| 1 | /* |
| 2 | * This file is part of DisOrder. |
| 3 | * Copyright (C) 2004-2008 Richard Kettlewell |
| 4 | * |
| 5 | * This program is free software: you can redistribute it and/or modify |
| 6 | * it under the terms of the GNU General Public License as published by |
| 7 | * the Free Software Foundation, either version 3 of the License, or |
| 8 | * (at your option) any later version. |
| 9 | * |
| 10 | * This program is distributed in the hope that it will be useful, |
| 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 13 | * GNU General Public License for more details. |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License |
| 16 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 17 | */ |
| 18 | /** @file cgi/actions.c |
| 19 | * @brief DisOrder web actions |
| 20 | * |
| 21 | * Actions are anything that the web interface does beyond passive template |
| 22 | * expansion and inspection of state recieved from the server. This means |
| 23 | * playing tracks, editing prefs etc but also setting extra headers e.g. to |
| 24 | * auto-refresh the playing list. |
| 25 | * |
| 26 | * See @ref lib/macros-builtin.c for docstring syntax. |
| 27 | */ |
| 28 | |
| 29 | #include "disorder-cgi.h" |
| 30 | |
| 31 | /** @brief Redirect to some other action or URL */ |
| 32 | static void redirect(const char *url) { |
| 33 | /* By default use the 'back' argument */ |
| 34 | if(!url) |
| 35 | url = cgi_get("back"); |
| 36 | if(url && *url) { |
| 37 | if(strncmp(url, "http", 4)) |
| 38 | /* If the target is not a full URL assume it's the action */ |
| 39 | url = cgi_makeurl(config->url, "action", url, (char *)0); |
| 40 | } else { |
| 41 | /* If back= is not set just go back to the front page */ |
| 42 | url = config->url; |
| 43 | } |
| 44 | if(printf("Location: %s\n" |
| 45 | "%s\n" |
| 46 | "\n", url, dcgi_cookie_header()) < 0) |
| 47 | disorder_fatal(errno, "error writing to stdout"); |
| 48 | } |
| 49 | |
| 50 | /*$ playing |
| 51 | * |
| 52 | * Expands \fIplaying.tmpl\fR as if there was no special 'playing' action, but |
| 53 | * adds a Refresh: field to the HTTP header. The maximum refresh interval is |
| 54 | * defined by \fBrefresh\fR (see \fBdisorder_config\fR(5)) but may be less if |
| 55 | * the end of the track is near. |
| 56 | */ |
| 57 | /*$ manage |
| 58 | * |
| 59 | * Expands \fIplaying.tmpl\fR (NB not \fImanage.tmpl\fR) as if there was no |
| 60 | * special 'playing' action, and adds a Refresh: field to the HTTP header. The |
| 61 | * maximum refresh interval is defined by \Bfrefresh\fR (see |
| 62 | * \fBdisorder_config\fR(5)) but may be less if the end of the track is near. |
| 63 | */ |
| 64 | static void act_playing(void) { |
| 65 | long refresh = config->refresh; |
| 66 | long length; |
| 67 | time_t now, fin; |
| 68 | char *url; |
| 69 | const char *action; |
| 70 | |
| 71 | dcgi_lookup(DCGI_PLAYING|DCGI_QUEUE|DCGI_ENABLED|DCGI_RANDOM_ENABLED); |
| 72 | if(dcgi_playing |
| 73 | && dcgi_playing->state == playing_started /* i.e. not paused */ |
| 74 | && !disorder_length(dcgi_client, dcgi_playing->track, &length) |
| 75 | && length |
| 76 | && dcgi_playing->sofar >= 0) { |
| 77 | /* Try to put the next refresh at the start of the next track. */ |
| 78 | xtime(&now); |
| 79 | fin = now + length - dcgi_playing->sofar + config->gap; |
| 80 | if(now + refresh > fin) |
| 81 | refresh = fin - now; |
| 82 | } |
| 83 | if(dcgi_queue && dcgi_queue->origin == origin_scratch) { |
| 84 | /* next track is a scratch, don't leave more than the inter-track gap */ |
| 85 | if(refresh > config->gap) |
| 86 | refresh = config->gap; |
| 87 | } |
| 88 | if(!dcgi_playing |
| 89 | && ((dcgi_queue |
