X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=server%2Ffastcgi.c;h=19d286906f6bf44fbb7c12eeabe9aece740b67f4;hb=40c784169ecaef20b626c00772b9f075e1a08de7;hp=75863c1fb04b2f4449b427a096f2ffb1fd8d88b5;hpb=edb6df04611c10dca29799a1e08096bd4ca28303;p=matches%2FMCTX3420.git

diff --git a/server/fastcgi.c b/server/fastcgi.c
index 75863c1..19d2869 100644
--- a/server/fastcgi.c
+++ b/server/fastcgi.c
@@ -11,6 +11,7 @@
 #include <stdarg.h>
 #include <sys/types.h>
 #include <sys/stat.h>
+#include <ctype.h>
 
 #include "common.h"
 #include "sensor.h"
@@ -78,7 +79,7 @@ static void IdentifyHandler(FCGIContext *context, char *params)
 				FCGI_JSONValue(",\n\t\t");
 			}
 
-			DataPoint d = Sensor_LastData(i);
+			DataPoint d = Actuator_LastData(i);
 			FCGI_JSONValue("\"%d\" : {\"name\" : \"%s\", \"value\" : [%f, %f] }", i, Actuator_GetName(i), d.time_stamp, d.value); 
 		}
 		FCGI_JSONValue("\n\t}");
@@ -537,6 +538,40 @@ char *FCGI_EscapeText(char *buf)
 	return buf;
 }
 
+/**
+ * Unescapes a URL encoded string in-place. The string
+ * must be NULL terminated.
+ * (e.g this%2d+string --> this- string)
+ * @param buf The buffer to decode. Will be modified in-place.
+ * @return The same buffer.
+ */
+char *FCGI_URLDecode(char *buf)
+{
+	char *head = buf, *tail = buf;
+	char hex[3] = {0};
+
+	while (*tail) {
+		if (*tail == '%') { //%hh hex to char
+			tail++;
+			if (isxdigit(*tail) && isxdigit(*(tail+1))) {
+				hex[0] = *tail++;
+				hex[1] = *tail++;
+				*head++ = (char)strtol(hex, NULL, 16);
+			} else { //Not valid format; keep original
+				head++;
+			}
+		} else if (*tail == '+') { //Plus to space
+			tail++;
+			*head++ = ' ';
+		} else { //Anything else
+			*head++ = *tail++;
+		}
+	}
+	*head = 0; //NULL-terminate at new end point
+
+	return buf;
+}
+
 /**
  * Main FCGI request loop that receives/responds to client requests.
  * @param data Reserved.
@@ -555,7 +590,13 @@ void * FCGI_RequestLoop (void *data)
 		
 		//strncpy doesn't zero-truncate properly
 		snprintf(module, BUFSIZ, "%s", getenv("DOCUMENT_URI_LOCAL"));
-		snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING"));
+		
+		//Read from post body. If not empty, try GET instead.
+		if (fgets(params, BUFSIZ, stdin) == NULL || *params == '\0') {
+			snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING"));
+		}
+		//URL decode the parameters
+		FCGI_URLDecode(params);
 
 		FCGI_GetControlCookie(context.received_key);
 		Log(LOGDEBUG, "Got request #%d - Module %s, params %s", context.response_number, module, params);
@@ -592,26 +633,23 @@ void * FCGI_RequestLoop (void *data)
 		context.current_module = module;
 		context.response_number++;
 		
-		if (module_handler) 
-		{
-			if (module_handler != Login_Handler && module_handler != IdentifyHandler && module_handler)
-			//if (false) // Testing
-			{
+		if (module_handler) {
+			if (module_handler == IdentifyHandler) {
+				FCGI_EscapeText(params);
+			} else if (module_handler != Login_Handler) {
 				if (!FCGI_HasControl(&context))
 				{
-					if (g_options.auth_method == AUTH_NONE)
-					{	//:(
+					if (g_options.auth_method == AUTH_NONE) {	//:(
 						Log(LOGWARN, "Locking control (no auth!)");
 						FCGI_LockControl(&context, NOAUTH_USERNAME, USER_ADMIN);
 						FCGI_SendControlCookie(&context, true);
 					}
-					else
-					{
+					else {
 						FCGI_RejectJSON(&context, "Please login. Invalid control key.");
 						continue;
 					}
 				}
-
+				
 				//Escape all special characters.
 				//Don't escape for login (password may have special chars?)
 				FCGI_EscapeText(params);
@@ -619,8 +657,7 @@ void * FCGI_RequestLoop (void *data)
 
 			module_handler(&context, params);
 		} 
-		else 
-		{
+		else {
 			FCGI_RejectJSON(&context, "Unhandled module");
 		}
 	}