API tools faq
paste
Guest User

Untitled

a guest
Dec 5th, 2017
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.90 KB | None | 0 0
raw download clone embed print report
  1.  
  2. #include <stdio.h>
  3. #include <string.h>
  4. #include <stdlib.h>
  5.  
  6. // Convert a two-char hex string into the char it represents.
  7. char x2c(char *what) {
  8. register char digit;
  9. digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A')+10 : (what[0] - '0'));
  10. digit *= 16;
  11. digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A')+10 : (what[1] - '0'));
  12. return(digit);
  13. }
  14.  
  15.  
  16. // Remove escape sequences
  17. void unescape_url(char *url) {
  18. register int i,j;
  19.  
  20. for(i=0,j=0; url[j]; ++i,++j) {
  21. if((url[i] = url[j]) == '%') {
  22. url[i] = x2c(&url[j+1]) ;
  23. j+= 2 ;
  24. }
  25. }
  26. url[i] = '\0' ;
  27. }
  28.  
  29.  
  30. // Create name-value pairs of given parameters and place them in a list
  31. char **getcgivars() {
  32. register int i ;
  33. char *request_method ;
  34. int content_length;
  35. char *cgiinput ;
  36. char **cgivars ;
  37. char **pairlist ;
  38. int paircount ;
  39. char *nvpair ;
  40. char *eqpos ;
  41.  
  42. // Depending on the request method, read all CGI input into cgiinput
  43. request_method= getenv("REQUEST_METHOD") ;
  44.  
  45. if (!strcmp(request_method, "GET") || !strcmp(request_method, "HEAD") ) {
  46. char *qs ;
  47. qs= getenv("QUERY_STRING") ;
  48. cgiinput= strdup(qs ? qs : "") ;
  49. }
  50. else if (!strcmp(request_method, "POST")) {
  51. /* strcasecmp() is not supported in Windows-- use strcmpi() instead */
  52. if ( strcasecmp(getenv("CONTENT_TYPE"), "application/x-www-form-urlencoded")) {
  53. printf("Content-Type: text/plain\n\n") ;
  54. printf("getcgivars(): Unsupported Content-Type.\n") ;
  55. exit(1) ;
  56. }
  57. if ( !(content_length = atoi(getenv("CONTENT_LENGTH"))) ) {
  58. printf("Content-Type: text/plain\n\n") ;
  59. printf("getcgivars(): No Content-Length was sent with the POST request.\n") ;
  60. exit(1) ;
  61. }
  62. if ( !(cgiinput= (char *) malloc(content_length+1)) ) {
  63. printf("Content-Type: text/plain\n\n") ;
  64. printf("getcgivars(): Couldn't malloc for cgiinput.\n") ;
  65. exit(1) ;
  66. }
  67. if (!fread(cgiinput, content_length, 1, stdin)) {
  68. printf("Content-Type: text/plain\n\n") ;
  69. printf("getcgivars(): Couldn't read CGI input from STDIN.\n") ; exit(1) ;
  70. }
  71. cgiinput[content_length]='\0' ;
  72. }
  73. else {
  74. printf("Content-Type: text/plain\n\n") ;
  75. printf("getcgivars(): Unsupported REQUEST_METHOD.\n") ;
  76. exit(1) ;
  77. }
  78.  
  79. /** Change all plusses back to spaces. **/
  80. for (i=0; cgiinput[i]; i++) if (cgiinput[i] == '+') cgiinput[i] = ' ' ;
  81.  
  82. /** First, split on "&" and ";" to extract the name-value pairs into **/
  83. /** pairlist. **/
  84. pairlist= (char **) malloc(256*sizeof(char **)) ;
  85. paircount= 0 ;
  86. nvpair= strtok(cgiinput, "&;") ;
  87. while (nvpair) {
  88. pairlist[paircount++]= strdup(nvpair) ;
  89. if (!(paircount%256))
  90. pairlist= (char **) realloc(pairlist,(paircount+256)*sizeof(char **)) ;
  91. nvpair= strtok(NULL, "&;") ;
  92. }
  93. pairlist[paircount]= 0 ; /* terminate the list with NULL */
  94.  
  95. /** Then, from the list of pairs, extract the names and values. **/
  96. cgivars= (char **) malloc((paircount*2+1)*sizeof(char **)) ;
  97. for (i= 0; i<paircount; i++) {
  98. if (eqpos=strchr(pairlist[i], '=')) {
  99. *eqpos= '\0' ;
  100. unescape_url(cgivars[i*2+1]= strdup(eqpos+1)) ;
  101. } else {
  102. unescape_url(cgivars[i*2+1]= strdup("")) ;
  103. }
  104. unescape_url(cgivars[i*2]= strdup(pairlist[i])) ;
  105. }
  106. cgivars[paircount*2]= 0 ; /* terminate the list with NULL */
  107.  
  108. /** Free anything that needs to be freed. **/
  109. free(cgiinput) ;
  110. for (i=0; pairlist[i]; i++) free(pairlist[i]) ;
  111. free(pairlist) ;
  112.  
  113. /** Return the list of name-value strings. **/
  114. return cgivars ;
  115.  
  116. }
  117.  
  118. /***************** end of the getcgivars() module ********************/
  119.  
  120.  
  121. bool isUser(char* user, char* pass){
  122. FILE *file = fopen ("userlist", "r" );
  123. char line [ 128 ];
  124. char cmpString[128] = "";
  125. strcat(cmpString,user);
  126. strcat(cmpString, ":");
  127. strcat(cmpString, pass);
  128. strcat(cmpString, "\n");
  129. while ( fgets ( line, sizeof line, file ) != NULL ) {
  130. if(!strcmp(line,cmpString)) {
  131. return true;
  132. }
  133. }
  134. fclose ( file );
  135. return false;
  136. }
  137.  
  138.  
  139. /** Standard "hello, world" program, that also shows all CGI input. **/ int main() {
  140. char **cgivars ;
  141. int i ;
  142.  
  143. /** First, get the CGI variables into a list of strings **/
  144. cgivars= getcgivars() ;
  145.  
  146.  
  147. char *user = "";
  148. char *pass = "";
  149.  
  150. for (i=0; cgivars[i]; i+= 2) {
  151. if(!strcmp(cgivars[i],"user")) {
  152. user = cgivars[i+1];
  153. continue;
  154. }
  155. if(!strcmp(cgivars[i],"pass")) {
  156. pass = cgivars[i+1];
  157. continue;
  158. }
  159.  
  160. }
  161. if((strcmp(user, "") && strcmp(pass, ""))) {
  162. printf("%s", (isUser(user, pass))?"true":"false");
  163.  
  164. }
  165.  
  166.  
  167. /** Free anything that needs to be freed **/
  168. for (i=0; cgivars[i]; i++) free(cgivars[i]) ;
  169. free(cgivars) ;
  170.  
  171. exit(0) ;
  172. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!