htdocs: improved archive. added edit/setfiledata

htdocs/archive/addfile.c

@@ -5,23 +5,6 @@
 
 #include "webarchive.h"
 
-static void unencode(const char *src, char *dest)
-{
-    for (; *src; src++, dest++) {
-        if (*src == '+')
-            *dest = ' ';
-        else if (*src == '%') {
-            int code;
-            if (sscanf(src+1, "%2x", &code) != 1)
-                code = '?';
-            *dest = code;
-            src += 2;
-        } else
-            *dest = *src;
-    }
-    *dest = '\0';
-}
-
 const char *validate(const char *data)
 {
     int i;

htdocs/archive/edit.c

@@ -0,0 +1,77 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+
+#include "webarchive.h"
+
+const char *validate(const char *data)
+{
+    int i;
+    if (strncmp(data,"name=",5) != 0)
+        return "invalid query string: must start with 'name='";
+    i = 5;
+    while (isalnum(data[i]))
+        i++;
+    if (i == 5)
+        return "invalid query string: no name";
+    if (i > 35)
+        return "invalid query string: max name size is 32";
+    if (data[i] != '\0')
+        return "invalid edit command";
+
+    return NULL;
+}
+
+int main()
+{
+    const char *query_string = getenv("QUERY_STRING");
+    if (query_string == NULL) {
+        generatepage("Internal error: invalid request");
+    } else if (NULL != validate(query_string)) {
+        generatepage(validate(query_string));
+    } else {
+        char *data[MAX_RECORDS] = {0};
+        if (!readdata(data, MAX_RECORDS)) {
+            generatepage("Failed to read file data");
+            return EXIT_SUCCESS;
+        }
+
+        char name[32] = {0};
+        strcpy(name, getname(query_string));
+        int index = -1;
+        for (int i = 0; i < MAX_RECORDS && data[i]; i++) {
+            if (strcmp(name, getname(data[i])) == 0) {
+                index = i;
+                break;
+            }
+        }
+
+        if (index == -1) {
+            generatepage("File not found");
+            return EXIT_SUCCESS;
+        }
+
+        const char *olddata = strstr(data[index], "&data=");
+        if (olddata) {
+            char *temp = malloc(strlen(olddata+6));
+            unencode(olddata+6, temp);
+            olddata = temp;
+        } else
+            olddata = "";
+
+        puts("Content-type: text/html\r\n\r\n");
+        puts("<html>");
+        puts("<body>");
+        puts("  <form action=\"http://cppcheck.sf.net/cgi-bin/setfiledata.cgi\" method=\"get\">");
+        printf("    <textarea name=\"name\" cols=\"30\" rows=\"1\" readonly>abcd</textarea><br>\n",name);
+        printf("    <textarea name=\"data\" cols=\"60\" rows=\"20\" maxsize=\"512\">123</textarea><br>\n",olddata);
+        puts("    <input type=\"submit\" value=\"Save\">");
+        puts("  </form>");
+        puts("</body>");
+        puts("</html>");
+    }
+
+    return EXIT_SUCCESS;
+}
+

htdocs/archive/setfiledata.c

@@ -0,0 +1,85 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+
+#include "webarchive.h"
+
+const char *validate(const char *data)
+{
+    int i;
+
+    // name
+    if (strncmp(data,"name=",5) != 0)
+        return "invalid query string: must start with 'name='";
+    i = 5;
+    while (isalnum(data[i]))
+        i++;
+    if (i == 5)
+        return "invalid query string: no name";
+    if (i > 35)
+        return "invalid query string: max name size is 32";
+
+    // filedata
+    if (strncmp(data+i, "&data=", 6) != 0)
+        return "invalid query string: invalid name / no data";
+
+    return NULL;
+}
+
+int main()
+{
+    const char *query_string = getenv("QUERY_STRING");
+    if (query_string == NULL) {
+        generatepage("Internal error: invalid request");
+    } else if (NULL != validate(query_string)) {
+        generatepage(validate(query_string));
+    } else {
+        char *data[MAX_RECORDS] = {0};
+        if (!readdata(data, MAX_RECORDS)) {
+            generatepage("Failed to read file data");
+            return EXIT_SUCCESS;
+        }
+
+        char name[32] = {0};
+        strcpy(name, getname(query_string));
+        int index = -1;
+        for (int i = 0; i < MAX_RECORDS && data[i]; i++) {
+            if (strcmp(name, getname(data[i])) == 0) {
+                index = i;
+                break;
+            }
+        }
+
+        if (index == -1) {
+            generatepage("File not found");
+            return EXIT_SUCCESS;
+        }
+
+        // cleanup data...
+        char str[1000] = {0};
+        char *dst = str;
+        for (const char *src = query_string; *src; src++) {
+            *dst = *src;
+            dst++;
+            if (strncmp(src, "%25", 3) == 0 && isxdigit(src[3]) && isxdigit(src[4]))
+                src += 2;
+        }
+
+        data[index] = str;
+        sortdata(data, MAX_RECORDS);
+
+        FILE *f = fopen("data.txt", "wt");
+        if (f == NULL) {
+            generatepage("Failed to add file (access denied). Try again.");
+            return EXIT_SUCCESS;
+        }
+        for (int i = 0; i < MAX_RECORDS && data[i]; i++)
+            fprintf(f, "%s\n", data[i]);
+        fclose(f);
+        generatepage("saved.");
+    }
+
+    return EXIT_SUCCESS;
+}
+

htdocs/archive/webarchive.h

@@ -3,6 +3,23 @@
 
 #define MAX_RECORDS 1000
 
+static void unencode(const char *src, char *dest)
+{
+    for (; *src; src++, dest++) {
+        if (*src == '+')
+            *dest = ' ';
+        else if (*src == '%') {
+            int code;
+            if (sscanf(src+1, "%2x", &code) != 1)
+                code = '?';
+            *dest = code;
+            src += 2;
+        } else
+            *dest = *src;
+    }
+    *dest = '\0';
+}
+
 int readdata(char * * const data, int sz)
 {
     FILE *f = fopen("data.txt", "rt");