--- parser3/src/classes/file.C 2002/04/15 11:34:24 1.76 +++ parser3/src/classes/file.C 2005/08/09 08:14:47 1.136 @@ -1,17 +1,19 @@ /** @file Parser: @b file parser class. - Copyright (c) 2001, 2002 ArtLebedev Group (http://www.artlebedev.com) + Copyright (c) 2001-2005 ArtLebedev Group (http://www.artlebedev.com) Author: Alexandr Petrosian (http://paf.design.ru) - - $Id: file.C,v 1.76 2002/04/15 11:34:24 paf Exp $ */ +static const char * const IDENT_FILE_C="$Date: 2005/08/09 08:14:47 $"; + #include "pa_config_includes.h" #include "pcre.h" #include "classes.h" +#include "pa_vmethod_frame.h" + #include "pa_request.h" #include "pa_vfile.h" #include "pa_table.h" @@ -21,55 +23,125 @@ #include "pa_dir.h" #include "pa_vtable.h" #include "pa_charset.h" - -// consts +#include "pa_charsets.h" +#include "pa_sql_connection.h" // defines -#define FILE_CLASS_NAME "file" - #define TEXT_MODE_NAME "text" +#define BINARY_MODE_NAME "binary" +#define STDIN_EXEC_PARAM_NAME "stdin" +#define CHARSET_EXEC_PARAM_NAME "charset" + +#define NAME_NAME "name" + +// externs + +extern String sql_limit_name; +extern String sql_offset_name; // class -class MFile : public Methoded { +class MFile: public Methoded { public: // VStateless_class - Value *create_new_value(Pool& pool) { return new(pool) VFile(pool); } + Value* create_new_value(Pool&, HashStringValue&) { return new VFile(); } public: // Methoded bool used_directly() { return true; } public: - MFile(Pool& pool); + MFile(); }; +// global variable + +DECLARE_CLASS_VAR(file, new MFile, 0); + // consts -const int FIND_MONKEY_MAX_HOPS=10; +/// from apache-1.3|src|support|suexec.c +static const char* suexec_safe_env_lst[]={ + "AUTH_TYPE", + "CONTENT_LENGTH", + "CONTENT_TYPE", + "DATE_GMT", + "DATE_LOCAL", + "DOCUMENT_NAME", + "DOCUMENT_PATH_INFO", + "DOCUMENT_ROOT", + "DOCUMENT_URI", + "FILEPATH_INFO", + "GATEWAY_INTERFACE", + "LAST_MODIFIED", + "PATH_INFO", + "PATH_TRANSLATED", + "QUERY_STRING", + "QUERY_STRING_UNESCAPED", + "REMOTE_ADDR", + "REMOTE_HOST", + "REMOTE_IDENT", + "REMOTE_PORT", + "REMOTE_USER", + "REDIRECT_QUERY_STRING", + "REDIRECT_STATUS", + "REDIRECT_URL", + "REQUEST_METHOD", + "REQUEST_URI", + "SCRIPT_FILENAME", + "SCRIPT_NAME", + "SCRIPT_URI", + "SCRIPT_URL", + "SERVER_ADMIN", + "SERVER_NAME", + "SERVER_ADDR", + "SERVER_PORT", + "SERVER_PROTOCOL", + "SERVER_SOFTWARE", + "UNIQUE_ID", + "USER_NAME", + "TZ", + NULL +}; + +// statics + +static const String::Body adate_name("adate"); +static const String::Body mdate_name("mdate"); +static const String::Body cdate_name("cdate"); // methods -static void _save(Request& r, const String&, MethodParams *params) { - Value& vmode_name=params-> as_no_junction(0, "mode must not be code"); - Value& vfile_name=params->as_no_junction(1, "file name must not be code"); +static bool is_text_mode(const String& mode) { + if(mode==TEXT_MODE_NAME) + return true; + if(mode==BINARY_MODE_NAME) + return false; + throw Exception("parser.runtime", + &mode, + "is invalid mode, must be either '"TEXT_MODE_NAME"' or '"BINARY_MODE_NAME"'"); +} + +static void _save(Request& r, MethodParams& params) { + Value& vmode_name=params. as_no_junction(0, "mode must not be code"); + Value& vfile_name=params.as_no_junction(1, "file name must not be code"); // save - static_cast(r.self)->save(r.absolute(vfile_name.as_string()), - vmode_name.as_string()==TEXT_MODE_NAME); + GET_SELF(r, VFile).save(r.absolute(vfile_name.as_string()), + is_text_mode(vmode_name.as_string())); } -static void _delete(Request& r, const String&, MethodParams *params) { - Value& vfile_name=params->as_no_junction(0, "file name must not be code"); +static void _delete(Request& r, MethodParams& params) { + Value& vfile_name=params.as_no_junction(0, "file name must not be code"); // unlink file_delete(r.absolute(vfile_name.as_string())); } -static void _move(Request& r, const String&, MethodParams *params) { - Value& vfrom_file_name=params->as_no_junction(0, "from file name must not be