From 81faca041a3b120b45aea121ca09294e1ffbb436 Mon Sep 17 00:00:00 2001 From: Tomasz Sowa Date: Wed, 6 Jan 2010 19:17:53 +0000 Subject: [PATCH] added: parser for multipart forms, files: postmultiparser.h postmultiparser.cpp added: function: upload git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@543 e52654a7-88a9-db11-a3e9-0013d4bc506e --- content/Makefile.dep | 129 +++++---- content/Makefile.o.dep | 2 +- content/content.cpp | 31 +++ content/content.h | 5 +- content/mkdir.cpp | 1 + content/upload.cpp | 78 ++++++ core/Makefile.dep | 39 +-- core/Makefile.o.dep | 2 +- core/config.cpp | 2 + core/data.h | 5 + core/error.h | 5 + core/function.h | 26 +- core/functions.cpp | 3 + core/postmultiparser.cpp | 550 +++++++++++++++++++++++++++++++++++++ core/postmultiparser.h | 93 +++++++ core/request.cpp | 80 +++++- core/request.h | 20 +- core/requestcontroller.cpp | 2 + core/requesttypes.h | 12 +- main/Makefile.dep | 5 +- templates/Makefile.dep | 51 ++-- templates/templates.cpp | 7 + 22 files changed, 1016 insertions(+), 132 deletions(-) create mode 100755 content/upload.cpp create mode 100755 core/postmultiparser.cpp create mode 100755 core/postmultiparser.h diff --git a/content/Makefile.dep b/content/Makefile.dep index a2a84ed..504dff0 100755 --- a/content/Makefile.dep +++ b/content/Makefile.dep @@ -6,20 +6,20 @@ cat.o: ../core/requesttypes.h ../core/session.h ../core/done.h ../core/item.h cat.o: ../core/error.h ../core/log.h ../core/user.h ../core/rebus.h cat.o: ../core/function.h ../core/thread.h ../core/compress.h cat.o: ../core/acceptencodingparser.h ../core/acceptbaseparser.h -cat.o: ../core/htmlfilter.h ../core/error.h +cat.o: ../core/htmlfilter.h ../core/postmultiparser.h ../core/error.h content.o: content.h ../core/item.h ../templates/templates.h content.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h content.o: ../core/requesttypes.h ../core/session.h ../core/done.h content.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h content.o: ../core/rebus.h ../core/function.h ../core/thread.h content.o: ../core/compress.h ../core/acceptencodingparser.h -content.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/error.h -content.o: ../core/db.h ../core/group.h ../core/dircontainer.h -content.o: ../core/ugcontainer.h ../core/data.h ../core/dirs.h -content.o: ../core/users.h ../core/groups.h ../core/functions.h -content.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h -content.o: ../core/misc.h ../core/plugin.h ../core/request.h ../core/data.h -content.o: ../core/pluginmsg.h +content.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +content.o: ../core/postmultiparser.h ../core/error.h ../core/db.h +content.o: ../core/group.h ../core/dircontainer.h ../core/ugcontainer.h +content.o: ../core/data.h ../core/dirs.h ../core/users.h ../core/groups.h +content.o: ../core/functions.h ../core/lastcontainer.h ../core/mounts.h +content.o: ../core/mount.h ../core/misc.h ../core/plugin.h ../core/request.h +content.o: ../core/data.h ../core/pluginmsg.h createthread.o: content.h ../core/item.h ../templates/templates.h createthread.o: ../templates/patterncacher.h ../core/thread.h createthread.o: ../core/request.h ../core/requesttypes.h ../core/session.h @@ -27,9 +27,10 @@ createthread.o: ../core/done.h ../core/item.h ../core/error.h ../core/log.h createthread.o: ../core/user.h ../core/rebus.h ../core/function.h createthread.o: ../core/thread.h ../core/compress.h createthread.o: ../core/acceptencodingparser.h ../core/acceptbaseparser.h -createthread.o: ../core/htmlfilter.h ../core/error.h ../core/db.h -createthread.o: ../core/group.h ../core/dircontainer.h ../core/ugcontainer.h -createthread.o: ../core/mount.h ../core/data.h ../core/dirs.h ../core/users.h +createthread.o: ../core/htmlfilter.h ../core/postmultiparser.h +createthread.o: ../core/error.h ../core/db.h ../core/group.h +createthread.o: ../core/dircontainer.h ../core/ugcontainer.h ../core/mount.h +createthread.o: ../core/data.h ../core/dirs.h ../core/users.h createthread.o: ../core/groups.h ../core/functions.h ../core/lastcontainer.h createthread.o: ../core/mounts.h ../core/mount.h default.o: content.h ../core/item.h ../templates/templates.h @@ -38,22 +39,24 @@ default.o: ../core/requesttypes.h ../core/session.h ../core/done.h default.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h default.o: ../core/rebus.h ../core/function.h ../core/thread.h default.o: ../core/compress.h ../core/acceptencodingparser.h -default.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/error.h -default.o: ../core/db.h ../core/group.h ../core/dircontainer.h -default.o: ../core/ugcontainer.h ../core/data.h ../core/dirs.h -default.o: ../core/users.h ../core/groups.h ../core/functions.h -default.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h +default.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +default.o: ../core/postmultiparser.h ../core/error.h ../core/db.h +default.o: ../core/group.h ../core/dircontainer.h ../core/ugcontainer.h +default.o: ../core/data.h ../core/dirs.h ../core/users.h ../core/groups.h +default.o: ../core/functions.h ../core/lastcontainer.h ../core/mounts.h +default.o: ../core/mount.h emacs.o: content.h ../core/item.h ../templates/templates.h emacs.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h emacs.o: ../core/requesttypes.h ../core/session.h ../core/done.h emacs.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h emacs.o: ../core/rebus.h ../core/function.h ../core/thread.h emacs.o: ../core/compress.h ../core/acceptencodingparser.h -emacs.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/error.h -emacs.o: ../core/db.h ../core/group.h ../core/dircontainer.h -emacs.o: ../core/ugcontainer.h ../core/data.h ../core/dirs.h ../core/users.h -emacs.o: ../core/groups.h ../core/functions.h ../core/lastcontainer.h -emacs.o: ../core/mounts.h ../core/mount.h ../core/notify.h +emacs.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +emacs.o: ../core/postmultiparser.h ../core/error.h ../core/db.h +emacs.o: ../core/group.h ../core/dircontainer.h ../core/ugcontainer.h +emacs.o: ../core/data.h ../core/dirs.h ../core/users.h ../core/groups.h +emacs.o: ../core/functions.h ../core/lastcontainer.h ../core/mounts.h +emacs.o: ../core/mount.h ../core/notify.h emacs.o: ../templatesnotify/templatesnotify.h ../core/mount.h ../core/misc.h last.o: content.h ../core/item.h ../templates/templates.h last.o: ../templates/patterncacher.h ../core/thread.h @@ -63,41 +66,43 @@ login.o: ../core/requesttypes.h ../core/session.h ../core/done.h login.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h login.o: ../core/rebus.h ../core/function.h ../core/thread.h login.o: ../core/compress.h ../core/acceptencodingparser.h -login.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/error.h -login.o: ../core/db.h ../core/group.h ../core/dircontainer.h -login.o: ../core/ugcontainer.h ../core/data.h ../core/dirs.h ../core/users.h -login.o: ../core/groups.h ../core/functions.h ../core/lastcontainer.h -login.o: ../core/mounts.h ../core/mount.h +login.