|
|
| version 1.231, 2014/05/01 12:38:08 | version 1.267, 2019/11/13 22:12:51 |
|---|---|
| Line 1 | Line 1 |
| /** @file | /** @file |
| Parser: @b file parser class. | Parser: @b file parser class. |
| Copyright (c) 2001-2012 Art. Lebedev Studio (http://www.artlebedev.com) | Copyright (c) 2001-2017 Art. Lebedev Studio (http://www.artlebedev.com) |
| Author: Alexandr Petrosian <paf@design.ru> (http://paf.design.ru) | Author: Alexandr Petrosian <paf@design.ru> (http://paf.design.ru) |
| */ | */ |
| Line 9 | Line 9 |
| #include "classes.h" | #include "classes.h" |
| #include "pa_vmethod_frame.h" | #include "pa_vmethod_frame.h" |
| #include "pa_base64.h" | |
| #include "pa_request.h" | #include "pa_request.h" |
| #include "pa_vfile.h" | #include "pa_vfile.h" |
| Line 68 public: | Line 69 public: |
| // global variable | // global variable |
| DECLARE_CLASS_VAR(file, new MFile, 0); | DECLARE_CLASS_VAR(file, new MFile); |
| // consts | // consts |
| Line 118 static const char* suexec_safe_env_lst[] | Line 119 static const char* suexec_safe_env_lst[] |
| // statics | // statics |
| static const String::Body size_name("size"); | |
| static const String::Body adate_name("adate"); | static const String::Body adate_name("adate"); |
| static const String::Body mdate_name("mdate"); | static const String::Body mdate_name("mdate"); |
| static const String::Body cdate_name("cdate"); | static const String::Body cdate_name("cdate"); |
| Line 133 static void _save(Request& r, MethodPara | Line 135 static void _save(Request& r, MethodPara |
| if(HashStringValue* options=params.as_hash(2)){ | if(HashStringValue* options=params.as_hash(2)){ |
| int valid_options=0; | int valid_options=0; |
| if(Value* vcharset_name=options->get(PA_CHARSET_NAME)){ | if(Value* vcharset_name=options->get(PA_CHARSET_NAME)){ |
| asked_charset=&::charsets.get(vcharset_name->as_string().change_case(r.charsets.source(), String::CC_UPPER)); | asked_charset=&pa_charsets.get(vcharset_name->as_string()); |
| valid_options++; | valid_options++; |
| } | } |
| if(valid_options != options->count()) | if(valid_options != options->count()) |
| Line 153 static void _delete(Request& r, MethodPa | Line 155 static void _delete(Request& r, MethodPa |
| if(HashStringValue* options=params.as_hash(1)){ | if(HashStringValue* options=params.as_hash(1)){ |
| int valid_options=0; | int valid_options=0; |
| if(Value* vkeep_empty_dirs=options->get(KEEP_EMPTY_DIRS_NAME)){ | if(Value* vkeep_empty_dirs=options->get(KEEP_EMPTY_DIRS_NAME)){ |
| keep_empty_dirs=r.process_to_value(*vkeep_empty_dirs).as_bool(); | keep_empty_dirs=r.process(*vkeep_empty_dirs).as_bool(); |
| valid_options++; | valid_options++; |
| } | } |
| if(Value* vsuppress_exception=options->get(SUPPRESS_EXCEPTION_NAME)){ | if(Value* vsuppress_exception=options->get(SUPPRESS_EXCEPTION_NAME)){ |
| fail_on_problem=r.process_to_value(*vsuppress_exception).as_bool(); | fail_on_problem=r.process(*vsuppress_exception).as_bool(); |
| valid_options++; | valid_options++; |
| } | } |
| if(valid_options != options->count()) | if(valid_options != options->count()) |
| Line 177 static void _move(Request& r, MethodPara | Line 179 static void _move(Request& r, MethodPara |
| if(HashStringValue* options=params.as_hash(2)){ | if(HashStringValue* options=params.as_hash(2)){ |
| int valid_options=0; | int valid_options=0; |
| if(Value* vkeep_empty_dirs=options->get(KEEP_EMPTY_DIRS_NAME)){ | if(Value* vkeep_empty_dirs=options->get(KEEP_EMPTY_DIRS_NAME)){ |
| keep_empty_dirs=r.process_to_value(*vkeep_empty_dirs).as_bool(); | keep_empty_dirs=r.process(*vkeep_empty_dirs).as_bool(); |
| valid_options++; | valid_options++; |
| } | } |
| if(valid_options != options->count()) | if(valid_options != options->count()) |
| Line 191 static void _move(Request& r, MethodPara | Line 193 static void _move(Request& r, MethodPara |
| keep_empty_dirs); | keep_empty_dirs); |
| } | } |
| static void copy_process_source( | static void copy_process_source(struct stat&, int from_file, const String&, void *context) { |
| struct stat& , | |
| int from_file, | |
| const String& , const char* /*fname*/, bool, | |
| void *context) { | |
| int& to_file=*static_cast<int *>(context); | int& to_file=*static_cast<int *>(context); |
| int nCount=0; | int nCount=0; |
| Line 214 static void copy_process_source( | Line 212 static void copy_process_source( |
| static void copy_open_target(int f, void *from_spec) { | static void copy_open_target(int f, void *from_spec) { |
| String& file_spec=*static_cast<String *>(from_spec); | String& file_spec=*static_cast<String *>(from_spec); |
| file_read_action_under_lock(file_spec, "copy", copy_process_source, &f); | file_read_action_under_lock(file_spec, "copy", copy_process_source, &f); |
| }; | } |
| static void _copy(Request& r, MethodParams& params) { | static void _copy(Request& r, MethodParams& params) { |
| Value& vfrom_file_name=params.as_no_junction(0, "from file name must not be code"); | Value& vfrom_file_name=params.as_no_junction(0, "from file name must not be code"); |