code"); - Value& vto_file_name=params->as_no_junction(1, "to file name must not be code"); +static void _move(Request& r, MethodParams& params) { + Value& vfrom_file_name=params.as_no_junction(0, "from file name must not be code"); + Value& vto_file_name=params.as_no_junction(1, "to file name must not be code"); // move file_move( @@ -77,59 +149,63 @@ static void _move(Request& r, const Stri r.absolute(vto_file_name.as_string())); } -static void _find(Request& r, const String& method_name, MethodParams *params) { - Pool& pool=r.pool(); - Value& vfile_name=params->as_no_junction(0, "file name must not be code"); - - const String &lfile_name=vfile_name.as_string(); - - // passed file name simply exists in current dir - if(file_readable(r.absolute(lfile_name))) { - r.write_no_lang(lfile_name); - return; - } - - // scan .. dirs for result - for(int i=0; iput(key, value); +} +static void _load(Request& r, MethodParams& params) { + Value& vmode_name=params. as_no_junction(0, "mode must not be code"); + const String& lfile_name=r.absolute(params.as_no_junction(1, "file name must not be code").as_string()); + Value* third_param=params.count()>2?¶ms.as_no_junction(2, "filename or options must not be code") + :0; + HashStringValue* third_param_hash=third_param?third_param->get_hash():0; + size_t alt_filename_param_index=2; + if(third_param_hash) + alt_filename_param_index++; + + HashStringValue* options=third_param_hash; + size_t offset=0; + size_t limit=0; + if(options) { + options=new HashStringValue(*options); + if(Value *voffset=(Value *)options->get(sql_offset_name)) { + options->remove(sql_offset_name); + offset=r.process_to_value(*voffset).as_int(); } + if(Value *vlimit=(Value *)options->get(sql_limit_name)) { + options->remove(sql_limit_name); + limit=r.process_to_value(*vlimit).as_int(); + } + // no check on options count here, see file_read } + File_read_result file=file_read(r.charsets, lfile_name, + is_text_mode(vmode_name.as_string()), + options, true, 0, offset, limit + ); - // not found - if(params->size()==2) { - Value& not_found_code=params->as_junction(1, "not-found param must be code"); - r.write_pass_lang(r.process_to_value(not_found_code)); - } -} - -static void _load(Request& r, const String& method_name, MethodParams *params) { - Pool& pool=r.pool(); - Value& vmode_name=params-> as_no_junction(0, "mode must not be code"); - Value& vfile_name=params->as_no_junction(1, "file name must not be code"); - - const String& lfile_name=vfile_name.as_string(); - - void *data; size_t size; - file_read(pool, r.absolute(lfile_name), data, size, - vmode_name.as_string()==TEXT_MODE_NAME); - - char *user_file_name=params->size()>2? - params->as_string(2, "filename must be string").cstr(String::UL_FILE_SPEC) - :lfile_name.cstr(String::UL_FILE_SPEC); + const char *user_file_name=params.count()>alt_filename_param_index? + params.as_string(alt_filename_param_index, "filename must be string").cstr() + :lfile_name.cstr(String::L_FILE_SPEC); + + Value* vcontent_type=0; + if(file.headers) + { + if(Value* remote_content_type=file.headers->get("CONTENT-TYPE")) + vcontent_type=new VString(*new String(remote_content_type->as_string().cstr())); + } + if(!vcontent_type) + vcontent_type=new VString(r.mime_type_of(user_file_name)); - static_cast(r.self)->set(true/*tainted*/, data, size, - user_file_name, new(pool) VString(r.mime_type_of(user_file_name))); + VFile& self=GET_SELF(r, VFile); + self.set(true/*tainted*/, file.str, file.length, user_file_name, vcontent_type); + if(file.headers) + file.headers->for_each(_load_pass_param, &self.fields()); } -static void _stat(Request& r, const String& method_name, MethodParams *params) { - Pool& pool=r.pool(); - Value& vfile_name=params->as_no_junction(0, "file name must not be code"); +static void _stat(Request& r, MethodParams& params) { + Value& vfile_name=params.as_no_junction(0, "file name must not be code"); const String& lfile_name=vfile_name.as_string(); @@ -139,199 +215,286 @@ static void _stat(Request& r, const Stri size, atime, mtime, ctime); - VFile& vfile=*static_cast(r.self); - vfile.set(true/*tainted*/, 0/*no bytes*/, size); - Hash& ff=vfile.fields(); - ff.put(*new(pool) String(pool, "adate"), new(pool) VDate(pool, atime)); - ff.put(*new(pool) String(pool, "mdate"), new(pool) VDate(pool, mtime)); - ff.put(*new(pool) String(pool, "cdate"), new(pool) VDate(pool, ctime)); -} - -static void append_env_pair(const Hash::Key& key, Hash::Val *value, void *info) { - Hash& hash=*static_cast(info); - hash.put(key, &static_cast(value)->as_string()); -} - -static void pass_cgi_header_attribute(Array::Item *value, void *info) { - String& string=*static_cast(value); - Hash& hash=*static_cast(info); - int colon_pos=string.pos(":", 1); - if(colon_pos>0) - hash.put(string.mid(0, colon_pos), - new(string.pool()) VString(string.mid(colon_pos+1, string.size()))); + VFile& self=GET_SELF(r, VFile); + self.set(true/*tainted*/, 0/*no bytes*/, size); + HashStringValue& ff=self.fields(); + ff.put(adate_name, new VDate(atime)); + ff.put(mdate_name, new VDate(mtime)); + ff.put(cdate_name, new VDate(ctime)); + ff.put(content_type_name, new VString(r.mime_type_of(lfile_name.cstr(String::L_FILE_SPEC)))); } -/** @todo fix `` in perl - they produced flipping consoles and no output to perl - @test EPASS, ECSTR [touched them when optimized hash] -*/ -static void _exec_cgi(Request& r, const String& method_name, MethodParams *params, + +static bool is_safe_env_key(const char* key) { + for(const char* validator=key; *validator; validator++) { + char c=*validator; + if(!(c>='A' && c<='Z' || c>='0' && c<='9' || c=='_' || c=='-')) + return false; + } + if(strncasecmp(key, "HTTP_", 5)==0) + return true; + if(strncasecmp(key, "CGI_", 4)==0) + return true; + for(int i=0; suexec_safe_env_lst[i]; i++) { + if(strcasecmp(key, suexec_safe_env_lst[i])==0) + return true; + } + return false; +} +#ifndef DOXYGEN +struct Append_env_pair_info { + HashStringString* env; + Value* vstdin; + Value* vcharset; +}; +#endif +static void append_env_pair( + HashStringValue::key_type akey, + HashStringValue::value_type avalue, + Append_env_pair_info *info) { + if(akey==STDIN_EXEC_PARAM_NAME) { + info->vstdin=avalue; + } else if(akey==CHARSET_EXEC_PARAM_NAME) { + info->vcharset=avalue; + } else { + if(!is_safe_env_key(akey.cstr())) + throw Exception("parser.runtime", + new String(akey, String::L_TAINTED), + "not safe environment variable"); + info->env->put(akey, avalue->as_string().cstr_to_string_body(String::L_UNSPECIFIED)); + } +} +#ifndef DOXYGEN +struct Pass_cgi_header_attribute_info { + Charset* charset; + HashStringValue* fields; + Value* content_type; +}; +#endif +static void pass_cgi_header_attribute( + ArrayString::element_type astring, + Pass_cgi_header_attribute_info* info) { + size_t colon_pos=astring->pos(':'); + if(colon_pos!=STRING_NOT_FOUND) { + const String& key=astring->mid(0, colon_pos).change_case( + *info->charset, String::CC_UPPER); + Value* value=new VString(astring->mid(colon_pos+1, astring->length()).trim()); + info->fields->put(key, value); + if(key=="CONTENT-TYPE") + info->content_type=value; + } +} +/// @todo fix `` in perl - they produced flipping consoles and no output to perl +static void _exec_cgi(Request& r, MethodParams& params, bool cgi) { - Pool& pool=r.pool(); - Value& vfile_name=params->as_no_junction(0, "file name must not be code"); + Value& vfile_name=params.as_no_junction(0, "file name must not be code"); const String& script_name=r.absolute(vfile_name.as_string()); - Hash env(pool); + HashStringString env; #define ECSTR(name, value_cstr) \ - String name##key(pool, #name); \ - String name##value(pool); \ - if(value_cstr) { \ - name##value.APPEND_CONST(value_cstr); \ - env.put(name##key, &name##value); \ - } - #define EPASS(name) \ - String name##key(pool, #name); \ - String name##value(pool); \ - if(const char *value_cstr=SAPI::get_env(pool, #name)) { \ - name##value.APPEND_CONST(value_cstr); \ - env.put(name##key, &name##value); \ - } + if(value_cstr) \ + env.put( \ + String::Body(#name), \ + String::Body(value_cstr, 0)); \ + // passing SAPI::environment + if(const char *const *pairs=SAPI::environment(r.sapi_info)) { + while(const char* pair=*pairs++) + if(const char* eq_at=strchr(pair, '=')) + if(eq_at[1]) // has value + env.put( + pa_strdup(pair, eq_at-pair), + pa_strdup(eq_at+1, 0)); + } // const ECSTR(GATEWAY_INTERFACE, "CGI/1.1"); // from Request.info - ECSTR(DOCUMENT_ROOT, r.info.document_root); - ECSTR(PATH_TRANSLATED, r.info.path_translated); - ECSTR(REQUEST_METHOD, r.info.method); - ECSTR(QUERY_STRING, r.info.query_string); - ECSTR(REQUEST_URI, r.info.uri); - ECSTR(CONTENT_TYPE, r.info.content_type); + ECSTR(DOCUMENT_ROOT, r.request_info.document_root); + ECSTR(PATH_TRANSLATED, r.request_info.path_translated); + ECSTR(REQUEST_METHOD, r.request_info.method); + ECSTR(QUERY_STRING, r.request_info.query_string); + ECSTR(REQUEST_URI, r.request_info.uri); + ECSTR(CONTENT_TYPE, r.request_info.content_type); char content_length_cstr[MAX_NUMBER]; - snprintf(content_length_cstr, MAX_NUMBER, "%u", r.info.content_length); - String content_length(pool, content_length_cstr); + snprintf(content_length_cstr, MAX_NUMBER, "%u", r.request_info.content_length); + //String content_length(content_length_cstr); ECSTR(CONTENT_LENGTH, content_length_cstr); - ECSTR(HTTP_COOKIE, r.info.cookie); - ECSTR(HTTP_USER_AGENT, r.info.user_agent); - // passing some SAPI:get_env-s - EPASS(SERVER_PROTOCOL); - EPASS(SERVER_NAME); - EPASS(SERVER_PORT); - EPASS(HTTP_REFERER); - EPASS(REMOTE_ADDR); - EPASS(REMOTE_HOST); - EPASS(REMOTE_USER); - // SCRIPT_NAME - env.put(*new(pool) String(pool, "SCRIPT_NAME"), &script_name); -#ifdef WIN32 - // WIN32 shell - EPASS(COMSPEC); -#endif + // SCRIPT_* + env.put(String::Body("SCRIPT_NAME"), script_name); + //env.put(String::Body("SCRIPT_FILENAME"), ??&script_name); + + bool stdin_specified=false; + // environment & stdin from param + String *in=new String(); + Charset *charset=0; // default script works raw_in 'source' charset = no transcoding needed + if(params.count()>1) { + Value& venv=params.as_no_junction(1, "env must not be code"); + if(HashStringValue* user_env=venv.get_hash()) { + Append_env_pair_info info={&env, 0, 0}; + user_env->for_each(append_env_pair, &info); + // $.stdin + if(info.vstdin) { + stdin_specified=true; + if(const String* sstdin=info.vstdin->get_string()) { + in->append(*sstdin, String::L_CLEAN, true); + } else + if(VFile* vfile=static_cast(info.vstdin->as("file", false))) + in->append_know_length((const char* )vfile->value_ptr(), vfile->value_size(), String::L_TAINTED); + else + throw Exception("parser.runtime", + 0, + STDIN_EXEC_PARAM_NAME " parameter must be string or file"); + } + // $.charset + if(info.vcharset) + charset=&charsets.get(info.vcharset->as_string() + .change_case(r.charsets.source(), String::CC_UPPER)); + } + } + + // argv from params + ArrayString argv; + if(params.count()>2) { + for(size_t i=2; isize()>1) { - Value& venv=params->as_no_junction(1, "env must not be code"); - if(Hash *user_env=venv.get_hash(&method_name)) - user_env->for_each(append_env_pair, &env); - } - - Array *argv=0; - if(params->size()>2) { - argv=new(pool) Array(pool, params->size()-2); - for(int i=2; isize(); i++) - *argv+=¶ms->as_string(i, "parameter must be string"); - } - - String in(pool); - in.APPEND(r.post_data, r.post_size, String::UL_CLEAN, "passing post data", 0); - String out(pool); - //out.APPEND_CONST("content-type:text/plain\nheader:test-header\n\ntest-body"); - //out<ANSI transcode on some(.cmd?) programs to + // match silent conversion in OS + + // exec! + PA_exec_result execution= + pa_exec(false/*forced_allow*/, script_name, &env, argv, *in); + + String *real_out=&execution.out; + String *real_err=&execution.err; + // transcode if necessary + if(charset) { + real_out=&Charset::transcode(*real_out, *charset, r.charsets.source()); + real_err=&Charset::transcode(*real_err, *charset, r.charsets.source()); + } - VFile& self=*static_cast(r.self); + VFile& self=GET_SELF(r, VFile); - const String *body=&out; // ^file:exec + const String* body=real_out; // ^file:exec + const char* eol_marker=0; size_t eol_marker_size; + const String* header=0; if(cgi) { // ^file:cgi // construct with 'out' body and header - int delim_size; - const char *eol_marker="\r\n"; size_t eol_marker_size=2; - int pos=out.pos("\r\n\r\n", delim_size=4); - if(pos<0) { - eol_marker="\n"; eol_marker_size=1; - pos=out.pos("\n\n", delim_size=2); - } - if(pos<0) { - delim_size=0; // calm down, compiler + size_t dos_pos=real_out->pos("\r\n\r\n", 4); + size_t unix_pos=real_out->pos("\n\n", 2); + + bool unix_header_break; + switch((dos_pos!=STRING_NOT_FOUND?10:00) + (unix_pos!=STRING_NOT_FOUND?01:00)) { + case 10: // dos + unix_header_break=false; + break; + case 01: // unix + unix_header_break=true; + break; + case 11: // dos & unix + unix_header_break=unix_poslength(), real_out->cstr(), + (uint)real_err->length(), real_err->cstr()); + break; //never reached } - const String& header=out.mid(0, pos); - body=&out.mid(pos+delim_size, out.size()); - - // header to $fields - { - Array rows(pool); - header.split(rows, 0, eol_marker, eol_marker_size, String::UL_CLEAN); - rows.for_each(pass_cgi_header_attribute, &self.fields()); + int header_break_pos; + if(unix_header_break) { + header_break_pos=unix_pos; + eol_marker="\n"; eol_marker_size=1; + } else { + header_break_pos=dos_pos; + eol_marker="\r\n"; eol_marker_size=2; } + + header=&real_out->mid(0, header_break_pos); + body=&real_out->mid(header_break_pos+eol_marker_size*2, real_out->length()); } // body - self.set(false/*not tainted*/, body->cstr(), body->size()); + self.set(false/*not tainted*/, body->cstr(), body->length()); + + // $fields << header + if(header && eol_marker) { + ArrayString rows; + size_t pos_after=0; + header->split(rows, pos_after, eol_marker); + Pass_cgi_header_attribute_info info={0, 0, 0}; + info.charset=&r.charsets.source(); + info.fields=&self.fields(); + rows.for_each(pass_cgi_header_attribute, &info); + if(info.content_type) + self.fields().put(content_type_name, info.content_type); + } // $status - self.fields().put( - *new(pool) String(pool, "status"), - new(pool) VInt(pool, status)); + self.fields().put(file_status_name, new VInt(execution.status)); // $stderr - if(err.size()) { + if(real_err->length()) self.fields().put( - *new(pool) String(pool, "stderr"), - new(pool) VString(err)); - - SAPI::log(pool, "file:%s: %s", cgi?"cgi":"exec", err.cstr()); - } + String::Body("stderr"), + new VString(*real_err)); } -static void _exec(Request& r, const String& method_name, MethodParams *params) { - _exec_cgi(r, method_name, params, false); +static void _exec(Request& r, MethodParams& params) { + _exec_cgi(r, params, false); } -static void _cgi(Request& r, const String& method_name, MethodParams *params) { - _exec_cgi(r, method_name, params, true); +static void _cgi(Request& r, MethodParams& params) { + _exec_cgi(r, params, true); } -static void _list(Request& r, const String& method_name, MethodParams *params) { - Pool& pool=r.pool(); - - Value& relative_path=params->as_no_junction(0, "path must not be code"); +static void _list(Request& r, MethodParams& params) { + Value& relative_path=params.as_no_junction(0, "path must not be code"); - const String *regexp; + const String* regexp; pcre *regexp_code; - int ovecsize; - int *ovector; - if(params->size()>1) { - regexp=¶ms->as_no_junction(1, "regexp must not be code").as_string(); + const int ovecsize=(1/*match*/)*3; + int ovector[ovecsize]; + if(params.count()>1) { + regexp=¶ms.as_no_junction(1, "regexp must not be code").as_string(); - const char *pattern=regexp->cstr(); - const char *errptr; + const char* pattern=regexp->cstr(); + const char* errptr; int erroffset; regexp_code=pcre_compile(pattern, PCRE_EXTRA | PCRE_DOTALL, &errptr, &erroffset, - pool.get_client_charset().pcre_tables); + r.charsets.source().pcre_tables); if(!regexp_code) throw Exception(0, - ®exp->mid(erroffset, regexp->size()), + ®exp->mid(erroffset, regexp->length()), "regular expression syntax error - %s", errptr); - - ovector=(int *)pool.malloc(sizeof(int)*(ovecsize=(1/*match*/)*3)); - } else + } else { + regexp=0; // not used, just to calm down compiler regexp_code=0; + } - const char* absolute_path_cstr=r.absolute(relative_path.as_string()) - .cstr(String::UL_FILE_SPEC); + const char* absolute_path_cstr=r.absolute(relative_path.as_string()).cstr(String::L_FILE_SPEC); - Array& columns=*new(pool) Array(pool); - columns+=new(pool) String(pool, "name"); - Table& table=*new(pool) Table(pool, &method_name, &columns); + Table::columns_type columns(new ArrayString); + *columns+=new String("name"); + Table& table=*new Table(columns); LOAD_DIR(absolute_path_cstr, - size_t file_name_size=strlen(ffblk.ff_name); + const char* file_name_cstr=ffblk.ff_name; + size_t file_name_size=strlen(file_name_cstr); bool suits=true; if(regexp_code) { int exec_result=pcre_exec(regexp_code, 0, @@ -350,53 +513,259 @@ static void _list(Request& r, const Stri } if(suits) { - char *file_name_cstr=(char *)pool.malloc(file_name_size); - memcpy(file_name_cstr, ffblk.ff_name, file_name_size); - String &file_name=*new(pool) String(pool); - file_name.APPEND(file_name_cstr, file_name_size, String::UL_FILE_SPEC, - method_name.origin().file, method_name.origin().line); - - Array& row=*new(pool) Array(pool); - row+=&file_name; - table+=&row; + Table::element_type row(new ArrayString); + *row+=new String(pa_strdup(file_name_cstr, file_name_size), file_name_size, true); + table+=row; } ); if(regexp_code) - (*pcre_free)(regexp_code); + pcre_free(regexp_code); // write out result - VTable& result=*new(pool) VTable(pool, &table); - result.set_name(method_name); - r.write_no_lang(result); + r.write_no_lang(*new VTable(&table)); } #ifndef DOXYGEN struct Lock_execute_body_info { - Request *r; - Value *body_code; + Request* r; + Value* body_code; }; #endif -static void lock_execute_body(int , void *context) { - Lock_execute_body_info& info=*static_cast(context); - +static void lock_execute_body(int , void *ainfo) { + Lock_execute_body_info& info=*static_cast(ainfo); // execute body - info.r->write_assign_lang(info.r->process_to_string(*info.body_code)); + info.r->write_assign_lang(info.r->process(*info.body_code)); }; -static void _lock(Request& r, const String& method_name, MethodParams *params) { - const String& file_spec=r.absolute(params->as_string(0, "file name must be string")); - Value& body_code=params->as_junction(1, "body must be code"); +static void _lock(Request& r, MethodParams& params) { + const String& file_spec=r.absolute(params.as_string(0, "file name must be string")); + Lock_execute_body_info info={ + &r, + ¶ms.as_junction(1, "body must be code") + }; - Lock_execute_body_info info={&r, &body_code}; file_write_action_under_lock(file_spec, "lock", lock_execute_body, &info); } -// constructor +static int lastposafter(const String& s, size_t after, const char* substr, size_t substr_size, bool beforelast=false) { + size_t size=0; // just to calm down compiler + if(beforelast) + size=s.length(); + size_t at; + while((at=s.pos(String::Body(substr, substr_size), after))!=STRING_NOT_FOUND) { + size_t newafter=at+substr_size/*skip substr*/; + if(beforelast && newafter==size) + break; + after=newafter; + } + + return after; +} + +static void _find(Request& r, MethodParams& params) { + const String& file_name=params.as_no_junction(0, "file name must not be code").as_string(); + const String* file_spec; + if(file_name.first_char()=='/') + file_spec=&file_name; + else + file_spec=&r.relative(r.request_info.uri, file_name); + + // easy way + if(file_readable(r.absolute(*file_spec))) { + r.write_assign_lang(*file_spec); + return; + } + + // monkey way + int after_base_slash=lastposafter(*file_spec, 0, "/", 1); + const