tmp, 0, s.st_size + 1);
|
2016-08-16 10:28:48 +00:00
|
|
|
fptr = fopen(buffer, "r");
|
|
|
|
|
if (fptr) {
|
2018-01-21 05:02:21 +00:00
|
|
|
fread(footer_tmp, s.st_size, 1, fptr);
|
2016-08-16 10:28:48 +00:00
|
|
|
fclose(fptr);
|
|
|
|
|
} else {
|
2018-01-21 05:02:21 +00:00
|
|
|
free(footer_tmp);
|
|
|
|
|
footer_tmp = NULL;
|
2016-08-16 10:28:48 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
if (footer_tmp == NULL) {
|
|
|
|
|
footer_tmp = (char *)malloc(43);
|
|
|
|
|
if (footer_tmp == NULL) {
|
2016-08-16 10:28:48 +00:00
|
|
|
free(header);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
sprintf(footer_tmp, "<HR />Powered by Magicka BBS</BODY></HTML>");
|
2016-08-16 10:28:48 +00:00
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
|
|
|
|
|
footer = str_replace(footer_tmp, "@@WWW_URL@@", conf.www_url);
|
|
|
|
|
free(footer_tmp);
|
|
|
|
|
|
2016-08-16 10:28:48 +00:00
|
|
|
if (strcmp(method, "GET") == 0) {
|
|
|
|
|
if (strcasecmp(url, "/") == 0) {
|
|
|
|
|
|
2018-01-21 09:05:01 +00:00
|
|
|
snprintf(buffer, PATH_MAX, "%s/index.tpl", conf.www_path);
|
2016-08-16 10:28:48 +00:00
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
page_tmp = NULL;
|
2016-08-16 10:28:48 +00:00
|
|
|
|
|
|
|
|
if (stat(buffer, &s) == 0) {
|
2018-01-21 05:02:21 +00:00
|
|
|
page_tmp = (char *)malloc(s.st_size + 1);
|
|
|
|
|
if (page_tmp == NULL) {
|
2016-08-16 10:28:48 +00:00
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
memset(page_tmp, 0, s.st_size + 1);
|
2016-08-16 10:28:48 +00:00
|
|
|
fptr = fopen(buffer, "r");
|
|
|
|
|
if (fptr) {
|
2018-01-21 05:02:21 +00:00
|
|
|
fread(page_tmp, s.st_size, 1, fptr);
|
2016-08-16 10:28:48 +00:00
|
|
|
fclose(fptr);
|
|
|
|
|
} else {
|
2018-01-21 05:02:21 +00:00
|
|
|
free(page_tmp);
|
|
|
|
|
page_tmp = NULL;
|
2016-08-16 10:28:48 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-21 05:02:21 +00:00
|
|
|
if (page_tmp == NULL) {
|
|
|
|
|
page_tmp = (char *)malloc(16);
|
|
|
|
|
if (page_tmp == NULL) {
|
2016-08-16 10:28:48 +00:00
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
sprintf(page_tmp, "Missing Content");
|
2016-08-16 10:28:48 +00:00
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
|
|
|
|
|
page = str_replace(page_tmp, "@@WWW_URL@@", conf.www_url);
|
|
|
|
|
free(page_tmp);
|
|
|
|
|
|
2016-08-16 10:28:48 +00:00
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
2016-08-21 05:02:18 +00:00
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
|
|
|
|
} else if (strcasecmp(url, "/last10/") == 0 || strcasecmp(url, "/last10") == 0) {
|
|
|
|
|
page = www_last10();
|
|
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
2016-08-17 09:26:01 +00:00
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
2016-08-19 02:32:04 +00:00
|
|
|
} else if (strcasecmp(url, "/email/") == 0 || strcasecmp(url, "/email") == 0) {
|
2016-08-19 07:37:07 +00:00
|
|
|
con_inf->user = www_auth_ok(connection, url_);
|
2016-08-17 09:26:01 +00:00
|
|
|
|
2016-08-19 07:37:07 +00:00
|
|
|
if (con_inf->user == NULL) {
|
2016-08-17 09:26:01 +00:00
|
|
|
www_401(header, footer, connection);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
2016-08-19 07:37:07 +00:00
|
|
|
page = www_email_summary(con_inf->user);
|
2016-08-17 09:26:01 +00:00
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
