liquid_feedback_frontend

view fastpath/getpic.c @ 1859:02c34183b6df

find changesets by author, revision, files, or words in the commit message
Fixed wrong filename in INSTALL file
author bsw
date Tue Nov 28 18:54:51 2023 +0100 (23 months ago)
parents 7f7142e949ee
children
line source
1 #include <stdlib.h>
2 #include <stdio.h>
3 #include <libpq-fe.h>
4 #include <string.h>
5 #include <regex.h>
6 #include <sys/types.h>
7 #include <sys/stat.h>
8 #include <unistd.h>
9
10 #ifndef GETPIC_CONNINFO
11 #define GETPIC_CONNINFO "dbname=liquid_feedback"
12 #endif
13
14 #ifndef GETPIC_DEFAULT_AVATAR
15 #define GETPIC_DEFAULT_AVATAR "/opt/liquid_feedback_testing/app/static/avatar.jpg"
16 #endif
17
18 int main(int argc, const char * const *argv) {
19
20 char *args_string;
21 char *member_id;
22 char *image_type;
23 const char *sql_member_image_params[2];
24
25 #ifndef PUBLIC_ACCESS
26 #ifdef PUBLIC_AVATAR_ACCESS
27 int authorization_required = 0;
28 #endif
29 char *cookies;
30 regex_t session_ident_regex;
31 ssize_t start, length;
32 regmatch_t session_ident_regmatch[3];
33 char *session_ident;
34 const char *sql_session_params[1];
35 #endif
36
37 PGconn *conn;
38 PGresult *dbr;
39
40 args_string = getenv("QUERY_STRING");
41 if (!args_string) {
42 fputs("Status: 403 Access Denied\n\n", stdout);
43 return 0;
44 }
45
46 member_id = strtok(args_string, "+");
47 image_type = strtok(NULL, "+");
48 if (!member_id || !image_type) {
49 fputs("Status: 403 Access Denied\n\n", stdout);
50 return 0;
51 }
52 sql_member_image_params[0] = member_id;
53 sql_member_image_params[1] = image_type;
54
55 #ifndef PUBLIC_ACCESS
56 #ifdef PUBLIC_AVATAR_ACCESS
57 if (strcmp(image_type, "avatar")) {
58 authorization_required = 1;
59 #endif
60 cookies = getenv("HTTP_COOKIE");
61 if (!args_string || !cookies) {
62 fputs("Status: 403 Access Denied\n\n", stdout);
63 return 0;
64 }
65 if (regcomp(&session_ident_regex, "(^|[; \t])liquid_feedback_session=([0-9A-Za-z]+)", REG_EXTENDED) != 0) {
66 // shouldn't happen
67 abort();
68 }
69 if (regexec(&session_ident_regex, cookies, 3, session_ident_regmatch, 0) != 0) {
70 fputs("Status: 403 Access Denied\n\n", stdout);
71 return 0;
72 }
73 start = session_ident_regmatch[2].rm_so;
74 length = session_ident_regmatch[2].rm_eo - session_ident_regmatch[2].rm_so;
75 session_ident = malloc(length + 1);
76 if (!session_ident) abort(); // shouldn't happen
77 strncpy(session_ident, cookies + start, length);
78 session_ident[length] = 0;
79 sql_session_params[0] = session_ident;
80 #ifdef PUBLIC_AVATAR_ACCESS
81 }
82 #endif
83 #endif
84
85 conn = PQconnectdb(GETPIC_CONNINFO);
86 if (!conn) {
87 fputs("Could not create PGconn structure.\n", stderr);
88 return 1;
89 }
90 if (PQstatus(conn) != CONNECTION_OK) {
91 fputs(PQerrorMessage(conn), stderr);
92 PQfinish(conn);
93 return 1;
94 }
95
96 #ifndef PUBLIC_ACCESS
97 #ifdef PUBLIC_AVATAR_ACCESS
98 if (authorization_required) {
99 #endif
100 dbr = PQexecParams(conn,
101 "SELECT NULL FROM session JOIN member ON member.id = session.member_id WHERE session.ident = $1 AND member.active",
102 1, NULL, sql_session_params, NULL, NULL, 0
103 );
104 if (PQresultStatus(dbr) != PGRES_TUPLES_OK) {
105 fputs(PQresultErrorMessage(dbr), stderr);
106 PQfinish(conn);
107 return 1;
108 }
109 if (PQntuples(dbr) != 1) {
110 fputs("Status: 403 Access Denied\n\n", stdout);
111 PQfinish(conn);
112 return 0;
113 }
114 #ifdef PUBLIC_AVATAR_ACCESS
115 }
116 #endif
117 #endif
118
119 dbr = PQexecParams(conn,
120 "SELECT content_type, data "
121 "FROM member_image "
122 "WHERE member_id = $1 "
123 "AND image_type = $2 "
124 "AND scaled "
125 "LIMIT 1;",
126 2, NULL, sql_member_image_params, NULL, NULL, 1
127 );
128 if (PQresultStatus(dbr) != PGRES_TUPLES_OK) {
129 fputs(PQresultErrorMessage(dbr), stderr);
130 PQfinish(conn);
131 return 1;
132 }
133 if (PQntuples(dbr) == 0) {
134 struct stat sb;
135 PQclear(dbr);
136 PQfinish(conn);
137 fputs("Content-Type: image/jpeg\n\n", stdout);
138 if (stat(GETPIC_DEFAULT_AVATAR, &sb)) return 1;
139 fprintf(stdout, "Content-Length: %i\n", (int)sb.st_size);
140 execl("/bin/cat", "cat", GETPIC_DEFAULT_AVATAR, NULL);
141 return 1;
142 } else {
143 if (PQnfields(dbr) < 0) {
144 fputs("Too few columns returned by database.\n", stderr);
145 PQfinish(conn);
146 return 1;
147 }
148 if (PQfformat(dbr, 0) != 1 || PQfformat(dbr, 1) != 1) {
149 fputs("Database did not return data in binary format.\n", stderr);
150 PQfinish(conn);
151 return 1;
152 }
153 if (PQgetisnull(dbr, 0, 0) || PQgetisnull(dbr, 0, 1)) {
154 fputs("Unexpected NULL in database result.\n", stderr);
155 PQfinish(conn);
156 return 1;
157 }
158 fprintf(stdout, "Content-Type: %s\n\n", PQgetvalue(dbr, 0, 0));
159 fwrite(PQgetvalue(dbr, 0, 1), PQgetlength(dbr, 0, 1), 1, stdout);
160 }
161 PQfinish(conn);
162 return 0;
163
164 }

Impressum / About Us