forked from shammamah-zz/PluggedIn
/
register.c
178 lines (139 loc) · 3.31 KB
/
register.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int unique=1;
int i= 0;
char * entries[4]; // 1st entry is user name 2nd is password
int loginStatus=0;
//takes input an already parsed section, eg username=bob
int parser( char *s )
/* Nested strtoks are a problem so this is our own parser*/
{
char *vname;
char *val;
char buf[3];
//this part gets rid of the CGI vatiabble name tag
if(s == '\0') {
printf("X_ERR='Null phrase'\n");
i++;
return 1;
}
vname = s;//i we ll need the vname later on we can get it form here
while( (*s != '\0') && (*s != '=')) s++;
if(*s == '\0' )
{
printf("X_ERR='Null assignment'\n");
i++;
return 1;
}
*(s++) = '\0';
//now the pointer points to the beggining of the username/password
val =s;
while( (*s != '\0') && (*s != '='))
{
s++;//next character
switch( *s ) //fix URL encoding abnormalities
{
case '%':
buf[0]=*(++s); buf[1]=*(++s);
buf[2]='\0';
sscanf(buf,"%2x",s);
break;
case '+':
*s = ' ';
if(i==0 || i==1 ) unique=0;
break;
}
}
*(s++) = '\0';
entries[i]=val;
i++;
return 0;
}
int main(void)
{
char *query_string=getenv("QUERY_STRING");
char buffer[ strlen(query_string) +1];
strcpy(buffer, query_string);
char* token;
token = strtok(buffer,"&");
while(i<4)
{
loginStatus=parser(token);
token= strtok(NULL,"&");
}
//Do no allow empty boxes
int c2=0;
for(c2; c2<4; c2++)
{
if(entries[c2] == NULL || *entries[c2] == '\0' )
{
unique=0;
break;
}
}
FILE *out=fopen("users.txt", "a+");
//check if unique
char field[5000];
fgets( field, 5000, out);
field[strlen(field) - 1] = '\0'; //removes/n
char *usrname; //this part gets only the first word of the field, which is the username
usrname=field;
strtok(usrname , " " );
while(!feof(out) )
{
if(strcmp(entries[0], field) == 0)//if theyre same
{
unique=0;
break;
}
int c1=0;
for(c1; c1<4; c1++)
{
fgets( field, 5000, out);
field[strlen(field) - 1] = '\0';
usrname=field;
strtok(usrname, " ");
}
//we skip 4 lines to the username
}
//if unique user name and password append to database users.txt
if(unique)
{
int counter=0;
for(counter; counter<4; counter++)
{
fputs(entries[counter], out);
fputc('\n', out);
}
}
//if succesfull register, generate link back to login page
if(unique)
{
FILE *suc=fopen("registerSuccess.html", "rt");
printf("%s%c%c\n","Content-Type:text/html",13,10);
int c;
c=fgetc(suc);
while(!feof(suc) )
{
fputc(c, stdout);
c=fgetc(suc);
}
fclose(out);
fclose(suc);
return 0;
}
//if problem
FILE *error=fopen("registerError.html", "rt");
printf("%s%c%c\n","Content-Type:text/html",13,10);
int c;
c=fgetc(error);
while(!feof(error) )
{
fputc(c, stdout);
c=fgetc(error);
}
fclose(out);
fclose(error);
return 1;
}