diff --git a/src/www_email.c b/src/www_email.c index 20c3ae5..e52f44f 100644 --- a/src/www_email.c +++ b/src/www_email.c @@ -10,7 +10,7 @@ extern struct bbs_config conf; int www_email_delete(struct user_record *user, int id) { - char buffer[256]; + char buffer[PATH_MAX]; sqlite3 *db; sqlite3_stmt *res; int rc; @@ -60,7 +60,7 @@ int www_email_delete(struct user_record *user, int id) { } int www_send_email(struct user_record *user, char *recipient, char *subject, char *ibody) { - char buffer[256]; + char pathbuf[PATH_MAX]; sqlite3 *db; sqlite3_stmt *res; int rc; @@ -74,10 +74,9 @@ int www_send_email(struct user_record *user, char *recipient, char *subject, cha "seen INTEGER);"; char *isql = "INSERT INTO email (sender, recipient, subject, body, date, seen) VALUES(?, ?, ?, ?, ?, 0)"; char *err_msg = 0; - char *body; + stralloc sa = EMPTY_STRALLOC; + char *body = NULL; struct utsname name; - int i; - int pos; if (recipient == NULL || subject == NULL || ibody == NULL) { return 0; @@ -89,25 +88,31 @@ int www_send_email(struct user_record *user, char *recipient, char *subject, cha uname(&name); - snprintf(buffer, 256, "\r--- MagickaBBS v%d.%d%s (%s/%s)\r * Origin: %s \r", VERSION_MAJOR, VERSION_MINOR, VERSION_STR, name.sysname, name.machine, conf.default_tagline); + for (char *p = ibody; *p != '\0'; ++p) + if (*p != '\n') + stralloc_append1(&sa, *p); - body = (char *)malloz(strlen(ibody) + strlen(buffer) + 1); - pos = 0; - for (i = 0; i < strlen(ibody); i++) { - if (ibody[i] != '\n') { - body[pos] = ibody[i]; - pos++; - } - } + stralloc_cats(&sa, "\r--- MagickaBBS v"); + stralloc_cat_long(&sa, VERSION_MAJOR); + stralloc_append1(&sa, '.'); + stralloc_cat_long(&sa, VERSION_MINOR); + stralloc_cats(&sa, VERSION_STR); + stralloc_cats(&sa, " ("); + stralloc_cats(&sa, name.sysname); + stralloc_append1(&sa, '/'); + stralloc_cats(&sa, name.machine); + stralloc_cats(&sa, ")\r"); + stralloc_cats(&sa, " * Origin: "); + stralloc_cats(&sa, conf.default_tagline); + stralloc_cats(&sa, " \r"); + stralloc_0(&sa); + body = sa.s; - strcat(body, buffer); - - sprintf(buffer, "%s/email.sq3", conf.bbs_path); - - rc = sqlite3_open(buffer, &db); + snprintf(pathbuf, sizeof pathbuf, "%s/email.sq3", conf.bbs_path); + rc = sqlite3_open(pathbuf, &db); if (rc != SQLITE_OK) { sqlite3_close(db); - + free(body); return 0; } @@ -116,27 +121,28 @@ int www_send_email(struct user_record *user, char *recipient, char *subject, cha if (rc != SQLITE_OK) { sqlite3_free(err_msg); sqlite3_close(db); - + free(body); return 0; } rc = sqlite3_prepare_v2(db, isql, -1, &res, 0); - - if (rc == SQLITE_OK) { - sqlite3_bind_text(res, 1, user->loginname, -1, 0); - sqlite3_bind_text(res, 2, recipient, -1, 0); - sqlite3_bind_text(res, 3, subject, -1, 0); - sqlite3_bind_text(res, 4, body, -1, 0); - sqlite3_bind_int(res, 5, time(NULL)); - } else { + if (rc != SQLITE_OK) { sqlite3_finalize(res); sqlite3_close(db); + free(body); return 0; } + sqlite3_bind_text(res, 1, user->loginname, -1, 0); + sqlite3_bind_text(res, 2, recipient, -1, 0); + sqlite3_bind_text(res, 3, subject, -1, 0); + sqlite3_bind_text(res, 4, body, -1, 0); + sqlite3_bind_int(res, 5, time(NULL)); sqlite3_step(res); sqlite3_finalize(res); sqlite3_close(db); + free(body); + return 1; } @@ -158,10 +164,9 @@ char *www_new_email() { } char *www_email_display(struct user_record *user, int email) { - char *page; - int max_len; - int len; - char buffer[4096]; + stralloc page = EMPTY_STRALLOC; + char pathbuf[PATH_MAX]; + char datebuf[32]; sqlite3 *db; sqlite3_stmt *res; int rc; @@ -186,16 +191,10 @@ char *www_email_display(struct user_record *user, int email) { char *update_seen_sql = "UPDATE email SET seen=1 WHERE id=?"; - page = (char *)malloz(4096); - max_len = 4096; - len = 0; - - sprintf(buffer, "%s/email.sq3", conf.bbs_path); - - rc = sqlite3_open(buffer, &db); + snprintf(pathbuf, sizeof pathbuf, "%s/email.sq3", conf.bbs_path); + rc = sqlite3_open(pathbuf, &db); if (rc != SQLITE_OK) { sqlite3_close(db); - free(page); return NULL; } sqlite3_busy_timeout(db, 5000); @@ -203,282 +202,114 @@ char *www_email_display(struct user_record *user, int email) { if (rc != SQLITE_OK) { sqlite3_free(err_msg); sqlite3_close(db); - return NULL; } rc = sqlite3_prepare_v2(db, email_show_sql, -1, &res, 0); - if (rc == SQLITE_OK) { - sqlite3_bind_text(res, 1, user->loginname, -1, 0); - sqlite3_bind_int(res, 2, email - 1); - } else { + if (rc != SQLITE_OK) { sqlite3_finalize(res); sqlite3_close(db); - free(page); return NULL; } - if (sqlite3_step(res) == SQLITE_ROW) { - id = sqlite3_column_int(res, 0); - from = strdup((char *)sqlite3_column_text(res, 1)); - subject = strdup((char *)sqlite3_column_text(res, 2)); - body = strdup((char *)sqlite3_column_text(res, 3)); - date = (time_t)sqlite3_column_int(res, 4); - localtime_r(&date, &msg_date); + sqlite3_bind_text(res, 1, user->loginname, -1, 0); + sqlite3_bind_int(res, 2, email - 1); - sprintf(buffer, "

