|
|
| version 1.119, 2003/12/11 09:36:51 | version 1.140, 2005/11/22 11:31:58 |
|---|---|
| Line 1 | Line 1 |
| /** @file | /** @file |
| Parser: @b file parser class. | Parser: @b file parser class. |
| Copyright (c) 2001-2003 ArtLebedev Group (http://www.artlebedev.com) | Copyright (c) 2001-2005 ArtLebedev Group (http://www.artlebedev.com) |
| Author: Alexandr Petrosian <paf@design.ru> (http://paf.design.ru) | Author: Alexandr Petrosian <paf@design.ru> (http://paf.design.ru) |
| */ | */ |
| Line 24 static const char * const IDENT_FILE_C=" | Line 24 static const char * const IDENT_FILE_C=" |
| #include "pa_vtable.h" | #include "pa_vtable.h" |
| #include "pa_charset.h" | #include "pa_charset.h" |
| #include "pa_charsets.h" | #include "pa_charsets.h" |
| #include "pa_sql_connection.h" | |
| // defines | // defines |
| #define TEXT_MODE_NAME "text" | #define TEXT_MODE_NAME "text" |
| #define BINARY_MODE_NAME "binary" | |
| #define STDIN_EXEC_PARAM_NAME "stdin" | #define STDIN_EXEC_PARAM_NAME "stdin" |
| #define CHARSET_EXEC_PARAM_NAME "charset" | #define CHARSET_EXEC_PARAM_NAME "charset" |
| #define NAME_NAME "name" | |
| // externs | |
| extern String sql_limit_name; | |
| extern String sql_offset_name; | |
| // class | // class |
| class MFile: public Methoded { | class MFile: public Methoded { |
| public: // VStateless_class | public: // VStateless_class |
| Value* create_new_value(Pool&) { return new VFile(); } | Value* create_new_value(Pool&, HashStringValue&) { return new VFile(); } |
| public: // Methoded | public: // Methoded |
| bool used_directly() { return true; } | bool used_directly() { return true; } |
| Line 104 static const String::Body cdate_name("cd | Line 113 static const String::Body cdate_name("cd |
| // methods | // methods |
| static bool is_text_mode(const String& mode) { | |
| if(mode==TEXT_MODE_NAME) | |
| return true; | |
| if(mode==BINARY_MODE_NAME) | |
| return false; | |
| throw Exception("parser.runtime", | |
| &mode, | |
| "is invalid mode, must be either '"TEXT_MODE_NAME"' or '"BINARY_MODE_NAME"'"); | |
| } | |
| static void _save(Request& r, MethodParams& params) { | static void _save(Request& r, MethodParams& params) { |
| Value& vmode_name=params. as_no_junction(0, "mode must not be code"); | Value& vmode_name=params. as_no_junction(0, "mode must not be code"); |
| Value& vfile_name=params.as_no_junction(1, "file name must not be code"); | Value& vfile_name=params.as_no_junction(1, "file name must not be code"); |
| // save | // save |
| GET_SELF(r, VFile).save(r.absolute(vfile_name.as_string()), | GET_SELF(r, VFile).save(r.absolute(vfile_name.as_string()), |
| vmode_name.as_string()==TEXT_MODE_NAME); | is_text_mode(vmode_name.as_string())); |
| } | } |
| static void _delete(Request& r, MethodParams& params) { | static void _delete(Request& r, MethodParams& params) { |
| Line 146 static void _load(Request& r, MethodPara | Line 165 static void _load(Request& r, MethodPara |
| if(third_param_hash) | if(third_param_hash) |
| alt_filename_param_index++; | alt_filename_param_index++; |
| HashStringValue* options=third_param_hash; | |
| size_t offset=0; | |
| size_t limit=0; | |
| if(options) { | |
| options=new HashStringValue(*options); | |
| if(Value *voffset=(Value *)options->get(sql_offset_name)) { | |
| offset=r.process_to_value(*voffset).as_int(); | |
| } | |
| if(Value *vlimit=(Value *)options->get(sql_limit_name)) { | |
| limit=r.process_to_value(*vlimit).as_int(); | |
| } | |
| // no check on options count here, see file_read | |
