git.ucc.asn.au
/
matches
/
MCTX3420.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge remote-tracking branch 'upstream/master' into dilatometer
[matches/MCTX3420.git]
/
server
/
fastcgi.c
diff --git
a/server/fastcgi.c
b/server/fastcgi.c
index
19d2869
..
9ff3acc
100644
(file)
--- a/
server/fastcgi.c
+++ b/
server/fastcgi.c
@@
-548,7
+548,7
@@
char *FCGI_EscapeText(char *buf)
char *FCGI_URLDecode(char *buf)
{
char *head = buf, *tail = buf;
char *FCGI_URLDecode(char *buf)
{
char *head = buf, *tail = buf;
- char hex[3] = {0};
+ char
val,
hex[3] = {0};
while (*tail) {
if (*tail == '%') { //%hh hex to char
while (*tail) {
if (*tail == '%') { //%hh hex to char
@@
-556,7
+556,9
@@
char *FCGI_URLDecode(char *buf)
if (isxdigit(*tail) && isxdigit(*(tail+1))) {
hex[0] = *tail++;
hex[1] = *tail++;
if (isxdigit(*tail) && isxdigit(*(tail+1))) {
hex[0] = *tail++;
hex[1] = *tail++;
- *head++ = (char)strtol(hex, NULL, 16);
+ val = (char)strtol(hex, NULL, 16);
+ //Control codes --> Space character
+ *head++ = (val < 0x20) ? 0x20 : val;
} else { //Not valid format; keep original
head++;
}
} else { //Not valid format; keep original
head++;
}
@@
-591,10
+593,8
@@
void * FCGI_RequestLoop (void *data)
//strncpy doesn't zero-truncate properly
snprintf(module, BUFSIZ, "%s", getenv("DOCUMENT_URI_LOCAL"));
//strncpy doesn't zero-truncate properly
snprintf(module, BUFSIZ, "%s", getenv("DOCUMENT_URI_LOCAL"));
- //Read from post body. If not empty, try GET instead.
- if (fgets(params, BUFSIZ, stdin) == NULL || *params == '\0') {
- snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING"));
- }
+ //Get the GET query string
+ snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING"));
//URL decode the parameters
FCGI_URLDecode(params);
//URL decode the parameters
FCGI_URLDecode(params);
@@
-653,6
+653,13
@@
void * FCGI_RequestLoop (void *data)
//Escape all special characters.
//Don't escape for login (password may have special chars?)
FCGI_EscapeText(params);
//Escape all special characters.
//Don't escape for login (password may have special chars?)
FCGI_EscapeText(params);
+ } else { //Only for Login handler.
+ //If GET data is empty, use POST instead.
+ if (*params == '\0') {
+ Log(LOGDEBUG, "Using POST!");
+ fgets(params, BUFSIZ, stdin);
+ FCGI_URLDecode(params);
+ }
}
module_handler(&context, params);
}
module_handler(&context, params);
UCC
git Repository :: git.ucc.asn.au