| 90 | && dcgi_queue->origin != origin_random) |
| 91 | || dcgi_random_enabled) |
| 92 | && dcgi_enabled) { |
| 93 | /* no track playing but playing is enabled and there is something coming |
| 94 | * up, must be in a gap */ |
| 95 | if(refresh > config->gap) |
| 96 | refresh = config->gap; |
| 97 | } |
| 98 | /* Bound the refresh interval below as a back-stop against the above |
| 99 | * calculations coming up with a stupid answer */ |
| 100 | if(refresh < config->refresh_min) |
| 101 | refresh = config->refresh_min; |
| 102 | if((action = cgi_get("action"))) |
| 103 | url = cgi_makeurl(config->url, "action", action, (char *)0); |
| 104 | else |
| 105 | url = config->url; |
| 106 | if(printf("Refresh: %ld;url=%s\n", |
| 107 | refresh, url) < 0) |
| 108 | disorder_fatal(errno, "error writing to stdout"); |
| 109 | dcgi_expand("playing", 1); |
| 110 | } |
| 111 | |
| 112 | /*$ disable |
| 113 | * |
| 114 | * Disables play. |
| 115 | */ |
| 116 | static void act_disable(void) { |
| 117 | if(dcgi_client) |
| 118 | disorder_disable(dcgi_client); |
| 119 | redirect(0); |
| 120 | } |
| 121 | |
| 122 | /*$ enable |
| 123 | * |
| 124 | * Enables play. |
| 125 | */ |
| 126 | static void act_enable(void) { |
| 127 | if(dcgi_client) |
| 128 | disorder_enable(dcgi_client); |
| 129 | redirect(0); |
| 130 | } |
| 131 | |
| 132 | /*$ random-disable |
| 133 | * |
| 134 | * Disables random play. |
| 135 | */ |
| 136 | static void act_random_disable(void) { |
| 137 | if(dcgi_client) |
| 138 | disorder_random_disable(dcgi_client); |
| 139 | redirect(0); |
| 140 | } |
| 141 | |
| 142 | /*$ random-enable |
| 143 | * |
| 144 | * Enables random play. |
| 145 | */ |
| 146 | static void act_random_enable(void) { |
| 147 | if(dcgi_client) |
| 148 | disorder_random_enable(dcgi_client); |
| 149 | redirect(0); |
| 150 | } |
| 151 | |
| 152 | /*$ pause |
| 153 | * |
| 154 | * Pauses the current track (if there is one and it's not paused already). |
| 155 | */ |
| 156 | static void act_pause(void) { |
| 157 | if(dcgi_client) |
| 158 | disorder_pause(dcgi_client); |
| 159 | redirect(0); |
| 160 | } |
| 161 | |
| 162 | /*$ resume |
| 163 | * |
| 164 | * Resumes the current track (if there is one and it's paused). |
| 165 | */ |
| 166 | static void act_resume(void) { |
| 167 | if(dcgi_client) |
| 168 | disorder_resume(dcgi_client); |
| 169 | redirect(0); |
| 170 | } |
| 171 | |
| 172 | /*$ remove |
| 173 | * |
| 174 | * Removes the track given by the \fBid\fR argument. If this is the currently |
| 175 | * playing track then it is scratched. |
| 176 | */ |
| 177 | static void act_remove(void) { |
| 178 | const char *id; |
| 179 | struct queue_entry *q; |
| 180 | |
| 181 | if(dcgi_client) { |
| 182 | if(!(id = cgi_get("id"))) |
| 183 | disorder_error(0, "missing 'id' argument"); |
| 184 | else if(!(q = dcgi_findtrack(id))) |
| 185 | disorder_error(0, "unknown queue id %s", id); |
| 186 | else if(q->origin == origin_scratch) |
| 187 | /* can't scratch scratches */ |
| 188 | disorder_error(0, "does not make sense to scratch or remove %s", id); |
| 189 | else if(q->state == playing_paused |
| 190 | || q->state == playing_started) |
| 191 | /* removing the playing track = scratching */ |
| 192 | disorder_scratch(dcgi_client, id); |
| 193 | else if(q->state == playing_unplayed) |
| 194 | /* otherwise it must be in the queue */ |
| 195 | disorder_remove(dcgi_client, id); |
| 196 | else |
| 197 | /* various error states */ |
| 198 | disorder_error(0, "does not make sense to scratch or remove %s", id); |
| 199 | } |
| 200 | redirect(0); |
| 201 | } |
| 202 | |
| 203 | /*$ move |
| 204 | * |