Your Email

\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "
\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "
%s
\n", subject); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "
From: %s
\n", from); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - if (conf.date_style == 1) { - sprintf(buffer, "
Date: %.2d:%.2d %.2d-%.2d-%.2d
\n", msg_date.tm_hour, msg_date.tm_min, msg_date.tm_mon + 1, msg_date.tm_mday, msg_date.tm_year - 100); - } else { - sprintf(buffer, "
Date: %.2d:%.2d %.2d-%.2d-%.2d
\n", msg_date.tm_hour, msg_date.tm_min, msg_date.tm_mday, msg_date.tm_mon + 1, msg_date.tm_year - 100); - } - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "
\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - sprintf(buffer, "
\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - for (i = 0; i < strlen(body); i++) { - if (body[i] == '\r') { - sprintf(buffer, "
"); - } else if (body[i] == '<') { - sprintf(buffer, "<"); - } else if (body[i] == '>') { - sprintf(buffer, ">"); - } else { - sprintf(buffer, "%c", body[i]); - } - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - } - sprintf(buffer, "
\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "
\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - sprintf(buffer, "

Reply

\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "
\n", conf.www_url); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "\n", from); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - if (strncasecmp(subject, "re:", 3) == 0) { - sprintf(buffer, "Subject :
\n", subject); - } else { - sprintf(buffer, "Subject :
\n", subject); - } - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "\n
"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "\n
"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "
\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "
\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - free(from); - free(body); - free(subject); - - sqlite3_finalize(res); - - rc = sqlite3_prepare_v2(db, update_seen_sql, -1, &res, 0); - - if (rc == SQLITE_OK) { - sqlite3_bind_int(res, 1, id); - } else { - sqlite3_finalize(res); - sqlite3_close(db); - free(page); - return NULL; - } - - sqlite3_step(res); - } else { - sprintf(buffer, "

No Such Email

\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); + if (sqlite3_step(res) != SQLITE_ROW) { + return strdup("

No Such Email

\n"); } + id = sqlite3_column_int(res, 0); + from = (char *)sqlite3_column_text(res, 1); + subject = (char *)sqlite3_column_text(res, 2); + body = (char *)sqlite3_column_text(res, 3); + date = (time_t)sqlite3_column_int(res, 4); + localtime_r(&date, &msg_date); + stralloc_copys(&page, "

Your Email

\n"); + stralloc_cats(&page, "
\n"); + stralloc_cats(&page, "
"); + stralloc_cats(&page, subject); + stralloc_cats(&page, "
\n"); + stralloc_cats(&page, "
From: "); + stralloc_cats(&page, from); + stralloc_cats(&page, "
\n"); + stralloc_cats(&page, "
Date: "); + if (conf.date_style == 1) + strftime(datebuf, sizeof datebuf, "%H:%M %m-%d-%y", &msg_date); + else + strftime(datebuf, sizeof datebuf, "%H:%M %d-%m-%y", &msg_date); + stralloc_cats(&page, datebuf); + stralloc_cats(&page, "
\n"); + stralloc_cats(&page, "
\n"); + stralloc_cats(&page, "
\n"); + for (char *p = body; *p != '\0'; ++p) { + switch (*p) { + case '\r': stralloc_cats(&page, "
"); break; + case '<': stralloc_cats(&page, "<"); break; + case '>': stralloc_cats(&page, ">"); break; + default: stralloc_append1(&page, *p); break; + } + } + stralloc_cats(&page, "
\n"); + stralloc_cats(&page, "
\n"); + stralloc_cats(&page, "

Reply

\n"); + stralloc_cats(&page, "
\n"); + stralloc_cats(&page, "\n"); + stralloc_cats(&page, "Subject :
\n"); + stralloc_cats(&page, "\n
"); + stralloc_cats(&page, "\n
"); + stralloc_cats(&page, "
\n"); + stralloc_cats(&page, "
\n"); + stralloc_0(&page); + + sqlite3_finalize(res); + rc = sqlite3_prepare_v2(db, update_seen_sql, -1, &res, 0); + if (rc != SQLITE_OK) { + sqlite3_finalize(res); + sqlite3_close(db); + free(page.s); + return NULL; + } + sqlite3_bind_int(res, 1, id); + sqlite3_step(res); sqlite3_finalize(res); sqlite3_close(db); - return page; + return page.s; } char *www_email_summary(struct user_record *user) { - char *page; - int max_len; - int len; - char buffer[4096]; + stralloc page = EMPTY_STRALLOC; + char pathbuf[PATH_MAX]; sqlite3 *db; sqlite3_stmt *res; int rc; char *email_summary_sql = "SELECT id,sender,subject,seen,date FROM email WHERE recipient LIKE ?"; - struct tm msg_date; - time_t date; - char *from; - char *subject; - int seen; - int id; int msgid = 0; char *err_msg = 0; char *email_create_sql = "CREATE TABLE IF NOT EXISTS email (" @@ -490,32 +321,10 @@ char *www_email_summary(struct user_record *user) { "date INTEGER," "seen INTEGER);"; - page = (char *)malloz(4096); - max_len = 4096; - len = 0; - - sprintf(buffer, "