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +login.o: ../core/postmultiparser.h ../core/error.h ../core/db.h +login.o: ../core/group.h ../core/dircontainer.h ../core/ugcontainer.h +login.o: ../core/data.h ../core/dirs.h ../core/users.h ../core/groups.h +login.o: ../core/functions.h ../core/lastcontainer.h ../core/mounts.h +login.o: ../core/mount.h logout.o: content.h ../core/item.h ../templates/templates.h logout.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h logout.o: ../core/requesttypes.h ../core/session.h ../core/done.h logout.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h logout.o: ../core/rebus.h ../core/function.h ../core/thread.h logout.o: ../core/compress.h ../core/acceptencodingparser.h -logout.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/data.h -logout.o: ../core/dirs.h ../core/dircontainer.h ../core/users.h -logout.o: ../core/ugcontainer.h ../core/groups.h ../core/group.h -logout.o: ../core/functions.h ../core/lastcontainer.h ../core/mounts.h -logout.o: ../core/mount.h +logout.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +logout.o: ../core/postmultiparser.h ../core/data.h ../core/dirs.h +logout.o: ../core/dircontainer.h ../core/users.h ../core/ugcontainer.h +logout.o: ../core/groups.h ../core/group.h ../core/functions.h +logout.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h ls.o: content.h ../core/item.h ../templates/templates.h ls.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h ls.o: ../core/requesttypes.h ../core/session.h ../core/done.h ../core/item.h ls.o: ../core/error.h ../core/log.h ../core/user.h ../core/rebus.h ls.o: ../core/function.h ../core/thread.h ../core/compress.h ls.o: ../core/acceptencodingparser.h ../core/acceptbaseparser.h -ls.o: ../core/htmlfilter.h ../core/db.h ../core/group.h -ls.o: ../core/dircontainer.h ../core/ugcontainer.h +ls.o: ../core/htmlfilter.h ../core/postmultiparser.h ../core/db.h +ls.o: ../core/group.h ../core/dircontainer.h ../core/ugcontainer.h mkdir.o: content.h ../core/item.h ../templates/templates.h mkdir.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h mkdir.o: ../core/requesttypes.h ../core/session.h ../core/done.h mkdir.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h mkdir.o: ../core/rebus.h ../core/function.h ../core/thread.h mkdir.o: ../core/compress.h ../core/acceptencodingparser.h -mkdir.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/error.h -mkdir.o: ../core/db.h ../core/group.h ../core/dircontainer.h -mkdir.o: ../core/ugcontainer.h ../core/data.h ../core/dirs.h ../core/users.h -mkdir.o: ../core/groups.h ../core/functions.h ../core/lastcontainer.h -mkdir.o: ../core/mounts.h ../core/mount.h ../core/notify.h +mkdir.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +mkdir.o: ../core/postmultiparser.h ../core/error.h ../core/db.h +mkdir.o: ../core/group.h ../core/dircontainer.h ../core/ugcontainer.h +mkdir.o: ../core/data.h ../core/dirs.h ../core/users.h ../core/groups.h +mkdir.o: ../core/functions.h ../core/lastcontainer.h ../core/mounts.h +mkdir.o: ../core/mount.h ../core/notify.h mkdir.o: ../templatesnotify/templatesnotify.h ../core/mount.h node.o: content.h ../core/item.h ../templates/templates.h node.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h @@ -106,51 +111,67 @@ node.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h node.o: ../core/rebus.h ../core/function.h ../core/thread.h node.o: ../core/compress.h ../core/acceptencodingparser.h node.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +node.o: ../core/postmultiparser.h priv.o: content.h ../core/item.h ../templates/templates.h priv.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h priv.o: ../core/requesttypes.h ../core/session.h ../core/done.h priv.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h priv.o: ../core/rebus.h ../core/function.h ../core/thread.h priv.o: ../core/compress.h ../core/acceptencodingparser.h -priv.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/error.h -priv.o: ../core/db.h ../core/group.h ../core/dircontainer.h -priv.o: ../core/ugcontainer.h ../core/data.h ../core/dirs.h ../core/users.h -priv.o: ../core/groups.h ../core/functions.h ../core/lastcontainer.h -priv.o: ../core/mounts.h ../core/mount.h +priv.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +priv.o: ../core/postmultiparser.h ../core/error.h ../core/db.h +priv.o: ../core/group.h ../core/dircontainer.h ../core/ugcontainer.h +priv.o: ../core/data.h ../core/dirs.h ../core/users.h ../core/groups.h +priv.o: ../core/functions.h ../core/lastcontainer.h ../core/mounts.h +priv.o: ../core/mount.h reload.o: content.h ../core/item.h ../templates/templates.h reload.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h reload.o: ../core/requesttypes.h ../core/session.h ../core/done.h reload.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h reload.o: ../core/rebus.h ../core/function.h ../core/thread.h reload.o: ../core/compress.h ../core/acceptencodingparser.h -reload.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/error.h +reload.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +reload.o: ../core/postmultiparser.h ../core/error.h rm.o: content.h ../core/item.h ../templates/templates.h rm.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h rm.o: ../core/requesttypes.h ../core/session.h ../core/done.h ../core/item.h rm.o: ../core/error.h ../core/log.h ../core/user.h ../core/rebus.h rm.o: ../core/function.h ../core/thread.h ../core/compress.h rm.o: ../core/acceptencodingparser.h ../core/acceptbaseparser.h -rm.o: ../core/htmlfilter.h ../core/error.h ../core/db.h ../core/group.h -rm.o: ../core/dircontainer.h ../core/ugcontainer.h ../core/data.h -rm.o: ../core/dirs.h ../core/users.h ../core/groups.h ../core/functions.h -rm.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h +rm.o: ../core/htmlfilter.h ../core/postmultiparser.h ../core/error.h +rm.o: ../core/db.h ../core/group.h ../core/dircontainer.h +rm.o: ../core/ugcontainer.h ../core/data.h ../core/dirs.h ../core/users.h +rm.o: ../core/groups.h ../core/functions.h ../core/lastcontainer.h +rm.o: ../core/mounts.h ../core/mount.h run.o: content.h ../core/item.h ../templates/templates.h run.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h run.o: ../core/requesttypes.h ../core/session.h ../core/done.h ../core/item.h run.o: ../core/error.h ../core/log.h ../core/user.h ../core/rebus.h run.o: ../core/function.h ../core/thread.h ../core/compress.h run.o: ../core/acceptencodingparser.h ../core/acceptbaseparser.h -run.o: ../core/htmlfilter.h ../core/error.h +run.o: ../core/htmlfilter.h ../core/postmultiparser.h ../core/error.h thread.o: content.h ../core/item.h ../templates/templates.h thread.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h thread.o: ../core/requesttypes.h ../core/session.h ../core/done.h thread.