| 1 | /* |
| 2 | * This file is part of DisOrder. |
| 3 | * Copyright (C) 2004-2008 Richard Kettlewell |
| 4 | * |
| 5 | * This program is free software: you can redistribute it and/or modify |
| 6 | * it under the terms of the GNU General Public License as published by |
| 7 | * the Free Software Foundation, either version 3 of the License, or |
| 8 | * (at your option) any later version. |
| 9 | * |
| 10 | * This program is distributed in the hope that it will be useful, |
| 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 13 | * GNU General Public License for more details. |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License |
| 16 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 17 | */ |
| 18 | /** @file cgi/actions.c |
| 19 | * @brief DisOrder web actions |
| 20 | * |
| 21 | * Actions are anything that the web interface does beyond passive template |
| 22 | * expansion and inspection of state recieved from the server. This means |
| 23 | * playing tracks, editing prefs etc but also setting extra headers e.g. to |
| 24 | * auto-refresh the playing list. |
| 25 | * |
| 26 | * See @ref lib/macros-builtin.c for docstring syntax. |
| 27 | */ |
| 28 | |
| 29 | #include "disorder-cgi.h" |
| 30 | |
| 31 | /** @brief Redirect to some other action or URL */ |
| 32 | static void redirect(const char *url) { |
| 33 | /* By default use the 'back' argument */ |
| 34 | if(!url) |
| 35 | url = cgi_get("back"); |
| 36 | if(url && *url) { |
| 37 | if(strncmp(url, "http", 4)) |
| 38 | /* If the target is not a full URL assume it's the action */ |
| 39 | url = cgi_makeurl(config->url, "action", url, (char *)0); |
| 40 | } else { |
| 41 | /* If back= is not set just go back to the front page */ |
| 42 | url = config->url; |
| 43 | } |
| 44 | if(printf("Location: %s\n" |
| 45 | "%s\n" |
| 46 | "\n", url, dcgi_cookie_header()) < 0) |
| 47 | disorder_fatal(errno, "error writing to stdout"); |
| 48 | } |
| 49 | |
| 50 | /*$ playing |
| 51 | * |
| 52 | * Expands \fIplaying.tmpl\fR as if there was no special 'playing' action, but |
| 53 | * adds a Refresh: field to the HTTP header. The maximum refresh interval is |
| 54 | * defined by \fBrefresh\fR (see \fBdisorder_config\fR(5)) but may be less if |
| 55 | * the end of the track is near. |
| 56 | */ |
| 57 | /*$ manage |
| 58 | * |
| 59 | * Expands \fIplaying.tmpl\fR (NB not \fImanage.tmpl\fR) as if there was no |
| 60 | * special 'playing' action, and adds a Refresh: field to the HTTP header. The |
| 61 | * maximum refresh interval is defined by \Bfrefresh\fR (see |
| 62 | * \fBdisorder_config\fR(5)) but may be less if the end of the track is near. |
| 63 | */ |
| 64 | static void act_playing(void) { |
| 65 | long refresh = config->refresh; |
| 66 | long length; |
| 67 | time_t now, fin; |
| 68 | char *url; |
| 69 | const char *action; |
| 70 | |
| 71 | dcgi_lookup(DCGI_PLAYING|DCGI_QUEUE|DCGI_ENABLED|DCGI_RANDOM_ENABLED); |
| 72 | if(dcgi_playing |
| 73 | && dcgi_playing->state == playing_started /* i.e. not paused */ |
| 74 | && !disorder_length(dcgi_client, dcgi_playing->track, &length) |
| 75 | && length |
| 76 | && dcgi_playing->sofar >= 0) { |
| 77 | /* Try to put the next refresh at the start of the next track. */ |
| 78 | xtime(&now); |
| 79 | fin = now + length - dcgi_playing->sofar; |
| 80 | if(now + refresh > fin) |
| 81 | refresh = fin - now; |
| 82 | } |
| 83 | if(dcgi_queue && dcgi_queue->origin == origin_scratch) { |
| 84 | /* next track is a scratch, refresh immediately */ |
| 85 | refresh = 0; |
| 86 | } |
| 87 | if(!dcgi_playing |
| 88 | && ((dcgi_queue |
| 89 | && dcgi_queue->origin != origin_random) |
| 90 | || dcgi_random_enabled) |