| Value& vto_file_name=params.as_no_junction(1, "to file name must not be code"); | Value& vto_file_name=params.as_no_junction(1, "to file name must not be code"); |
| bool append=false; | |
| if(params.count()>2) | |
| if(HashStringValue* options=params.as_hash(2)){ | |
| int valid_options=0; | |
| if(Value* vappend=options->get("append")){ | |
| append=r.process(*vappend).as_bool(); | |
| valid_options++; | |
| } | |
| if(valid_options != options->count()) | |
| throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); | |
| } | |
| String from_spec = r.absolute(vfrom_file_name.as_string()); | String from_spec = r.absolute(vfrom_file_name.as_string()); |
| const String& to_spec = r.absolute(vto_file_name.as_string()); | const String& to_spec = r.absolute(vto_file_name.as_string()); |
| Line 227 static void _copy(Request& r, MethodPara | Line 237 static void _copy(Request& r, MethodPara |
| to_spec, | to_spec, |
| "copy", | "copy", |
| copy_open_target, | copy_open_target, |
| &from_spec); | &from_spec, |
| false /*as text*/, | |
| append); | |
| } | } |
| static void _load_pass_param( | static void _load_pass_param( |
| Line 266 static void _load(Request& r, MethodPara | Line 278 static void _load(Request& r, MethodPara |
| if(options){ | if(options){ |
| options=new HashStringValue(*options); | options=new HashStringValue(*options); |
| if(Value *voffset=(Value *)options->get(sql_offset_name)){ | if(Value *voffset=(Value *)options->get(sql_offset_name)){ |
| offset=r.process_to_value(*voffset).as_int(); | offset=r.process(*voffset).as_int(); |
| } | } |
| if(Value *vlimit=(Value *)options->get(sql_limit_name)){ | if(Value *vlimit=(Value *)options->get(sql_limit_name)){ |
| limit=r.process_to_value(*vlimit).as_int(); | limit=r.process(*vlimit).as_int(); |
| } | } |
| // no check on options count here, see file_read | // no check on options count here, see file_read |
| } | } |
| Line 289 static void _load(Request& r, MethodPara | Line 301 static void _load(Request& r, MethodPara |
| if(file.headers){ | if(file.headers){ |
| file.headers->for_each<HashStringValue*>(_load_pass_param, &self.fields()); | file.headers->for_each<HashStringValue*>(_load_pass_param, &self.fields()); |
| } else { | } else { |
| size_t size; | uint64_t size; |
| time_t atime, mtime, ctime; | time_t atime, mtime, ctime; |
| file_stat(lfile_name, size, atime, mtime, ctime); | file_stat(lfile_name, size, atime, mtime, ctime); |
| HashStringValue& ff=self.fields(); | HashStringValue& ff=self.fields(); |
| ff.put(adate_name, new VDate(atime)); | ff.put(adate_name, new VDate((pa_time_t)atime)); |
| ff.put(mdate_name, new VDate(mtime)); | ff.put(mdate_name, new VDate((pa_time_t)mtime)); |
| ff.put(cdate_name, new VDate(ctime)); | ff.put(cdate_name, new VDate((pa_time_t)ctime)); |
| } | } |
| } | } |
| Line 322 static void _create(Request& r, MethodPa | Line 334 static void _create(Request& r, MethodPa |
| } | } |
| VString* vcontent_type=0; | VString* vcontent_type=0; |
| Charset* asked_charset=0; | Charset* to_charset=0; |
| Charset* from_charset=0; | |
| if(params.count()>options_index) | if(params.count()>options_index) |
| if(HashStringValue* options=params.as_hash(options_index)) { | if(HashStringValue* options=params.as_hash(options_index)) { |
| int valid_options=0; | int valid_options=0; |
| Line 337 static void _create(Request& r, MethodPa | Line 350 static void _create(Request& r, MethodPa |
| valid_options++; | valid_options++; |
| } | } |
| } | } |
| if(Value* vcharset_name=options->get("to-charset")) { | |
| to_charset=&pa_charsets.get(vcharset_name->as_string()); | |
| valid_options++; | |
| } | |
| if(Value* vcharset_name=options->get("from-charset")) { | |
| from_charset=&pa_charsets.get(vcharset_name->as_string()); | |
| valid_options++; | |
| } | |
| if(Value* vcharset_name=options->get(PA_CHARSET_NAME)) { | if(Value* vcharset_name=options->get(PA_CHARSET_NAME)) { |
| asked_charset=&::charsets.get(vcharset_name->as_string().change_case(r.charsets.source(), String::CC_UPPER)); | if(to_charset) |
| throw Exception(PARSER_RUNTIME, 0, "charset option can not be used with to-charset"); | |
| to_charset=&pa_charsets.get(vcharset_name->as_string()); | |
| valid_options++; | valid_options++; |
| } | } |
| if(Value* value=options->get(CONTENT_TYPE_NAME)) { | if(Value* value=options->get(CONTENT_TYPE_NAME)) { |
| Line 355 static void _create(Request& r, MethodPa | Line 378 static void _create(Request& r, MethodPa |
| if(const String* content_str=vcontent.get_string()){ | if(const String* content_str=vcontent.get_string()){ |
| String::Body body=content_str->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets); // explode content, honor tainting changes | String::Body body=content_str->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets); // explode content, honor tainting changes |
| if(asked_charset && is_text) | |
| body=Charset::transcode(body, r.charsets.source(), *asked_charset); | |
| self.set(true/*tainted*/, is_text, body.cstrm(), body.length(), file_name, vcontent_type, &r); | self.set(true/*tainted*/, is_text, body.cstrm(), body.length(), file_name, vcontent_type, &r); |