| 205 | * Moves the track given by the \fBid\fR argument the distance given by the |
| 206 | * \fBdelta\fR argument. If this is positive the track is moved earlier in the |
| 207 | * queue and if negative, later. |
| 208 | */ |
| 209 | static void act_move(void) { |
| 210 | const char *id, *delta; |
| 211 | struct queue_entry *q; |
| 212 | |
| 213 | if(dcgi_client) { |
| 214 | if(!(id = cgi_get("id"))) |
| 215 | disorder_error(0, "missing 'id' argument"); |
| 216 | else if(!(delta = cgi_get("delta"))) |
| 217 | disorder_error(0, "missing 'delta' argument"); |
| 218 | else if(!(q = dcgi_findtrack(id))) |
| 219 | disorder_error(0, "unknown queue id %s", id); |
| 220 | else switch(q->state) { |
| 221 | case playing_random: /* unplayed randomly chosen track */ |
| 222 | case playing_unplayed: /* haven't played this track yet */ |
| 223 | disorder_move(dcgi_client, id, atol(delta)); |
| 224 | break; |
| 225 | default: |
| 226 | disorder_error(0, "does not make sense to scratch %s", id); |
| 227 | break; |
| 228 | } |
| 229 | } |
| 230 | redirect(0); |
| 231 | } |
| 232 | |
| 233 | /*$ play |
| 234 | * |
| 235 | * Play the track given by the \fBtrack\fR argument, or if that is not set all |
| 236 | * the tracks in the directory given by the \fBdir\fR argument. |
| 237 | */ |
| 238 | static void act_play(void) { |
| 239 | const char *track, *dir; |
| 240 | char **tracks; |
| 241 | int ntracks, n; |
| 242 | struct tracksort_data *tsd; |
| 243 | |
| 244 | if(dcgi_client) { |
| 245 | if((track = cgi_get("track"))) { |
| 246 | disorder_play(dcgi_client, track); |
| 247 | } else if((dir = cgi_get("dir"))) { |
| 248 | if(disorder_files(dcgi_client, dir, 0, &tracks, &ntracks)) |
| 249 | ntracks = 0; |
| 250 | tsd = tracksort_init(ntracks, tracks, "track"); |
| 251 | for(n = 0; n < ntracks; ++n) |
| 252 | disorder_play(dcgi_client, tsd[n].track); |
| 253 | } |
| 254 | } |
| 255 | redirect(0); |
| 256 | } |
| 257 | |
| 258 | static int clamp(int n, int min, int max) { |
| 259 | if(n < min) |
| 260 | return min; |
| 261 | if(n > max) |
| 262 | return max; |
| 263 | return n; |
| 264 | } |
| 265 | |
| 266 | /*$ volume |
| 267 | * |
| 268 | * If the \fBdelta\fR argument is set: adjust both channels by that amount (up |
| 269 | * if positive, down if negative). |
| 270 | * |
| 271 | * Otherwise if \fBleft\fR and \fBright\fR are set, set the channels |
| 272 | * independently to those values. |
| 273 | */ |
| 274 | static void act_volume(void) { |
| 275 | const char *l, *r, *d; |
| 276 | int nd; |
| 277 | |
| 278 | if(dcgi_client) { |
| 279 | if((d = cgi_get("delta"))) { |
| 280 | dcgi_lookup(DCGI_VOLUME); |
| 281 | nd = clamp(atoi(d), -255, 255); |
| 282 | disorder_set_volume(dcgi_client, |
| 283 | clamp(dcgi_volume_left + nd, 0, 255), |
| 284 | clamp(dcgi_volume_right + nd, 0, 255)); |
| 285 | } else if((l = cgi_get("left")) && (r = cgi_get("right"))) |
| 286 | disorder_set_volume(dcgi_client, atoi(l), atoi(r)); |
| 287 | } |
| 288 | redirect(0); |
| 289 | } |
| 290 | |
| 291 | /** @brief Expand the login template with @b @@error set to @p error |
| 292 | * @param e Error keyword |
| 293 | */ |
| 294 | static void login_error(const char *e) { |
| 295 | dcgi_error_string = e; |
| 296 | dcgi_expand("login", 1); |
| 297 | } |
| 298 | |
| 299 | /** @brief Log in |
| 300 | * @param username Login name |
| 301 | * @param password Password |
| 302 | * @return 0 on success, non-0 on error |
| 303 | * |
| 304 | * On error, calls login_error() to expand the login template. |
| 305 | */ |
| 306 | static int login_as(const char *username, const char *password) { |
| 307 | disorder_client *c; |
| 308 | |
| 309 | if(dcgi_cookie && dcgi_client) |