| 91 | && dcgi_enabled) { |
| 92 | /* no track playing but playing is enabled and there is something coming |
| 93 | * up, so refresh immediately */ |
| 94 | refresh = 0; |
| 95 | } |
| 96 | /* Bound the refresh interval below as a back-stop against the above |
| 97 | * calculations coming up with a stupid answer */ |
| 98 | if(refresh < config->refresh_min) |
| 99 | refresh = config->refresh_min; |
| 100 | if((action = cgi_get("action"))) |
| 101 | url = cgi_makeurl(config->url, "action", action, (char *)0); |
| 102 | else |
| 103 | url = config->url; |
| 104 | if(printf("Refresh: %ld;url=%s\n", |
| 105 | refresh, url) < 0) |
| 106 | disorder_fatal(errno, "error writing to stdout"); |
| 107 | dcgi_expand("playing", 1); |
| 108 | } |
| 109 | |
| 110 | /*$ disable |
| 111 | * |
| 112 | * Disables play. |
| 113 | */ |
| 114 | static void act_disable(void) { |
| 115 | if(dcgi_client) |
| 116 | disorder_disable(dcgi_client); |
| 117 | redirect(0); |
| 118 | } |
| 119 | |
| 120 | /*$ enable |
| 121 | * |
| 122 | * Enables play. |
| 123 | */ |
| 124 | static void act_enable(void) { |
| 125 | if(dcgi_client) |
| 126 | disorder_enable(dcgi_client); |
| 127 | redirect(0); |
| 128 | } |
| 129 | |
| 130 | /*$ random-disable |
| 131 | * |
| 132 | * Disables random play. |
| 133 | */ |
| 134 | static void act_random_disable(void) { |
| 135 | if(dcgi_client) |
| 136 | disorder_random_disable(dcgi_client); |
| 137 | redirect(0); |
| 138 | } |
| 139 | |
| 140 | /*$ random-enable |
| 141 | * |
| 142 | * Enables random play. |
| 143 | */ |
| 144 | static void act_random_enable(void) { |
| 145 | if(dcgi_client) |
| 146 | disorder_random_enable(dcgi_client); |
| 147 | redirect(0); |
| 148 | } |
| 149 | |
| 150 | /*$ pause |
| 151 | * |
| 152 | * Pauses the current track (if there is one and it's not paused already). |
| 153 | */ |
| 154 | static void act_pause(void) { |
| 155 | if(dcgi_client) |
| 156 | disorder_pause(dcgi_client); |
| 157 | redirect(0); |
| 158 | } |
| 159 | |
| 160 | /*$ resume |
| 161 | * |
| 162 | * Resumes the current track (if there is one and it's paused). |
| 163 | */ |
| 164 | static void act_resume(void) { |
| 165 | if(dcgi_client) |
| 166 | disorder_resume(dcgi_client); |
| 167 | redirect(0); |
| 168 | } |
| 169 | |
| 170 | /*$ remove |
| 171 | * |
| 172 | * Removes the track given by the \fBid\fR argument. If this is the currently |
| 173 | * playing track then it is scratched. |
| 174 | */ |
| 175 | static void act_remove(void) { |
| 176 | const char *id; |
| 177 | struct queue_entry *q; |
| 178 | |
| 179 | if(dcgi_client) { |
| 180 | if(!(id = cgi_get("id"))) |
| 181 | disorder_error(0, "missing 'id' argument"); |
| 182 | else if(!(q = dcgi_findtrack(id))) |
| 183 | disorder_error(0, "unknown queue id %s", id); |
| 184 | else if(q->origin == origin_scratch) |
| 185 | /* can't scratch scratches */ |
| 186 | disorder_error(0, "does not make sense to scratch or remove %s", id); |
| 187 | else if(q->state == playing_paused |
| 188 | || q->state == playing_started) |
| 189 | /* removing the playing track = scratching */ |
| 190 | disorder_scratch(dcgi_client, id); |
| 191 | else if(q->state == playing_unplayed) |
| 192 | /* otherwise it must be in the queue */ |
| 193 | disorder_remove(dcgi_client, id); |
| 194 | else |
| 195 | /* various error states */ |
| 196 | disorder_error(0, "does not make sense to scratch or remove %s", id); |
| 197 | } |
| 198 | redirect(0); |
| 199 | } |
| 200 | |
| 201 | /*$ move |
| 202 | * |
| 203 | * Moves the track given by the \fBid\fR argument the distance given by the |
| 204 | * \fBdelta\fR argument. If this is positive the track is moved earlier in the |
