X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=server%2Ffastcgi.c;h=b4b35875152a9ae68bca73d3d2cc6453c7cdf857;hb=711808f7e4376b1a39312a0b1f1aecf069cd10bf;hp=71f8e5567a5531211a86f18daf2044c4e31d48f5;hpb=de5c190385d1b963a3fe1f3c186dc0b3efa31bc4;p=matches%2FMCTX3420.git

diff --git a/server/fastcgi.c b/server/fastcgi.c
index 71f8e55..b4b3587 100644
--- a/server/fastcgi.c
+++ b/server/fastcgi.c
@@ -12,10 +12,11 @@
 
 #include "common.h"
 #include "sensor.h"
+#include "actuator.h"
 #include "control.h"
 #include "options.h"
 
-/**The time period (in seconds) before the control key expires @ */
+/**The time period (in seconds) before the control key expires */
 #define CONTROL_TIMEOUT 180
 
 /**Contextual information related to FCGI requests*/
@@ -87,7 +88,7 @@ static void IdentifyHandler(FCGIContext *context, char *params) {
  * @param context The context to work in
  * @param force Whether to force key generation or not.
  */ 
-void FCGI_BeginControl(FCGIContext *context, bool force) {
+void FCGI_LockControl(FCGIContext *context, bool force) {
 	time_t now = time(NULL);
 	bool expired = now - context->control_timestamp > CONTROL_TIMEOUT;
 	
@@ -143,7 +144,7 @@ bool FCGI_HasControl(FCGIContext *context, const char *key) {
  * Revokes the current control key, if present.
  * @param context The context to work in
  */
-void FCGI_EndControl(FCGIContext *context) {
+void FCGI_ReleaseControl(FCGIContext *context) {
 	*(context->control_key) = 0;
 	FCGI_BeginJSON(context, STATUS_OK);
 	FCGI_EndJSON();
@@ -231,7 +232,7 @@ bool FCGI_ParseRequest(FCGIContext *context, char *params, FCGIValue values[], s
 						long parsed = strtol(value, &ptr, 10);
 						if (!*value || *ptr) {
 							snprintf(buf, BUFSIZ, "Expected int for '%s' but got '%s'", key, value);
-							FCGI_RejectJSON(context, FCGI_EscapeJSON(buf));
+							FCGI_RejectJSON(context, buf);
 							return false;
 						}
 
@@ -244,7 +245,7 @@ bool FCGI_ParseRequest(FCGIContext *context, char *params, FCGIValue values[], s
 						*((double*) val->value) = strtod(value, &ptr);
 						if (!*value || *ptr) {
 							snprintf(buf, BUFSIZ, "Expected float for '%s' but got '%s'", key, value);
-							FCGI_RejectJSON(context, FCGI_EscapeJSON(buf));
+							FCGI_RejectJSON(context, buf);
 							return false;
 						}
 						break;
@@ -259,7 +260,7 @@ bool FCGI_ParseRequest(FCGIContext *context, char *params, FCGIValue values[], s
 		} //End for loop
 		if (i == count) {
 			snprintf(buf, BUFSIZ, "Unknown key '%s' specified", key);
-			FCGI_RejectJSON(context, FCGI_EscapeJSON(buf));
+			FCGI_RejectJSON(context, buf);
 			return false;
 		}
 	}
@@ -353,36 +354,6 @@ void FCGI_EndJSON()
 	printf("\r\n}\r\n");
 }
 
-/**
- * Escapes a string so it can be used as a JSON string value.
- * Does not support unicode specifiers in the form of \uXXXX.
- * @param buf The string to be escaped
- * @return The escaped string (return value == buf)
- */
-char *FCGI_EscapeJSON(char *buf)
-{
-	int length, i;
-	length = strlen(buf);
-	
-	//Escape special characters. Must count down to escape properly
-	for (i = length - 1; i >= 0; i--) {
-		if (buf[i] < 0x20) { //Control characters
-			buf[i] = ' ';
-		} else if (buf[i] == '"') {
-			if (i-1 >= 0 && buf[i-1] == '\\') 
-				i--;
-			else
-				buf[i] = '\'';
-		} else if (buf[i] == '\\') {
-			if (i-1 >= 0 && buf[i-1] == '\'')
-				i--;
-			else
-				buf[i] = ' ';
-		}
-	}
-	return buf;
-}
-
 /**
  * To be used when the input parameters are rejected. The return data
  * will also have debugging information provided.
@@ -399,7 +370,7 @@ void FCGI_RejectJSONEx(FCGIContext *context, StatusCodes status, const char *des
 	FCGI_BeginJSON(context, status);
 	FCGI_JSONPair("description", description);
 	FCGI_JSONLong("responsenumber", context->response_number);
-	FCGI_JSONPair("params", getenv("QUERY_STRING"));
+	//FCGI_JSONPair("params", getenv("QUERY_STRING"));
 	FCGI_JSONPair("host", getenv("SERVER_HOSTNAME"));
 	FCGI_JSONPair("user", getenv("REMOTE_USER"));
 	FCGI_JSONPair("ip", getenv("REMOTE_ADDR"));
@@ -422,6 +393,37 @@ void FCGI_PrintRaw(const char *format, ...)
 	va_end(list);
 }
 
+/**
+ * Escapes a string so it can be used safely.
+ * Currently escapes to ensure the validity for use as a JSON string
+ * Does not support unicode specifiers in the form of \uXXXX.
+ * @param buf The string to be escaped
+ * @return The escaped string (return value == buf)
+ */
+char *FCGI_EscapeText(char *buf)
+{
+	int length, i;
+	length = strlen(buf);
+	
+	//Escape special characters. Must count down to escape properly
+	for (i = length - 1; i >= 0; i--) {
+		if (buf[i] < 0x20) { //Control characters
+			buf[i] = ' ';
+		} else if (buf[i] == '"') {
+			if (i-1 >= 0 && buf[i-1] == '\\') 
+				i--;
+			else
+				buf[i] = '\'';
+		} else if (buf[i] == '\\') {
+			if (i-1 >= 0 && buf[i-1] == '\'')
+				i--;
+			else
+				buf[i] = ' ';
+		}
+	}
+	return buf;
+}
+
 /**
  * Main FCGI request loop that receives/responds to client requests.
  * @param data Reserved.
@@ -447,6 +449,9 @@ void * FCGI_RequestLoop (void *data)
 		if (lastchar > 0 && module[lastchar] == '/')
 			module[lastchar] = 0;
 
+		//Escape all special characters
+		FCGI_EscapeText(params);
+
 		//Default to the 'identify' module if none specified
 		if (!*module) 
 			strcpy(module, "identify");
@@ -457,6 +462,8 @@ void * FCGI_RequestLoop (void *data)
 			module_handler = Control_Handler;
 		} else if (!strcmp("sensors", module)) {
 			module_handler = Sensor_Handler;
+		} else if (!strcmp("actuators", module)) {
+			module_handler = Actuator_Handler;
 		}
 
 		context.current_module = module;