| 310 | disorder_revoke(dcgi_client); |
| 311 | /* We'll need a new connection as we are going to stop being guest */ |
| 312 | c = disorder_new(0); |
| 313 | if(disorder_connect_user(c, username, password)) { |
| 314 | login_error("loginfailed"); |
| 315 | return -1; |
| 316 | } |
| 317 | /* Generate a cookie so we can log in again later */ |
| 318 | if(disorder_make_cookie(c, &dcgi_cookie)) { |
| 319 | login_error("cookiefailed"); |
| 320 | return -1; |
| 321 | } |
| 322 | /* Use the new connection henceforth */ |
| 323 | dcgi_client = c; |
| 324 | dcgi_lookup_reset(); |
| 325 | return 0; /* OK */ |
| 326 | } |
| 327 | |
| 328 | /*$ login |
| 329 | * |
| 330 | * If \fBusername\fR and \fBpassword\fR are set (and the username isn't |
| 331 | * "guest") then attempt to log in using those credentials. On success, |
| 332 | * redirects to the \fBback\fR argument if that is set, or just expands |
| 333 | * \fIlogin.tmpl\fI otherwise, with \fB@status\fR set to \fBloginok\fR. |
| 334 | * |
| 335 | * If they aren't set then just expands \fIlogin.tmpl\fI. |
| 336 | */ |
| 337 | static void act_login(void) { |
| 338 | const char *username, *password; |
| 339 | |
| 340 | /* We try all this even if not connected since the subsequent connection may |
| 341 | * succeed. */ |
| 342 | |
| 343 | username = cgi_get("username"); |
| 344 | password = cgi_get("password"); |
| 345 | if(!username |
| 346 | || !password |
| 347 | || !strcmp(username, "guest")/*bodge to avoid guest cookies*/) { |
| 348 | /* We're just visiting the login page, not performing an action at all. */ |
| 349 | dcgi_expand("login", 1); |
| 350 | return; |
| 351 | } |
| 352 | if(!login_as(username, password)) { |
| 353 | /* Report the succesful login */ |
| 354 | dcgi_status_string = "loginok"; |
| 355 | /* Redirect back to where we came from, if necessary */ |
| 356 | if(cgi_get("back")) |
| 357 | redirect(0); |
| 358 | else |
| 359 | dcgi_expand("login", 1); |
| 360 | } |
| 361 | } |
| 362 | |
| 363 | /*$ logout |
| 364 | * |
| 365 | * Logs out the current user and expands \fIlogin.tmpl\fR with \fBstatus\fR or |
| 366 | * \fB@error\fR set according to the result. |
| 367 | */ |
| 368 | static void act_logout(void) { |
| 369 | if(dcgi_client) { |
| 370 | /* Ask the server to revoke the cookie */ |
| 371 | if(!disorder_revoke(dcgi_client)) |
| 372 | dcgi_status_string = "logoutok"; |
| 373 | else |
| 374 | dcgi_error_string = "revokefailed"; |
| 375 | } else { |
| 376 | /* We can't guarantee a logout if we can't connect to the server to revoke |
| 377 | * the cookie, so we report an error. We'll still ask the browser to |
| 378 | * forget the cookie though. */ |
| 379 | dcgi_error_string = "connect"; |
| 380 | } |
| 381 | /* Attempt to reconnect without the cookie */ |
| 382 | dcgi_cookie = 0; |
| 383 | dcgi_login(); |
| 384 | /* Back to login page, hopefuly forcing the browser to forget the cookie. */ |
| 385 | dcgi_expand("login", 1); |
| 386 | } |
| 387 | |
| 388 | /*$ register |
| 389 | * |
| 390 | * Register a new user using \fBusername\fR, \fBpassword1\fR, \fBpassword2\fR |
| 391 | * and \fBemail\fR and expands \fIlogin.tmpl\fR with \fBstatus\fR or |
| 392 | * \fB@error\fR set according to the result. |
| 393 | */ |
| 394 | static void act_register(void) { |
| 395 | const char *username, *password, *password2, *email; |
| 396 | char *confirm, *content_type; |
| 397 | const char *text, *encoding, *charset; |
| 398 | |
| 399 | /* If we're not connected then this is a hopeless exercise */ |
| 400 | if(!dcgi_client) { |
| 401 | login_error("connect"); |
| 402 | return; |
| 403 | } |
| 404 | |
| 405 | /* Collect arguments */ |