| 205 | * queue and if negative, later. |
| 206 | */ |
| 207 | static void act_move(void) { |
| 208 | const char *id, *delta; |
| 209 | struct queue_entry *q; |
| 210 | |
| 211 | if(dcgi_client) { |
| 212 | if(!(id = cgi_get("id"))) |
| 213 | disorder_error(0, "missing 'id' argument"); |
| 214 | else if(!(delta = cgi_get("delta"))) |
| 215 | disorder_error(0, "missing 'delta' argument"); |
| 216 | else if(!(q = dcgi_findtrack(id))) |
| 217 | disorder_error(0, "unknown queue id %s", id); |
| 218 | else switch(q->state) { |
| 219 | case playing_random: /* unplayed randomly chosen track */ |
| 220 | case playing_unplayed: /* haven't played this track yet */ |
| 221 | disorder_move(dcgi_client, id, atol(delta)); |
| 222 | break; |
| 223 | default: |
| 224 | disorder_error(0, "does not make sense to scratch %s", id); |
| 225 | break; |
| 226 | } |
| 227 | } |
| 228 | redirect(0); |
| 229 | } |
| 230 | |
| 231 | /*$ play |
| 232 | * |
| 233 | * Play the track given by the \fBtrack\fR argument, or if that is not set all |
| 234 | * the tracks in the directory given by the \fBdir\fR argument. |
| 235 | */ |
| 236 | static void act_play(void) { |
| 237 | const char *track, *dir; |
| 238 | char **tracks; |
| 239 | int ntracks, n; |
| 240 | struct tracksort_data *tsd; |
| 241 | char *id; |
| 242 | |
| 243 | if(dcgi_client) { |
| 244 | if((track = cgi_get("track"))) { |
| 245 | disorder_play(dcgi_client, track, &id); |
| 246 | } else if((dir = cgi_get("dir"))) { |
| 247 | if(disorder_files(dcgi_client, dir, 0, &tracks, &ntracks)) |
| 248 | ntracks = 0; |
| 249 | tsd = tracksort_init(ntracks, tracks, "track"); |
| 250 | for(n = 0; n < ntracks; ++n) |
| 251 | disorder_play(dcgi_client, tsd[n].track, &id); |
| 252 | } |
| 253 | } |
| 254 | redirect(0); |
| 255 | } |
| 256 | |
| 257 | static int clamp(int n, int min, int max) { |
| 258 | if(n < min) |
| 259 | return min; |
| 260 | if(n > max) |
| 261 | return max; |
| 262 | return n; |
| 263 | } |
| 264 | |
| 265 | /*$ volume |
| 266 | * |
| 267 | * If the \fBdelta\fR argument is set: adjust both channels by that amount (up |
| 268 | * if positive, down if negative). |
| 269 | * |
| 270 | * Otherwise if \fBleft\fR and \fBright\fR are set, set the channels |
| 271 | * independently to those values. |
| 272 | */ |
| 273 | static void act_volume(void) { |
| 274 | const char *l, *r, *d; |
| 275 | int nd; |
| 276 | |
| 277 | if(dcgi_client) { |
| 278 | if((d = cgi_get("delta"))) { |
| 279 | dcgi_lookup(DCGI_VOLUME); |
| 280 | nd = clamp(atoi(d), -255, 255); |
| 281 | disorder_set_volume(dcgi_client, |
| 282 | clamp(dcgi_volume_left + nd, 0, 255), |
| 283 | clamp(dcgi_volume_right + nd, 0, 255)); |
| 284 | } else if((l = cgi_get("left")) && (r = cgi_get("right"))) |
| 285 | disorder_set_volume(dcgi_client, atoi(l), atoi(r)); |
| 286 | } |
| 287 | redirect(0); |
| 288 | } |
| 289 | |
| 290 | /** @brief Expand the login template with @b @@error set to @p error |
| 291 | * @param e Error keyword |
| 292 | */ |
| 293 | static void login_error(const char *e) { |
| 294 | dcgi_error_string = e; |
| 295 | dcgi_expand("login", 1); |
| 296 | } |
| 297 | |
| 298 | /** @brief Log in |
| 299 | * @param username Login name |
| 300 | * @param password Password |
| 301 | * @return 0 on success, non-0 on error |
| 302 | * |
| 303 | * On error, calls login_error() to expand the login template. |
| 304 | */ |
| 305 | static int login_as(const char *username, const char *password) { |
| 306 | disorder_client *c; |
| 307 | |
| 308 | if(dcgi_cookie && dcgi_client) |
| 309 | disorder_revoke(dcgi_client); |
| 310 | /* We'll need a new connection as we are going to stop being guest. |