2016-08-19 02:32:04 +00:00
|
|
|
|
2016-08-16 10:28:48 +00:00
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
2016-08-19 05:23:04 +00:00
|
|
|
} else if(strcasecmp(url, "/email/new") == 0) {
|
2016-08-19 07:37:07 +00:00
|
|
|
con_inf->user = www_auth_ok(connection, url_);
|
2016-08-19 05:23:04 +00:00
|
|
|
|
2016-08-19 07:37:07 +00:00
|
|
|
if (con_inf->user == NULL) {
|
2016-08-19 05:23:04 +00:00
|
|
|
www_401(header, footer, connection);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
|
|
|
|
page = www_new_email();
|
|
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
2016-08-19 07:37:07 +00:00
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
|
|
|
|
} else if (strncasecmp(url, "/email/delete/", 14) == 0) {
|
|
|
|
|
con_inf->user = www_auth_ok(connection, url_);
|
|
|
|
|
|
|
|
|
|
if (con_inf->user == NULL) {
|
|
|
|
|
www_401(header, footer, connection);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
2018-01-25 10:25:17 +00:00
|
|
|
email = strtol(&url[14], &endptr, 10);
|
|
|
|
|
if (email == -1 || !www_email_delete(con_inf->user, email)) {
|
2016-08-19 07:37:07 +00:00
|
|
|
page = (char *)malloc(31);
|
|
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
sprintf(page, "<h1>Error Deleting Email.</h1>");
|
|
|
|
|
} else {
|
|
|
|
|
page = (char *)malloc(24);
|
|
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
sprintf(page, "<h1>Email Deleted!</h1>");
|
|
|
|
|
}
|
|
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
2016-08-19 05:23:04 +00:00
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
2016-08-19 02:32:04 +00:00
|
|
|
} else if (strncasecmp(url, "/email/", 7) == 0) {
|
2016-08-19 07:37:07 +00:00
|
|
|
con_inf->user = www_auth_ok(connection, url_);
|
2016-08-19 02:32:04 +00:00
|
|
|
|
2016-08-19 07:37:07 +00:00
|
|
|
if (con_inf->user == NULL) {
|
2016-08-19 02:32:04 +00:00
|
|
|
www_401(header, footer, connection);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
2018-01-25 10:25:17 +00:00
|
|
|
email = strtol(&url[7], &endptr, 10);
|
|
|
|
|
if (email == -1) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
page = www_email_display(con_inf->user, email);
|
2016-08-19 02:32:04 +00:00
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
2016-08-20 03:52:02 +00:00
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
|
|
|
|
} else if (strcasecmp(url, "/msgs/") == 0 || strcasecmp(url, "/msgs") == 0) {
|
|
|
|
|
con_inf->user = www_auth_ok(connection, url_);
|
|
|
|
|
|
|
|
|
|
if (con_inf->user == NULL) {
|
|
|
|
|
www_401(header, footer, connection);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
|
|
|
|
page = www_msgs_arealist(con_inf->user);
|
|
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
|
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
|
|
|
|
} else if (strncasecmp(url, "/msgs/new/", 10) == 0) {
|
|
|
|
|
con_inf->user = www_auth_ok(connection, url_);
|
|
|
|
|
|
|
|
|
|
if (con_inf->user == NULL) {
|
|
|
|
|
www_401(header, footer, connection);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
|
|
|
|
conference = -1;
|
|
|
|
|
area = -1;
|
|
|
|
|
url_copy = strdup(&url[10]);
|
|
|
|
|
|
|
|
|
|
aptr = strtok(url_copy, "/");
|
|
|
|
|
if (aptr != NULL) {
|
2018-01-25 10:25:17 +00:00
|
|
|
