2 * getcgivars.c - routine to read CGI input variables into an array.
4 * Copyright 2002 Jonathan McDowell <noodles@earth.li>
6 * The x2c() and unescape_url() routines were lifted directly
7 * from NCSA's sample program util.c, packaged with their HTTPD.
9 * This program is free software: you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the Free
11 * Software Foundation; version 2 of the License.
13 * This program is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
15 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
18 * You should have received a copy of the GNU General Public License along with
19 * this program. If not, see <https://www.gnu.org/licenses/>.
30 * txt2html - Takes a string and converts it to HTML.
31 * @string: The string to HTMLize.
33 * Takes a string and escapes any HTML entities.
35 char *txt2html(const char *string)
37 static char buf[1024];
43 ptr = strchr(string, '<');
47 strncpy(buf, string, 1023);
48 strncat(buf, "<", 1023 - strlen(buf));
52 ptr = strchr(string, '>');
56 strncat(buf, string, 1023 - strlen(buf));
57 strncat(buf, ">", 1023 - strlen(buf));
62 * TODO: We need to while() this really as each entity may appear more
63 * than once. We need to start with & and ; as we replace with those
64 * throughout. Fuck it for the moment though; it's Easter and < & > are
65 * the most common and tend to only appear once.
68 strncat(buf, string, 1023 - strlen(buf));
74 * start_html - Start HTML output.
75 * @title: The title for the HTML.
77 * Takes a title string and starts HTML output, including the
78 * Content-Type header all the way up to <BODY>.
80 void start_html(const char *title)
82 puts("Content-Type: text/html; charset=UTF-8\n");
83 puts("<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 3.2 Final//EN'>");
86 printf("<TITLE>%s</TITLE>\n", title);
94 * end_html - End HTML output.
96 * Ends HTML output - closes the BODY and HTML tags.
107 /* Convert a two-char hex string into the char it represents */
108 char x2c(const char *what)
112 digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A')+10 :
115 digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A')+10 :
121 /* Reduce any %xx escape sequences to the characters they represent */
122 void unescape_url(char *url)
126 for(i=0,j=0; url[j]; ++i,++j) {
127 if((url[i] = url[j]) == '%') {
128 url[i]=x2c(&url[j+1]);
137 /* Read the CGI input and place all name/val pairs into list. */
138 /* Returns list containing name1, value1, name2, value2, ... , NULL */
139 char **getcgivars(int argc, char *argv[])
142 char *request_method, *env;
143 int content_length, paircount;
144 char *cgiinput = NULL;
145 char **cgivars = NULL;
146 char **pairlist = NULL;
149 /* Depending on the request method, read all CGI input into cgiinput */
150 /* (really should produce HTML error messages, instead of exit()ing) */
152 request_method = getenv("REQUEST_METHOD");
154 if (request_method == NULL) {
156 cgiinput = strdup(argv[1]);
160 } else if (strlen(request_method)==0) {
162 } else if (!strcmp(request_method, "GET") ||
163 !strcmp(request_method, "HEAD")) {
164 env = getenv("QUERY_STRING");
166 cgiinput = strdup(env);
168 } else if (!strcmp(request_method, "POST")) {
169 env = getenv("CONTENT_TYPE");
170 if ((env != NULL) && strcasecmp(env,
171 "application/x-www-form-urlencoded")) {
172 printf("getcgivars(): Unsupported Content-Type.\n");
176 env = getenv("CONTENT_LENGTH");
177 if ((env == NULL) || !(content_length = atoi(env))) {
178 printf("getcgivars(): No Content-Length was sent with"
179 " the POST request.\n");
183 if (!(cgiinput = (char *) malloc(content_length+1))) {
184 printf("getcgivars(): Could not malloc for "
189 if (!fread(cgiinput, content_length, 1, stdin)) {
190 printf("Couldn't read CGI input from STDIN.\n");
194 cgiinput[content_length]='\0';
197 printf("getcgivars(): unsupported REQUEST_METHOD\n");
201 /* If we didn't get any cgiinput info, nothing to return */
202 if (cgiinput == NULL) {
206 /* Change all plusses back to spaces */
208 for(i=0; cgiinput[i]; i++) if (cgiinput[i]=='+') cgiinput[i] = ' ';
210 /* First, split on "&" to extract the name-value pairs into pairlist */
211 pairlist= malloc(256*sizeof(char *));
213 nvpair=strtok(cgiinput, "&");
215 pairlist[paircount++]= strdup(nvpair) ;
216 if (!(paircount%256)) {
217 pairlist= realloc(pairlist,
218 (paircount+256)*sizeof(char *));
220 nvpair=strtok(NULL, "&") ;
223 pairlist[paircount]=0; /* terminate the list with NULL */
225 /* Then, from the list of pairs, extract the names and values */
227 cgivars= malloc((paircount*2+1)*sizeof(char *));
229 for (i=0; i<paircount; i++) {
230 if ((eqpos=strchr(pairlist[i], '='))!=NULL) {
232 unescape_url(cgivars[i*2+1]=strdup(eqpos+1));
234 unescape_url(cgivars[i*2+1]=strdup(""));
236 unescape_url(cgivars[i*2]= strdup(pairlist[i])) ;
239 cgivars[paircount*2]=NULL; /* terminate the list with NULL */
241 /* Free anything that needs to be freed */
243 for (i=0; pairlist[i]; i++) free(pairlist[i]);
246 /* Return the list of name-value strings */
252 * cleanupcgi - free the memory allocated for our CGI parameters.
253 * @cgivars: The CGI parameter list to free.
255 * Frees up the elements of the CGI parameter array and then frees the
258 void cleanupcgi(char **cgivars)
262 if (cgivars != NULL) {
263 for (i = 0; cgivars[i] != NULL; i++) {