| 311 | * Make sure it's unprivileged, so that the server actually bothers checking |
| 312 | * the password we supply. |
| 313 | */ |
| 314 | c = disorder_new(0); |
| 315 | disorder_force_unpriv(c); |
| 316 | if(disorder_connect_user(c, username, password)) { |
| 317 | login_error("loginfailed"); |
| 318 | return -1; |
| 319 | } |
| 320 | /* Generate a cookie so we can log in again later */ |
| 321 | if(disorder_make_cookie(c, &dcgi_cookie)) { |
| 322 | login_error("cookiefailed"); |
| 323 | return -1; |
| 324 | } |
| 325 | /* Use the new connection henceforth */ |
| 326 | dcgi_client = c; |
| 327 | dcgi_lookup_reset(); |
| 328 | return 0; /* OK */ |
| 329 | } |
| 330 | |
| 331 | /*$ login |
| 332 | * |
| 333 | * If \fBusername\fR and \fBpassword\fR are set (and the username isn't |
| 334 | * "guest") then attempt to log in using those credentials. On success, |
| 335 | * redirects to the \fBback\fR argument if that is set, or just expands |
| 336 | * \fIlogin.tmpl\fI otherwise, with \fB@status\fR set to \fBloginok\fR. |
| 337 | * |
| 338 | * If they aren't set then just expands \fIlogin.tmpl\fI. |
| 339 | */ |
| 340 | static void act_login(void) { |
| 341 | const char *username, *password; |
| 342 | |
| 343 | /* We try all this even if not connected since the subsequent connection may |
| 344 | * succeed. */ |
| 345 | |
| 346 | username = cgi_get("username"); |
| 347 | password = cgi_get("password"); |
| 348 | if(!username |
| 349 | || !password |
| 350 | || !strcmp(username, "guest")/*bodge to avoid guest cookies*/) { |
| 351 | /* We're just visiting the login page, not performing an action at all. */ |
| 352 | dcgi_expand("login", 1); |
| 353 | return; |
| 354 | } |
| 355 | if(!login_as(username, password)) { |
| 356 | /* Report the succesful login */ |
| 357 | dcgi_status_string = "loginok"; |
| 358 | /* Redirect back to where we came from, if necessary */ |
| 359 | if(cgi_get("back")) |
| 360 | redirect(0); |
| 361 | else |
| 362 | dcgi_expand("login", 1); |
| 363 | } |
| 364 | } |
| 365 | |
| 366 | /*$ logout |
| 367 | * |
| 368 | * Logs out the current user and expands \fIlogin.tmpl\fR with \fBstatus\fR or |
| 369 | * \fB@error\fR set according to the result. |
| 370 | */ |
| 371 | static void act_logout(void) { |
| 372 | if(dcgi_client) { |
| 373 | /* Ask the server to revoke the cookie */ |
| 374 | if(!disorder_revoke(dcgi_client)) |
| 375 | dcgi_status_string = "logoutok"; |
| 376 | else |
| 377 | dcgi_error_string = "revokefailed"; |
| 378 | } else { |
| 379 | /* We can't guarantee a logout if we can't connect to the server to revoke |
| 380 | * the cookie, so we report an error. We'll still ask the browser to |
| 381 | * forget the cookie though. */ |
| 382 | dcgi_error_string = "connect"; |
| 383 | } |
| 384 | /* Attempt to reconnect without the cookie */ |
| 385 | dcgi_cookie = 0; |
| 386 | dcgi_login(); |
| 387 | /* Back to login page, hopefuly forcing the browser to forget the cookie. */ |
| 388 | dcgi_expand("login", 1); |
| 389 | } |
| 390 | |
| 391 | /*$ register |
| 392 | * |
| 393 | * Register a new user using \fBusername\fR, \fBpassword1\fR, \fBpassword2\fR |
| 394 | * and \fBemail\fR and expands \fIlogin.tmpl\fR with \fBstatus\fR or |
| 395 | * \fB@error\fR set according to the result. |
| 396 | */ |
| 397 | static void act_register(void) { |
| 398 | const char *username, *password, *password2, *email; |
| 399 | char *confirm, *content_type; |
| 400 | const char *text, *encoding, *charset; |
| 401 | |
| 402 | /* If we're not connected then this is a hopeless exercise */ |
| 403 | if(!dcgi_client) { |
| 404 | login_error("connect"); |
| 405 | return; |
| 406 | } |
| 407 | |
