%s : %s

From 8151cf64d84122f8148598f7f64b458b69656fd2 Mon Sep 17 00:00:00 2001 From: tenox7 Date: Sat, 7 Jul 2018 23:40:41 -0700 Subject: cfg options moved to a struct --- dialogs.c | 42 ++++++------ dir.c | 144 +++++++++++++++++++-------------------- fileio.c | 24 +++---- wfm.c | 230 ++++++++++++++++++++++++++++++++------------------------------ wfm.h | 45 ++++++------ 5 files changed, 247 insertions(+), 238 deletions(-) diff --git a/dialogs.c b/dialogs.c index 9afe7d4..763e707 100644 --- a/dialogs.c +++ b/dialogs.c @@ -73,7 +73,7 @@ void multiprompt_ui(char *m_action) { if(strcmp(m_action, "move")==0) { fprintf(cgiOut, "

Source: %s

Destination: \n" " \n" - " \n" + " \n" " \n" " \n" "
\n" " \n" "\n\n" "\n" - "\n\n", m_action, virt_dirname, token); + "\n\n", m_action, virt_dirname, rt.token); cgiStringArrayFree(responses); @@ -129,7 +129,7 @@ void singleprompt_ui(char *m_action) { " %s\n" " \n" "
\n", - (js) ? "ONLOAD=\"document.wfm.inp1.focus();\"" : "", cgiScriptName, M_action); + (rt.js) ? "ONLOAD=\"document.wfm.inp1.focus();\"" : "", cgiScriptName, M_action); if(strcmp(m_action, "move")==0) @@ -156,14 +156,14 @@ void singleprompt_ui(char *m_action) { "

\n" " \n" " \n" - " \n" + " \n" " \n" " \n" "
\n" " \n" "\n\n" "\n" - "\n\n", m_action, virt_dirname, token); + "\n\n", m_action, virt_dirname, rt.token); } @@ -210,12 +210,12 @@ void error(char *msg, ...) { "\n\n" " \n" "\n" "\n\n", - buff, cgiScriptName, virt_dirname, token); + buff, cgiScriptName, virt_dirname, rt.token); } else { cgiHeaderContentType("text/plain"); @@ -282,19 +282,19 @@ void about(void) { "\n\n" " \n" "\n" "\n\n", - ICONSURL, TAGLINE, VERSION, __DATE__, __TIME__, __VERSION__, cgiServerSoftware, cgiUserAgent, NAME_MAX, js, + rt.iconsurl, cfg.tagline, VERSION, __DATE__, __TIME__, __VERSION__, cgiServerSoftware, cgiUserAgent, NAME_MAX, rt.js, #ifdef WFMGIT "Git" #else "None" #endif , (repo_check()) ? "No Repo Present" : "Repo OK", - cgiScriptName, virt_dirname, token); + cgiScriptName, virt_dirname, rt.token); } @@ -306,14 +306,14 @@ void login_ui(void) { cgiHeaderContentType("text/html"); html_title("Login"); - if(js>=2) fputs( + if(rt.js>=2) fputs( "\n", cgiOut); fputs("\n", cgiOut); - if(js>=2) + if(rt.js>=2) fputs("\n", cgiOut); else fputs("\n", cgiOut); @@ -337,8 +337,8 @@ void login_ui(void) { " =2) fprintf(cgiOut, - "onClick=\"self.location='%s?directory=%s&login=client&token=' + hex_md5('%s:' + hex_md5(document.wfm.username.value + ':' + document.wfm.password.value)); return false;\"", + if(rt.js>=2) fprintf(cgiOut, + "onClick=\"self.location='%s?directory=%s&login=client&rt.token=' + hex_md5('%s:' + hex_md5(document.wfm.username.value + ':' + document.wfm.password.value)); return false;\"", cgiScriptName, virt_dirname_urlencoded, cgiRemoteAddr); fputs( @@ -398,7 +398,7 @@ void edit_ui(void) { cgiHeaderContentType("text/html"); html_title("Editor"); - if (js) fprintf(cgiOut, + if (rt.js) fprintf(cgiOut, "\n"); @@ -177,7 +177,7 @@ void dirlist(void) { "\n" "\n" "

\n", - FONT_SIZE, FONT_SIZE, ICONSURL, FAVICON, cgiScriptName, (js>=2) ? "onsubmit=\"start()\"" : ""); + FONT_SIZE, FONT_SIZE, rt.iconsurl, cfg.favicon, cgiScriptName, (rt.js>=2) ? "onsubmit=\"start()\"" : ""); @@ -193,21 +193,21 @@ void dirlist(void) { " $\"WFM\"$ \n" "%s : %c%s \n" "\n", - ICONSURL, FAVICON, TAGLINE, (strlen(virt_dirname)>0) ? ' ' : '/', virt_dirname + rt.iconsurl, cfg.favicon, cfg.tagline, (strlen(virt_dirname)>0) ? ' ' : '/', virt_dirname ); // lock / unlock - if(!access_as_user && users_defined) + if(!rt.access_as_user && cfg.users_defined) fprintf(cgiOut, "" " $\"Access\"$ %s\n", - cgiScriptName, virt_dirname_urlencoded, ICONSURL, access_string[access_level], access_string[access_level]); + cgiScriptName, virt_dirname_urlencoded, rt.iconsurl, access_string[rt.access_level], access_string[rt.access_level]); else fprintf(cgiOut, " $\"Access\"$ " " %s $\"User\"$ %s \n", - cgiScriptName, virt_dirname_urlencoded, ICONSURL, access_string[access_level], access_string[access_level], ICONSURL, loggedinuser); + cgiScriptName, virt_dirname_urlencoded, rt.iconsurl, access_string[rt.access_level], access_string[rt.access_level], rt.iconsurl, rt.loggedinuser); // about / version fprintf(cgiOut, @@ -216,7 +216,7 @@ void dirlist(void) { "\n"\ "\n"\ "\n", - ICONSURL, cgiRemoteAddr, cgiScriptName, virt_dirname_urlencoded, token, ICONSURL, VERSION); + rt.iconsurl, cgiRemoteAddr, cgiScriptName, virt_dirname_urlencoded, rt.token, rt.iconsurl, VERSION); @@ -233,7 +233,7 @@ void dirlist(void) { " $\"Dir$ Up" "\n" "\n", - cgiScriptName, sortby, virt_parent_urlencoded, token, ICONSURL); + cgiScriptName, sortby, virt_parent_urlencoded, rt.token, rt.iconsurl); fprintf(cgiOut, "\n" @@ -242,7 +242,7 @@ void dirlist(void) { " $\"Home\"$ Home" "\n" "\n", - cgiScriptName, sortby, token, ICONSURL); + cgiScriptName, sortby, rt.token, rt.iconsurl); fprintf(cgiOut, "\n" @@ -251,7 +251,7 @@ void dirlist(void) { " $\"Reload\"$ Refresh" "\n" "\n", - cgiScriptName, sortby, virt_dirname_urlencoded, token, ICONSURL); + cgiScriptName, sortby, virt_dirname_urlencoded, rt.token, rt.iconsurl); fprintf(cgiOut, "\n"\ @@ -259,7 +259,7 @@ void dirlist(void) { "\n" "\n" "\n", - ICONSURL, (js) ? "onMouseOver=\"this.className='hovin';\" onMouseOut=\"this.className='hovout';\"" : ""); + rt.iconsurl, (rt.js) ? "onMouseOver=\"this.className='hovin';\" onMouseOut=\"this.className='hovout';\"" : ""); fprintf(cgiOut, "\n" @@ -267,7 +267,7 @@ void dirlist(void) { "\n" "\n" "\n", - ICONSURL, (js) ? "onMouseOver=\"this.className='hovin';\" onMouseOut=\"this.className='hovout';\"" : ""); + rt.iconsurl, (rt.js) ? "onMouseOver=\"this.className='hovin';\" onMouseOut=\"this.className='hovout';\"" : ""); fprintf(cgiOut, "\n" @@ -276,7 +276,7 @@ void dirlist(void) { " $\"New$ New Folder\n" "\n" "\n", - cgiScriptName, virt_dirname_urlencoded, token, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, rt.token, rt.iconsurl); fprintf(cgiOut, @@ -286,7 +286,7 @@ void dirlist(void) { " $\"New$ New File" "\n" "\n", - cgiScriptName, virt_dirname_urlencoded, token, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, rt.token, rt.iconsurl); @@ -301,39 +301,39 @@ void dirlist(void) { "\n" "\n" "\n", - virt_dirname, token, upload_id, (access_level==PERM_RW) ? " " : "DISABLED"); + virt_dirname, rt.token, upload_id, (rt.access_level==PERM_RW) ? " " : "DISABLED"); // // SORT BY // if(strcmp(sortby, "size")==0) { - snprintf(namepfx, 1024, " Filename", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(sizepfx, 1024, " Size %s", cgiScriptName, virt_dirname_urlencoded, token, ADNIMG); - snprintf(datepfx, 1024, " Modified", cgiScriptName, virt_dirname_urlencoded, token); + snprintf(namepfx, 1024, " Filename", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(sizepfx, 1024, " Size %s", cgiScriptName, virt_dirname_urlencoded, rt.token, ADNIMG); + snprintf(datepfx, 1024, " Modified", cgiScriptName, virt_dirname_urlencoded, rt.token); } else if(strcmp(sortby, "rsize")==0) { - snprintf(namepfx, 1024, " Filename", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(sizepfx, 1024, " Size %s", cgiScriptName, virt_dirname_urlencoded, token, AUPIMG); - snprintf(datepfx, 1024, " Modified", cgiScriptName, virt_dirname_urlencoded, token); + snprintf(namepfx, 1024, " Filename", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(sizepfx, 1024, " Size %s", cgiScriptName, virt_dirname_urlencoded, rt.token, AUPIMG); + snprintf(datepfx, 1024, " Modified", cgiScriptName, virt_dirname_urlencoded, rt.token); } else if(strcmp(sortby, "date")==0) { - snprintf(namepfx, 1024, " Filename", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(sizepfx, 1024, " Size", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(datepfx, 1024, " Modified %s", cgiScriptName, virt_dirname_urlencoded, token, ADNIMG); + snprintf(namepfx, 1024, " Filename", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(sizepfx, 1024, " Size", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(datepfx, 1024, " Modified %s", cgiScriptName, virt_dirname_urlencoded, rt.token, ADNIMG); } else if(strcmp(sortby, "rdate")==0) { - snprintf(namepfx, 1024, " Filename", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(sizepfx, 1024, " Size", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(datepfx, 1024, " Modified %s", cgiScriptName, virt_dirname_urlencoded, token, AUPIMG); + snprintf(namepfx, 1024, " Filename", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(sizepfx, 1024, " Size", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(datepfx, 1024, " Modified %s", cgiScriptName, virt_dirname_urlencoded, rt.token, AUPIMG); } else if(strcmp(sortby, "name")==0) { - snprintf(namepfx, 1024, " Filename %s", cgiScriptName, virt_dirname_urlencoded, token, ADNIMG); - snprintf(sizepfx, 1024, " Size", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(datepfx, 1024, " Modified", cgiScriptName, virt_dirname_urlencoded, token); + snprintf(namepfx, 1024, " Filename %s", cgiScriptName, virt_dirname_urlencoded, rt.token, ADNIMG); + snprintf(sizepfx, 1024, " Size", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(datepfx, 1024, " Modified", cgiScriptName, virt_dirname_urlencoded, rt.token); } else if(strcmp(sortby, "rname")==0) { - snprintf(namepfx, 1024, " Filename %s", cgiScriptName, virt_dirname_urlencoded, token, AUPIMG); - snprintf(sizepfx, 1024, " Size", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(datepfx, 1024, " Modified", cgiScriptName, virt_dirname_urlencoded, token); + snprintf(namepfx, 1024, " Filename %s", cgiScriptName, virt_dirname_urlencoded, rt.token, AUPIMG); + snprintf(sizepfx, 1024, " Size", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(datepfx, 1024, " Modified", cgiScriptName, virt_dirname_urlencoded, rt.token); } else { - snprintf(namepfx, 1024, " Filename", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(sizepfx, 1024, " Size", cgiScriptName, virt_dirname_urlencoded, token); - snprintf(datepfx, 1024, " Modified", cgiScriptName, virt_dirname_urlencoded, token); + snprintf(namepfx, 1024, " Filename", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(sizepfx, 1024, " Size", cgiScriptName, virt_dirname_urlencoded, rt.token); + snprintf(datepfx, 1024, " Modified", cgiScriptName, virt_dirname_urlencoded, rt.token); } @@ -346,7 +346,7 @@ void dirlist(void) { "\n" "\n"); - if(js) fprintf(cgiOut, + if(rt.js) fprintf(cgiOut, "\n"); fprintf(cgiOut, @@ -410,7 +410,7 @@ void dirlist(void) { } else { icon=DIRIMG; - if(js) { + if(rt.js) { linecolor=tNORMAL_COLOR; } else { @@ -429,7 +429,7 @@ void dirlist(void) { fprintf(cgiOut, "%s %s\n"\ " "\ "", - cgiScriptName, sortby, (strcmp(virt_dirname, "/")==0) ? "" : virt_dirname_urlencoded, name_urlencoded, token, icon, name, + cgiScriptName, sortby, (strcmp(virt_dirname, "/")==0) ? "" : virt_dirname_urlencoded, name_urlencoded, rt.token, icon, name, buprintf(size, TRUE), rtime, mtime, atime, stime, mtime); // rename @@ -452,14 +452,14 @@ void dirlist(void) { "\n"\ " $\"Rename$ \n"\ "\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); // move fprintf(cgiOut, "\n"\ "\n"\ " $\"Move$ \n"\ "\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); // delete fprintf(cgiOut, "\n"\ @@ -468,7 +468,7 @@ void dirlist(void) { "\n"\ "\n"\ "\n\n\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); totalsize+=size; n++; @@ -510,14 +510,14 @@ void dirlist(void) { else if(regexec(®_iso, name, 0, 0, 0)==0) { icon=ISOIMG; editable=0; } else { icon=GENIMG; editable=0; } - if(edit_any_file) { editable=1; } + if(cfg.edit_any_file) { editable=1; } if(strcmp(highlight, name)==0) { icon=NEWIMG; linecolor=tHIGH_COLOR; } else { - if(js) { + if(rt.js) { linecolor=tNORMAL_COLOR; } else { @@ -535,14 +535,14 @@ void dirlist(void) { fprintf(cgiOut, "\n" "%s %s\n", - name, cgiScriptName, (edit_by_default && editable) ? "edit" : "sendfile", virt_dirname_urlencoded, name_urlencoded, token, name, icon, name); + name, cgiScriptName, (cfg.edit_by_default && editable) ? "edit" : "sendfile", virt_dirname_urlencoded, name_urlencoded, rt.token, name, icon, name); // size / date @@ -562,7 +562,7 @@ void dirlist(void) { "\n" " $\"Rename$ \n" "\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); // move fprintf(cgiOut, @@ -570,7 +570,7 @@ void dirlist(void) { "" " $\"Move$ \n" "\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL, name); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl, name); // delete fprintf(cgiOut, @@ -579,22 +579,22 @@ void dirlist(void) { "TITLE=\"Remove '%s'\"> \n" " $\"Delete$ \n" "\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); // view - if(strlen(HOMEURL)>4) + if(strlen(cfg.homeurl)>4) fprintf(cgiOut, "\n" "\n" " $\"Preview$ \n" "\n", - HOMEURL, (virt_dirname[0]!='/') ? "/" : "", (strcmp(virt_dirname, "/")==0) ? "" : virt_dirname, name, name, ICONSURL, name); + cfg.homeurl, (virt_dirname[0]!='/') ? "/" : "", (strcmp(virt_dirname, "/")==0) ? "" : virt_dirname, name, name, rt.iconsurl, name); // edit for text files.. if(editable) { - if(edit_by_default) + if(cfg.edit_by_default) fprintf(cgiOut, "\n" "\n" @@ -602,7 +602,7 @@ void dirlist(void) { "\n" "\n" "\n\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); else fprintf(cgiOut, "\n" @@ -611,7 +611,7 @@ void dirlist(void) { "\n" "\n" "\n\n", - cgiScriptName, virt_dirname_urlencoded, name_urlencoded, token, name, ICONSURL); + cgiScriptName, virt_dirname_urlencoded, name_urlencoded, rt.token, name, rt.iconsurl); } else { fprintf(cgiOut, diff --git a/fileio.c b/fileio.c index 1ab1205..260d6c2 100644 --- a/fileio.c +++ b/fileio.c @@ -116,7 +116,7 @@ void receivefile(void) { wfm_commit(CHANGE, NULL); - redirect("%s?highlight=%s&directory=%s&token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, token); + redirect("%s?highlight=%s&directory=%s&rt.token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, rt.token); } @@ -138,7 +138,7 @@ void mkfile(void) { wfm_commit(CHANGE, NULL); - redirect("%s?highlight=%s&directory=%s&token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, token); + redirect("%s?highlight=%s&directory=%s&rt.token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, rt.token); } @@ -153,7 +153,7 @@ void newdir(void) { if(mkdir(phys_filename, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH )!=0) error("Unable to create directory.