| } else { | } else { |
| if(asked_charset) | VFile& fcontent=*vcontent.as_vfile(String::L_AS_IS); // can't be null |
| throw Exception(PARSER_RUNTIME, 0, "charset option can not be used with file-content"); | if(mode){ |
| self.set(*vcontent.as_vfile(String::L_AS_IS), mode != 0, is_text, file_name, vcontent_type, &r); | self.set(fcontent, &is_text, file_name, vcontent_type, &r); |
| if(is_text && !fcontent.is_text_mode()) | |
| from_charset=self.detect_binary_charset(from_charset); | |
| } else { | |
| self.set(fcontent, 0, file_name, vcontent_type, &r); | |
| is_text=fcontent.is_text_mode(); | |
| } | |
| } | } |
| if(to_charset || from_charset) | |
| if(is_text) | |
| self.transcode(from_charset ? *from_charset : r.charsets.source(), to_charset ? *to_charset : r.charsets.source()); | |
| else | |
| throw Exception(PARSER_RUNTIME, 0, "charset options can not be used with binary content"); | |
| } | } |
| static void _stat(Request& r, MethodParams& params) { | static void _stat(Request& r, MethodParams& params) { |
| const String& lfile_name=params.as_string(0, FILE_NAME_MUST_NOT_BE_CODE); | const String& lfile_name=params.as_string(0, FILE_NAME_MUST_NOT_BE_CODE); |
| size_t size; | uint64_t size; |
| time_t atime, mtime, ctime; | time_t atime, mtime, ctime; |
| file_stat(r.absolute(lfile_name), | file_stat(r.absolute(lfile_name), size, atime, mtime, ctime); |
| size, | |
| atime, mtime, ctime); | |
| VFile& self=GET_SELF(r, VFile); | VFile& self=GET_SELF(r, VFile); |
| self.set_binary(true/*tainted*/, 0/*no bytes*/, size, &lfile_name, 0, &r); | self.set_binary(true/*tainted*/, 0 /*no bytes*/, 0 /*fake size*/, &lfile_name, 0, &r); |
| HashStringValue& ff=self.fields(); | HashStringValue& ff=self.fields(); |
| ff.put(adate_name, new VDate(atime)); | ff.put(size_name, new VDouble((double)size) /*real size*/); |
| ff.put(mdate_name, new VDate(mtime)); | ff.put(adate_name, new VDate((pa_time_t)atime)); |
| ff.put(cdate_name, new VDate(ctime)); | ff.put(mdate_name, new VDate((pa_time_t)mtime)); |
| ff.put(cdate_name, new VDate((pa_time_t)ctime)); | |
| } | } |
| static bool is_safe_env_key(const char* key) { | static bool is_safe_env_key(const char* key) { |
| for(const char* validator=key; *validator; validator++) { | for(const char* validator=key; *validator; validator++) { |
| char c=*validator; | char c=*validator; |
| if(!(c>='A' && c<='Z' || c>='0' && c<='9' || c=='_' || c=='-')) | if(!( (c>='A' && c<='Z') || (c>='0' && c<='9') || (c=='_' || c=='-') )) |
| return false; | return false; |
| } | } |
| #ifdef PA_SAFE_MODE | #ifdef PA_SAFE_MODE |
| Line 469 static void _exec_cgi(Request& r, Method | Line 500 static void _exec_cgi(Request& r, Method |
| const String& script_name=r.absolute(params.as_string(param_index++, FILE_NAME_MUST_NOT_BE_CODE)); | const String& script_name=r.absolute(params.as_string(param_index++, FILE_NAME_MUST_NOT_BE_CODE)); |
| HashStringString env; | HashStringString env; |
| #define ECSTR(name, value_cstr) \ | #define ECSTR(name, value_cstr) if(value_cstr) env.put(#name, value_cstr); |
| if(value_cstr) \ | // passing environment |
| env.put( \ | for(SAPI::Env::Iterator i(r.sapi_info); i; i.next() ) |
| String::Body(#name), \ | env.put(i.key(), i.value() ); |
| String::Body(*value_cstr?value_cstr:0)); \ | |
| // passing SAPI::environment | |
| if(const char *const *pairs=SAPI::environment(r.sapi_info)) { | |
| while(const char* pair=*pairs++) | |
| if(const char* eq_at=strchr(pair, '=')) | |
| if(eq_at[1]) // has value | |
| env.put( | |
| pa_strdup(pair, eq_at-pair), | |
| pa_strdup(eq_at+1)); | |
| } | |
| // const | // const |
| ECSTR(GATEWAY_INTERFACE, "CGI/1.1"); | ECSTR(GATEWAY_INTERFACE, "CGI/1.1"); |
| Line 496 static void _exec_cgi(Request& r, Method | Line 517 static void _exec_cgi(Request& r, Method |
| ECSTR(CONTENT_TYPE, r.request_info.content_type); | ECSTR(CONTENT_TYPE, r.request_info.content_type); |
| ECSTR(CONTENT_LENGTH, format(r.request_info.content_length, "%u")); | ECSTR(CONTENT_LENGTH, format(r.request_info.content_length, "%u")); |
| // SCRIPT_* | // SCRIPT_* |
| env.put(String::Body("SCRIPT_NAME"), script_name); | env.put("SCRIPT_NAME", script_name); |
| //env.put(String::Body("SCRIPT_FILENAME"), ??&script_name); | |
| // environment & stdin from param | // environment & stdin from param |
| String *in=new String(); | bool in_is_text_mode=true; |
| String::C in; | |
| Charset *charset=0; // default script works raw_in 'source' charset = no transcoding needed | Charset *charset=0; // default script works raw_in 'source' charset = no transcoding needed |
| if(param_index < params.count()) { | if(param_index < params.count()) { |
| if(HashStringValue* user_env=params.as_hash(param_index++, "env")) { | if(HashStringValue* user_env=params.as_hash(param_index++, "env")) { |
| // $.charset [previewing to handle URI pieces] | // $.charset [previewing to handle URI pieces] |
| if(Value* vcharset=user_env->get(CHARSET_EXEC_PARAM_NAME)) | if(Value* vcharset=user_env->get(CHARSET_EXEC_PARAM_NAME)) |
