#!/bin/sh
-_EXEC=.
-_DATA=.
+_EXEC="${_EXEC:-.}"
+_DATA="${_DATA:-.}"
+SESSION_TIMEOUT=43200
. "$_EXEC/cgilite/logging.sh"
. "$_EXEC/cgilite/cgilite.sh"
. "$_EXEC/cgilite/session.sh"
yield_page(){
page="$1"
- printf 'Content-Type: text/html; charset=utf-8\r\n\r\n'
+ printf '%s\r\n' 'Content-Type: text/html; charset=utf-8' \
+ "Content-Security-Policy: script-src 'none'" \
+ ''
{ printf '[html
[head
[meta name="viewport" content="width=device-width"]
settings_menu(){
printf '
- [form #settings method="POST" action="?"
- [h1 Settings][a .settings href="?" Close]'
+ [form #settings method="POST" action="?settings"
+ [hidden "session_key" "%s"]
+ [h1 Settings][a .settings href="?" Close]
+ ' "$SESSION_KEY"
+ if [ "$ERROR" ]; then
+ printf '[p .error %s %s]' "${ERROR%% *}" "$(HTML "${ERROR#.* }")"
+ unset ERROR
+ fi
printf '
[a .section href="#nick" Nickname]
[div #nick [input name="nickname" value="%s"][submit "action" "nick" Set Cookie]]
case ${LOCATION} in
webchat.css)
. "$_EXEC/cgilite/file.sh"
- FILE "$_EXEC/webchat.css"
- exit 0
+ FILE "$_EXEC/${LOCATION}"
+ return 0
;;
\&?*)
- chatfile="$_DATA/${LOCATION}"
+ [ "$(COOKIE nick)" -o "$QUERY_STRING" = settings ] || REDIRECT "/$LOCATION?settings#nick"
+ chatfile="$_DATA/${LOCATION}/channel"
. "$_EXEC/channel.sh"
exit 0
;;
if [ -d "$_DATA/@${LOCATION#~}" ]; then
pubinfo="$_DATA/@${LOCATION#~}/pubinfo"
else
+ # ToDo Edit / Display of public user information
REDIRECT /
fi
;;