1 #include "../../include/http/ipagehandler.h"
\r
2 #include "../../include/stringfunctions.h"
\r
3 #include "../../include/http/multipartparser.h"
\r
5 #include <Poco/Net/HTMLForm.h>
\r
6 #include <Poco/UUIDGenerator.h>
\r
7 #include <Poco/UUID.h>
\r
8 #include <Poco/DateTime.h>
\r
9 #include <Poco/DateTimeFormatter.h>
\r
10 #include <Poco/Timespan.h>
\r
18 void IPageHandler::CreateArgArray(const std::map<std::string,std::string> &vars, const std::string &basename, std::vector<std::string> &args)
\r
20 for(std::map<std::string,std::string>::const_iterator i=vars.begin(); i!=vars.end(); i++)
\r
22 if((*i).first.find(basename)==0 && (*i).first.find("[")!=std::string::npos && (*i).first.find("]")!=std::string::npos)
\r
25 std::string indexstr;
\r
26 std::string::size_type startpos;
\r
27 std::string::size_type endpos;
\r
28 startpos=(*i).first.find("[");
\r
29 endpos=(*i).first.find("]");
\r
31 indexstr=(*i).first.substr(startpos+1,(endpos-startpos)-1);
\r
32 StringFunctions::Convert(indexstr,index);
\r
34 while(args.size()<index+1)
\r
38 args[index]=(*i).second;
\r
43 const std::string IPageHandler::CreateFormPassword()
\r
45 Poco::DateTime date;
\r
46 Poco::UUIDGenerator uuidgen;
\r
50 uuid=uuidgen.createRandom();
\r
56 SQLite3DB::Statement st=m_db->Prepare("INSERT INTO tmpFormPassword(Date,Password) VALUES(?,?);");
\r
57 st.Bind(0,Poco::DateTimeFormatter::format(date,"%Y-%m-%d %H:%M:%S"));
\r
58 st.Bind(1,uuid.toString());
\r
61 return "<input type=\"hidden\" name=\"formpassword\" value=\""+uuid.toString()+"\">";
\r
65 const std::string IPageHandler::CreateTrueFalseDropDown(const std::string &name, const std::string &selected)
\r
67 std::string rval="";
\r
69 rval+="<select name=\""+name+"\">";
\r
70 rval+="<option value=\"true\"";
\r
71 if(selected=="true")
\r
75 rval+=">true</option>";
\r
76 rval+="<option value=\"false\"";
\r
77 if(selected=="false")
\r
81 rval+=">false</option>";
\r
87 void IPageHandler::CreateQueryVarMap(Poco::Net::HTTPServerRequest &request, std::map<std::string,std::string> &vars)
\r
89 for(Poco::Net::HTTPServerRequest::ConstIterator i=request.begin(); i!=request.end(); i++)
\r
91 vars[(*i).first]=(*i).second;
\r
94 // handle HTMLForm and multiparts
\r
95 MultiPartParser mpp;
\r
96 Poco::Net::HTMLForm form(request,request.stream(),mpp);
\r
97 for(Poco::Net::HTMLForm::ConstIterator i=form.begin(); i!=form.end(); i++)
\r
99 vars[(*i).first]=(*i).second;
\r
102 // for a POST method, the HTMLForm won't grab vars off the query string so we
\r
103 // temporarily set the method to GET and parse with the HTMLForm again
\r
104 if(request.getMethod()=="POST")
\r
106 request.setMethod("GET");
\r
107 Poco::Net::HTMLForm form1(request,request.stream(),mpp);
\r
108 for(Poco::Net::HTMLForm::ConstIterator i=form1.begin(); i!=form1.end(); i++)
\r
110 vars[(*i).first]=(*i).second;
\r
112 request.setMethod("POST");
\r
115 // get any multiparts
\r
116 std::map<std::string,std::string> mpvars=mpp.GetVars();
\r
117 for(std::map<std::string,std::string>::iterator i=mpvars.begin(); i!=mpvars.end(); i++)
\r
119 vars[(*i).first]=(*i).second;
\r
124 void IPageHandler::handleRequest(Poco::Net::HTTPServerRequest &request, Poco::Net::HTTPServerResponse &response)
\r
126 m_log->trace("IPageHandler::handleRequest from "+request.clientAddress().toString());
\r
128 std::map<std::string,std::string> vars;
\r
130 CreateQueryVarMap(request,vars);
\r
132 if(request.getVersion()==Poco::Net::HTTPRequest::HTTP_1_1)
\r
134 response.setChunkedTransferEncoding(true);
\r
136 response.setContentType("text/html");
\r
138 std::ostream &ostr = response.send();
\r
139 ostr << GeneratePage(request.getMethod(),vars);
\r
143 const std::string IPageHandler::SanitizeOutput(const std::string &input)
\r
145 // must do & first because all other elements have & in them!
\r
146 std::string output=StringFunctions::Replace(input,"&","&");
\r
147 output=StringFunctions::Replace(output,"<","<");
\r
148 output=StringFunctions::Replace(output,">",">");
\r
149 output=StringFunctions::Replace(output,"\"",""");
\r
150 output=StringFunctions::Replace(output," "," ");
\r
154 const std::string IPageHandler::SanitizeTextAreaOutput(const std::string &input)
\r
156 // must do & first because all other elements have & in them!
\r
157 std::string output=StringFunctions::Replace(input,"&","&");
\r
158 output=StringFunctions::Replace(output,"<","<");
\r
159 output=StringFunctions::Replace(output,">",">");
\r
160 output=StringFunctions::Replace(output,"\"",""");
\r
164 const bool IPageHandler::ValidateFormPassword(const std::map<std::string,std::string> &vars)
\r
166 Poco::DateTime date;
\r
167 date-=Poco::Timespan(0,1,0,0,0);
\r
169 SQLite3DB::Statement st=m_db->Prepare("DELETE FROM tmpFormPassword WHERE Date<?;");
\r
170 st.Bind(0,Poco::DateTimeFormatter::format(date,"%Y-%m-%d %H:%M:%S"));
\r
173 std::map<std::string,std::string>::const_iterator i=vars.find("formpassword");
\r
176 st=m_db->Prepare("SELECT COUNT(*) FROM tmpFormPassword WHERE Password=?;");
\r
177 st.Bind(0,(*i).second);
\r
179 if(st.RowReturned())
\r
181 if(st.ResultNull(0)==false)
\r
184 st.ResultInt(0,rval);
\r
210 const bool IPageHandler::WillHandleURI(const std::string &uri)
\r
212 if(uri.find(m_pagename)!=std::string::npos)
\r