+ if(request.getVersion()==Poco::Net::HTTPRequest::HTTP_1_1)\r
+ {\r
+ response.setChunkedTransferEncoding(true);\r
+ }\r
+ response.setContentType("text/html");\r
+\r
+ std::ostream &ostr = response.send();\r
+ ostr << GeneratePage(request.getMethod(),vars);\r
+\r
+}\r
+\r
+const std::string IPageHandler::SanitizeOutput(const std::string &input)\r
+{\r
+ // must do & first because all other elements have & in them!\r
+ std::string output=StringFunctions::Replace(input,"&","&");\r
+ output=StringFunctions::Replace(output,"<","<");\r
+ output=StringFunctions::Replace(output,">",">");\r
+ output=StringFunctions::Replace(output,"\"",""");\r
+ output=StringFunctions::Replace(output," "," ");\r
+ return output;\r
+}\r
+\r
+const std::string IPageHandler::SanitizeTextAreaOutput(const std::string &input)\r
+{\r
+ // must do & first because all other elements have & in them!\r
+ std::string output=StringFunctions::Replace(input,"&","&");\r
+ output=StringFunctions::Replace(output,"<","<");\r
+ output=StringFunctions::Replace(output,">",">");\r
+ output=StringFunctions::Replace(output,"\"",""");\r
+ return output;\r
+}\r
+\r
+const bool IPageHandler::ValidateFormPassword(const std::map<std::string,std::string> &vars)\r
+{\r
+ Poco::DateTime date;\r
+ date-=Poco::Timespan(0,1,0,0,0);\r
+\r
+ SQLite3DB::Statement st=m_db->Prepare("DELETE FROM tmpFormPassword WHERE Date<?;");\r
+ st.Bind(0,Poco::DateTimeFormatter::format(date,"%Y-%m-%d %H:%M:%S"));\r
+ st.Step();\r
+\r
+ std::map<std::string,std::string>::const_iterator i=vars.find("formpassword");\r
+ if(i!=vars.end())\r
+ {\r
+ st=m_db->Prepare("SELECT COUNT(*) FROM tmpFormPassword WHERE Password=?;");\r
+ st.Bind(0,(*i).second);\r
+ st.Step();\r
+ if(st.RowReturned())\r