diff options
author | the little girl <bie@blekksprut.net> | 2013-06-25 14:05:10 +0200 |
---|---|---|
committer | the little girl <bie@blekksprut.net> | 2013-06-25 14:05:10 +0200 |
commit | 18487df36bc687e8e716e36aa94f5c26b4aef5ef (patch) | |
tree | c0dfb17552ea5ca800fbe40d251256473d556417 /wiki.c | |
parent | 98f3fb0cd359abcf7a6ecfcf84d6b8cf44204437 (diff) | |
download | ukulele-18487df36bc687e8e716e36aa94f5c26b4aef5ef.tar.xz |
bugfix, auth
Diffstat (limited to 'wiki.c')
-rw-r--r-- | wiki.c | 36 |
1 files changed, 26 insertions, 10 deletions
@@ -10,7 +10,12 @@ #include <marxup.h> +char *authenticate_ip() { + return getenv("REMOTE_ADDR"); +} + static char *wikititle = "a wiki"; +static char *(*authenticate)() = authenticate_ip; static char *links[][2] = { { "home", "home" }, { "planer", "planer" }, @@ -19,8 +24,9 @@ static char *links[][2] = { static char *script; static char *base; +static char *id; -static const char *badchars = "\\?%:|\"<>. "; +static const char *badchars = "\\?%:|\"<> "; int writable(char *path) { struct stat s; @@ -56,6 +62,7 @@ void foot(int file) { printf("<a href='%s/%s'>%s</a> ", script, links[i][1], links[i][0]); if(!file) return; printf("<span style='float: right'>"); + printf("%s ", id); printf("<a href='?t'>text/plain</a>"); printf("</span>"); } @@ -84,17 +91,21 @@ int redirect(char *path) { if(*path == '?') printf("Location: %s\n\n", path); else - printf("Location: %s/%s\n\n", getenv("SCRIPT_NAME"), path); + printf("Location: %s/%s\n\n", script, path); return 0; } -int unauthorized(char *path) { +int unauthorized(int status) { + printf("Status: %d\n", status); + if(status == 401) + printf("WWW-Authenticate: Basic realm='Kya'\n"); printf("Content-Type: text/plain; charset=utf-8\n\n"); printf("No.\n"); + return 1; } int edit(char *path) { - if(!writable(path)) return unauthorized(path); + if(!writable(path)) return unauthorized(403); FILE *fp = fopen(path, "r"); char *title = clean(path); fp ? head(title, path, "vis") : head(title, NULL, NULL); @@ -103,7 +114,7 @@ int edit(char *path) { printf("<p><textarea name=text rows=24 cols=72>"); if(fp) while(fgets(buffer, sizeof(buffer), fp)) - printf(buffer); + printf("%s", buffer); printf("</textarea>\n"); printf("<p><input type=submit value=Update>"); printf("</form>"); @@ -163,9 +174,10 @@ int plaintext(char *path) { char buffer[sysconf(_SC_PAGESIZE)]; printf("Content-Type: text/plain; charset=utf-8\n\n"); while(fgets(buffer, sizeof(buffer), fp)) - printf(buffer); + printf("%s", buffer); } fclose(fp); + return 0; } int view(char *path) { @@ -179,16 +191,21 @@ int view(char *path) { writable(path) ? head(title, "?e", "rediger") : head(title, NULL, NULL); marxup(fp, stdout); foot(1); + return 0; } int main(int argc, char **argv) { char *page = getenv("PATH_INFO"); char *method = getenv("REQUEST_METHOD"); char *query = getenv("QUERY_STRING"); - setenv("MARXUP_HEADER", "2", 1); - script = getenv("SCRIPT_NAME"); + if(!script) script = getenv("SCRIPT_NAME"); if(!script) script = "/"; - base = dirname(strdup(script)); + if(!base) base = strdup(dirname(strdup(script))); + + id = "anonymous"; + if(authenticate && !(id = authenticate())) return unauthorized(401); + + setenv("MARXUP_HEADER", "2", 1); chdir("pages"); if(!legit(page)) return redirect("home"); page++; @@ -197,7 +214,6 @@ int main(int argc, char **argv) { switch(*query) { case 'e': return edit(page); case 't': return plaintext(page); - // case 'h': return history(page); ? } query++; } |