More changing formatting to use stralloc.
Specifically, change the www_last10 HTML rendering logic to use stralloc and strftime(). This eliminates a lot of duplication. It would be easier to test this with a unit test if the logic of reading the last10 entries from a file were separated from the HTML rendering logic. An area for future enhancement. Also start in on www_email.c, which is the last bastion of significant realloc() use for page generation. An explicit goal is to get rid of unsafe string handling functions such as strcpy, strcat, sprintf, etc. Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
This commit is contained in:
parent
0ade566c11
commit
42eb413c91
@ -141,72 +141,20 @@ int www_send_email(struct user_record *user, char *recipient, char *subject, cha
|
|||||||
}
|
}
|
||||||
|
|
||||||
char *www_new_email() {
|
char *www_new_email() {
|
||||||
char *page;
|
stralloc page = EMPTY_STRALLOC;
|
||||||
int max_len;
|
|
||||||
int len;
|
|
||||||
char buffer[4096];
|
|
||||||
|
|
||||||
page = (char *)malloz(4096);
|
stralloc_copys(&page, "<div class=\"content-header\"><h2>New Email</h2></div>\n");
|
||||||
max_len = 4096;
|
stralloc_cats(&page, "<form action=\"");
|
||||||
len = 0;
|
stralloc_cats(&page, conf.www_url);
|
||||||
|
stralloc_cats(&page, "email/\" method=\"POST\" onsubmit=\"return validate()\" enctype=\"application/x-www-form-urlencoded\">\n");
|
||||||
|
stralloc_cats(&page, "To : <input type=\"text\" name=\"recipient\" id=\"recipient\" /><br />\n");
|
||||||
|
stralloc_cats(&page, "Subject : <input type=\"text\" name=\"subject\" id=\"subject\" /><br />\n");
|
||||||
|
stralloc_cats(&page, "<textarea name=\"body\" wrap=\"hard\" rows=\"25\" cols=\"79\" id=\"body\"></textarea>\n<br />");
|
||||||
|
stralloc_cats(&page, "<input type=\"submit\" name=\"submit\" value=\"Send\" />\n<br />");
|
||||||
|
stralloc_cats(&page, "</form>\n");
|
||||||
|
stralloc_0(&page);
|
||||||
|
|
||||||
sprintf(buffer, "<div class=\"content-header\"><h2>New Email</h2></div>\n");
|
return page.s;
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
|
||||||
max_len += 4096;
|
|
||||||
page = (char *)realloc(page, max_len);
|
|
||||||
}
|
|
||||||
strcat(page, buffer);
|
|
||||||
len += strlen(buffer);
|
|
||||||
|
|
||||||
sprintf(buffer, "<form action=\"%semail/\" method=\"POST\" onsubmit=\"return validate()\" enctype=\"application/x-www-form-urlencoded\">\n", conf.www_url);
|
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
|
||||||
max_len += 4096;
|
|
||||||
page = (char *)realloc(page, max_len);
|
|
||||||
}
|
|
||||||
strcat(page, buffer);
|
|
||||||
len += strlen(buffer);
|
|
||||||
|
|
||||||
sprintf(buffer, "To : <input type=\"text\" name=\"recipient\" id=\"recipient\" /><br />\n");
|
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
|
||||||
max_len += 4096;
|
|
||||||
page = (char *)realloc(page, max_len);
|
|
||||||
}
|
|
||||||
strcat(page, buffer);
|
|
||||||
len += strlen(buffer);
|
|
||||||
|
|
||||||
sprintf(buffer, "Subject : <input type=\"text\" name=\"subject\" id=\"subject\" /><br />\n");
|
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
|
||||||
max_len += 4096;
|
|
||||||
page = (char *)realloc(page, max_len);
|
|
||||||
}
|
|
||||||
strcat(page, buffer);
|
|
||||||
len += strlen(buffer);