String* dirname=&file_spec->mid(0, after_base_slash); + const String& basename=file_spec->mid(after_base_slash, file_spec->length()); + + int after_monkey_slash; + while((after_monkey_slash=lastposafter(*dirname, 0, "/", 1, true))>0) { + String test_name; + test_name<<*(dirname=&dirname->mid(0, after_monkey_slash)); + test_name< /a + // /a/b/ > /a + int afterslash=lastposafter(file_spec, 0, "/", 1, true); + if(afterslash>0) + r.write_assign_lang(file_spec.mid(0, afterslash==1?1:afterslash-1)); + else + r.write_assign_lang(String(".", 1)); +} + +static void _basename(Request& r, MethodParams& params) { + const String& file_spec=params.as_string(0, "file name must be string"); + // /a/some.tar.gz > some.tar.gz + int afterslash=lastposafter(file_spec, 0, "/", 1); + r.write_assign_lang(file_spec.mid(afterslash, file_spec.length())); +} + +static void _justname(Request& r, MethodParams& params) { + const String& file_spec=params.as_string(0, "file name must be string"); + // /a/some.tar.gz > some.tar + int afterslash=lastposafter(file_spec, 0, "/", 1); + int afterdot=lastposafter(file_spec, afterslash, ".", 1); + r.write_assign_lang(file_spec.mid(afterslash, afterdot!=afterslash?afterdot-1:file_spec.length())); +} +static void _justext(Request& r, MethodParams& params) { + const String& file_spec=params.as_string(0, "file name must be string"); + // /a/some.tar.gz > gz + int afterdot=lastposafter(file_spec, 0, ".", 1); + if(afterdot>0) + r.write_assign_lang(file_spec.mid(afterdot, file_spec.length())); +} + +static void _fullpath(Request& r, MethodParams& params) { + const String& file_spec=params.as_string(0, "file name must be string"); + const String* result; + if(file_spec.first_char()=='/') + result=&file_spec; + else { + // /some/page.html: ^file:fullpath[a.gif] => /some/a.gif + const String& full_disk_path=r.absolute(file_spec); + size_t document_root_length=strlen(r.request_info.document_root); + + if(document_root_length>0) { + char last_char=r.request_info.document_root[document_root_length-1]; + if(last_char == '/' || last_char == '\\') + --document_root_length; + } + result=&full_disk_path.mid(document_root_length, full_disk_path.length()); + } + r.write_assign_lang(*result); +} + +static void _sql_string(Request& r, MethodParams&) { + VFile& self=GET_SELF(r, VFile); + + const char *quoted=r.connection()->quote(self.value_ptr(), self.value_size()); + r.write_assign_lang(*new String(quoted)); +} -MFile::MFile(Pool& apool) : Methoded(apool) { - set_name(*NEW String(pool(), FILE_CLASS_NAME)); +#ifndef DOXYGEN +class File_sql_event_handlers: public SQL_Driver_query_event_handlers { + const String& statement_string; const char* statement_cstr; + int got_columns; + int got_cells; +public: + String::C value; + const String* user_file_name; + const String* user_content_type; +public: + File_sql_event_handlers( + const String& astatement_string, const char* astatement_cstr): + statement_string(astatement_string), statement_cstr(astatement_cstr), + got_columns(0), + got_cells(0), + user_file_name(0), + user_content_type(0) {} + + bool add_column(SQL_Error& error, const char* /*str*/, size_t /*length*/) { + if(got_columns++==3) { + error=SQL_Error("parser.runtime", "result must contain not more then 3 columns"); + return true; + } + return false; + } + bool before_rows(SQL_Error& /*error*/ ) { /* ignore */ return false; } + bool add_row(SQL_Error& /*error*/) { /* ignore */ return false; } + bool add_row_cell(SQL_Error& error, const char* str, size_t length) { + try { + switch(got_cells++) { + case 0: + value=String::C(str, length); + break; + case 1: + if(!user_file_name) // user not specified? + user_file_name=new String(str, length, true); + break; + case 2: + if(!user_content_type) // user not specified? + user_content_type=new String(str, length, true); + break; + default: + error=SQL_Error("parser.runtime", "result must not contain more then one row, three rows"); + return true; + } + return