%s", strerror(errno)); - redirect("%s?highlight=%s&directory=%s&token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, token); + redirect("%s?highlight=%s&directory=%s&rt.token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, rt.token); } @@ -245,7 +245,7 @@ void edit_save(void) { wfm_commit(CHANGE, NULL); - redirect("%s?highlight=%s&directory=%s&token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, token); + redirect("%s?highlight=%s&directory=%s&rt.token=%s", cgiScriptName, virt_filename_urlencoded, virt_dirname_urlencoded, rt.token); } // @@ -333,7 +333,7 @@ void delete(void) { } } - redirect("%s?directory=%s&token=%s", cgiScriptName, virt_dirname_urlencoded, token); + redirect("%s?directory=%s&rt.token=%s", cgiScriptName, virt_dirname_urlencoded, rt.token); } // @@ -379,7 +379,7 @@ void move(void) { } } - redirect("%s?highlight=%s&directory=%s&token=%s", cgiScriptName, url_encode(virt_destination), virt_dirname_urlencoded, token); + redirect("%s?highlight=%s&directory=%s&rt.token=%s", cgiScriptName, url_encode(virt_destination), virt_dirname_urlencoded, rt.token); } @@ -436,18 +436,18 @@ void re_dir_ui(char *vdir, int level) { int n; int nentr, e; - snprintf(re_phys_dirname, PHYS_DIRNAME_SIZE, "%s/%s", HOMEDIR, vdir); + snprintf(re_phys_dirname, PHYS_DIRNAME_SIZE, "%s/%s", cfg.homedir, vdir); if(strlen(re_phys_dirname)<2 || strlen(re_phys_dirname)>(PHYS_DIRNAME_SIZE-2)) error("Invalid directory name."); if(regexec(&dotdot, re_phys_dirname, 0, 0, 0)==0) error("Invalid directory name."); - if(strlen(re_phys_dirname) < strlen(HOMEDIR)) error("Invalid directory name."); + if(strlen(re_phys_dirname) < strlen(cfg.homedir)) error("Invalid directory name."); nentr=scandir(re_phys_dirname, &direntry, 0, alphasort); for(e=0; ed_name); + snprintf(phy_child, PHYS_DIRNAME_SIZE, "%s/%s/%s", cfg.homedir, vdir, direntry[e]->d_name); if((direntry[e]->d_name[0]!='.') && (lstat(phy_child, &fileinfo)==0) && S_ISDIR(fileinfo.st_mode)) { @@ -458,10 +458,10 @@ void re_dir_ui(char *vdir, int level) { for (n=0; n<(level-1); n++) fprintf(cgiOut, " "); - fprintf(cgiOut, "%s %s\n", (js) ? "├" : "-", direntry[e]->d_name); + fprintf(cgiOut, "%s %s\n", (rt.js) ? "├" : "-", direntry[e]->d_name); // recurse - if(!largeset) + if(!cfg.largeset) re_dir_ui(child,level+1); } free(direntry[e]); @@ -561,7 +561,7 @@ int asscandir(const char *dir, ASDIR **namelist, int (*compar)(const void *, con memset(&names[entries], 0, sizeof(ASDIR)); strcpy(names[entries].name, entry->d_name); names[entries].type=fileinfo.st_mode; - if(S_ISDIR(fileinfo.st_mode) && recursive_du) + if(S_ISDIR(fileinfo.st_mode) && cfg.recursive_du) names[entries].size=du(filename); else names[entries].size=fileinfo.st_size; diff --git a/wfm.c b/wfm.c index 1b60937..f0faad6 100644 --- a/wfm.c +++ b/wfm.c @@ -9,7 +9,7 @@ void html_title(char *msg) { HTML_HEADER "\n" "%s : %s\n", - ICONSURL, FAVICON, TAGLINE, msg); // (strlen(virt_dirname)>0) ? ' ' : '/', TAGLINE, virt_dirname + rt.iconsurl, cfg.favicon, cfg.tagline, msg); // (strlen(virt_dirname)>0) ? ' ' : '/', TAGLINE, virt_dirname } @@ -104,14 +104,15 @@ char *md5hash(char *str, ...) { // // WFM Login Procedure -// Called from WFM main procedure if no sufficient access permission available +// Called from WFM main procedure if no sufficient access permission available and no +// JavaScript is available in the browser. Normally client side genrates the auth token. // void login(void) { char username[64]={0}; char password[64]={0}; - cgiFormStringNoNewlines("username", username, sizeof(username)); // only used if JavaScript is - cgiFormStringNoNewlines("password", password, sizeof(password)); // not available in the browser + cgiFormStringNoNewlines("username", username, sizeof(username)); + cgiFormStringNoNewlines("password", password, sizeof(password)); if(strlen(username) && strlen(password)) redirect("%s?directory=%s&login=server&token=%s", cgiScriptName, virt_dirname_urlencoded, md5hash("%s:%s", cgiRemoteAddr, md5hash("%s:%s", username, password))); // generate MD5 as if it was the client @@ -134,37 +135,37 @@ void access_check(char *access_string) { if(ipaddr[0]=='*' || strcmp(cgiRemoteAddr, ipaddr)==0) { if(strcmp(type, "ro")==0) - access_level=PERM_RO; + rt.access_level=PERM_RO; else if(strcmp(type, "rw")==0) - access_level=PERM_RW; + rt.access_level=PERM_RW; } } else if(sscanf(access_string, "access-md5pw=%2[^':']:%30[^':']:%63s", type, user, pass)==3) { - users_defined=1; + cfg.users_defined=1; // perform user auth by comparing user supplied token with system generated token - if(strcmp(md5hash("%s:%s", cgiRemoteAddr, pass), token)==0) { + if(strcmp(md5hash("%s:%s", cgiRemoteAddr, pass), rt.token)==0) { if(strcmp(type, "ro")==0) - access_level=PERM_RO; + rt.access_level=PERM_RO; else