|
|
||||||
|
|
||||||
sprintf(buffer, "<textarea name=\"body\" wrap=\"hard\" rows=\"25\" cols=\"79\" id=\"body\"></textarea>\n<br />");
|
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
|
||||||
max_len += 4096;
|
|
||||||
page = (char *)realloc(page, max_len);
|
|
||||||
}
|
|
||||||
strcat(page, buffer);
|
|
||||||
len += strlen(buffer);
|
|
||||||
|
|
||||||
sprintf(buffer, "<input type=\"submit\" name=\"submit\" value=\"Send\" />\n<br />");
|
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
|
||||||
max_len += 4096;
|
|
||||||
page = (char *)realloc(page, max_len);
|
|
||||||
}
|
|
||||||
strcat(page, buffer);
|
|
||||||
len += strlen(buffer);
|
|
||||||
|
|
||||||
sprintf(buffer, "</form>\n");
|
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
|
||||||
max_len += 4096;
|
|
||||||
page = (char *)realloc(page, max_len);
|
|
||||||
}
|
|
||||||
strcat(page, buffer);
|
|
||||||
len += strlen(buffer);
|
|
||||||
|
|
||||||
return page;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
char *www_email_display(struct user_record *user, int email) {
|
char *www_email_display(struct user_record *user, int email) {
|
||||||
|
@ -1,88 +1,57 @@
|
|||||||
#if defined(ENABLE_WWW)
|
#if defined(ENABLE_WWW)
|
||||||
|
|
||||||
#include <string.h>
|
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
#include "bbs.h"
|
#include "bbs.h"
|
||||||
|
|
||||||
extern struct bbs_config conf;
|
extern struct bbs_config conf;
|
||||||
|
|
||||||
char *www_last10() {
|
char *www_last10() {
|
||||||
char *page;
|
size_t n = 0;
|
||||||
int max_len;
|
stralloc page = EMPTY_STRALLOC;
|
||||||
int len;
|
|
||||||
char buffer[4096];
|
|
||||||
struct last10_callers callers[10];
|
struct last10_callers callers[10];
|
||||||
|
|
||||||
int i, z;
|
|
||||||
struct tm l10_time;
|
|
||||||
FILE *fptr = fopen("last10v2.dat", "rb");
|
FILE *fptr = fopen("last10v2.dat", "rb");
|
||||||
|
|
||||||
if (fptr != NULL) {
|
if (fptr != NULL) {
|
||||||
|
for ( ; n < 10; ++n)
|
||||||
for (i = 0; i < 10; i++) {
|
if (fread(&callers[n], sizeof(callers[n]), 1, fptr) != sizeof(callers[n]))
|
||||||
if (fread(&callers[i], sizeof(struct last10_callers), 1, fptr) < 1) {
|
|
||||||
break;
|
break;
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
fclose(fptr);
|
fclose(fptr);
|
||||||
} else {
|
|
||||||
i = 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
page = (char *)malloz(4096);
|
stralloc_copys(&page, "<div class=\"content-header\"><h2>Last 10 Callers</h2></div>\n");
|
||||||
max_len = 4096;
|
stralloc_cats(&page, "<div class=\"div-table\">\n");
|
||||||
len = 0;
|
for (size_t i = 0; i < n; ++i) {
|
||||||
|
struct tm called;
|
||||||
|
char buffer[32];
|
||||||
|
|
||||||
sprintf(buffer, "<div class=\"content-header\"><h2>Last 10 Callers</h2></div>\n");
|
stralloc_cats(&page, "<div class=\"last10-row\"><div class=\"last10-name\">");
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
stralloc_cats(&page, callers[i].name);
|
||||||
max_len += 4096;
|
stralloc_cats(&page, "</div><div class=\"last10-location\">");
|
||||||
page = (char *)realloc(page, max_len);
|
stralloc_cats(&page, callers[i].location);
|
||||||
}
|
stralloc_cats(&page, "</div>");
|
||||||
strcat(page, buffer);
|
stralloc_cats(&page, "<div class=\"last10-date\">");