| 408 | /* Collect arguments */ |
| 409 | username = cgi_get("username"); |
| 410 | password = cgi_get("password1"); |
| 411 | password2 = cgi_get("password2"); |
| 412 | email = cgi_get("email"); |
| 413 | |
| 414 | /* Verify arguments */ |
| 415 | if(!username || !*username) { |
| 416 | login_error("nousername"); |
| 417 | return; |
| 418 | } |
| 419 | if(!password || !*password) { |
| 420 | login_error("nopassword"); |
| 421 | return; |
| 422 | } |
| 423 | if(!password2 || !*password2 || strcmp(password, password2)) { |
| 424 | login_error("passwordmismatch"); |
| 425 | return; |
| 426 | } |
| 427 | if(!email || !*email) { |
| 428 | login_error("noemail"); |
| 429 | return; |
| 430 | } |
| 431 | /* We could well do better address validation but for now we'll just do the |
| 432 | * minimum */ |
| 433 | if(!email_valid(email)) { |
| 434 | login_error("bademail"); |
| 435 | return; |
| 436 | } |
| 437 | if(disorder_register(dcgi_client, username, password, email, &confirm)) { |
| 438 | login_error("cannotregister"); |
| 439 | return; |
| 440 | } |
| 441 | /* Send the user a mail */ |
| 442 | /* TODO templatize this */ |
| 443 | byte_xasprintf((char **)&text, |
| 444 | "Welcome to DisOrder. To active your login, please visit this URL:\n" |
| 445 | "\n" |
| 446 | "%s?c=%s\n", config->url, urlencodestring(confirm)); |
| 447 | if(!(text = mime_encode_text(text, &charset, &encoding))) |
| 448 | disorder_fatal(0, "cannot encode email"); |
| 449 | byte_xasprintf(&content_type, "text/plain;charset=%s", |
| 450 | quote822(charset, 0)); |
| 451 | sendmail("", config->mail_sender, email, "Welcome to DisOrder", |
| 452 | encoding, content_type, text); /* TODO error checking */ |
| 453 | /* We'll go back to the login page with a suitable message */ |
| 454 | dcgi_status_string = "registered"; |
| 455 | dcgi_expand("login", 1); |
| 456 | } |
| 457 | |
| 458 | /*$ confirm |
| 459 | * |
| 460 | * Confirm a user registration using the nonce supplied in \fBc\fR and expands |
| 461 | * \fIlogin.tmpl\fR with \fBstatus\fR or \fB@error\fR set according to the |
| 462 | * result. |
| 463 | */ |
| 464 | static void act_confirm(void) { |
| 465 | const char *confirmation; |
| 466 | |
| 467 | /* If we're not connected then this is a hopeless exercise */ |
| 468 | if(!dcgi_client) { |
| 469 | login_error("connect"); |
| 470 | return; |
| 471 | } |
| 472 | |
| 473 | if(!(confirmation = cgi_get("c"))) { |
| 474 | login_error("noconfirm"); |
| 475 | return; |
| 476 | } |
| 477 | /* Confirm our registration */ |
| 478 | if(disorder_confirm(dcgi_client, confirmation)) { |
| 479 | login_error("badconfirm"); |
| 480 | return; |
| 481 | } |
| 482 | /* Get a cookie */ |
| 483 | if(disorder_make_cookie(dcgi_client, &dcgi_cookie)) { |
| 484 | login_error("cookiefailed"); |
| 485 | return; |
| 486 | } |
| 487 | /* Junk cached data */ |
| 488 | dcgi_lookup_reset(); |
| 489 | /* Report success */ |
| 490 | dcgi_status_string = "confirmed"; |
| 491 | dcgi_expand("login", 1); |
| 492 | } |
| 493 | |
| 494 | /*$ edituser |
| 495 | * |
| 496 | * Edit user details using \fBusername\fR, \fBchangepassword1\fR, |
| 497 | * \fBchangepassword2\fR and \fBemail\fR and expands \fIlogin.tmpl\fR with |
| 498 | * \fBstatus\fR or \fB@error\fR set according to the result. |
| 499 | */ |
| 500 | static void act_edituser(void) { |
| 501 | const char *email = cgi_get("email"), *password = cgi_get("changepassword1"); |
| 502 | const char *password2 = cgi_get("changepassword2"); |
| 503 | int newpassword = 0; |
| 504 | |
| 505 | /* If we're not connected then this is a hopeless exercise */ |
| 506 | if(!dcgi_client) { |
| 507 | login_error("connect"); |
| 508 | return; |