| 406 | username = cgi_get("username"); |
| 407 | password = cgi_get("password1"); |
| 408 | password2 = cgi_get("password2"); |
| 409 | email = cgi_get("email"); |
| 410 | |
| 411 | /* Verify arguments */ |
| 412 | if(!username || !*username) { |
| 413 | login_error("nousername"); |
| 414 | return; |
| 415 | } |
| 416 | if(!password || !*password) { |
| 417 | login_error("nopassword"); |
| 418 | return; |
| 419 | } |
| 420 | if(!password2 || !*password2 || strcmp(password, password2)) { |
| 421 | login_error("passwordmismatch"); |
| 422 | return; |
| 423 | } |
| 424 | if(!email || !*email) { |
| 425 | login_error("noemail"); |
| 426 | return; |
| 427 | } |
| 428 | /* We could well do better address validation but for now we'll just do the |
| 429 | * minimum */ |
| 430 | if(!email_valid(email)) { |
| 431 | login_error("bademail"); |
| 432 | return; |
| 433 | } |
| 434 | if(disorder_register(dcgi_client, username, password, email, &confirm)) { |
| 435 | login_error("cannotregister"); |
| 436 | return; |
| 437 | } |
| 438 | /* Send the user a mail */ |
| 439 | /* TODO templatize this */ |
| 440 | byte_xasprintf((char **)&text, |
| 441 | "Welcome to DisOrder. To active your login, please visit this URL:\n" |
| 442 | "\n" |
| 443 | "%s?c=%s\n", config->url, urlencodestring(confirm)); |
| 444 | if(!(text = mime_encode_text(text, &charset, &encoding))) |
| 445 | disorder_fatal(0, "cannot encode email"); |
| 446 | byte_xasprintf(&content_type, "text/plain;charset=%s", |
| 447 | quote822(charset, 0)); |
| 448 | sendmail("", config->mail_sender, email, "Welcome to DisOrder", |
| 449 | encoding, content_type, text); /* TODO error checking */ |
| 450 | /* We'll go back to the login page with a suitable message */ |
| 451 | dcgi_status_string = "registered"; |
| 452 | dcgi_expand("login", 1); |
| 453 | } |
| 454 | |
| 455 | /*$ confirm |
| 456 | * |
| 457 | * Confirm a user registration using the nonce supplied in \fBc\fR and expands |
| 458 | * \fIlogin.tmpl\fR with \fBstatus\fR or \fB@error\fR set according to the |
| 459 | * result. |
| 460 | */ |
| 461 | static void act_confirm(void) { |
| 462 | const char *confirmation; |
| 463 | |
| 464 | /* If we're not connected then this is a hopeless exercise */ |
| 465 | if(!dcgi_client) { |
| 466 | login_error("connect"); |
| 467 | return; |
| 468 | } |
| 469 | |
| 470 | if(!(confirmation = cgi_get("c"))) { |
| 471 | login_error("noconfirm"); |
| 472 | return; |
| 473 | } |
| 474 | /* Confirm our registration */ |
| 475 | if(disorder_confirm(dcgi_client, confirmation)) { |
| 476 | login_error("badconfirm"); |
| 477 | return; |
| 478 | } |
| 479 | /* Get a cookie */ |
| 480 | if(disorder_make_cookie(dcgi_client, &dcgi_cookie)) { |
| 481 | login_error("cookiefailed"); |
| 482 | return; |
| 483 | } |
| 484 | /* Junk cached data */ |
| 485 | dcgi_lookup_reset(); |
| 486 | /* Report success */ |
| 487 | dcgi_status_string = "confirmed"; |
| 488 | dcgi_expand("login", 1); |
| 489 | } |
| 490 | |
| 491 | /*$ edituser |
| 492 | * |
| 493 | * Edit user details using \fBusername\fR, \fBchangepassword1\fR, |
| 494 | * \fBchangepassword2\fR and \fBemail\fR and expands \fIlogin.tmpl\fR with |
| 495 | * \fBstatus\fR or \fB@error\fR set according to the result. |
| 496 | */ |
| 497 | static void act_edituser(void) { |
| 498 | const char *email = cgi_get("email"), *password = cgi_get("changepassword1"); |
| 499 | const char *password2 = cgi_get("changepassword2"); |
| 500 | int newpassword = 0; |
| 501 | |
| 502 | /* If we're not connected then this is a hopeless exercise */ |
| 503 | if(!dcgi_client) { |
| 504 | login_error("connect"); |
| 505 | return; |
| 506 | } |
| 507 | |