| charset=&charsets.get(vcharset->as_string() | charset=&pa_charsets.get(vcharset->as_string()); |
| .change_case(r.charsets.source(), String::CC_UPPER)); | |
| // $.others | // $.others |
| Append_env_pair_info info={&r.charsets, &env, 0}; | Append_env_pair_info info={&r.charsets, &env, 0}; |
| Line 521 static void _exec_cgi(Request& r, Method | Line 541 static void _exec_cgi(Request& r, Method |
| if(info.vstdin) { | if(info.vstdin) { |
| if(const String* sstdin=info.vstdin->get_string()) { | if(const String* sstdin=info.vstdin->get_string()) { |
| // untaint stdin | // untaint stdin |
| in = new String(sstdin->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets), String::L_AS_IS); | in = String::C(sstdin->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets)); |
| } else | } else |
| if(VFile* vfile=static_cast<VFile *>(info.vstdin->as("file"))) | if(VFile* vfile=static_cast<VFile *>(info.vstdin->as("file"))){ |
| in->append_know_length((const char* )vfile->value_ptr(), vfile->value_size(), String::L_TAINTED); | in = String::C((const char* )vfile->value_ptr(), vfile->value_size()); |
| else | in_is_text_mode = vfile->is_text_mode(); |
| throw Exception(PARSER_RUNTIME, | } else |
| 0, | throw Exception(PARSER_RUNTIME, 0, STDIN_EXEC_PARAM_NAME " parameter must be string or file"); |
| STDIN_EXEC_PARAM_NAME " parameter must be string or file"); | |
| } | } |
| } | } |
| } | } |
| Line 547 static void _exec_cgi(Request& r, Method | Line 566 static void _exec_cgi(Request& r, Method |
| } else { | } else { |
| Table* table=param.get_table(); | Table* table=param.get_table(); |
| if(table){ | if(table){ |
| for(size_t i=0; i<table->count(); i++) { | for(size_t j=0; j<table->count(); j++) |
| append_to_argv(r, argv, table->get(i)->get(0)); | append_to_argv(r, argv, table->get(j)->get(0)); |
| } | |
| } else { | } else { |
| throw Exception(PARSER_RUNTIME, | throw Exception(PARSER_RUNTIME, 0, "param must be string or table"); |
| 0, | |
| "param must be string or table"); | |
| } | } |
| } | } |
| } | } |
| Line 564 static void _exec_cgi(Request& r, Method | Line 580 static void _exec_cgi(Request& r, Method |
| if(charset) { | if(charset) { |
| Charset::transcode(env, r.charsets.source(), *charset); | Charset::transcode(env, r.charsets.source(), *charset); |
| Charset::transcode(argv, r.charsets.source(), *charset); | Charset::transcode(argv, r.charsets.source(), *charset); |
| in=&Charset::transcode(*in, r.charsets.source(), *charset); | if(in_is_text_mode) |
| in=Charset::transcode(in, r.charsets.source(), *charset); | |
| } | } |
| // @todo | // @todo |
| // ifdef WIN32 do OEM->ANSI transcode on some(.cmd?) programs to | // ifdef WIN32 do OEM->ANSI transcode on some(.cmd?) programs to |
| // match silent conversion in OS | // match silent conversion in OS |
| // exec! | // exec! |
| PA_exec_result execution=pa_exec(false/*forced_allow*/, script_name, &env, argv, *in); | PA_exec_result execution=pa_exec(false/*forced_allow*/, script_name, &env, argv, in); |
| File_read_result *file_out=&execution.out; | File_read_result *file_out=&execution.out; |
| String *real_err=&execution.err; | String *real_err=&execution.err; |
| Line 650 static void _exec_cgi(Request& r, Method | Line 667 static void _exec_cgi(Request& r, Method |
| // $fields << header | // $fields << header |
| if(header) { | if(header) { |
| ArrayString rows; | ArrayString rows; |
| size_t pos_after=0; | header->split(rows, 0, eol_marker); |
| header->split(rows, pos_after, eol_marker); | |
| Pass_cgi_header_attribute_info info={0, 0, 0}; | Pass_cgi_header_attribute_info info={0, 0, 0}; |
| info.charset=&r.charsets.source(); | info.charset=&r.charsets.source(); |
| info.fields=&self.fields(); | info.fields=&self.fields(); |
| Line 661 static void _exec_cgi(Request& r, Method | Line 677 static void _exec_cgi(Request& r, Method |
| } | } |
| } else { // ^file::exec | } else { // ^file::exec |
| // $body | // $body |
| self.set(false/*not tainted*/, is_text, file_out->str, file_out->length); | self.set(false/*not tainted*/, is_text, file_out->str ? file_out->str : pa_strdup("") /*to distinguish from stat-ed file*/, file_out->length); |
| } | } |
| // $status | // $status |
| Line 669 static void _exec_cgi(Request& r, Method | Line 685 static void _exec_cgi(Request& r, Method |
| // $stderr | // $stderr |
| if(!real_err->is_empty()) | if(!real_err->is_empty()) |
| self.fields().put( | self.fields().put("stderr", new VString(*real_err)); |
| String::Body("stderr"), | |
| new VString(*real_err)); | |
| } | } |
| static void _exec(Request& r, MethodParams& params) { | static void _exec(Request& r, MethodParams& params) { |
| _exec_cgi(r, params, false); | _exec_cgi(r, params, false); |
| Line 694 static void _list(Request& r, MethodPara | Line 708 static void _list(Request& r, MethodPara |
| if(HashStringValue* options=voption.get_hash()) { | if(HashStringValue* options=voption.get_hash()) { |
| int valid_options=0; | int valid_options=0; |
| if(Value* vstat=options->get("stat")) { | if(Value* vstat=options->get("stat")) { |