| 509 | } |
| 510 | |
| 511 | /* Verify input */ |
| 512 | |
| 513 | /* If either password or password2 is set we insist they match. If they |
| 514 | * don't we report an error. */ |
| 515 | if((password && *password) || (password2 && *password2)) { |
| 516 | if(!password || !password2 || strcmp(password, password2)) { |
| 517 | login_error("passwordmismatch"); |
| 518 | return; |
| 519 | } |
| 520 | } else |
| 521 | password = password2 = 0; |
| 522 | if(email && !email_valid(email)) { |
| 523 | login_error("bademail"); |
| 524 | return; |
| 525 | } |
| 526 | |
| 527 | /* Commit changes */ |
| 528 | if(email) { |
| 529 | if(disorder_edituser(dcgi_client, disorder_user(dcgi_client), |
| 530 | "email", email)) { |
| 531 | login_error("badedit"); |
| 532 | return; |
| 533 | } |
| 534 | } |
| 535 | if(password) { |
| 536 | if(disorder_edituser(dcgi_client, disorder_user(dcgi_client), |
| 537 | "password", password)) { |
| 538 | login_error("badedit"); |
| 539 | return; |
| 540 | } |
| 541 | newpassword = 1; |
| 542 | } |
| 543 | |
| 544 | if(newpassword) { |
| 545 | /* If we changed the password, the cookie is now invalid, so we must log |
| 546 | * back in. */ |
| 547 | if(login_as(disorder_user(dcgi_client), password)) |
| 548 | return; |
| 549 | } |
| 550 | /* Report success */ |
| 551 | dcgi_status_string = "edited"; |
| 552 | dcgi_expand("login", 1); |
| 553 | } |
| 554 | |
| 555 | /*$ reminder |
| 556 | * |
| 557 | * Issue an email password reminder to \fBusername\fR and expands |
| 558 | * \fIlogin.tmpl\fR with \fBstatus\fR or \fB@error\fR set according to the |
| 559 | * result. |
| 560 | */ |
| 561 | static void act_reminder(void) { |
| 562 | const char *const username = cgi_get("username"); |
| 563 | |
| 564 | /* If we're not connected then this is a hopeless exercise */ |
| 565 | if(!dcgi_client) { |
| 566 | login_error("connect"); |
| 567 | return; |
| 568 | } |
| 569 | |
| 570 | if(!username || !*username) { |
| 571 | login_error("nousername"); |
| 572 | return; |
| 573 | } |
| 574 | if(disorder_reminder(dcgi_client, username)) { |
| 575 | login_error("reminderfailed"); |
| 576 | return; |
| 577 | } |
| 578 | /* Report success */ |
| 579 | dcgi_status_string = "reminded"; |
| 580 | dcgi_expand("login", 1); |
| 581 | } |
| 582 | |
| 583 | /** @brief Get the numbered version of an argument |
| 584 | * @param argname Base argument name |
| 585 | * @param numfile File number |
| 586 | * @return cgi_get(NUMFILE_ARGNAME) |
| 587 | */ |
| 588 | static const char *numbered_arg(const char *argname, int numfile) { |
| 589 | char *fullname; |
| 590 | |
| 591 | byte_xasprintf(&fullname, "%d_%s", numfile, argname); |
| 592 | return cgi_get(fullname); |
| 593 | } |
| 594 | |
| 595 | /** @brief Set preferences for file @p numfile |
| 596 | * @return 0 on success, -1 if there is no such track number |
| 597 | * |
| 598 | * The old @b nfiles parameter has been abolished, we just keep look for more |
| 599 | * files until we run out. |
| 600 | */ |
| 601 | static int process_prefs(int numfile) { |
| 602 | const char *file, *name, *value, *part, *parts, *context; |
| 603 | char **partslist; |
| 604 | |
| 605 | if(!(file = numbered_arg("track", numfile))) |
| 606 | return -1; |
| 607 | if(!(parts = cgi_get("parts"))) |
| 608 | parts = "artist album title"; |
| 609 | if(!(context = cgi_get("context"))) |
| 610 | context = "display"; |
| 611 | partslist = split(parts, 0, 0, 0, 0); |
| 612 | while((part = *partslist++)) { |
| 613 | if(!(value = numbered_arg(part, numfile))) |
| 614 | continue; |
| 615 | byte_xasprintf((char **)&name, "trackname_%s_%s", context, part); |
| 616 | disorder_set(dcgi_client, file, name, value); |