if(strcmp(type, "rw")==0) - access_level=PERM_RW; + rt.access_level=PERM_RW; - access_as_user=1; - strncpy(loggedinuser, user, sizeof(loggedinuser)); + rt.access_as_user=1; + strncpy(rt.loggedinuser, user, sizeof(rt.loggedinuser)); } } else if(sscanf(access_string, "access-htauth=%2[^':']:%30s", type, user)==2) { - users_defined=1; + cfg.users_defined=1; if(user[0]=='*' || (getenv("REMOTE_USER") && strcmp(user, getenv("REMOTE_USER"))==0)) { if(strcmp(type, "ro")==0) - access_level=PERM_RO; + rt.access_level=PERM_RO; else if(strcmp(type, "rw")==0) - access_level=PERM_RW; + rt.access_level=PERM_RW; - access_as_user=1; - strncpy(loggedinuser, getenv("REMOTE_USER"), sizeof(loggedinuser)); + rt.access_as_user=1; + strncpy(rt.loggedinuser, getenv("REMOTE_USER"), sizeof(rt.loggedinuser)); } } } @@ -173,6 +174,7 @@ void access_check(char *access_string) { // // Check filename // Should be called by every function that uses filename +// Function can be passed implicit filename or use the global variable // void checkfilename(char *inp_filename) { char temp_dirname[PHYS_FILENAME_SIZE]={0}; @@ -205,13 +207,14 @@ void checkfilename(char *inp_filename) { strncpy(virt_filename, bname, VIRT_FILENAME_SIZE); snprintf(phys_filename, PHYS_FILENAME_SIZE, "%s/%s", phys_dirname, virt_filename); + // Do checks if(!strlen(phys_filename) || strlen(phys_filename)>(PHYS_FILENAME_SIZE-2)) error("Invalid phys_filename lenght [%d]", strlen(phys_filename)); if(!strlen(virt_filename) || strlen(virt_filename)>(VIRT_FILENAME_SIZE-2)) error("Invalid virt_filename lenght [%d]", strlen(virt_filename)); if(regexec(&dotdot, phys_filename, 0, 0, 0)==0) error("Double dots in pfilename"); if(regexec(&dotdot, virt_filename, 0, 0, 0)==0) error("Double dots in vfilename"); strncpy(temp_dirname, phys_filename, PHYS_FILENAME_SIZE); - if(strlen(dirname(temp_dirname)) < strlen(HOMEDIR)) error("Invalid directory name."); + if(strlen(dirname(temp_dirname)) < strlen(cfg.homedir)) error("Invalid directory name."); virt_filename_urlencoded=url_encode(virt_filename); } @@ -227,7 +230,7 @@ void checkdestination(void) { strip(virt_destination, VIRT_DESTINATION_SIZE, VALIDCHRS_DIR); cgiFormInteger("absdst", &absolute_destination, 0); // move operation relies on absolute paths if(absolute_destination) - snprintf(phys_destination, PHYS_DESTINATION_SIZE, "%s/%s", HOMEDIR, virt_destination); + snprintf(phys_destination, PHYS_DESTINATION_SIZE, "%s/%s", cfg.homedir, virt_destination); else snprintf(phys_destination, PHYS_DESTINATION_SIZE, "%s/%s", phys_dirname, virt_destination); @@ -246,13 +249,13 @@ void checkdirectory(void) { cgiFormStringNoNewlines("directory", virt_dirname, VIRT_DIRNAME_SIZE); strip(virt_dirname, VIRT_DIRNAME_SIZE, VALIDCHRS_DIR); - snprintf(phys_dirname, PHYS_DIRNAME_SIZE, "%s/%s", HOMEDIR, virt_dirname); + snprintf(phys_dirname, PHYS_DIRNAME_SIZE, "%s/%s", cfg.homedir, virt_dirname); if(strlen(phys_dirname)<2 || strlen(phys_dirname)>(PHYS_DIRNAME_SIZE-2)) error("Invalid directory name."); if(regexec(&dotdot, phys_dirname, 0, 0, 0)==0) error("Invalid directory name."); - if(strlen(phys_dirname) < strlen(HOMEDIR)) error("Invalid directory name."); + if(strlen(phys_dirname) < strlen(cfg.homedir)) error("Invalid directory name."); if(!strlen(virt_dirname)) strcpy(virt_dirname, "/"); @@ -342,7 +345,7 @@ int strsplit(char *src, char ***dst, char *sep) { char *c; int n = 0; - while (c = strpbrk(src, sep)) { + while ((c = strpbrk(src, sep))) { while (c == src) { src++; c = strpbrk(src, sep); @@ -361,7 +364,7 @@ int strsplit(char *src, char ***dst, char *sep) { src = src_org; n = 0; - while (c = strpbrk(src, sep)) { + while ((c = strpbrk(src, sep))) { while (c == src) { src++; c = strpbrk(src, sep); @@ -435,6 +438,7 @@ void dbgprintf(char *msg, ...) { fprintf(f, "DEBUG: %s\n", buff); + fflush(f); fclose(f); } @@ -455,12 +459,12 @@ void redirect(char *location, ...) { cgiHeaderLocation(buff); } + // -// CGI entry +// Load and process config file +// Invoke Access Check // -int cgiMain(void) { - char action[32]={0}; - char ea[8]={0}; +void cfgload(void) { FILE *cfgfile; char cfgname[128]={0}; char cfgline[256]={0}; @@ -474,118 +478,118 @@ int cgiMain(void) { char c_largeset[]="large-file-set=true"; char c_access[]="access"; - // early action - simple actions before cfg is read or access check performed (no security!) - cgiFormStringNoNewlines("ea", ea, sizeof(ea)); - if(strcmp(ea, "icon")==0) icon(); - if(strcmp(ea, "upstat")==0) upload_status(); - - // normal initialization - tstart(); - - if(regcomp(&dotdot, "\\.\\.", REG_EXTENDED | REG_ICASE)!=0) - error("Regex compilation problem.