| stat=r.process_to_value(*vstat).as_bool(); | stat=r.process(*vstat).as_bool(); |
| valid_options++; | valid_options++; |
| } | } |
| if(Value* value=options->get("filter")) { | if(Value* value=options->get("filter")) { |
| Line 706 static void _list(Request& r, MethodPara | Line 720 static void _list(Request& r, MethodPara |
| } else { | } else { |
| vfilter=&voption; | vfilter=&voption; |
| } | } |
| if(vfilter) | if(vfilter) { |
| if(Value* value=vfilter->as(VREGEX_TYPE)) { | if(Value* value=vfilter->as(VREGEX_TYPE)) { |
| vregex=static_cast<VRegex*>(value); | vregex=static_cast<VRegex*>(value); |
| } else if(vfilter->is_string()) { | } else if(vfilter->is_string()) { |
| if(!vfilter->get_string()->trim().is_empty()) { | if(!vfilter->get_string()->trim().is_empty()) { |
| vregex=new VRegex(r.charsets.source(), &vfilter->as_string(), 0/*options*/); | vregex=new VRegex(r.charsets.source(), &vfilter->as_string(), 0/*options*/); |
| vregex->study(); | vregex->study(); |
| vrcleaner.vregex=vregex; | vrcleaner.vregex=vregex; |
| } | } |
| } else { | } else { |
| throw Exception(PARSER_RUNTIME, 0, "filter must be regex or string"); | throw Exception(PARSER_RUNTIME, 0, "filter must be regex or string"); |
| } | } |
| } | |
| } | } |
| } | } |
| Line 730 static void _list(Request& r, MethodPara | Line 745 static void _list(Request& r, MethodPara |
| int ovector[ovector_size]; | int ovector[ovector_size]; |
| LOAD_DIR(absolute_path_cstr, | LOAD_DIR(absolute_path_cstr, |
| const char* file_name_cstr=ffblk.ff_name; | const char* file_name_cstr=ffblk.name(); |
| size_t file_name_size=strlen(file_name_cstr); | size_t file_name_size=strlen(file_name_cstr); |
| if(!vregex || vregex->exec(ffblk.ff_name, file_name_size, ovector, ovector_size)>=0) { | if(!vregex || vregex->exec(file_name_cstr, file_name_size, ovector, ovector_size)>=0) { |
| Table::element_type row(new ArrayString); | Table::element_type row(new ArrayString); |
| *row+=new String(pa_strdup(file_name_cstr, file_name_size), String::L_TAINTED); | *row+=new String(pa_strdup(file_name_cstr, file_name_size), String::L_TAINTED); |
| *row+=new String(String::Body::Format(ffblk.is_dir() ? 1 : 0), String::L_CLEAN); | *row+=new String(String::Body::Format(ffblk.is_dir(stat) ? 1 : 0), String::L_CLEAN); |
| if(stat) { | if(stat) { |
| ffblk.stat_file(); | |
| *row+=VDouble(ffblk.size()).get_string(); | *row+=VDouble(ffblk.size()).get_string(); |
| *row+=new String(String::Body::Format(ffblk.c_timestamp()), String::L_CLEAN); | *row+=new String(String::Body::Format((int)ffblk.c_timestamp()), String::L_CLEAN); |
| *row+=new String(String::Body::Format(ffblk.m_timestamp()), String::L_CLEAN); | *row+=new String(String::Body::Format((int)ffblk.m_timestamp()), String::L_CLEAN); |
| *row+=new String(String::Body::Format(ffblk.a_timestamp()), String::L_CLEAN); | *row+=new String(String::Body::Format((int)ffblk.a_timestamp()), String::L_CLEAN); |
| } | } |
| table+=row; | table+=row; |
| } | } |
| ); | ); |
| // write out result | // write out result |
| r.write_no_lang(*new VTable(&table)); | r.write(*new VTable(&table)); |
| } | } |
| #ifndef DOXYGEN | #ifndef DOXYGEN |
| Line 758 struct Lock_execute_body_info { | Line 772 struct Lock_execute_body_info { |
| Value* body_code; | Value* body_code; |
| }; | }; |
| #endif | #endif |
| static void lock_execute_body(int , void *ainfo) { | static void lock_execute_body(int , void *ainfo) { |
| Lock_execute_body_info& info=*static_cast<Lock_execute_body_info *>(ainfo); | Lock_execute_body_info& info=*static_cast<Lock_execute_body_info *>(ainfo); |
| // execute body | // execute body |
| info.r->write_assign_lang(info.r->process(*info.body_code)); | info.r->write(info.r->process(*info.body_code)); |
| }; | } |
| static void _lock(Request& r, MethodParams& params) { | static void _lock(Request& r, MethodParams& params) { |
| const String& file_spec=r.absolute(params.as_string(0, FILE_NAME_MUST_BE_STRING)); | const String& file_spec=r.absolute(params.as_string(0, FILE_NAME_MUST_BE_STRING)); |
| Lock_execute_body_info info={ | Lock_execute_body_info info={ |
| Line 800 static void _find(Request& r, MethodPara | Line 816 static void _find(Request& r, MethodPara |
| // easy way | // easy way |
| if(file_exist(r.absolute(*file_spec))) { | if(file_exist(r.absolute(*file_spec))) { |
| r.write_assign_lang(*file_spec); | r.write(*file_spec); |
| return; | return; |
| } | } |
| Line 818 static void _find(Request& r, MethodPara | Line 834 static void _find(Request& r, MethodPara |
| test_name << dirname.mid(0, slash+1); | test_name << dirname.mid(0, slash+1); |
| test_name << basename; | test_name << basename; |
| if(file_exist(r.absolute(test_name))) { | if(file_exist(r.absolute(test_name))) { |
| r.write_assign_lang(test_name); | r.write(test_name); |
| return; | return; |
| } | } |
| rpos=slash; | rpos=slash; |
| Line 826 static void _find(Request& r, MethodPara | Line 842 static void _find(Request& r, MethodPara |
| // no way, not found | // no way, not found |
| if(not_found_code) | if(not_found_code) |