conference = strtol(aptr, &endptr, 10);
|
|
|
|
|
if (endptr == aptr) {
|
|
|
|
|
conference = -1;
|
|
|
|
|
}
|
2016-08-20 03:52:02 +00:00
|
|
|
aptr = strtok(NULL, "/");
|
|
|
|
|
if (aptr != NULL) {
|
2018-01-25 10:25:17 +00:00
|
|
|
area = strtol(aptr, &endptr, 10);
|
|
|
|
|
if (endptr == aptr) {
|
|
|
|
|
area = -1;
|
|
|
|
|
}
|
2016-08-20 03:52:02 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
free(url_copy);
|
|
|
|
|
|
|
|
|
|
if (area != -1 && conference != -1) {
|
|
|
|
|
page = www_new_msg(con_inf->user, conference, area);
|
|
|
|
|
} else {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
2016-08-19 02:32:04 +00:00
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
2016-08-20 03:52:02 +00:00
|
|
|
} else if (strncasecmp(url, "/msgs/", 6) == 0) {
|
|
|
|
|
con_inf->user = www_auth_ok(connection, url_);
|
|
|
|
|
|
|
|
|
|
if (con_inf->user == NULL) {
|
|
|
|
|
www_401(header, footer, connection);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
|
|
|
|
conference = -1;
|
|
|
|
|
area = -1;
|
|
|
|
|
msg = -1;
|
|
|
|
|
url_copy = strdup(&url[6]);
|
|
|
|
|
|
|
|
|
|
aptr = strtok(url_copy, "/");
|
|
|
|
|
if (aptr != NULL) {
|
2018-01-25 10:25:17 +00:00
|
|
|
conference = strtol(aptr, &endptr, 10);
|
|
|
|
|
if (endptr == aptr) {
|
|
|
|
|
conference = -1;
|
|
|
|
|
}
|
2016-08-20 03:52:02 +00:00
|
|
|
aptr = strtok(NULL, "/");
|
|
|
|
|
if (aptr != NULL) {
|
2018-01-25 10:25:17 +00:00
|
|
|
area = strtol(aptr, &endptr, 10);
|
|
|
|
|
if (endptr == aptr) {
|
|
|
|
|
area = -1;
|
|
|
|
|
}
|
2016-08-20 03:52:02 +00:00
|
|
|
aptr = strtok(NULL, "/");
|
|
|
|
|
if (aptr != NULL) {
|
2018-01-25 10:25:17 +00:00
|
|
|
msg = strtol(aptr, &endptr, 10);
|
|
|
|
|
if (endptr == aptr) {
|
|
|
|
|
msg = -1;
|
|
|
|
|
}
|
2016-08-20 03:52:02 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
free(url_copy);
|
|
|
|
|
|
|
|
|
|
val = MHD_lookup_connection_value (connection, MHD_GET_ARGUMENT_KIND, "skip");
|
|
|
|
|
|
|
|
|
|
if (val != NULL) {
|
|
|
|
|
skip = atoi(val);
|
|
|
|
|
} else {
|
|
|
|
|
skip = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (conference != -1 && area != -1 && msg == -1) {
|
|
|
|
|
page = www_msgs_messagelist(con_inf->user, conference, area, skip);
|
|
|
|
|
} else if (conference != -1 && area != -1 && msg != -1) {
|
|
|
|
|
page = www_msgs_messageview(con_inf->user, conference, area, msg);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (page == NULL) {
|
2016-08-21 03:54:31 +00:00
|
|
|
if (www_403(header, footer, connection) != 0) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
2016-08-20 03:52:02 +00:00
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
2016-08-21 03:54:31 +00:00
|
|
|
return MHD_YES;
|
2016-08-20 03:52:02 +00:00
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
|
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
2016-08-16 10:28:48 +00:00
|
|
|
} else if (strncasecmp(url, "/static/", 8) == 0) {
|
|
|
|
|
// sanatize path
|
2016-08-17 00:55:03 +00:00
|
|
|
if (strstr(url, "/..") != NULL) {
|
2018-01-21 09:05:01 +00:00
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
2016-08-17 00:55:03 +00:00
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
2018-01-21 09:05:01 +00:00
|
|
|
|
|
|
|
|
mime = NULL;
|
2016-08-17 00:55:03 +00:00
|
|
|
// get mimetype