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h thread.o: ../core/rebus.h ../core/function.h ../core/thread.h thread.o: ../core/compress.h ../core/acceptencodingparser.h -thread.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/db.h -thread.o: ../core/group.h ../core/dircontainer.h ../core/ugcontainer.h -thread.o: ../core/data.h ../core/dirs.h ../core/users.h ../core/groups.h -thread.o: ../core/functions.h ../core/lastcontainer.h ../core/mounts.h -thread.o: ../core/mount.h ../core/mount.h +thread.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +thread.o: ../core/postmultiparser.h ../core/db.h ../core/group.h +thread.o: ../core/dircontainer.h ../core/ugcontainer.h ../core/data.h +thread.o: ../core/dirs.h ../core/users.h ../core/groups.h ../core/functions.h +thread.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h +thread.o: ../core/mount.h +upload.o: content.h ../core/item.h ../templates/templates.h +upload.o: ../templates/patterncacher.h ../core/thread.h ../core/request.h +upload.o: ../core/requesttypes.h ../core/session.h ../core/done.h +upload.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h +upload.o: ../core/rebus.h ../core/function.h ../core/thread.h +upload.o: ../core/compress.h ../core/acceptencodingparser.h +upload.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +upload.o: ../core/postmultiparser.h ../core/data.h ../core/dirs.h +upload.o: ../core/dircontainer.h ../core/users.h ../core/ugcontainer.h +upload.o: ../core/groups.h ../core/group.h ../core/functions.h +upload.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h who.o: content.h ../core/item.h ../templates/templates.h who.o: ../templates/patterncacher.h ../core/thread.h diff --git a/content/Makefile.o.dep b/content/Makefile.o.dep index 14e119f..ef6b2e9 100755 --- a/content/Makefile.o.dep +++ b/content/Makefile.o.dep @@ -1 +1 @@ -o = cat.o content.o createthread.o default.o emacs.o last.o login.o logout.o ls.o mkdir.o node.o priv.o reload.o rm.o run.o thread.o who.o +o = cat.o content.o createthread.o default.o emacs.o last.o login.o logout.o ls.o mkdir.o node.o priv.o reload.o rm.o run.o thread.o upload.o who.o diff --git a/content/content.cpp b/content/content.cpp index 226f1bb..7d7bb1f 100755 --- a/content/content.cpp +++ b/content/content.cpp @@ -181,6 +181,9 @@ void Content::MakeStandardFunction() else if( request.pfunction->code == FUN_CREATETHREAD ) FunCreateThread(); + else + if( request.pfunction->code == FUN_UPLOAD ) + FunUpload(); else request.status = Error::permision_denied; @@ -238,6 +241,10 @@ void Content::MakePost() PostFunCreateThread(); break; + case FUN_UPLOAD: + PostFunUpload(); + break; + default: log << log1 << "Content: unknown post function" << logend; break; @@ -464,3 +471,27 @@ void Content::CheckGetPostTimes(time_t difference) log << log1 << "Content: spam +1: POST after GET sent too fast" << logend; } + +/* +bool Content::CreateFile(const std::string & path, const std::string & content) +{ + std::ofstream file(path.c_str(), std::ios_base::binary | std::ios_base::out); + + if( !file ) + { + log << log1 << "Content: can't create file: " << path << logend; + return false; + } + + file << content; + + file.close(); + + // !! dodac sprawdzenie prawidlowosci zapisania pliku + +return true; +} +*/ + + + diff --git a/content/content.h b/content/content.h index b7ae7ad..b94ebf5 100755 --- a/content/content.h +++ b/content/content.h @@ -65,7 +65,8 @@ class Content static bool FunThreadSort(const Thread & t1, const Thread & t2); void FunThread(); void FunCreateThread(); - + void FunUpload(); + bool PostFunSetUrlSubject(); void PostFunLogin(); void PostFunEmacsAdd(); @@ -80,11 +81,13 @@ class Content bool FunCreateThreadCheckAccess(); bool FunCreateThreadCheckAbuse(); void PostFunCreateThread(); + void PostFunUpload(); void RedirectTo(const Item & item); void RedirectTo(long item_id); void CheckGetPostTimes(time_t difference = 10); +// bool CreateFile(const std::string & path, const std::string & content); public: diff --git a/content/mkdir.cpp b/content/mkdir.cpp index 5a43c51..55ffd0a 100755 --- a/content/mkdir.cpp +++ b/content/mkdir.cpp @@ -78,6 +78,7 @@ void Content::PostFunMkdir(bool add_to_dir_table, int mask) void Content::FunMkdir() { + // !! what about an item? (is_item) if( !request.CanUseMkdir(*request.dir_table.back()) ) { request.status = Error::permision_denied; diff --git a/content/upload.cpp b/content/upload.cpp new file mode 100755 index 0000000..2864cc9 --- /dev/null +++ b/content/upload.cpp @@ -0,0 +1,78 @@ +/* + * This file is a part of CMSLU -- Content Management System like Unix + * and is not publicly distributed + * + * Copyright (c) 2008-2009, Tomasz Sowa + * All rights reserved. + * + */ + +#include "content.h" +#include "../core/request.h" +#include "../core/data.h" +#include + + +void Content::FunUpload() +{ + if( request.is_item || !request.CanUseUpload(*request.dir_table.back()) ) + { + request.status = Error::permision_denied; + return; + } + + + if( data.mounts.CurrentMountType() != Mount::cms ) + { + request.status = Error::permision_denied; + return; + } +} + + +void Content::PostFunUpload() +{ + if( request.is_item || !request.CanUseUpload(*request.dir_table.back()) ) + { + request.status = Error::permision_denied; + return; + } + + if( data.mounts.CurrentMountType() != Mount::cms ) + { + request.status = Error::permision_denied; + return; + } + + if( request.post_file_table.empty() ) + { + request.status = Error::permision_denied; + return; + } + + // !! tutaj w zaleznosci od rozszerzenia dobrac odpowiedni static_auth + request.item.static_auth = Item::static_other; + + PostFunEmacs(); + + + if( request.session->done_status == Error::ok ) + { + std::string path; + + if( request.MakeDirsOnFS(path) ) + { + path += '/'; + path += request.item.url; + const std::string & tmp_filename = request.post_file_table.begin()->second.tmp_filename; + + if( rename(tmp_filename.c_str(), path.c_str()) < 0 ) + { + // !! skasowac takze plik z bazy danych + log << log1 << "Content: can't move the tmp file from: " << tmp_filename; + log << log1 << ", to: " << path << logend; + request.status = Error::permision_denied; + } + } + } +} diff --git a/core/Makefile.dep b/core/Makefile.dep index cdbb808..8c2af51 100755 --- a/core/Makefile.dep +++ b/core/Makefile.dep @@ -7,7 +7,7 @@ config.o: dircontainer.h users.h user.h ugcontainer.h groups.h group.h config.o: functions.h function.h lastcontainer.h mounts.h mount.h rebus.h config.o: plugin.h request.h requesttypes.h session.h done.h error.h thread.h config.o: compress.h acceptencodingparser.h acceptbaseparser.h htmlfilter.h -config.o: pluginmsg.h misc.h +config.o: postmultiparser.h pluginmsg.h misc.h data.o: data.h dirs.h item.h dircontainer.h users.h user.h ugcontainer.h data.o: log.h groups.h group.h functions.h function.h lastcontainer.h data.o: mounts.h mount.h rebus.h @@ -28,7 +28,7 @@ functionparser.o: dirs.h dircontainer.h