| r.write_pass_lang(r.process(*not_found_code)); | r.write(r.process(*not_found_code)); |
| } | } |
| static void _dirname(Request& r, MethodParams& params) { | static void _dirname(Request& r, MethodParams& params) { |
| Line 844 static void _dirname(Request& r, MethodP | Line 860 static void _dirname(Request& r, MethodP |
| // file > . | // file > . |
| if(file_spec.is_empty()) { | if(file_spec.is_empty()) { |
| r.write_assign_lang(String(".")); | r.write(String(".")); |
| return; | return; |
| } | } |
| size_t p; | size_t p; |
| size_t slash; | size_t slash; |
| if((p=file_spec.rskipchars("/\\"))==STRING_NOT_FOUND) | if((p=file_spec.rskipchars("/\\"))==STRING_NOT_FOUND) |
| r.write_assign_lang(String("/")); | r.write(String("/")); |
| else { | else { |
| if((slash=file_spec.strrpbrk("/\\", 0, p))!=STRING_NOT_FOUND) { | if((slash=file_spec.strrpbrk("/\\", 0, p))!=STRING_NOT_FOUND) { |
| if((p=file_spec.rskipchars("/\\", 0, slash))==STRING_NOT_FOUND) | if((p=file_spec.rskipchars("/\\", 0, slash))==STRING_NOT_FOUND) |
| p=slash; | p=slash; |
| r.write_assign_lang(file_spec.mid(0, p+1)); | r.write(file_spec.mid(0, p+1)); |
| return; | return; |
| } | } |
| r.write_assign_lang(String(".")); | r.write(String(".")); |
| } | } |
| } | } |
| Line 878 static void _basename(Request& r, Method | Line 894 static void _basename(Request& r, Method |
| // file > file | // file > file |
| if(file_spec.is_empty()) { | if(file_spec.is_empty()) { |
| r.write_assign_lang(String(".")); | r.write(String(".")); |
| return; | return; |
| } | } |
| size_t p=file_spec.rskipchars("/\\"); | size_t p=file_spec.rskipchars("/\\"); |
| if(p==STRING_NOT_FOUND) | if(p==STRING_NOT_FOUND) |
| r.write_assign_lang(String("/")); | r.write(String("/")); |
| else | else |
| r.write_assign_lang(file_spec.mid(afterlastslash(file_spec, p), p+1)); | r.write(file_spec.mid(afterlastslash(file_spec, p), p+1)); |
| } | } |
| static void _justname(Request& r, MethodParams& params) { | static void _justname(Request& r, MethodParams& params) { |
| Line 896 static void _justname(Request& r, Method | Line 912 static void _justname(Request& r, Method |
| // /a/b.c > b | // /a/b.c > b |
| size_t pos=afterlastslash(file_spec); | size_t pos=afterlastslash(file_spec); |
| size_t dotpos=file_spec.strrpbrk(".", pos); | size_t dotpos=file_spec.strrpbrk(".", pos); |
| r.write_assign_lang(file_spec.mid(pos, dotpos!=STRING_NOT_FOUND?dotpos:file_spec.length())); | r.write(file_spec.mid(pos, dotpos!=STRING_NOT_FOUND?dotpos:file_spec.length())); |
| } | } |
| static void _justext(Request& r, MethodParams& params) { | static void _justext(Request& r, MethodParams& params) { |
| Line 906 static void _justext(Request& r, MethodP | Line 922 static void _justext(Request& r, MethodP |
| size_t pos=afterlastslash(file_spec); | size_t pos=afterlastslash(file_spec); |
| size_t dotpos=file_spec.strrpbrk(".", pos); | size_t dotpos=file_spec.strrpbrk(".", pos); |
| if(dotpos!=STRING_NOT_FOUND) | if(dotpos!=STRING_NOT_FOUND) |
| r.write_assign_lang(file_spec.mid(dotpos+1, file_spec.length())); | r.write(file_spec.mid(dotpos+1, file_spec.length())); |
| } | } |
| static void _fullpath(Request& r, MethodParams& params) { | static void _fullpath(Request& r, MethodParams& params) { |
| Line 926 static void _fullpath(Request& r, Method | Line 942 static void _fullpath(Request& r, Method |
| } | } |
| result=&full_disk_path.mid(document_root_length, full_disk_path.length()); | result=&full_disk_path.mid(document_root_length, full_disk_path.length()); |
| } | } |
| r.write_assign_lang(*result); | r.write(*result); |
| } | } |
| static void _sql_string(Request& r, MethodParams&) { | static void _sql_string(Request& r, MethodParams&) { |
| VFile& self=GET_SELF(r, VFile); | VFile& self=GET_SELF(r, VFile); |
| const char *quoted=r.connection()->quote(self.value_ptr(), self.value_size()); | const char *quoted=r.connection()->quote(self.value_ptr(), self.value_size()); |
| r.write_assign_lang(*new String(quoted)); | r.write(*new String(quoted)); |
| } | } |
| #ifndef DOXYGEN | #ifndef DOXYGEN |
| class File_sql_event_handlers: public SQL_Driver_query_event_handlers { | class File_sql_event_handlers: public SQL_Driver_query_event_handlers { |
| const String& statement_string; const char* statement_cstr; | |
| int got_columns; | int got_columns; |
| int got_cells; | int got_cells; |
| public: | public: |
| Line 946 public: | Line 961 public: |
| const String* user_file_name; | const String* user_file_name; |
| const String* user_content_type; | const String* user_content_type; |
| public: | public: |
| File_sql_event_handlers( | File_sql_event_handlers(): |
| const String& astatement_string, const char* astatement_cstr): | |
| statement_string(astatement_string), statement_cstr(astatement_cstr), | |
| got_columns(0), | got_columns(0), |
| got_cells(0), | got_cells(0), |
| user_file_name(0), | user_file_name(0), |
| Line 956 public: | Line 969 public: |
| bool add_column(SQL_Error& error, const char* /*str*/, size_t /*length*/) { | bool add_column(SQL_Error& error, const char* /*str*/, size_t /*length*/) { |