|
|
|
|
|
for (i=strlen(url);i>0;--i) {
|
|
|
|
|
if (url[i] == '.') {
|
|
|
|
|
mime = www_get_mime_type(&url[i+1]);
|
|
|
|
|
break;
|
|
|
|
|
}
|
2018-01-21 09:05:01 +00:00
|
|
|
if (url[i] == '/') {
|
|
|
|
|
mime = www_get_mime_type(NULL);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (mime = NULL) {
|
|
|
|
|
mime = www_get_mime_type(NULL);
|
2016-08-17 00:55:03 +00:00
|
|
|
}
|
2018-01-21 09:05:01 +00:00
|
|
|
|
|
|
|
|
|
2016-08-16 10:28:48 +00:00
|
|
|
// load file
|
2016-08-17 00:55:03 +00:00
|
|
|
|
|
|
|
|
sprintf(buffer, "%s%s", conf.www_path, url);
|
|
|
|
|
if (stat(buffer, &s) == 0 && S_ISREG(s.st_mode)) {
|
|
|
|
|
fno = open(buffer, O_RDONLY);
|
|
|
|
|
if (fno != -1) {
|
2018-01-21 09:05:01 +00:00
|
|
|
|
|
|
|
|
//static_buffer = (char *)malloc(s.st_size + 1);
|
|
|
|
|
//read(fno, static_buffer, s.st_size);
|
2016-08-17 00:55:03 +00:00
|
|
|
response = MHD_create_response_from_fd(s.st_size, fno);
|
2018-01-21 09:05:01 +00:00
|
|
|
//response = MHD_create_response_from_buffer (s.st_size, (void*) static_buffer, MHD_RESPMEM_MUST_FREE);
|
2016-08-17 00:55:03 +00:00
|
|
|
MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_TYPE, mime);
|
|
|
|
|
ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
|
|
|
|
|
MHD_destroy_response (response);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
2018-01-21 05:02:21 +00:00
|
|
|
return ret;
|
2016-08-17 00:55:03 +00:00
|
|
|
} else {
|
|
|
|
|
if (www_403(header, footer, connection) != 0) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (www_404(header, footer, connection) != 0) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
2018-02-15 04:43:37 +00:00
|
|
|
} else if (strcasecmp(url, "/files/areas/") == 0 || strcasecmp(url, "/files/areas") == 0) {
|
|
|
|
|
page = www_files_areas();
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
|
|
|
|
} else if (strncasecmp(url, "/files/areas/", 13) == 0) {
|
|
|
|
|
file_dir = -1;
|
|
|
|
|
file_sub = -1;
|
|
|
|
|
filen = NULL;
|
|
|
|
|
url_copy = strdup(&url[13]);
|
|
|
|
|
|
|
|
|
|
aptr = strtok(url_copy, "/");
|
|
|
|
|
if (aptr != NULL) {
|
|
|
|
|
file_dir = strtol(aptr, &endptr, 10);
|
|
|
|
|
if (endptr == aptr) {
|
|
|
|
|
file_dir = -1;
|
|
|
|
|
}
|
|
|
|
|
aptr = strtok(NULL, "/");
|
|
|
|
|
if (aptr != NULL) {
|
|
|
|
|
file_sub = strtol(aptr, &endptr, 10);
|
|
|
|
|
if (endptr == aptr) {
|
|
|
|
|
file_sub = -1;
|
|
|
|
|
}
|
|
|
|
|
aptr = strtok(NULL, "/");
|
|
|
|
|
if (aptr != NULL) {
|
|
|
|
|
filen = strdup(aptr);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
free(url_copy);
|
|
|
|
|
|
|
|
|
|
if (file_dir != -1 && file_sub != -1 && filen == NULL) {
|
2018-02-20 02:18:22 +00:00
|
|
|
if (file_dir >= 0 && file_dir < conf.file_directory_count && file_sub >= 0 && file_sub < conf.file_directories[file_dir]->file_sub_count) {
|
|
|
|
|
if (conf.file_directories[file_dir]->display_on_web) {
|
|
|
|
|
page = www_files_display_listing(file_dir, file_sub);
|
|
|
|
|
}
|
2018-02-15 04:43:37 +00:00
|
|
|
}
|
|
|
|
|
} else if (file_dir != -1 && file_sub != -1 && filen != NULL) {
|
2018-02-20 02:18:22 +00:00
|
|
|
if (file_dir >= 0 && file_dir < conf.file_directory_count && file_sub >= 0 && file_sub < conf.file_directories[file_dir]->file_sub_count) {
|
|
|
|
|