| } | |
| File_read_result file=file_read(r.charsets, lfile_name, | File_read_result file=file_read(r.charsets, lfile_name, |
| vmode_name.as_string()==TEXT_MODE_NAME, | is_text_mode(vmode_name.as_string()), |
| third_param_hash | options, true, 0, offset, limit |
| ); | ); |
| const char *user_file_name=params.count()>alt_filename_param_index? | const char *user_file_name=params.count()>alt_filename_param_index? |
| Line 157 static void _load(Request& r, MethodPara | Line 189 static void _load(Request& r, MethodPara |
| Value* vcontent_type=0; | Value* vcontent_type=0; |
| if(file.headers) | if(file.headers) |
| vcontent_type=file.headers->get(content_type_name); | { |
| if(Value* remote_content_type=file.headers->get("CONTENT-TYPE")) | |
| vcontent_type=new VString(*new String(remote_content_type->as_string().cstr())); | |
| } | |
| if(!vcontent_type) | if(!vcontent_type) |
| vcontent_type=new VString(r.mime_type_of(user_file_name)); | vcontent_type=new VString(r.mime_type_of(user_file_name)); |
| Line 167 static void _load(Request& r, MethodPara | Line 202 static void _load(Request& r, MethodPara |
| file.headers->for_each(_load_pass_param, &self.fields()); | file.headers->for_each(_load_pass_param, &self.fields()); |
| } | } |
| static void _create(Request& r, MethodParams& params) { | |
| Value& vmode_name=params. as_no_junction(0, "mode must not be code"); | |
| if(!is_text_mode(vmode_name.as_string())) | |
| throw Exception("parser.runtime", | |
| 0, | |
| "only text mode is currently supported"); | |
| const char* user_file_name_cstr=r.absolute( | |
| params.as_no_junction(1, "file name must not be code").as_string()).cstr(String::L_FILE_SPEC); | |
| const String& content=params.as_string(2, "content must be string"); | |
| const char* content_cstr=content.cstr(String::L_UNSPECIFIED); // explode content, honor tainting changes | |
| VString* vcontent_type=new VString(r.mime_type_of(user_file_name_cstr)); | |
| VFile& self=GET_SELF(r, VFile); | |
| self.set(true/*tainted*/, content_cstr, strlen(content_cstr), user_file_name_cstr, vcontent_type); | |
| } | |
| static void _stat(Request& r, MethodParams& params) { | static void _stat(Request& r, MethodParams& params) { |
| Value& vfile_name=params.as_no_junction(0, "file name must not be code"); | Value& vfile_name=params.as_no_junction(0, "file name must not be code"); |
| Line 223 static void append_env_pair( | Line 277 static void append_env_pair( |
| throw Exception("parser.runtime", | throw Exception("parser.runtime", |
| new String(akey, String::L_TAINTED), | new String(akey, String::L_TAINTED), |
| "not safe environment variable"); | "not safe environment variable"); |
| info->env->put(akey, avalue->as_string()); | info->env->put(akey, avalue->as_string().cstr_to_string_body(String::L_UNSPECIFIED)); |
| } | } |
| } | } |
| #ifndef DOXYGEN | #ifndef DOXYGEN |
| Line 237 static void pass_cgi_header_attribute( | Line 291 static void pass_cgi_header_attribute( |
| ArrayString::element_type astring, | ArrayString::element_type astring, |
| Pass_cgi_header_attribute_info* info) { | Pass_cgi_header_attribute_info* info) { |
| size_t colon_pos=astring->pos(':'); | size_t colon_pos=astring->pos(':'); |
| if(colon_pos==STRING_NOT_FOUND) { | if(colon_pos!=STRING_NOT_FOUND) { |
| const String& key=astring->mid(0, colon_pos).change_case( | const String& key=astring->mid(0, colon_pos).change_case( |
| *info->charset, String::CC_UPPER); | *info->charset, String::CC_UPPER); |