| if(got_columns++==3) { | if(got_columns++==3) { |
| error=SQL_Error(PARSER_RUNTIME, "result must contain not more then 3 columns"); | error=SQL_Error("result must contain not more then 3 columns"); |
| return true; | return true; |
| } | } |
| return false; | return false; |
| Line 978 public: | Line 991 public: |
| user_content_type=new String(str, String::L_TAINTED); | user_content_type=new String(str, String::L_TAINTED); |
| break; | break; |
| default: | default: |
| error=SQL_Error(PARSER_RUNTIME, "result must not contain more then one row, three columns"); | error=SQL_Error("result must not contain more then one row, three columns"); |
| return true; | return true; |
| } | } |
| return false; | return false; |
| } catch(...) { | } catch(...) { |
| error=SQL_Error("exception occured in File_sql_event_handlers::add_row_cell"); | error=SQL_Error("exception occurred in File_sql_event_handlers::add_row_cell"); |
| return true; | return true; |
| } | } |
| } | } |
| Line 992 public: | Line 1005 public: |
| static void _sql(Request& r, MethodParams& params) { | static void _sql(Request& r, MethodParams& params) { |
| Value& statement=params.as_junction(0, "statement must be code"); | Value& statement=params.as_junction(0, "statement must be code"); |
| Temp_lang temp_lang(r, String::L_SQL); | |
| const String& statement_string=r.process_to_string(statement); | const String& statement_string=r.process_to_string(statement); |
| const char* statement_cstr=statement_string.untaint_cstr(r.flang, r.connection()); | const char* statement_cstr=statement_string.untaint_cstr(String::L_SQL, r.connection()); |
| File_sql_event_handlers handlers(statement_string, statement_cstr); | File_sql_event_handlers handlers; |
| ulong limit=SQL_NO_LIMIT; | ulong limit=SQL_NO_LIMIT; |
| ulong offset=0; | ulong offset=0; |
| Line 1014 static void _sql(Request& r, MethodParam | Line 1026 static void _sql(Request& r, MethodParam |
| } | } |
| if(Value* vlimit=options->get(sql_limit_name)) { | if(Value* vlimit=options->get(sql_limit_name)) { |
| valid_options++; | valid_options++; |
| limit=(ulong)r.process_to_value(*vlimit).as_double(); | limit=(ulong)r.process(*vlimit).as_double(); |
| } | } |
| if(Value* voffset=options->get(sql_offset_name)) { | if(Value* voffset=options->get(sql_offset_name)) { |
| valid_options++; | valid_options++; |
| offset=(ulong)r.process_to_value(*voffset).as_double(); | offset=(ulong)r.process(*voffset).as_double(); |
| } | } |
| if(valid_options!=options->count()) | if(valid_options!=options->count()) |
| throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); | throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); |
| } | } |
| r.connection()->query( | r.connection()->query(statement_cstr, 0, 0, offset, limit, handlers, statement_string); |
| statement_cstr, | |
| 0, 0, | if(!handlers.value.str) |
| offset, limit, | throw Exception(PARSER_RUNTIME, 0, "produced no result"); |
| handlers, | |
| statement_string); | |
| if(!handlers.value) | |
| throw Exception(PARSER_RUNTIME, | |
| 0, | |
| "produced no result"); | |
| VFile& self=GET_SELF(r, VFile); | VFile& self=GET_SELF(r, VFile); |
| Line 1044 static void _sql(Request& r, MethodParam | Line 1049 static void _sql(Request& r, MethodParam |
| , &r); | , &r); |
| } | } |
| extern Base64Options base64_encode_options(Request& r, HashStringValue* options); | |
| Base64Options base64_decode_options(Request& r, HashStringValue* options, VString** vcontent_type) { | |
| Base64Options result; | |
| if(options) { | |
| int valid_options=0; | |
| for(HashStringValue::Iterator i(*options); i; i.next() ) { | |
| String::Body key=i.key(); | |
| Value* value=i.value(); | |
| if(key == "pad") { | |
| result.pad=r.process(*value).as_bool(); | |
| valid_options++; | |
| } else if(key == "strict") { | |
| result.strict=r.process(*value).as_bool(); | |
| valid_options++; | |
| } else if(key == CONTENT_TYPE_NAME) { | |
| *vcontent_type=new VString(value->as_string()); | |
| valid_options++; | |
| } else if(key == "url-safe") { | |
| if(r.process(*value).as_bool()) | |
| result.set_url_safe_abc(); | |
| valid_options++; | |
| } | |
| } | |
| if(valid_options != options->count()) | |
| throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); | |
| } | |
| return result; | |
| } | |
| static void _base64(Request& r, MethodParams& params) { | static void _base64(Request& r, MethodParams& params) { |
| bool dynamic=!(&r.get_self() == file_class); | bool dynamic=!(&r.get_self() == file_class); |
| if(dynamic) { | if(dynamic) { |
| VFile& self=GET_SELF(r, VFile); | VFile& self=GET_SELF(r, VFile); |
| if(params.count()) { | if(params.count()>1 || params.count()==1 && params[0].is_string()) { |
| // decode: | // decode: |
| // ^file::base64[encoded] // backward | // ^file::base64[encoded] // backward |
| // ^file::base64[mode;user-file-name;encoded[;$.content-type[...] $.strict(true|false)]] | // ^file::base64[mode;user-file-name;encoded[;$.content-type[...] $.strict(true|false)]] |
| bool is_text=false; | bool is_text=false; |