if (conf.file_directories[file_dir]->display_on_web) {
|
|
|
|
|
// send file
|
|
|
|
|
filename = www_files_get_from_area(file_dir, file_sub, filen);
|
|
|
|
|
free(filen);
|
|
|
|
|
if (filename != NULL) {
|
2018-02-22 11:27:50 +00:00
|
|
|
mime = NULL;
|
|
|
|
|
// get mimetype
|
|
|
|
|
for (i=strlen(filename);i>0;--i) {
|
|
|
|
|
if (filename[i] == '.') {
|
|
|
|
|
mime = www_get_mime_type(&filename[i+1]);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (filename[i] == '/') {
|
|
|
|
|
mime = www_get_mime_type(NULL);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (mime = NULL) {
|
|
|
|
|
mime = www_get_mime_type(NULL);
|
|
|
|
|
}
|
2018-02-20 02:18:22 +00:00
|
|
|
if (stat(filename, &s) == 0 && S_ISREG(s.st_mode)) {
|
|
|
|
|
fno = open(filename, O_RDONLY);
|
|
|
|
|
if (fno != -1) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
response = MHD_create_response_from_fd(s.st_size, fno);
|
|
|
|
|
MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_TYPE, mime);
|
|
|
|
|
sprintf(buffer, "%ld", s.st_size);
|
|
|
|
|
MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_LENGTH, buffer);
|
2018-02-16 22:42:27 +00:00
|
|
|
|
2018-02-20 02:18:22 +00:00
|
|
|
snprintf(buffer, PATH_MAX, "attachment; filename=\"%s\"", basename(filename));
|
|
|
|
|
MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_DISPOSITION, buffer);
|
|
|
|
|
ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
|
|
|
|
|
MHD_destroy_response (response);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
free(filename);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2018-02-15 04:43:37 +00:00
|
|
|
}
|
2018-02-20 02:18:22 +00:00
|
|
|
free(filename);
|
|
|
|
|
}
|
|
|
|
|
if (www_404(header, footer, connection) != 0) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
2018-02-15 04:43:37 +00:00
|
|
|
}
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
2018-02-20 02:18:22 +00:00
|
|
|
return MHD_YES;
|
2018-02-20 23:59:26 +00:00
|
|
|
} else {
|
|
|
|
|
free(filen);
|
2018-02-15 04:43:37 +00:00
|
|
|
}
|
2018-02-20 23:59:26 +00:00
|
|
|
} else {
|
2018-02-20 02:18:22 +00:00
|
|
|
free(filen);
|
2018-02-15 04:43:37 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (page == NULL) {
|
|
|
|
|
if (www_403(header, footer, connection) != 0) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
|
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
2018-01-23 10:57:58 +00:00
|
|
|
} else if (strncasecmp(url, "/files/", 7) == 0) {
|
|
|
|
|
filename = www_decode_hash(&url[7]);
|
|
|
|
|
if (filename != NULL) {
|
2018-01-23 11:37:23 +00:00
|
|
|
mime = NULL;
|
|
|
|
|
// get mimetype
|
|
|
|
|
for (i=strlen(filename);i>0;--i) {
|
|
|
|
|
if (filename[i] == '.') {
|
|
|
|
|
mime = www_get_mime_type(&filename[i+1]);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (filename[i] == '/') {
|
|
|
|
|
mime = www_get_mime_type(NULL);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (mime = NULL) {
|
|
|
|
|
mime = www_get_mime_type(NULL);
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-23 10:57:58 +00:00
|
|
|
if (stat(filename, &s) == 0 && S_ISREG(s.st_mode)) {
|
2018-01-23 11:16:36 +00:00
|
|
|
fno = open(filename, O_RDONLY);
|
2018-01-23 10:57:58 +00:00
|
|
|
if (fno != -1) {
|
|
|
|
|
|
|
|
|
|
response = MHD_create_response_from_fd(s.st_size, fno);