%s", strerror(errno)); - - fprintf(cgiOut, "Cache-Control: max-age=0, private\r\nExpires: -1\r\n"); - - memset(virt_dirname, 0, VIRT_DIRNAME_SIZE); - memset(phys_dirname, 0, PHYS_DIRNAME_SIZE); - memset(virt_filename, 0, VIRT_FILENAME_SIZE); - memset(phys_filename, 0, PHYS_FILENAME_SIZE); - memset(virt_destination, 0, VIRT_DESTINATION_SIZE); - memset(phys_destination, 0, PHYS_DESTINATION_SIZE); - memset(final_destination, 0, PHYS_DESTINATION_SIZE); - memset(virt_parent, 0, VIRT_DIRNAME_SIZE); + memset(&cfg, 0, sizeof(cfg)); + memset(&rt, 0, sizeof(rt)); - snprintf(ICONSURL, sizeof(ICONSURL), "%s?ea=icon&name=", cgiScriptName); - + cgiFormStringNoNewlines("token", rt.token, sizeof(rt.token)); + snprintf(rt.iconsurl, sizeof(rt.iconsurl), "%s?ea=icon&name=", cgiScriptName); - // config file defaults - access_level=PERM_NO; // no access by default - access_as_user=0; - users_defined=0; - edit_by_default=0; // for .txt files - edit_any_file=0; - recursive_du=0; - largeset=0; - - memset(HOMEDIR, 0, sizeof(HOMEDIR)); - memset(HOMEURL, 0, sizeof(HOMEURL)); - memset(TAGLINE, 0, sizeof(TAGLINE)); - memset(FAVICON, 0, sizeof(FAVICON)); - - // process config file - cgiFormStringNoNewlines("token", token, sizeof(token)); snprintf(cfgname, sizeof(cfgname), "%s.cfg", basename(cgiScriptName)); cfgfile=fopen(cfgname, "r"); if(!cfgfile) error("Unable to open configuration file %s.
%s", cfgname, strerror(errno)); - + while(fgets(cfgline, sizeof(cfgline), cfgfile)) { if((*cfgline==';')||(*cfgline=='/')||(*cfgline=='#')||(*cfgline=='\n')) continue; - else if(strncmp(cfgline, c_homedir, strlen(c_homedir))==0) strncpy(HOMEDIR, cfgline+strlen(c_homedir), sizeof(HOMEDIR)); - else if(strncmp(cfgline, c_homeurl, strlen(c_homeurl))==0) strncpy(HOMEURL, cfgline+strlen(c_homeurl), sizeof(HOMEURL)); - else if(strncmp(cfgline, c_tagline, strlen(c_tagline))==0) strncpy(TAGLINE, cfgline+strlen(c_tagline), sizeof(TAGLINE)); - else if(strncmp(cfgline, c_favicon, strlen(c_favicon))==0) strncpy(FAVICON, cfgline+strlen(c_favicon), sizeof(FAVICON)); - else if(strncmp(cfgline, c_editdef, strlen(c_editdef))==0) edit_by_default=1; - else if(strncmp(cfgline, c_editany, strlen(c_editany))==0) edit_any_file=1; - else if(strncmp(cfgline, c_largeset, strlen(c_largeset))==0) largeset=1; - else if(strncmp(cfgline, c_du, strlen(c_du))==0) recursive_du=1; + else if(strncmp(cfgline, c_homedir, strlen(c_homedir))==0) strncpy(cfg.homedir, cfgline+strlen(c_homedir), sizeof(cfg.homedir)); + else if(strncmp(cfgline, c_homeurl, strlen(c_homeurl))==0) strncpy(cfg.homeurl, cfgline+strlen(c_homeurl), sizeof(cfg.homeurl)); + else if(strncmp(cfgline, c_tagline, strlen(c_tagline))==0) strncpy(cfg.tagline, cfgline+strlen(c_tagline), sizeof(cfg.tagline)); + else if(strncmp(cfgline, c_favicon, strlen(c_favicon))==0) strncpy(cfg.favicon, cfgline+strlen(c_favicon), sizeof(cfg.favicon)); + else if(strncmp(cfgline, c_editdef, strlen(c_editdef))==0) cfg.edit_by_default=1; + else if(strncmp(cfgline, c_editany, strlen(c_editany))==0) cfg.edit_any_file=1; + else if(strncmp(cfgline, c_largeset, strlen(c_largeset))==0) cfg.largeset=1; + else if(strncmp(cfgline, c_du, strlen(c_du))==0) cfg.recursive_du=1; else if(strncmp(cfgline, c_access, strlen(c_access))==0) access_check(cfgline); } fclose(cfgfile); // remove newlines - if(strlen(HOMEDIR)>2) HOMEDIR[strlen(HOMEDIR)-1]='\0'; - if(strlen(HOMEURL)>2) HOMEURL[strlen(HOMEURL)-1]='\0'; - if(strlen(TAGLINE)>2) TAGLINE[strlen(TAGLINE)-1]='\0'; - if(strlen(FAVICON)>2) FAVICON[strlen(FAVICON)-1]='\0'; + if(strlen(cfg.homedir)>2) cfg.homedir[strlen(cfg.homedir)-1]='\0'; + if(strlen(cfg.homeurl)>2) cfg.homeurl[strlen(cfg.homeurl)-1]='\0'; + if(strlen(cfg.tagline)>2) cfg.tagline[strlen(cfg.tagline)-1]='\0'; + if(strlen(cfg.favicon)>2) cfg.favicon[strlen(cfg.favicon)-1]='\0'; // do checks - if(strlen(HOMEDIR) < 4 || *HOMEDIR!