liquid_feedback_frontend: fastpath/getpic.c annotate

liquid_feedback_frontend

annotate fastpath/getpic.c @ 871:0f29051a49f6

Added support for public access to getpic.c

author	bsw
date	Sat Aug 18 22:49:18 2012 +0200 (2012-08-18)
parents	88ac7798b562
children	5f681205dd44

rev	line source
bsw/jbe@4	1 #include <stdlib.h>
bsw/jbe@4	2 #include <stdio.h>
bsw/jbe@4	3 #include <libpq-fe.h>
bsw/jbe@4	4 #include <string.h>
bsw/jbe@4	5 #include <regex.h>
bsw/jbe@4	6 #include <sys/types.h>
bsw/jbe@4	7 #include <sys/stat.h>
bsw/jbe@4	8 #include <unistd.h>
bsw/jbe@4	9
bsw/jbe@4	10 #ifndef GETPIC_CONNINFO
bsw/jbe@4	11 #define GETPIC_CONNINFO "dbname=liquid_feedback"
bsw/jbe@4	12 #endif
bsw/jbe@4	13
bsw/jbe@4	14 #ifndef GETPIC_DEFAULT_AVATAR
bsw/jbe@4	15 #define GETPIC_DEFAULT_AVATAR "/opt/liquid_feedback_testing/app/static/avatar.jpg"
bsw/jbe@4	16 #endif
bsw/jbe@4	17
bsw/jbe@4	18 int main(int argc, const char * const *argv) {
bsw/jbe@4	19
bsw/jbe@4	20 char *args_string;
bsw/jbe@4	21 char *member_id;
bsw/jbe@4	22 char *image_type;
bsw/jbe@52	23 const char *sql_member_image_params[2];
bsw/jbe@4	24
bsw@871	25 #ifndef PUBLIC_ACCESS
bsw/jbe@5	26 char *cookies;
bsw/jbe@5	27 regex_t session_ident_regex;
bsw/jbe@4	28 ssize_t start, length;
bsw/jbe@5	29 regmatch_t session_ident_regmatch[3];
bsw/jbe@4	30 char *session_ident;
bsw/jbe@52	31 const char *sql_session_params[1];
bsw@871	32 #endif
bsw/jbe@4	33
bsw/jbe@5	34 PGconn *conn;
bsw/jbe@5	35 PGresult *dbr;
bsw/jbe@4	36
bsw/jbe@4	37 args_string = getenv("QUERY_STRING");
bsw@871	38 #ifndef PUBLIC_ACCESS
bsw/jbe@5	39 cookies = getenv("HTTP_COOKIE");
bsw/jbe@5	40 if (!args_string \|\| !cookies) {
bsw/jbe@4	41 fputs("Status: 403 Access Denied\n\n", stdout);
bsw/jbe@4	42 return 0;
bsw/jbe@4	43 }
bsw@871	44 #endif
bsw/jbe@4	45
bsw/jbe@4	46 member_id = strtok(args_string, "+");
bsw/jbe@4	47 image_type = strtok(NULL, "+");
bsw/jbe@4	48 sql_member_image_params[0] = member_id;
bsw/jbe@4	49 sql_member_image_params[1] = image_type;
bsw/jbe@4	50
bsw@871	51 #ifndef PUBLIC_ACCESS
bsw/jbe@5	52 if (regcomp(&session_ident_regex, "(^\|[; \t])liquid_feedback_session=([0-9A-Za-z]+)", REG_EXTENDED) != 0) {
bsw/jbe@4	53 // shouldn't happen
bsw/jbe@4	54 abort();
bsw/jbe@4	55 }
bsw/jbe@52	56 if (regexec(&session_ident_regex, cookies, 3, session_ident_regmatch, 0) != 0) {
bsw/jbe@4	57 fputs("Status: 403 Access Denied\n\n", stdout);
bsw/jbe@4	58 return 0;
bsw/jbe@4	59 }
bsw/jbe@5	60 start = session_ident_regmatch[2].rm_so;
bsw/jbe@5	61 length = session_ident_regmatch[2].rm_eo - session_ident_regmatch[2].rm_so;
bsw/jbe@4	62 session_ident = malloc(length + 1);
bsw/jbe@5	63 if (!session_ident) abort(); // shouldn't happen
bsw/jbe@4	64 strncpy(session_ident, cookies + start, length);
bsw/jbe@4	65 session_ident[length] = 0;
bsw/jbe@4	66 sql_session_params[0] = session_ident;