|
|
|
|
|
MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_TYPE, mime);
|
|
|
|
|
sprintf(buffer, "%ld", s.st_size);
|
|
|
|
|
MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_LENGTH, buffer);
|
2018-01-23 11:47:34 +00:00
|
|
|
|
2018-01-23 10:57:58 +00:00
|
|
|
snprintf(buffer, PATH_MAX, "attachment; filename=\"%s\"", basename(filename));
|
|
|
|
|
MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_DISPOSITION, buffer);
|
|
|
|
|
ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
|
|
|
|
|
MHD_destroy_response (response);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
2018-01-23 11:16:36 +00:00
|
|
|
free(filename);
|
2018-01-23 10:57:58 +00:00
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
free(filename);
|
|
|
|
|
}
|
|
|
|
|
if (www_404(header, footer, connection) != 0) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
2016-08-16 10:28:48 +00:00
|
|
|
} else {
|
2016-08-17 00:55:03 +00:00
|
|
|
if (www_404(header, footer, connection) != 0) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
2016-08-16 10:28:48 +00:00
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
2016-08-17 00:55:03 +00:00
|
|
|
return MHD_YES;
|
2016-08-16 10:28:48 +00:00
|
|
|
}
|
|
|
|
|
} else if (strcmp(method, "POST") == 0) {
|
2016-08-19 05:23:04 +00:00
|
|
|
if (strcasecmp(url, "/email/") == 0 || strcasecmp(url, "/email") == 0) {
|
|
|
|
|
con_inf->user = www_auth_ok(connection, url_);
|
2016-08-19 07:37:07 +00:00
|
|
|
|
|
|
|
|
if (con_inf->user == NULL) {
|
2016-08-19 05:23:04 +00:00
|
|
|
www_401(header, footer, connection);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
2016-08-21 11:58:35 +00:00
|
|
|
if (con_inf->pp == NULL) {
|
|
|
|
|
con_inf->pp = MHD_create_post_processor(connection, POSTBUFFERSIZE, iterate_post, (void*) con_inf);
|
|
|
|
|
}
|
2016-08-19 05:23:04 +00:00
|
|
|
if (*upload_data_size != 0) {
|
2016-08-21 11:58:35 +00:00
|
|
|
|
2016-08-19 05:23:04 +00:00
|
|
|
MHD_post_process (con_inf->pp, upload_data, *upload_data_size);
|
|
|
|
|
*upload_data_size = 0;
|
|
|
|
|
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
|
|
|
|
subj = NULL;
|
|
|
|
|
to = NULL;
|
|
|
|
|
body = NULL;
|
|
|
|
|
for (i=0;i<con_inf->count;i++) {
|
|
|
|
|
if (strcmp(con_inf->keys[i], "recipient") == 0) {
|
|
|
|
|
to = con_inf->values[i];
|
|
|
|
|
} else if (strcmp(con_inf->keys[i], "subject") == 0) {
|
|
|
|
|
subj = con_inf->values[i];
|
|
|
|
|
} else if (strcmp(con_inf->keys[i], "body") == 0) {
|
|
|
|
|
body = con_inf->values[i];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (!www_send_email(con_inf->user, to, subj, body)) {
|
|
|
|
|
page = (char *)malloc(50);
|
|
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
sprintf(page, "<h1>Error Sending Email (Check User Exists?)</h1>");
|
|
|
|
|
} else {
|
|
|
|
|
page = (char *)malloc(21);
|
|
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
sprintf(page, "<h1>Email Sent!</h1>");
|
|
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
|
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
|
|
|
|
|
2016-08-20 03:52:02 +00:00
|
|
|
} else if (strcasecmp(url, "/msgs/") == 0 || strcasecmp(url, "/msgs") == 0) {
|
|
|
|
|
con_inf->user = www_auth_ok(connection, url_);
|
|
|
|
|
|
|
|
|
|
if (con_inf->user == NULL) {
|
