| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 1 | #include "wsIntrn.h" |
| 2 | |
| 3 | static sym_fd_t formSymtab = -1; |
| 4 | |
| 5 | void websHeader(webs_t wp) |
| 6 | { |
| 7 | a_assert(websValid(wp)); |
| 8 | |
| 9 | websWrite(wp, T("HTTP/1.0 200 OK\n")); |
| 10 | |
| 11 | websWrite(wp, T("Server: %s\r\n"), WEBS_NAME); |
| 12 | #ifdef WEBINSPECT_FIX |
| 13 | websWrite(wp, T("X-Frame-Options: SAMEORIGIN\n")); |
| 14 | #endif |
| 15 | websWrite(wp, T("Pragma: no-cache\n")); |
| 16 | websWrite(wp, T("Cache-control: no-cache\n")); |
| 17 | websWrite(wp, T("Content-Type: text/html\n")); |
| 18 | websWrite(wp, T("\n")); |
| 19 | websWrite(wp, T("<html>\n")); |
| 20 | } |
| 21 | |
| 22 | |
| 23 | int websFormDefine(char_t *name, void (*fn)(webs_t wp, char_t *path, |
| 24 | char_t *query)) |
| 25 | { |
| 26 | a_assert(name && *name); |
| 27 | a_assert(fn); |
| 28 | |
| 29 | if (fn == NULL) { |
| 30 | return -1; |
| 31 | } |
| 32 | |
| 33 | symEnter(formSymtab, name, valueInteger((int) fn), (int) NULL); |
| 34 | return 0; |
| 35 | } |
| 36 | |
| 37 | void websFooter(webs_t wp) |
| 38 | { |
| 39 | a_assert(websValid(wp)); |
| 40 | |
| 41 | websWrite(wp, T("</html>\n")); |
| 42 | } |
| 43 | |
| 44 | int websFormHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg, |
| 45 | char_t *url, char_t *path, char_t *query) |
| 46 | { |
| 47 | char_t form_buf[FNAMESIZE]; |
| 48 | char_t *cp, *form_name; |
| 49 | sym_t *sp; |
| 50 | int (*fn)(void *sock, char_t *path, char_t *args); |
| 51 | |
| 52 | a_assert(websValid(wp)); |
| 53 | a_assert(url && *url); |
| 54 | a_assert(path && *path == '/'); |
| 55 | |
| 56 | websStats.formHits++; |
| 57 | #ifdef WEBS_SECURITY |
| 58 | if (strstr(query,"_method")) { |
| 59 | printf("websFH: qry=%s\n",query); |
| 60 | websError(wp, 405, T("")); |
| 61 | return 1; |
| 62 | } |
| 63 | #endif |
| 64 | |
| 65 | gstrncpy(form_buf, path, TSZ(form_buf)-1); |
| 66 | if ((form_name = gstrchr(&form_buf[1], '/')) == NULL) { |
| 67 | websError(wp, 200, T("Missing form name")); |
| 68 | return 1; |
| 69 | } |
| 70 | form_name++; |
| 71 | if ((cp = gstrchr(form_name, '/')) != NULL) { |
| 72 | *cp = '\0'; |
| 73 | } |
| 74 | |
| 75 | sp = symLookup(formSymtab, form_name); |
| 76 | if (sp == NULL) { |
| 77 | #ifdef WEBINSPECT_FIX |
| 78 | websDone(wp, 0); |
| 79 | #else |
| 80 | websError(wp, 200, T("Form %s is not defined"), form_name); |
| 81 | #endif |
| 82 | } else { |
| 83 | fn = (int (*)(void *, char_t *, char_t *)) sp->content.value.integer; |
| 84 | a_assert(fn); |
| 85 | if (fn) { |
| 86 | (*fn)((void*) wp, form_name, query); |
| 87 | } |
| 88 | } |
| 89 | return 1; |
| 90 | } |
| 91 | |
| 92 | |
| 93 | void websFormClose() |
| 94 | { |
| 95 | if (formSymtab != -1) { |
| 96 | symClose(formSymtab); |
| 97 | formSymtab = -1; |
| 98 | } |
| 99 | } |
| 100 | |
| 101 | |
| 102 | void websFormOpen() |
| 103 | { |
| 104 | formSymtab = symOpen(WEBS_SYM_INIT); |
| 105 | } |
| 106 | |
| 107 | |