| Value* value=new VString(astring->mid(colon_pos+1, astring->length())); | Value* value=new VString(astring->mid(colon_pos+1, astring->length()).trim()); |
| info->fields->put(key, value); | info->fields->put(key, value); |
| if(key=="CONTENT-TYPE") | if(key=="CONTENT-TYPE") |
| info->content_type=value; | info->content_type=value; |
| Line 615 static void _fullpath(Request& r, Method | Line 669 static void _fullpath(Request& r, Method |
| r.write_assign_lang(*result); | r.write_assign_lang(*result); |
| } | } |
| static void _sql_string(Request& r, MethodParams&) { | |
| VFile& self=GET_SELF(r, VFile); | |
| const char *quoted=r.connection()->quote(self.value_ptr(), self.value_size()); | |
| r.write_assign_lang(*new String(quoted)); | |
| } | |
| #ifndef DOXYGEN | |
| class File_sql_event_handlers: public SQL_Driver_query_event_handlers { | |
| const String& statement_string; const char* statement_cstr; | |
| int got_columns; | |
| int got_cells; | |
| public: | |
| String::C value; | |
| const String* user_file_name; | |
| const String* user_content_type; | |
| public: | |
| File_sql_event_handlers( | |
| const String& astatement_string, const char* astatement_cstr): | |
| statement_string(astatement_string), statement_cstr(astatement_cstr), | |
| got_columns(0), | |
| got_cells(0), | |
| user_file_name(0), | |
| user_content_type(0) {} | |
| bool add_column(SQL_Error& error, const char* /*str*/, size_t /*length*/) { | |
| if(got_columns++==3) { | |
| error=SQL_Error("parser.runtime", "result must contain not more then 3 columns"); | |
| return true; | |
| } | |
| return false; | |
| } | |
| bool before_rows(SQL_Error& /*error*/ ) { /* ignore */ return false; } | |
| bool add_row(SQL_Error& /*error*/) { /* ignore */ return false; } | |
| bool add_row_cell(SQL_Error& error, const char* str, size_t length) { | |
| try { | |
| switch(got_cells++) { | |
| case 0: | |
| value=String::C(str, length); | |
| break; | |
| case 1: | |
| if(!user_file_name) // user not specified? | |
| user_file_name=new String(str, length, true); | |
| break; | |
| case 2: | |
| if(!user_content_type) // user not specified? | |
| user_content_type=new String(str, length, true); | |
| break; | |
| default: | |
| error=SQL_Error("parser.runtime", "result must not contain more then one row, three rows"); | |
| return true; | |
| } | |
| return false; | |
| } catch(...) { | |
| error=SQL_Error("exception occured in File_sql_event_handlers::add_row_cell"); | |
| return true; | |
| } | |
| } | |
| }; | |
| #endif | |
| static void _sql(Request& r, MethodParams& params) { | |
| Value& statement=params.as_junction(0, "statement must be code"); | |
| Temp_lang temp_lang(r, String::L_SQL); | |
| const String& statement_string=r.process_to_string(statement); | |
| const char* statement_cstr= | |
| statement_string.cstr(String::L_UNSPECIFIED, r.connection()); | |
| File_sql_event_handlers handlers(statement_string, statement_cstr); | |
| if(params.count()>1) | |
| if(HashStringValue* options= | |
| params.as_no_junction(1, "param must not be code").get_hash()) { | |
| int valid_options=0; | |
| if(Value* vfilename=options->get(NAME_NAME)) { | |
| valid_options++; | |
| handlers.user_file_name=&vfilename->as_string(); | |
| } | |
| if(Value* vcontent_type=options->get(CONTENT_TYPE_NAME)) { | |
| valid_options++; | |
| handlers.user_content_type=&vcontent_type->as_string(); | |
| } | |
| if(valid_options!=options->count()) | |
| throw Exception("parser.runtime", | |
| 0, | |
| "called with invalid option"); | |
| } | |
| r.connection()->query( | |