| 508 | /* Verify input */ |
| 509 | |
| 510 | /* If either password or password2 is set we insist they match. If they |
| 511 | * don't we report an error. */ |
| 512 | if((password && *password) || (password2 && *password2)) { |
| 513 | if(!password || !password2 || strcmp(password, password2)) { |
| 514 | login_error("passwordmismatch"); |
| 515 | return; |
| 516 | } |
| 517 | } else |
| 518 | password = password2 = 0; |
| 519 | if(email && !email_valid(email)) { |
| 520 | login_error("bademail"); |
| 521 | return; |
| 522 | } |
| 523 | |
| 524 | /* Commit changes */ |
| 525 | if(email) { |
| 526 | if(disorder_edituser(dcgi_client, disorder_user(dcgi_client), |
| 527 | "email", email)) { |
| 528 | login_error("badedit"); |
| 529 | return; |
| 530 | } |
| 531 | } |
| 532 | if(password) { |
| 533 | if(disorder_edituser(dcgi_client, disorder_user(dcgi_client), |
| 534 | "password", password)) { |
| 535 | login_error("badedit"); |
| 536 | return; |
| 537 | } |
| 538 | newpassword = 1; |
| 539 | } |
| 540 | |
| 541 | if(newpassword) { |
| 542 | /* If we changed the password, the cookie is now invalid, so we must log |
| 543 | * back in. */ |
| 544 | if(login_as(disorder_user(dcgi_client), password)) |
| 545 | return; |
| 546 | } |
| 547 | /* Report success */ |
| 548 | dcgi_status_string = "edited"; |
| 549 | dcgi_expand("login", 1); |
| 550 | } |
| 551 | |
| 552 | /*$ reminder |
| 553 | * |
| 554 | * Issue an email password reminder to \fBusername\fR and expands |
| 555 | * \fIlogin.tmpl\fR with \fBstatus\fR or \fB@error\fR set according to the |
| 556 | * result. |
| 557 | */ |
| 558 | static void act_reminder(void) { |
| 559 | const char *const username = cgi_get("username"); |
| 560 | |
| 561 | /* If we're not connected then this is a hopeless exercise */ |
| 562 | if(!dcgi_client) { |
| 563 | login_error("connect"); |
| 564 | return; |
| 565 | } |
| 566 | |
| 567 | if(!username || !*username) { |
| 568 | login_error("nousername"); |
| 569 | return; |
| 570 | } |
| 571 | if(disorder_reminder(dcgi_client, username)) { |
| 572 | login_error("reminderfailed"); |
| 573 | return; |
| 574 | } |
| 575 | /* Report success */ |
| 576 | dcgi_status_string = "reminded"; |
| 577 | dcgi_expand("login", 1); |
| 578 | } |
| 579 | |
| 580 | /** @brief Get the numbered version of an argument |
| 581 | * @param argname Base argument name |
| 582 | * @param numfile File number |
| 583 | * @return cgi_get(NUMFILE_ARGNAME) |
| 584 | */ |
| 585 | static const char *numbered_arg(const char *argname, int numfile) { |
| 586 | char *fullname; |
| 587 | |
| 588 | byte_xasprintf(&fullname, "%d_%s", numfile, argname); |
| 589 | return cgi_get(fullname); |
| 590 | } |
| 591 | |
| 592 | /** @brief Set preferences for file @p numfile |
| 593 | * @return 0 on success, -1 if there is no such track number |
| 594 | * |
| 595 | * The old @b nfiles parameter has been abolished, we just keep look for more |
| 596 | * files until we run out. |
| 597 | */ |
| 598 | static int process_prefs(int numfile) { |
| 599 | const char *file, *name, *value, *part, *parts, *context; |
| 600 | char **partslist; |
| 601 | |
| 602 | if(!(file = numbered_arg("track", numfile))) |
| 603 | return -1; |
| 604 | if(!(parts = cgi_get("parts"))) |
| 605 | parts = "artist album title"; |
| 606 | if(!(context = cgi_get("context"))) |
| 607 | context = "display"; |
| 608 | partslist = split(parts, 0, 0, 0, 0); |
| 609 | while((part = *partslist++)) { |
| 610 | if(!(value = numbered_arg(part, numfile))) |
| 611 | continue; |
| 612 | byte_xasprintf((char **)&name, "trackname_%s_%s", context, part); |
| 613 | disorder_set(dcgi_client, file, name, value); |