|
|
|
|
www_401(header, footer, connection);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
2016-08-21 11:58:35 +00:00
|
|
|
if (con_inf->pp == NULL) {
|
|
|
|
|
con_inf->pp = MHD_create_post_processor(connection, POSTBUFFERSIZE, iterate_post, (void*) con_inf);
|
|
|
|
|
}
|
2016-08-20 03:52:02 +00:00
|
|
|
|
|
|
|
|
if (*upload_data_size != 0) {
|
|
|
|
|
MHD_post_process (con_inf->pp, upload_data, *upload_data_size);
|
|
|
|
|
*upload_data_size = 0;
|
|
|
|
|
|
|
|
|
|
return MHD_YES;
|
|
|
|
|
}
|
|
|
|
|
subj = NULL;
|
|
|
|
|
to = NULL;
|
|
|
|
|
body = NULL;
|
|
|
|
|
replyid = NULL;
|
2018-01-21 05:02:21 +00:00
|
|
|
conference = -1;
|
|
|
|
|
area = -1;
|
2016-08-20 03:52:02 +00:00
|
|
|
|
|
|
|
|
for (i=0;i<con_inf->count;i++) {
|
|
|
|
|
if (strcmp(con_inf->keys[i], "recipient") == 0) {
|
|
|
|
|
to = con_inf->values[i];
|
|
|
|
|
} else if (strcmp(con_inf->keys[i], "subject") == 0) {
|
|
|
|
|
subj = con_inf->values[i];
|
|
|
|
|
} else if (strcmp(con_inf->keys[i], "body") == 0) {
|
|
|
|
|
body = con_inf->values[i];
|
|
|
|
|
} else if (strcmp(con_inf->keys[i], "conference") == 0) {
|
2018-01-25 10:25:17 +00:00
|
|
|
conference = strtol(con_inf->values[i], &endptr, 10);
|
|
|
|
|
if (endptr == con_inf->values[i]) {
|
|
|
|
|
conference = -1;
|
|
|
|
|
}
|
2016-08-20 03:52:02 +00:00
|
|
|
} else if (strcmp(con_inf->keys[i], "area") == 0) {
|
2018-01-25 10:25:17 +00:00
|
|
|
area = strtol(con_inf->values[i], &endptr, 10);
|
|
|
|
|
if (endptr == con_inf->values[i]) {
|
|
|
|
|
area = -1;
|
|
|
|
|
}
|
2016-08-20 03:52:02 +00:00
|
|
|
} else if (strcmp(con_inf->keys[i], "replyid") == 0) {
|
|
|
|
|
replyid = con_inf->values[i];
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-01-21 05:02:21 +00:00
|
|
|
|
2016-08-20 03:52:02 +00:00
|
|
|
if (!www_send_msg(con_inf->user, to, subj, conference, area, replyid, body)) {
|
2018-01-21 05:02:21 +00:00
|
|
|
page = (char *)malloc(31);
|
2016-08-20 03:52:02 +00:00
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
sprintf(page, "<h1>Error Sending Message</h1>");
|
|
|
|
|
} else {
|
2018-01-21 05:02:21 +00:00
|
|
|
page = (char *)malloc(23);
|
2016-08-20 03:52:02 +00:00
|
|
|
if (page == NULL) {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
|
|
|
|
sprintf(page, "<h1>Message Sent!</h1>");
|
|
|
|
|
}
|
|
|
|
|
whole_page = (char *)malloc(strlen(header) + strlen(page) + strlen(footer) + 1);
|
|
|
|
|
|
|
|
|
|
sprintf(whole_page, "%s%s%s", header, page, footer);
|
|
|
|
|
|
2016-08-19 05:23:04 +00:00
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
|
|
|
|
}
|
2016-08-20 23:45:38 +00:00
|
|
|
} else {
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
return MHD_NO;
|
2016-08-16 10:28:48 +00:00
|
|
|
}
|
2016-08-20 21:27:24 +00:00
|
|
|
response = MHD_create_response_from_buffer (strlen (whole_page), (void*) whole_page, MHD_RESPMEM_MUST_FREE);
|
2016-08-16 10:28:48 +00:00
|
|
|
|
2016-08-19 02:32:04 +00:00
|
|
|
MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_TYPE, "text/html");
|
|
|
|
|
|
2016-08-16 10:28:48 +00:00
|
|
|
ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
|
|
|
|
|
MHD_destroy_response (response);
|
|
|
|
|
free(page);
|
|
|
|
|
free(header);
|
|
|
|
|
free(footer);
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