| 617 | } |
| 618 | if(numbered_arg("random", numfile)) |
| 619 | disorder_unset(dcgi_client, file, "pick_at_random"); |
| 620 | else |
| 621 | disorder_set(dcgi_client, file, "pick_at_random", "0"); |
| 622 | if((value = numbered_arg("tags", numfile))) { |
| 623 | if(!*value) |
| 624 | disorder_unset(dcgi_client, file, "tags"); |
| 625 | else |
| 626 | disorder_set(dcgi_client, file, "tags", value); |
| 627 | } |
| 628 | if((value = numbered_arg("weight", numfile))) { |
| 629 | if(!*value) |
| 630 | disorder_unset(dcgi_client, file, "weight"); |
| 631 | else |
| 632 | disorder_set(dcgi_client, file, "weight", value); |
| 633 | } |
| 634 | return 0; |
| 635 | } |
| 636 | |
| 637 | /*$ prefs |
| 638 | * |
| 639 | * Set preferences on a number of tracks. |
| 640 | * |
| 641 | * The tracks to modify are specified in arguments \fB0_track\fR, \fB1_track\fR |
| 642 | * etc. The number sequence must be contiguous and start from 0. |
| 643 | * |
| 644 | * For each track \fIINDEX\fB_track\fR: |
| 645 | * - \fIINDEX\fB_\fIPART\fR is used to set the trackname preference for |
| 646 | * that part. (See \fBparts\fR below.) |
| 647 | * - \fIINDEX\fB_\fIrandom\fR if present enables random play for this track |
| 648 | * or disables it if absent. |
| 649 | * - \fIINDEX\fB_\fItags\fR sets the list of tags for this track. |
| 650 | * - \fIINDEX\fB_\fIweight\fR sets the weight for this track. |
| 651 | * |
| 652 | * \fBparts\fR can be set to the track name parts to modify. The default is |
| 653 | * "artist album title". |
| 654 | * |
| 655 | * \fBcontext\fR can be set to the context to modify. The default is |
| 656 | * "display". |
| 657 | * |
| 658 | * If the server detects a preference being set to its default, it removes the |
| 659 | * preference, thus keeping the database tidy. |
| 660 | */ |
| 661 | static void act_set(void) { |
| 662 | int numfile; |
| 663 | |
| 664 | if(dcgi_client) { |
| 665 | for(numfile = 0; !process_prefs(numfile); ++numfile) |
| 666 | ; |
| 667 | } |
| 668 | redirect(0); |
| 669 | } |
| 670 | |
| 671 | /** @brief Table of actions */ |
| 672 | static const struct action { |
| 673 | /** @brief Action name */ |
| 674 | const char *name; |
| 675 | /** @brief Action handler */ |
| 676 | void (*handler)(void); |
| 677 | /** @brief Union of suitable rights */ |
| 678 | rights_type rights; |
| 679 | } actions[] = { |
| 680 | { "confirm", act_confirm, 0 }, |
| 681 | { "disable", act_disable, RIGHT_GLOBAL_PREFS }, |
| 682 | { "edituser", act_edituser, 0 }, |
| 683 | { "enable", act_enable, RIGHT_GLOBAL_PREFS }, |
| 684 | { "login", act_login, 0 }, |
| 685 | { "logout", act_logout, 0 }, |
| 686 | { "manage", act_playing, 0 }, |
| 687 | { "move", act_move, RIGHT_MOVE__MASK }, |
| 688 | { "pause", act_pause, RIGHT_PAUSE }, |
| 689 | { "play", act_play, RIGHT_PLAY }, |
| 690 | { "playing", act_playing, 0 }, |
| 691 | { "randomdisable", act_random_disable, RIGHT_GLOBAL_PREFS }, |
| 692 | { "randomenable", act_random_enable, RIGHT_GLOBAL_PREFS }, |
| 693 | { "register", act_register, 0 }, |
| 694 | { "reminder", act_reminder, 0 }, |
| 695 | { "remove", act_remove, RIGHT_MOVE__MASK|RIGHT_SCRATCH__MASK }, |
| 696 | { "resume", act_resume, RIGHT_PAUSE }, |
| 697 | { "set", act_set, RIGHT_PREFS }, |
| 698 | { "volume", act_volume, RIGHT_VOLUME }, |
| 699 | }; |
| 700 | |
| 701 | /** @brief Check that an action name is valid |
| 702 | * @param name Action |
| 703 | * @return 1 if valid, 0 if not |
| 704 | */ |
| 705 | static int dcgi_valid_action(const char *name) { |
| 706 | int c; |
| 707 | |
| 708 | /* First character must be letter or digit (this also requires there to _be_ |