users.h user.h ugcontainer.h groups.h functionparser.o: group.h functions.h function.h lastcontainer.h mounts.h functionparser.o: mount.h rebus.h db.h thread.h request.h session.h done.h functionparser.o: compress.h acceptencodingparser.h acceptbaseparser.h -functionparser.o: htmlfilter.h +functionparser.o: htmlfilter.h postmultiparser.h functions.o: functions.h function.h item.h groups.o: groups.h group.h ugcontainer.h log.h db.h item.h user.h thread.h groups.o: error.h dircontainer.h @@ -47,25 +47,32 @@ mounts.o: mounts.h mount.h data.h dirs.h item.h dircontainer.h users.h user.h mounts.o: ugcontainer.h log.h groups.h group.h functions.h function.h mounts.o: lastcontainer.h rebus.h request.h requesttypes.h session.h done.h mounts.o: error.h thread.h compress.h acceptencodingparser.h -mounts.o: acceptbaseparser.h htmlfilter.h mountparser.h db.h +mounts.o: acceptbaseparser.h htmlfilter.h postmultiparser.h mountparser.h +mounts.o: db.h notify.o: log.h notify.h ../templatesnotify/templatesnotify.h ../core/mount.h notify.o: data.h dirs.h item.h dircontainer.h users.h user.h ugcontainer.h notify.o: groups.h group.h functions.h function.h lastcontainer.h mounts.h notify.o: mount.h rebus.h misc.h request.h requesttypes.h session.h done.h notify.o: error.h thread.h compress.h acceptencodingparser.h -notify.o: acceptbaseparser.h htmlfilter.h +notify.o: acceptbaseparser.h htmlfilter.h postmultiparser.h plugin.o: plugin.h request.h requesttypes.h session.h done.h item.h error.h plugin.o: log.h user.h rebus.h function.h thread.h compress.h -plugin.o: acceptencodingparser.h acceptbaseparser.h htmlfilter.h data.h -plugin.o: dirs.h dircontainer.h users.h ugcontainer.h groups.h group.h -plugin.o: functions.h lastcontainer.h mounts.h mount.h pluginmsg.h +plugin.o: acceptencodingparser.h acceptbaseparser.h htmlfilter.h +plugin.o: postmultiparser.h data.h dirs.h dircontainer.h users.h +plugin.o: ugcontainer.h groups.h group.h functions.h lastcontainer.h mounts.h +plugin.o: mount.h pluginmsg.h +postmultiparser.o: postmultiparser.h error.h log.h requesttypes.h data.h +postmultiparser.o: dirs.h item.h dircontainer.h users.h user.h ugcontainer.h +postmultiparser.o: groups.h group.h functions.h function.h lastcontainer.h +postmultiparser.o: mounts.h mount.h rebus.h rebus.o: log.h rebus.h misc.h item.h request.o: request.h requesttypes.h session.h done.h item.h error.h log.h request.o: user.h rebus.h function.h thread.h compress.h -request.o: acceptencodingparser.h acceptbaseparser.h htmlfilter.h getparser.h -request.o: httpsimpleparser.h postparser.h cookieparser.h data.h dirs.h -request.o: dircontainer.h users.h ugcontainer.h groups.h group.h functions.h -request.o: lastcontainer.h mounts.h mount.h plugin.h pluginmsg.h misc.h +request.o: acceptencodingparser.h acceptbaseparser.h htmlfilter.h +request.o: postmultiparser.h getparser.h httpsimpleparser.h postparser.h +request.o: cookieparser.h data.h dirs.h dircontainer.h users.h ugcontainer.h +request.o: groups.h group.h functions.h lastcontainer.h mounts.h mount.h +request.o: plugin.h pluginmsg.h misc.h requestcontroller.o: requestcontroller.h ../content/content.h ../core/item.h requestcontroller.o: ../templates/templates.h ../templates/patterncacher.h requestcontroller.o: ../core/thread.h sessionmanager.h sessioncontainer.h @@ -74,8 +81,8 @@ requestcontroller.o: functionparser.h requesttypes.h data.h dirs.h requestcontroller.o: dircontainer.h users.h ugcontainer.h groups.h group.h requestcontroller.o: functions.h function.h lastcontainer.h mounts.h mount.h requestcontroller.o: request.h thread.h compress.h acceptencodingparser.h -requestcontroller.o: acceptbaseparser.h htmlfilter.h postparser.h -requestcontroller.o: httpsimpleparser.h cookieparser.h notify.h +requestcontroller.o: acceptbaseparser.h htmlfilter.h postmultiparser.h +requestcontroller.o: postparser.h httpsimpleparser.h cookieparser.h notify.h requestcontroller.o: ../templatesnotify/templatesnotify.h ../core/mount.h session.o: session.h done.h item.h error.h log.h user.h rebus.h sessioncontainer.o: sessioncontainer.h session.h done.h item.h error.h log.h @@ -85,9 +92,9 @@ sessioncontainer.o: lastcontainer.h mounts.h mount.h sessionmanager.o: sessionmanager.h sessioncontainer.h session.h done.h item.h sessionmanager.o: error.h log.h user.h rebus.h request.h requesttypes.h sessionmanager.o: function.h thread.h compress.h acceptencodingparser.h -sessionmanager.o: acceptbaseparser.h htmlfilter.h data.h dirs.h -sessionmanager.o: dircontainer.h users.h ugcontainer.h groups.h group.h -sessionmanager.o: functions.h lastcontainer.h mounts.h mount.h +sessionmanager.o: acceptbaseparser.h htmlfilter.h postmultiparser.h data.h +sessionmanager.o: dirs.h dircontainer.h users.h ugcontainer.h groups.h +sessionmanager.o: group.h functions.h lastcontainer.h mounts.h mount.h sessionmanager.o: sessionparser.h sessionparser.o: sessionparser.h session.h done.h item.h error.h log.h user.h sessionparser.o: rebus.h sessioncontainer.h data.h dirs.h dircontainer.h diff --git a/core/Makefile.o.dep b/core/Makefile.o.dep index 17bcbe6..7727852 100755 --- a/core/Makefile.o.dep +++ b/core/Makefile.o.dep @@ -1 +1 @@ -o = acceptbaseparser.o compress.o config.o data.o db.o db_itemcolumns.o dircontainer.o dirs.o done.o error.o function.o functioncodeparser.o functionparser.o functions.o groups.o htmlfilter.o httpsimpleparser.o lastcontainer.o log.o misc.o mount.o mountparser.o mounts.o notify.o plugin.o rebus.o request.o requestcontroller.o session.o sessioncontainer.o sessionmanager.o sessionparser.o users.o +o = acceptbaseparser.o compress.o config.o data.o db.o db_itemcolumns.o dircontainer.o dirs.o done.o error.o function.o functioncodeparser.o functionparser.o functions.o groups.o htmlfilter.o httpsimpleparser.o lastcontainer.o log.o misc.o mount.o mountparser.o mounts.o notify.o plugin.o postmultiparser.o rebus.o request.o requestcontroller.o session.o sessioncontainer.o sessionmanager.o sessionparser.o users.o diff --git a/core/config.cpp b/core/config.cpp index d246217..898e744 100755 --- a/core/config.cpp +++ b/core/config.cpp @@ -104,6 +104,8 @@ void Config::AssignValues() else data.log_stdout = false; + data.post_file_max = Int("post_file_max"); + data.templates = Text("templates"); data.default_index = Text("default_index"); data.http_session_id_name = Text("http_session_id_name"); diff --git a/core/data.h b/core/data.h index 43df456..ab7db38 100755 --- a/core/data.h +++ b/core/data.h @@ -109,6 +109,11 @@ public: // the url of a new empty item (if there is not the subject too) std::string item_url_empty; + // maximum length of a file send by post multipart form + // 0 - not used + int post_file_max; + + // below variables are based on the other config variables // base_url_prefix + base_server diff --git a/core/error.h b/core/error.h index 73339af..20617c5 100755 --- a/core/error.h +++ b/core/error.h @@ -54,6 +54,11 @@ public: spam, incorrect_rebus, + no_boundary, + broken_input, + input_too_large, + cant_create_file, + unknown = 1000 diff --git a/core/function.h b/core/function.h index 8b808b3..fab5a7c 100755 --- a/core/function.h +++ b/core/function.h @@ -31,6 +31,7 @@ #define FUN_CREATETHREAD 14 #define FUN_THREAD 15 #define FUN_RELOAD 16 +#define FUN_UPLOAD 17 @@ -40,31 +41,6 @@ class Function public: -/* - enum Code - { - none, - ls, - cat, - node, - emacs, - mkdir, - default, - priv, - rm, - login, - logout, - run, - who - }; - - - Code code; -*/ - /* - we do not use enum etc. because the code will be used with an application too - (application can set others values) - */ int code; Item item; diff --git a/core/functions.cpp b/core/functions.cpp index 016177d..690b5cf 100755 --- a/core/functions.cpp +++ b/core/functions.cpp @@ -96,6 +96,9 @@ void Functions::ReadFunctions() f.item.url = "thread"; table.insert( std::make_pair(f.item.url, f) ); + f.code = FUN_UPLOAD; + f.item.url = "upload"; + table.insert( std::make_pair(f.item.url, f) ); // functions which need more privileges diff --git a/core/postmultiparser.cpp b/core/postmultiparser.cpp new file mode 100755 index 0000000..075e1bd --- /dev/null +++ b/core/postmultiparser.cpp @@ -0,0 +1,550 @@ +/* + * This file is a part of CMSLU -- Content Management System like Unix + * and is not publicly distributed + * + * Copyright (c) 2008-2009, Tomasz Sowa + * All rights reserved. + * + */ + +#include "postmultiparser.h" +#include "log.h" +#include "data.h" + + +PostMultiParser::PostMultiParser() +{ + in_buffer = new unsigned char[CMSLU_POSTMULTI_INPUT_BUFFER]; +} + + +PostMultiParser::PostMultiParser(const PostMultiParser &) +{ + in_buffer = new unsigned char[CMSLU_POSTMULTI_INPUT_BUFFER]; +} + + + +PostMultiParser & PostMultiParser::operator=(const PostMultiParser &) +{ + in_buffer = new unsigned char[CMSLU_POSTMULTI_INPUT_BUFFER]; + +return *this; +} + + +PostMultiParser::~PostMultiParser() +{ + delete [] in_buffer; +} + + + +void PostMultiParser::ReadBoundary() +{ + boundary.clear(); + + while( last != -1 && last != 10 && last != 13 ) + { + boundary += last; + ReadChar(); + } + + if( last == 13 ) + { + ReadChar(); + line_end_dos = true; + } + + if( last == 10 ) + ReadChar(); +} + + +bool PostMultiParser::IsWhite(int c) +{ + if( c==' ' || c=='\t' || c==13 ) + return true; + +return false; +} + + +void PostMultiParser::SkipWhite() +{ + while( IsWhite(last) ) + ReadChar(); +} + + +bool PostMultiParser::IsHeader() +{ + SkipWhite(); + + if( last == 10 ) + { + ReadChar(); + return false; + } + +return true; +} + + + +void PostMultiParser::ReadHeaderName() +{ + SkipWhite(); + + while( last!=-1 && last!=':' && last!='=' && !IsWhite(last) && last!=10 ) + { + header_name += last; + ReadChar(); + } + + SkipWhite(); + + if( last != ':' && last != '=' ) + { + err = Error::broken_input; + return; + } + + ReadChar(); +} + + +void PostMultiParser::ReadHeaderValue() +{ +bool was_apost = false; + + SkipWhite(); + + if( last == '"' ) + { + was_apost = true; + ReadChar(); + } + + while( last!=-1 && last!=10 && + ((!was_apost && last!=';' && !IsWhite(last)) || (was_apost && last!='"'))) + { + header_value += last; + ReadChar(); + } + + if( was_apost ) + { + if( last != '"' ) + { + err = Error::broken_input; + return; + } + + ReadChar(); + } + + SkipWhite(); + + if( last != ';' && last != 10 ) + { + err = Error::broken_input; + return; + } + + ReadChar(); +} + + +void PostMultiParser::ReadPartHeader() +{ + header_name.clear(); + header_value.clear(); + + ReadHeaderName(); + + if( err != Error::ok ) + return; + + ReadHeaderValue(); + + if( err != Error::ok ) + return; + + log << "PMP: " << header_name << ": " << header_value << logend; + + if( header_name == "name" ) + name = header_value; + + if( header_name == "filename" ) + filename = header_value; + +} + + + +bool PostMultiParser::HasBoundary() +{ + if( content.size() < boundary.size() ) + return false; + + size_t c = content.size() - boundary.size(); + size_t b = 0; + + for( ; c to_log.size() ) + len = to_log.size(); + + log << log3 << "PMP: Content ("; + + if( len > 0 ) + log << "len: " << to_log.size() << ", first " << len << " bytes"; + else + log << "empty"; + + log << "): \""; + + for(i=0 ; i CMSLU_POSTMULTI_OUTPUT_BUFFER + boundary.size() + 2 ) // +2 for the new line character + { + tmp_file.write(content.c_str(), CMSLU_POSTMULTI_OUTPUT_BUFFER); + content_len += CMSLU_POSTMULTI_OUTPUT_BUFFER; + content.erase(0, CMSLU_POSTMULTI_OUTPUT_BUFFER); + } + + if( data.post_file_max != 0 && content_len > (size_t)data.post_file_max ) + { + err = Error::input_too_large; + log << log1 << "PMP: content greater than " << data.post_file_max << " (skipping)" << logend; + return; + } + } + + ReadContentSkipBoundary(has_boundary); + + // saving the rest + if( !content.empty() ) + { + tmp_file.write(content.c_str(), content.size()); + content_len += content.size(); + content.clear(); + } +} + + + + +void PostMultiParser::ReadContentToFile() +{ +time_t t1, t2; + + content.clear(); + content.reserve(CMSLU_POSTMULTI_OUTPUT_BUFFER + boundary.size()); + content_len = 0; + t1 = time(0); + + ReadContentToFileLoop(); + + tmp_file.close(); + log << log2 << "PMP: content size: " << content_len << " bytes" << logend; + + t2 = time(0); + + if( t2 - t1 > 1 ) + log << log2 << "PMP: content read in " << (t2-t1) << " sec" << logend; +} + + +void PostMultiParser::ReadContentLoop() +{ +bool has_boundary = false; + + + while( last!=-1 && !(has_boundary=HasBoundary()) ) + { + content += last; + content_len += 1; + ReadChar(); + + if( data.post_file_max != 0 && content_len > (size_t)data.post_file_max ) + { + err = Error::input_too_large; + log << log1 << "PMP: content greater than " << data.post_file_max << " (skipping)" << logend; + return; + } + } + + ReadContentSkipBoundary(has_boundary); +} + + +void PostMultiParser::ReadContent() +{ + content.clear(); + content_len = 0; + + ReadContentLoop(); + + log << log2 << "PMP: content size: " << content_len << " bytes" << logend; + LogFirst(content, 200); +} + + +void PostMultiParser::AddNormalPostVar() +{ + if( post_table->size() >= CMSLU_POSTTABLE_MAXSIZE ) + { + err = Error::input_too_large; + log << log1 << "PMP: more than " << CMSLU_POSTTABLE_MAXSIZE << " post variables (skipping)" << logend; + return; + } + + std::pair res = post_table->insert( std::make_pair(name, content) ); + bool added = res.second; + + log << log2 << "PMP: POST var, name: \"" << name << "\""; + + if( !added ) + log << log2 << " (skipped)"; + + log << logend; +} + + +void PostMultiParser::AddFilePostVar() +{ + if( post_file_table->size() >= CMSLU_POSTTABLE_MAXSIZE ) + { + err = Error::input_too_large; + log << log1 << "PMP: more than " << CMSLU_POSTTABLE_MAXSIZE << " post file variables (skipping)" << logend; + return; + } + + post_file_temp.filename = filename; + post_file_temp.tmp_filename = tmp_filename; + std::pair res = post_file_table->insert( std::make_pair(name, post_file_temp) ); + bool added = res.second; + + log << log2 << "PMP: POST FILE var, name: \"" << name << "\""; + + if( !added ) + log << log2 << " (skipped)"; + + log << logend; +} + + +void PostMultiParser::AddPostVar() +{ + if( name.empty() ) + return; + + + if( filename.empty() ) + { + AddNormalPostVar(); + } + else + { + AddFilePostVar(); + } +} + + + +void PostMultiParser::CheckBoundaryEnd() +{ + if( last == '-' ) + { + ReadChar(); + + if( last != '-' ) + { + err = Error::broken_input; + return; + } + + // end of parsing + // the rest input (if exists) is ignored + last = -1; + } + + // skipping a new line after the boundary + if( last == 13 ) + ReadChar(); + + if( last == 10 ) + ReadChar(); +} + + +void PostMultiParser::CreateTmpFile() +{ +char buf[100]; + + sprintf(buf, "/tmp/cmslu_%u_%d_%u", (unsigned)getpid(), tmp_filename_postfix, rand()); + tmp_filename_postfix += 1; + + tmp_file.open(buf, std::ios_base::binary | std::ios_base::out); + tmp_filename = buf; + + if( !tmp_file ) + { + log << log1 << "PMP: can't create a temporary file: " << tmp_filename << logend; + err = Error::cant_create_file; + return; + } + + log << log3 << "PMP: using temporary file for the content: " << tmp_filename << logend; +} + + +void PostMultiParser::ReadPart() +{ + name.clear(); + filename.clear(); + + while( IsHeader() ) + ReadPartHeader(); + + if( err != Error::ok ) + return; + + if( !filename.empty() ) + CreateTmpFile(); + + if( err != Error::ok ) + return; + + if( !filename.empty() ) + ReadContentToFile(); + else + ReadContent(); + + if( err == Error::ok ) + { + AddPostVar(); + CheckBoundaryEnd(); + } + + if( err != Error::ok && !filename.empty() ) + { + log << log1 << "PMP: deleting the tmp file: " << tmp_filename << logend; + unlink(tmp_filename.c_str()); + } +} + + +void PostMultiParser::ReadChar() +{ + if( last == -1 ) + return; + + if( in_buffer_ind >= in_buffer_len ) + { + if( in_buffer_len < CMSLU_POSTMULTI_INPUT_BUFFER ) + { + last = -1; + return; + } + + in_buffer_len = FCGX_GetStr((char*)in_buffer, CMSLU_POSTMULTI_INPUT_BUFFER, in); + in_buffer_ind = 0; + } + + if( in_buffer_len == 0 ) + { + last = -1; + } + else + { + last = in_buffer[in_buffer_ind]; + in_buffer_ind += 1; + } +} + + + +Error PostMultiParser::Parse(FCGX_Stream * in_, PostTable & post_table_, PostFileTable & post_file_table_) +{ + in = in_; + last = 0; + err = Error::ok; + line_end_dos = false; + in_buffer_ind = CMSLU_POSTMULTI_INPUT_BUFFER; + in_buffer_len = CMSLU_POSTMULTI_INPUT_BUFFER; + post_table = &post_table_; + post_file_table = &post_file_table_; + tmp_filename_postfix = 1; + + ReadChar(); + ReadBoundary(); + + if( boundary.empty() ) + return Error::no_boundary; + + while( last!=-1 && err == Error::ok ) + ReadPart(); + + if( err != Error::ok ) + { + post_table->clear(); + post_file_table->clear(); + + if( err != Error::input_too_large ) + log << log1 << "PMP: syntax error" << logend; + } + +return err; +} diff --git a/core/postmultiparser.h b/core/postmultiparser.h new file mode 100755 index 0000000..468469c --- /dev/null +++ b/core/postmultiparser.h @@ -0,0 +1,93 @@ +/* + * This file is a part of CMSLU -- Content Management System like Unix + * and is not publicly distributed + * + * Copyright (c) 2008-2009, Tomasz Sowa + * All rights reserved. + * + */ + +#ifndef headerfilecmslucorepostmultiparser +#define headerfilecmslucorepostmultiparser + +#include +#include +#include +#include "error.h" +#include "requesttypes.h" + +// 2 MB +#define CMSLU_POSTMULTI_INPUT_BUFFER 2097152 +#define CMSLU_POSTMULTI_OUTPUT_BUFFER 2097152 + + +class PostMultiParser +{ + +public: + + PostMultiParser(); + PostMultiParser(const PostMultiParser &); + PostMultiParser & operator=(const PostMultiParser &); + ~PostMultiParser(); + + Error Parse(FCGX_Stream * in_, PostTable & post_table_, PostFileTable & post_file_table_); + +private: + + FCGX_Stream * in; + unsigned char * in_buffer; + std::ofstream tmp_file; + std::string tmp_filename; + int tmp_filename_postfix; + size_t in_buffer_ind; + size_t in_buffer_len; + + PostTable * post_table; + PostFileTable * post_file_table; + + int last; // last read character + + bool line_end_dos; + std::string boundary; + std::string content; + size_t content_len; + + std::string header_name, header_value; + Error err; + + std::string name, filename; + PostFile post_file_temp; + + void LogFirst(const std::string & to_log, size_t len); + + bool IsWhite(int c); + void SkipWhite(); + + void AddNormalPostVar(); + void AddFilePostVar(); + void AddPostVar(); + + void ReadBoundary(); + + bool IsHeader(); + void ReadHeaderName(); + void ReadHeaderValue(); + void ReadPartHeader(); + + void CreateTmpFile(); + bool HasBoundary(); + void ReadContentSkipBoundary(bool has_boundary); + void ReadContentToFileLoop(); + void ReadContentToFile(); + void ReadContentLoop(); + void ReadContent(); + void CheckBoundaryEnd(); + void ReadPart(); + + void ReadChar(); + +}; + + +#endif diff --git a/core/request.cpp b/core/request.cpp index 70b7684..afaa0a8 100755 --- a/core/request.cpp +++ b/core/request.cpp @@ -8,6 +8,8 @@ */ #include +#include +#include #include "request.h" #include "getparser.h" #include "postparser.h" @@ -31,6 +33,21 @@ void Request::Init() } +void Request::ClearPostFileTmp() +{ + // deleting temporary files (if exists) + + while( !post_file_table.empty() ) + { + const std::string & tmp_filename = post_file_table.begin()->second.tmp_filename; + + if( unlink(tmp_filename.c_str()) == 0 ) + log << log3 << "Request: deleted tmp file: " << tmp_filename << logend; + + post_file_table.erase(post_file_table.begin()); + } +} + void Request::Clear() { @@ -39,9 +56,10 @@ void Request::Clear() // id is never 0 if( ++id == 0 ) ++id; - + get_table.clear(); post_table.clear(); + post_file_table.clear(); cookie_table.clear(); method = none; @@ -60,7 +78,9 @@ void Request::Clear() env_http_user_agent = &char_empty; env_http_accept_encoding = &char_empty; env_fcgi_role = &char_empty; - + env_content_type = &char_empty; + + session = 0; item_table.clear(); @@ -241,6 +261,7 @@ void Request::ReadEnvVariables() env_http_user_agent = SetEnvVar("HTTP_USER_AGENT"); env_http_accept_encoding = SetEnvVar("HTTP_ACCEPT_ENCODING"); env_fcgi_role = SetEnvVar("FCGI_ROLE"); + env_content_type = SetEnvVar("CONTENT_TYPE"); } @@ -255,6 +276,8 @@ void Request::CheckIE() browser_msie = false; } + + void Request::CheckKonqueror() { char * kon = strstr(env_http_user_agent, "Konqueror"); @@ -300,13 +323,24 @@ return true; void Request::ReadParameters() { + // !! wrzucic jako skladowa klasy GetParser get_parser(env_request_uri, get_table); get_parser.Parse(); if( method == post ) { - PostParser post_parser(in, post_table); - post_parser.Parse(); + if( IsSubStringNoCase("multipart/form-data", env_content_type) ) + { + log << log3 << "Request: post content type: multipart/form-data" << logend; + + post_multi_parser.Parse(in, post_table, post_file_table); + } + else + { + // !! wrzucic jako skladowa klasy + PostParser post_parser(in, post_table); + post_parser.Parse(); + } } CookieParser cookie_parser(env_http_cookie, cookie_table); @@ -739,6 +773,23 @@ return true; } +bool Request::CanUseUpload(const Item & item, bool check_root) +{ + // you can use 'upload' only in a directory + if( item.type != Item::dir ) + return false; + + if( !check_root && request.session->puser && request.session->puser->super_user ) + // super user can use mkdir everywhere + return true; + + if( !request.HasWriteAccess(item) ) + return false; + +return true; +} + + bool Request::CanUseHtml(long user_id) { User * puser = data.users.GetUser(user_id); @@ -787,3 +838,24 @@ return false; } +bool Request::MakeDirsOnFS(std::string & path) +{ + size_t i; + path = "/home/tomek/roboczy/slimaczek.pl/static_auth"; // !! dodac do konfiga + + // skipping the first - the first is root + for(i=1 ; iurl; + + if( mkdir(path.c_str(), 0750) < 0 ) + { + // oops + log << log1 << "Request: can't create the directory on fs: " << path << logend; + return false; + } + } + +return true; +} diff --git a/core/request.h b/core/request.h index 0ad32cd..478e2bb 100755 --- a/core/request.h +++ b/core/request.h @@ -24,7 +24,7 @@ #include "compress.h" #include "acceptencodingparser.h" #include "htmlfilter.h" - +#include "postmultiparser.h" struct Request @@ -48,9 +48,10 @@ struct Request std::ostringstream headers, page, debug, notify; - GetTable get_table; - PostTable post_table; - CookieTable cookie_table; + GetTable get_table; + PostTable post_table; + PostFileTable post_file_table; + CookieTable cookie_table; // environment variables // they are not null -- when the server doesn't have such a variable @@ -63,6 +64,7 @@ struct Request const char * env_http_user_agent; const char * env_http_accept_encoding; const char * env_fcgi_role; + const char * env_content_type; // true if the browser is Microsoft Internet Explorer bool browser_msie; @@ -111,6 +113,7 @@ struct Request void PrintIn(); Request(); + void ClearPostFileTmp(); void Clear(); void Init(); @@ -146,10 +149,13 @@ struct Request bool CanRemove(const Item & item); bool CanUseEmacs(const Item & item, bool check_root = false); bool CanUseMkdir(const Item & item, bool check_root = false); - + bool CanUseUpload(const Item & item, bool check_root = false); + bool CanUseHtml(long user_id); bool CanUseBBCode(long user_id); + bool MakeDirsOnFS(std::string & path); + private: enum Header @@ -171,6 +177,9 @@ private: // it contains '\0' const char char_empty; + + PostMultiParser post_multi_parser; + const char * SetEnvVar(const char * var); void StandardLog(); @@ -178,6 +187,7 @@ private: AcceptEncodingParser accept_encoding_parser; HTMLFilter html_filter; + // html after filtering std::string clean_html; diff --git a/core/requestcontroller.cpp b/core/requestcontroller.cpp index 135995e..08d8425 100755 --- a/core/requestcontroller.cpp +++ b/core/requestcontroller.cpp @@ -229,6 +229,8 @@ void RequestController::Loop() FCGX_Finish(); return; } + + request.ClearPostFileTmp(); } } diff --git a/core/requesttypes.h b/core/requesttypes.h index f682d69..b2162e4 100755 --- a/core/requesttypes.h +++ b/core/requesttypes.h @@ -15,9 +15,19 @@ #include +#define CMSLU_POSTTABLE_MAXSIZE 20 + + +struct PostFile +{ + std::string filename; // original file name + std::string tmp_filename; // file with content (in /tmp) +}; + // some global types used by Request class -typedef std::vector GetTable; +typedef std::vector GetTable; typedef std::map PostTable; +typedef std::map PostFileTable; typedef std::map CookieTable; diff --git a/main/Makefile.dep b/main/Makefile.dep index b37814a..747c383 100755 --- a/main/Makefile.dep +++ b/main/Makefile.dep @@ -11,7 +11,8 @@ main.o: ../core/groups.h ../core/group.h ../core/functions.h main.o: ../core/function.h ../core/lastcontainer.h ../core/mounts.h main.o: ../core/mount.h ../core/log.h ../core/request.h ../core/thread.h main.o: ../core/compress.h ../core/acceptencodingparser.h -main.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/db.h -main.o: ../core/config.h ../confparser/confparser.h ../core/notify.h +main.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +main.o: ../core/postmultiparser.h ../core/db.h ../core/config.h +main.o: ../confparser/confparser.h ../core/notify.h main.o: ../templatesnotify/templatesnotify.h ../core/mount.h ../core/plugin.h main.o: ../core/request.h ../core/data.h ../core/pluginmsg.h diff --git a/templates/Makefile.dep b/templates/Makefile.dep index 20da302..471f6c2 100755 --- a/templates/Makefile.dep +++ b/templates/Makefile.dep @@ -5,11 +5,11 @@ dir.o: ../core/requesttypes.h ../core/session.h ../core/done.h ../core/item.h dir.o: ../core/error.h ../core/log.h ../core/user.h ../core/rebus.h dir.o: ../core/function.h ../core/thread.h ../core/compress.h dir.o: ../core/acceptencodingparser.h ../core/acceptbaseparser.h -dir.o: ../core/htmlfilter.h ../core/data.h ../core/dirs.h -dir.o: ../core/dircontainer.h ../core/users.h ../core/ugcontainer.h -dir.o: ../core/groups.h ../core/group.h ../core/functions.h -dir.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h ../core/db.h -dir.o: ../core/log.h ../core/misc.h +dir.o: ../core/htmlfilter.h ../core/postmultiparser.h ../core/data.h +dir.o: ../core/dirs.h ../core/dircontainer.h ../core/users.h +dir.o: ../core/ugcontainer.h ../core/groups.h ../core/group.h +dir.o: ../core/functions.h ../core/lastcontainer.h ../core/mounts.h +dir.o: ../core/mount.h ../core/db.h ../core/log.h ../core/misc.h doc.o: templates.h patterncacher.h ../core/item.h ../core/data.h doc.o: ../core/dirs.h ../core/item.h ../core/dircontainer.h ../core/users.h doc.o: ../core/user.h ../core/ugcontainer.h ../core/log.h ../core/groups.h @@ -18,13 +18,15 @@ doc.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h doc.o: ../core/rebus.h ../core/request.h ../core/requesttypes.h doc.o: ../core/session.h ../core/done.h ../core/error.h ../core/thread.h doc.o: ../core/compress.h ../core/acceptencodingparser.h -doc.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/misc.h +doc.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +doc.o: ../core/postmultiparser.h ../core/misc.h done.o: templates.h patterncacher.h ../core/item.h ../core/request.h done.o: ../core/requesttypes.h ../core/session.h ../core/done.h done.o: ../core/item.h ../core/error.h ../core/log.h ../core/user.h done.o: ../core/rebus.h ../core/function.h ../core/thread.h done.o: ../core/compress.h ../core/acceptencodingparser.h -done.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/misc.h +done.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +done.o: ../core/postmultiparser.h ../core/misc.h item.o: templates.h patterncacher.h ../core/item.h ../core/data.h item.o: ../core/dirs.h ../core/item.h ../core/dircontainer.h ../core/users.h item.o: ../core/user.h ../core/ugcontainer.h ../core/log.h ../core/groups.h @@ -33,7 +35,8 @@ item.