werc/bin/cgilib.rc

297 lines
7.1 KiB
Plaintext

##############################################
# Useful CGI functions
NEW_LINE='
'
fn dprint { echo $* >[1=2] }
fn dprintvars { { for(v in $*) { echo -n $v^'#'^$#$v^'=' $$v '; ' }; echo } >[1=2] }
fn escape_html { sed 's/&/\&amp;/g; s/</\&lt;/g; s/>/\&gt;/g' $* }
fn http_redirect {
if(~ $1 http:* https:*)
t=$1
if not if(~ $1 /*)
t=$"base_url^$1
if not
t=$"base_url^$"req_path^$1
echo 'Status: '^$2^'
Location: '^$t^'
'
exit
}
fn perm_redirect { http_redirect $1 '301 Moved Permanantly' }
fn post_redirect { http_redirect $1 '303 See Other' }
fn static_file {
echo 'Content-Type: '`{select_mime $1}
echo
cat $1
exit
}
# Note: should check if content type is application/x-www-form-urlencoded?
fn load_post_args {
if(~ $REQUEST_METHOD POST && ~ $#post_args 0) {
ifs='&
' for(pair in `{cat}) {
ifs='=' { pair=`{echo -n $pair} }
n='post_arg_'^`{echo $pair(1)|tr -cd 'a-zA-Z0-9_'}
post_args=( $post_args $n )
ifs=() { $n=`{echo -n $pair(2)|urldecode|tr -d '
'} }
}
pair=()
}
if not
status='No POST or post args already loaded'
}
# Status is () if at least one arg is found. DEPRECATED: access vars directly.
fn get_post_args {
load_post_args
_status='No post arg matches'
for(n in $*) {
v=post_arg_$n
if(! ~ $#$v 0) {
$n=$$v
_status=()
}
}
status=$_status
}
# This seems slightly improve performance, but might depend on httpd buffering behavior.
fn awk_buffer {
awk '{
buf = buf $0"\n"
if(length(buf) > 1400) {
printf "%s", buf
buf = ""
}
}
END { printf "%s", buf }'
}
fn urldecode {
awk '
BEGIN {
hextab ["0"] = 0; hextab ["8"] = 8;
hextab ["1"] = 1; hextab ["9"] = 9;
hextab ["2"] = 2; hextab ["A"] = hextab ["a"] = 10
hextab ["3"] = 3; hextab ["B"] = hextab ["b"] = 11;
hextab ["4"] = 4; hextab ["C"] = hextab ["c"] = 12;
hextab ["5"] = 5; hextab ["D"] = hextab ["d"] = 13;
hextab ["6"] = 6; hextab ["E"] = hextab ["e"] = 14;
hextab ["7"] = 7; hextab ["F"] = hextab ["f"] = 15;
}
{
decoded = ""
i = 1
len = length ($0)
while ( i <= len ) {
c = substr ($0, i, 1)
if ( c == "%" ) {
if ( i+2 <= len ) {
c1 = substr ($0, i+1, 1)
c2 = substr ($0, i+2, 1)
if ( hextab [c1] == "" || hextab [c2] == "" ) {
print "WARNING: invalid hex encoding: %" c1 c2 | "cat >&2"
} else {
code = 0 + hextab [c1] * 16 + hextab [c2] + 0
c = sprintf ("%c", code)
i = i + 2
}
} else {
print "WARNING: invalid % encoding: " substr ($0, i, len - i)
}
} else if ( c == "+" ) {
c = " "
}
decoded = decoded c
++i
}
printf "%s", decoded
}
'
}
fn crop_text {
ellipsis='...'
