/* Author: Ram Samudrala (me@ram.org) * Version: O1.1 * Detail: * November 22, 1996. * * See the URL above for terms of use and general help. * * O1.0 - initial modify script * O1.1 - can handle variable fields elegantly (April 1, 1997) */ #include "cgi_common.h" #include "cgi_defines.h" #include "cgi_error_handlers.h" #include "cgi_display.h" #include "cgi_password.h" #include "login_defines.h" int content_type_displayed = FALSE; void modify_profile(char username[]); void display_profile(char username[]); void delete_from_group_file(char username[]); /******************************************************************/ int main() { if (getenv("REMOTE_USER") == NULL) display_error("You shouldn't be here, go away!"); if (strcmp(getenv("REQUEST_METHOD"), "POST") == 0) modify_profile(getenv("REMOTE_USER")); else display_profile(getenv("REMOTE_USER")); return TRUE; } /******************************************************************/ void modify_profile(char username[]) { char profile_lines[MAX_USERS][MAX_PROFILE_LINE_LENGTH]; char tmp_line[MAX_PROFILE_LINE_LENGTH], password[PASSWORD_LENGTH]; char name[USERNAME_LENGTH]; entry entries[MAX_ENTRIES]; int profile_found = FALSE, field_count = 1, number_of_entries, max_fields, i, j; int email_address_specified = FALSE; FILE *profile_fp; number_of_entries = read_entries(entries); for(i = 0; i < MAX_USERS; i++) profile_lines[i][0] = '\0'; open_file(&profile_fp, PROFILE_FILENAME, "r", "modify_profile"); if (fgets(profile_lines[0], MAX_PROFILE_LINE_LENGTH, profile_fp) == NULL) display_error("modify_profile(): no opening line in profile file!"); if (profile_lines[0][0] != '#') display_error("modify_profile(): first line must be a comment line!"); check_eof(sscanf(profile_lines[0], "# %d", &max_fields), "modify_profile"); password[0] = '\0'; for(i = 1; fgets(profile_lines[i], MAX_PROFILE_LINE_LENGTH, profile_fp); i++) if ((!profile_found) && (profile_lines[i][0] != '#')) { check_max_count(i, MAX_USERS, "modify_profile"); strcpy(tmp_line, profile_lines[i]); strcpy(name, strtok(tmp_line, PROFILE_DELIMITER)); if (strcmp(name, username) == 0) { profile_found = TRUE; sprintf(tmp_line, "%s%s", username, PROFILE_DELIMITER); for(j = 0; j <= number_of_entries; j++) { #ifdef REQUIRE_ALL_FIELDS if (entries[j].val[0] = '\0') display_error("modify_profile(): something's wrong; every field must have a value."); #endif if (strstr(entries[j].val, PROFILE_DELIMITER) != NULL) display_error("modify_profile(): forbidden character (PROFILE_DELIMETER) encountered!"); if (strcmp(entries[j].name, "Password") == 0) strcpy(password, entries[j].val); else { field_count++; strcat(tmp_line, entries[j].val); strcat(tmp_line, PROFILE_DELIMITER); } if (strcmp(entries[j].name, "E-mail") == 0) if (entries[j].val[0] != '\0') email_address_specified = TRUE; } if (strcmp(password, DELETE_PROFILE_COMMAND) == 0) profile_lines[i][0] = '\0'; else { strcat(tmp_line, "\n"); strcpy(profile_lines[i], tmp_line); } } } close_file(&profile_fp, PROFILE_FILENAME, "modify_profile"); if (!profile_found) display_error("modify_profile(): your profile was not found; profile not modified!"); if (field_count != max_fields) { sprintf(tmp_line, "modify_profile(): field_count (%d) and max_fields (%d) do not match!", field_count, max_fields); display_error(tmp_line); } if (!email_address_specified) display_error("modify_profile(): no e-mail address specified; must specify e-mail address!"); if (password[0] != '\0') modify_password(username, password, PASSWORD_FILENAME); open_file(&profile_fp, PROFILE_FILENAME, "w", "modify_profile"); /* You could make this more efficient by quitting on the first * null encountered. */ for(i = 0; i < MAX_USERS; i++) if (profile_lines[i][0] != '\0') fprintf(profile_fp, "%s", profile_lines[i]); close_file(&profile_fp, PROFILE_FILENAME, "modify_profile"); if (strcmp(password, DELETE_PROFILE_COMMAND) == 0) { delete_from_group_file(username); display_error("modify_profile(): profile successfully deleted!"); } else display_error("modify_profile(): profile successfully modified!"); return; } /******************************************************************/ void display_profile(char username[]) { char profile_line[MAX_PROFILE_LINE_LENGTH], template_profile[MAX_PROFILE_LINE_LENGTH]; char template_field[20][STRING_LENGTH], field[20][STRING_LENGTH]; char name[USERNAME_LENGTH]; int profile_found = FALSE, max_fields, i; FILE *profile_fp; open_file(&profile_fp, PROFILE_FILENAME, "r", "display_profile"); if (fgets(profile_line, MAX_PROFILE_LINE_LENGTH, profile_fp) == NULL) display_error("display_profile(): no opening line in profile file!"); if (profile_line[0] != '#') display_error("display_profile(): first line must be a comment line!"); check_eof(sscanf(profile_line, "# %d %s", &max_fields, template_profile), "display_profile"); strcpy(template_field[0], strtok(template_profile, PROFILE_DELIMITER)); for(i = 1; i < max_fields; i++) strcpy(template_field[i], strtok(NULL, PROFILE_DELIMITER)); while (fgets(profile_line, MAX_PROFILE_LINE_LENGTH, profile_fp)) if ((!profile_found) && (profile_line[0] != '#')) { strcpy(name, strtok(profile_line, PROFILE_DELIMITER)); if (strcmp(name, username) == 0) { profile_found = TRUE; strcpy(field[0], name); for(i = 1; i < max_fields; i++) strcpy(field[i], strtok(NULL, PROFILE_DELIMITER)); } } close_file(&profile_fp, PROFILE_FILENAME, "display_profile"); if (!profile_found) display_error("display_profile(): your profile was not found!"); display_content_type("Modifying profile"); printf("