bsw/jbe@4	67
bsw/jbe@4	68 conn = PQconnectdb(GETPIC_CONNINFO);
bsw/jbe@4	69 if (!conn) {
bsw/jbe@4	70 fputs("Could not create PGconn structure.\n", stderr);
bsw/jbe@4	71 return 1;
bsw/jbe@4	72 }
bsw/jbe@4	73 if (PQstatus(conn) != CONNECTION_OK) {
bsw/jbe@4	74 fputs(PQerrorMessage(conn), stderr);
bsw/jbe@5	75 PQfinish(conn);
bsw/jbe@4	76 return 1;
bsw/jbe@4	77 }
bsw/jbe@4	78
bsw/jbe@4	79 dbr = PQexecParams(conn,
bsw/jbe@4	80 "SELECT NULL FROM session JOIN member ON member.id = session.member_id WHERE session.ident = $1 AND member.active",
bsw/jbe@4	81 1, NULL, sql_session_params, NULL, NULL, 0
bsw/jbe@4	82 );
bsw/jbe@4	83 if (PQresultStatus(dbr) != PGRES_TUPLES_OK) {
bsw/jbe@4	84 fputs(PQresultErrorMessage(dbr), stderr);
bsw/jbe@5	85 PQfinish(conn);
bsw/jbe@4	86 return 1;
bsw/jbe@4	87 }
bsw/jbe@4	88 if (PQntuples(dbr) != 1) {
bsw/jbe@4	89 fputs("Status: 403 Access Denied\n\n", stdout);
bsw/jbe@5	90 PQfinish(conn);
bsw/jbe@4	91 return 0;
bsw/jbe@4	92 }
bsw@871	93 #endif
bsw/jbe@4	94
bsw/jbe@4	95 dbr = PQexecParams(conn,
bsw/jbe@4	96 "SELECT content_type, data "
bsw/jbe@4	97 "FROM member_image "
bsw/jbe@4	98 "WHERE member_id = $1 "
bsw/jbe@4	99 "AND image_type = $2 "
bsw/jbe@4	100 "AND scaled "
bsw/jbe@4	101 "LIMIT 1;",
bsw/jbe@4	102 2, NULL, sql_member_image_params, NULL, NULL, 1
bsw/jbe@4	103 );
bsw/jbe@4	104 if (PQresultStatus(dbr) != PGRES_TUPLES_OK) {
bsw/jbe@4	105 fputs(PQresultErrorMessage(dbr), stderr);
bsw/jbe@5	106 PQfinish(conn);
bsw/jbe@4	107 return 1;
bsw/jbe@4	108 }
bsw/jbe@4	109 if (PQntuples(dbr) == 0) {
bsw/jbe@4	110 struct stat sb;
bsw/jbe@4	111 PQclear(dbr);
bsw/jbe@4	112 PQfinish(conn);
bsw/jbe@4	113 fputs("Content-Type: image/jpeg\n\n", stdout);
bsw/jbe@4	114 if (stat(GETPIC_DEFAULT_AVATAR, &sb)) return 1;
bsw/jbe@5	115 fprintf(stdout, "Content-Length: %i\n", (int)sb.st_size);
bsw/jbe@4	116 execl("/bin/cat", "cat", GETPIC_DEFAULT_AVATAR, NULL);
bsw/jbe@4	117 return 1;
bsw/jbe@4	118 } else {
bsw/jbe@4	119 if (PQnfields(dbr) < 0) {
bsw/jbe@4	120 fputs("Too few columns returned by database.\n", stderr);
bsw/jbe@5	121 PQfinish(conn);
bsw/jbe@4	122 return 1;
bsw/jbe@4	123 }
bsw/jbe@4	124 if (PQfformat(dbr, 0) != 1 \|\| PQfformat(dbr, 1) != 1) {
bsw/jbe@4	125 fputs("Database did not return data in binary format.\n", stderr);
bsw/jbe@5	126 PQfinish(conn);
bsw/jbe@4	127 return 1;
bsw/jbe@4	128 }
bsw/jbe@4	129 if (PQgetisnull(dbr, 0, 0) \|\| PQgetisnull(dbr, 0, 1)) {
bsw/jbe@4	130 fputs("Unexpected NULL in database result.\n", stderr);
bsw/jbe@5	131 PQfinish(conn);
bsw/jbe@4	132 return 1;
bsw/jbe@4	133 }
bsw/jbe@52	134 fprintf(stdout, "Content-Type: %s\n\n", PQgetvalue(dbr, 0, 0));
bsw/jbe@4	135 fwrite(PQgetvalue(dbr, 0, 1), PQgetlength(dbr, 0, 1), 1, stdout);
bsw/jbe@4	136 }
bsw/jbe@4	137 PQfinish(conn);
bsw/jbe@4	138 return 0;
bsw/jbe@5	139
bsw/jbe@4	140 }