if(~ $#* 2)
ellipsis=$2
awk -v max'='^$"1^' ' -v 'ellipsis='$ellipsis '
{
nc += 1 + length;
if(nc > max) {
print substr($0, 1, nc - max) ellipsis
exit
}
print
}'
}
# Cookies
fn set_cookie {
# TODO: should check input values more carefully
name=$1
val=$2
extraHttpHeaders=( $extraHttpHeaders 'Set-cookie: '^$"name^'='^$"val^'; path=/;' )
}
fn get_cookie {
ifs=';' { co = `{ echo $HTTP_COOKIE } }
# XXX: we might be adding a trailing new line?
# The ' ?' is needed to deal with '; ' inter-cookie delimiter
{ for(c in $co) echo $c } | sed -n 's/^ ?'$1'=//p'
}
fn select_mime {
m='text/plain'
if(~ $1 *.css)
m='text/css'
if not if(~ $1 *.ico)
m='image/x-icon'
if not if(~ $1 *.png)
m='image/png'
if not if(~ $1 *.jpg *.jpeg)
m='image/jpeg'
if not if(~ $1 *.gif)
m='image/gif'
if not if(~ $1 *.pdf)
m='application/pdf'
echo $m
}
##############################################
# Generic rc programming helpers
fn ll_add {
_l=$1^_^$#$1
$_l=$*(2-)
$1=( $$1 $_l )
}
##############################################
# Werc-specific functions
fn get_lib_file {
if(! ~ $#sitedir 0 && test -f $sitedir/_werc/lib/$1)
echo -n $sitedir/_werc/lib/$1
if not if(! ~ $#masterSite 0 && test -f $sitesdir/$masterSite/_werc/lib/$1)
echo -n $sitesdir/$masterSite/_werc/lib/$1
if not if(test -f lib/$1)
echo -n lib/$1
if not if(~ $#* 2)
echo -n $2
if not
status='Can''t find lib file: '$1
}
fn template { awk -f bin/template.awk $* | rc $rcargs }
# Auth code
allowed_user_chars='[a-zA-Z0-9_]'
# Cookie format: WERC_USER: name:timestamp:hash(name.timestamp.password)
# login_user can't be used from a template because it sets a cookie
fn login_user {
# Note: we set the cookie even if it is already there.
if(get_user $*)
set_cookie werc_user $"logged_user^':0:'^$"logged_password
}
# Check login status, if called with group arg we check membership too
fn check_user {
get_user
_status=$status
if(! ~ $"_status '')
_status=(Not logged in: $"_status)
if not if(! ~ $#* 0 && ! grep -s '^'^$logged_user^'$' etc/groups/$* etc/groups/admin) {
dprint NOT IN GROUP
_status=(User $logged_user not in groups $*)
}
status=$_status
}
# If not logged in, try to get user login info from POST or from cookie
fn get_user {
if(~ $#logged_user 0) {
if(~ $#* 2) {
user_name=$1
user_password=$2
}
if not if(~ $REQUEST_METHOD POST)
get_post_args user_name user_password
if(~ $#user_name 0) {
ifs=':' { cu=`{get_cookie werc_user|tr -d $NEW_LINE} }
if(! ~ $#cu 0) {
user_name=$cu(1)
user_password=$cu(3)
}
}
auth_user $user_name $user_password
}
if not
status=()
}
# Check if user_name and user_password represent a valid user account
# If valid, 'log in' by setting logged_user
fn auth_user {
user_name=$1
user_password=$2
pfile='etc/users/'^$"user_name^'/password'
if(~ $#user_name 0 || ~ $#user_password 0)
status=('Auth: missing user name or pass: '^$"user_name^' / '^$"user_password)
if not if(! test -f $pfile)
status=('Auth: cant find '^$pfile)
if not if(! ~ $user_password `{cat $pfile})
status=('Auth: Pass '$user_password' doesnt match '^`{cat $pfile})
if not {
logged_user=$user_name
logged_password=$user_password
dprint Auth: success
status=()
}
}
fn user_controls {
echo User: $"logged_user
}
# .md '(meta-)data' extract
fn get_md_file_attr {
sed -n '/^\* '$2': /p; /^\* '$2': /q; /^$/q' < $1
}
#app_blog_methods = ( _post index.rss )
#fn app_blog__post {
# echo
#}
#
#app_blog___default {
# if (~ $blog)
# call_app blogpost
#}
#
## --
#app_blogpost_methods = ( comment _edit )
#
#fn app_blogpost_comment {
# call_app comments
#}
#
## --
#app_comments_methods = ( _post _edit )
#
#fn app_comments___default {
#
#}