#include "cgi.h"
Include dependency graph for dbadmin.c:
Go to the source code of this file.
Functions | |
int | CGImain (char *progname, CGINameValue *Params, EZSSTREAM *htmlout) |
|
You need to write this function in your program. The return value is zero for success, nonzero otherwise. Check that argc is nonzero before you attempt to access argv! Progname holds the traditional argv[0] so you can figure out where your program is running from. IsCGI is 1 if you're running from a web shell, or 0 if from the cmd line.
Definition at line 16 of file dbadmin.c. References DeleteNVP(), ExpandLocalPath(), GetFieldValue, GetSetting(), HTMLEscape(), HTMLPrintf(), HTMLWrite(), HTMLWriteFile(), LogError(), LogMessage(), MAXPATH, NULL, NULLSTR, ReadINIFileSection(), SendCGIHeader(), and swapchars(). 00017 {/* Any security level access is OK to let someone use the admin password. */ 00018 char * date=GetFieldValue(Params,"DATE"); 00019 char * time=GetFieldValue(Params,"TIME"); 00020 char * trxid=GetFieldValue(Params,"TRXID"); 00021 char * password = GetFieldValue(Params,"PASSWORD"); /* The password */ 00022 char * file = GetFieldValue(Params,"FILE"); /* The database name */ 00023 /* assign each upload a transaction ID, which is monitored on the */ 00024 /* workstation and logged on the server */ 00025 CGINameValue* config; 00026 00027 LogMessage(",SCRIPT=DBADMIN"); 00028 00029 /* Show a download screen with Password and Database. */ 00030 if (!*password || !*file) 00031 { 00032 SendCGIHeader(htmlout,"Content-type: text/html\n\n"); 00033 HTMLWrite(htmlout, 00034 "<HTML>\n" 00035 "<BODY BGCOLOR=WHITE>\n" 00036 "<H3>EZSurvey Data File Download</H3>\n" 00037 "<PRE><FORM METHOD=\"GET\" ACCEPT-CHARSET=\"UTF-8\">\n" 00038 "Database <INPUT NAME=\"FILE\">\n" 00039 "Password <INPUT NAME=\"PASSWORD\" TYPE=\"PASSWORD\">\n" 00040 "<INPUT TYPE=\"SUBMIT\" VALUE=\"Download\">\n" 00041 "</PRE></FORM>\n" 00042 "</BODY>\n" 00043 "</HTML>\n"); 00044 00045 /* 00046 HTMLWrite(htmlout, 00047 "<H3>About EZSurvey Server Administration</H3>" 00048 "<font face=monospace size=-1>" 00049 "Raosoft® EZSurvey® Copyright 1997-2002 by Raosoft Inc." 00050 "All Rights Reserved. Raosoft and InterForm are registered trademarks " 00051 "of Raosoft Inc. For more information, see <a href=http://www.raosoft.com>" 00052 "our web page</a> or <a href=mailto:raosoft@raosoft.com>email us</a>. " 00053 "<P>This program uses the MIME type application/ezs-dwnld (.asc)"); 00054 */ 00055 return 0; 00056 } 00057 else 00058 { 00059 char fn[MAXPATH]; 00060 ExpandLocalPath(progname,fn,"cgi",".ini"); 00061 config = ReadINIFileSection(fn,"admin",0); 00062 } 00063 /* config = LoadSettings(progname,"cgi","admin");*/ 00064 if (config == 0) 00065 { 00066 SendCGIHeader(htmlout,"Content-type: text/html\n\n"); 00067 HTMLWrite(htmlout,"This web site is not available"); 00068 LogError("\nCould not open cgi.ini in DBADMIN"); 00069 return 28; 00070 } 00071 00072 if (!*password) 00073 { 00074 DeleteNVP(config); 00075 SendCGIHeader(htmlout,"Content-type: text/html\n\n"); 00076 HTMLWrite(htmlout,"This web site is not configured for remote administration. "); 00077 LogError("\nNo password in cgi.ini in DBADMIN"); 00078 return 25; 00079 } 00080 00081 if (strcmp(GetFieldValue(config,"PASSWORD"),password)) 00082 { 00083 SendCGIHeader(htmlout,"Content-type: text/html\n\n"); 00084 DeleteNVP(config); 00085 return 101; 00086 } 00087 00088 DeleteNVP(config); 00089 config = NULL; 00090 00091 if (*file) 00092 if (strstr(file,"..")!=NULL || file[1] ==':' || file[0]=='/' || file[0] == '\\') 00093 return 101; 00094 00095 #ifdef XP_WIN 00096 swapchars(file,'/','\\'); /* make it the right type of path */ 00097 while (file[0] == '\\') file ++; /* don't go back directories! */ 00098 #else 00099 swapchars(file,'\\','/'); 00100 while (file[0] == '/') file ++; 00101 #endif 00102 00103 if (*file) 00104 { 00105 char fn[MAXPATH]; 00106 ExpandLocalPath(progname,fn,file,".ini"); 00107 config = ReadINIFileSection(fn,"DATABASE",0); 00108 /* config = LoadSettings(argv0, dbname, "DATABASE"); Version 1.9+ config */ 00109 00110 /*config = LoadSettings(progname, file, "DATABASE"); Version 1.0 config */ 00111 if (config == NULL) 00112 config = ReadINIFileSection(fn,"IFM",0); 00113 /* config = LoadSettings(progname, file, "IFM"); Version 1.0 config */ 00114 /* c:\apache\htdocs\file.ini [SAVEDATA] */ 00115 } 00116 00117 if (config != NULL) 00118 { 00119 char fname[MAXPATH]; 00120 char* c; 00121 00122 SendCGIHeader(htmlout,"Content-type: application/ezs-dwnld\n" 00123 "Content-Disposition: filename=download.asc\n" 00124 "\n"); 00125 00126 HTMLPrintf(htmlout,"Content-type: application/ezs-dwnld\n"); 00127 HTMLPrintf(htmlout,"TRXID: %s\n",trxid); 00128 HTMLPrintf(htmlout,"Date: %s\n",date); 00129 HTMLPrintf(htmlout,"Time: %s\n",time); 00130 00131 c = GetSetting(config,"SAVEDATANAME",NULLSTR); 00132 00133 if (c[0] == 0) /* use the default name, "database.asc" */ 00134 ExpandLocalPath(progname,fname,file,".asc"); 00135 else /* use the filename from the config file, but in the current directory */ 00136 ExpandLocalPath(progname,fname,c,NULLSTR); 00137 00138 LogMessage("\nDBADMIN: Downloading database "); 00139 LogMessage(file); LogMessage(" from "); LogMessage(fname); 00140 00141 HTMLWrite(htmlout,"Database: "); HTMLWrite(htmlout,file); 00142 HTMLWrite(htmlout,"\n\n"); 00143 HTMLWriteFile(htmlout,fname); 00144 00145 DeleteNVP(config); 00146 return 0; 00147 } 00148 else 00149 { 00150 SendCGIHeader(htmlout,"Content-type: text/html\n\n"); 00151 HTMLWrite(htmlout,"Unable to open the config file "); 00152 HTMLEscape(htmlout,file); 00153 HTMLWrite(htmlout,".ini"); 00154 LogError("\nCould not open the config file in DBADMIN "); 00155 LogError(file); 00156 return 21; 00157 } 00158 }
|