1 #include "../../include/http/ipagehandler.h"
\r
2 #include "../../include/stringfunctions.h"
\r
3 #include "../../include/http/multipartparser.h"
\r
4 #include "../../include/db/sqlite3db.h"
\r
6 #include <Poco/Net/HTMLForm.h>
\r
7 #include <Poco/UUIDGenerator.h>
\r
8 #include <Poco/UUID.h>
\r
9 #include <Poco/DateTime.h>
\r
10 #include <Poco/DateTimeFormatter.h>
\r
11 #include <Poco/Timespan.h>
\r
19 void IPageHandler::CreateArgArray(const std::map<std::string,std::string> &vars, const std::string &basename, std::vector<std::string> &args)
\r
21 for(std::map<std::string,std::string>::const_iterator i=vars.begin(); i!=vars.end(); i++)
\r
23 if((*i).first.find(basename)==0 && (*i).first.find("[")!=std::string::npos && (*i).first.find("]")!=std::string::npos)
\r
26 std::string indexstr;
\r
27 std::string::size_type startpos;
\r
28 std::string::size_type endpos;
\r
29 startpos=(*i).first.find("[");
\r
30 endpos=(*i).first.find("]");
\r
32 indexstr=(*i).first.substr(startpos+1,(endpos-startpos)-1);
\r
33 StringFunctions::Convert(indexstr,index);
\r
35 while(args.size()<index+1)
\r
39 args[index]=(*i).second;
\r
44 const std::string IPageHandler::CreateFormPassword()
\r
46 Poco::DateTime date;
\r
47 Poco::UUIDGenerator uuidgen;
\r
51 uuid=uuidgen.createRandom();
\r
57 SQLite3DB::Statement st=SQLite3DB::DB::Instance()->Prepare("INSERT INTO tmpFormPassword(Date,Password) VALUES(?,?);");
\r
58 st.Bind(0,Poco::DateTimeFormatter::format(date,"%Y-%m-%d %H:%M:%S"));
\r
59 st.Bind(1,uuid.toString());
\r
62 return "<input type=\"hidden\" name=\"formpassword\" value=\""+uuid.toString()+"\">";
\r
66 const std::string IPageHandler::CreateTrueFalseDropDown(const std::string &name, const std::string &selected)
\r
68 std::string rval="";
\r
70 rval+="<select name=\""+name+"\">";
\r
71 rval+="<option value=\"true\"";
\r
72 if(selected=="true")
\r
76 rval+=">true</option>";
\r
77 rval+="<option value=\"false\"";
\r
78 if(selected=="false")
\r
82 rval+=">false</option>";
\r
88 void IPageHandler::CreateQueryVarMap(Poco::Net::HTTPServerRequest &request, std::map<std::string,std::string> &vars)
\r
90 for(Poco::Net::HTTPServerRequest::ConstIterator i=request.begin(); i!=request.end(); i++)
\r
92 vars[(*i).first]=(*i).second;
\r
95 // handle HTMLForm and multiparts
\r
96 MultiPartParser mpp;
\r
97 Poco::Net::HTMLForm form(request,request.stream(),mpp);
\r
98 for(Poco::Net::HTMLForm::ConstIterator i=form.begin(); i!=form.end(); i++)
\r
100 vars[(*i).first]=(*i).second;
\r
103 // for a POST method, the HTMLForm won't grab vars off the query string so we
\r
104 // temporarily set the method to GET and parse with the HTMLForm again
\r
105 if(request.getMethod()=="POST")
\r
107 request.setMethod("GET");
\r
108 Poco::Net::HTMLForm form1(request,request.stream(),mpp);
\r
109 for(Poco::Net::HTMLForm::ConstIterator i=form1.begin(); i!=form1.end(); i++)
\r
111 vars[(*i).first]=(*i).second;
\r
113 request.setMethod("POST");
\r
116 // get any multiparts
\r
117 std::map<std::string,std::string> mpvars=mpp.GetVars();
\r
118 for(std::map<std::string,std::string>::iterator i=mpvars.begin(); i!=mpvars.end(); i++)
\r
120 vars[(*i).first]=(*i).second;
\r
125 void IPageHandler::handleRequest(Poco::Net::HTTPServerRequest &request, Poco::Net::HTTPServerResponse &response)
\r
127 m_log->trace("IPageHandler::handleRequest from "+request.clientAddress().toString());
\r
129 std::map<std::string,std::string> vars;
\r
131 CreateQueryVarMap(request,vars);
\r
133 if(request.getVersion()==Poco::Net::HTTPRequest::HTTP_1_1)
\r
135 response.setChunkedTransferEncoding(true);
\r
137 response.setContentType("text/html");
\r
139 std::ostream &ostr = response.send();
\r
140 ostr << GeneratePage(request.getMethod(),vars);
\r
144 const std::string IPageHandler::SanitizeOutput(const std::string &input)
\r
146 // must do & first because all other elements have & in them!
\r
147 std::string output=StringFunctions::Replace(input,"&","&");
\r
148 output=StringFunctions::Replace(output,"<","<");
\r
149 output=StringFunctions::Replace(output,">",">");
\r
150 output=StringFunctions::Replace(output,"\"",""");
\r
151 output=StringFunctions::Replace(output," "," ");
\r
155 const bool IPageHandler::ValidateFormPassword(const std::map<std::string,std::string> &vars)
\r
157 Poco::DateTime date;
\r
158 date-=Poco::Timespan(0,1,0,0,0);
\r
160 SQLite3DB::Statement st=SQLite3DB::DB::Instance()->Prepare("DELETE FROM tmpFormPassword WHERE Date<?;");
\r
161 st.Bind(0,Poco::DateTimeFormatter::format(date,"%Y-%m-%d %H:%M:%S"));
\r
164 std::map<std::string,std::string>::const_iterator i=vars.find("formpassword");
\r
167 st=SQLite3DB::DB::Instance()->Prepare("SELECT COUNT(*) FROM tmpFormPassword WHERE Password=?;");
\r
168 st.Bind(0,(*i).second);
\r
170 if(st.RowReturned())
\r
172 if(st.ResultNull(0)==false)
\r
175 st.ResultInt(0,rval);
\r