liquid_feedback_frontend
view fastpath/getpic.c @ 871:0f29051a49f6
Added support for public access to getpic.c
| author | bsw |
|---|---|
| date | Sat Aug 18 22:49:18 2012 +0200 (2012-08-18) |
| parents | 88ac7798b562 |
| children | 5f681205dd44 |
line source
1 #include <stdlib.h>
2 #include <stdio.h>
3 #include <libpq-fe.h>
4 #include <string.h>
5 #include <regex.h>
6 #include <sys/types.h>
7 #include <sys/stat.h>
8 #include <unistd.h>
10 #ifndef GETPIC_CONNINFO
11 #define GETPIC_CONNINFO "dbname=liquid_feedback"
12 #endif
14 #ifndef GETPIC_DEFAULT_AVATAR
15 #define GETPIC_DEFAULT_AVATAR "/opt/liquid_feedback_testing/app/static/avatar.jpg"
16 #endif
18 int main(int argc, const char * const *argv) {
20 char *args_string;
21 char *member_id;
22 char *image_type;
23 const char *sql_member_image_params[2];
25 #ifndef PUBLIC_ACCESS
26 char *cookies;
27 regex_t session_ident_regex;
28 ssize_t start, length;
29 regmatch_t session_ident_regmatch[3];
30 char *session_ident;
31 const char *sql_session_params[1];
32 #endif
34 PGconn *conn;
35 PGresult *dbr;
37 args_string = getenv("QUERY_STRING");
38 #ifndef PUBLIC_ACCESS
39 cookies = getenv("HTTP_COOKIE");
40 if (!args_string || !cookies) {
41 fputs("Status: 403 Access Denied\n\n", stdout);
42 return 0;
43 }
44 #endif
46 member_id = strtok(args_string, "+");
47 image_type = strtok(NULL, "+");
48 sql_member_image_params[0] = member_id;
49 sql_member_image_params[1] = image_type;
51 #ifndef PUBLIC_ACCESS
52 if (regcomp(&session_ident_regex, "(^|[; \t])liquid_feedback_session=([0-9A-Za-z]+)", REG_EXTENDED) != 0) {
53 // shouldn't happen
54 abort();
55 }
56 if (regexec(&session_ident_regex, cookies, 3, session_ident_regmatch, 0) != 0) {
57 fputs("Status: 403 Access Denied\n\n", stdout);
58 return 0;
59 }
60 start = session_ident_regmatch[2].rm_so;
61 length = session_ident_regmatch[2].rm_eo - session_ident_regmatch[2].rm_so;
62 session_ident = malloc(length + 1);
63 if (!session_ident) abort(); // shouldn't happen
64 strncpy(session_ident, cookies + start, length);
65 session_ident[length] = 0;
66 sql_session_params[0] = session_ident;
68 conn = PQconnectdb(GETPIC_CONNINFO);
69 if (!conn) {
70 fputs("Could not create PGconn structure.\n", stderr);
71 return 1;
72 }
73 if (PQstatus(conn) != CONNECTION_OK) {
74 fputs(PQerrorMessage(conn), stderr);
75 PQfinish(conn);
76 return 1;
77 }
79 dbr = PQexecParams(conn,
80 "SELECT NULL FROM session JOIN member ON member.id = session.member_id WHERE session.ident = $1 AND member.active",
81 1, NULL, sql_session_params, NULL, NULL, 0
82 );
83 if (PQresultStatus(dbr) != PGRES_TUPLES_OK) {
84 fputs(PQresultErrorMessage(dbr), stderr);
85 PQfinish(conn);
86 return 1;
87 }
88 if (PQntuples(dbr) != 1) {
89 fputs("Status: 403 Access Denied\n\n", stdout);
90 PQfinish(conn);
91 return 0;
92 }
93 #endif
95 dbr = PQexecParams(conn,
96 "SELECT content_type, data "
97 "FROM member_image "
98 "WHERE member_id = $1 "
99 "AND image_type = $2 "
100 "AND scaled "
101 "LIMIT 1;",
102 2, NULL, sql_member_image_params, NULL, NULL, 1
103 );
104 if (PQresultStatus(dbr) != PGRES_TUPLES_OK) {
105 fputs(PQresultErrorMessage(dbr), stderr);
106 PQfinish(conn);
107 return 1;
108 }
109 if (PQntuples(dbr) == 0) {
110 struct stat sb;
111 PQclear(dbr);
112 PQfinish(conn);
113 fputs("Content-Type: image/jpeg\n\n", stdout);
114 if (stat(GETPIC_DEFAULT_AVATAR, &sb)) return 1;
115 fprintf(stdout, "Content-Length: %i\n", (int)sb.st_size);
116 execl("/bin/cat", "cat", GETPIC_DEFAULT_AVATAR, NULL);
117 return 1;
118 } else {
119 if (PQnfields(dbr) < 0) {
120 fputs("Too few columns returned by database.\n", stderr);
121 PQfinish(conn);
122 return 1;
123 }
124 if (PQfformat(dbr, 0) != 1 || PQfformat(dbr, 1) != 1) {
125 fputs("Database did not return data in binary format.\n", stderr);
126 PQfinish(conn);
127 return 1;
128 }
129 if (PQgetisnull(dbr, 0, 0) || PQgetisnull(dbr, 0, 1)) {
130 fputs("Unexpected NULL in database result.\n", stderr);
131 PQfinish(conn);
132 return 1;
133 }
134 fprintf(stdout, "Content-Type: %s\n\n", PQgetvalue(dbr, 0, 0));
135 fwrite(PQgetvalue(dbr, 0, 1), PQgetlength(dbr, 0, 1), 1, stdout);
136 }
137 PQfinish(conn);
138 return 0;
140 }