| bool strict=false; | |
| VString* vcontent_type=0; | |
| const String* user_file_name=0; | const String* user_file_name=0; |
| VString* vcontent_type=0; | |
| Base64Options options; | |
| size_t param_index=0; | size_t param_index=0; |
| if(params.count() > 1) { | if(params.count() > 1) { |
| if(params.count() < 3) | if(params.count() < 3) |
| throw Exception(PARSER_RUNTIME, | throw Exception(PARSER_RUNTIME, 0, "constructor can not have less then 3 parameters (has %d parameters)", params.count()); // actually it accepts 1 parameter (backward) |
| 0, | |
| "constructor can not have less then 3 parameters (has %d parameters)", | |
| params.count()); // actually it accepts 1 parameter (backward) | |
| is_text=VFile::is_text_mode(params.as_string(0, MODE_MUST_NOT_BE_CODE)); | is_text=VFile::is_text_mode(params.as_string(0, MODE_MUST_NOT_BE_CODE)); |
| user_file_name=¶ms.as_string(1, FILE_NAME_MUST_BE_STRING); | user_file_name=¶ms.as_string(1, FILE_NAME_MUST_BE_STRING); |
| if(params.count() == 4) | if(params.count() == 4) |
| if(HashStringValue* options=params.as_hash(3)) { | options=base64_decode_options(r, params.as_hash(3), &vcontent_type); |
| int valid_options=0; | |
| if(Value* value=options->get(CONTENT_TYPE_NAME)) { | |
| vcontent_type=new VString(value->as_string()); | |
| valid_options++; | |
| } | |
| if(Value* vstrict=options->get(BASE64_STRICT_OPTION_NAME)) { | |
| strict=r.process_to_value(*vstrict).as_bool(); | |
| valid_options++; | |
| } | |
| if(valid_options!=options->count()) | |
| throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); | |
| } | |
| param_index=2; | param_index=2; |
| } | } |
| Line 1090 static void _base64(Request& r, MethodPa | Line 1112 static void _base64(Request& r, MethodPa |
| char* decoded=0; | char* decoded=0; |
| size_t length=0; | size_t length=0; |
| pa_base64_decode(encoded, strlen(encoded), decoded, length, strict); | pa_base64_decode(encoded, strlen(encoded), decoded, length, options); |
| self.set(true/*tainted*/, is_text, decoded, length, user_file_name, vcontent_type, &r); | self.set(true/*tainted*/, is_text, decoded, length, user_file_name, vcontent_type, &r); |
| } else { | } else { |
| // encode: ^f.base64[] | // encode: ^f.base64[options] |
| const char* encoded=pa_base64_encode(self.value_ptr(), self.value_size()); | Base64Options options = base64_encode_options(r, params.count() > 0 ? params.as_hash(0) : NULL); |
| r.write_assign_lang(*new String(encoded, String::L_TAINTED/*once ?param=base64(something) was needed**/)); | const char* encoded=pa_base64_encode(self.value_ptr(), self.value_size(), options); |
| r.write(*new String(encoded, String::L_TAINTED /*once ?param=base64(something) was needed**/ )); | |
| } | } |
| } else { | } else { |
| // encode: ^file:base64[filespec] | // encode: ^file:base64[filespec[;options]] |
| const String& file_spec=params.as_string(0, FILE_NAME_MUST_BE_STRING); | const String& file_spec = params.as_string(0, FILE_NAME_MUST_BE_STRING); |
| const char* encoded=pa_base64_encode(r.absolute(file_spec)); | Base64Options options = base64_encode_options(r, params.count() > 1 ? params.as_hash(1) : NULL); |
| r.write_assign_lang(*new String(encoded, String::L_TAINTED/*once ?param=base64(something) was needed*/)); | const char* encoded = pa_base64_encode(r.absolute(file_spec), options); |
| r.write(*new String(encoded, String::L_TAINTED /*once ?param=base64(something) was needed*/ )); | |
| } | } |
| } | } |
| Line 1121 static void _crc32(Request& r, MethodPar | Line 1145 static void _crc32(Request& r, MethodPar |
| VFile& self=GET_SELF(r, VFile); | VFile& self=GET_SELF(r, VFile); |
| crc32=pa_crc32(self.value_ptr(), self.value_size()); | crc32=pa_crc32(self.value_ptr(), self.value_size()); |
| } | } |
| r.write_no_lang(*new VInt(crc32)); | r.write(*new VInt(crc32)); |
| } | } |
| static void file_md5_file_action( | static void file_md5_file_action(struct stat& finfo, int f, const String&, void *context) |
| struct stat& finfo, | |
| int f, | |
| const String& , const char* /*fname*/, bool, | |
| void *context) | |
| { | { |
| PA_MD5_CTX& md5context=*static_cast<PA_MD5_CTX *>(context); | PA_MD5_CTX& md5context=*static_cast<PA_MD5_CTX *>(context); |
| if(finfo.st_size) { | if(finfo.st_size) { |
| Line 1182 static void _md5(Request& r, MethodParam | Line 1202 static void _md5(Request& r, MethodParam |
| md5=pa_md5(self.value_ptr(), self.value_size()); | md5=pa_md5(self.value_ptr(), self.value_size()); |
| } | } |
| r.write_no_lang(*new String(md5)); | r.write(*new String(md5)); |
| } | } |
| // constructor | // constructor |
| Line 1272 MFile::MFile(): Methoded("file") { | Line 1292 MFile::MFile(): Methoded("file") { |
| add_native_method("md5", Method::CT_ANY, _md5, 0, 1); | add_native_method("md5", Method::CT_ANY, _md5, 0, 1); |
| // ^file:copy[from-file-name;to-file-name] | // ^file:copy[from-file-name;to-file-name] |
| add_native_method("copy", Method::CT_STATIC, _copy, 2, 2); | // ^file:copy[from-file-name;to-file-name;$.append(false)] |
| add_native_method("copy", Method::CT_STATIC, _copy, 2, 3); | |
| } | } |