='/') + if(strlen(cfg.homedir) < 4) error("Home directory not defined."); - if(!strlen(TAGLINE)) - strcpy(TAGLINE, "Web File Manager"); + if(cfg.homedir[0]!='/') + error("Home directory must be absolute path."); - if(!strlen(FAVICON)) - strcpy(FAVICON, "wfmicon.gif"); + if(!strlen(cfg.tagline)) + strcpy(cfg.tagline, "Web File Manager"); + + if(!strlen(cfg.favicon)) + strcpy(cfg.favicon, "wfmicon.gif"); - snprintf(VALIDCHRS_DIR, sizeof(VALIDCHRS_DIR), "%s/", VALIDCHRS); checkdirectory(); + // JavaScript check - if(strncmp(cgiUserAgent, "Mozilla/5", 9)==0) js=2; - else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 6", 31)==0) js=2; - else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 7", 31)==0) js=2; - else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 8", 31)==0) js=2; - else if(strncmp(cgiUserAgent, "Mozilla/4", 9)==0) js=1; - else js=0; + if(strncmp(cgiUserAgent, "Mozilla/5", 9)==0) rt.js=2; + else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 6", 31)==0) rt.js=2; + else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 7", 31)==0) rt.js=2; + else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 8", 31)==0) rt.js=2; + else if(strncmp(cgiUserAgent, "Mozilla/4", 9)==0) rt.js=1; + else rt.js=0; + +} + +// +// WFM Entry +// +int cgiMain(void) { + char action[32]={0}; + char ea[8]={0}; + + // early action - simple actions before cfg is read or access check performed (no authentication!) + cgiFormStringNoNewlines("ea", ea, sizeof(ea)); + if(strcmp(ea, "icon")==0) icon(); + if(strcmp(ea, "upstat")==0) upload_status(); + + // normal initialization + tstart(); + + fprintf(cgiOut, "Cache-Control: max-age=0, private\r\nExpires: -1\r\n"); + + memset(virt_dirname, 0, VIRT_DIRNAME_SIZE); + memset(phys_dirname, 0, PHYS_DIRNAME_SIZE); + memset(virt_filename, 0, VIRT_FILENAME_SIZE); + memset(phys_filename, 0, PHYS_FILENAME_SIZE); + memset(virt_destination, 0, VIRT_DESTINATION_SIZE); + memset(phys_destination, 0, PHYS_DESTINATION_SIZE); + memset(final_destination, 0, PHYS_DESTINATION_SIZE); + memset(virt_parent, 0, VIRT_DIRNAME_SIZE); + + cfgload(); + + // main routine - regular actions cgiFormStringNoNewlines("action", action, sizeof(action)); - if(cgiFormSubmitClicked("noop")==cgiFormSuccess && access_level >= PERM_RO) dirlist(); - else if(cgiFormSubmitClicked("multi_delete_prompt")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("delete"); - else if(cgiFormSubmitClicked("multi_delete_prompt.x")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("delete"); - else if(cgiFormSubmitClicked("multi_move_prompt")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("move"); - else if(cgiFormSubmitClicked("multi_move_prompt.x")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("move"); - else if(cgiFormSubmitClicked("upload")==cgiFormSuccess && access_level >= PERM_RW) receivefile(); - else if(strcmp(action, "sendfile")==0 && access_level >= PERM_RO) sendfile(); - else if(strcmp(action, "delete")==0 && access_level >= PERM_RW) delete(); - else if(strcmp(action, "delete_prompt")==0 && access_level >= PERM_RW) multiprompt_ui("delete"); - else if(strcmp(action, "move_prompt")==0 && access_level >= PERM_RW) multiprompt_ui("move"); - else if(strcmp(action, "rename_prompt")==0 && access_level >= PERM_RW) singleprompt_ui("move"); - else if(strcmp(action, "move")==0 && access_level >= PERM_RW) move(); - else if(strcmp(action, "edit")==0 && access_level >= PERM_RO) edit_ui(); - else if(strcmp(action, "edit_save")==0 && access_level >= PERM_RW) edit_save(); - else if(strcmp(action, "mkfile")==0 && access_level >= PERM_RW) mkfile(); - else if(strcmp(action, "mkfile_prompt")==0 && access_level >= PERM_RW) singleprompt_ui("mkfile"); - else if(strcmp(action, "mkdir")==0 && access_level >= PERM_RW) newdir(); - else if(strcmp(action, "mkdir_prompt")==0 && access_level >= PERM_RW) singleprompt_ui("mkdir"); - else if(strcmp(action, "about")==0 && access_level >= PERM_RO) about(); - else if(strcmp(action, "login")==0 ) login(); - else if( access_level >= PERM_RO) dirlist(); + if(cgiFormSubmitClicked("noop")==cgiFormSuccess && rt.access_level >= PERM_RO) dirlist(); + else if(cgiFormSubmitClicked("multi_delete_prompt")==cgiFormSuccess && rt.access_level >= PERM_RO) multiprompt_ui("delete"); + else if(cgiFormSubmitClicked("multi_delete_prompt.x")==cgiFormSuccess && rt.access_level >= PERM_RO) multiprompt_ui("delete"); + else if(cgiFormSubmitClicked("multi_move_prompt")==cgiFormSuccess && rt.access_level >= PERM_RO) multiprompt_ui("move"); + else if(cgiFormSubmitClicked("multi_move_prompt.x")==cgiFormSuccess && rt.access_level >= PERM_RO) multiprompt_ui("move"); + else if(cgiFormSubmitClicked("upload")==cgiFormSuccess && rt.access_level >= PERM_RW) receivefile(); + else if(strcmp(action, "sendfile")==0 && rt.access_level >= PERM_RO) sendfile(); + else if(strcmp(action, "delete")==0 && rt.access_level >= PERM_RW) delete(); + else if(strcmp(action, "delete_prompt")==0 && rt.access_level >= PERM_RW) multiprompt_ui("delete"); + else if(strcmp(action, "move_prompt")==0 && rt.access_level >= PERM_RW) multiprompt_ui("move"); + else if(strcmp(action, "rename_prompt")==0 && rt.access_level >= PERM_RW) singleprompt_ui("move"); + else if(strcmp(action, "move")==0 && rt.access_level >= PERM_RW) move(); + else if(strcmp(action, "edit")==0 && rt.access_level >= PERM_RO) edit_ui(); + else if(strcmp(action, "edit_save")==0 && rt.access_level >= PERM_RW) edit_save(); + else if(strcmp(action, "mkfile")==0 && rt.access_level >= PERM_RW) mkfile(); + else if(strcmp(action, "mkfile_prompt")==0 && rt.access_level >= PERM_RW) singleprompt_ui("mkfile"); + else if(strcmp(action, "mkdir")==0 && rt.access_level >= PERM_RW) newdir(); + else if(strcmp(action, "mkdir_prompt")==0 && rt.access_level >= PERM_RW) singleprompt_ui("mkdir"); + else if(strcmp(action, "about")==0 && rt.access_level >= PERM_RO) about(); + else if(strcmp(action, "login")==0 ) login(); + else if( rt.access_level >= PERM_RO) dirlist(); else - if(users_defined) // if users present but supplied credentials didn't match, or credentials not specified + if(cfg.users_defined) // if users present but supplied credentials didn't match, or credentials not specified redirect("%s?action=login", cgiScriptName); else error("Access Denied."); diff --git a/wfm.h b/wfm.h index 5d31351..b57abba 100644 --- a/wfm.h +++ b/wfm.h @@ -1,5 +1,5 @@ -#define VERSION "1.3.3" -#define copyright "\n" \ +#define VERSION "1.4.0" +#define COPYRIGHT "\n" \ "\n" #define FONT_SIZE "13px" @@ -22,7 +22,7 @@ "\n" \ "\n" \ - copyright \ + COPYRIGHT \ "\n" \ " \n" \ " \n" \ @@ -61,7 +61,7 @@ #include "wfmiconres.h" #define VALIDCHRS "an ()[]{}-_.,!@#$%^&=+;" -char VALIDCHRS_DIR[256]; // above + / +#define VALIDCHRS_DIR "an ()[]{}-_.,!@#$%^&=+;/" #define P1024_1 1024.0f @@ -90,25 +90,29 @@ char final_destination[PHYS_DESTINATION_SIZE]; char virt_parent[VIRT_DIRNAME_SIZE]; char *virt_parent_urlencoded; -char ICONSURL[1024]; -char HOMEDIR[1024]; -char HOMEURL[1024]; -char TAGLINE[1024]; -char FAVICON[1024]; - -char token[256]; -char loggedinuser[64]; regex_t dotdot; -int access_level; -int access_as_user; -int users_defined; -int edit_by_default; -int edit_any_file; -int recursive_du; -int largeset; -int js; +struct config_struct { + int users_defined; + int edit_by_default; + int edit_any_file; + int recursive_du; + int largeset; + char homedir[1024]; + char homeurl[1024]; + char tagline[1024]; + char favicon[1024]; +} cfg; + +struct runtime_struct { + char token[256]; + char iconsurl[1024]; + char loggedinuser[64]; + int access_level; + int access_as_user; + int js; +} rt; double t1, t2; struct timeval mt; @@ -117,6 +121,7 @@ enum { FALSE, TRUE }; enum { PERM_NO, PERM_RO, PERM_RW }; enum { CHANGE, DELETE, MOVE }; + typedef struct asdir_ { char name[NAME_MAX]; mode_t type; -- cgit v1.2.3