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h item.o: ../core/rebus.h ../core/request.h ../core/requesttypes.h item.o: ../core/session.h ../core/done.h ../core/error.h ../core/thread.h item.o: ../core/compress.h ../core/acceptencodingparser.h -item.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/misc.h +item.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +item.o: ../core/postmultiparser.h ../core/misc.h last.o: templates.h patterncacher.h ../core/item.h ../core/lastcontainer.h last.o: ../core/data.h ../core/dirs.h ../core/item.h ../core/dircontainer.h last.o: ../core/users.h ../core/user.h ../core/ugcontainer.h ../core/log.h @@ -43,7 +46,7 @@ last.o: ../core/mount.h ../core/rebus.h ../core/request.h last.o: ../core/requesttypes.h ../core/session.h ../core/done.h last.o: ../core/error.h ../core/thread.h ../core/compress.h last.o: ../core/acceptencodingparser.h ../core/acceptbaseparser.h -last.o: ../core/htmlfilter.h ../core/misc.h +last.o: ../core/htmlfilter.h ../core/postmultiparser.h ../core/misc.h mount.o: templates.h patterncacher.h ../core/item.h ../core/data.h mount.o: ../core/dirs.h ../core/item.h ../core/dircontainer.h ../core/users.h mount.o: ../core/user.h ../core/ugcontainer.h ../core/log.h ../core/groups.h @@ -64,16 +67,18 @@ priv.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h priv.o: ../core/rebus.h ../core/request.h ../core/requesttypes.h priv.o: ../core/session.h ../core/done.h ../core/error.h ../core/thread.h priv.o: ../core/compress.h ../core/acceptencodingparser.h -priv.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/misc.h +priv.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +priv.o: ../core/postmultiparser.h ../core/misc.h rebus.o: ../core/request.h ../core/requesttypes.h ../core/session.h rebus.o: ../core/done.h ../core/item.h ../core/error.h ../core/log.h rebus.o: ../core/user.h ../core/rebus.h ../core/function.h ../core/thread.h rebus.o: ../core/compress.h ../core/acceptencodingparser.h -rebus.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/data.h -rebus.o: ../core/dirs.h ../core/dircontainer.h ../core/users.h -rebus.o: ../core/ugcontainer.h ../core/groups.h ../core/group.h -rebus.o: ../core/functions.h ../core/lastcontainer.h ../core/mounts.h -rebus.o: ../core/mount.h templates.h patterncacher.h ../core/item.h +rebus.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +rebus.o: ../core/postmultiparser.h ../core/data.h ../core/dirs.h +rebus.o: ../core/dircontainer.h ../core/users.h ../core/ugcontainer.h +rebus.o: ../core/groups.h ../core/group.h ../core/functions.h +rebus.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h templates.h +rebus.o: patterncacher.h ../core/item.h sys.o: templates.h patterncacher.h ../core/item.h ../core/data.h sys.o: ../core/dirs.h ../core/item.h ../core/dircontainer.h ../core/users.h sys.o: ../core/user.h ../core/ugcontainer.h ../core/log.h ../core/groups.h @@ -82,7 +87,8 @@ sys.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h sys.o: ../core/rebus.h ../core/request.h ../core/requesttypes.h sys.o: ../core/session.h ../core/done.h ../core/error.h ../core/thread.h sys.o: ../core/compress.h ../core/acceptencodingparser.h -sys.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/misc.h +sys.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +sys.o: ../core/postmultiparser.h ../core/misc.h templates.o: templates.h patterncacher.h ../core/item.h ../core/data.h templates.o: ../core/dirs.h ../core/item.h ../core/dircontainer.h templates.o: ../core/users.h ../core/user.h ../core/ugcontainer.h @@ -92,9 +98,9 @@ templates.o: ../core/mounts.h ../core/mount.h ../core/rebus.h templates.o: ../core/request.h ../core/requesttypes.h ../core/session.h templates.o: ../core/done.h ../core/error.h ../core/thread.h templates.o: ../core/compress.h ../core/acceptencodingparser.h -templates.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/misc.h -templates.o: ../core/plugin.h ../core/request.h ../core/data.h -templates.o: ../core/pluginmsg.h +templates.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +templates.o: ../core/postmultiparser.h ../core/misc.h ../core/plugin.h +templates.o: ../core/request.h ../core/data.h ../core/pluginmsg.h thread.o: templates.h patterncacher.h ../core/item.h ../core/data.h thread.o: ../core/dirs.h ../core/item.h ../core/dircontainer.h thread.o: ../core/users.h ../core/user.h ../core/ugcontainer.h ../core/log.h @@ -104,7 +110,7 @@ thread.o: ../core/mount.h ../core/rebus.h ../core/request.h thread.o: ../core/requesttypes.h ../core/session.h ../core/done.h thread.o: ../core/error.h ../core/thread.h ../core/compress.h thread.o: ../core/acceptencodingparser.h ../core/acceptbaseparser.h -thread.o: ../core/htmlfilter.h ../core/misc.h +thread.o: ../core/htmlfilter.h ../core/postmultiparser.h ../core/misc.h user.o: templates.h patterncacher.h ../core/item.h ../core/data.h user.o: ../core/dirs.h ../core/item.h ../core/dircontainer.h ../core/users.h user.o: ../core/user.h ../core/ugcontainer.h ../core/log.h ../core/groups.h @@ -113,7 +119,8 @@ user.o: ../core/lastcontainer.h ../core/mounts.h ../core/mount.h user.o: ../core/rebus.h ../core/request.h ../core/requesttypes.h user.o: ../core/session.h ../core/done.h ../core/error.h ../core/thread.h user.o: ../core/compress.h ../core/acceptencodingparser.h -user.o: ../core/acceptbaseparser.h ../core/htmlfilter.h ../core/misc.h +user.o: ../core/acceptbaseparser.h ../core/htmlfilter.h +user.o: ../core/postmultiparser.h ../core/misc.h who.o: templates.h patterncacher.h ../core/item.h ../core/sessioncontainer.h who.o: ../core/session.h ../core/done.h ../core/item.h ../core/error.h who.o: ../core/log.h ../core/user.h ../core/rebus.h @@ -126,4 +133,4 @@ who.o: ../core/groups.h ../core/group.h ../core/functions.h who.o: ../core/function.h ../core/lastcontainer.h ../core/mounts.h who.o: ../core/mount.h ../core/request.h ../core/thread.h ../core/compress.h who.o: ../core/acceptencodingparser.h ../core/acceptbaseparser.h -who.o: ../core/htmlfilter.h ../core/misc.h +who.o: ../core/htmlfilter.h ../core/postmultiparser.h ../core/misc.h diff --git a/templates/templates.cpp b/templates/templates.cpp index 5608c26..3a4ed4f 100755 --- a/templates/templates.cpp +++ b/templates/templates.cpp @@ -30,6 +30,7 @@ Ezc::Pattern pat_fun_last; Ezc::Pattern pat_fun_thread; Ezc::Pattern pat_fun_reload; Ezc::Pattern pat_fun_createthread; +Ezc::Pattern pat_fun_upload; Ezc::Pattern pat_err_item_required; Ezc::Pattern pat_err_404; Ezc::Pattern pat_err_per_denied; @@ -119,6 +120,10 @@ Ezc::Pattern * p = 0; p = &pat_fun_createthread; break; + case FUN_UPLOAD: + p = &pat_fun_upload; + break; + default: break; } @@ -474,6 +479,8 @@ void Templates::ReadTemplates() pat_fun_reload.Directory(data.templates); pat_fun_reload.ParseFile("fun_reload.html"); + pat_fun_upload.Directory(data.templates); + pat_fun_upload.ParseFile("fun_upload.html"); }