load "cgi"; load "task"; load "sql"; load "sql_utils"; load "encode_xml"; load "encode_url"; load "encode_js"; load "encode_regex"; load "array"; load "crypt"; load "system"; load "file"; #define USE_SESSIONCOOKIES 1 #file-as-code config.spl #file-as-code common.spl #file-as-code mail.spl var buffer; var patch_status_dump; var filter = [ status: "O", queue: "", journal: "", buffer: "", votecheck: "", uid: "", owner: "", search: "", files: "", votes: "" ]; function set_cookie_auth(username, password) { cgi.cookie["smauth"] = "${url::username}:${url::password}; " "expires=Wednesday, 20-Nov-2013 00:00:00 GMT"; } function get_cookie_auth() { cgi.cookie["smauth"] =~ /^(?P.+):(?P.+)$/I; if (not declared username) return; username =~ e/%([0-9a-fA-F]{2})/g chr(hex($1)); password =~ e/%([0-9a-fA-F]{2})/g chr(hex($1)); var u = sql_tuple(db, <:SQL> : SELECT : user_id AS userid, : user_crypt AS crypt, : user_isadmin AS isadmin : FROM : user : WHERE : user_name = ${mysql::username} ); if (declared u.crypt and check_crypt(password, u.crypt)) { userid = u.userid; isadmin = u.isadmin; set_cookie_auth(username, password); } } function html_patch(patch_uid, actions, queueinfo, rawpatchtext) { patch_uid =~ s/[^0-9]//g; return #file-as-template html_patch.spltpl; } function html_queue(queue_id, actions) { return #file-as-template html_queue.spltpl; } function html_journal(journal_id, actions, showdetails) { return #file-as-template html_journal.spltpl; } get_cookie_auth(); while (1) { var mode = cgi.param["mode"]; var title = "SubMaster"; var content; foreach f (filter) { if (declared cgi.param["filter_$f"]) filter[f] = cgi.param["filter_$f"]; } if (declared cgi.param.buffer_add) buffer[cgi.param.buffer_add] = 1; if (declared cgi.param.buffer_del) delete buffer[cgi.param.buffer_del]; if (declared cgi.param.skipstd) goto skipstd; if (declared cgi.param.dump) { cgi.content_type = "text/plain"; var text = sql_value(db, "SELECT patch_text FROM patch WHERE patch_uid = ${mysql::cgi.param.dump}"); write(defined text ? text : "Patch not found!\n"); goto thatsit; } switch { case not defined mode: content = #file-as-template html_list_patch.spltpl; case mode ~== "patch": content = html_patch(cgi.param.uid, defined userid, 1, 1); case mode ~== "gotopatch": content = #file-as-template html_gotopatch.spltpl; case mode ~== "queues": content = #file-as-template html_list_queues.spltpl; case mode ~== "queue": content = html_queue(cgi.param.id, defined userid); case mode ~== "journals": content = #file-as-template html_list_journals.spltpl; case mode ~== "journal": content = html_journal(cgi.param.id, defined userid, 1); case mode ~== "buffer": content = #file-as-template html_buffer.spltpl; case mode ~== "new": content = #file-as-template html_new.spltpl; case mode ~== "vpattern": content = #file-as-template html_vpattern.spltpl; case mode ~== "pref": content = #file-as-template html_pref.spltpl; case mode ~== "login": content = #file-as-template html_login.spltpl; case mode ~== "logout": content = "Logged out."; userid = undef; isadmin = 0; set_cookie_auth(undef, undef); case mode ~== "user": content = #file-as-template html_user.spltpl; } content = #file-as-template html_frame.spltpl; if (USE_SESSIONCOOKIES) { content =~ s/(${regex::cgi.url}\?)sid=${regex::cgi.sid}&?/$1/g; cgi.cookie["smngsession"] = cgi.sid_vm; } if (declared cgi.param.patch_status_dump) { cgi.content_type = "text/plain"; write(patch_status_dump); } else write(content); if (0) { skipstd: cgi.content_type = "text/plain"; write("OK\n"); } thatsit: content = undef; patch_status_dump = undef; task_pause(); }