liquid_feedback_frontend

view fastpath/getpic.c @ 10:72c5e0ee7c98

find changesets by author, revision, files, or words in the commit message
Version beta6

Bugfixes:
- Security fix: Every user was able to change the discussion URL of an initiative
- Creation of new issues in areas without default policies is now possible
- Members can now be sorted in different ways
- No error when trying to compare a draft with itself
- Added missing local statement to variable initialization in app/main/delegation/new.lua
- CSS flaw in initiative action bar fixed

New features:
- Possiblity to invite other users to become initiator
- Revokation of initiatives implemented
- Number of suggestions, supporters, etc. is shown on corresponding tabs of initiative view
- Members can now be sorted by account creation (default sorting is "newest first")
- Configuration option to create an automatic discussion link for all issues
- First draft of global timeline feature (not accessible via link yet)
- Custom stylesheet URL for users marked as developers

In area listing the number of closed issues is shown too

Renamed "author" field of initiative to "last author"

Removed wrongly included file app/main/member/_show_thumb.lua.orig in the distribution

Help texts updated
author bsw
date Sun Jan 10 12:00:00 2010 +0100 (2010-01-10)
parents afd9f769c7ae
children 88ac7798b562
line source
1 #include <stdlib.h>
2 #include <stdio.h>
3 #include <libpq-fe.h>
4 #include <string.h>
5 #include <regex.h>
6 #include <sys/types.h>
7 #include <sys/stat.h>
8 #include <unistd.h>
9
10 #ifndef GETPIC_CONNINFO
11 #define GETPIC_CONNINFO "dbname=liquid_feedback"
12 #endif
13
14 #ifndef GETPIC_DEFAULT_AVATAR
15 #define GETPIC_DEFAULT_AVATAR "/opt/liquid_feedback_testing/app/static/avatar.jpg"
16 #endif
17
18 int main(int argc, const char * const *argv) {
19
20 char *args_string;
21 char *member_id;
22 char *image_type;
23 char *sql_member_image_params[2];
24
25 char *cookies;
26 regex_t session_ident_regex;
27 ssize_t start, length;
28 regmatch_t session_ident_regmatch[3];
29 char *session_ident;
30 char *sql_session_params[1];
31
32 PGconn *conn;
33 PGresult *dbr;
34
35 args_string = getenv("QUERY_STRING");
36 cookies = getenv("HTTP_COOKIE");
37 if (!args_string || !cookies) {
38 fputs("Status: 403 Access Denied\n\n", stdout);
39 return 0;
40 }
41
42 member_id = strtok(args_string, "+");
43 image_type = strtok(NULL, "+");
44 sql_member_image_params[0] = member_id;
45 sql_member_image_params[1] = image_type;
46
47 if (regcomp(&session_ident_regex, "(^|[; \t])liquid_feedback_session=([0-9A-Za-z]+)", REG_EXTENDED) != 0) {
48 // shouldn't happen
49 abort();
50 }
51 if (regexec(&session_ident_regex, cookies, 2, session_ident_regmatch, 0) != 0) {
52 fputs("Status: 403 Access Denied\n\n", stdout);
53 return 0;
54 }
55 start = session_ident_regmatch[2].rm_so;
56 length = session_ident_regmatch[2].rm_eo - session_ident_regmatch[2].rm_so;
57 session_ident = malloc(length + 1);
58 if (!session_ident) abort(); // shouldn't happen
59 strncpy(session_ident, cookies + start, length);
60 session_ident[length] = 0;
61 sql_session_params[0] = session_ident;
62
63 conn = PQconnectdb(GETPIC_CONNINFO);
64 if (!conn) {
65 fputs("Could not create PGconn structure.\n", stderr);
66 return 1;
67 }
68 if (PQstatus(conn) != CONNECTION_OK) {
69 fputs(PQerrorMessage(conn), stderr);
70 PQfinish(conn);
71 return 1;
72 }
73
74 dbr = PQexecParams(conn,
75 "SELECT NULL FROM session JOIN member ON member.id = session.member_id WHERE session.ident = $1 AND member.active",
76 1, NULL, sql_session_params, NULL, NULL, 0
77 );
78 if (PQresultStatus(dbr) != PGRES_TUPLES_OK) {
79 fputs(PQresultErrorMessage(dbr), stderr);
80 PQfinish(conn);
81 return 1;
82 }
83 if (PQntuples(dbr) != 1) {
84 fputs("Status: 403 Access Denied\n\n", stdout);
85 PQfinish(conn);
86 return 0;
87 }
88
89 dbr = PQexecParams(conn,
90 "SELECT content_type, data "
91 "FROM member_image "
92 "WHERE member_id = $1 "
93 "AND image_type = $2 "
94 "AND scaled "
95 "LIMIT 1;",
96 2, NULL, sql_member_image_params, NULL, NULL, 1
97 );
98 if (PQresultStatus(dbr) != PGRES_TUPLES_OK) {
99 fputs(PQresultErrorMessage(dbr), stderr);
100 PQfinish(conn);
101 return 1;
102 }
103 if (PQntuples(dbr) == 0) {
104 struct stat sb;
105 PQclear(dbr);
106 PQfinish(conn);
107 fputs("Content-Type: image/jpeg\n\n", stdout);
108 if (stat(GETPIC_DEFAULT_AVATAR, &sb)) return 1;
109 fprintf(stdout, "Content-Length: %i\n", (int)sb.st_size);
110 execl("/bin/cat", "cat", GETPIC_DEFAULT_AVATAR, NULL);
111 return 1;
112 } else {
113 if (PQnfields(dbr) < 0) {
114 fputs("Too few columns returned by database.\n", stderr);
115 PQfinish(conn);
116 return 1;
117 }
118 if (PQfformat(dbr, 0) != 1 || PQfformat(dbr, 1) != 1) {
119 fputs("Database did not return data in binary format.\n", stderr);
120 PQfinish(conn);
121 return 1;
122 }
123 if (PQgetisnull(dbr, 0, 0) || PQgetisnull(dbr, 0, 1)) {
124 fputs("Unexpected NULL in database result.\n", stderr);
125 PQfinish(conn);
126 return 1;
127 }
128 fputs("Content-Type: ", stdout);
129 fprintf(stdout, "Content-Length: %i\n", PQgetlength(dbr, 0, 1));
130 fwrite(PQgetvalue(dbr, 0, 0), PQgetlength(dbr, 0, 0), 1, stdout);
131 fputs("\n\n", stdout);
132 fwrite(PQgetvalue(dbr, 0, 1), PQgetlength(dbr, 0, 1), 1, stdout);
133 }
134 PQfinish(conn);
135 return 0;
136
137 }

Impressum / About Us