| statement_cstr, | |
| 0, 0, | |
| 0, 0, | |
| handlers, | |
| statement_string); | |
| if(!handlers.value) | |
| throw Exception("parser.runtime", | |
| 0, | |
| "produced no result"); | |
| const char* user_file_name_cstr=handlers.user_file_name? handlers.user_file_name->cstr(): 0; | |
| VString* vcontent_type=handlers.user_content_type? | |
| new VString(*handlers.user_content_type) | |
| : user_file_name_cstr? | |
| new VString(r.mime_type_of(user_file_name_cstr)) | |
| : 0; | |
| VFile& self=GET_SELF(r, VFile); | |
| self.set(true/*tainted*/, handlers.value.str, handlers.value.length, user_file_name_cstr, vcontent_type); | |
| } | |
| static void _base64(Request& r, MethodParams& params) { | |
| VFile& self=GET_SELF(r, VFile); | |
| if(params.count()) { | |
| // decode | |
| const char* cstr=params.as_string(0, "parameter must be string").cstr(); | |
| char* decoded_cstr=0; | |
| size_t decoded_size=0; | |
| pa_base64_decode(cstr, strlen(cstr), decoded_cstr, decoded_size); | |
| if(decoded_cstr && decoded_size) | |
| self.set(true/*tainted*/, decoded_cstr, decoded_size); | |
| } else { | |
| // encode | |
| const char* encoded=pa_base64_encode(self.value_ptr(), self.value_size()); | |
| r.write_assign_lang(*new String(encoded, 0, true/*once ?param=base64(something) was needed*/)); | |
| } | |
| } | |
| // constructor | // constructor |
| MFile::MFile(): Methoded("file") { | MFile::MFile(): Methoded("file") { |
| // ^create[text;user-name;string] | |
| // ^create[binary;user-name;SOMEDAY SOMETHING] | |
| add_native_method("create", Method::CT_DYNAMIC, _create, 3, 3); | |
| // ^save[mode;file-name] | // ^save[mode;file-name] |
| add_native_method("save", Method::CT_DYNAMIC, _save, 2, 2); | add_native_method("save", Method::CT_DYNAMIC, _save, 2, 2); |
| Line 638 MFile::MFile(): Methoded("file") { | Line 823 MFile::MFile(): Methoded("file") { |
| // ^cgi[file-name] | // ^cgi[file-name] |
| // ^cgi[file-name;env hash] | // ^cgi[file-name;env hash] |
| // ^cgi[file-name;env hash;1cmd;2line;3ar;4g;5s] | // ^cgi[file-name;env hash;1cmd;2line;3ar;4g;5s] |
| add_native_method("cgi", Method::CT_DYNAMIC, _cgi, 1, 2+10); | add_native_method("cgi", Method::CT_DYNAMIC, _cgi, 1, 2+50); |
| // ^exec[file-name] | // ^exec[file-name] |
| // ^exec[file-name;env hash] | // ^exec[file-name;env hash] |
| // ^exec[file-name;env hash;1cmd;2line;3ar;4g;5s] | // ^exec[file-name;env hash;1cmd;2line;3ar;4g;5s] |
| add_native_method("exec", Method::CT_DYNAMIC, _exec, 1, 2+10); | add_native_method("exec", Method::CT_DYNAMIC, _exec, 1, 2+50); |
| // ^file:list[path] | // ^file:list[path] |
| // ^file:list[path][regexp] | // ^file:list[path][regexp] |
| Line 667 MFile::MFile(): Methoded("file") { | Line 852 MFile::MFile(): Methoded("file") { |
| add_native_method("justext", Method::CT_STATIC, _justext, 1, 1); | add_native_method("justext", Method::CT_STATIC, _justext, 1, 1); |
| // /some/page.html: ^file:fullpath[a.gif] => /some/a.gif | // /some/page.html: ^file:fullpath[a.gif] => /some/a.gif |
| add_native_method("fullpath", Method::CT_STATIC, _fullpath, 1, 1); | add_native_method("fullpath", Method::CT_STATIC, _fullpath, 1, 1); |
| // ^file.sql-string[] | |
| add_native_method("sql-string", Method::CT_DYNAMIC, _sql_string, 0, 0); | |
| // ^file::sql[[alt_name]]{} | |
| add_native_method("sql", Method::CT_DYNAMIC, _sql, 1, 2); | |
| // ^file.base64[] << encode | |
| // ^file::base64[string] << decode | |
| add_native_method("base64", Method::CT_DYNAMIC, _base64, 0, 1); | |
| } | } |