diff options
-rw-r--r-- | Makefile | 4 | ||||
-rw-r--r-- | blog.c | 30 | ||||
-rw-r--r-- | blog.h | 13 | ||||
-rw-r--r-- | post.c | 75 |
4 files changed, 117 insertions, 5 deletions
@@ -1,9 +1,13 @@ .POSIX: CFLAGS=-static +OBJECTS=blog.o post.o all: blog +blog: $(OBJECTS) + $(CC) $(CFLAGS) -o $@ $(OBJECTS) $(LDFLAGS) $(LIBS) + install: blog strip blog doas cp -f blog /var/www/cgi-bin/blog @@ -1,14 +1,34 @@ +#define _XOPEN_SOURCE 700 #include <stdio.h> #include <stdlib.h> -#include <errno.h> #include <string.h> +#include "blog.h" extern char **environ; +int verify_creds(const char *username, const char *password) +{ + printf("verifying '%s'/'%s'\n", username ? username : "", password ? password : ""); + return 1; +} + int handle_post(void) { - printf("Status: 301 Found\r\n"); - printf("Location: http%s://%s%s\r\n\r\n", getenv("HTTPS") ? "s" : "", getenv("HTTP_HOST"), getenv("DOCUMENT_URI")); + + //printf("Status: 301 Found\r\n"); + //printf("Location: http%s://%s%s\r\n\r\n", getenv("HTTPS") ? "s" : "", getenv("HTTP_HOST"), getenv("DOCUMENT_URI")); + + printf("Status: 200 OK\r\n"); + printf("Content-Type: text/plain\r\n\r\n"); + + read_post_data(); + if (!verify_creds(find_post_data("username"), find_post_data("password"))) { + // handle invalid login + } + + for (char **e = environ; e && *e; e++) { + puts(*e); + } return 0; } @@ -51,11 +71,11 @@ int main(void) puts("<input type=\"submit\">"); puts("</form>"); - puts("<pre>"); + puts("<!--"); for (char **e = environ; e && *e; e++) { puts(*e); } - puts("</pre>"); + puts("-->"); puts("</body>"); puts("</html>"); @@ -0,0 +1,13 @@ +#ifndef BLOG_H +#define BLOG_H + +void read_post_data(void); +char *find_post_data(char *key); + +int verify_creds(const char *username, const char *password); + +int handle_post(void); + +int show_entry(const char *path); + +#endif @@ -0,0 +1,75 @@ +#define _XOPEN_SOURCE 700 +#include <search.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "blog.h" + +#define HSIZE 4 /* username, password, title, body */ + +void read_post_data(void) +{ + char *content_length = getenv("CONTENT_LENGTH"); + if (!content_length) { + return; + } + + int cl = atoi(content_length); + if (!cl) { + return; + } + + if (!hcreate(HSIZE)) { + return; + } + + char *buf = malloc(cl + 1); + if (!buf) { + return; + } + + int pos = 0; + int c; + while ((c = getchar()) != EOF) { + if (c == '&') { + char *value = strchr(buf, '='); + *value = '\0'; + value++; + + char *key = strdup(buf); + char *data = strdup(value); + + ENTRY e = { + .key = key, + .data = data + }; + hsearch(e, ENTER); + pos = 0; + } else if (c == '%') { + char hex[3] = { 0, 0, 0 }; + hex[0] = getchar(); + hex[1] = getchar(); + buf[pos] = strtol(hex, NULL, 16); + buf[++pos] = '\0'; + } else { + buf[pos] = c; + buf[++pos] = '\0'; + } + } + + free(buf); +} + +char *find_post_data(char *key) +{ + ENTRY e = { + .key = key + }; + ENTRY *p = hsearch(e, FIND); + if (p && p->data) { + return p->data; + } + + return NULL; +} |