| 614 | } |
| 615 | if((value = numbered_arg("random", numfile))) |
| 616 | disorder_unset(dcgi_client, file, "pick_at_random"); |
| 617 | else |
| 618 | disorder_set(dcgi_client, file, "pick_at_random", "0"); |
| 619 | if((value = numbered_arg("tags", numfile))) { |
| 620 | if(!*value) |
| 621 | disorder_unset(dcgi_client, file, "tags"); |
| 622 | else |
| 623 | disorder_set(dcgi_client, file, "tags", value); |
| 624 | } |
| 625 | if((value = numbered_arg("weight", numfile))) { |
| 626 | if(!*value) |
| 627 | disorder_unset(dcgi_client, file, "weight"); |
| 628 | else |
| 629 | disorder_set(dcgi_client, file, "weight", value); |
| 630 | } |
| 631 | return 0; |
| 632 | } |
| 633 | |
| 634 | /*$ prefs |
| 635 | * |
| 636 | * Set preferences on a number of tracks. |
| 637 | * |
| 638 | * The tracks to modify are specified in arguments \fB0_track\fR, \fB1_track\fR |
| 639 | * etc. The number sequence must be contiguous and start from 0. |
| 640 | * |
| 641 | * For each track \fIINDEX\fB_track\fR: |
| 642 | * - \fIINDEX\fB_\fIPART\fR is used to set the trackname preference for |
| 643 | * that part. (See \fBparts\fR below.) |
| 644 | * - \fIINDEX\fB_\fIrandom\fR if present enables random play for this track |
| 645 | * or disables it if absent. |
| 646 | * - \fIINDEX\fB_\fItags\fR sets the list of tags for this track. |
| 647 | * - \fIINDEX\fB_\fIweight\fR sets the weight for this track. |
| 648 | * |
| 649 | * \fBparts\fR can be set to the track name parts to modify. The default is |
| 650 | * "artist album title". |
| 651 | * |
| 652 | * \fBcontext\fR can be set to the context to modify. The default is |
| 653 | * "display". |
| 654 | * |
| 655 | * If the server detects a preference being set to its default, it removes the |
| 656 | * preference, thus keeping the database tidy. |
| 657 | */ |
| 658 | static void act_set(void) { |
| 659 | int numfile; |
| 660 | |
| 661 | if(dcgi_client) { |
| 662 | for(numfile = 0; !process_prefs(numfile); ++numfile) |
| 663 | ; |
| 664 | } |
| 665 | redirect(0); |
| 666 | } |
| 667 | |
| 668 | /** @brief Table of actions */ |
| 669 | static const struct action { |
| 670 | /** @brief Action name */ |
| 671 | const char *name; |
| 672 | /** @brief Action handler */ |
| 673 | void (*handler)(void); |
| 674 | /** @brief Union of suitable rights */ |
| 675 | rights_type rights; |
| 676 | } actions[] = { |
| 677 | { "confirm", act_confirm, 0 }, |
| 678 | { "disable", act_disable, RIGHT_GLOBAL_PREFS }, |
| 679 | { "edituser", act_edituser, 0 }, |
| 680 | { "enable", act_enable, RIGHT_GLOBAL_PREFS }, |
| 681 | { "login", act_login, 0 }, |
| 682 | { "logout", act_logout, 0 }, |
| 683 | { "manage", act_playing, 0 }, |
| 684 | { "move", act_move, RIGHT_MOVE__MASK }, |
| 685 | { "pause", act_pause, RIGHT_PAUSE }, |
| 686 | { "play", act_play, RIGHT_PLAY }, |
| 687 | { "playing", act_playing, 0 }, |
| 688 | { "randomdisable", act_random_disable, RIGHT_GLOBAL_PREFS }, |
| 689 | { "randomenable", act_random_enable, RIGHT_GLOBAL_PREFS }, |
| 690 | { "register", act_register, 0 }, |
| 691 | { "reminder", act_reminder, 0 }, |
| 692 | { "remove", act_remove, RIGHT_MOVE__MASK|RIGHT_SCRATCH__MASK }, |
| 693 | { "resume", act_resume, RIGHT_PAUSE }, |
| 694 | { "set", act_set, RIGHT_PREFS }, |
| 695 | { "volume", act_volume, RIGHT_VOLUME }, |
| 696 | }; |
| 697 | |
| 698 | /** @brief Check that an action name is valid |
| 699 | * @param name Action |
| 700 | * @return 1 if valid, 0 if not |
| 701 | */ |
| 702 | static int dcgi_valid_action(const char *name) { |
| 703 | int c; |
| 704 | |
| 705 | /* First character must be letter or digit (this also requires there to _be_ |