|
||||||
len += strlen(buffer);
|
|
||||||
|
|
||||||
sprintf(buffer, "<div class=\"div-table\">\n");
|
localtime_r(&callers[i].time, &called);
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
if (conf.date_style == 1)
|
||||||
max_len += 4096;
|
strftime(buffer, sizeof buffer, "%H:%M %m-%d-%y", &called);
|
||||||
page = (char *)realloc(page, max_len);
|
else
|
||||||
}
|
strftime(buffer, sizeof buffer, "%H:%M %d-%m-%y", &called);
|
||||||
strcat(page, buffer);
|
stralloc_cats(&page, buffer);
|
||||||
len += strlen(buffer);
|
stralloc_cats(&page, "</div>\n");
|
||||||
|
if (callers[i].calls == 1) {
|
||||||
for (z = 0; z < i; z++) {
|
stralloc_cats(&page, "<div class=\"last10-new\"><img src=\"");
|
||||||
localtime_r(&callers[z].time, &l10_time);
|
stralloc_cats(&page, conf.www_url);
|
||||||
if (conf.date_style == 1) {
|
stralloc_cats(&page, "static/newuser.png\" /></div>");
|
||||||
if (callers[z].calls == 1) {
|
|
||||||
sprintf(buffer, "<div class=\"last10-row\"><div class=\"last10-name\">%s</div><div class=\"last10-location\">%s</div><div class=\"last10-date\">%.2d:%.2d %.2d-%.2d-%.2d</div><div class=\"last10-new\"><img src=\"%sstatic/newuser.png\" /></div></div>\n", callers[z].name, callers[z].location, l10_time.tm_hour, l10_time.tm_min, l10_time.tm_mon + 1, l10_time.tm_mday, l10_time.tm_year - 100, conf.www_url);
|
|
||||||
} else {
|
|
||||||
sprintf(buffer, "<div class=\"last10-row\"><div class=\"last10-name\">%s</div><div class=\"last10-location\">%s</div><div class=\"last10-date\">%.2d:%.2d %.2d-%.2d-%.2d</div></div>\n", callers[z].name, callers[z].location, l10_time.tm_hour, l10_time.tm_min, l10_time.tm_mon + 1, l10_time.tm_mday, l10_time.tm_year - 100);
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
if (callers[z].calls == 1) {
|
|
||||||
sprintf(buffer, "<div class=\"last10-row\"><div class=\"last10-name\">%s</div><div class=\"last10-location\">%s</div><div class=\"last10-date\">%.2d:%.2d %.2d-%.2d-%.2d</div><div class=\"last10-new\"><img src=\"%sstatic/newuser.png\" /></div></div>\n", callers[z].name, callers[z].location, l10_time.tm_hour, l10_time.tm_min, l10_time.tm_mday, l10_time.tm_mon + 1, l10_time.tm_year - 100, conf.www_url);
|
|
||||||
} else {
|
|
||||||
sprintf(buffer, "<div class=\"last10-row\"><div class=\"last10-name\">%s</div><div class=\"last10-location\">%s</div><div class=\"last10-date\">%.2d:%.2d %.2d-%.2d-%.2d</div></div>\n", callers[z].name, callers[z].location, l10_time.tm_hour, l10_time.tm_min, l10_time.tm_mday, l10_time.tm_mon + 1, l10_time.tm_year - 100);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
stralloc_cats(&page, "</div>\n");
|
||||||
max_len += 4096;
|
|
||||||
page = (char *)realloc(page, max_len);
|
|
||||||
}
|
|
||||||
strcat(page, buffer);
|
|
||||||
len += strlen(buffer);
|
|
||||||
}
|
}
|
||||||
|
stralloc_cats(&page, "</div>\n");
|
||||||
|
stralloc_0(&page);
|
||||||
|
|
||||||
sprintf(buffer, "</div>\n");
|
return page.s;
|
||||||
if (len + strlen(buffer) > max_len - 1) {
|
|
||||||
max_len += 4096;
|
|
||||||
page = (char *)realloc(page, max_len);
|
|
||||||
}
|
|
||||||
strcat(page, buffer);
|
|
||||||
len += strlen(buffer);
|
|
||||||
|
|
||||||
return page;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
Reference in New Issue
Block a user