1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
#define _XOPEN_SOURCE 700
#include <ctype.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <time.h>
#include <unistd.h>
#include "blog.h"
int current_year(void)
{
static int year = 0;
if (year == 0) {
time_t t = time(NULL);
struct tm *tm = localtime(&t);
year = tm->tm_year + 1900;
}
return year;
}
void readfile(const char *path, char *buf, size_t n)
{
FILE *f = fopen(path, "r");
fgets(buf, n, f);
fclose(f);
size_t len = strlen(buf);
if (buf[len-1] == '\n') {
buf[len-1] = '\0';
}
}
char *user_name(const char *user)
{
static char name[BUFSIZ] = {0};
char path[FILENAME_MAX];
snprintf(path, sizeof(path), "/%s/.name", user);
readfile(path, name, sizeof(name));
return name;
}
char *user_email(const char *user)
{
static char email[BUFSIZ] = {0};
char path[FILENAME_MAX];
snprintf(path, sizeof(path), "/%s/.email", user);
readfile(path, email, sizeof(email));
return email;
}
int handle_post(void)
{
read_post_data();
char *user = find_post_data("username");
if (!authenticate(user, find_post_data("password"))) {
printf("Status 403 Forbidden\r\n");
printf("Content-Type: text/plain\r\n\r\n");
puts("Incorrect username or password. Go back and try again.");
return 0;
}
chdir("/");
int blogdir = open(user, O_DIRECTORY);
if (blogdir == -1) {
return 1;
}
time_t now = time(NULL);
struct tm *tm = localtime(&now);
char ymd[16] = { 0 };
strftime(ymd, sizeof(ymd), "%Y", tm);
mkdirat(blogdir, ymd, 0755);
strftime(ymd, sizeof(ymd), "%Y/%m", tm);
mkdirat(blogdir, ymd, 0755);
strftime(ymd, sizeof(ymd), "%Y/%m/%d", tm);
mkdirat(blogdir, ymd, 0755);
char *title = find_post_data("title");
while (isblank(*title)) {
title++;
}
size_t len = strlen(title);
while (isblank(title[--len])) {
title[len] = '\0';
}
char uri[FILENAME_MAX] = { 0 };
char *end = stpcpy(uri, ymd);
*end++ = '/';
int dash = 0;
for (char *f = title; *f != '\0'; f++) {
if (isalnum(*f)) {
*end++ = tolower(*f);
dash = 0;
} else if (!dash) {
dash = 1;
*end++ = '-';
}
}
int newpost = openat(blogdir, uri, O_WRONLY | O_CREAT, 0644);
if (newpost == -1) {
return 1;
}
char *body = find_post_data("body");
if (body == NULL) {
return 1;
}
dprintf(newpost, HTML_HEAD, title);
dprintf(newpost, "<h1>%s</h1>\n", title);
if (write(newpost, body, strlen(body)) != strlen(body)) {
return 1;
}
dprintf(newpost, HTML_TAIL, current_year(), user_name(user), user_email(user));
close(newpost);
close(blogdir);
add_to_index(user, uri, title);
printf("Status: 302 Found\r\n");
printf("Location: http%s://%s/%s\r\n\r\n", getenv("HTTPS") ? "s" : "", getenv("HTTP_HOST"), uri);
return 0;
}
int main(void)
{
char *method = getenv("REQUEST_METHOD");
if (!strcmp(method, "POST")) {
return handle_post();
}
printf("Status: 200 OK\r\n");
printf("Content-Type: text/html\r\n\r\n");
printf(HTML_HEAD, "new blog entry");
printf("<form method=\"POST\" action=\"%s\">\n", getenv("DOCUMENT_URI"));
puts("<input type=\"text\" name=\"username\" placeholder=\"username\" size=\"80\"><br>");
puts("<input type=\"password\" name=\"password\" placeholder=\"password\" size=\"80\"><br>");
puts("<input type=\"text\" name=\"title\" placeholder=\"title\" size=\"80\"><br>");
puts("<textarea name=\"body\" cols=\"80\" rows=\"24\"><p></p></textarea><br>");
puts("<input type=\"submit\">");
puts("</form>");
printf(HTML_TAIL, current_year(), "Jakob Kaivo", "jakob@kaivo.net");
return 0;
}
|