| 706 | * a first character) */ |
| 707 | if(!isalnum((unsigned char)*name)) |
| 708 | return 0; |
| 709 | /* Only letters, digits, '.' and '-' allowed */ |
| 710 | while((c = (unsigned char)*name++)) { |
| 711 | if(!(isalnum(c) |
| 712 | || c == '.' |
| 713 | || c == '_')) |
| 714 | return 0; |
| 715 | } |
| 716 | return 1; |
| 717 | } |
| 718 | |
| 719 | /** @brief Expand a template |
| 720 | * @param name Base name of template, or NULL to consult CGI args |
| 721 | * @param header True to write header |
| 722 | */ |
| 723 | void dcgi_expand(const char *name, int header) { |
| 724 | const char *p, *found; |
| 725 | |
| 726 | /* Parse macros first */ |
| 727 | if((found = mx_find("macros.tmpl", 1/*report*/))) |
| 728 | mx_expand_file(found, sink_discard(), 0); |
| 729 | if((found = mx_find("user.tmpl", 0/*report*/))) |
| 730 | mx_expand_file(found, sink_discard(), 0); |
| 731 | /* For unknown actions check that they aren't evil */ |
| 732 | if(!dcgi_valid_action(name)) |
| 733 | disorder_fatal(0, "invalid action name '%s'", name); |
| 734 | byte_xasprintf((char **)&p, "%s.tmpl", name); |
| 735 | if(!(found = mx_find(p, 0/*report*/))) |
| 736 | disorder_fatal(errno, "cannot find %s", p); |
| 737 | if(header) { |
| 738 | if(printf("Content-Type: text/html; charset=UTF-8\n" |
| 739 | "%s\n" |
| 740 | "\n", dcgi_cookie_header()) < 0) |
| 741 | disorder_fatal(errno, "error writing to stdout"); |
| 742 | } |
| 743 | if(mx_expand_file(found, sink_stdio("stdout", stdout), 0) == -1 |
| 744 | || fflush(stdout) < 0) |
| 745 | disorder_fatal(errno, "error writing to stdout"); |
| 746 | } |
| 747 | |
| 748 | /** @brief Execute a web action |
| 749 | * @param action Action to perform, or NULL to consult CGI args |
| 750 | * |
| 751 | * If no recognized action is specified then 'playing' is assumed. |
| 752 | */ |
| 753 | void dcgi_action(const char *action) { |
| 754 | int n; |
| 755 | |
| 756 | /* Consult CGI args if caller had no view */ |
| 757 | if(!action) |
| 758 | action = cgi_get("action"); |
| 759 | /* Pick a default if nobody cares at all */ |
| 760 | if(!action) { |
| 761 | /* We allow URLs which are just c=... in order to keep confirmation URLs, |
| 762 | * which are user-facing, as short as possible. Actually we could lose the |
| 763 | * c= for this... */ |
| 764 | if(cgi_get("c")) |
| 765 | action = "confirm"; |
| 766 | else |
| 767 | action = "playing"; |
| 768 | /* Make sure 'action' is always set */ |
| 769 | cgi_set("action", action); |
| 770 | } |
| 771 | if((n = TABLE_FIND(actions, name, action)) >= 0) { |
| 772 | if(actions[n].rights) { |
| 773 | /* Some right or other is required */ |
| 774 | dcgi_lookup(DCGI_RIGHTS); |
| 775 | if(!(actions[n].rights & dcgi_rights)) { |
| 776 | const char *back = cgi_thisurl(config->url); |
| 777 | /* Failed operations jump you to the login screen with an error |
| 778 | * message. On success, the user comes back to the page they were |
| 779 | * after. */ |
| 780 | cgi_clear(); |
| 781 | cgi_set("back", back); |
| 782 | login_error("noright"); |
| 783 | return; |
| 784 | } |
| 785 | } |
| 786 | /* It's a known action */ |
| 787 | actions[n].handler(); |
| 788 | } else { |
| 789 | /* Just expand the template */ |
| 790 | dcgi_expand(action, 1/*header*/); |
| 791 | } |
| 792 | } |
| 793 | |
| 794 | /** @brief Generate an error page */ |
| 795 | void dcgi_error(const char *key) { |
| 796 | dcgi_error_string = xstrdup(key); |
| 797 | dcgi_expand("error", 1); |
| 798 | } |
| 799 | |
| 800 | /* |
| 801 | Local Variables: |
| 802 | c-basic-offset:2 |
| 803 | comment-column:40 |
| 804 | fill-column:79 |
| 805 | indent-tabs-mode:nil |
| 806 | End: |
| 807 | */ |