Modifying profile for %s

\n", username); printf("

Change the fields as necessary. You will need to fill in the E-mail address.\n"); printf("To delete your profile, simple type in %s\n", DELETE_PROFILE_COMMAND); printf("in the password field. Note that this will permanently erase your profile!

\n"); printf("
"); printf("
\n", DEFAULT_URL, MODIFY_SCRIPT_LOCATION); printf("

%s:

\n", template_field[1], template_field[1], field[1]); printf("

%s:

\n", template_field[2], template_field[2], field[2]); printf("

%s: \n", template_field[3], template_field[3], field[3]); printf("%s: \n", template_field[4], template_field[4], field[4]); printf("%s: \n", template_field[5], template_field[5], field[5]); printf("%s:

\n", template_field[6], template_field[6], field[6]); printf("

Enter your password here if you wish it to be changed:\n"); printf("

\n"); printf("

\n"); printf("
"); display_signature(); return; } /******************************************************************/ void delete_from_group_file(char username[]) { FILE *group_fp; char *cp, *cp2, line[MAX_GROUP_LINE_LENGTH]; display_content_type("test"); open_file(&group_fp, GROUP_FILENAME, "r", "delete_from_group_file"); if (fgets(line, MAX_GROUP_LINE_LENGTH, group_fp) == NULL) display_error("delete_from_group_file(): couldn't find group line in group file!"); if ((cp = strstr(line, username)) == NULL) display_error("delete_from_group_file(): couldn't find user name in group list!"); cp2 = strstr(cp, " "); *(--cp) = '\0'; if (cp2 != NULL) strcat(line, cp2); else strcat(line, "\n"); close_file(&group_fp, GROUP_FILENAME, "delete_from_group_file"); open_file(&group_fp, GROUP_FILENAME, "w", "delete_from_group_file"); fprintf(group_fp, "%s", line); close_file(&group_fp, GROUP_FILENAME, "delete_from_group_file"); return; } /******************************************************************/