cgi_body(output->sink);
expand(output, "prefs", ds);
}
-
-static void act_login(cgi_sink *output,
- dcgi_state *ds) {
- const char *username, *password, *back;
- disorder_client *c;
-
- username = cgi_get("username");
- password = cgi_get("password");
- if(!username || !password
- || !strcmp(username, "guest")/*bodge to avoid guest cookies*/) {
- /* We're just visiting the login page */
- expand_template(ds, output, "login");
- return;
- }
- /* We'll need a new connection as we are going to stop being guest */
- c = disorder_new(0);
- if(disorder_connect_user(c, username, password)) {
- cgi_set_option("error", "loginfailed");
- expand_template(ds, output, "login");
- return;
- }
- if(disorder_make_cookie(c, &login_cookie)) {
- cgi_set_option("error", "cookiefailed");
- expand_template(ds, output, "login");
- return;
- }
- /* Use the new connection henceforth */
- ds->g->client = c;
- ds->g->flags = 0;
- /* We have a new cookie */
- header_cookie(output->sink);
- cgi_set_option("status", "loginok");
- if((back = cgi_get("back")) && *back)
- /* Redirect back to somewhere or other */
- redirect(output->sink);
- else
- /* Stick to the login page */
- expand_template(ds, output, "login");
-}
-
-static void act_logout(cgi_sink *output,
- dcgi_state *ds) {
- disorder_revoke(ds->g->client);
- login_cookie = 0;
- /* Reconnect as guest */
- disorder_cgi_login(ds, output);
- /* Back to the login page */
- cgi_set_option("status", "logoutok");
- expand_template(ds, output, "login");
-}
-
-static void act_register(cgi_sink *output,
- dcgi_state *ds) {
- const char *username, *password, *password2, *email;
- char *confirm, *content_type;
- const char *text, *encoding, *charset;
-
- username = cgi_get("username");
- password = cgi_get("password1");
- password2 = cgi_get("password2");
- email = cgi_get("email");
-
- if(!username || !*username) {
- cgi_set_option("error", "nousername");
- expand_template(ds, output, "login");
- return;
- }
- if(!password || !*password) {
- cgi_set_option("error", "nopassword");
- expand_template(ds, output, "login");
- return;
- }
- if(!password2 || !*password2 || strcmp(password, password2)) {
- cgi_set_option("error", "passwordmismatch");
- expand_template(ds, output, "login");
- return;
- }
- if(!email || !*email) {
- cgi_set_option("error", "noemail");
- expand_template(ds, output, "login");
- return;
- }
- /* We could well do better address validation but for now we'll just do the
- * minimum */
- if(!strchr(email, '@')) {
- cgi_set_option("error", "bademail");
- expand_template(ds, output, "login");
- return;
- }
- if(disorder_register(ds->g->client, username, password, email, &confirm)) {
- cgi_set_option("error", "cannotregister");
- expand_template(ds, output, "login");
- return;
- }
- /* Send the user a mail */
- /* TODO templatize this */
- byte_xasprintf((char **)&text,
- "Welcome to DisOrder. To active your login, please visit this URL:\n"
- "\n"
- "%s?c=%s\n", config->url, urlencodestring(confirm));
- if(!(text = mime_encode_text(text, &charset, &encoding)))
- fatal(0, "cannot encode email");
- byte_xasprintf(&content_type, "text/plain;charset=%s",
- quote822(charset, 0));
- sendmail("", config->mail_sender, email, "Welcome to DisOrder",
- encoding, content_type, text); /* TODO error checking */
- /* We'll go back to the login page with a suitable message */
- cgi_set_option("status", "registered");
- expand_template(ds, output, "login");
-}
-
-static void act_confirm(cgi_sink *output,
- dcgi_state *ds) {
- const char *confirmation;
-
- if(!(confirmation = cgi_get("c"))) {
- cgi_set_option("error", "noconfirm");
- expand_template(ds, output, "login");
- }
- /* Confirm our registration */
- if(disorder_confirm(ds->g->client, confirmation)) {
- cgi_set_option("error", "badconfirm");
- expand_template(ds, output, "login");
- }
- /* Get a cookie */
- if(disorder_make_cookie(ds->g->client, &login_cookie)) {
- cgi_set_option("error", "cookiefailed");
- expand_template(ds, output, "login");
- return;
- }
- /* Discard any cached data JIC */
- ds->g->flags = 0;
- /* We have a new cookie */
- header_cookie(output->sink);
- cgi_set_option("status", "confirmed");
- expand_template(ds, output, "login");
-}
-
-static void act_edituser(cgi_sink *output,
- dcgi_state *ds) {
- const char *email = cgi_get("email"), *password = cgi_get("changepassword1");
- const char *password2 = cgi_get("changepassword2");
- int newpassword = 0;
- disorder_client *c;
-
- if((password && *password) || (password && *password2)) {
- if(!password || !password2 || strcmp(password, password2)) {
- cgi_set_option("error", "passwordmismatch");
- expand_template(ds, output, "login");
- return;
- }
- } else
- password = password2 = 0;
-
- if(email) {
- if(disorder_edituser(ds->g->client, disorder_user(ds->g->client),
- "email", email)) {
- cgi_set_option("error", "badedit");
- expand_template(ds, output, "login");
- return;
- }
- }
- if(password) {
- if(disorder_edituser(ds->g->client, disorder_user(ds->g->client),
- "password", password)) {
- cgi_set_option("error", "badedit");
- expand_template(ds, output, "login");
- return;
- }
- newpassword = 1;
- }
- if(newpassword) {
- login_cookie = 0; /* it'll be invalid now */
- /* This is a bit duplicative of act_login() */
- c = disorder_new(0);
- if(disorder_connect_user(c, disorder_user(ds->g->client), password)) {
- cgi_set_option("error", "loginfailed");
- expand_template(ds, output, "login");
- return;
- }
- if(disorder_make_cookie(c, &login_cookie)) {
- cgi_set_option("error", "cookiefailed");
- expand_template(ds, output, "login");
- return;
- }
- /* Use the new connection henceforth */
- ds->g->client = c;
- ds->g->flags = 0;
- /* We have a new cookie */
- header_cookie(output->sink);
- }
- cgi_set_option("status", "edited");
- expand_template(ds, output, "login");
-}
-
-static void act_reminder(cgi_sink *output,
- dcgi_state *ds) {
- const char *const username = cgi_get("username");
-
- if(!username || !*username) {
- cgi_set_option("error", "nousername");
- expand_template(ds, output, "login");
- return;
- }
- if(disorder_reminder(ds->g->client, username)) {
- cgi_set_option("error", "reminderfailed");
- expand_template(ds, output, "login");
- return;
- }
- cgi_set_option("status", "reminded");
- expand_template(ds, output, "login");
-}
-
/* expansions *****************************************************************/
static void exp_label(int attribute((unused)) nargs,
~mdw / disorder / blobdiff