false; + } catch(...) { + error=SQL_Error("exception occured in File_sql_event_handlers::add_row_cell"); + return true; + } + } +}; +#endif +static void _sql(Request& r, MethodParams& params) { + Value& statement=params.as_junction(0, "statement must be code"); + + Temp_lang temp_lang(r, String::L_SQL); + const String& statement_string=r.process_to_string(statement); + const char* statement_cstr= + statement_string.cstr(String::L_UNSPECIFIED, r.connection()); + File_sql_event_handlers handlers(statement_string, statement_cstr); + + if(params.count()>1) + if(HashStringValue* options= + params.as_no_junction(1, "param must not be code").get_hash()) { + int valid_options=0; + if(Value* vfilename=options->get(NAME_NAME)) { + valid_options++; + handlers.user_file_name=&vfilename->as_string(); + } + if(Value* vcontent_type=options->get(CONTENT_TYPE_NAME)) { + valid_options++; + handlers.user_content_type=&vcontent_type->as_string(); + } + if(valid_options!=options->count()) + throw Exception("parser.runtime", + 0, + "called with invalid option"); + } + r.connection()->query( + statement_cstr, + 0, 0, + 0, 0, + handlers, + statement_string); + + if(!handlers.value) + throw Exception("parser.runtime", + 0, + "produced no result"); + + const char* user_file_name_cstr=handlers.user_file_name? handlers.user_file_name->cstr(): 0; + + VString* vcontent_type=handlers.user_content_type? + new VString(*handlers.user_content_type) + : user_file_name_cstr? + new VString(r.mime_type_of(user_file_name_cstr)) + : 0; + VFile& self=GET_SELF(r, VFile); + self.set(true/*tainted*/, handlers.value.str, handlers.value.length, user_file_name_cstr, vcontent_type); +} + +// constructor + +MFile::MFile(): Methoded("file") { // ^save[mode;file-name] add_native_method("save", Method::CT_DYNAMIC, _save, 2, 2); @@ -406,10 +775,6 @@ MFile::MFile(Pool& apool) : Methoded(apo // ^move[from-file-name;to-file-name] add_native_method("move", Method::CT_STATIC, _move, 2, 2); - // ^find[file-name] - // ^find[file-name]{when-not-found} - add_native_method("find", Method::CT_STATIC, _find, 1, 2); - // ^load[mode;disk-name] // ^load[mode;disk-name;user-name] add_native_method("load", Method::CT_DYNAMIC, _load, 2, 3); @@ -420,12 +785,12 @@ MFile::MFile(Pool& apool) : Methoded(apo // ^cgi[file-name] // ^cgi[file-name;env hash] // ^cgi[file-name;env hash;1cmd;2line;3ar;4g;5s] - add_native_method("cgi", Method::CT_DYNAMIC, _cgi, 1, 2+10); + add_native_method("cgi", Method::CT_DYNAMIC, _cgi, 1, 2+50); // ^exec[file-name] // ^exec[file-name;env hash] // ^exec[file-name;env hash;1cmd;2line;3ar;4g;5s] - add_native_method("exec", Method::CT_DYNAMIC, _exec, 1, 2+10); + add_native_method("exec", Method::CT_DYNAMIC, _exec, 1, 2+50); // ^file:list[path] // ^file:list[path][regexp] @@ -434,14 +799,25 @@ MFile::MFile(Pool& apool) : Methoded(apo // ^file:lock[path]{code} add_native_method("lock", Method::CT_STATIC, _lock, 2, 2); -} - -// global variable + // ^find[file-name] + // ^find[file-name]{when-not-found} + add_native_method("find", Method::CT_STATIC, _find, 1, 2); -Methoded *file_class; + // ^file:dirname[/a/some.tar.gz]=/a + // ^file:dirname[/a/b/]=/a + add_native_method("dirname", Method::CT_STATIC, _dirname, 1, 1); + // ^file:basename[/a/some.tar.gz]=some.tar.gz + add_native_method("basename", Method::CT_STATIC, _basename, 1, 1); + // ^file:justname[/a/some.tar.gz]=some.tar + add_native_method("justname", Method::CT_STATIC, _justname, 1, 1); + // ^file:justext[/a/some.tar.gz]=gz + add_native_method("justext", Method::CT_STATIC, _justext, 1, 1); + // /some/page.html: ^file:fullpath[a.gif] => /some/a.gif + add_native_method("fullpath", Method::CT_STATIC, _fullpath, 1, 1); -// creator + // ^file.sql-string[] + add_native_method("sql-string", Method::CT_DYNAMIC, _sql_string, 0, 0); -Methoded *MFile_create(Pool& pool) { - return file_class=new(pool) MFile(pool); + // ^file::sql[[alt_name]]{} + add_native_method("sql", Method::CT_DYNAMIC, _sql, 1, 2); }