Your Email

\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "
New Email
\n", conf.www_url); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - - sprintf(buffer, "%s/email.sq3", conf.bbs_path); - - rc = sqlite3_open(buffer, &db); + snprintf(pathbuf, sizeof pathbuf, "%s/email.sq3", conf.bbs_path); + rc = sqlite3_open(pathbuf, &db); if (rc != SQLITE_OK) { sqlite3_close(db); - free(page); return NULL; } sqlite3_busy_timeout(db, 5000); @@ -523,68 +332,67 @@ char *www_email_summary(struct user_record *user) { if (rc != SQLITE_OK) { sqlite3_free(err_msg); sqlite3_close(db); - return NULL; } rc = sqlite3_prepare_v2(db, email_summary_sql, -1, &res, 0); - - if (rc == SQLITE_OK) { - sqlite3_bind_text(res, 1, user->loginname, -1, 0); - } else { + if (rc != SQLITE_OK) { sqlite3_finalize(res); sqlite3_close(db); - free(page); return NULL; } + sqlite3_bind_text(res, 1, user->loginname, -1, 0); - sprintf(buffer, "
\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); + stralloc_copys(&page, "

Your Email

\n"); + stralloc_cats(&page, "
New Email
\n"); + stralloc_cats(&page, "
\n"); while (sqlite3_step(res) == SQLITE_ROW) { - id = sqlite3_column_int(res, 0); - from = strdup((char *)sqlite3_column_text(res, 1)); - subject = strdup((char *)sqlite3_column_text(res, 2)); - seen = sqlite3_column_int(res, 3); - date = (time_t)sqlite3_column_int(res, 4); + char datebuf[32]; + ++msgid; + int id = sqlite3_column_int(res, 0); + const char *from = (const char *)sqlite3_column_text(res, 1); + const char *subject = (const char *)sqlite3_column_text(res, 2); + int seen = sqlite3_column_int(res, 3); + struct tm msg_date; + + time_t date = (time_t)sqlite3_column_int(res, 4); localtime_r(&date, &msg_date); - if (seen == 0) { - sprintf(buffer, "
%d
%s
%s
%.2d:%.2d %.2d-%.2d-%.2d
\n", msgid + 1, conf.www_url, msgid + 1, subject, from, msg_date.tm_hour, msg_date.tm_min, msg_date.tm_mday, msg_date.tm_mon + 1, msg_date.tm_year - 100, conf.www_url, id); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); - } else { - sprintf(buffer, "
%d
%s
%s
%.2d:%.2d %.2d-%.2d-%.2d
\n", msgid + 1, conf.www_url, msgid + 1, subject, from, msg_date.tm_hour, msg_date.tm_min, msg_date.tm_mday, msg_date.tm_mon + 1, msg_date.tm_year - 100, conf.www_url, id); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); + stralloc_cats(&page, "
"); + stralloc_cat_long(&page, msgid); + stralloc_cats(&page, "
"); + stralloc_cats(&page, subject); + stralloc_cats(&page, "
"); + stralloc_cats(&page, from); + stralloc_cats(&page, "
"); + if (conf.date_style == 1) + strftime(datebuf, sizeof datebuf, "%H:%M %m-%d-%y", &msg_date); + else + strftime(datebuf, sizeof datebuf, "%H:%M %d-%m-%y", &msg_date); + stralloc_cats(&page, datebuf); + stralloc_cats(&page, "
\n"); } - sprintf(buffer, "
\n"); - if (len + strlen(buffer) > max_len - 1) { - max_len += 4096; - page = (char *)realloc(page, max_len); - } - strcat(page, buffer); - len += strlen(buffer); + stralloc_cats(&page, "
\n"); + stralloc_0(&page); sqlite3_finalize(res); sqlite3_close(db); - return page; + + return page.s; } #endif