| 709 | * a first character) */ |
| 710 | if(!isalnum((unsigned char)*name)) |
| 711 | return 0; |
| 712 | /* Only letters, digits, '.' and '-' allowed */ |
| 713 | while((c = (unsigned char)*name++)) { |
| 714 | if(!(isalnum(c) |
| 715 | || c == '.' |
| 716 | || c == '_')) |
| 717 | return 0; |
| 718 | } |
| 719 | return 1; |
| 720 | } |
| 721 | |
| 722 | /** @brief Expand a template |
| 723 | * @param name Base name of template, or NULL to consult CGI args |
| 724 | * @param header True to write header |
| 725 | */ |
| 726 | void dcgi_expand(const char *name, int header) { |
| 727 | const char *p, *found; |
| 728 | |
| 729 | /* Parse macros first */ |
| 730 | if((found = mx_find("macros.tmpl", 1/*report*/))) |
| 731 | mx_expand_file(found, sink_discard(), 0); |
| 732 | if((found = mx_find("user.tmpl", 0/*report*/))) |
| 733 | mx_expand_file(found, sink_discard(), 0); |
| 734 | /* For unknown actions check that they aren't evil */ |
| 735 | if(!dcgi_valid_action(name)) |
| 736 | disorder_fatal(0, "invalid action name '%s'", name); |
| 737 | byte_xasprintf((char **)&p, "%s.tmpl", name); |
| 738 | if(!(found = mx_find(p, 0/*report*/))) |
| 739 | disorder_fatal(errno, "cannot find %s", p); |
| 740 | if(header) { |
| 741 | if(printf("Content-Type: text/html; charset=UTF-8\n" |
| 742 | "%s\n" |
| 743 | "\n", dcgi_cookie_header()) < 0) |
| 744 | disorder_fatal(errno, "error writing to stdout"); |
| 745 | } |
| 746 | if(mx_expand_file(found, sink_stdio("stdout", stdout), 0) == -1 |
| 747 | || fflush(stdout) < 0) |
| 748 | disorder_fatal(errno, "error writing to stdout"); |
| 749 | } |
| 750 | |
| 751 | /** @brief Execute a web action |
| 752 | * @param action Action to perform, or NULL to consult CGI args |
| 753 | * |
| 754 | * If no recognized action is specified then 'playing' is assumed. |
| 755 | */ |
| 756 | void dcgi_action(const char *action) { |
| 757 | int n; |
| 758 | |
| 759 | /* Consult CGI args if caller had no view */ |
| 760 | if(!action) |
| 761 | action = cgi_get("action"); |
| 762 | /* Pick a default if nobody cares at all */ |
| 763 | if(!action) { |
| 764 | /* We allow URLs which are just c=... in order to keep confirmation URLs, |
| 765 | * which are user-facing, as short as possible. Actually we could lose the |
| 766 | * c= for this... */ |
| 767 | if(cgi_get("c")) |
| 768 | action = "confirm"; |
| 769 | else |
| 770 | action = "playing"; |
| 771 | /* Make sure 'action' is always set */ |
| 772 | cgi_set("action", action); |
| 773 | } |
| 774 | if((n = TABLE_FIND(actions, name, action)) >= 0) { |
| 775 | if(actions[n].rights) { |
| 776 | /* Some right or other is required */ |
| 777 | dcgi_lookup(DCGI_RIGHTS); |
| 778 | if(!(actions[n].rights & dcgi_rights)) { |
| 779 | const char *back = cgi_thisurl(config->url); |
| 780 | /* Failed operations jump you to the login screen with an error |
| 781 | * message. On success, the user comes back to the page they were |
| 782 | * after. */ |
| 783 | cgi_clear(); |
| 784 | cgi_set("back", back); |
| 785 | login_error("noright"); |
| 786 | return; |
| 787 | } |
| 788 | } |
| 789 | /* It's a known action */ |
| 790 | actions[n].handler(); |
| 791 | } else { |
| 792 | /* Just expand the template */ |
| 793 | dcgi_expand(action, 1/*header*/); |
| 794 | } |
| 795 | } |
| 796 | |
| 797 | /** @brief Generate an error page */ |
| 798 | void dcgi_error(const char *key) { |
| 799 | dcgi_error_string = xstrdup(key); |
| 800 | dcgi_expand("error", 1); |
| 801 | } |
| 802 | |
| 803 | /* |
| 804 | Local Variables: |
| 805 | c-basic-offset:2 |
| 806 | comment-column:40 |
| 807 | fill-column:79 |
| 808 | indent-tabs-mode:nil |
| 809 | End: |
| 810 | */ |